0

Traffic Pattern Attacks: A Real Threat

Assume, for a moment, that you have a configuration something like this—

Some host, A, is sending queries to, and receiving responses from, a database at C. An observer, B, has access to the packets on the wire, but neither the host nor the server. All the information between the host and the server is encrypted. There is nothing the observer, B, can learn about the information being carried between the client and the server? Given the traffic is encrypted, you might think… “not very much.”

A recent research paper published at CCS ’16 in Vienna argues the observer could know a lot more. In fact, based on just the patterns of traffic between the server and the client, given the database uses atomic operations and encrypts each record separately, it’s possible to infer the key used to query the database (not the cryptographic key). The paper can be found here. Specifically:

We then develop generic reconstruction attacks on any system supporting range queries where either access pattern or communication volume is leaked. These attacks are in a rather weak passive adversarial model, where the untrusted server knows only the underlying query distribution. In particular, to perform our attack Continue reading

0

Huawei Seeks More Information Technology Talent in Europe

It joins the club of telco equipment makers seeking top IT talent.

0

New Ericsson CEO Has Big Job Ahead

The company needs to embrace open source and analytics to thrive.

0

How to use data to design the best market for your company

Your business spends a lot of time analyzing the market you sell to, but can you take a step back and instead create the market that you want? Experts in the little-known field of behavioral economics and market design say “yes.”To read this article in full or to leave a comment, please click here(Insider Story)

0

Google launches Trusted Contacts location sharing app

How do you feel about sharing your location with “trusted contacts”? From Google’s point of view, its new Trusted Contacts app will “help you feel safe and give your friends and family peace of mind.”The “personal safety app” will work even if your phone is offline.Google software engineer Minh Nguyen explained: Here’s how it works: Once you install the Android app, you can assign “trusted” status to your closest friends and family. Your trusted contacts will be able to see your activity status — whether you’ve moved around recently and are online — to quickly know if you're OK. If you find yourself in a situation where you feel unsafe, you can share your actual location with your trusted contacts. And if your trusted contacts are really worried about you, they can request to see your location. If everything’s fine, you can deny the request. But if you’re unable to respond within a reasonable time-frame, your location is shared automatically and your loved ones can determine the best way to help you out. Of course, you can stop sharing your location or change your trusted contacts whenever you want.To read this article in full or Continue reading

0

Google launches Trusted Contacts location sharing app

How do you feel about sharing your location with “trusted contacts”? From Google’s point of view, its new Trusted Contacts app will “help you feel safe and give your friends and family peace of mind.”The “personal safety app” will work even if your phone is offline.Google software engineer Minh Nguyen explained: Here’s how it works: Once you install the Android app, you can assign “trusted” status to your closest friends and family. Your trusted contacts will be able to see your activity status — whether you’ve moved around recently and are online — to quickly know if you're OK. If you find yourself in a situation where you feel unsafe, you can share your actual location with your trusted contacts. And if your trusted contacts are really worried about you, they can request to see your location. If everything’s fine, you can deny the request. But if you’re unable to respond within a reasonable time-frame, your location is shared automatically and your loved ones can determine the best way to help you out. Of course, you can stop sharing your location or change your trusted contacts whenever you want.To read this article in full or Continue reading

0

HPE Intros a Micro Datacenter on Wheels

It can't do 'zero to 60' but it can rev up the IoT network edge.

0

Amazon’s biggest re:Invent cloud announcements

IoT, Machine Learning and trucking data into the cloudImage by AmazonAWS’s 2016 re:Invent conference is a wrap, and if you missed any of the news check out the biggest announcements Amazon made in Las Vegas. From data analytics tools to machine learning platforms and new IoT functions, there was a lot to digest. Amazon will even truck your data into its cloud!To read this article in full or to leave a comment, please click here

0

IDG Contributor Network: How to build the business case for a digital workplace

In my blog post last month, I wrote about why digital-workplace technology has become a mandate in today’s hyper-mobile world. This month, I explore basics of building a strategy and a business case so you can get budget and make your digital workplace a reality.The other day, I heard a great story about how a colleague of mine got board approval to hire more than two dozen new staff members—and the whole negotiation took less than an hour. He used digital-workplace technology to pull a remote team member into a board meeting on the fly and run ROI scenarios in real time. Without being able to see the specific figures, the decision would have taken weeks and cost millions in potential revenue.To read this article in full or to leave a comment, please click here

0

De-Risking NFV via Systems Integration or NFV One-Stop-Shops

Because NFV is just too complicated for end users.

0

67% off iClever BoostCube 40W 4-Port USB Wall Charger with Foldable Plug – Deal Alert

This 40W/8A 4-port output wall charger from iClever detects the charging capacity of each device, and provides the fastest possible charge of up to 2.4 amps per port, charging any four USB-enabled devices simultaneously. Its compact design features a foldable plug.  It contains multiple internal protection mechanisms to guarantee the safety of your device. iClever's BoostCube averages 4.5 out of 5 stars on Amazon from nearly 1,000 people (read reviews). It's typical list price has beed reduced 67% to just $19.99. See it on Amazon.To read this article in full or to leave a comment, please click here

0

AWS Shield – Managed DDoS Protection

AWS now offers a DDOS service. Some non-specific thinking out loud on what this means.

The post AWS Shield – Managed DDoS Protection appeared first on EtherealMind.

0

Chrome bug triggered errors on websites using Symantec SSL certificates

If you've encountered errors over the past month when trying to access HTTPS-enabled websites on your computer or Android phone, it might have been due to a bug in Chrome.The bug affected the validation for some SSL certificates issued by Symantec, one of the world's largest certificate authorities, as well as by GeoTrust and Thawte, two CAs that Symantec also controls.The bug was introduced in Chrome version 53, but also affected the Android WebView component that Android apps use to display Web content, said Rick Andrews, senior technical director at Symantec in a blog post Friday.To read this article in full or to leave a comment, please click here

0

Chrome bug triggered errors on websites using Symantec SSL certificates

If you've encountered errors over the past month when trying to access HTTPS-enabled websites on your computer or Android phone, it might have been due to a bug in Chrome.The bug affected the validation for some SSL certificates issued by Symantec, one of the world's largest certificate authorities, as well as by GeoTrust and Thawte, two CAs that Symantec also controls.The bug was introduced in Chrome version 53, but also affected the Android WebView component that Android apps use to display Web content, said Rick Andrews, senior technical director at Symantec in a blog post Friday.To read this article in full or to leave a comment, please click here

0

Worth Reading: Navigating the Pentest World

The demand for penetration testing and security assessment services worldwide has been growing year-on-year. Driven largely by Governance, Risk, and Compliance (GRC) concerns, plus an evolving pressure to be observed taking information security and customer privacy seriously, most CIO/CSO/CISO’s can expect to conduct regular “pentests” as a means of validating their organizations or product’s security —CircleID

The post Worth Reading: Navigating the Pentest World appeared first on 'net work.

0

Why are Self Service, Agility and Cloud Linked?

You get agility through cloud by making the cloud self-service.

0

Network Break 115: Avaya Considers Bankruptcy; AWS Reinvents

Todays Network Break episode looks at Avayas reported consideration of Chapter 11, financial results from HPE & Nutanix, announcements from AWS ReInvent, and more The post Network Break 115: Avaya Considers Bankruptcy; AWS Reinvents appeared first on Packet Pushers.

0

OpenAI releases Universe, a platform for training AIs to play games, use apps

OpenAI, an artificial intelligence research company, wants to let AIs loose in their own universe, where they can learn to play games, use apps and interact with websites.Universe is the name of OpenAI's tool for training AIs on, as it puts it, "any task a human can complete with a computer." Using a VNC (Virtual Network Computing) remote desktop, it allows the AI to control the game or app using a virtual keyboard and mouse, and to see its output by analyzing the pixels displayed on the screen. It's essentially an interface to the company's Gym toolkit for developing reinforcement algorithms, a type of machine learning system.To read this article in full or to leave a comment, please click here

0

IDG Contributor Network: Denon + Marantz delights streaming music listeners with Oracle Service Cloud and IoT

Are you listening to streaming music right now?Spotify, SoundCloud or Pandora?You’re not alone. Streaming is the most popular way to listen to music. The Recording Industry Association of America (RIAA) reports that music streaming services are its biggest source of revenue—ahead of digital downloads and CDs.The streaming music trend is a challenge and opportunity for the music industry. D+M Group (also often referred to as Denon + Marantz Electronics), with over 100 years of audio heritage, is no stranger to changing trends. It designs, manufactures and sells consumer and professional audio, video and media equipment. Its amplifiers and speakers and multi-room audio are used around the globe.To read this article in full or to leave a comment, please click here

0

Major IT outsourcing acquisition will have mixed impact

The announcement that outsourcing consultancy Information Services Group (ISG) will acquire competitor Alsbridge marked the biggest M&A announcement in the IT services advisory industry since KPMG bought EquaTerra in 2011. The two large independent outsourcing advisors are joining forces to create a 1,300-person firm with offices in 20 countries revenues targeted at between $285 and $300 million in 2017.[ Related: Cloud services now account for a third of IT outsourcing market ]The combined firm, with its expanded services, data and market intelligence, could put pressure on the big consultancies who offer IT outsourcing advisory services. “ISG's principle competitors — KPMG. Deloitte, EY and PwC — now have a bigger, badder ISG to contend with that can not only undercut them on fees but also can boast competencies in the emerging area of RPA, where the Big Four are currently winning out,” HfS Research CEO Phil Fersht recently wrote in a blog.To read this article in full or to leave a comment, please click here