0

The truth about bug finders: They’re essentially useless

Today's popular bug finders catch only about two percent of the vulnerabilities lurking in software code, researchers have found, despite the millions of dollars companies spend on them each year.Bug finders are commonly used by software engineers to root out problems in code that could turn into vulnerabilities. They'll typically report back how many bugs they found -- what you don't know is how many were missed, leaving success rates an open mystery.So researchers at New York University's Tandon School of Engineering in collaboration with the MIT Lincoln Laboratory and Northeastern University decided to find out how much they are missing.To read this article in full or to leave a comment, please click here

0

The truth about bug finders: They’re essentially useless

Today's popular bug finders catch only about two percent of the vulnerabilities lurking in software code, researchers have found, despite the millions of dollars companies spend on them each year.Bug finders are commonly used by software engineers to root out problems in code that could turn into vulnerabilities. They'll typically report back how many bugs they found -- what you don't know is how many were missed, leaving success rates an open mystery.So researchers at New York University's Tandon School of Engineering in collaboration with the MIT Lincoln Laboratory and Northeastern University decided to find out how much they are missing.To read this article in full or to leave a comment, please click here

0

I’ll See You At Cisco Live 2016 Las Vegas

I will be at Cisco Live 2016 in Las Vegas. So far, my calendar has me scheduled to attend some Tech Field Day presentations, visit with vendors, hang out in the Social Media Hub, and host a CloudGenix SD-WAN mixer event (free food and drink for all, plus fellow nerds to network with, just register). I hope to see you at CLUS. Come up and say "hi."

0

Polycom accepts Siris Capital’s $2B offer, cancels Mitel merger

The technology industry is never short of intrigue and drama. There are always rumors of who might buy whom, which executive left to go where and what new product a certain vendor might come out with.The fate of Polycom has been one of the storylines industry watchers have been keeping an eye on. Earlier this year, Mitel announced it agreed to acquire Polycom for $1.96 billion. But alas, all things aren’t meant to be. In Hollywood, Bennifer broke up, and now Mitelocom will, too.On the eve of the deal being finalized, Siris Capital came in, upped the offer to a cool $2 billion and broke up the proposed joint company. Like all things in life, there are some definite pros and cons to this announcement.To read this article in full or to leave a comment, please click here

0

Worth Reading: You don’t know as much as you think you do

We live in a world that requires people to know a lot of information. Depending on role we are required to know to varying depths. Shallow and wide or deep and narrow. No matter the combination the teams we are placed in have overlap in skills, knowledge and each person brings something of value. The simple reality is that no one knows everything. If you have an eidetic memory then kudos to you but the mere mortals amongst us do not. -Network Inferno

The post Worth Reading: You don’t know as much as you think you do appeared first on 'net work.

0

Beware: The Shaky Foundation of the Internet of Things

IoT make this environment a hacker’s Candy Land.

0

Screens that fold and roll will arrive as early as next year

Displays that can be folded and rolled up have been shown in prototype smartphones, wearables and other devices -- but when will such products be available?Advances in technology suggest they aren't too far off in the future. Such devices could start showing up as early as next year or 2018, said Jerry Kang, senior principal analyst for emerging display technologies and OLED at IHS.Manufacturers are trying to launch them in devices like tablets that can fold into a smartphone-size device. It's possible to use these displays in wearable devices, but reliability, weight and battery life need to be considered, Kang said.To read this article in full or to leave a comment, please click here

0

A CIO’s guide to understanding analytics

Wherever you turn, businesses are putting analytics into action. Retailer American Eagle outfitters, for example, uses an algorithm to figure out how best to fulfill online orders with products shipped from physical stores. Insurance company Allstate calculates premiums using an algorithm that weights different risk factors. Even beverage maker Minute Maid is applying algorithms to its orange juice, taking into account not just consumer preferences but its supply chain.To read this article in full or to leave a comment, please click here(Insider Story)

0

Confusion over cyber insurance leads to coverage gaps

Assessing damage after a major cybersecurity breach is one of the most harrowing things a CIO or CISO can face. There is plenty of blame to go around but rarely enough people to accept it evenly. And when it comes to recouping money from cyber insurance claims, this blame game is further complicated by confusion.A typical corporate cyber insurance discussion goes like this: The CEO or board chairman calls the CISO into the room and tells him that their insurers is going to pay out only 38 percent of a claim because "you didn't implement encryption on the affected applications."The CISO says: "First, I didn't know we had cyber insurance. Second, the impacted apps are running our ATM machines and if we would have encrypted them you would have fired me because our customers wouldn't have been able to access them. I wish you would have talked to me before you implemented these policies."To read this article in full or to leave a comment, please click here

0

IDG Contributor Network: We need a better Private Browsing Mode

Many web browsers have some variation of “private” browsing mode. In that mode, websites shouldn't be able to read cookies stored on your computer, nor should they  be able to place permanent cookies onto your computer. (They think they can place cookies, but those cookies are deleted at the end of the session.)Normally, you have two ways to use those modes: Deliberately decide to start a private session. On Firefox for the Mac, it’s File -> New Private Window. Ditto for Safari for the Mac. In Chrome for the Mac, it’s File -> New Incognito Window. The process is similar for Windows, and it is somewhat different on phones and tablets. The problem is that if you click a link in, say, an email, it will open in a regular, non-private window. Set a default that every browser session will be private/incognito. (The method varies widely based on browser and operating system.) This method will handle external link requests by opening them in private/incognito mode. But since everything else will open that way too, you’ll have to manually log into every website you visit. That is a real nuisance. (You can set browsers to block cookies, but that’s bigger nuisance because Continue reading

0

Microsoft lets AI experiments loose in world of Minecraft

Microsoft has published the source code for its Project Malmo, allowing anyone to conduct artificial intelligence experiments in the world of Minecraft with a little programming.It unveiled the project, then known as AIX, back in March, but at the time only a few academics had access to the code. On Thursday the company made good on its promise to open up the source code by publishing it on Github.Minecraft, the blocky world-building game that Microsoft paid US$2.5 billion for two years ago, is an ideal place to test how artificial intelligences will interact with one another and with humans.To read this article in full or to leave a comment, please click here

0

10 reasons why you shouldn’t upgrade to Windows 10

An offer you can refuseThe clock is ticking, folks. If you want to upgrade to Windows 10 for free, you only have until July 29, 2016 to do so. And most people should! Windows 10 is the best Windows yet, chock full of handy new features, sleek under-the-hood improvements, and headache-killing extras.To read this article in full or to leave a comment, please click here

0

How IT outsourcing customers should prepare for HPE-CSC

How the recently announced “spin-merger” between HPE’s spun-off enterprise services unit and CSC to create a $26 billion global services giant (the third largest in the U.S) will actually shake out once its completed next spring is uncertain. What is clear is that the two service businesses had been struggling for some time.[ Related: HPE to spin out its huge services business, merge it with CSC ]To read this article in full or to leave a comment, please click here

0

IDG Contributor Network: The Wi-Fi network edge leads in an SDN world

Two decades ago, the core was the place to be in campus networking. The networking battles of the 1990s concluded with the edge specialists humbled and assimilated by core product lines. Control the core, we declared, and the edge will fall into place.But now the edge is fruitful, and the core is sterile—and for two reasons. First, the wireless interface adds mobility and complexity to the edge. Second, the new architectures of software-defined networking (SDN) and IoT are based on centralized models that take sensed information, manipulate a software representation of the network, then send control signals back to network nodes. Nodes are peers under the controller. Their importance is based on the quantity and quality of the information they can report, as well as the sophistication of the control they can apply.To read this article in full or to leave a comment, please click here

0

IDG Contributor Network: The Wi-Fi network edge leads in an SDN world

Two decades ago, the core was the place to be in campus networking. The networking battles of the 1990s concluded with the edge specialists humbled and assimilated by core product lines. Control the core, we declared, and the edge will fall into place.But now the edge is fruitful, and the core is sterile—and for two reasons. First, the wireless interface adds mobility and complexity to the edge. Second, the new architectures of software-defined networking (SDN) and IoT are based on centralized models that take sensed information, manipulate a software representation of the network, then send control signals back to network nodes. Nodes are peers under the controller. Their importance is based on the quantity and quality of the information they can report, as well as the sophistication of the control they can apply.To read this article in full or to leave a comment, please click here

0

EU prepares to raise Privacy Shield over data transfers to U.S.

European Union officials are set to give final approval to a new EU-U.S. data transfer agreement early next week, after member states gave their approval to an updated text on Friday.Privacy Shield is intended to replace the Safe Harbor Agreement as a means to legalize the transfer of EU citizens' personal information to the U.S. while still respecting EU privacy laws.A new deal is needed because the Court of Justice of the EU invalidated the Safe Harbor Agreement last October, concerned that it provided Europeans with insufficient protection from state surveillance when companies exported their personal data to the U.S. for processing.The first draft of Privacy Shield agreement presented by the European Commission in January lacked key assurances from U.S. officials on the same matters that had concerned the CJEU about Safe Harbor.To read this article in full or to leave a comment, please click here

0

IDG Contributor Network: Smartwatches not secure, give away PIN numbers

Sensors, such as accelerometers, found in wearable devices can be used to reverse engineer a human hand’s movements and trajectories while at an ATM, thus giving away the PIN code, researchers say.The findings bring into question the fundamental security of smartwatches.Malware installs on devices might be one way the newly discovered hack could work, the scientists say. The software would wait for a mark to use a secure system, such as a keypad-controlled enterprise server, for example, and then collect data from the gyroscope, magnometer, accelerometer and other sensors. (Devices use those sensors to measure fitness and so on.)To read this article in full or to leave a comment, please click here

0

Packet Blast: Top Tech Blogs, July 8

0

Optimize Your Data Center: Use Distributed File System

Let’s continue our journey toward two-switch data center. What can we do after virtualizing the workload, getting rid of legacy technologies, and reducing the number of server uplinks to two?

How about replacing dedicated storage boxes with distributed file system?

In late September, Howard Marks will talk about software-defined storage in my Building Next Generation Data Center course. The course is sold out, but if you register for the spring 2017 session, you’ll get access to recording of Howard’s talk.

0

Deep Discounts on Amazon Leading Into Prime Day – Deal Alert

For today only Amazon has significant discounts on a few select items, just a small taste of what's to come when Amazon unleashes 100,000+ discounts on "Prime Day" this Tuesday, July 12th, for Amazon Prime members only. If you're not a Prime member, you should at least sign up for the free 30 day trial so you're ready when the deals start to drop: sign up here. The powerful 20000mAh PowerCore 20100 from Anker weighs just 12.5 oz, but fully charges most phones and tablets to 100% several times over without needing to be recharged. It charges the iPhone 6s seven times, the Galaxy S6 five times or the iPad mini 4 twice. Industry leading output of 4.8 amps provides enough power to simultaneously charge any combination of devices at full speed. Surge protection, short circuit protection and more advanced safety features keep your devices safe. For additional peace of mind, the Anker PowerCore 20100 comes with an 18 month warranty and easily accessible customer service. It currently averages 4.5 out of 5 stars on Amazon from over 4,500 people (85% rate it 5 stars -- read reviews). Its regular list price of $79.99 has been Continue reading