The Upload: Your tech news briefing for Tuesday, February 17

Spy group has embedded tools in foreign networks, systemsA cyberspy group using tools similar to those of U.S. intelligence agencies has embedded spy and sabotage firmware in systems and networks in countries including Iran, Russia, Pakistan and China, a report by security vendor Kaspersky Lab claims. Kaspersky said that the tools can’t be combated by antivirus products and are also able to stealthily obtain a computer’s encryption keys in order to read otherwise protected data.Sony forges ahead with its SmartEyeglassTo read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Tuesday, February 17

Spy group has embedded tools in foreign networks, systemsA cyberspy group using tools similar to those of U.S. intelligence agencies has embedded spy and sabotage firmware in systems and networks in countries including Iran, Russia, Pakistan and China, a report by security vendor Kaspersky Lab claims. Kaspersky said that the tools can’t be combated by antivirus products and are also able to stealthily obtain a computer’s encryption keys in order to read otherwise protected data.Sony forges ahead with its SmartEyeglassTo read this article in full or to leave a comment, please click here

Sony to release developer edition smart glasses for $840

While Google is pulling back from a consumer release of Glass, Sony is moving forward with sales to developers of its augmented reality SmartEyeglass.The struggling Japanese manufacturer said Tuesday it will release its Android-compatible smart glasses for US$840 in early March, targeting developers and industrial applications ahead of a commercial release in 2016.That's just over half of the $1,500 that Google was asking from early adopters of Glass before it shut down commercial sales of the wearable display last month."As a hands-free device, SmartEyeglass can be a promising product with many practical uses," a Sony spokeswoman said via email when asked about the release in the wake of Google's move. "But since we recognize the need to explore applications at this stage, we're releasing this developer edition."To read this article in full or to leave a comment, please click here

Opening the Black Box – Linux Network OS for Bare Metal Switches

Transform the network from gatekeeper to enabler with a Linux Network OS platform for switches that enables automation, feature velocity and innovation on par with servers.

“The only way to deal with an unfree world is to become so absolutely free that your very existence is an act of rebellion.” – Albert Camus

In my role as a Customer Solutions Engineer (affectionately known as CSE) at Cumulus Networks, I am on the frontlines discussing customer requirements, use cases and networking architectures. A frequent question that customers ask me is “what can an open network operating system (OS) do for me?”

Most customers have lived in the world of black boxes where the OS and hardware are vertically integrated and your vendor keeps you in a sandbox that controls what you can and cannot do. In the black box world, if you want a new feature, application or a different operational model, you have to request it from your account team and wait while the vendor decides if your use case is important enough or you are a big enough customer.

The idea of having direct access to the different operational aspects of the OS is a foreign concept Continue reading

Payments startup iZettle makes chip & PIN card reader available for free

With a free Chip & PIN card reader, Swedish mobile payments company iZettle is lowering the threshold for small companies to start accepting card payments.The Card Reader Lite, released Tuesday, connects to tablets or smartphones via an audio cable and it is meant to lower the cost barriers small merchants face when setting up their businesses, iZettle said.Startup costs weren’t that high to begin with though. Businesses only pay €49 (about US$55) for iZettle’s wireless Bluetooth card reader, which it will continue to offer, and similar readers from competing services such as Payleven and SumUp cost only a little more at €79.To read this article in full or to leave a comment, please click here

Payments startup iZettle makes chip & PIN card reader available for free

With a free Chip & PIN card reader, Swedish mobile payments company iZettle is lowering the threshold for small companies to start accepting card payments.The Card Reader Lite, released Tuesday, connects to tablets or smartphones via an audio cable and it is meant to lower the cost barriers small merchants face when setting up their businesses, iZettle said.Startup costs weren’t that high to begin with though. Businesses only pay €49 (about US$55) for iZettle’s wireless Bluetooth card reader, which it will continue to offer, and similar readers from competing services such as Payleven and SumUp cost only a little more at €79.To read this article in full or to leave a comment, please click here

Google targets Chinese developers with new YouTube channel

Even as China continues to block its services, Google has started a localized YouTube channel for developers in the country, aiming to bring more Chinese-made apps to its platforms.The new YouTube channel, announced on Monday, will serve up videos discussing Google technologies such as Android, either translated with subtitles, or spoken in Mandarin Chinese.The company announced the channel about four months after it opened Google Play to developers based in mainland China.To read this article in full or to leave a comment, please click here

Device Naming Conventions – What’s in a Name

Choosing a device hostname seems trivial to say the least. However, from multiple design meetings, this is a topic that tends to drag on. Everyone has a preference, and opinion or just set in the...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

Equation cyberspies use unrivaled, NSA-style techniques to hit Iran, Russia

A cyberespionage group with a toolset similar to ones used by U.S. intelligence agencies has infiltrated key institutions in countries including Iran and Russia.Kaspersky Lab released a report Monday that said the tools were created by the “Equation” group, which it stopped short of linking to the U.S. National Security Agency.The tools, exploits and malware used by the group—named after its penchant for encryption—have strong similarities with NSA techniques described in top-secret documents leaked in 2013.Countries hit the most by Equation include Iran, Russia, Pakistan, Afghanistan, India and China. Targets in those countries included the military, telecommunications, embassies, government, research institutions and Islamic scholars, Kaspersky said.To read this article in full or to leave a comment, please click here

BGP routing incidents in 2014, malicious or not?

Over the last year we have seen and written about numerous BGP routing incidents that looked out of the ordinary, straight-up suspicious or were just configuration mistakes. In this blog post we will highlight a few of them and look at the impact and cause of each of the observed incidents and try to determine if there was any malicious intent.

I presented the same data last week at NANOG 63, in San Antonio, a recording of this presentation can be found below:

BGP hijacking for monetary gain.

bitcoin-robber We have all heard of Bitcoin, it’s been in the news quite a bit and chances are that some of you are mining Bitcoins right now. There are now computing devices optimized for Bitcoin mining and even dedicated Bitcoin mining data centers. In addition to the dedicated data centers, many Bitcoin miners use cloud compute instances from Amazon, OVH, Digital Ocean, etc. So it’s obvious that there is a lot of money spent on Bitcoin mining & trading; and as such there is also an opportunity to make a quick buck.
This summer we blogged about a series of BGP hijacks where an attacker cleverly misused the Bitcoin stratum protocol. By Continue reading

Campaigners offer simpler way to find out if British government spied on you

There’s now an easier way to discover whether the U.K. intelligence services illegally obtained your information from their U.S. colleagues—but you’ll have to tell a U.K. campaign group as well as the U.K. Government Communications Headquarters your details to find out.Civil rights group Privacy International has launched a website to allow anyone in the world to ask whether GCHQ has illegally spied on them. If you’re curious to find out you can sign up by giving the group your name, email address and, optionally, your phone number, and granting its legal team permission to share the data with GCHQ and the U.K.’s Investigatory Powers Tribunal.To read this article in full or to leave a comment, please click here

A Neutral ‘Net?

This week I’m going to step off the beaten path for a moment and talk about ‘net neutrality. It appears we are about to enter a new phase in the life of the Internet — at least in the United States — as the FCC is out and about implying we should expect a ruling on Title II regulation of the ‘net within the United States in the near future. What the FCC’s chairman has said is —

  • The Internet would be reclassified as a Title II communication service, which means the portions within the United States would fall under the same regulations as telephone and television service.
  • “comma, but…” The ‘net infrastructure in the United States won’t be subject to all the rules of Title II regulation.
  • Specifically mentioned is the last mile, “there will be no rate regulation, no tariffs, no last-mile unbundling.”

A lot of digital ink has been spilled over how the proposed regulations will impact investment — for instance, AT&T has made a somewhat veiled threat that if the regulations don’t go the way they’d like to see them go, there will be no further investment in last mile broadband throughout the US (as Continue reading

Interview with Ansible CEO

tools

Ansible CEO Saïd Ziouani recently sat down for an interview with Adrian Bridgwater of ToolsAdvisor.net to talk about the past, present and future of Ansible. 

Tools AdvisorAnsible Tower is an opportunity for less technical users to get involved with IT automation by virtue of its role-based access control and dashboard functionality being core extras over and above the command line version of the open source product. Just exactly how 'non-technical' a user do you think should be involved here?
Saïd Ziouani: We strongly believe that IT Automation should be a dull task; your IP competency should be your priority and the main focus for your software developers. Managing your infrastructure must be simple to a point that it's almost boring. Tower takes the simplicity model of Ansible to a new level, allowing easy push button automation at scale, and team role delegation.

Read the full interview here.

Software Defined Reality – NFD9 Redux

NFD Logo

I’ve just got back from Networking Field Day 9 (NFD9) and my head is buzzing after a busy week of presentations. I posted a preview of NFD9 so it seems only fair to give a quick wrap up of the week’s themes and presentations as I saw it.

My NFD9

After some time spent thinking on the flights back home, I came to the conclusion that there were two themes that were recurring this week.

The dominating theme for me was, at last, seeing the magic rainbow-expelling problem-solving unicorn that is Software Defined Networking – SDN – and all its inherent paradigm-shifting magic, turned into products that actually seem real, and are starting to deal with some of the issues that were flagged up when SDN was first being described. It’s relatively easy to SDN-wash a product, but making it something from which a user can actually benefit, well, that’s something else.

The second theme was that many of the products looked to the concept of detecting or fixing problems before the users were aware of them, whether as an alert from a monitoring system, or a network that automatically self-heals or otherwise avoids problem areas.

SDN == Programming

Don’t Continue reading

Proposal for altered data retention law is still unlawful, Dutch DPA says

The Dutch government’s proposed revision of the country’s data retention law is not enough to bring it into compliance with a recent European Union court ruling, the Dutch privacy watchdog said Monday.An effort by the Dutch government to adjust a law requiring telecommunications and Internet companies to retain their customers’ location and traffic metadata for investigatory purposes should be dropped, as the infringement of the private life of virtually all Dutch citizens is too great, the Dutch Data Protection Authority (DPA) said on Monday.The Dutch government is looking to change data retention obligations for telephone and Internet communications operators following a decision last year by the Court of Justice of the European Union (CJEU). The court invalidated the European data retention directive, on which the Dutch law is based, because it violates fundamental privacy rights.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Materials breakthrough promises smaller chips

If you haven't heard of graphene, or its new brother silicene, you will.For the uninitiated, graphene is a super cost-effective, ultra-hard and light-weight conductor. It's better than copper at conducting and is in fact the world's most conductive substance. Silicene is similar in that it's also ultra-thin, but it has properties that may be more suited for use in chips.We've been hearing about graphene for a while. However, this miracle substance has a slight, somewhat awkward problem for a superstar. Despite its second-coming-like trumpet blowing, it's not very good in transistors. The reason: it doesn't have the necessary logic operation capability.To read this article in full or to leave a comment, please click here