Portions of this post were originally posted on the Puppet blog, and republished here with Puppet's permission.DevOps practices and cultural norms positively impact IT and organizational performance. Our annual State of DevOps Report demonstrates how DevOp improves operational efficiency, creates space for innovation and increases employee engagement.To read this article in full or to leave a comment, please click here
Have you done something for yourself lately? If you end up with holiday money to spare, then you might consider buying yourself a cool pair of shades that would help protect your privacy while you are out in public.I saw Reflectacles on Kickstarter a few weeks ago, but since this is likely my last article of 2016, then I wanted to make sure you know about these surveillance-defeating glasses as well.The glasses are the brainchild of Scott Urban who claims that wearing Reflectables “ensure you’re noticed and anonymous at the same time.” The anonymous portion is due to light-reflecting frames which can end up looking like a big, shiny blur when captured by CCTV. Since the wearer’s face can’t be seen in any detail behind the bright glare of the glasses, it renders facial recognition tech useless.To read this article in full or to leave a comment, please click here
DVRs, IP cameras and other smart products could become the next wave of pollutants that threaten how we live if the security issues around Internet of Things (IoT) devices aren’t addressed.We’ve already seen that too much IoT pollution can wreck our computing environment. The October DDoS attack that brought down Twitter, Netflix and other major websites for a large portion of the U.S. was launched by a botnet comprised of Web cameras, printers and other IoT devices.+ Also on Network World: 2017 security predictions +
And while having those sites offline was an inconvenience, the results of that attack weren’t devastating. But future DDoS attacks that throw terabits of data at servers could have more disastrous results. Instead of going after an internet traffic management company, the attackers could target a hospital or a utility provider. Not being able to binge-watch Netflix shows pales in seriousness when compared to cities not having electricity or a doctor being unable to access electronic medical records.To read this article in full or to leave a comment, please click here
It’s that time of the year. Ready, set, shop. Whether it's an iPad, a new car or a big egg with a light-up bird inside—like this year’s Hatchimals—every holiday season is filled with the must-have gifts that send consumers into a shopping frenzy.For retailers, the good news is consumers are in the mood to spend during the holiday season. The challenge is meeting consumer demands and battling intensifying competition.The National Retail Federation (NRF) expects retail sales in November and December (excluding autos, gas and restaurants) to reach $655.8 billion. Online sales are forecasted to reach $117 billion this season. And, of course, Cyber Monday plays a huge role in online sales.To read this article in full or to leave a comment, please click here
VMware has released a hotfix for vSphere Data Protection (VDP) to change a hard-coded SSH key that could allow remote attackers to gain root access to the virtual appliance.VDP is a disk-based backup and recovery product that runs as an open virtual appliance (OVA). It integrates with the VMware vCenter Server and provides centralized management of backup jobs for up to 100 virtual machines.According to a VMware support article, the vSphere Data Protection (VDP) appliance contains a static SSH private key with a known password. This key allows interoperability with EMC Avamar, a deduplication backup and recovery software solution, and is pre-configured on the VDP as an AuthorizedKey.To read this article in full or to leave a comment, please click here
If you have used Windows for any length of time, you've undoubtedly been hit with an error code during an Update that told you absolutely nothing. "Error code: 0x80070422?" What the hell does that mean? If you were industrious, you could Google the code and maybe find a post on a Microsoft forum or elsewhere that offered some kind of clue as to what the error was and perhaps a solution. Now Microsoft has given us something a little more official. It’s a web page on the company’s support site called Fix Windows Update Errors that aims to help Windows users resolve update-related errors.To read this article in full or to leave a comment, please click here
A product manager at Google has sued the company for its allegedly illegal confidentiality agreements, policies and practices that among other things prohibit employees from speaking even internally about illegal conduct and dangerous product defects for fear that such statements may be used in legal discovery during litigation or sought by the government.The alleged policies, which are said to violate California laws, restrict employees' right to speak, work or whistle-blow, and include restrictions on speaking to the government, attorneys or the press about wrongdoing at Google or even “speaking to spouse or friends about whether they think their boss could do a better job,” according to a complaint Tuesday in the Superior Court of California for the city and county of San Francisco.To read this article in full or to leave a comment, please click here
The U.S. is better off supporting strong encryption that trying to weaken it, according to a new congressional report that stands at odds with the FBI’s push to install backdoors into tech products.On Tuesday, a bipartisan congressional panel published a year-end report, advising the U.S. to explore other solutions to the encryption debate.“Any measure that weakens encryption works against the national interest,” the report said.The congressional panel formed back in March, amid the FBI’s public battle with Apple over trying to gain access to a locked iPhone belonging to the San Bernardino shooter.To read this article in full or to leave a comment, please click here
The Mac Pro and Mac mini have languished for years. The iMac faces increased competition from rivals like Microsoft’s Surface Studio. The MacBook is thinner and lighter than ever, but not more powerful. Critics say it’s clear that Apple has put the Mac on the back burner. In a memo to employees, CEO Tim Cook said nothing could be further from the truth: “We have great desktops in our roadmap,” he wrote, according to TechCrunch. “Nobody should worry about that.”To read this article in full or to leave a comment, please click here
In August, 2016 months of speculations ended when Rackspace announced that an investment management group would purchase the 18-year-old company. Rumors have been swirling that the company may be acquired, but instead Rackspace took the route that Dell, Riverbed and BMC have and went private.To read this article in full or to leave a comment, please click here
Security experts from Google have developed a test suite that allows developers to find weaknesses in their cryptographic libraries and implementations.The company's Project Wycheproof, which was released on GitHub, contains more than 80 test cases for widely used cryptographic algorithms, including RSA, AES-GCM, AES-EAX, Diffie-Hellman, Elliptic Curve Diffie-Hellman (ECDH), and the digital signature algorithm (DSA).Google's researchers have developed these tests by implementing some of the most common cryptographic attacks. So far, the tests have helped them uncover more than 40 security bugs in cryptographic libraries, and they have been reported to affected vendors.To read this article in full or to leave a comment, please click here
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.Keeping internal networks safe from the ravages of the Internet is increasingly hard, but virtual container solutions allow users to function normally while preventing the “deplorables” of the Internet– malware, exploits, and other negative phenomena – from reaching files and sensitive data.Keeping suspicious files and connections in a separate container – a virtual space isolated from the rest of the network – is a savvy strategy that can save you a great deal of trouble and expense.To read this article in full or to leave a comment, please click here
As I’ve written many times, the cybersecurity skills shortage is the biggest cybersecurity issue we face today. Not only are there too few bodies to fill the cybersecurity jobs, but a recent series of research reports from ESG and the Information Systems Security Association (ISSA) indicates that many currently employed cybersecurity professionals are overworked, not managing their careers proactively, and not receiving the proper amount of training to stay ahead of increasingly dangerous threats. Yikes!So, the skills deficit is clear, but which types of cybersecurity skills are in the highest demand? In the recently published ESG/ISSA research report, Through the Eyes of Cybersecurity Professionals, 371 cybersecurity professionals were asked to identify areas where the organizations they worked for had the biggest skills gaps. The results are as follows:To read this article in full or to leave a comment, please click here
Most of my travel is booked well in advance. I’m kind of obsessive about my calendar and with a busy life to manage, I like to know what I’m up to weeks in advance. I’m also very loyal to one particular airline (here’s looking at you Air New Zealand) and am happy to pay a little more for a ticket on a top-shelf carrier that has good terms an conditions.I realize, of course, not everyone is in the same position and there are lots of people who buy cheap flights or holiday packages and then come unstuck when plans change. This is where SpareFare comes in. The company created an online platform that aims to connect people who bought flights or holiday packages they can no longer use with people seeking urgent or discounted travel options.To read this article in full or to leave a comment, please click here
BlackBerry reported another quarter of losses and declining revenue on Tuesday, but CEO John Chen forecast that the company will break even next quarter, its first since quitting the smartphone business.The company signaled its departure from the smartphone hardware business last week, licensing its brand to TCL, the Chinese manufacturer that built the last two BlackBerry handsets.Chen's break-even forecast had a caveat: It didn't include restructuring charges, stock compensation expenses, fair-value adjustments and a host of other things, so the company will still make a loss, but a smaller one.With smartphones out of its product mix, BlackBerry is looking to a different kind of mobility to drive its future growth: the automotive industry, the major source of revenue for its QNX embedded software platform.To read this article in full or to leave a comment, please click here
If you want a PC with Ubuntu Linux, you can turn to Intel's Joule single-board computer instead of buying an expensive machine.Support for Ubuntu 16.04 desktop OS has been added to the Joule board, according to developer notes for Intel IoT Developer Kit 5.0 released late last week.Intel has two Joule boards: the 570x, which sells for $219 on Mouser, and the 550x, which is priced at $179 on the same retail site. The 550x, which started shipping recently, was priced at $349 until Monday, but was cut in half after a story by the IDG News Service pointed out the unusually high price.To read this article in full or to leave a comment, please click here
Edge computing today may be most simplistically defined as putting an extra layer of computing in the network between your smartphone and a centralized data center in the cloud for some optimizing purpose.From this original, slightly narrow vision, there is still some ways to go before realizing full stack relocations (e.g., relocation of an entire web server) that will allow true service enablement just one hop away from the end user device. Obvious benefits of realizing this vision include reduced latency and backhaul capacity reduction, but I believe there will be more profound benefits to operators and service providers in terms of new business model enablement, too.To read this article in full or to leave a comment, please click here
If two state representatives get their way and their newly proposed law moves forward, then people in South Carolina will be blocked from accessing online porn after purchasing a new device.There are many missing pieces to fully explain how porn blocking would work under the Human Trafficking Prevent Act, and reading the bill doesn’t make it any clearer. However, the bill sponsors—Reps. Bill Chumley (R-Spartanburg) and Mike Burns (R-Greenville)—wrote that porn is a “public health hazard” and viewing porn online has impacted the “demand for human trafficking and prostitution.”To read this article in full or to leave a comment, please click here
A $1 billion Russia-based criminal gang has been bilking online advertisers by impersonating high-profile Web sites like ESPN, Vogue, CBS Sports, Fox News and the Huffington Post and selling phony ad slots, but that’s about to end.Online fraud-prevention firm White Ops is releasing data today that will enable online advertisers and ad marketplaces to block the efforts of the group, which is cashing in on its intimate knowledge of the automated infrastructure that controls the buying and selling of video ads.The group has been ramping up its activities since October so that it now reaps roughly $3 million to $5 million per day from unsuspecting advertisers and gives them nothing in return, says White Ops, which discovered the first hints of the scam in September.To read this article in full or to leave a comment, please click here