Archive

Category Archives for "Networking"

A hackable election: 5 things you need to know about e-voting machines

As the U.S. heads toward an especially contentious national election in November, 15 states are still clinging to outdated electronic voting machines that don't support paper printouts used to audit their internal vote counts. E-voting machines without attached printers are still being used in a handful of presidential swing states, leading some voting security advocates to worry about the potential of a hacked election. Some makers of e-voting machines, often called direct-recording electronic machines or DREs, are now focusing on other sorts of voting technology, including optical scanners. They seem reluctant to talk about DREs; three major DRE vendors didn't respond to questions about security.To read this article in full or to leave a comment, please click here

A hackable election: 5 things you need to know about e-voting machines

As the U.S. heads toward an especially contentious national election in November, 15 states are still clinging to outdated electronic voting machines that don't support paper printouts used to audit their internal vote counts. E-voting machines without attached printers are still being used in a handful of presidential swing states, leading some voting security advocates to worry about the potential of a hacked election. Some makers of e-voting machines, often called direct-recording electronic machines or DREs, are now focusing on other sorts of voting technology, including optical scanners. They seem reluctant to talk about DREs; three major DRE vendors didn't respond to questions about security.To read this article in full or to leave a comment, please click here

Cybersecurity: A vertical industry application?

Cybersecurity has always been a horizontal technology practice that’s roughly the same across all industry sectors. Yes, some industries have different regulations, use cases or business processes that demand specific security controls, but overall every company needs things like firewalls, IDS/IPS, threat management gateways and antivirus software regardless.Generic security requirements will remain forever, but I see a burgeoning trend transforming cybersecurity from a set of horizontal technologies to a vertical industry application. These drivers include: Increasing business focus on cybersecurity. While it sounds like industry hype, cybersecurity has actually become a boardroom issue and corporate boards understand industry-specific risks much better than technology gibberish about malware and exploits. To accommodate these corporate executives, CISOs will need communications skills, as well as tools and technologies that help translate cybersecurity data into meaningful industry and corporate risk intelligence that can drive investment and decision making. Security intelligence vendors like BitSight and SecurityScorecard are already exploiting this need, offering industry-centric cybersecurity metrics for business use. CISO progression. The present generation of CISOs grew up through the ranks of IT and security with career development responsibilities such as network operations and firewall administration. Yes, the next generation of CISOs will still need some Continue reading

Cybersecurity: A vertical industry application?

Cybersecurity has always been a horizontal technology practice that’s roughly the same across all industry sectors. Yes, some industries have different regulations, use cases or business processes that demand specific security controls, but overall every company needs things like firewalls, IDS/IPS, threat management gateways and antivirus software regardless.Generic security requirements will remain forever, but I see a burgeoning trend transforming cybersecurity from a set of horizontal technologies to a vertical industry application. These drivers include: Increasing business focus on cybersecurity. While it sounds like industry hype, cybersecurity has actually become a boardroom issue and corporate boards understand industry-specific risks much better than technology gibberish about malware and exploits. To accommodate these corporate executives, CISOs will need communications skills, as well as tools and technologies that help translate cybersecurity data into meaningful industry and corporate risk intelligence that can drive investment and decision making. Security intelligence vendors like BitSight and SecurityScorecard are already exploiting this need, offering industry-centric cybersecurity metrics for business use. CISO progression. The present generation of CISOs grew up through the ranks of IT and security with career development responsibilities such as network operations and firewall administration. Yes, the next generation of CISOs will still need some Continue reading

Sift Security helps SecOps teams analyze and visualize patterns of threats and speed up investigations  

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.   There's a powerful new generation of security operations (SecOps) tools coming to market designed to help SecOps teams find and react to threats much quicker than before. The best of these tools also enable security analysts to proactively hunt for threats that might be present in their enterprise environment. These tools bring data together from disparate sources and begin to connect the dots so analysts can dive right into the investigation without having to search for relevant data points. The products tend to eliminate the manual work of sifting through logs, finding all the relevant data, and trying to find correlations among the events.To read this article in full or to leave a comment, please click here

Sift Security helps SecOps teams analyze and visualize patterns of threats and speed up investigations  

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.   There's a powerful new generation of security operations (SecOps) tools coming to market designed to help SecOps teams find and react to threats much quicker than before. The best of these tools also enable security analysts to proactively hunt for threats that might be present in their enterprise environment. These tools bring data together from disparate sources and begin to connect the dots so analysts can dive right into the investigation without having to search for relevant data points. The products tend to eliminate the manual work of sifting through logs, finding all the relevant data, and trying to find correlations among the events.To read this article in full or to leave a comment, please click here

Best Deals of the Week – Deal Alert

15% off Google OnHub AC1900 Wireless Wi-Fi RouterThe OnHub AC1900 wireless router from Google and TP-LINK is designed to make even the more complicated home networks run fast and efficiently. It supports over 100 devices at one time, providing speeds of up to 1900mbps. It's unique circular design with 13 antennas provides up to 2,500 square feet of reliable coverage. Streaming a movie or downloading large files? OnHub lets you manage speeds to specific devices or give a boost where/when needed. The On App lets you manage, prioritize and troubleshoot right from your device, at home or away. OnHub currently averages 4.5 out of 5 stars on Amazon from over 500 people (read reviews). It's typical list price of $199.99 has been reduced 15% to $169.99. See the discounted Google OnHub AC1900 wireless router now on Amazon.To read this article in full or to leave a comment, please click here

Best Deals of the Week – Deal Alert

15% off Google OnHub AC1900 Wireless Wi-Fi RouterThe OnHub AC1900 wireless router from Google and TP-LINK is designed to make even the more complicated home networks run fast and efficiently. It supports over 100 devices at one time, providing speeds of up to 1900mbps. It's unique circular design with 13 antennas provides up to 2,500 square feet of reliable coverage. Streaming a movie or downloading large files? OnHub lets you manage speeds to specific devices or give a boost where/when needed. The On App lets you manage, prioritize and troubleshoot right from your device, at home or away. OnHub currently averages 4.5 out of 5 stars on Amazon from over 500 people (read reviews). It's typical list price of $199.99 has been reduced 15% to $169.99. See the discounted Google OnHub AC1900 wireless router now on Amazon.To read this article in full or to leave a comment, please click here

Per VRF accounting solution

Document: Per VRF accounting solution. - Per-VRF-Accounting.pdf Hello, Here after a solution to count input/output traffic per VRF. Tested in stress in Junos 14.2. File is available above. Enjoy reading. David

Per VRF accounting solution

Document: Per VRF accounting solution. - Per-VRF-Accounting.pdf Hello, Here after a solution to count input/output traffic per VRF. Tested in stress in Junos 14.2. File is available above. Enjoy reading. David

IDG Contributor Network: Wi-Fi Certified Passpoint zig-zags towards success

How far should a leader seek to change public opinion, to get out in front rather than follow? Lincoln famously said, “Public sentiment is everything,” but the quote concludes with, “He who moulds public sentiment… makes decisions possible.” It’s an enduring debate in the hinterland of academia where engineers seldom tread.But standards can be like that. They often package basic, universal features with more decorative additions that offer transformational improvements but are of minority interest. There’s a risk that the burden of implementing these additional features will deter some vendors, and they may shun the standard altogether. If too many follow this course, the standard will fail in the market. To read this article in full or to leave a comment, please click here

IDG Contributor Network: 3 ways device fingerprinting must evolve to prevent fraud

Fraud is a $1 trillion annual problem worldwide. With rapid growth in ecommerce and online banking over the past decade, fraudsters are increasingly shifting to using computers and smartphones to commit fraud. One technology that helps companies and governments spot fraud—and sometimes stop it before it starts —is device fingerprinting. Device fingerprinting works by uniquely identifying computers, tablets and mobile phones based on various attributes (e.g., browser version, screen dimensions, list of installed fonts, etc.). So, if a fraudster were to commit fraud using a particular mobile phone and was caught and that phone was fingerprinted, it would be difficult for that fraudster to commit another transaction from the same device. However, the fingerprint changes every time a user makes a device update. It’s therefore incredibly easy to fake a new device fingerprint.To read this article in full or to leave a comment, please click here

IDG Contributor Network: 3 ways device fingerprinting must evolve to prevent fraud

Fraud is a $1 trillion annual problem worldwide. With rapid growth in ecommerce and online banking over the past decade, fraudsters are increasingly shifting to using computers and smartphones to commit fraud. One technology that helps companies and governments spot fraud—and sometimes stop it before it starts —is device fingerprinting. Device fingerprinting works by uniquely identifying computers, tablets and mobile phones based on various attributes (e.g., browser version, screen dimensions, list of installed fonts, etc.). So, if a fraudster were to commit fraud using a particular mobile phone and was caught and that phone was fingerprinted, it would be difficult for that fraudster to commit another transaction from the same device. However, the fingerprint changes every time a user makes a device update. It’s therefore incredibly easy to fake a new device fingerprint.To read this article in full or to leave a comment, please click here

AI expanding in the enterprise (whether or not you know it)

Artificial intelligence (AI) technologies are already proliferating in the enterprise. However, many business leaders don't realize they're leveraging technologies that rely on AI, according to a new study by natural language generation (NLG) specialist Narrative Science. Despite the confusion, adoption is imminent. Stuart Frankel, CEO and co-founder of Narrative Science. "AI has been around for a long time," says Stuart Frankel, CEO and co-founder of Narrative Science. "While it is super-hot and very buzzy today, there are still some success stories of AI that we just don't consider AI anymore. We use it every day and we're used to it. I think that's a natural progression. Once that esoteric technology that's sort of hard to explain gets wide adoption, it's no longer AI anymore."To read this article in full or to leave a comment, please click here

Stagefright for iOS and OS X? Don’t lower the curtain yet

Earlier this year, Cisco’s Talos division reported significant image-processing bugs to Apple, one of which could allow attackers to inject malware or remotely execute code via “iMessages, malicious webpages, MMS messages, or other malicious file attachments opened by any application.” These flaws were patched in Apple’s current operating systems in its July 18 update. Some media outlets immediately dubbed this Apple’s “Stagefright,” referring to a severe Android flaw discovered a year ago that could access or hijack an Android phone via an MMS message. But the details don’t support this level of concern, despite the seeming severity of the flaws.To read this article in full or to leave a comment, please click here

Stagefright for iOS and OS X? Don’t lower the curtain yet

Earlier this year, Cisco’s Talos division reported significant image-processing bugs to Apple, one of which could allow attackers to inject malware or remotely execute code via “iMessages, malicious webpages, MMS messages, or other malicious file attachments opened by any application.” These flaws were patched in Apple’s current operating systems in its July 18 update. Some media outlets immediately dubbed this Apple’s “Stagefright,” referring to a severe Android flaw discovered a year ago that could access or hijack an Android phone via an MMS message. But the details don’t support this level of concern, despite the seeming severity of the flaws.To read this article in full or to leave a comment, please click here

CIOs: Shadow IT is actually great for your cloud strategy

In a survey, cloud security broker vendor CipherCloud found that 86 percent of cloud applications used at workplaces are unsanctioned. That's a pretty big percentage. Obviously, the security vendors have an incentive to raise such fears about shadow IT, so take this claim with much salt. However, the issue merits attention.I don't see shadow IT as that big of deal. Moreover, I believe that CIOs can embrace, rather than fight, the rise of shadow IT for their own benefit. How?[ Download InfoWorld's quick guide and get started with Azure Mobile Services for building apps today. | Stay up on the cloud with InfoWorld's Cloud Computing newsletter. ] There are three benefits to the CIO from departments' shadow cloud use.To read this article in full or to leave a comment, please click here

Firefox sets kill-Flash schedule

Mozilla yesterday said it will follow other browser markers by curtailing use of Flash in Firefox next month. The open-source developer added that in 2017 it will dramatically expand the anti-Flash restrictions: Firefox will require users to explicitly approve the use of Flash for any reason by any website. As have its rivals, Mozilla cast the limitations (this year) and elimination (next year) as victories for Firefox users, citing improved security, longer battery life on laptops and faster web page rendering. "Starting in August, Firefox will block certain Flash content that is not essential to the user experience, while continuing to support legacy Flash content," wrote Benjamin Smedberg, the manager of Firefox quality engineering, in a post to a company blog.To read this article in full or to leave a comment, please click here