To help ring in the 2017 New Year, CNN wanted to do a live shot from a Royal Caribbean cruise ship, but had an issue: “They were concerned about being out at sea, would they have the ability to live-stream?” says Royal Caribbean’s CIO Mike Giresi.The answer was yes, and the live-shot went off without a hitch, in part because the ship’s Cisco network gear was programmable to prioritize the video trafficAs an early implementer, Royal Caribbean has found benefits from regarding Cisco’s programmable infrastructure as a flexible asset that can be driven by software. “There are huge advantages to looking at the network as a software layer,” Giresi says. “It gives us the ability to create products, drive an experience and deliver services that are integrated with the infrastructure.”To read this article in full or to leave a comment, please click here
While everyone is talking about the impressive performance potential and scale of AMD’s new Epyc server chips, overlooked in all the hoopla are the security features of the chip that may prove just as appealing.To start off, there is the tag team of Secure Memory Encryption (SME) and Secure Encrypted Virtualization (SEV). Secure Memory Encryption allows for full encryption of data stored in DRAM, and SEV allows individual virtual machines to be assigned a unique cryptographic key, thus isolating them from each other as well as the OS hypervisor and administrator layer. These functions are based on a hardware security processor attached to the memory controller with a 128-bit AES encryption engine.To read this article in full or to leave a comment, please click here
The Department of Energy has awarded six tech firms a total of $258 million in funding for research and development into exascale computing. The move comes as the U.S. is falling behind in the world of top supercomputers.Energy Secretary Rick Perry announced that AMD, Cray, Hewlett Packard Enterprise, IBM, Intel and Nvidia will receive financial support from the Department of Energy over the course of a three-year period. The funding will finance research and development in three main areas: hardware technology, software technology and application development.Each company will provide 40 percent of the overall project cost in addition to the government funding. The plan is for one of those companies to be able to deliver an exascale-capable supercomputer by 2021. It’s part of the DOE’s Exascale Computing Project (ECP), which in turn is part of its new PathForward program, designed to accelerate the research necessary to deploy the nation’s first exascale supercomputers.To read this article in full or to leave a comment, please click here
Dual ports pump out 39W of power to simultaneously charge power-hungry USB devices at full speed. Charge compatible devices up to 80% in just 35 minutes with Quick Charge 3.0. Patented PowerIQ and VoltageBoost deliver high-speed charging to non-Quick Charge devices. Anker's Quick Charge Dual USB Car Charger is discounted right now to just $25.99. See this deal now on Amazon.To read this article in full or to leave a comment, please click here
In as little as four hours, the bad guys can reverse engineer a software patch for an open-source content management system (CMS) and build an exploit capable of turning millions of websites into spammers, malware hosts or DDoS attackers. "There's just not enough time for normal site owners to apply the updates," said David Jardin, a member of the German association CMS Garden, which promotes the use of open source CMS software including Drupal, Joomla, WordPress and others.To help ordinary users patch more quickly, CMS Garden is participating in a government-funded project, Secure Websites and Content Management Systems (Siwecos), to make the websites of SMEs more secure. To read this article in full or to leave a comment, please click here
When people think about uses for mainframes, they often think of the financial and public sectors. And while it’s true that many banks and government agencies would have a hard time getting through their countless interactions swiftly and efficiently without the processing power of Big Iron. But mainframes handle more than just our interactions with governments and our money — they are used in many industries that influence and improve our daily lives in ways we often don’t even think about. Let’s take a look at several walks of life and businesses where we depend on mainframes every day, even if we don’t think about it.Power: don’t get dressed in the dark Our modern world runs on electricity, and electricity providers run on mainframes. Only Big Iron is dependable enough to regulate power generation and output, as well as monitor and analyze power usage across countless households within each provider’s power grid. Mainframes help automate power generation to be self-sufficient and reliable, ensuring people can wake up to their alarm clock or work late shifts.To read this article in full or to leave a comment, please click here
PitchBook is a data company. Its reason for being is to provide a platform that tracks a plethora of different aspects of both private and public markets. Want to know about what’s happening in venture capital, private equity or M&A? Chances are PitchBook can give you the answer. The company is a subsidiary of Morningstar and has offices in Seattle, New York, and London.But here’s the thing, though. PitchBook was founded in 2007 when cloud computing was pretty much just beginning and there was no real awareness of what it meant. In those days, enterprise IT agility meant leveraging virtualization to gain efficiencies. Now don’t get me wrong, moving from a paradigm of racking and stacking physical servers to being able to spin up virtual servers at will is a big deal, it’s just that since 2007, there has been massive further innovation in the infrastructure space.To read this article in full or to leave a comment, please click here
At the IEEE Symposium on Security and Privacy 2017, researchers from the College of Management Academic Studies in Israel presented an interesting paper on bad password reset processes, “The Password Reset MitM Attack” (pdf). It explains how a weak attacker could take over accounts by exploiting vulnerabilities in password reset procedures.They dubbed the attack: password reset man-in-the-middle (PRMitM). The researchers said Google is “extremely vulnerable” to PRMitM, but Facebook, Yahoo, LinkedIn, Yandex and other sites and email services are also vulnerable as well as mobile apps like Whatsapp, Snapchat and Telegram.To read this article in full or to leave a comment, please click here
Global cloud computing and digital systems today would not exist without virtualization and hypervisors. Virtualization and hypervisors are basic tools for implementing digital systems that respond from moment to moment to varying demands without slow and expensive physical reconfiguration of hardware and rebuilding of software execution stacks and heavy investment in hardware that is only used during peak loads.Last blog, I described the dangers of a hypervisor attack. How can such an attack occur? There are a number of ways.Resource simulations A hypervisor provides software simulations of basic computing resources — like CPUs, memory, storage and network connections — that isolate VMs from one another. But the isolation may have soft spots. For example, freed simulated memory for one VM might be the same physical memory the hypervisor allocates to another VM. If the hypervisor does not blank out the reallocated physical memory, the second VM has access to data from the first VM and a data breach ensues. All resource simulations are subject to dangerous implementation errors. Simulated CPU registers, storage buffers and network buffers, all present opportunities for coding mistakes that permit data or control breaches.To read this article in full or to leave Continue reading
Today at a media and analyst event in San Francisco, Cisco announced it plans to deliver on “intent based” networking, which has the potential to be the biggest change ever in the way networks are managed.Intent-based systems operate in a manner where the administrators tell the network what it wants done and the how is determined by the network and then the specific tasks are automated to make this happen. For example, if a business wants to secure all traffic from accounting, that command is issued and the systems would take care of all the technical details. Network changes are automated and continuous, so if a worker moves, all the policies and network settings follow him or her.To read this article in full or to leave a comment, please click here
Hyperconvergence wasn’t on Philip Lisk’s mind a decade ago, when the Bergen County Sheriff's Office started using technology from Pivot3 to store data from video surveillance cameras.“We were trying to store video in an IP world. That’s how we got to know Pivot3,” says Lisk, director of IT at the largest law enforcement agency in New Jersey’s Bergen County, which sits across the Hudson River from New York City. A 12-year veteran of the BCSO, Lisk supervises its networks and serves as the technical consultant to the entire county for video and data security.Well before the term "hyperconverged infrastructure" was coined, BCSO chose Pivot3 for its converged server and SAN solutions, engineered specifically for storing petabyte-scale video workloads. Yet as the technology matured over the last several years, and BCSO kept up with upgrades, the deployment evolved from a tactical video-centric project into an enterprise HCI platform that’s set to handle many of the agency’s IT workloads going forward, including its virtual desktop infrastructure (VDI).To read this article in full or to leave a comment, please click here
With no change at the top of the latest Top500.org supercomputer list, you need to look further down the rankings to see the real story.Top500.org published the 49th edition of its twice-yearly supercomputer league table on Monday, and once again the Chinese computers 93-petaflop Sunway TaihuLight and 33.9-petaflop Tianhe 2 lead the pack.An upgrade has doubled the performance of Switzerland's GPU-based Piz Daint to 19.6 petaflops (19.6 quadrillion floating-point operations per second), boosting it from eighth to third place and nudging five other computers down a place. The top U.S. computer, Titan, is now in fourth.To read this article in full or to leave a comment, please click here
We’ve heard a lot about Russians attackers attempting to hack the US election, but another hacking group also allegedly wanted to interfere with the election; they attempted to pivot from compromised school districts to state voting systems.The Miami Herald reported that MoRo, a group of hackers based in Morocco, penetrated “at least four Florida school district networks” and purportedly searched for a way “to slip into other sensitive government systems, including state voting systems.”To read this article in full or to leave a comment, please click here
Ransomware has been a growing threat for a couple of years now. More than 4,000 ransomware attacks have occurred every day since the beginning of 2016, according to an FBI report. So, it was no surprise to find it in the headlines again recently. The WannaCry ransomware attack proved to be one of the most successful and widespread to date -- it took a single day to infect more than 230,000 computers across more than 150 countries.WannaCry was able to spread so effectively because of a known vulnerability that Microsoft patched back in March. Organizations that fell victim had failed to patch, and many lacked basic security protections and working backups. Analyzing in the aftermath it’s clear that we have a problem. We already know exactly how to guard against ransomware, the problem is that many organizations aren’t doing it.To read this article in full or to leave a comment, please click here
When a young street hustler, a retired bank robber and a terrifying psychopath find themselves entangled with some of the most frightening and deranged elements of the criminal underworld, the U.S. government and the entertainment industry, they must pull off a series of dangerous heists to survive in a ruthless city in which they can trust nobody, least of all each other. Explore the stunning world of Los Santos and Blaine County in the ultimate Grand Theft Auto V experience, featuring a range of technical upgrades and enhancements for new and returning players. The list price of this highly rated game has been reduced 50% to just $29.99. See it on Amazon.To read this article in full or to leave a comment, please click here
At two-thirds of companies today, a senior IT leader is working on the next draft of the IT strategy, or perhaps revising a workforce plan in preparation for a transformation. After that, he or she might chase down some red flags on the monthly IT scorecard or meet with a finance leader to discuss a budget update. And before leaving for the day, this leader might draft a monthly IT team newsletter or put the finishing touches on a deck for an upcoming all-hands meeting.Who is this person, the CIO?No, it’s the IT chief of staff.The CIO role is changing fast as they get involved in product technology, help to shape digital strategy and build digital acumen across the company. The only way CIOs can find time to do these things is to delegate many of the IT management and governance tasks that have traditionally filled much of their calendars.To read this article in full or to leave a comment, please click here
The Linux history command allows users to repeat commands without retyping them and to look over a list of commands that they've recently used, but that's just the obvious stuff. It is also highly configurable, allows you to pick and choose what you reuse (e.g., complete commands or portions of commands), and control what commands are recorded. In today's post, we're going to run through the basics and then explore some of the more interesting behaviors of the history command.The basics Typing "history" and getting a list of previously entered commands is the command's most obvious use. Pressing the up arrow until you reach a command that you want to repeat and hitting enter to rerun it is next. And, as you probably know, you can also use the down arrow. In fact, you can scroll up and down your list of previously entered commands to review them or rerun them.To read this article in full or to leave a comment, please click here
Power-thirsty data centers could receive a new kind of electricity supply that uses surplus juice found in idle electric vehicles (EVs). It uses the cars’ batteries to augment a building’s grid power.Vehicle-to-grid (V2G) technology provides a way to store, then subsequently use, energy in commuters’ cars while employees work during the day. It can also supply power when a delivery fleet is parked at night, researchers say.+ Also on Network World: Smart buildings start with awareness + Cost savings for building infrastructure could be significant in green-electricity applications, such as solar and wind, which require local electricity storage. Installing the batteries needed for green applications is expensive.To read this article in full or to leave a comment, please click here
As the SD-WAN market has matured, one thing has become very clear: SD-WAN will not exist on its own. The technology is merging with other networking technologies, ultimately becoming a feature of a much larger bundle. While it may be too early to say what this “new thing” will be, the rough contours are emerging.Predominantly, we’re seeing security and SD-WANs merge. Just consider some of the activity: Velocloud recently announced its SD-WAN Security Technology Partner Program to integrate with other security vendor’s products. Viptela (soon to be Cisco), Silver Peak, Velocloud and others have long (well, long in the SD-WAN sense) touted integration with security vendors using service chaining. Cato Networks built its own integrated security and networking stack in the cloud. Masergy bundles SD-WAN (Silver Peak and its own technology) with third-party security services in the cloud. But what’s missing in many of these integrated offerings is the completeness of the edge solution. Companies need more than just an SD-WAN in branch offices. They need firewall, IPS, anti-malware, URL filtering and anti-virus for security. Internally, networking calls for Active Directory, DHCP, DNS, and print services. Externally, the edge may need WAN optimization, bandwidth management, QOS, traffic balancing, Continue reading
It seems over the past few years the world has gone software defined crazy. We have software-defined networks, security, data centers, WANs, storage and almost anything else one can think of. However, the one area that seems to have been forgotten about is the remote and mobile worker, as the benefits of software-defined haven’t reached the billions of employees that work from their homes, road, hotels, airports and coffee shops. Considering the primary value proposition of most software-defined things is to improve application performance, it seems odd that no vendor has found a way to bring these benefits to an audience that comprises nearly 40 percent of the workforce today.To read this article in full or to leave a comment, please click here