Archive

Category Archives for "Networking"

IDG Contributor Network: Speed up slow web pages with this simple trick

Increasing the size of images and text will speed up web page delivery, say scientists. This counter-intuitive idea has been put forward as a solution to latency in browser page loading.The reason the idea works, in theory at least, is that the larger image pushes subsequent, following images farther down the page and out of the browser’s work area. Consequently the browser has less to do, pulls less data and provides a faster delivery of content.The researchers, who are from Northwestern’s McCormick School of Engineering, say this fiendishly simple idea will work particularly well for developers working with airplane networks, where it will stop browsers struggling to load a page. Airplane Wi-Fi can be hindered by latency, they explain.To read this article in full or to leave a comment, please click here

UEFI flaws can be exploited to install highly persistent ransomware

Over the past few years, the world has seen ransomware threats advance from living inside browsers to operating systems, to the bootloader, and now to the low-level firmware that powers a computer's hardware components.Earlier this year, a team of researchers from security vendor Cylance demonstrated a proof-of-concept ransomware program that ran inside a motherboard's Unified Extensible Firmware Interface (UEFI) -- the modern BIOS.On Friday, at the Black Hat Asia security conference, the team revealed how they did it: by exploiting vulnerabilities in the firmware of two models of ultra compact PCs from Taiwanese computer manufacturer Gigabyte Technology.To read this article in full or to leave a comment, please click here

UEFI flaws can be exploited to install highly persistent ransomware

Over the past few years, the world has seen ransomware threats advance from living inside browsers to operating systems, to the bootloader, and now to the low-level firmware that powers a computer's hardware components.Earlier this year, a team of researchers from security vendor Cylance demonstrated a proof-of-concept ransomware program that ran inside a motherboard's Unified Extensible Firmware Interface (UEFI) -- the modern BIOS.On Friday, at the Black Hat Asia security conference, the team revealed how they did it: by exploiting vulnerabilities in the firmware of two models of ultra compact PCs from Taiwanese computer manufacturer Gigabyte Technology.To read this article in full or to leave a comment, please click here

Microsoft shutters CodePlex in favor of GitHub

Microsoft announced on Friday it is shutting down CodePlex, its code hosting site for open-source projects, in favor of the more widely used GitHub. The move is something of a formality, since Microsoft has already been transitioning its open-source projects to GitHub for some time and you never hear about CodePlex any more. The company has had problems with the site, with spammers hitting it in 2015 seeking to take advantage of the CodePlex.com domain to boost their illicit activities. And Microsoft admits over the past few years, it has watched many CodePlex projects migrate to GitHub. Brian Harry, a corporate vice president at Microsoft, wrote in his blog announcing the closing of CodePlex that there has been a substantial decrease in usage. To read this article in full or to leave a comment, please click here

Serverless computing in practice

Alpha Vertex is a year-old New York City startup with an ambitious agenda: It wants to create a graph database of global financial knowledge.CTO Michael Bishop says the goal is to use predictive modeling to help companies judge risk and investors get insight on what drives the market. To do so has required the company to build a massive technical back-end that uses some hottest emerging technologies. Two of the most important are Google’s cloud-based machine learning algorithms and IBM’s OpenWhisk, a serverless or Function-as-a-Service platform.+MORE AT NETWORK WORLD: Serverless explainer: The next-generation of cloud infrastructure +To read this article in full or to leave a comment, please click here

An NDSS Newcomer’s Perspective

[Editor’s Note: A limited number of student grants are available to help pay for travel, accommodations, and NDSS Symposium registration fees for full-time students attending the 24th annual Network and Distributed System Security (NDSS) Symposium. Watch the NDSS website at https://www.internetsociety.org/events/ndss-symposium for information and deadlines as the process opens for NDSS 2018 in February of next year. The following post is a guest contribution from one 2017 grantee.]

Muhammad Talha Paracha

Serverless explainer: The next generation of cloud infrastructure

The first thing to know about serverless computing is that "serverless" is a pretty bad name to call it.Contrary to the vernacular, the technology that has burst onto the cloud computing scene in the past two years still does in fact run on servers. The name serverless instead highlights the fact that end users don’t have to manage servers that run their code anymore.+MORE AT NETWORK WORLD: Serverless computing in practice | This company runs its app without managing servers or virtual machines +To read this article in full or to leave a comment, please click here

Distributed Denial of Service Open Threat Signaling (DOTS)

When the inevitable 2AM call happens—”our network is under attack”—what do you do? After running through the OODA loop (1, 2, 3, 4), used communities to distribute the attack as much as possible, mitigated the attack where possible, and now you realist there little you can do locally. What now? You need to wander out on the ‘net and try to figure out how to stop this thing. You could try to use flowspec, but many providers do not like to support flowspec, because it directly impacts the forwarding performance of their edge boxes. Further, flowspec, used in this situation, doesn’t really work to walk the attack back to its source; the provider’s network is still impact by the DDoS attack.

This is where DOTS comes in. There are four components of DOTS, as shown below (taken directly from the relevant draft)—

The best place to start is with the attack target—that’s you, at 6AM, after trying to chase this thing down for a few hours, panicked because the office is about to open, and your network is still down. Within your network there would also be a DOTS client; this would be a small piece of software running Continue reading

30% off Garmin Forerunner 230 Running and Activity Tracking Watch – Deal Alert

Forerunner 230 is a running watch and activity tracker with smart features. It records steps, even when you’re not running. Tracks distance, pace, time, heart rate and VO2 Max on your runs. And when paired to your phone see incoming email, text messages, call alerts, calendar reminders and more. Right now its $250 list price on Amazon has been reduced 30% down to $175.84. See it now and learn more on Amazon.To read this article in full or to leave a comment, please click here

Micro-segmentation projects span enterprise organizations

Micro-segmentation is nothing new. We starting talking about the concept a few years ago with the onset of software-defined networking (SDN) technologies such as OpenFlow. More recently, micro-segmentation was most often associated with establishing trusted connections between cloud-based workloads.Micro-segmentation is simply a new software-based spin on the old practice of network segmentation that organizations have done for years with a variety of technologies—firewalls, VLANs, subnets, switch-based access control lists (ACLs), etc. In fact, many organizations use a potpourri of some or even all of these technologies. According to ESG research:To read this article in full or to leave a comment, please click here

Micro-segmentation Projects Span Enterprise Organizations

Micro-segmentation is nothing new, we starting talking about the concept a few years ago, with the onset of software-defined networking technologies like OpenFlow.  More recently, micro-segmentation was most often associated with establishing trusted connections between cloud-based workloads.Micro-segmentation is simply a new software-based spin on the old practice of network segmentation which organizations have done for years with a variety of technologies – firewalls, VLANs, subnets, switch-based access control lists (ACLs) etc.  In fact, many organizations use a potpourri of some or even all of these technologies.  According to ESG research (note: I am an ESG employee)To read this article in full or to leave a comment, please click here

Micro-segmentation Projects Span Enterprise Organizations

Micro-segmentation is nothing new, we starting talking about the concept a few years ago, with the onset of software-defined networking technologies like OpenFlow.  More recently, micro-segmentation was most often associated with establishing trusted connections between cloud-based workloads.Micro-segmentation is simply a new software-based spin on the old practice of network segmentation which organizations have done for years with a variety of technologies – firewalls, VLANs, subnets, switch-based access control lists (ACLs) etc.  In fact, many organizations use a potpourri of some or even all of these technologies.  According to ESG research (note: I am an ESG employee):To read this article in full or to leave a comment, please click here

Micro-segmentation projects span enterprise organizations

Micro-segmentation is nothing new. We starting talking about the concept a few years ago with the onset of software-defined networking (SDN) technologies such as OpenFlow. More recently, micro-segmentation was most often associated with establishing trusted connections between cloud-based workloads.Micro-segmentation is simply a new software-based spin on the old practice of network segmentation that organizations have done for years with a variety of technologies—firewalls, VLANs, subnets, switch-based access control lists (ACLs), etc. In fact, many organizations use a potpourri of some or even all of these technologies. According to ESG research:To read this article in full or to leave a comment, please click here

Office 365’s deskless worker package expands with new features

Microsoft is adding new capabilities to one of its cheapest enterprise plans for Office 365, in a push to capture a group of users traditionally underserved by the productivity suite.New to the Office 365 Enterprise K1 plan (the K stands for Kiosk) now includes 2GB of OneDrive for Business storage, along with access to Microsoft Teams, PowerApps and Flow. Users on the plan also get the ability to send instant messages using Skype for Business and participate in video meetings conducted over Skype Meeting Broadcast.Expanding the capabilities of this plan is part of Microsoft’s continued push to make Office 365 useful for employees who don’t spend all day in front of a computer. All of these capabilities are designed for people like retail employees and service workers. The K1 plan is also priced at $4 per user per month, drastically lower than the company’s other enterprise subscriptions.To read this article in full or to leave a comment, please click here

Silver Peak’s new SD-WAN makes the thin branch a reality

It seems that with technology, when we deploy something new, our first instincts are to make it look like the old thing. Then, at a later date, smart people figure out how the new thing can actually do something different.For example, the first Windows applications had a very DOS-like look and feel to them. Eventually the good folks at Microsoft created an ecosystem that gave us an entirely new way of working. I suppose this path creates the least amount of friction for people, as they can ease themselves out of the old way.RELATED: SD-WAN: What it is and why you will use it one day Another example is with software-defined networking (SDN) and SD-WAN. The initial wave of solutions was really about replacing MPLS with broadband to save money. Architecturally, everything stayed the same, but the circuits connecting the branch to the data center were augmented with or replaced by broadband, which brought the cost down and created a more efficient network.To read this article in full or to leave a comment, please click here

Silver Peak’s new SD-WAN makes the thin branch a reality

It seems that with technology, when we deploy something new, our first instincts are to make it look like the old thing. Then, at a later date, smart people figure out how the new thing can actually do something different.For example, the first Windows applications had a very DOS-like look and feel to them. Eventually the good folks at Microsoft created an ecosystem that gave us an entirely new way of working. I suppose this path creates the least amount of friction for people, as they can ease themselves out of the old way.RELATED: SD-WAN: What it is and why you will use it one day Another example is with software-defined networking (SDN) and SD-WAN. The initial wave of solutions was really about replacing MPLS with broadband to save money. Architecturally, everything stayed the same, but the circuits connecting the branch to the data center were augmented with or replaced by broadband, which brought the cost down and created a more efficient network.To read this article in full or to leave a comment, please click here