OSPF TLVs: Taking advantage of improvements in computing power

OSPF was originally designed in an age when processors were much less capable, available memory was much smaller, and link bandwidths were much lower. To conserve processing power, memory, and n-the-wire bandwidth, OSPF was designed using fixed length fields (FLFs). TLVs are more difficult to process than an FLF; to process a set of FLFs, you build a structure that mimics the FLF formatting, and simple “impose” it on the memory location where you have stored the data to be decoded, as shown below.

In the FLF model, the structure can simply be imposed on the memory locations, and the values can be read directly. In the TLV model, each type code must be read to determine the kind of information and the length must be read to determine the size of the field. Only once these two items in the TLV header have been read can the actual data be related to a particular field in the resulting data structure.

In the intervening years, however, compute, storage, and network capabilities have increased dramatically; the following chart, taken from a book I’m working on, shows this growth since about the start of the “network era.”

As compute, storage, and Continue reading

US net neutrality repeal worries IT workers

More than eight in 10 U.S. IT workers support the nation's net neutrality regulations, and many are worried that President Donald Trump administration's likely repeal of the rules will hurt their industry.Eighty-two percent of 411 IT workers responding to an online survey by Spiceworks support the net neutrality rules, while just 11 percent oppose them, the company said Wednesday. If the Federal Communications Commission's net neutrality rules are repealed, 59 percent of respondents said they believe their companies' internet costs will rise, and 47 percent said they believe their companies' access to important internet services will be degraded.To read this article in full or to leave a comment, please click here

US net neutrality repeal worries IT workers

More than eight in 10 U.S. IT workers support the nation's net neutrality regulations, and many are worried that President Donald Trump administration's likely repeal of the rules will hurt their industry.Eighty-two percent of 411 IT workers responding to an online survey by Spiceworks support the net neutrality rules, while just 11 percent oppose them, the company said Wednesday. If the Federal Communications Commission's net neutrality rules are repealed, 59 percent of respondents said they believe their companies' internet costs will rise, and 47 percent said they believe their companies' access to important internet services will be degraded.To read this article in full or to leave a comment, please click here

What to ask IDaaS vendors before you buy

Identity as a service (IDaaS), also known as identity and access management as a service, uses a cloud infrastructure for securely managing user identities and access enforcement. At its most basic level, IDaaS enables single sign-on (SSO) for systems in the cloud or on-premises, but it goes well beyond that to include access provisioning and deprovisioning, governance and analytics.To read this article in full or to leave a comment, please click here(Insider Story)

What to ask IDaaS vendors before you buy

Identity as a service (IDaaS), also known as identity and access management as a service, uses a cloud infrastructure for securely managing user identities and access enforcement. At its most basic level, IDaaS enables single sign-on (SSO) for systems in the cloud or on-premises, but it goes well beyond that to include access provisioning and deprovisioning, governance and analytics.Leading vendors in the IDaaS field in 2016 (per Gartner) included Okta, Microsoft and Centrify, with OneLogin, Ping Identity, SailPoint, Covisint, Salesforce, Lighthouse Security (IBM) and EMC/RSA figuring prominently as well. Although each company offers IDaaS, differences in feature sets and capabilities can make one solution preferable over the others for a particular organization.To read this article in full or to leave a comment, please click here(Insider Story)

Ransomware makes California nursing school feel ill

About three months ago, an instructor at Gurnick Academy, a California-based nursing school, had his biggest fear come alive. When he tried to access his lectures, the files were encrypted. The teacher was literally locked out of his classroom.If it wasn’t for a quick acting IT department, the entire school might have been in the same situation. They noticed the incident at the early stage and managed to prevent the encryption from spreading by disconnecting the infected device from the corporate network.Val Paschenko, IT department manager at the school, said the instructor was met with a ransomware note demanding 1 bitcoin or $740 in exchange for the files to be decrypted. The instructor called support and requested to get his files back, but it was already too late. He lost some recently created files, and he needed to redo some of his work. It took a few hours to reinstall the OS and configure everything; obviously during that time he was not able to work on his PC. To read this article in full or to leave a comment, please click here

Ransomware makes California nursing school feel ill

About three months ago, an instructor at Gurnick Academy, a California-based nursing school, had his biggest fear come alive. When he tried to access his lectures, the files were encrypted. The teacher was literally locked out of his classroom.If it wasn’t for a quick acting IT department, the entire school might have been in the same situation. They noticed the incident at the early stage and managed to prevent the encryption from spreading by disconnecting the infected device from the corporate network.Val Paschenko, IT department manager at the school, said the instructor was met with a ransomware note demanding 1 bitcoin or $740 in exchange for the files to be decrypted. The instructor called support and requested to get his files back, but it was already too late. He lost some recently created files, and he needed to redo some of his work. It took a few hours to reinstall the OS and configure everything; obviously during that time he was not able to work on his PC. To read this article in full or to leave a comment, please click here

Dictionary: Shallow Packet Inspection 

Vendors marketing is getting overexcited with hyperbole and suddenly basic filtering such as access-lists are Deep Packet Inspection.

Packet munging for layer 2-4 is shallow packet inspection. Specifically, its when you match Ethernet MAC, IP Addresses and TCP/UDP port numbers but nothing else. At time of writing, shallow packet inspection is simple, cheap and part of the forwarding ASIC.

Devices that perform inspection at Layer 5-7 of the OSI model is deep packet inspection (DPI). This requires exponentially more complex handling of the data in the ASICs, awareness of data formats and flow operations. In addition, the applications that configure are complex and sophisticated (the CLI just doesn’t cut it).

The post Dictionary: Shallow Packet Inspection  appeared first on EtherealMind.

My worst tech purchase ever

As you can see from my profile picture above, I’ve been around the tech industry for a while now. And while I’ve surely learned a thing or two over the years, much of that wisdom has come at a heavy price.  I’ve spent years following dead-end technologies down rabbit holes, getting up to speed on promising new software that never came close to living up to its hype, and jumping on board publications that were just about to give up the ghost. But lately I took some time to think about the absolutely worst tech product I ever bought with my own hard-earned dineros. And as it turned out, it was pretty much a no-brainer to settle on the winner (or loser, I guess, depending on how you look at it) as well as two runners-up. To read this article in full or to leave a comment, please click here

Worth Reading: Fix EULAs

Traditionally, once a person has purchased a product, she has been free to use it however she sees fit without oversight or control from the copyright owner. Purchasers have also been free to use competitors’ add-on software and hardware that interoperate with the goods they buy, because innovators have been able to develop and distribute such technologies. That expectation is upended when it comes to products that come with embedded software, from tractors to refrigerators to toasters and children’s toys. That software is supposed to make our stuff smarter, but it also makes our stuff not really ours. —EFF

The post Worth Reading: Fix EULAs appeared first on 'net work.

41% off Netgear Arlo Security System Wireless HD Camera, Indoor/Outdoor, Night Vision – Deal Alert

The Arlo camera is a 100 Percent Wire-Free, completely wireless, HD smart home security camera – so you can get exactly the shot you need – inside or out. The Arlo camera is weatherproof and includes motion detection, night vision, and apps. It can capture clips and send you alerts whether you’re at home or away for round-the-clock peace of mind.  These motion activated cameras initiate automatic recording and alert you via email or app notifications. Free apps enable remote monitoring from anywhere and with the built-in night vision you’ll even see in dark.  This security camera currently averages 4 out of 5 stars on Amazon from almost 10,000 customers (read reviews) and its list price of $219.99 is currently discounted 41% to $129.99.To read this article in full or to leave a comment, please click here

41% off Netgear Arlo Security System Wireless HD Camera, Indoor/Outdoor, Night Vision – Deal Alert

The Arlo camera is a 100 Percent Wire-Free, completely wireless, HD smart home security camera – so you can get exactly the shot you need – inside or out. The Arlo camera is weatherproof and includes motion detection, night vision, and apps. It can capture clips and send you alerts whether you’re at home or away for round-the-clock peace of mind.  These motion activated cameras initiate automatic recording and alert you via email or app notifications. Free apps enable remote monitoring from anywhere and with the built-in night vision you’ll even see in dark.  This security camera currently averages 4 out of 5 stars on Amazon from almost 10,000 customers (read reviews) and its list price of $219.99 is currently discounted 41% to $129.99.To read this article in full or to leave a comment, please click here

41% off Netgear Arlo Security System Wireless HD Camera, Indoor/Outdoor, Night Vision – Deal Alert

The Arlo camera is a 100 Percent Wire-Free, completely wireless, HD smart home security camera – so you can get exactly the shot you need – inside or out. The Arlo camera is weatherproof and includes motion detection, night vision, and apps. It can capture clips and send you alerts whether you’re at home or away for round-the-clock peace of mind.  These motion activated cameras initiate automatic recording and alert you via email or app notifications. Free apps enable remote monitoring from anywhere and with the built-in night vision you’ll even see in dark.  This security camera currently averages 4 out of 5 stars on Amazon from almost 10,000 customers (read reviews) and its list price of $219.99 is currently discounted 41% to $129.99.To read this article in full or to leave a comment, please click here

Guy who swore off smartphones tries to use a smartphone

For the past several years, I have been completely free of smartphones and cell phone. For a variety of reasons (mostly privacy related), I have simply avoided them.  My life really hasn’t been worse because of it. I still have portable computing devices (tablets, UMPCs, PDAs and the like) that allow me to communicate with the world while on the go—I just need to find a Wi-Fi hotspot to do so. A minor annoyance, to be sure, but it seems like a reasonable trade-off for the increase in personal privacy and security.  Then again, it’s been so many years since I’ve had a cell phone. What if my understanding of the value of having a good smartphone is outdated? What if smartphones have improved so dramatically that their value would outweigh the privacy concerns?To read this article in full or to leave a comment, please click here

44% off HAVIT Rainbow Backlit Wired Gaming Keyboard and Mouse Combo – Deal Alert

Keyboard is splash resistant, anti-skid, and features simultaneous operation of up to 19 keys without conflict and 12 multimedia keys. Rainbow LED Backlit with multiple modes including breathing, which exists on the mouse as well. The highly rated gaming keyboard/mouse combo is discounted 44%, from $57 to just $32. See it on Amazon.To read this article in full or to leave a comment, please click here

Kaspersky Lab employee reportedly arrested in Russia on treason charges

One of the leading cybercrime investigators at antivirus vendor Kaspersky Lab was reportedly arrested in Russia as part of a probe into activities that could represent high treason. According to Russian newspaper Kommersant, Ruslan Stoyanov, the head of the computer incidents investigation team at Kaspersky, was arrested in December as part of an investigation that also targeted Sergei Mikhailov, the deputy head of the Information Security Center at the FSB, Russia's internal security service. Russian authorities are investigating Mikhailov in connection to the receipt of money from a foreign organization, an unnamed source close to the FSB reportedly told the newspaper.To read this article in full or to leave a comment, please click here

Kaspersky Lab employee reportedly arrested in Russia on treason charges

One of the leading cybercrime investigators at antivirus vendor Kaspersky Lab was reportedly arrested in Russia as part of a probe into activities that could represent high treason. According to Russian newspaper Kommersant, Ruslan Stoyanov, the head of the computer incidents investigation team at Kaspersky, was arrested in December as part of an investigation that also targeted Sergei Mikhailov, the deputy head of the Information Security Center at the FSB, Russia's internal security service. Russian authorities are investigating Mikhailov in connection to the receipt of money from a foreign organization, an unnamed source close to the FSB reportedly told the newspaper.To read this article in full or to leave a comment, please click here

Russia’s FSB arrests Kaspersky’s top cybercrime investigator for treason

A top-notch cybercrime investigator, who heads up the Kaspersky Lab team that investigates hacks, has been arrested by Russian law enforcement for possible treason.An unnamed source close to Russia’s Federal Security Service (FSB) told the newspaper Kommersant that Ruslan Stoyanov may be linked to an investigation into Sergei Mikhailov, a deputy chief of the FSB’s Center for Information Security. Both men were arrested in December.Kaspersky Lab confirmed the report of Stoyanov’s arrest in Kommersant, then tweeted the following statement: “The case against this employee does not involve Kaspersky Lab. The employee, who is Head of the Computer Incidents Teams, is under investigation for a period predating his employment at Kaspersky Lab. We do not possess details of the investigation.”To read this article in full or to leave a comment, please click here

Russia’s FSB arrests Kaspersky’s top cybercrime investigator allegedly for treason

A top-notch cybercrime investigator, who heads up the Kaspersky Lab team that investigates hacks, has been arrested by Russian law enforcement for possible treason.An unnamed source close to Russia’s Federal Security Service (FSB) told the newspaper Kommersant that Ruslan Stoyanov may be linked to an investigating into Sergei Mikhailov, a deputy chief of the FSB’s Center for Information Security. Both men were arrested in December.Kaspersky Lab confirmed the report of Stoyanov’s arrest in Kommersant, then tweeted the following statement: “The case against this employee does not involve Kaspersky Lab. The employee, who is Head of the Computer Incidents Teams, is under investigation for a period predating his employment at Kaspersky Lab. We do not possess details of the investigation.”To read this article in full or to leave a comment, please click here

Russia’s FSB arrests Kaspersky’s top cybercrime investigator for treason

A top-notch cybercrime investigator, who heads up the Kaspersky Lab team that investigates hacks, has been arrested by Russian law enforcement for possible treason.An unnamed source close to Russia’s Federal Security Service (FSB) told the newspaper Kommersant that Ruslan Stoyanov may be linked to an investigation into Sergei Mikhailov, a deputy chief of the FSB’s Center for Information Security. Both men were arrested in December.Kaspersky Lab confirmed the report of Stoyanov’s arrest in Kommersant, then tweeted the following statement: “The case against this employee does not involve Kaspersky Lab. The employee, who is Head of the Computer Incidents Teams, is under investigation for a period predating his employment at Kaspersky Lab. We do not possess details of the investigation.”To read this article in full or to leave a comment, please click here