Archive

Category Archives for "Networking"

Big Changes Ahead for Core Internet Protocols – IETF Journal

Excellent summary of what seems to be poorly understood. IPv6 is going nowhere slowly but the higher level protocols are changing today. Now, significant changes to the core Internet protocols are underway. While they are intended to be compatible with the Internet at large (since they won’t get adoption otherwise), they might be disruptive to […]

IDG Contributor Network: Emerging blockchain-based distribution storage market and its effect on cloud computing

The blockchain industry, historically tied directly to cryptocurrency, has made a right turn in recent months. It has extended its legion of users to offer distributed storage. This threatens to undercut the pricing market established by cloud computing storage giants like AWS and Dropbox.How it works Blockchain-based distribution storage is centered around the idea that there are large amounts of unused storage space on the hard drives of people all over the world. Using cryptocurrency as an incentive, blockchain distribution companies monetize that storage space for their members. It is an upgraded version of what BitTorrent was in the early 2000s, using peer-to-peer (P2P) networks to form an aggregate of computer resources. But with cryptocurrencies built in to blockchains as a method of payment, users have a monetary incentive to offer up their unused data space to consumers.  Because of its extreme distribution of data - known as sharding - blockchain-based storage has the potential to be more secure than cloud-based storage. And by using the in-place hardware maintained by others, it can drastically cut the cost for the end-user.    To read this article in full, please click here

IoT: Sensor-as-a-service, run by blockchain, is coming

Telecommunications equipment maker Nokia has launched a turnkey, sensor-as-a-service offering for Internet of Things (IoT) networks.The idea behind the product is to provide a way for mobile network operators (MNOs), many of which use Nokia cell site equipment, to monetize existing infrastructure, such as towers, by selling live environmental sensor data to cities and others.Read also: When IoT met blockchain | Sign up: Receive daily tech news updates MNOs increasingly are looking for new revenue sources as consumer smartphone growth plateaus. And cities need to adopt digital strategies to manage assets, increase efficiencies, and keep stakeholders happy. For example, they need granular real-time data about public transportation flow and air quality to ensure they comply with regulations—that the traffic is flowing and no illegal garbage is burning.To read this article in full, please click here

Big Red Button for Network Automation

A while ago I was enjoying a few beers with a longtime friend of mine who happens to be running the networking team for one of the rare companies that understands how infrastructure should be built and operated.

Of course, I had to ask him what he thinks about the imminent death of CLI and all-encompassing automatic provisioning from some central orchestration system. Here’s the gist of his response:

Read more ...

Take Application Security to the Next Level – VMware and Carbon Black team up

 

 

 

Perhaps you’ve already begun to secure virtualized applications by rolling out micro-segmentation with NSX, but segmentation of the network is only the beginning to embracing least privilege in your environment.

 

VMware has teamed up with Carbon Black to go beyond network protection and change the way your data center endpoints themselves are protected. By leveraging the unique properties of virtualization and the hypervisor, along with next-generation detection and response, VMware and Carbon Black are able to shrink your environment’s attack surface and respond to detected threats with precision and speed.

Learn more here, and come see the solution in action at the Cloud Force Security road show (coming to a city near you)!

 

The post Take Application Security to the Next Level – VMware and Carbon Black team up appeared first on Network Virtualization.

Dell EMC Introduces New Certifications to Establish and Validate IT Skills of the Future

Dell EMC Introduces New Certifications to Establish and Validate IT Skills of the Future Four new certifications help organizations maximize technology investments, modernize IT, build in-house transformation expertise Highest-level certification, Dell EMC Certified Master – Enterprise Architect, validates ability to design and implement secure IT-as-a-Service solutions for the digital economy Additional certifications focused on converged/hyper-converged infrastructure, multi-cloud administration and infrastructure security Dell EMC unveiled new certifications that establish and... Read more →

Validating Leaked Passwords with k-Anonymity

Validating Leaked Passwords with k-Anonymity

Validating Leaked Passwords with k-Anonymity

Today, v2 of Pwned Passwords was released as part of the Have I Been Pwned service offered by Troy Hunt. Containing over half a billion real world leaked passwords, this database provides a vital tool for correcting the course of how the industry combats modern threats against password security.

I have written about how we need to rethink password security and Pwned Passwords v2 in the following post: How Developers Got Password Security So Wrong. Instead, in this post I want to discuss one of the technical contributions Cloudflare has made towards protecting user information when using this tool.

Cloudflare continues to support Pwned Passwords by providing CDN and security functionality such that the data can easily be made available for download in raw form to organisations to protect their customers. Further; as part of the second iteration of this project, I have also worked with Troy on designing and implementing API endpoints that support anonymised range queries to function as an additional layer of security for those consuming the API, that is visible to the client.

This contribution allows for Pwned Passwords clients to use range queries to search for breached passwords, without having to disclose a complete unsalted Continue reading

How Developers got Password Security so Wrong

How Developers got Password Security so Wrong

How Developers got Password Security so Wrong

Both in our real lives, and online, there are times where we need to authenticate ourselves - where we need to confirm we are who we say we are. This can be done using three things:

  • Something you know
  • Something you have
  • Something you are

Passwords are an example of something you know; they were introduced in 1961 for computer authentication for a time-share computer in MIT. Shortly afterwards, a PhD researcher breached this system (by being able to simply download a list of unencrypted passwords) and used the time allocated to others on the computer.

As time has gone on; developers have continued to store passwords insecurely, and users have continued to set them weakly. Despite this, no viable alternative has been created for password security. To date, no system has been created that retains all the benefits that passwords offer as researchers have rarely considered real world constraints[1]. For example; when using fingerprints for authentication, engineers often forget that there is a sizable percentage of the population that do not have usable fingerprints or hardware upgrade costs.

Cracking Passwords

In the 1970s, people started thinking about how to better store passwords and cryptographic hashing started to Continue reading

History of Networking: Policy with Joel Halpern

Policy at Internet scale is a little understood, and difficult (potentially impossible) to solve problem. Joel Halpern joins the History of Networking over at the Network Collective to talk about the history of policy in the Internet at large, and networked systems in general.

1 1,469 1,470 1,471 1,472 1,473 3,455