Online Trust Audit Updates & Translations Now Available
A slightly updated version of the Online Trust Audit & Honor Roll is now available in English, French, and Spanish.
Changes include:
- Accidentally marked Google Play as top scorer in Appendix C (instead of Google News)
- Missing bar in graph on page 5
- Several minor spacing, grammar, and miscellaneous edits
The Online Trust Audit & Honor Roll assesses nearly 1,200 organizations, recognizing excellence in online consumer protection, data security, and responsible privacy practices. This Audit of more than 1,200 predominantly consumer-facing websites is the largest undertaken by OTA, and was expanded this year to include payment services, video streaming, sports sites, and healthcare.
This is the first time in the Audit’s 10-year history that we’ve translated it, and we’re proud to bring it to a wider audience. Going forward, we will work toward adding more global sectors and regions into the report findings.
The Trust Audit Planning Committee, open to Internet Society organization members, has already had its first meeting to discuss the methodology for next year’s Audit. A public call for comment on the draft methodology will come later this year, so watch this blog or follow us on Twitter or Facebook to keep up with our Continue reading
The Achilles Heel of the API
I’ve been developing yet more automation recently, and I’ve been hitting two major stumbling blocks that have had a negative impact on my ability to complete the tooling.
API Documentation
When APIs were first made available, the documentation from many vendors was simply incomplete; it seemed that the documentation team was always a release or two behind the people implementing the API. To fix that, a number of vendors have moved to a self-documenting API system along the lines of Swagger. The theory is that if you build an API endpoint, you’re automatically building the documentation for it at the same time, which is a super idea. This has improved the API’s endpoint coverage but in some cases has resulted in thorough documentation explaining what the endpoints are, but little to no documentation explaining why one would choose to use a particular endpoint.
As a result, with one API in particular I have been losing my mind trying to understand which endpoint I should use to accomplish a particular task, when no less than three of them appear to handle the same thing. I’m then left using trial and error to determine the correct path, and at the end Continue reading
Securing Certificate Issuance using Multipath Domain Control Validation
This blog post is part of Crypto Week 2019.
Trust on the Internet is underpinned by the Public Key Infrastructure (PKI). PKI grants servers the ability to securely serve websites by issuing digital certificates, providing the foundation for encrypted and authentic communication.
Certificates make HTTPS encryption possible by using the public key in the certificate to verify server identity. HTTPS is especially important for websites that transmit sensitive data, such as banking credentials or private messages. Thankfully, modern browsers, such as Google Chrome, flag websites not secured using HTTPS by marking them “Not secure,” allowing users to be more security conscious of the websites they visit.
This blog post introduces a new, free tool Cloudflare offers to CAs so they can further secure certificate issuance. But before we dive in too deep, let’s talk about where certificates come from.
Certificate Authorities
Certificate Authorities (CAs) are the institutions responsible for issuing certificates.
When issuing a certificate for any given domain, they use Domain Control Validation (DCV) to verify that the entity requesting a certificate for the domain is the legitimate owner of the domain. With DCV the domain owner:
- creates a DNS resource record for a domain;
- uploads a document to Continue reading
With Secure State VMware Dives Deeper Into Multi-Cloud Security
It’s based on technology that VMware acquired when it bought public cloud security startup...
Copyright 2019 SDxCentral, LLC; For non-commercial use
Why I Do Not Use Underscores in DNS, A ‘War’ Story.
My ‘do not use underscores in DNS’ war story: Back in the day when NetBIOS name services (NBNS) mattered more than DNS, people would put names on the their machines so they could access the shared resources from the Windows finder. Developers and certain types of ‘security professionals’ who have opinions on underscores vs dashes […]
The post Why I Do Not Use Underscores in DNS, A ‘War’ Story. appeared first on EtherealMind.
Read Network Device Information with REST API and Store It Into a Database
One of my readers sent me this question:
How can I learn more about reading REST API information from network devices and storing the data into tables?
Long story short: it’s like learning how to drive (well) - you have to master multiple seemingly-unrelated tasks to get the job done.
Read more ...VXLAN with BGP EVPN [Part 1] – Introduction | Dell EMC Networking
Blog posts covering VXLAN with BGP EVPN control plane has been in my plans for a while. This series will possibly be four or fiveMajor Updates to Cisco Certifications
As you most likely will have seen, Cisco is “rebooting” their certifications to better align with what is expected of the future work force. As I’ve been busy with Cisco Live, I’m only now starting to write these posts. I’m expecting to write a couple of them rather than writing one LONG one.
As a member of the CCIE Advisory Council, I’ve been in the loop for a while and I truly believe these changes are for the better. We’ve tried to do what is best for people that are certified or looking to get certified. There will certainly be corner cases or questions that need answers, but we have done our best to leave noone behind.
This first post will look at what is changing at a high level and then we can dive deeper into the different certifications in the coming posts.
DevNet certifications – There has been some training on automation and even some exams, but no real certifications. This is all changing now. There will be corresponding DevNet certifications for CCNA, CCNP and in the future, CCIE. This offers more career paths within the Cisco world. I will cover the DevNet certifications in a future post.
Tech Bytes: Security Policy Orchestration And Automation With Tufin (Sponsored)
In this Tech Byte episode we delve into security policy orchestration and automation with sponsor Tufin. Tufin integrates with firewalls, next-gen firewalls, routers, switches and more to help you understand and automate controls and policies on premises and in the cloud.Tech Bytes: Security Policy Orchestration And Automation With Tufin (Sponsored)
In this Tech Byte episode we delve into security policy orchestration and automation with sponsor Tufin. Tufin integrates with firewalls, next-gen firewalls, routers, switches and more to help you understand and automate controls and policies on premises and in the cloud.
The post Tech Bytes: Security Policy Orchestration And Automation With Tufin (Sponsored) appeared first on Packet Pushers.
Huawei Predicts $30 Billion Slide From US-Led Ban
Huawei has for the first time quantified how much the United States-led campaign against the...
Copyright 2019 SDxCentral, LLC; For non-commercial use
History Of ATM (Part 1) – Daniel Grossman
In this episode we talk with Daniel Grossman about his role in the development of Asynchronous Transfer Mode, or ATM. This is part 1 of a 2 part series so stay tuned for the second part releasing later this week.
Daniel Grossman
Guest
Russ White
Host
Donald Sharp
Host
Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/
The post History Of ATM (Part 1) – Daniel Grossman appeared first on Network Collective.
Fortinet Walls SD-WAN, Security Products for an SD-Branch Focus
The SD-Branch platform uses its FortiGate Next-Generation Firewall, FortiNAC Network Access...
Copyright 2019 SDxCentral, LLC; For non-commercial use
It’s not a CLOS, it’s a Clos
Way back in the day, when telephone lines were first being installed, running the physical infrastructure was quite expensive. The first attempt to maximize the infrastructure was the party line. In modern terms, the party line is just an Ethernet segment for the telephone. Anyone can pick up and talk to anyone else who happens to be listening. In order to schedule things, a user could contact an operator, who could then “ring” the appropriate phone to signal another user to “pick up.” CSMA/CA, in essence, with a human scheduler.
This proved to be somewhat unacceptable to everyone other than various intelligence agencies, so the operator’s position was “upgraded.” A line was run to each structure (house or business) and terminated at a switchboard. Each line terminated into a jack, and patch cables were supplied to the operator, who could then connect two telephone lines by inserting a jumper cable between the appropriate jacks.
An important concept: this kind of operator driven system is nonblocking. If Joe calls Susan, then Joe and Susan cannot also talk to someone other than one another for the duration of their call. If Joe’s line is tied up, when someone tries to Continue reading