Archive

Category Archives for "Networking"

WikiLeaks’ CIA document dump shows agency can compromise Android, TVs

WikiLeaks has released more than 8,700 documents it says come from the CIA's Center for Cyber Intelligence, with some of the leaks saying the agency had 24 "weaponized" and previously undisclosed exploits for the Android operating system as of 2016.Some of the Android exploits were developed by the CIA, while others came from the U.S. National Security Agency, U.K. intelligence agency GCHQ, and cyber arms dealers, according to the trove of documents released Tuesday. Some smartphone attacks developed by the CIA allow the agency to bypass the encryption in WhatsApp, Confide, and other apps by collecting audio and message traffic before encryption is applied, according to the WikiLeaks analysis.To read this article in full or to leave a comment, please click here

WikiLeaks’ CIA document dump shows agency can compromise Android, TVs

WikiLeaks has released more than 8,700 documents it says come from the CIA's Center for Cyber Intelligence, with some of the leaks saying the agency had 24 "weaponized" and previously undisclosed exploits for the Android operating system as of 2016.Some of the Android exploits were developed by the CIA, while others came from the U.S. National Security Agency, U.K. intelligence agency GCHQ, and cyber arms dealers, according to the trove of documents released Tuesday. Some smartphone attacks developed by the CIA allow the agency to bypass the encryption in WhatsApp, Confide, and other apps by collecting audio and message traffic before encryption is applied, according to the WikiLeaks analysis.To read this article in full or to leave a comment, please click here

Arista puts itself in a container

The network industry is rarely kind to new entrants, as buyers typically have their favorite vendors and seldom give a passing look to someone new. Names like Woven Networks and Consentry come and go while the tried and true live on. One vendor that has bucked this trend—started fast and stayed fast—is Arista Networks. RELATED: Will containers kill the virtual machine? How has Arista avoided the fate of so many before them? One reason is that it’s able to keep ahead of the innovation curve because of the flexible architecture of its operating system, EOS. The flexibility of its software has also enabled Arista to adopt new silicon faster than the competition without having to build entirely new platforms. To read this article in full or to leave a comment, please click here

Cisco reinforces HyperFlex hyperconvergence system with power, management features

It has been almost a year since Cisco jumped into the hyperconverged arena and while the HyperFlex business has done well – landing 1,100 customers -- the company is expecting a burst of upgrades to significantly speed and simplify management of its HyperFlex systems.+More on Network World: Cisco, Mitel, NEC and others are targeting Avaya’s customers as the networking company goes through Chapter 11 bankruptcy+To read this article in full or to leave a comment, please click here

Cisco reinforces HyperFlex hyperconvergence system with power, management features

It has been almost a year since Cisco jumped into the hyperconverged arena and while the HyperFlex business has done well – landing 1,100 customers -- the company is expecting a burst of upgrades to significantly speed and simplify management of its HyperFlex systems.+More on Network World: Cisco, Mitel, NEC and others are targeting Avaya’s customers as the networking company goes through Chapter 11 bankruptcy+To read this article in full or to leave a comment, please click here

Android gets patches for critical OpenSSL, media server and kernel driver flaws

A five-month-old flaw in Android's SSL cryptographic libraries is among the 35 critical vulnerabilities Google fixed in its March security patches for the mobile OS.The first set of patches, known as patch level 2017-03-01, is common to all patched phones and contains fixes for 36 vulnerabilities, 11 of which are rated critical and 15 high. Android vulnerabilities rated critical are those that can be exploited to execute malicious code in the context of a privileged process or the kernel, potentially leading to a full device compromise.One of the patched vulnerabilities is located in the OpenSSL cryptographic library and also affects Google's newer BoringSSL library, which is based on OpenSSL. What's interesting is that the flaw, identified as CVE-2016-2182, was patched in OpenSSL back in September. It can be exploited by forcing the library to process an overly large certificate or certificate revocation list from an untrusted source.To read this article in full or to leave a comment, please click here

Android gets patches for critical OpenSSL, media server and kernel driver flaws

A five-month-old flaw in Android's SSL cryptographic libraries is among the 35 critical vulnerabilities Google fixed in its March security patches for the mobile OS.The first set of patches, known as patch level 2017-03-01, is common to all patched phones and contains fixes for 36 vulnerabilities, 11 of which are rated critical and 15 high. Android vulnerabilities rated critical are those that can be exploited to execute malicious code in the context of a privileged process or the kernel, potentially leading to a full device compromise.One of the patched vulnerabilities is located in the OpenSSL cryptographic library and also affects Google's newer BoringSSL library, which is based on OpenSSL. What's interesting is that the flaw, identified as CVE-2016-2182, was patched in OpenSSL back in September. It can be exploited by forcing the library to process an overly large certificate or certificate revocation list from an untrusted source.To read this article in full or to leave a comment, please click here

Google faces another antitrust complaint in Europe

Another day, another antitrust action against Google: On Monday, the Open Internet Project filed a new complaint with the European Union's top competition authority, charging the search giant with abusing its dominant position in the market for smartphone software.It was in 2014 that the OIP filed its first complaint against Google, contributing to a European Commission investigation into the company's search services that began in 2010.Since then, the OIP has gained 20 new members from ICOMP, the Initiative for a Competitive Online Marketplace. OIP is now led by the chairmen of French search engine Qwant and Hot-Maps.com, an online mapping company the main activity of which seems to be complaining about Google. Its other members include publishing companies Axel Springer, Hubert Burda Media, TV network ProSiebenSat.1, mapping companies Evermaps and Mappy, stock photo libraries Getty Images and CEPIC, and football's Premier League, among others.To read this article in full or to leave a comment, please click here

Wearables in the starting lineup for NBA and MLB?

DeAndre Jordan, the Los Angeles Clippers’ enormous and uber-athletic center, is best known for his monster dunks, State Farm commercials, and last minute change of heart over which team he wanted to play for.But Jordan recently attracted attention for a digital decision: He’s been spotted wearing a WHOOP biometric monitoring device during actual NBA games. Apparently, Jordan was a trendsetter, as ESPN reported this week that Major League Baseball has approved the WHOOP device for use during MLB games! To read this article in full or to leave a comment, please click here

HPE to pay $1 billion for Nimble Storage after cutting EMC ties

Hewlett Packard Enterprise plans to acquire Nimble Storage, a vendor of all-flash and hybrid flash storage products, for US$1 billion in an effort to pump up its offerings in those areas.Nimble Storage offers converged flash arrays with predictive software for provisioning to speed up storage performance. The offerings will work alongside technology that HPE acquired from 3Par, which also is centered around provisioning.THOUGHTS ON THE DEAL? Please comment on Network World's Facebook pageHPE needs to bulk up its storage offerings after cutting ties with EMC, which is now a part of Dell Technologies and dominates enterprise storage. Nimble Storage could be a step toward retaining existing storage customers and enticing new customers to switch over from EMC.To read this article in full or to leave a comment, please click here

Cybersecurity skills shortage holding steady

The cybersecurity skills shortage is nothing new—I’ve been writing about it for years, as have other analysts and researchers. I’ve also done countless presentations on this topic. Here’s a video where I’m interviewed on the cybersecurity skills shortage at the RSA Conference a few years ago. I also presented on this topic at the RSA Conference that same year. RELATED: Akamai CSO takes a creative approach to finding security pros I keep writing about the cybersecurity skills shortage for one consistent and troubling reason: It ain’t getting any better. Here’s a few data points to back up this claim: To read this article in full or to leave a comment, please click here

Cybersecurity Skills Shortage Holding Steady

The cybersecurity skills shortage is nothing new – I’ve been writing about it for years as have other analysts and researchers.  I’ve also done countless presentations on this topic.  Here’s a video where I’m interviewed on the cybersecurity skills shortage at the RSA Conference a few years ago.  I also presented on this topic at the RSA Conference that same year. I keep writing about the cybersecurity skills shortage for one consistent and troubling reason – it ain’t getting any better.  Here’s a few data points to back up this claim (note: I am an ESG employee):  As part of ESG’s annual IT spending intentions research, we asked respondents (i.e. about 600 IT and cybersecurity professionals in North America, EMEA, and the Asia Pacific region) to identify the different IT areas where their organization has a “problematic shortage” of skills.  Cybersecurity has been identified as the #1 “problematic shortage” area across all of IT for the past 6 years in a row. In 2017, 45% of organizations say they have a “problematic shortage” of cybersecurity skills.  This is right in line with 2016 (46%), but these last two years represented a big Continue reading

Cybersecurity skills shortage holding steady

The cybersecurity skills shortage is nothing new—I’ve been writing about it for years, as have other analysts and researchers. I’ve also done countless presentations on this topic. Here’s a video where I’m interviewed on the cybersecurity skills shortage at the RSA Conference a few years ago. I also presented on this topic at the RSA Conference that same year. RELATED: Akamai CSO takes a creative approach to finding security pros I keep writing about the cybersecurity skills shortage for one consistent and troubling reason: It ain’t getting any better. Here’s a few data points to back up this claim: To read this article in full or to leave a comment, please click here

BBC warns Facebook about child porn posts, Facebook reports BBC to cops

The BBC found itself in the no-good-deed-goes-unpunished category thanks to Facebook. Granted, the BBC was investigating for an article to see if Facebook had improved its system for removing child porn from the site after such images are reported. But trying to help “clean up” Facebook should not be rewarded by the social network reporting you to the police.Using Facebook’s “report button,” BBC journalists reported 100 images that should not be allowed on the platform according to Facebook’s guidelines that claim “nudity or other sexually suggestive content” is not permitted on the site. The images included a still from a child porn video, under-16s in sexual poses and others along the same vein. Of those, only 18 were initially removed. The other 82, Facebook said, did not violate “community standards.”To read this article in full or to leave a comment, please click here

BBC warns Facebook about child porn posts, Facebook reports BBC to cops

The BBC found itself in the no-good-deed-goes-unpunished category thanks to Facebook. Granted, the BBC was investigating for an article to see if Facebook had improved its system for removing child porn from the site after such images are reported. But trying to help “clean up” Facebook should not be rewarded by the social network reporting you to the police.Using Facebook’s “report button,” BBC journalists reported 100 images that should not be allowed on the platform according to Facebook’s guidelines that claim “nudity or other sexually suggestive content” is not permitted on the site. The images included a still from a child porn video, under-16s in sexual poses and others along the same vein. Of those, only 18 were initially removed. The other 82, Facebook said, did not violate “community standards.”To read this article in full or to leave a comment, please click here

SDN Lesson #2 – Introducing Faucet as an OpenFlow Controller

Welcome back to a new article about SDN - this time introducing an OpenFlow controller called Faucet, developed as a RYU application by New Zeeland's Research and Education (REANNZ). In this article, I am not going to write about Faucet's architecture and features since you can read about it on its github page or here or here>. Instead, I will describe the setup used for a demo presented at the Irish Network Operators Group 11th meetup (iNOG::B).

AMD hopes to break Intel server dominance with new 32-core Naples chip

The outspoken Forrest Norrod has never shied away from challenges. Previously, as a server chief at Dell, he helped the company's data-center hardware business flourish, and he loved experimenting with new types of servers.He has a new challenge as AMD's server chief: to bring back the glory days of chipmaker's server business, which is now in tatters. A mega-chip called Naples, which has 32 cores and is based on the Zen architecture, will be the first test of AMD's return to the server market.The Naples chip will ship to server makers in the second quarter of this year. The benchmarks of Naples are competitive with Intel's chips in head-to-head comparisons, said Norrod, senior vice president and general manager of AMD's Enterprise, Embedded, and Semi-Custom Business Group.To read this article in full or to leave a comment, please click here