Microsoft invokes Supreme Court opinion in Ireland email case

Microsoft believes its refusal to turn over email held in Ireland to the U.S. government got a boost from an opinion of the Supreme Court on Monday, which upheld that U.S. laws cannot apply extraterritorially unless Congress has explicitly provided for it.In a decision Monday in a separate case on the extraterritorial application of a provision of the Racketeer Influenced and Corrupt Organizations Act (RICO), the Supreme Court set out the ground rules for its analysis, pointing out that “absent clearly expressed congressional intent to the contrary, federal laws will be construed to have only domestic application.” The court was applying a canon of statutory construction known as the presumption against extraterritoriality.To read this article in full or to leave a comment, please click here

Microsoft invokes Supreme Court opinion in Ireland email case

Microsoft believes its refusal to turn over email held in Ireland to the U.S. government got a boost from an opinion of the Supreme Court on Monday, which upheld that U.S. laws cannot apply extraterritorially unless Congress has explicitly provided for it.In a decision Monday in a separate case on the extraterritorial application of a provision of the Racketeer Influenced and Corrupt Organizations Act (RICO), the Supreme Court set out the ground rules for its analysis, pointing out that “absent clearly expressed congressional intent to the contrary, federal laws will be construed to have only domestic application.” The court was applying a canon of statutory construction known as the presumption against extraterritoriality.To read this article in full or to leave a comment, please click here

Directed ARP Saga Continues

Reading my Directed ARP and ICMP Redirects blog post you might have wondered “how did Directed ARP ever get into ***redacted***?”

I searched for “directed ARP cisco” and found this gem, which really talks about unicast ARP behavior, an ancient mechanism documented in RFC 1122 (it’s not my Google-Fu, I got the reference to RFC 1122 in this blog post).

Apstra OS Can Detect Data Center Problems

Trials are occurring now and OS will be available this summer.

This Android malware can secretly root your phone and install programs

Android users beware: a new type of malware has been found in legitimate-looking apps that can “root” your phone and secretly install unwanted programs.The malware, dubbed Godless, has been found lurking on app stores including Google Play, and it targets devices running Android 5.1 (Lollipop) and earlier, which accounts for more than 90 percent of Android devices, Trend Micro said Tuesday in a blog post.Godless hides inside an app and uses exploits to try to root the OS on your phone. This basically creates admin access to a device, allowing unauthorized apps to be installed.To read this article in full or to leave a comment, please click here

This Android malware can secretly root your phone and install programs

Android users beware: a new type of malware has been found in legitimate-looking apps that can “root” your phone and secretly install unwanted programs.The malware, dubbed Godless, has been found lurking on app stores including Google Play, and it targets devices running Android 5.1 (Lollipop) and earlier, which accounts for more than 90 percent of Android devices, Trend Micro said Tuesday in a blog post.Godless hides inside an app and uses exploits to try to root the OS on your phone. This basically creates admin access to a device, allowing unauthorized apps to be installed.To read this article in full or to leave a comment, please click here

15 Million AT&T Wireless Customers Run on Virtualized Core

AT&T is starting to see benefits from Domain 2.0.

EVPN – All-active multihoming

So this is the fourth blog on EVPN, the previous blogs covered the following topics:

• EVPN basics, route-types and basic L2 forwarding
• EVPN IRB and Inter-VLAN routing
• EVPN single-active multi-homing

This post will cover the ability of EVPN to provide all-active multi-homing for layer-2 traffic, where the topology contains two different active PE routers, connecting to a switch via a LAG, the setup is similar to the previous labs. Due to some restrictions and in the interests of simplicity, this lab will cover all-active multi-homing for a single VLAN only, (VLAN 100 in this case) consider the network topology:

The topology and general connectivity is the same as the other previous examples, the two big differences are that only VLAN 100 is present here and the connectivity between MX-1 and MX-2 is now using MC-LAG.

The first consideration that needs to be made when running EVPN in all-active mode, is that it must connect to the upstream devices using some sort of LAG, or MC-LAG – consider the wording from the RFC 7432:

https://tools.ietf.org/html/rfc7432#section-14.1.2

“If a bridged network is multihomed to more than one PE in an EVPN network via switches, then the support of All-Active Continue reading

Juniper Addresses IT Skills Gap

IT skills are becoming more demanding.

Top website domains are vulnerable to email spoofing

Don’t be surprised if you see spam coming from the top websites in the world. Lax security standards are allowing anyone to "spoof" emails from some of the most-visited domains, according to new research.Email spoofing — a common tactic of spammers — basically involves forging the sender’s address. Messages can appear as if they came from Google, a bank, or a best friend, even though the email never came from the actual source. The spammer simply altered the email’s "from" address.Authentication systems have stepped in to try and solve the problem. But many of the top website domains are failing to properly use them, opening the door for spoofing, according to Sweden-based Detectify, a security firm.To read this article in full or to leave a comment, please click here

Top website domains are vulnerable to email spoofing

Don’t be surprised if you see spam coming from the top websites in the world. Lax security standards are allowing anyone to "spoof" emails from some of the most-visited domains, according to new research.Email spoofing — a common tactic of spammers — basically involves forging the sender’s address. Messages can appear as if they came from Google, a bank, or a best friend, even though the email never came from the actual source. The spammer simply altered the email’s "from" address.Authentication systems have stepped in to try and solve the problem. But many of the top website domains are failing to properly use them, opening the door for spoofing, according to Sweden-based Detectify, a security firm.To read this article in full or to leave a comment, please click here

Buy-in from top execs is key to cloud transitions, AWS executive says

As the head of Amazon Web Services, Andy Jassy has seen a lot of big organizations start using the public cloud. The biggest indicator of success for a cloud transition is simple, he says: Has the business' senior staff bought into it?In his view, organizations will usually stick with their status quo on-premises data centers unless leaders are ready to promote the use of public cloud services. "And it sounds a little bit simple, but the reality is that there's so much inertia all over these organizations in continuing to things the same way they've been done for the last number of years, for a variety of different reasons," Jassy said at the AWS Summit in Washington, D.C., on Tuesday. To read this article in full or to leave a comment, please click here

IT workers at Tennessee insurer on edge amid outsourcing rumors

The IT employees at Unum Group, a Chattanooga, Tenn.-based insurer, are alert to the possibility that their employer may shift work to an offshore outsourcing firm. The employees don't know much yet, but they know enough to be alarmed -- and a letter sent out last week by the CIO did little to change that.The news about Unum, which reported nearly $11 billion in revenues last year, originated in a recent blog post by Sara Blackwell, a labor attorney in Florida who represents former Disney IT workers in a lawsuit after that firm replaced them with offshore outsourcer workers. Some of the replacements were on H-1B visas.To read this article in full or to leave a comment, please click here

A FireEye Chat with Kevin Mandia

In early May, FireEye announced that company president Kevin Mandia would replace industry veteran Dave DeWalt as CEO.  My colleague Doug Cahill had a chance to catch up with Kevin yesterday to get his perspectives on FireEye, enterprise security, and the threat landscape amongst others.  Here are a few highlights:On FireEye’s direction:  In spite of lots of distraction, Mandia is focused on driving “engineering innovation” at FireEye.  Normally, this vision would be equated with security products alone but Kevin’s believes that products can anchor services as well.  This involves installing FireEye’s endpoint and network security products on a customer network, collecting telemetry, comparing it to current threat intelligence, detecting malicious activities, and then working with customers on remediation.  To accomplish this, FireEye products must be “best-in-class” for threat detection on a stand-alone basis.  The FireEye staff is then available to add brain power and muscle to help product customers as needed.To read this article in full or to leave a comment, please click here

A FireEye chat with Kevin Mandia

In early May, FireEye announced that company president Kevin Mandia would replace industry veteran Dave DeWalt as CEO. My colleague Doug Cahill had a chance to catch up with Mandia yesterday to get his perspectives on FireEye, enterprise security and the threat landscape amongst others. Here are a few highlights:On FireEye’s direction: In spite of lots of distraction, Mandia is focused on driving “engineering innovation” at FireEye. Normally, this vision would be equated with security products alone, but Mandia believes products can anchor services as well.  This involves installing FireEye’s endpoint and network security products on a customer network, collecting telemetry, comparing it to current threat intelligence, detecting malicious activities, and then working with customers on remediation. To accomplish this, FireEye products must be “best in class” for threat detection on a stand-alone basis. The FireEye staff is then available to add brain power and muscle to help product customers as needed.To read this article in full or to leave a comment, please click here

A FireEye Chat with Kevin Mandia

In early May, FireEye announced that company president Kevin Mandia would replace industry veteran Dave DeWalt as CEO.  My colleague Doug Cahill had a chance to catch up with Kevin yesterday to get his perspectives on FireEye, enterprise security, and the threat landscape amongst others.  Here are a few highlights:On FireEye’s direction:  In spite of lots of distraction, Mandia is focused on driving “engineering innovation” at FireEye.  Normally, this vision would be equated with security products alone but Kevin’s believes that products can anchor services as well.  This involves installing FireEye’s endpoint and network security products on a customer network, collecting telemetry, comparing it to current threat intelligence, detecting malicious activities, and then working with customers on remediation.  To accomplish this, FireEye products must be “best-in-class” for threat detection on a stand-alone basis.  The FireEye staff is then available to add brain power and muscle to help product customers as needed.To read this article in full or to leave a comment, please click here

Upgrade Your Data Centre To A Closet

I'm back to installing servers/network in closets. Do we need data centers anymore ?

The post Upgrade Your Data Centre To A Closet appeared first on EtherealMind.

Docker Store Opens for Business

It builds on Docker Hub.

Security of “high-impact” federal systems not exactly rock-solid

In the face of relentless attacks – via malware, DDOS and malicious email – the defenses that protect the nation’s most “high impact” systems are spotty at best and could leave important programs open to nefarious activities, according to a new report from the Government Accountability Office.+More on Network World: Not dead yet: 7 of the oldest federal IT systems still wheezing away+At issue here the GAO wrote is the weakness of “high impact” system protection because the government describes those “that hold sensitive information, the loss of which could cause individuals, the government, or the nation catastrophic harm,” and as such should be getting increased security to protect them.To read this article in full or to leave a comment, please click here

Security of “high-impact” federal systems not exactly rock-solid

In the face of relentless attacks – via malware, DDOS and malicious email – the defenses that protect the nation’s most “high impact” systems are spotty at best and could leave important programs open to nefarious activities, according to a new report from the Government Accountability Office.+More on Network World: Not dead yet: 7 of the oldest federal IT systems still wheezing away+At issue here the GAO wrote is the weakness of “high impact” system protection because the government describes those “that hold sensitive information, the loss of which could cause individuals, the government, or the nation catastrophic harm,” and as such should be getting increased security to protect them.To read this article in full or to leave a comment, please click here