Oracle promises IaaS growth as cloud business rises

Oracle’s third quarter financial results continue to show that the company’s future is in the cloud. On Wednesday, the company reported massive growth in its software- and platform-as-a-service businesses, promising further gains as its customers do away with their data centers.The company’s SaaS and PaaS revenue from December 2016 through February 2017 was a little over US$1 billion, up from $583 million during the same period a year prior. Its infrastructure-as-a-service business brought in $178 million during the same period, bringing the company’s total cloud revenue for the quarter to almost $1.2 billion.To read this article in full or to leave a comment, please click here

Unpatched vulnerability puts Ubiquiti networking products at risk

An unpatched command injection vulnerability could allow hackers to take over enterprise networking products from Ubiquiti Networks.The vulnerability was discovered by researchers from SEC Consult and allows authenticated users to inject arbitrary commands into the web-based administration interface of affected devices. These commands would be executed on the underlying operating system as root, the highest privileged account.Because it requires authentication, the vulnerability's impact is somewhat reduced, but it can still be exploited remotely through cross-site request forgery (CSRF). This is an attack technique that involves forcing a user's browser to send unauthorized requests to specifically crafted URLs in the background when they visit attacker-controlled websites.To read this article in full or to leave a comment, please click here

Unpatched vulnerability puts Ubiquiti networking products at risk

An unpatched command injection vulnerability could allow hackers to take over enterprise networking products from Ubiquiti Networks.The vulnerability was discovered by researchers from SEC Consult and allows authenticated users to inject arbitrary commands into the web-based administration interface of affected devices. These commands would be executed on the underlying operating system as root, the highest privileged account.Because it requires authentication, the vulnerability's impact is somewhat reduced, but it can still be exploited remotely through cross-site request forgery (CSRF). This is an attack technique that involves forcing a user's browser to send unauthorized requests to specifically crafted URLs in the background when they visit attacker-controlled websites.To read this article in full or to leave a comment, please click here

Unpatched vulnerability puts Ubiquiti networking products at risk

An unpatched command injection vulnerability could allow hackers to take over enterprise networking products from Ubiquiti Networks.The vulnerability was discovered by researchers from SEC Consult and allows authenticated users to inject arbitrary commands into the web-based administration interface of affected devices. These commands would be executed on the underlying operating system as root, the highest privileged account.Because it requires authentication, the vulnerability's impact is somewhat reduced, but it can still be exploited remotely through cross-site request forgery (CSRF). This is an attack technique that involves forcing a user's browser to send unauthorized requests to specifically crafted URLs in the background when they visit attacker-controlled websites.To read this article in full or to leave a comment, please click here

Worth Reading: Three attitudes that lead to maintainable code

When writing code, there are many specific principles that aim to make your code more maintainable: DRY, the single responsibility principle, the Law of Demeter, the open/closed principle, etc. These are great principles to follow, but it can be difficult to keep all of them in your head at once. I’ve found it’s often easier to keep a few broader ideas in mind. —Atomic Object

The post Worth Reading: Three attitudes that lead to maintainable code appeared first on 'net work.

Worth Reading: Web audio API

Web Audio API lets us make sound right in the browser. It makes your sites, apps, and games more fun and engaging. You can even build music-specific applications like drum machines and synthesizers. In this article, we’ll learn about working with the Web Audio API by building some fun and simple projects. —CSS Tricks

The post Worth Reading: Web audio API appeared first on 'net work.

Qualcomm pushing vague term “platforms” over “processors” for Snapdragon line

Qualcomm's plea this week to start referring to its Snapdragon processors as the Qualcomm Snapdragon Mobile Platform reminds me of my early days at Network World when every vendor insisted it was selling a "solution" and not a switch or router or server.Interviews often went something like this:"So what is your company announcing today?""A solution""Yeah, but what is it? Is it a router? Is it a switch? Is it software? Is it hardware? Is it a service?""It's a solution."Qualcomm's solution to people underestimating all that its Snapdragon processors do, and to distinguish them from lower-end products in its line, is to introduce a "new naming structure" to, you guessed it, "represent [our] full suite of solutions."To read this article in full or to leave a comment, please click here

Community Forum Launches the Search for 25 Under 25

Linux networking: It’s not just SDN

Oftentimes, Cumulus Linux gets confused for an SDN (software-defined networking) solution. In conversations with potential customers, I’ve noticed that some of them find it difficult to distinguish between SDN, open networking and Cumulus Linux. When I talk to network engineers, I start by clarifying the SDN buzzword head on. The term gets overused, and is often defined by other confusing acronyms or marketing jargon. To complicate things further, SDN is often thought of as equivalent to OpenFlow, which is flawed in my opinion.

What is SDN?

If I were to more accurately describe SDN based on my experiences in the networking industry, I would define it more broadly. Instead of defining SDN as a specific solution (such as OpenFlow), I define SDN as a highly automatable and programmable network infrastructure.

What SDN providers exist today?

• OpenFlow: Many companies and communities drive OpenFlow solutions, but today there is no guarantee any one solution can interoperate with any other.
• Proprietary or vendor-specific: Solutions such as Cisco’s ACI and Juniper Contrails are closed solutions that are positioned as SDN. Arguably, certain OpenFlow solutions can fall under here as well since they don’t all adhere to an OpenFlow standard.
• Network virtualization with technologies Continue reading

IDG Contributor Network: Smarter authentication makes mobile experiences more secure, user friendly

To make our lives easier, digital experiences have become much more interconnected and the volume of personal data captured in the cloud is growing exponentially. While these trends make us more productive, they can also make security breaches much more damaging. Once a hacker gains access to one aspect of your digital life, he can easily reach across multiple applications and accounts, laying a path of destruction and heartache.Today’s mobile and digital experiences need authentication strategies that keep up with the constantly changing digital ecosystem, and simple passwords are not enough.Authentication must be fast, easy to use Multifactor authentication strategies are growing in popularity, but the tradeoff of usability and security is a constant balancing act. If authentication solutions are not simple, quick and easy, users will find ways around them. And if they are not secure, hackers will quickly exploit weaknesses. Sophisticated smart authentication strategies are coming to market that are less visible and easier to use than messaging-based two-factor authentication approaches or biometrics. Approaches such as behavioral biometrics and adaptive authentication are leveraging data and sophisticated algorithms to create more secure and easier-to-use experiences.To read this article in full or to leave a comment, please Continue reading

IDG Contributor Network: Smarter authentication makes mobile experiences more secure, user friendly

To make our lives easier, digital experiences have become much more interconnected and the volume of personal data captured in the cloud is growing exponentially. While these trends make us more productive, they can also make security breaches much more damaging. Once a hacker gains access to one aspect of your digital life, he can easily reach across multiple applications and accounts, laying a path of destruction and heartache.Today’s mobile and digital experiences need authentication strategies that keep up with the constantly changing digital ecosystem, and simple passwords are not enough.Authentication must be fast, easy to use Multifactor authentication strategies are growing in popularity, but the tradeoff of usability and security is a constant balancing act. If authentication solutions are not simple, quick and easy, users will find ways around them. And if they are not secure, hackers will quickly exploit weaknesses. Sophisticated smart authentication strategies are coming to market that are less visible and easier to use than messaging-based two-factor authentication approaches or biometrics. Approaches such as behavioral biometrics and adaptive authentication are leveraging data and sophisticated algorithms to create more secure and easier-to-use experiences.To read this article in full or to leave a comment, please Continue reading

CoreOS Donates its rkt Container Technology to CNCF

rkt is a key component of cloud native computing.

Trump budget would fund border wall, but slash science and research

President Donald Trump's federal budget outline released Thursday represents a major shift in U.S. priorities. It would increase defense spending, boost immigration enforcement and include in seed money for a wall along the southern border.It does all of that, in part, by cutting science funding.[ Further reading: The march toward exascale computers ] Science and technology groups are warning that U.S. leadership will suffer if the budget, which would cover the fiscal year that begins Oct. 1, is adopted.To read this article in full or to leave a comment, please click here

Wind River’s Titanium Control Platform Eases IoT Transition

Legacy M2M systems are becoming expensive to maintain.

Facebook Tests its White Box Transponder in Europe

It worked with Coriant and Telia Carrier.

31% off Luma 3-Piece Whole Home Mesh WiFi System – Deal Alert

Regardless of your home’s size or shape, these 3 powerful Luma devices work together to create an extremely fast, ultra-secure surround WiFi network that’s customized for your home. No more fiddling with extra WiFi extenders to manage dead spots and weak zones. Luma puts you in control. With a few simple taps, you can pause the internet, filter what your kids are looking at online, or set house rules for your network. Luma also secures your devices and neutralizes threats, keeping you in control of your network. The Luma whole house WiFi system averages 4 out of 5 stars from over 1,100 people on Amazon (read recent reviews), where its typical list price of $399 has been reduced 31% to $275.95. See this deal now on Amazon.To read this article in full or to leave a comment, please click here

31% off Luma 3-Piece Whole Home Mesh WiFi System – Deal Alert

Regardless of your home’s size or shape, these 3 powerful Luma devices work together to create an extremely fast, ultra-secure surround WiFi network that’s customized for your home. No more fiddling with extra WiFi extenders to manage dead spots and weak zones. Luma puts you in control. With a few simple taps, you can pause the internet, filter what your kids are looking at online, or set house rules for your network. Luma also secures your devices and neutralizes threats, keeping you in control of your network. The Luma whole house WiFi system averages 4 out of 5 stars from over 1,100 people on Amazon (read recent reviews), where its typical list price of $399 has been reduced 31% to $275.95. See this deal now on Amazon.To read this article in full or to leave a comment, please click here

Oracle Stock Up 7% after Q3 Earnings, Cloud Continues to Impress

Oracle's cloud revenues have its investors excited.

Adobe Reader, Edge, Safari, and Ubuntu fall during first day at Pwn2Own

Bug hunters have gathered again to test their skills against some of the most popular and mature software programs during the Pwn2Own hacking contest. During the first day, they successfully demonstrated exploits against Microsoft Edge, Apple's Safari, Adobe Reader, and Ubuntu Desktop.The Pwn2Own contest runs every year during the CanSecWest security conference in Vancouver, Canada. It's organized and sponsored by the Zero Day Initiative (ZDI), an exploit acquisition program operated by Trend Micro after its acquisition of TippingPoint.This year the contest has a prize pool of US$1 million for exploits in five categories: virtual machines (VMware Workstation and Microsoft Hyper-V); web browser and plugins (Microsoft Edge, Google Chrome, Mozilla Firefox, Apple Safari, and Flash Player running in Edge); local escalation of privilege (Windows, macOS, and Ubuntu Desktop); enterprise applications (Adobe Reader, Word, Excel, and PowerPoint) and server side (Apache Web Server on Ubuntu Server).To read this article in full or to leave a comment, please click here

Adobe Reader, Edge, Safari, and Ubuntu fall during first day at Pwn2Own

Bug hunters have gathered again to test their skills against some of the most popular and mature software programs during the Pwn2Own hacking contest. During the first day, they successfully demonstrated exploits against Microsoft Edge, Apple's Safari, Adobe Reader, and Ubuntu Desktop.The Pwn2Own contest runs every year during the CanSecWest security conference in Vancouver, Canada. It's organized and sponsored by the Zero Day Initiative (ZDI), an exploit acquisition program operated by Trend Micro after its acquisition of TippingPoint.This year the contest has a prize pool of US$1 million for exploits in five categories: virtual machines (VMware Workstation and Microsoft Hyper-V); web browser and plugins (Microsoft Edge, Google Chrome, Mozilla Firefox, Apple Safari, and Flash Player running in Edge); local escalation of privilege (Windows, macOS, and Ubuntu Desktop); enterprise applications (Adobe Reader, Word, Excel, and PowerPoint) and server side (Apache Web Server on Ubuntu Server).To read this article in full or to leave a comment, please click here