0

‘Golden keys’ that unlock Windows’ Secure Boot protection discovered

Microsoft just offered a masterclass on why building back doors into secure systems are a bad idea. Two security researchers who go by the handles @never_released and @TheWack0lian on Twitter recently announced in a blog post that malicious actors can bypass Windows’ Secure Boot feature on vulnerable machines, as first reported by ZDNet.To read this article in full or to leave a comment, please click here

0

Snowden and Huang hope to help smartphones go dark

“Privacy is dead,” has been a mantra, for different reasons, for generations. In the cybersecurity community, it has been conventional wisdom for at least a decade. But Edward Snowden and Andrew “bunnie” Huang apparently think they can revive it a bit, at least if you own an iPhone 6. Their goal, they say in a white paper titled, “Against the Law – Countering Lawful Abuses of Digital Surveillance,” is to create an add-on hardware component that will protect “front-line journalists” in repressive regimes where governments have demonstrated the capability to track people through their smartphones even if the devices are set to “Airplane Mode.”To read this article in full or to leave a comment, please click here

0

Snowden and Huang hope to help smartphones go dark

“Privacy is dead,” has been a mantra, for different reasons, for generations. In the cybersecurity community, it has been conventional wisdom for at least a decade. But Edward Snowden and Andrew “bunnie” Huang apparently think they can revive it a bit, at least if you own an iPhone 6. Their goal, they say in a white paper titled, “Against the Law – Countering Lawful Abuses of Digital Surveillance,” is to create an add-on hardware component that will protect “front-line journalists” in repressive regimes where governments have demonstrated the capability to track people through their smartphones even if the devices are set to “Airplane Mode.”To read this article in full or to leave a comment, please click here

0

Open source R extension simplifies data science with IBM Watson

With the release of CognizeR, an open source extension for the statistical computing-focused R programming language, Columbus Collaboratory is aiming to simplify data science with IBM Watson."Our goal was to connect data scientists everywhere with cognitive computing in a software environment they already know and love: R," Ty Henkaline, chief analytics innovator at Columbus Collaboratory, said in a statement yesterday. "CognizeR now shortens the journey toward building real cognitive solutions by providing quick and easy access to Watson services. Releasing this code to the open source community advances our mission of delivering accelerated business value to our member companies and beyond."To read this article in full or to leave a comment, please click here

0

Four free tools for handling Amazon Web Services security incident response

Responding to security incidents that involve deployments within Amazon Web Services is a lot different from responding to incidents that happen on corporate-owned gear, and two researchers have come up with free tools to make that process easier.Obtaining forensic evidence is different, primarily because security pros can’t obtain physical access to the machines on which their AWS instances are running.+More on Network World: Black Hat: 9 free security tools for defense & attacking+To read this article in full or to leave a comment, please click here

0

Four free tools for handling Amazon Web Services security incident response

Responding to security incidents that involve deployments within Amazon Web Services is a lot different from responding to incidents that happen on corporate-owned gear, and two researchers have come up with free tools to make that process easier.Obtaining forensic evidence is different, primarily because security pros can’t obtain physical access to the machines on which their AWS instances are running.+More on Network World: Black Hat: 9 free security tools for defense & attacking+To read this article in full or to leave a comment, please click here

0

Rackspace Integrates Azure into Its Managed Security

Rackspace Managed Security includes a response team.

0

Open vSwitch finds new home at the Linux Foundation

The developers of open source virtual networking technology Open vSwitch (OVS) said this week they will move future development to the Linux Foundation Project.The move releases Open vSwitch, which usually runs on hypervisors, up to a greater number of developers who can use it to further develop tools and applications for the virtual networking world. OVS works on a wide variety of systems, including Linux, DPDK, Hyper-V, and FreeBSD. The technology is used in a variety of Software Defined Networking applications, including NFV and network virtualization and it is the most widely used networking back-end in OpenStack, the foundation said.To read this article in full or to leave a comment, please click here

0

66% off CrossOver, and Run Windows Apps On Your Mac – Deal Alert

It’s no secret that Windows, Mac, and Linux are the three major operating systems dominating the market today—and that their incompatibility often creates issues for users. For the inevitable moments when you need to use a Windows app on your Linux or Mac, there’s CrossOver 15 for Mac and Linux, now only $19.99.With CrossOver 15, you can launch Windows apps, from productivity software to games, natively on your Mac or Linux PC. You’ll be able to operate Windows software at native speed and integrate seamlessly with your native desktop environment, as well as backup your software and move it between machines with bottles.To read this article in full or to leave a comment, please click here

0

IDG Contributor Network: Big data for guide dogs. IBM helps train service dogs

I love the idea of big data. Being able to derive insights from the ever-increasing stream of information out there is an awesome promise. But alas, a good proportion of the case studies we hear about big data end up being about how big data is used to tailor sales and marketing messages and eke out a few cents extra on every transaction. It may be the reality of our commercial world, but it's sad to see a promising technology applied this way.So, it was nice to receive a pitch from IBM's cloud computing division about how it is partnering with Guiding Eyes for the Blind to bring dogs and data together. While it may sound like an April Fool's joke, IBM is taking structured and unstructured canine data and putting it on the IBM cloud to crunch numbers and generate insights.To read this article in full or to leave a comment, please click here

0

Uncovering Network Performance Killers

0

Former Google Engineers Launch Xperiel with $7M in Funding

Google board member and VMware founder Diane Greene is an investor.

0

The U.S. government now has an open source policy—but it doesn’t go far enough

This week, the U.S. government unveiled its official Federal Source Code policy.Here is, in my opinion, the key excerpt from the announcement: “The policy, which incorporates feedback received during the public comment period, requires new custom-developed source code developed specifically by or for the Federal Government to be made available for sharing and re-use across all Federal agencies. It also includes a pilot program that will require Federal agencies to release at least a portion of new custom-developed Federal source code to the public and support agencies in going beyond that minimum requirement.”To read this article in full or to leave a comment, please click here

0

Worth Reading: Physics and distributed systems

If you squint hard enough, many of the challenges of distributed computing appear similar to the work done by the great physicists. Dang, those fellows were smart! Here, we examine some of the most important physics breakthroughs and draw some whimsical parallels to phenomena in the world of computing… just for fun. —ACM Queue

The post Worth Reading: Physics and distributed systems appeared first on 'net work.

0

How well does social engineering work? One test returned 150%

White hat hackers see companies at their worst.  It is, after all, their job to expose weaknesses. Network World Editor in Chief John Dix recently chatted with penetration testing expert Josh Berry, Senior Technology Manager at Accudata Systems, an IT consulting and integration firm based in Houston, to learn more about the attack techniques he encounters and what he advises clients do to fight back. Josh Berry, Senior Technology Manager, Accudata SystemsTo read this article in full or to leave a comment, please click here

0

How well does social engineering work? One test returned 150%

White hat hackers see companies at their worst.  It is, after all, their job to expose weaknesses. Network World Editor in Chief John Dix recently chatted with penetration testing expert Josh Berry, Senior Technology Manager at Accudata Systems, an IT consulting and integration firm based in Houston, to learn more about the attack techniques he encounters and what he advises clients do to fight back. Josh Berry, Senior Technology Manager, Accudata SystemsTo read this article in full or to leave a comment, please click here

0

Network and system analytics as a Docker service

The diagram shows how new and existing cloud based or locally hosted orchestration, operations, and security tools can leverage the sFlow-RT analytics service to gain real-time visibility. Network visibility with Docker describes how to install open source sFlow agents to monitor network activity in a Docker environment in order to gain visibility into Docker Microservices.

The sFlow-RT analytics software is now on Docker Hub, making it easy to deploy real-time sFlow analytics as a Docker service:

docker run -p 8008:8008 -p 6343:6343/udp -d sflow/sflow-rt

Configure standard sFlow Agents to stream telemetry to the analyzer and retrieve analytics using the REST API on port 8008.

Increase memory from default 1G to 2G:

docker run -e "RTMEM=2G" -p 8008:8008 -p 6343:6343/udp -d sflow/sflow-rt

Set System Property to enable country lookups when Defining Flows:

docker run -e "RTPROP=-Dgeo.country=resources/config/GeoIP.dat" -p 8008:8008 -p 6343:6343/udp -d sflow/sflow-rt

Run sFlow-RT Application. Drop the -d option while developing an application to see output of logging commands and use control-c to stop the container.

docker run -v /Users/pp/my-app:/sflow-rt/app/my-app -p 8008:8008 -p 6343:6343/udp -d sflow/sflow-rt

A simple Dockerfile can be used to generate a new image that includes the application:

FROM sflow/sflow-rt:latest
COPY /Users/pp/my-app /sflow-rt/app

Similarly, Continue reading

0

What will space living look like? NASA picks 6 habitat prototypes

NASA this week picked six companies to develop prototype deep space habitats that astronauts could somewhat comfortably live in on long space journeys – particularly to Mars.According to NASA, an effective habitat contains “pressurized volume plus an integrated array of complex systems and components that include a docking capability, environmental control and life support systems, logistics management, radiation mitigation and monitoring, fire safety technologies, and crew health capabilities.” +More on Network World: The weirdest, wackiest and coolest sci/tech stories of 2016 (so far!)To read this article in full or to leave a comment, please click here

0

9 things great project leaders do every day

(Insider Story)

0

How to get started with a private Windows Store for Business

The Windows Store for Business is a counterpart to the consumer Windows Store so familiar to home users. That means you can find the same universal Windows Platform apps in both stores. One difference is that the Store for Business works only with devices running Windows 10 or Windows 10 Mobile, where the consumer Windows Store supports devices running Windows 8 and 8.1 as well.To read this article in full or to leave a comment, please click here(Insider Story)