High-security electronic safes can be hacked through power and timing analysis

Some consumer safes protected with electronic locks are quite easy to hack using basic techniques. Others, though, like those made to store guns, are designed to resist expert manipulation.However, one hacker demonstrated at the DEF CON security conference Friday that even high-security rated electronic safe locks are susceptible to side-channel attacks typically used against cryptosystems.Side-channel attacks involve techniques like analyzing power fluctuations and variations in the time it takes operations to complete on an electronic device. By monitoring these values when the system checks the user's input against a stored value, attackers can incrementally recover encryption keys or, in the case of electronic safe locks, the correct access code.To read this article in full or to leave a comment, please click here

High-security electronic safes can be hacked through power and timing analysis

Some consumer safes protected with electronic locks are quite easy to hack using basic techniques. Others, though, like those made to store guns, are designed to resist expert manipulation.However, one hacker demonstrated at the DEF CON security conference Friday that even high-security rated electronic safe locks are susceptible to side-channel attacks typically used against cryptosystems.Side-channel attacks involve techniques like analyzing power fluctuations and variations in the time it takes operations to complete on an electronic device. By monitoring these values when the system checks the user's input against a stored value, attackers can incrementally recover encryption keys or, in the case of electronic safe locks, the correct access code.To read this article in full or to leave a comment, please click here

Microduino mCookie; a platform for experimenting with the Internet of Things. Great idea but …

If you’re experimenting with the Internet of Things, you now have a huge range of platforms to choose from. Many of these platforms are essentially bare boards and hooking up sensors often requires adding breadboards, breaking out the soldering iron, and down and dirty wiring. While there’s nothing actually wrong with any of this as a way to experiment and develop ideas, it’s less than ideal where getting quickly from a concept to a working device is the goal. So it was that Microduino’s mCookie system was designed to make IoT experimentation fast and easy as well as inexpensive.To read this article in full or to leave a comment, please click here

A supercomputer is taking on humans in a hacking contest at DEF CON

Can a supercomputer beat humans in a hacking contest? We're about to find out.For the first time, a fully automated supercomputer is trying to compete with humans in a major hacking contest, and so far the machine is hanging in there.The supercomputer, known as Mayhem, is among the teams taking part in this year’s Capture the Flag contest at the DEF CON security conference in Las Vegas.The game involves detecting vulnerabilities in software and patching them, and humans have been playing it at DEF CON for years.Now computers are getting in on the act. DARPA, a U.S. defense agency, recently held an all-machine competition, awarding $2 million to the team that did best.To read this article in full or to leave a comment, please click here

A supercomputer is taking on humans in a hacking contest at DEF CON

Can a supercomputer beat humans in a hacking contest? We're about to find out.For the first time, a fully automated supercomputer is trying to compete with humans in a major hacking contest, and so far the machine is hanging in there.The supercomputer, known as Mayhem, is among the teams taking part in this year’s Capture the Flag contest at the DEF CON security conference in Las Vegas.The game involves detecting vulnerabilities in software and patching them, and humans have been playing it at DEF CON for years.Now computers are getting in on the act. DARPA, a U.S. defense agency, recently held an all-machine competition, awarding $2 million to the team that did best.To read this article in full or to leave a comment, please click here

This PC monitor hack can manipulate pixels for malicious effect

Don’t believe everything you see. It turns out even your computer monitor can be hacked.On Friday, researchers at DEF CON presented a way to manipulate the tiny pixels found on a computer display.Ang Cui and Jatin Kataria of Red Balloon Security were curious how Dell monitors worked and ended up reverse-engineering one.They picked apart a Dell U2410 monitor and found that the display controller inside can be used to change and log the pixels across the screen.During their DEF CON presentation, they showed how the hacked monitor could seemingly alter the details on a web page. In one example, they changed a PayPal’s account balance from $0 to $1 million, when in reality the pixels on the monitor had simply been reconfigured.To read this article in full or to leave a comment, please click here

This PC monitor hack can manipulate pixels for malicious effect

Don’t believe everything you see. It turns out even your computer monitor can be hacked.On Friday, researchers at DEF CON presented a way to manipulate the tiny pixels found on a computer display.Ang Cui and Jatin Kataria of Red Balloon Security were curious how Dell monitors worked and ended up reverse-engineering one.They picked apart a Dell U2410 monitor and found that the display controller inside can be used to change and log the pixels across the screen.During their DEF CON presentation, they showed how the hacked monitor could seemingly alter the details on a web page. In one example, they changed a PayPal’s account balance from $0 to $1 million, when in reality the pixels on the monitor had simply been reconfigured.To read this article in full or to leave a comment, please click here

Bigfoot data: Disney patent to track visitors by their shoes

We are truly in the era of all-encompassing analytics. Today, everything you click on, everything you post, where you go, what you purchase, and who you’re connected to are all data points to be captured, categorized, cross-indexed, tabulated, and analyzed. “O! M! G!” you may be muttering “Will surveillance never end?” Sure it will end. When hell freezes over. Nope, the surveillance cat is out of the bag, the monitoring pigeon has flown the coup, and the privacy bridge has been burnt. Welcome to the future. As if to underline that reality, the latest foray into quantifying you, has just been patented by Disney. In a recent filing titled System and method using foot recognition to create a customized guest experience, the company that bought you “a people trap run by a rat” (I kid you with love, Disney) has raised (lowered?) the bar on knowing who you are by proposing that they will track you by looking at ... wait for it ... your footwear.To read this article in full or to leave a comment, please click here

Bigfoot data: Disney patent to track visitors by their shoes

We are truly in the era of all-encompassing analytics. Today, everything you click on, everything you post, where you go, what you purchase, and who you’re connected to are all data points to be captured, categorized, cross-indexed, tabulated, and analyzed. “O! M! G!” you may be muttering “Will surveillance never end?” Sure it will end. When hell freezes over. Nope, the surveillance cat is out of the bag, the monitoring pigeon has flown the coup, and the privacy bridge has been burnt. Welcome to the future. As if to underline that reality, the latest foray into quantifying you, has just been patented by Disney. In a recent filing titled System and method using foot recognition to create a customized guest experience, the company that bought you “a people trap run by a rat” (I kid you with love, Disney) has raised (lowered?) the bar on knowing who you are by proposing that they will track you by looking at ... wait for it ... your footwear.To read this article in full or to leave a comment, please click here

SDxCentral Weekly News Roundup — August 5, 2016

Big Switch Networks announced the company’s launch in Australia.

Docker SF Meetup #47; Docker 1.12, Docker for Mac and Tugbot

On Wednesday members of the Docker SF Meetup community joined us at Docker HQ for our 47th Docker meetup in San Francisco! It was a great evening with talks and demos from Docker’s own Ben Bonnefoy, Nishant Totla, as well as Neil Gehani from HPE.

Continue reading

Continuous Integration Testing on Docker Cloud

This is a guest post by Stephen Pope & Kevin Kaland from Project Ricochet

Docker Cloud is a SaaS solution hosted by Docker that gives teams the ability to easily manage, deploy, and scale their Dockerized applications.
Continue reading

Best Deals of the Week, August 1-5 – Deal Alert

Best Deals of the Week - Deal AlertCheck out this roundup of the best deals on gadgets, gear and other cool stuff we have found this week, the week of August 1st. All items are highly rated, and dramatically discounted!53% off Inateck USB 3.0 Dual-Bay Hard Drive Cloning StationThis gadget from Inateck will duplicate any 2.5 inch or 3.5 inch SATA HDD/SSD drive quickly and automatically without the need for a computer, by just pushing a button. The unit currently averages 4.5 out of 5 stars on Amazon from over 530 customers (read reviews). With a typical list price of $69.99, this 53% off deal puts it at just $32.99. See the discounted Inateck HDD/SSD cloning station now on Amazon.To read this article in full or to leave a comment, please click here

Worth Reading: Top performance items to watch

What’s eating your network? What is (quietly) killing performance? What performance items should you be watching, but probably are not? I’m a big fan of appropriate network management data, with the right tool(s). If you don’t monitor absolutely every interface, and capture historical data, you’re flying blind. —Netcraftsmen

The post Worth Reading: Top performance items to watch appeared first on 'net work.

IoT security suffers from a lack of awareness

As consumers we have become obsessed with connected devices. We like the idea of smart homes, smart cars, smart TVs, smart refrigerators or any machine that can be automated with sensors and an IP address. Yet fewer tasks in IT today inspire more fear than the prospect of protecting corporate networks from this proliferating wave of connected devices. The internet of things phenomenon expands the threat surface exponentially, in turn boosting business risk.But CIOs often aren’t aware of all of the devices that make inviting targets for hackers. "One of the fundamental issues that faces the internet of things is knowing that they're there and giving them some identity,” says Gartner analyst Earl Perkins. "You can't manage what you can't see."To read this article in full or to leave a comment, please click here

IoT security suffers from a lack of awareness

As consumers we have become obsessed with connected devices. We like the idea of smart homes, smart cars, smart TVs, smart refrigerators or any machine that can be automated with sensors and an IP address. Yet fewer tasks in IT today inspire more fear than the prospect of protecting corporate networks from this proliferating wave of connected devices. The internet of things phenomenon expands the threat surface exponentially, in turn boosting business risk.But CIOs often aren’t aware of all of the devices that make inviting targets for hackers. "One of the fundamental issues that faces the internet of things is knowing that they're there and giving them some identity,” says Gartner analyst Earl Perkins. "You can't manage what you can't see."To read this article in full or to leave a comment, please click here

Taking A Long View On HPC And Beyond

Bad things sometimes happen to good companies, but the great ones are resilient; they ride out the difficulties and keep forging ahead. So it will be with Cray, which does not just make massive-scale machines aimed at supercomputing centers but analytics engines that will see wider adoption among enterprises.

We have said it before and we will say it again: You have to take a long view of the high performance computing business – and we are using that term in the broadest sense – and not look at it on a quarter-by-quarter or even year-by-year basis. And so it …

Taking A Long View On HPC And Beyond was written by Timothy Prickett Morgan at The Next Platform.

Buenos Aires

The post Buenos Aires appeared first on 'net work.

Feds need to do a better job of measuring telecommuting benefits

With one of the largest telecommuting communities – over 1 million -- in the country many of the Federal agencies that support it have little information to show about its benefits.Watchdogs at the Government Accountability Office this week issued a report that found that many agencies “had little data to support the benefits or costs associated with their telework programs. All of the selected agencies could provide some supporting documentation for some of the benefits and only two could provide supporting documentation for some of the costs.”+More on Network World: Black Hat: Quick look at hot issues+To read this article in full or to leave a comment, please click here

Feds need to do a better job of measuring telecommuting benefits

With one of the largest telecommuting communities – over 1 million -- in the country many of the Federal agencies that support it have little information to show about its benefits.Watchdogs at the Government Accountability Office this week issued a report that found that many agencies “had little data to support the benefits or costs associated with their telework programs. All of the selected agencies could provide some supporting documentation for some of the benefits and only two could provide supporting documentation for some of the costs.”+More on Network World: Black Hat: Quick look at hot issues+To read this article in full or to leave a comment, please click here