Watch Out Networking, the Service Mesh Will Rock Your World
Service meshes could displace many L4-7 networking functions. But will they?
Banking-Grade Credential Stuffing: The Futility of Partial Password Validation
Recently when logging into one of my credit card providers, I was greeted by a familiar screen. After entering in my username, the service asked me to supply 3 random characters from my password to validate ownership of my account.
It is increasingly common knowledge in the InfoSec community that this practice is the antithesis of, what we now understand to be, secure password management.
For starters; sites prompting you for Partial Password Validation cannot store your passwords securely using algorithms like BCrypt or Argon2. If the service provider is ever breached, such plain-text passwords can be used to login to other sites where the account holder uses the same password (known as a Credential Stuffing attack).
Increased difficulty using long, randomly-generated passwords from Password Managers, leads to users favouring their memory over securely generated unique passwords. Those using Password Managers must extract their password from their vault, paste it somewhere else and then calculate the correct characters to put in. With this increased complexity, it further incentivises users to (re-)use simple passwords they can remember and count off on their fingers (and likely repeatedly use on other sites).
This is not to distinct thinking that originally bought us complex Continue reading
Creating Networks – Youth and Internet Governance
The “Youth Observatory” is a project created by the members of the Youth SIG of the Internet Society, which seeks to build a participative platform which uses different tools in order to bring the knowledge of the governance and the Internet’s principles to the youth, no matter the language, sex, race, religion, building new capacities among them. Participants: Juliana Novaes, Carlos Rubí, Ángel David Santiago, Eduardo Tome, Giovanna Michelato, Guilherme Alves, Isabela Inês, Jhon Caballero, Paula Côrte Real, Juan Pablo González, Augusto Luciano Mathurin, Renata Ribeiro.
The Youth Observatory is a non-profit organization, made up of members of the Internet Society’s Special Interest Group (Youth – SIG), which seeks to build a participatory space where, through different platforms, tools and communication channels, young people can exchange knowledge about Governance and Internet principles.
This organization was born in the context of the Youth@IGF 2015 initiative, a program led by Internet Society and the Internet Management Committee in Brazil (CGI.br) that tried to increase the participation of young people in areas of discussion on Internet Governance in Latin America and the Caribbean. At the time, the forum was attended by 120 young people from the region.
Since its creation, the Youth Observatory Continue reading
We Cannot Shape the Internet’s Future Without the Voices of Youth
After almost a decade, the Internet Governance Forum (IGF) remains a cornerstone of international Internet and local governance with participation from over 140 countries. The approach of the IGF is simple: anyone who has a stake in the future of the Internet can go and be heard. It was founded and operates on the principles of being bottom-up, transparent, and inclusive.
At the Internet Society, we want to empower youth as a key force in reforming decision making approaches to deliver sound Internet policies that put people’s interests at the center. With the goal of having Youth Voices heard, together we must demand world leaders to break down the barriers that shut their voices out. With this in mind, and together with our partners, we have brought more than 200 youth to IGF 2015, 2016, 2017 and 2018, under the Youth@IGF program. This is part of our commitment to ensure that the next generation of Internet leaders are primed to advance an open, globally-connected, secure, and trustworthy Internet for everyone.
Some of the 50 Youth@IGF Fellows who attended this year’s IGF in Paris wanted to share with us their impressions of the Youth@IGF Program and the IGF.
Marko Paloski from Continue reading
SD-WAN Can Reduce WAN Costs by Half
Just like SIP trunking cut voice transport costs by 50%, SD-WAN can do the same, which is why there's so much hype.
Zero-Touch Provisioning with Patrick Ogenstad (Part 2)
Last week we published the first half of interview with Patrick Ogenstad, guest speaker in Spring 2019 Building Network Automation Solutions online course (register here). Here’s the second half.
ZTP is about provisioning. Can this include configuration as well?
You could argue that provisioning is a form of configuration and in that sense, provisioning can certainly include configuration. If your ZTP solution is good at configuration management is another question.
Read more ...Juniper vSRX3.0 Vagrant Libvirt Box Install
Build a Juniper vSRX3.0 Vagrant box for use with the libvirt provider.Juniper vSRX3.0 Vagrant Libvirt Box Install
In this post I will build a Juniper vSRX3.0 for use with the vagrant-libvirt provider. What is the vSRX3.0 you ask? Good question! The first I heard about it was from @MohsinulMalik on the Twitters. Back to a FreeBSD image a la; no nested Windriver Linux, fast boot time and low CPU and RAM...Datanauts 154: Modernizing IT Infrastructure With HPE (Sponsored)
Today's Datanauts episode, sponsored by HPE and Intel, explores how HPE helps companies unify their silos and build a modern IT infrastructure. Our guest is Garth Reid, Senior Strategist - Enterprise Portfolio at HPE.
The post Datanauts 154: Modernizing IT Infrastructure With HPE (Sponsored) appeared first on Packet Pushers.
Ensuring Security Posture In A Multi Cloud World: A NSX(mas) Carol
Holidays are a great time of year to take a moment and reflect. In 2018 at VMware Networking & Security, we’ve had yet another exciting year for us—we’re very proud of many achievements. For example, NSX now being deployed by 82% of Fortune 100 companies is a substantial industry adoption data point. But rather than focus on those numbers, I wanted to take a moment to highlight one of our biggest accomplishments this year (in my opinion). Oh, and in case you missed some of those 2018 highlights, you can catch a replay of Tom Gillis’ keynote Building the Network of the Future with the Virtual Cloud Network from VMWorld US 2018.
NSX Past
Earlier this year (the end of April to be precise), at Dell Technologies World, we had our external launch of the Virtual Cloud Network. The problem statement was simple: our customers were embarking on a digital transformation journey in their respective lines of business and with those efforts came challenges around a new level of networking complexity. Their goal within their organizations was to move from centralized data centers to hyper-distributed centers of applications and data, typically spanning multiple locations, multiple geos, Continue reading
Response: A Chief Security Concern for Executive Teams
Krebs looked at how many Top 500 companies have security people in executive management roles
The post Response: A Chief Security Concern for Executive Teams appeared first on EtherealMind.
IoT Security Startup Phosphorus Builds Agentless ‘Update-All’ Button
IoT devices have two types of update mechanisms: an API call or user-initiated update. Phosphorus covers all that with its update-all button for IoT.
Kubernetes Security Flaw Expected, Won’t Be the Last
The latest flaw was coincidentally announced on the same day as the latest version of Kubernetes was released. Project members said security concerns do not impact the release cycle.
InterDigital Solves Mobile 5G Problems Far in Advance of Standards
InterDigital competes with Qualcomm, Ericsson, Nokia, Huawei, and Samsung. These vendors also do technology innovation in conjunction with emerging standards. But their standards work is “subsumed” within other business units, while InterDigital does its work on a standalone basis.