Facebook delivers its state of the open source union

There’s no doubting Facebook’s commitment to open-source projects. The company has a portfolio of over 400 open-source projects with over a half million followers. A look at the top five projects gives a bird’s eye view of Facebook’s obsession with unifying and improving the effectiveness of its large internal developer community, automating the process of building software by continually deploying it, and operating at a scale matched by just a few other companies, such as Amazon, Google and Microsoft.The commit statistics below are a measure of the development activity of Facebook’s top five open-source projects that impact different parts of software development and execution. A commit is a revision or additional file usually containing software code that is saved to a GitHub repository. The commit is saved with a unique generated ID or hash and is time-stamped so that code contributions can be managed from creation through final release.To read this article in full or to leave a comment, please click here

2016’s biggest social media stories

Social media had a big 2016. The medium and all of the leading social companies reached new heights of influence … but not without consequence. These are the stories that shaped the conversations and intrigue around social media during the past year.Social media and the 2016 presidential election The American public is still grappling with all the ways social media shaped the 2016 presidential campaign. However, CIO.com uncovered how social media brings out the darker side of digital introverts and often amplifies slanted views or political biases. During the final weeks of the 2016 presidential election it became quite clear that social could not be more powerful or dangerous.To read this article in full or to leave a comment, please click here

Has VMware found a cloud strategy savior in AWS?

Adversity makes strange bedfellows, and in the case of VMware — a company that has made its fortune selling server virtualization software — that bedfellow is Amazon Web Services (AWS), the  public cloud leviathan.Let's rewind to the middle of October, when Mark Lohmeyer, a VMware cloud business unit vice president,  announced that the company was forming a strategic partnership with AWS so that VMware's server virtualization and other software could be run in the AWS public cloud. The idea is that VMware customers using the company's software to run a private cloud in their own data centers will be able to expand into a similar VMware infrastructure run in AWS's public cloud, thereby forming a VMware-based hybrid cloud. The VMware software (called vCenter) used by company administrators to manage the private cloud will reach into the AWS cloud to manage the VMware software running there as well.To read this article in full or to leave a comment, please click here

Nmap security scanner gets new scripts, performance boosts

The Nmap Project just released the Holiday Edition of its open source cross-platform security scanner and network mapper, with several important improvements and bug fixes.New features in Nmap 7.40 include Npcap 0.78r5, for adding driver signing updates to work with Windows 10 Anniversary Update; faster brute-force authentication cracking; and new scripts for Nmap Script Engine, the project’s maintainer Fyodor wrote on the Nmap mailing list.[ Give yourself a technology career advantage with InfoWorld's Deep Dive technology reports and Computerworld's career trends reports. GET A 15% DISCOUNT through Jan.15, 2017: Use code 8TIISZ4Z. ] The de facto standard network mapping and port scanning tool, Nmap (Network Mapper) Security Scanner is widely used by IT and security administrators for network mapping, port-scanning, and network vulnerability testing. Administrators can run Nmap against the network to find open ports, determine what hosts are available on the network, identify what services those hosts are offering, and detect any network information leaked, such as the type of packet filters and firewalls in use.To read this article in full or to leave a comment, please click here

Nmap security scanner gets new scripts, performance boosts

The Nmap Project just released the Holiday Edition of its open source cross-platform security scanner and network mapper, with several important improvements and bug fixes.New features in Nmap 7.40 include Npcap 0.78r5, for adding driver signing updates to work with Windows 10 Anniversary Update; faster brute-force authentication cracking; and new scripts for Nmap Script Engine, the project’s maintainer Fyodor wrote on the Nmap mailing list.[ Give yourself a technology career advantage with InfoWorld's Deep Dive technology reports and Computerworld's career trends reports. GET A 15% DISCOUNT through Jan.15, 2017: Use code 8TIISZ4Z. ] The de facto standard network mapping and port scanning tool, Nmap (Network Mapper) Security Scanner is widely used by IT and security administrators for network mapping, port-scanning, and network vulnerability testing. Administrators can run Nmap against the network to find open ports, determine what hosts are available on the network, identify what services those hosts are offering, and detect any network information leaked, such as the type of packet filters and firewalls in use.To read this article in full or to leave a comment, please click here

NEXT PLAY — 2017

2017 tech outlook — and saving predictions from the digital dustbin

Anyone who has ever done any news video knows that much of what originally gets recorded winds up on the cutting room floor, or these days, in the digital dustbin. That's usually for the best and that was the case recently when myself and other IDG editors were asked to share our 2017 tech predictions, as seen in the embedded video here. But since I went to the effort of coming up with another prediction, beyond expecting 5G hype to crank up in 2017, and looked back to see how my 2016 predictions fared, I figured I'd lay that all out here. My other prediction, which was essentially thrust upon me every time I attended a conference in the second half of 2016, or more recently, peered into my email inbox, is that enterprise IT staffs are going to be inundated with requests by higher ups and end users to support conversational interfaces and chatbots.To read this article in full or to leave a comment, please click here

BrandPost: Assess Your Organization’s DevOps Maturity

Portions of this post were originally posted on the Puppet blog, and republished here with Puppet's permission.DevOps practices and cultural norms positively impact IT and organizational performance. Our annual State of DevOps Report demonstrates how DevOp improves operational efficiency, creates space for innovation and increases employee engagement.To read this article in full or to leave a comment, please click here

Protect your privacy with surveillance-defeating sunglasses

Have you done something for yourself lately? If you end up with holiday money to spare, then you might consider buying yourself a cool pair of shades that would help protect your privacy while you are out in public.I saw Reflectacles on Kickstarter a few weeks ago, but since this is likely my last article of 2016, then I wanted to make sure you know about these surveillance-defeating glasses as well.The glasses are the brainchild of Scott Urban who claims that wearing Reflectables “ensure you’re noticed and anonymous at the same time.” The anonymous portion is due to light-reflecting frames which can end up looking like a big, shiny blur when captured by CCTV. Since the wearer’s face can’t be seen in any detail behind the bright glare of the glasses, it renders facial recognition tech useless.To read this article in full or to leave a comment, please click here

Ingenu and Sigfox Expand IoT Networks in U.S. Cities

Getting permits to deploy its network proved challenging for Ingenu.

IDG Contributor Network: Lax IoT device security threatens to pollute the internet

DVRs, IP cameras and other smart products could become the next wave of pollutants that threaten how we live if the security issues around Internet of Things (IoT) devices aren’t addressed.We’ve already seen that too much IoT pollution can wreck our computing environment. The October DDoS attack that brought down Twitter, Netflix and other major websites for a large portion of the U.S. was launched by a botnet comprised of Web cameras, printers and other IoT devices.+ Also on Network World: 2017 security predictions + And while having those sites offline was an inconvenience, the results of that attack weren’t devastating. But future DDoS attacks that throw terabits of data at servers could have more disastrous results. Instead of going after an internet traffic management company, the attackers could target a hospital or a utility provider. Not being able to binge-watch Netflix shows pales in seriousness when compared to cities not having electricity or a doctor being unable to access electronic medical records.To read this article in full or to leave a comment, please click here

IDG Contributor Network: This holiday, design your cloud for data

It’s that time of the year. Ready, set, shop. Whether it's an iPad, a new car or a big egg with a light-up bird inside—like this year’s Hatchimals—every holiday season is filled with the must-have gifts that send consumers into a shopping frenzy.For retailers, the good news is consumers are in the mood to spend during the holiday season. The challenge is meeting consumer demands and battling intensifying competition.The National Retail Federation (NRF) expects retail sales in November and December (excluding autos, gas and restaurants) to reach $655.8 billion. Online sales are forecasted to reach $117 billion this season. And, of course, Cyber Monday plays a huge role in online sales.To read this article in full or to leave a comment, please click here

Worth Reading: The spillover effect

At the same time that default and end-to-end encryption enables dissidents to communicate, it also enables terrorists and other criminals to plot and plan without fear of detection. It means that even when a judge signs off on a warrant based on probable cause to believe that a particular device or account contains evidence of a crime that has been or is about to be committed, law enforcement cannot unlock the smartphone or obtain the relevant data in readable form. The concern is that criminals may go free, and dangerous plots may be left undetected. Comey and other law enforcement officials want US-based companies to provide sought-after data in readable form and to maintain the technological capacity to do so. But the approach is controversial; a powerful coalition of companies, civil liberties groups, and many others decries such efforts at mandated access as undercutting security for us all. —The Hoover Institution

The post Worth Reading: The spillover effect appeared first on 'net work.

VMware removes hard-coded root access key from vSphere Data Protection

VMware has released a hotfix for vSphere Data Protection (VDP) to change a hard-coded SSH key that could allow remote attackers to gain root access to the virtual appliance.VDP is a disk-based backup and recovery product that runs as an open virtual appliance (OVA). It integrates with the VMware vCenter Server and provides centralized management of backup jobs for up to 100 virtual machines.According to a VMware support article, the vSphere Data Protection (VDP) appliance contains a static SSH private key with a known password. This key allows interoperability with EMC Avamar, a deduplication backup and recovery software solution, and is pre-configured on the VDP as an AuthorizedKey.To read this article in full or to leave a comment, please click here

NFV Popularity Makes MANO a Higher Priority

NFV popularity is forcing more companies to make MANO a higher priority so they can combat virtual server sprawl.

Tata Picks Versa for SD-WAN in its Global Network

The global carrier Tata is using Versa for one SD-WAN option.

Microsoft launches a Windows error code troubleshooting site

If you have used Windows for any length of time, you've undoubtedly been hit with an error code during an Update that told you absolutely nothing. "Error code: 0x80070422?" What the hell does that mean? If you were industrious, you could Google the code and maybe find a post on a Microsoft forum or elsewhere that offered some kind of clue as to what the error was and perhaps a solution. Now Microsoft has given us something a little more official. It’s a web page on the company’s support site called Fix Windows Update Errors that aims to help Windows users resolve update-related errors.To read this article in full or to leave a comment, please click here

A Very WebP New Year from Cloudflare

Cloudflare has an automatic image optimization feature called Polish, available to customers on paid plans. It recompresses images and removes unnecessary data so that they are delivered to browsers more quickly.

Up until now, Polish has not changed image types when optimizing (even if, for example, a PNG might sometimes have been smaller than the equivalent JPEG). But a new feature in Polish allows us to swap out an image for an equivalent image compressed using Google’s WebP format when the browser is capable of handling WebP and delivering that type of image would be quicker.

CC-BY 2.0 image by John Stratford

What is WebP?

The main image formats used on the web haven’t changed much since the early days (apart from the SVG vector format, PNG was the last one to establish itself, almost two decades ago).

WebP is a newer image format for the web, proposed by Google. It takes advantage of progress in image compression techniques since formats such as JPEG and PNG were designed. It is often able to compress the images into a significantly smaller amount of data than the older formats.

WebP is versatile and able to replace the three main Continue reading

What India’s Banking Industry Breach Can Teach Us About the Importance of Collaboration

Dan Geer Revisits 2014 BlackHat Recommendations: More Industry Recognition of the Problem, Much Left To Do