BrandPost: Six common DevOps myths busted

Even though the DevOps movement has begun to take hold, plenty of misperceptions about DevOps still exist. Is DevOps a set of absolute beliefs? A miracle cure for anything that ails an organization? Does it require particular software tools? Can only the unicorns of the world get it right? Because it can be hard to pin down, some people mistrust the benefits of solid DevOps methodologies. And they forget that at its heart, DevOps is about responding more quickly to business and customer needs. It’s about continual learning and improvement rather than an end state. A new Puppet ebook, DevOps Mythbusting, sets the record straight, and shows how you can benefit from DevOps practices, even if you think you don't have the time or resources.To read this article in full or to leave a comment, please click here

Worth Reading: AI and being left out

It is often argued that technological progress always leads to massive shifts in employment but that at the end of the day the economy grows as new jobs are created. However, that’s a far too facile way of looking at the impact of AI and automation on jobs today. Joel Mokyr, a leading economic historian at Northwestern University, has spent his career studying how people and societies have experienced the radical transitions spurred by advances in technology, such as the Industrial Revolution that began in the late 18th century. The current disruptions are faster and “more intensive,” Mokyr says. “It is nothing like what we have seen in the past, and the issue is whether the system can adapt as it did in the past.” —Technology Review

The post Worth Reading: AI and being left out appeared first on 'net work.

Eleven-year-old root flaw found and patched in the Linux kernel

Linux system administrators should be on the watch for kernel updates because they fix a local privilege escalation flaw that could lead to a full system compromise.The vulnerability, tracked as CVE-2017-6074, is over 11 years old and was likely introduced in 2005 when the Linux kernel gained support for the Datagram Congestion Control Protocol (DCCP). It was discovered last week and was patched by the kernel developers on Friday.The flaw can be exploited locally by using heap spraying techniques to execute arbitrary code inside the kernel, the most privileged part of the OS. Andrey Konovalov, the Google researcher who found the vulnerability, plans to publish an exploit for it a few days.To read this article in full or to leave a comment, please click here

Eleven-year-old root flaw found and patched in the Linux kernel

Linux system administrators should be on the watch for kernel updates because they fix a local privilege escalation flaw that could lead to a full system compromise.The vulnerability, tracked as CVE-2017-6074, is over 11 years old and was likely introduced in 2005 when the Linux kernel gained support for the Datagram Congestion Control Protocol (DCCP). It was discovered last week and was patched by the kernel developers on Friday.The flaw can be exploited locally by using heap spraying techniques to execute arbitrary code inside the kernel, the most privileged part of the OS. Andrey Konovalov, the Google researcher who found the vulnerability, plans to publish an exploit for it a few days.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Is DevOps security about behavior or process?

One of my main roles is improving the security of the software produced by my employer, and it was in that role that I attended the annual gathering of the security industry in San Francisco last week. The RSA Conference is one of the two global security conferences I attend, the other being Blackhat. While Blackhat has become more corporate, it’s still dominated by hackers and focuses more on vulnerabilities, whereas RSA is very much a corporate event focused on enterprise security and security policy.RELATED: Machine learning offers new hope against cyber attacks Several of the tracks at RSA this year covered the area of security in the development process. I was most interested in the Advanced Security & DevOps track. DevOps is a hot topic in the industry, and now we have SecDevOps, or perhaps DevSecOps as the new security buzzword spinoff. Behind the buzzwords, however, I learned some useful lessons, a few of which I’d like to discuss here.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Is DevOps security about behavior or process?

One of my main roles is improving the security of the software produced by my employer, and it was in that role that I attended the annual gathering of the security industry in San Francisco last week. The RSA Conference is one of the two global security conferences I attend, the other being Blackhat. While Blackhat has become more corporate, it’s still dominated by hackers and focuses more on vulnerabilities, whereas RSA is very much a corporate event focused on enterprise security and security policy.RELATED: Machine learning offers new hope against cyber attacks Several of the tracks at RSA this year covered the area of security in the development process. I was most interested in the Advanced Security & DevOps track. DevOps is a hot topic in the industry, and now we have SecDevOps, or perhaps DevSecOps as the new security buzzword spinoff. Behind the buzzwords, however, I learned some useful lessons, a few of which I’d like to discuss here.To read this article in full or to leave a comment, please click here

Dell EMC brings hyperconverged infrastructure to hybrid clouds

Hyperconverged infrastructure (HCI) has been red hot over the past few years as more customers look for turnkey solutions to simplify the deployment of technology in its software defined data centers. The converged infrastructure group at Dell EMC, formerly known as VCE, was a late entrant into the market, but with Usain Bolt-like speed, the company has caught up to the field and is well on its way to becoming the market leader and de facto standard. RELATED: Hyperconvergence: What’s all the hype about? The value proposition for Dell EMC is as simple as its products are to deploy. It’s HCI solutions, VxRack and VxRail, are kept in lockstep with VMware’s vSphere and VSAN roadmaps. Businesses that want to run VMware on HCI will almost certainly get a superior experience with VxRack and/or VxRail than they will with any other solution. The VMware install base is obviously huge, and Dell EMC has parlayed this into the following momentum in about a year: To read this article in full or to leave a comment, please click here

Verizon ranks tops in wireless coverage and reliability by RootMetrics

Verizon was named the "undisputed leader" for U.S. wireless coverage and network reliability for the second half of 2016 at the city, state and national levels, based on millions of field tests conducted by RootMetrics.Verizon benefited from its LTE-Advanced service started in summer of 2016, which provided a significant boost to Verizon's download speeds, RootMetrics said in a report released Thursday.Separately, Verizon announced on Wednesday that it will deliver 5G wireless service to pilot customers in 11 cities by mid-2017. Those cities include Atlanta, Dallas, Denver, Houston, Miami, Seattle and Washington.To read this article in full or to leave a comment, please click here

Dell EMC brings hyperconverged infrastructure to hybrid clouds

Hyperconverged infrastructure (HCI) has been red hot over the past few years as more customers look for turnkey solutions to simplify the deployment of technology in its software defined data centers. The converged infrastructure group at Dell EMC, formerly known as VCE, was a late entrant into the market, but with Usain Bolt-like speed, the company has caught up to the field and is well on its way to becoming the market leader and de facto standard. RELATED: Hyperconvergence: What’s all the hype about? The value proposition for Dell EMC is as simple as its products are to deploy. It’s HCI solutions, VxRack and VxRail, are kept in lockstep with VMware’s vSphere and VSAN roadmaps. Businesses that want to run VMware on HCI will almost certainly get a superior experience with VxRack and/or VxRail than they will with any other solution. The VMware install base is obviously huge, and Dell EMC has parlayed this into the following momentum in about a year: To read this article in full or to leave a comment, please click here

Verizon ranks tops in wireless coverage and reliability by RootMetrics

Verizon was named the "undisputed leader" for U.S. wireless coverage and network reliability for the second half of 2016 at the city, state and national levels, based on millions of field tests conducted by RootMetrics.Verizon benefited from its LTE-Advanced service started in summer of 2016, which provided a significant boost to Verizon's download speeds, RootMetrics said in a report released Thursday.Separately, Verizon announced on Wednesday that it will deliver 5G wireless service to pilot customers in 11 cities by mid-2017. Those cities include Atlanta, Dallas, Denver, Houston, Miami, Seattle and Washington.To read this article in full or to leave a comment, please click here

How to scrub your private data from ‘people finder’ sites

It doesn’t matter what you do online: The internet knows a ton about you, and that information is a mouse click away.Search any people finder site—Spokeo, PeekYou, Whitepages, to name a few—and odds are you’ll find a page listing your full name, date of birth, names of family members, current address, and phone number. Depending on the site's aggressiveness, it may offer (for a low membership fee or the price of registering an account) additional details such as past addresses, social media profiles, marital status, employment history, education, court cases such as bankruptcies, hobbies, and even a photo of where you live.[ 18 surprising tips for security pros. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ] Forget the National Security Agency. Aggregator sites such as Intelius, Radaris, and PeopleFinder have data warehouses full of information about you, accessible to people without your permission, and used for purposes you know nothing about. While these sites ostensibly provide background checks and other public services, they also simplify identity theft, stalking, and doxxing (exposing personal information online to encourage harassment), which is both creepy and downright dangerous.To read this article in full or to leave Continue reading

How to scrub your private data from ‘people finder’ sites

It doesn’t matter what you do online: The internet knows a ton about you, and that information is a mouse click away.Search any people finder site—Spokeo, PeekYou, Whitepages, to name a few—and odds are you’ll find a page listing your full name, date of birth, names of family members, current address, and phone number. Depending on the site's aggressiveness, it may offer (for a low membership fee or the price of registering an account) additional details such as past addresses, social media profiles, marital status, employment history, education, court cases such as bankruptcies, hobbies, and even a photo of where you live.[ 18 surprising tips for security pros. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ] Forget the National Security Agency. Aggregator sites such as Intelius, Radaris, and PeopleFinder have data warehouses full of information about you, accessible to people without your permission, and used for purposes you know nothing about. While these sites ostensibly provide background checks and other public services, they also simplify identity theft, stalking, and doxxing (exposing personal information online to encourage harassment), which is both creepy and downright dangerous.To read this article in full or to leave Continue reading

Here’s why self-driving cars may never really be self-driving

It sounds like the beginning of a bar room joke.Two self-driving cars are headed down the highway when the lead car decides to   speed up to avoid being rear-ended by the second. That car, in turn, slows down to avoid hitting the first. Then a third car suddenly comes between the two, prompting  the slower car to change lanes to avoid and accident.The problem: There are cars in the lanes on either side of it.What's an autonomous car to do? The answer is no joke.The scenario is called "a ripple factor" and it's one of many researchers at Carnegie Mellon University (CMU) are studying to understand how embedded software could  address a myriad number of unexpected situations that could cause accidents as self-driving vehicles speed toward reality.To read this article in full or to leave a comment, please click here

iPad smackdown: Microsoft Office vs. Apple iWork vs. Google G Suite

The iPad makes a great laptop, and nowhere is that more obvious than in its productivity tools. Apple showed the way years ago with its iWork suite (Pages, Numbers, and Keynote), and Microsoft has validated the notion with its Office suite (Word, Excel, and PowerPoint). Of course there's also Google G Suite (Docs, Sheets, and Slides), which includes mobile versions of the apps for iOS.iPad productivity smackdown: Word processing comparediPad productivity smackdown: Spreadsheets comparediPad productivity smackdown: Presentations comparediPad productivity smackdown: File collaboration comparedTo read this article in full or to leave a comment, please click here(Insider Story)

Why AMD had to change the Zen name to Ryzen for its new chip architecture

You know when AMD’s Ryzen is launching, how much it’ll cost, and you even have a pretty good idea of its performance. But you might not know why AMD dropped the original Zen name for Ryzen, so we asked. And it all begins with what AMD couldn’t do with the brand.As John Taylor, corporate vice president of marketing for AMD, describes it, AMD was between a rock and a hard place. Mike Clark, an engineering fellow at AMD who led the Zen architecture development, had dubbed the architecture “Zen” for the balance it struck between various aspects of the design. Fans who had followed Zen’s development would buttonhole AMD execs and rave about the Zen name: “‘I love Zen...there’s something about it I’m just connecting with,’ they’d say,” Taylor said.To read this article in full or to leave a comment, please click here

Why AMD had to change the Zen name to Ryzen for its new chip architecture

You know when AMD’s Ryzen is launching, how much it’ll cost, and you even have a pretty good idea of its performance. But you might not know why AMD dropped the original Zen name for Ryzen, so we asked. And it all begins with what AMD couldn’t do with the brand.As John Taylor, corporate vice president of marketing for AMD, describes it, AMD was between a rock and a hard place. Mike Clark, an engineering fellow at AMD who led the Zen architecture development, had dubbed the architecture “Zen” for the balance it struck between various aspects of the design. Fans who had followed Zen’s development would buttonhole AMD execs and rave about the Zen name: “‘I love Zen...there’s something about it I’m just connecting with,’ they’d say,” Taylor said.To read this article in full or to leave a comment, please click here

Why DRaaS is a better defense against ransomware

Recovering from a ransomware attack doesn’t have to take daysImage by Eric E CastroIt’s one thing for a user’s files to get infected with ransomware, it’s quite another to have a production database or mission-critical application infected. But, restoring these databases and apps from a traditional backup solution (appliance, cloud or tape) will take hours or even days which can cost a business tens or hundreds of thousands of dollars. Dean Nicolls, vice president of marketing at Infrascale, shares some tangible ways disaster recovery as a service (DRaaS) can pay big dividends and quickly restore systems in the wake of a ransomware attack.To read this article in full or to leave a comment, please click here

Why DRaaS is a better defense against ransomware

Recovering from a ransomware attack doesn’t have to take daysImage by Eric E CastroIt’s one thing for a user’s files to get infected with ransomware, it’s quite another to have a production database or mission-critical application infected. But, restoring these databases and apps from a traditional backup solution (appliance, cloud or tape) will take hours or even days which can cost a business tens or hundreds of thousands of dollars. Dean Nicolls, vice president of marketing at Infrascale, shares some tangible ways disaster recovery as a service (DRaaS) can pay big dividends and quickly restore systems in the wake of a ransomware attack.To read this article in full or to leave a comment, please click here

Are you afraid your car will be taken over?

In 2013 Charlie Miller and Chris Valesek showed how easy it was to take over a connected car. It was a monumental moment that made the auto industry stand up and take notice of the vulnerability of the connected cars they manufactured.Miller and Valesek were not maliciously running cars off the road, but they did give demonstrations so that the auto industry would begin to take security seriously. As seen in this video, the two researchers had the capability through their laptops to shut down the vehicle's engine on the highway or spew window washing fluid onto the windshield, which could startle an unsuspecting driver to perhaps jerk the wheel and hit another car. They identified more than seven major categories of remote attack surfaces, based on their study of 20 models (2014 to 2015) from different car manufacturers.To read this article in full or to leave a comment, please click here

Are you afraid your car will be taken over?

In 2013 Charlie Miller and Chris Valesek showed how easy it was to take over a connected car. It was a monumental moment that made the auto industry stand up and take notice of the vulnerability of the connected cars they manufactured.Miller and Valesek were not maliciously running cars off the road, but they did give demonstrations so that the auto industry would begin to take security seriously. As seen in this video, the two researchers had the capability through their laptops to shut down the vehicle's engine on the highway or spew window washing fluid onto the windshield, which could startle an unsuspecting driver to perhaps jerk the wheel and hit another car. They identified more than seven major categories of remote attack surfaces, based on their study of 20 models (2014 to 2015) from different car manufacturers.To read this article in full or to leave a comment, please click here