Archive

Category Archives for "Networking"

Epoch Rollover: Coming Two Years Early To A Router Near You!

The 2038 Problem

Broken Time? -  Roeland van der Hoorn
Many computer systems and applications keep track of time by counting the seconds from "the epoch", an arbitrary date. Epoch for UNIX-based systems is the stroke of midnight in Greenwich on 1 January 1970.

Lots of application functions and system libraries keep track of the time using a 32-bit signed integer, which has a maximum value of around 2.1 billion. It's good for a bit more than 68 years worth of seconds.

Things are likely to get weird 2.1 billion seconds after the epoch on January 19th, 2038.

As the binary counter rolls over from 01111111111111111111111111111111 to 10000000000000000000000000000000, the sign bit gets flipped. The counter will have changed from its farthest reach after the epoch to its farthest reach before the epoch. time will appear to have jumped from early 2038 to late 1901.

Things might even get weird within the next year (January 2018!) as systems begin encounter freshly minted CA certificates with expirations after the epoch rollover (it's common for CA certificates to last for 20 years.) These certificates may appear to have expired in late 1901, over a century prior to their Continue reading

Yahoo breach exposes the drawbacks of state-sponsored hacking

When governments turn to private hackers to carry out state-sponsored attacks, as the FBI alleges Russia did in the 2014 breach of Yahoo, they're taking a big risk. On the one hand, it gives them a bit of plausible deniability while reaping the potential spoils of each attack, but if the hackers aren't kept on a tight leash things can turn bad. Karim Baratov, the 22-year-old Canadian hacker who the FBI alleges Russia's state security agency hired to carry out the Yahoo breach, didn't care much for a low profile. His Facebook and Instagram posts boasted of the million-dollar house he bought in a Toronto suburb and there were numerous pictures of him with expensive sports cars -- the latest an Aston Martin DB9 with the license plate "MR KARIM."To read this article in full or to leave a comment, please click here

Yahoo breach exposes the drawbacks of state-sponsored hacking

When governments turn to private hackers to carry out state-sponsored attacks, as the FBI alleges Russia did in the 2014 breach of Yahoo, they're taking a big risk. On the one hand, it gives them a bit of plausible deniability while reaping the potential spoils of each attack, but if the hackers aren't kept on a tight leash things can turn bad. Karim Baratov, the 22-year-old Canadian hacker who the FBI alleges Russia's state security agency hired to carry out the Yahoo breach, didn't care much for a low profile. His Facebook and Instagram posts boasted of the million-dollar house he bought in a Toronto suburb and there were numerous pictures of him with expensive sports cars -- the latest an Aston Martin DB9 with the license plate "MR KARIM."To read this article in full or to leave a comment, please click here

Cornell has a radio for the whole world with software filtering

Researchers at Cornell University have developed a new type of radio-on-a-chip that could mean cheaper, more flexible wireless systems. Smartphone makers could, for example, use the technology to make a single model of each phone that works anywhere in the world.Single-chip radios have become a popular choice for communications hardware in the last decade because most characteristics of the radio are determined through software, not discrete hardware components. For this reason, they are often referred to as software-defined radios.But software can only do so much. In many transceiver devices -- ones that transmit and receive -- an array of filters is needed to protect the sensitive receiver circuity from signals being transmitted. Those signals can be up to a billion times more powerful that the ones being received, so without the filters, the radio would be overwhelmed and useless.To read this article in full or to leave a comment, please click here

Layer 2 security – DHCP Details, DHCP Snooping

Layer 2 security – DHCP Details, DHCP Snooping  Introduction   This article is the first of a series explaining layer 2 attacks identification and mitigation techniques, which will be a part of a bigger series discussing Security Infrastructure.   We will be discussing the most common attacks and how to mitigate them; but more important, […]

The post Layer 2 security – DHCP Details, DHCP Snooping appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

How AR and VR can reach a billion users before 2028

We have seen it all before: This will be the year of (blank). Pick any technology—augmented reality (AR) and virtual reality (VR) headsets, wearables, social networks, etc. The hype cycle starts three to five years early, and everyone—vendors, Wall Street and venture capitalists—is disappointed when last year was not the year.It is early days for VR and even earlier for AR. Sales of VR headsets were graded disappointing after the close of the Christmas season and seemingly confirmed when BestBuy closed half of its in-store Oculus demo stations.To read this article in full or to leave a comment, please click here

Super rare functioning Apple I computer could fetch hundreds of thousands at auction

An auction house in May will look for the highest bidding fanboy or fangirl who'd like to get his or her hands on what it claims is just one of 8 functioning Apple I computers. Auction Team Breker, which is based in Germany and specializes in what it calls "technical antiques", has set an auction date for the Apple I on May 20. MORE: iPhone 8 rumor rollup The collector's item could fetch hundreds of thousands of dollars based on sales of past such items, such as an Apple I sold by Sotheby's in 2014 for about $375K and a prototype of the Apple I that sold for $815K last year. Auction Team Breker estimates its item will go for between $190K and $320K.To read this article in full or to leave a comment, please click here

Oracle promises IaaS growth as cloud business rises

Oracle’s third quarter financial results continue to show that the company’s future is in the cloud. On Wednesday, the company reported massive growth in its software- and platform-as-a-service businesses, promising further gains as its customers do away with their data centers.The company’s SaaS and PaaS revenue from December 2016 through February 2017 was a little over US$1 billion, up from $583 million during the same period a year prior. Its infrastructure-as-a-service business brought in $178 million during the same period, bringing the company’s total cloud revenue for the quarter to almost $1.2 billion.To read this article in full or to leave a comment, please click here

Unpatched vulnerability puts Ubiquiti networking products at risk

An unpatched command injection vulnerability could allow hackers to take over enterprise networking products from Ubiquiti Networks.The vulnerability was discovered by researchers from SEC Consult and allows authenticated users to inject arbitrary commands into the web-based administration interface of affected devices. These commands would be executed on the underlying operating system as root, the highest privileged account.Because it requires authentication, the vulnerability's impact is somewhat reduced, but it can still be exploited remotely through cross-site request forgery (CSRF). This is an attack technique that involves forcing a user's browser to send unauthorized requests to specifically crafted URLs in the background when they visit attacker-controlled websites.To read this article in full or to leave a comment, please click here

Unpatched vulnerability puts Ubiquiti networking products at risk

An unpatched command injection vulnerability could allow hackers to take over enterprise networking products from Ubiquiti Networks.The vulnerability was discovered by researchers from SEC Consult and allows authenticated users to inject arbitrary commands into the web-based administration interface of affected devices. These commands would be executed on the underlying operating system as root, the highest privileged account.Because it requires authentication, the vulnerability's impact is somewhat reduced, but it can still be exploited remotely through cross-site request forgery (CSRF). This is an attack technique that involves forcing a user's browser to send unauthorized requests to specifically crafted URLs in the background when they visit attacker-controlled websites.To read this article in full or to leave a comment, please click here

Unpatched vulnerability puts Ubiquiti networking products at risk

An unpatched command injection vulnerability could allow hackers to take over enterprise networking products from Ubiquiti Networks.The vulnerability was discovered by researchers from SEC Consult and allows authenticated users to inject arbitrary commands into the web-based administration interface of affected devices. These commands would be executed on the underlying operating system as root, the highest privileged account.Because it requires authentication, the vulnerability's impact is somewhat reduced, but it can still be exploited remotely through cross-site request forgery (CSRF). This is an attack technique that involves forcing a user's browser to send unauthorized requests to specifically crafted URLs in the background when they visit attacker-controlled websites.To read this article in full or to leave a comment, please click here

Qualcomm pushing vague term “platforms” over “processors” for Snapdragon line

Qualcomm's plea this week to start referring to its Snapdragon processors as the Qualcomm Snapdragon Mobile Platform reminds me of my early days at Network World when every vendor insisted it was selling a "solution" and not a switch or router or server.Interviews often went something like this:"So what is your company announcing today?""A solution""Yeah, but what is it? Is it a router? Is it a switch? Is it software? Is it hardware? Is it a service?""It's a solution."Qualcomm's solution to people underestimating all that its Snapdragon processors do, and to distinguish them from lower-end products in its line, is to introduce a "new naming structure" to, you guessed it, "represent [our] full suite of solutions."To read this article in full or to leave a comment, please click here

Community Forum Launches the Search for 25 Under 25

Today, the Internet Society hosted a special Community Forum, “Youth on the Internet.” Hundreds of participants from across 6 continents joined the conversation to share their views on what the Internet means to them.

A special thanks to our Next Generation Leaders who were panellists - Evelyn Namara (Uganda), Veronica Arroyo (Peru), Yuza Setiawan (Indonesia) for a vibrant discussion on topics such as how young people can address privacy and security concerns, and how the Internet can help close the gender gap.

Toral Cowieson

Linux networking: It’s not just SDN

Oftentimes, Cumulus Linux gets confused for an SDN (software-defined networking) solution. In conversations with potential customers, I’ve noticed that some of them find it difficult to distinguish between SDN, open networking and Cumulus Linux. When I talk to network engineers, I start by clarifying the SDN buzzword head on. The term gets overused, and is often defined by other confusing acronyms or marketing jargon. To complicate things further, SDN is often thought of as equivalent to OpenFlow, which is flawed in my opinion.

What is SDN?

If I were to more accurately describe SDN based on my experiences in the networking industry, I would define it more broadly. Instead of defining SDN as a specific solution (such as OpenFlow), I define SDN as a highly automatable and programmable network infrastructure.

What SDN providers exist today?

  • OpenFlow: Many companies and communities drive OpenFlow solutions, but today there is no guarantee any one solution can interoperate with any other.
  • Proprietary or vendor-specific: Solutions such as Cisco’s ACI and Juniper Contrails are closed solutions that are positioned as SDN. Arguably, certain OpenFlow solutions can fall under here as well since they don’t all adhere to an OpenFlow standard.
  • Network virtualization with technologies Continue reading

IDG Contributor Network: Smarter authentication makes mobile experiences more secure, user friendly

To make our lives easier, digital experiences have become much more interconnected and the volume of personal data captured in the cloud is growing exponentially. While these trends make us more productive, they can also make security breaches much more damaging. Once a hacker gains access to one aspect of your digital life, he can easily reach across multiple applications and accounts, laying a path of destruction and heartache.Today’s mobile and digital experiences need authentication strategies that keep up with the constantly changing digital ecosystem, and simple passwords are not enough.Authentication must be fast, easy to use Multifactor authentication strategies are growing in popularity, but the tradeoff of usability and security is a constant balancing act. If authentication solutions are not simple, quick and easy, users will find ways around them. And if they are not secure, hackers will quickly exploit weaknesses. Sophisticated smart authentication strategies are coming to market that are less visible and easier to use than messaging-based two-factor authentication approaches or biometrics. Approaches such as behavioral biometrics and adaptive authentication are leveraging data and sophisticated algorithms to create more secure and easier-to-use experiences.To read this article in full or to leave a comment, please Continue reading