Network management vulnerability exposes cable modems to hacking

Hundreds of thousands of internet gateway devices around the world, primarily residential cable modems, are vulnerable to hacking because of a serious weakness in their Simple Network Management Protocol implementation.SNMP is used for automated network device identification, monitoring and remote configuration. It is supported and enabled by default in many devices, including servers, printers, networking hubs, switches and routers.Independent researchers Ezequiel Fernandez and Bertin Bervis recently found a way to bypass SNMP authentication on 78 models of cable modems that ISPs from around the world have provided to their customers.Their internet scans revealed hundreds of thousands of devices whose configurations could be changed remotely through the SNMP weakness that they found and dubbed StringBleed.To read this article in full or to leave a comment, please click here

Network management vulnerability exposes cable modems to hacking

Hundreds of thousands of internet gateway devices around the world, primarily residential cable modems, are vulnerable to hacking because of a serious weakness in their Simple Network Management Protocol implementation.SNMP is used for automated network device identification, monitoring and remote configuration. It is supported and enabled by default in many devices, including servers, printers, networking hubs, switches and routers.Independent researchers Ezequiel Fernandez and Bertin Bervis recently found a way to bypass SNMP authentication on 78 models of cable modems that ISPs from around the world have provided to their customers.Their internet scans revealed hundreds of thousands of devices whose configurations could be changed remotely through the SNMP weakness that they found and dubbed StringBleed.To read this article in full or to leave a comment, please click here

Network management vulnerability exposes cable modems to hacking

Hundreds of thousands of internet gateway devices around the world, primarily residential cable modems, are vulnerable to hacking because of a serious weakness in their Simple Network Management Protocol implementation.SNMP is used for automated network device identification, monitoring and remote configuration. It is supported and enabled by default in many devices, including servers, printers, networking hubs, switches and routers.Independent researchers Ezequiel Fernandez and Bertin Bervis recently found a way to bypass SNMP authentication on 78 models of cable modems that ISPs from around the world have provided to their customers.Their internet scans revealed hundreds of thousands of devices whose configurations could be changed remotely through the SNMP weakness that they found and dubbed StringBleed.To read this article in full or to leave a comment, please click here

IT leaders say current H-1B program works

The majority of IT leaders are happy with the H-1B visa program as is and say that proposed changes will make it harder to fill skilled IT roles, according to survey released by IT recruiting firm Harvey Nash this week.Following the Trump administration’s executive order earlier this month calling for restructuring the temporary skilled labor program relied on most heavily by IT service providers and technology giants, Harvey Nash polled 174 U.S. IT leaders across 20 industries. Nearly two-thirds (63 percent) of respondents in companies with fifty or more developers said that the current H-1B visa program has helped them meeting their needs for highly skilled IT talent. Six out of 10 IT leaders with large development teams said the proposed H-1B changes would make skilled IT talent less available, and 68 percent of them predicted that proposed reforms would increase the cost for certain IT roles.To read this article in full or to leave a comment, please click here

Cloud computing has another killer quarter

To most people, Jeff Bezos’ Amazon is known as the company reshaping the way people buy everything from books to shoes to groceries. But the part of Amazon that is driving Bezos within shouting distance of becoming the world’s richest person doesn’t really sell anything, it rents computing power in the cloud.The cloud is more profitable than e-tailing As the New York Times put it on Thursday, “The profit Amazon can make on cloud-computing services is significantly bigger than in its retail sales, and that has helped turn the Seattle company from a consistent money-loser to a respectable moneymaker.”To read this article in full or to leave a comment, please click here

How to Stay Online in the Storm: Open Source SDN Solutions for Telcos and ISPs

The cornerstone of SDN is making the network’s control logic centralized and software-based.

25% off NHL 17 For PS4 and Xbox One – Deal Alert

All-new game modes, new and deeper experiences in fan-favorite modes, and the best on-ice gameplay ever make NHL 17 the most exciting EA SPORTS NHL game to date.

Q1 2017 smartphone shipments: Samsung rebounds, Apple goes sideways, Chinese makers roar

Following quarterly investor calls by phone makers, research firms released a storm of market reports. Most notable, IDC, a little surprised by stronger 4.3 percent market growth than forecasted, reported Samsung’s market leadership rebound.Richard Windsor of Radio Free Mobile summed up Samsung’s rebound saying: “Despite this [the Note 7 disaster], the initial signs are good, as the reviews of the device are overwhelmingly positive despite the software shortcomings and pre-orders are pointing to no lasting damage having been done.”To read this article in full or to leave a comment, please click here

57% off Brother P-Touch PTM95 Label Maker – Deal Alert

This handy P-touch labeler is lightweight, portable and easy to use. It features a Qwerty Keyboard and easy-view display. It comes with a variety of type styles, frames and symbols to easily personalize your labels. Great for home and home office use. Right now the PTM95 is significantly discounted 57%, for what will likely be a limited time. So instead of $23 you'll be paying just $10. See the deal now on Amazon.To read this article in full or to leave a comment, please click here

Why 2×2 Wave 2 access points make no sense

Everyone loves the latest and greatest technology. A new iPhone comes out, and people camp out at the stores to buy one. Microsoft releases a new version of Xbox, and they’re sold out for months.Sometimes, though, the newest thing doesn’t make sense because the incremental value of the innovation is limited. In technology, this doesn’t happen very often, but I believe there’s a current “latest and greatest” that provides limited value—and that’s the 2x2 Wave 2 access points (AP) that are now available from many of the mainstream Wi-Fi providers.Before I explain my opinion on this, it’s worth doing a quick refresh of Wave 1 versus Wave 2 because it’s important to understand the principals of Wave 2. Below are the benefits of 802.11ac Wave 2 versus Wave 1: To read this article in full or to leave a comment, please click here

Why 2×2 Wave 2 access points make no sense

Everyone loves the latest and greatest technology. A new iPhone comes out, and people camp out at the stores to buy one. Microsoft releases a new version of Xbox, and they’re sold out for months.Sometimes, though, the newest thing doesn’t make sense because the incremental value of the innovation is limited. In technology, this doesn’t happen very often, but I believe there’s a current “latest and greatest” that provides limited value—and that’s the 2x2 Wave 2 access points (AP) that are now available from many of the mainstream Wi-Fi providers.Before I explain my opinion on this, it’s worth doing a quick refresh of Wave 1 versus Wave 2 because it’s important to understand the principals of Wave 2. Below are the benefits of 802.11ac Wave 2 versus Wave 1: To read this article in full or to leave a comment, please click here

If software eats everything, are network engineers on the menu?

If you're a network engineer, don't rush out and learn a programming language. To compete in the new world of software-defined networking, it might be more important to start thinking like a programmer.That was one of the ideas that emerged this week from an Open Networking User Group debate that generated healthy feedback from users in the audience.The days of managing individual switches and routers and configuring them with proprietary CLIs (command-line interfaces) are numbered, four panelists at the ONUG spring conference in San Francisco said on Tuesday. Though SDN hasn't worked its way into every enterprise, new approaches to enterprise IT and the availability of public clouds just a few clicks away are driving companies toward more agile and automated networks, they said.To read this article in full or to leave a comment, please click here

If software eats everything, are network engineers on the menu?

If you're a network engineer, don't rush out and learn a programming language. To compete in the new world of software-defined networking, it might be more important to start thinking like a programmer.That was one of the ideas that emerged this week from an Open Networking User Group debate that generated healthy feedback from users in the audience.The days of managing individual switches and routers and configuring them with proprietary CLIs (command-line interfaces) are numbered, four panelists at the ONUG spring conference in San Francisco said on Tuesday. Though SDN hasn't worked its way into every enterprise, new approaches to enterprise IT and the availability of public clouds just a few clicks away are driving companies toward more agile and automated networks, they said.To read this article in full or to leave a comment, please click here

Windows 10 adoption faster than any previous OS

Eighty-five percent of enterprises will have started Windows 10 deployments by the end of 2017, with nearly two-thirds of organizations completing their Windows migration in less than a year. That’s the main takeaway from a new report from Gartner.Gartner surveyed firms in six countries (the U.S., the U.K., France, China, India and Brazil) between September and December of 2016, and they spoke to 1,014 respondents who were involved in decisions for Windows 10 migration.The time to evaluate and deploy Windows 10 dipped slightly, from 23 months for previous operating systems to 21 months for Windows 10. Large businesses that are yet to start the migration are delaying because of legacy applications, a typical problem with every OS version. They are delaying upgrading until 2018, according to Ranjit Atwal, research director at Gartner.To read this article in full or to leave a comment, please click here

Should your next big hire be a chief A.I. officer?

As companies increasingly turn to artificial intelligence to communicate with customers, make sense of big data and find answers to vexing questions, some say it's time to think about hiring a chief A.I. officer.A chief artificial intelligence Officer – or CAIO -- could round out your C-level execs, sitting at the big table with your CIO, CFO, CTO and CEO.[ For more on A.I. in the workplace, see Computerworld’s Artificial intelligence in the enterprise: It’s on. ] "A.I. is going to be really important to some companies – enough to have top officers who will focus on just that," said Steve Chien, head of the artificial intelligence group for NASA's Jet Propulsion Laboratory in Pasadena, Calif. "And beyond that, you'll want every employee thinking about how A.I. can improve what they do and you'll want a chief A.I. officer overseeing all of that. They should be constantly thinking about how A.I. can improve things."To read this article in full or to leave a comment, please click here

Users have little confidence their company can protect their mobile device

A survey sponsored by Check Point Software Technologies Ltd. found that 64 percent of respondents are doubtful that their organization can prevent a mobile cyberattack, leaving employees' personal information vulnerable to theft.Alvaro Hoyos, chief information security officer at OneLogin, said that number does not surprise him. He said the employees might not know the ins and outs of their company's security controls. IT departments typically don’t go out of the way to communicate all the security controls that they are relying on to secure your IT environment.He said companies should use their security awareness training to help users understand what risks you their employers are addressing with technology.To read this article in full or to leave a comment, please click here

Users have little confidence their company can protect their mobile device

A survey sponsored by Check Point Software Technologies Ltd. found that 64 percent of respondents are doubtful that their organization can prevent a mobile cyberattack, leaving employees' personal information vulnerable to theft.Alvaro Hoyos, chief information security officer at OneLogin, said that number does not surprise him. He said the employees might not know the ins and outs of their company's security controls. IT departments typically don’t go out of the way to communicate all the security controls that they are relying on to secure your IT environment.He said companies should use their security awareness training to help users understand what risks you their employers are addressing with technology.To read this article in full or to leave a comment, please click here

Salt and SaltStack on Software Gone Wild

Ansible, Puppet, Chef, Git, GitLab… the list of tools you can supposedly use to automate your network is endless, and there’s a new kid on the block every few months.

In Episode 77 of Software Gone Wild we explored Salt, its internal architecture, and how you can use it with Mircea Ulinic, a happy Salt user/contributor working for Cloudflare, and Seth House, developer @ SaltStack, the company behind Salt.

Upcoming Cloudflare events: Berlin May 5-7, Austin & Portland May 11

Attending JS Conf EU, CSS Conf, or OSCON in the next couple of weeks? Live in Berlin or Austin or Portland? Come over and join Cloudflare devs in the area at our upcoming events.

JS Conf EU 2016. Photo by Holger Blank.

In Berlin? Attending JS Conf EU or CSS Conf EU?

If you’re at JS Conf EU (May 6-7) or CSS Conf EU (May 5):

• Be sure to make it to John Fawcett’s session, “Invisible Code: Building JavaScript Libraries For Non-Technical People.”
• Made a Cloudflare App? Drop by the Cloudflare Hacker Lounge to show me and I have a special gift for you.
• Started working on a Cloudflare App and have questions? Drop by the Cloudflare Hacker Lounge and get them answered.

Just happen to be in Berlin? Tweet @qiqing and @IcyApril to come hang out with us in person.

Cloudflare Apps Preview. Visualize your app here.

In Austin? Attending OSCON?

Join the core developers of Cloudflare Apps for the inaugural Cloudflare meetup in Austin. It will feature an introduction by Zack Bloom (tech lead) to the new Cloudflare Apps including details of how apps get created, moderated, installed, and served to millions of users Continue reading

Intel projects decline in chip prices, and AMD’s Ryzen is one reason

Intel is forecasting a "slight decline" in its premium chip prices for the remainder of the year, and AMD's Ryzen chips could have played a part in that.Prices of Intel's chips in both desktops and laptops went up in the first quarter. That helped drive up the quarterly revenue for Client Computing Group -- which deals in PC chips -- to $8 billion, which was up 6 percent compared to the same quarter last year.But Intel's PC chips now face serious competition from AMD's new Ryzen chip, which was released last month. Ryzen chips offer competitive performance, and are priced significantly lower.AMD's fastest Ryzen 7 1800X chip -- targeted at gamers -- has eight cores and is priced at $499. A comparable chip like Intel's Core i7-6900K is priced at $1,089. Intel's fastest gaming chip is the Core i7-6950X Extreme Edition chip, which is priced at $1,723.To read this article in full or to leave a comment, please click here