Archive

Category Archives for "Networking"

How Facebook and Google are battling internet terrorism

WASHINGTON -- Social media heavyweights like Facebook and YouTube have been working with the U.S. government and other international partners as they look to take a more active role in combating terrorist propaganda and other extremist messages that have gained traction online.Officials from the popular social network and YouTube parent Google addressed the issue here at a recent tech policy conference, where they described efforts to go beyond simply removing extremist content, and actually engaging in counter-messaging programs to present alternative narratives to those advanced by groups like ISIS."We're really focused on utilizing the strength that comes out of YouTube to push back on these messages," said Alexandria Walden, Google's counsel on free expression and human rights. "We know the power of our platform, and so we know that the best way to counter messages of hate and violence is to promote messages that push back against that, that push back against the hate and extremism and xenophobia around the world."To read this article in full or to leave a comment, please click here

How Facebook and Google are battling internet terrorism

WASHINGTON -- Social media heavyweights like Facebook and YouTube have been working with the U.S. government and other international partners as they look to take a more active role in combating terrorist propaganda and other extremist messages that have gained traction online.Officials from the popular social network and YouTube parent Google addressed the issue here at a recent tech policy conference, where they described efforts to go beyond simply removing extremist content, and actually engaging in counter-messaging programs to present alternative narratives to those advanced by groups like ISIS."We're really focused on utilizing the strength that comes out of YouTube to push back on these messages," said Alexandria Walden, Google's counsel on free expression and human rights. "We know the power of our platform, and so we know that the best way to counter messages of hate and violence is to promote messages that push back against that, that push back against the hate and extremism and xenophobia around the world."To read this article in full or to leave a comment, please click here

In major AI win, Libratus beats four top poker pros

Marking a major step forward for artificial intelligence (AI), Libratus, an AI developed by Carnegie Mellon University (CMU), has resoundingly beaten four of the best heads-up no-limit Texas hold'em poker players in the world in a marathon, 20-day competition.After 20 days and a collective 120,000 hands played, Libratus closed out the competition Monday leading the pros by a collective $1,766,250 in chips."I'm just impressed with the quality of poker Libratus plays," pro player Jason Les, a specialist in heads-up no-limit Texas hold'em like the other three players, said at a press conference yesterday morning. "They made algorithms that play this game better than us. We make a living trying to find vulnerabilities in strategies. That's what we do every day when we play heads-up no-limit. We tried everything we could and it was just too strong."To read this article in full or to leave a comment, please click here

Net neutrality policy still up in the air under Trump

During his campaign, U.S. President Donald Trump called the Federal Communications Commission's net neutrality rules a "top-down power grab," leading many observers to expect a quick repeal.Trump's presidency is still in its infancy and it's unclear what his administration will do about the hot-button issue.It's difficult to determine what direction the unpredictable Trump administration will take, said Nathan White, senior legislative manager at Access Now, a digital rights group."The world is a very complicated place right now," he said. "I don't think we can get too far out front and predict the future."To read this article in full or to leave a comment, please click here

Net neutrality policy still up in the air under Trump

During his campaign, U.S. President Donald Trump called the Federal Communications Commission's net neutrality rules a "top-down power grab," leading many observers to expect a quick repeal.Trump's presidency is still in its infancy and it's unclear what his administration will do about the hot-button issue.It's difficult to determine what direction the unpredictable Trump administration will take, said Nathan White, senior legislative manager at Access Now, a digital rights group."The world is a very complicated place right now," he said. "I don't think we can get too far out front and predict the future."To read this article in full or to leave a comment, please click here

Tim Cook: Apple may take legal action over immigration restrictions

After sending an email to employees expressing Apple’s opposition to the Trump administration’s new immigration restrictions, Apple CEO Tim Cook is now making a forceful stand.“More than any country in the world, this country is strong because of our immigrant background and our capacity and ability as people to welcome people from all kinds of backgrounds,” Cook told the Wall Street Journal. “That’s what makes us special. We ought to pause and really think deeply through that.”To read this article in full or to leave a comment, please click here

Samsung’s Tizen 4.0 OS is in development and due out in September

A new version of Samsung's Tizen OS, version 4.0, is now under development for mobile devices, wearables and smart gadgets and is due for release in September. Tizen is mainly used in Samsung products. The release date of Tizen 4.0 is listed on the OS's developer website, which also states that the first beta of the OS will come out in June. The Tizen 4.0 release date is listed as part of the Tizen .NET roadmap. The page states that "the first official version of Tizen .NET will be released in September 2017 as a part of Tizen 4.0." The page went up recently, and an image detailing the roadmap seems to have  typographical errors. The chart is supposed to show a timeline for Tizen .NET releases extending into 2017, but the release date of Tizen 4.0 is listed for September 2016, in an apparent mistake.To read this article in full or to leave a comment, please click here

Protecting everyone from WordPress Content Injection

Today a severe vulnerability was announced by the WordPress Security Team that allows unauthenticated users to change content on a site using unpatched (below version 4.7.2) WordPress.

CC BY-SA 2.0 image by Nicola Sap De Mitri

The problem was found by the team at Sucuri and reported to WordPress. The WordPress team worked with WAF vendors, including Cloudflare, to roll out protection before the patch became available.

Earlier this week we rolled out two rules to protect against exploitation of this issue (both types mentioned in the Sucuri blog post). We have been monitoring the situation and have not observed any attempts to exploit this vulnerability before it was announced publicly.

Customers on a paid plan will find two rules in WAF, WP0025A and WP0025B, that protect unpatched WordPress sites from this vulnerability. If the Cloudflare WordPress ruleset is enabled then these rules are automatically turned on and blocking.

Protecting Everyone

As we have in the past with other serious and critical vulnerabilities like Shellshock and previous issues with JetPack, we have enabled these two rules for our free customers as well.

Free customers who want full protection for their WordPress sites can upgrade to a Continue reading

Serverless computing’s future is now – and why you should care

Although vendor-written, this contributed piece does not advocate a position that is particular to the author’s employer and has been edited and approved by Network World editors. Serverless computing, a disruptive application development paradigm that reduces the need for programmers to spend time focused on how their hardware will scale, is rapidly gaining momentum for event-driven programming. Organizations should begin exploring this opportunity now to see if it will help them dramatically reduce costs while ensuring applications run at peak performance. For the last decade, software teams have been on a march away from the practice of directly managing hardware in data centers toward renting compute capacity from Infrastructure as a Service (IAAS) vendors such as Amazon Web Services (AWS) and Microsoft Azure. It is rare that a software team creates unique value by managing hardware directly, so the opportunity to offload that undifferentiated heavy lifting to IaaS vendors has been welcomed by software teams worldwide.To read this article in full or to leave a comment, please click here

Serverless computing’s future is now – and why you should care

Although vendor-written, this contributed piece does not advocate a position that is particular to the author’s employer and has been edited and approved by Network World editors.

Serverless computing, a disruptive application development paradigm that reduces the need for programmers to spend time focused on how their hardware will scale, is rapidly gaining momentum for event-driven programming. Organizations should begin exploring this opportunity now to see if it will help them dramatically reduce costs while ensuring applications run at peak performance.

For the last decade, software teams have been on a march away from the practice of directly managing hardware in data centers toward renting compute capacity from Infrastructure as a Service (IAAS) vendors such as Amazon Web Services (AWS) and Microsoft Azure. It is rare that a software team creates unique value by managing hardware directly, so the opportunity to offload that undifferentiated heavy lifting to IaaS vendors has been welcomed by software teams worldwide.

To read this article in full or to leave a comment, please click here

Mobile security firm offers cash to hackers for their old exploits

Mobile security firm Zimperium has launched an exploit acquisition program that aims to bring undisclosed attack code for already patched vulnerabilities out in the open.Paying for old exploits might seem like a waste of money, but there are technical and business arguments to justify such an acquisition system and they ultimately have to do with the difference between exploits and vulnerabilities.A vulnerability is a software defect with potential security implications, while an exploit is the actual code that takes advantage of that bug to achieve a specific malicious goal, often by bypassing other security barriers along the way.In practice, many vulnerabilities that get reported to vendors are not accompanied by working exploits. Showing that a programming error can lead to memory corruption is typically enough for the vendor to understand its potential implications -- for example, arbitrary code execution.To read this article in full or to leave a comment, please click here

Mobile security firm offers cash to hackers for their old exploits

Mobile security firm Zimperium has launched an exploit acquisition program that aims to bring undisclosed attack code for already patched vulnerabilities out in the open.Paying for old exploits might seem like a waste of money, but there are technical and business arguments to justify such an acquisition system and they ultimately have to do with the difference between exploits and vulnerabilities.A vulnerability is a software defect with potential security implications, while an exploit is the actual code that takes advantage of that bug to achieve a specific malicious goal, often by bypassing other security barriers along the way.In practice, many vulnerabilities that get reported to vendors are not accompanied by working exploits. Showing that a programming error can lead to memory corruption is typically enough for the vendor to understand its potential implications -- for example, arbitrary code execution.To read this article in full or to leave a comment, please click here

Help Wanted: Stitching a Federated SDN on OpenStack with EVPN

I am working with a client that has a rather unique problem and I’m looking for help on the possible solution.

For unusual, but practical, reasons there is a need to deploy three SDN solutions.

  1. VMware Integrated OpenStack with NSX
  2. Mirantis OpenStack with OpenContrail
  3. BGP-EVPN for existing and future

What I need help with is the stitching these different overlays together so that high bandwidth (>500Gbps), low latency (<5ms) data can flow in between virtual and physical networks.

There is no alignment to a hardware vendor and will buy whatever hardware can meet the requirements based on its software features.

SDN Federation in 3 parts (24-01-2017, 11-15-21).png

Questions

  1. I know that each of these solution supports VXLAN overlay and can be terminated (VTEP) in hardware. But which hardware ? What operating systems ? What protocols are used for any given hardware/software platform  ?
  2.  What is the configuration of the VTEP devices and can they be integrated into an orchestration (self-developed) ? What APIs are used to configure the VTEP instances ?
  3. What are the performance considerations around VTEP ?
  4. Is is practical to stitch a BGP-EVPN physical underlay to an SDN overlay such as NSX or OpenContrail ?

Discussion

I would be interested in talking to anyone who could offer advice and input Continue reading

Worth Reading: Running from DDoS

As we look back over 2016, one of the most obvious stories will be the dramatic rise in the weaponization and size of DDoS attacks. At the beginning of 2016 we noted the largest attack being approximately 500Gbps. In the later months of 2016, we saw the monetization of multiple IoT-based botnet DDoS attacks that were close to breaking the 1 Tbps mark. —Arbor

The post Worth Reading: Running from DDoS appeared first on 'net work.

Cisco unveils Tetration 2.0, focuses on application security

The middle of last year, Cisco held an event in New York to release its newest product, Tetration. The product moved Cisco into the analytics market, with the information being used to help customers better understand application performance and improve data center security. This week, Cisco announced the next version of Tetration Analytics, which is focused at providing security at the application layer. Cisco also released some new deployment options to make it easier for customers to get started with Tetration. To read this article in full or to leave a comment, please click here

Cisco unveils Tetration 2.0, focuses on application security

The middle of last year, Cisco held an event in New York to release its newest product, Tetration. The product moved Cisco into the analytics market, with the information being used to help customers better understand application performance and improve data center security. This week, Cisco announced the next version of Tetration Analytics, which is focused at providing security at the application layer. Cisco also released some new deployment options to make it easier for customers to get started with Tetration. To read this article in full or to leave a comment, please click here

iPhone sales get one-time windfall from Samsung Note 7 woes

During Apple’s earnings report last night, CEO Tim Cook did not mention why Apple squeaked by with 3 percent revenue growth. Almost every product category he spoke about was predicated with the words “record setting.” But a closer look reveals, Cook’s praise might be overstated, and Apple’s quest to produce another iPhone-scale new product to reignite growth continues.Radio Free Mobile’s Richard Windsor explained in an early-morning report from London what Cook did not. iPhone shipments at higher prices were driven by the defection of Samsung Galaxy Note customers due to the recall of the Note 7.To read this article in full or to leave a comment, please click here

1 1,932 1,933 1,934 1,935 1,936 3,341