The pace of vendor adoption of software remains an ongoing concern.
Microsoft is using its Coco Framework technology to encrypt data in use for Azure SQL Database.
Billions of Bluetooth-enabled devices may be exposed to a new remote attack called “BlueBorne”, even without user interaction or pairing. Affected systems include Windows, iOS (older than iOS 10), the Linux kernel, and Android. What should you do about it?
Bluetooth is ubiquitous, commonly connecting accessories like headsets and keyboards, but is also used throughout the brave new Internet of Things (IoT) world. An attacker exploiting these BlueBorne vulnerabilities can mount a man-in-the-middle attack, or even take control of a device without the user even noticing it.
The vulnerabilities were discovered by a security company called Armis earlier this year. Researchers reached out to the companies responsible for vulnerable implementations that lead to the coordinated disclosure (and patches) on September 12. (You can read more about our views on responsible disclosure and collaborative security in Olaf Kolkman’s blog post here.)
This case once again highlights how crucial it is that software update mechanisms are available to fix vulnerabilities, update configuration settings, and add new functionality to devices. There are challenges, both technological and economic, in having update capabilities ubiquitously deployed, as discussed in the recently published Report from the Internet of Things Software Update (IoTSU) Workshop 2016.
Vulnerabilities Continue reading
The post Worth Reading: Hunting AdwindRAT appeared first on rule 11 reader.
You might have seen this Register article this week which summarized a Future:Net talk from Peyton Koran. In the article and the talk, Peyton talks about how the network vendor and reseller market has trapped organizations into a needless cycle of bad hardware and buggy software. He suggests that organizations should focus on their new “core competency” of software development and run whitebox or merchant hardware on top of open source networking stacks. He says that developers can use code that has a lot of community contributions and shares useful functionality. It’s a high and mighty goal. However, I think the open source part of the equation is going to cause some issues.
The idea behind open source isn’t that hard to comprehend. Everything available to see and build. Anyone can contribute and give back to the project and make the world a better place. At least, that’s the theory. Reality is sometimes a bit different.
Many times, I’ve had off-the-record conversations with organizations that are consuming open source resources and projects as a starting point for building something that will end up containing many proprietary resources. When I ask them about contributing back to Continue reading
It’s designed to function as the VIM in NFV networks.
We discussed LAG (Link Aggregation Group) and the ECMP (Equal Cost Multipath) on real network deployments with the Service Provider/Telco Engineer engineers on my slack group. I thought it was good discussion so you can see what others are doing and the reasons of their deployments. In this talk, three people involved. Myself […]
The post LAG vs. ECMP discussion on real network deployments appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.
SolarWinds survey provides insight into the lives of IT professionals.
IRP Lite – the free version of the Intelligent Routing Platform just got even better. It is now equipped with the Circuit Issues Detection
The post IRP Lite (free IRP version) now equipped with the Circuit Issues Detection feature appeared first on Noction.
Long story short: I’m offering a few free seats in my Ansible for Networking Engineers online course to undergraduate or master’s students.
Interested? Check out the details, and apply before October 1st.
Too old? Please spread the word ;)
Victoria Coleman, CTO, Wikimedia Foundation
Moderator: Michelle Zatlyn, Co-Founder & COO, Cloudflare
Photo by Cloudflare Staff
MZ: What is the Wikimedia Foundation?
VC: We pride ourselves in aiming to make available information broadly
not-for-profit
We’re the 5th most visited site on the planet.
We are the guardians of the project. There are 12 projects that we support, Wikipedia is the most prominent but there are others that will be just as influential in the next 5 years: e.g. Wikidata.
299 languages
Let’s also talk about the things that we don’t do: we don’t do editing. We edit as community members but not as members of the foundation.
We don’t monetize our users, content, or presence. We are completely funded by donations, with an average donation of $15.
MZ: If your mission is to help bring free education to all, getting to everyone can be hard. So how do you get access to people in hard-to-reach areas?
VC: It’s definitely a challenge. We built this movement primarily in NA and EU, but our vision goes beyond that. We started doing some critically refined and focused research in Brazil, Mexico, Nigeria.
Trying to understand what global communities need in other Continue reading
Lawrence Lessig, Roy L. Furman Professor of Law and Leadership, Harvard Law School and Darren Bolding, CTO, Cambridge Analytica
Moderator: Matthew Prince, Co-Founder & CEO, Cloudflare
Photo by Cloudflare Staff
MP: If there’s one person responsible for the Trump presidency, it seems there is a compelling argument that that might be you.
DB: I very much disagree with that.
MP: How does Cambridge Analytica work, and how did the Trump campaign use it to win the presidency?
DB: we take that data and match it up with lists of voters, and combine that data science to come up with ideas about you who might want to sell a product to, or in teh case of politics, this is this person's’ propensity to vote, this is the candidate they are likely most interested in. WE also do all the digital advertising. By combining data with digital advertising, we have lots of power.
MP: so you don’t want to take credit for having won the election; but the campaign's use of data and targeting was an important factor in the election.
DB: Yes, and what Cambridge did was basically a great turnaround story.
MP: larry you ran a presidential Continue reading
SFC is another SDN feature that for a long time only used to be available in proprietary SDN solutions and that has recently become available in vanilla OpenStack. It serves as another proof that proprietary SDN solutions are losing the competitive edge, especially for Telco SDN/NFV use cases. Hopefully, by the end of this series of posts I’ll manage do demonstrate how to build a complete open-source solution that has feature parity (in terms of major networking features) with all the major proprietary data centre SDN platforms. But for now, let’s just focus on SFC.
In most general terms, SFC refers to packet forwarding technique that uses more than just destination IP address to decide how to forward packets. In more specific terms, SFC refers to “steering” of traffic through a specific set of endpoints (a.k.a Service Functions), overriding the default destination-based forwarding. For those coming from a traditional networking background, think of SFC as a set of policy-based routing instances orchestrated from a central element (SDN controller). Typical use cases for SFC would be things like firewalling, IDS/IPS, proxying, NAT’ing, monitoring.
SFC is usually modelled as a directed (acyclic) graph, where the first and Continue reading
Chris Cantwell, Co-Creator and Show Runner, Halt & Catch Fire
Moderator: John Graham-Cumming, CTO, Cloudflare
Photo by Cloudflare Staff
CC: first off, we have very low ratings! The story came from my father who worked in computers in the early 80s in dallas; later in california. The dynamic between those characters was influenced by my dad.
This was largely a story about reverse engineering. The underdog story was interesting: not Bill Gates, not Silicon Valley, but a different story about the computer world.
JGC: and you managed to do 4 seasons
CC: In four seasons we go from ‘83 to ‘94; we cover everything from small networks to building of internet backbone, rise in search and www
JGC: I watched it before I came; it gave me some bad memories because there were AOL disks
CC: We have an incredible prop team. Some comes from RI computer museum; i have to ask our prop master, he might have manufactured them from images online.
JGC: This is a show about tech but also about money; these people are trying to build companies. The same people trying again and again. Is that a metaphor for recycling something?
CC: Yes, i Continue reading
Daphne Keller, Director, Stanford Center for Internet & Society, and Lee Rowland, Senior Staff Attorney, ACLU Speech, Privacy & Technology Project
Moderator: Matthew Prince, Co-Founder & CEO, Cloudflare
Photo by Cloudflare Staff
MP: Technology and law seem like they are colliding more and more. Tech companies are being asked to regulate content. For a largely non-lawyer audience, give us some foundations about basic rules when you have content on your network?
LR: Communications 2.0 makes the 1st amendment almost quaint. The vast majority of speech that we exchange happens online. When it is hosted by private companies, the 1st amendment doesn’t constrain it. So this is a space governed by norms and individual choices of people like Matthew. In the wake of Cloudflare's decision to take down the Daily Stormer, Matthew penned a piece saying it’s scary that we have this power, and I exercised it. We have a completely unaccountable private medium of communication.
MP: There are shields for companies for this; What is intermediary liability and why is this a position at Google/Stanford?
DK: No one knows what it means; it’s a set of laws that tell platforms when they have to take down Continue reading