— ❄∵ Joshua Corman ∵❄ (@joshcorman) January 5, 2016
Data center governance needs to be extended around these new application platforms.
Driving your market back to the earliest age possible is a tried and true marketing technique — and technology companies are no different in this regard. Getting people hooked on a product at an early age is a sure fire way to build a lifelong habit of preference for that one brand, and for usage in general. Perhaps, though, we should be concerned when it comes to social media. As “edtech” makes its way into our schools, should we be concerned about the privacy of our children? Via CDT:
How effective is anonymization, anyway? A good bit of research is showing Continue reading
While external perimeter protection requirements will most likely command hardware acceleration and support for the foreseeable future, the distributed nature of the services inside the data center calls for a totally different set of specifications.
Some vendors have recently claimed they can achieve micro-segmentation at data center scale while maintaining a hardware architecture. As I described in my recent article in Network Computing, this is unlikely because you have to factor in speed and capacity.
To quickly recap the main points describing the model in the article:
BT deploys three kinds of Cisco security to defend itself.
A departure at Wind River tops this holiday-break edition of the Roundup.
It's been a year of learning about new products, new markets... and giraffes.
With repo access, you can get away with a lot.
2015 was no stranger to security breaches, so we have to wonder: What needs to change?
Cisco says it's found no back-door breaches. Yet.
Network security, for a long time, has worked off of the old Russian maxim, “trust but verify.” Trust a user, but verify it’s them. However, today’s network landscape — where the Internet of Things, the Cloud, and more are introducing new vulnerabilities — makes the “verify” part of “trust but verify” difficult and inefficient. We need a simpler security model. That model: Zero Trust. Continue reading
It was no accident: Unauthorized code got into ScreenOS.
Plotpoint query: Someone has some bitcoins, nobody knows, they die, leave no will, have no heirs, what happens to the bitcoins?— William Gibson (@GreatDismal) December 18, 2015
What happens to the bitcoins if you don't pass on the wallet and password?Presumably, your heirs will inherit your computer, and if they scan it, they'll find your bitcoin wallet. But the wallet is encrypted, and the password is usually not written down anywhere, but memorized by the owner. Without the password, they can do nothing with the wallet.
Before acquiring EMC, Dell seems to be forming a Federation of its own.
At CloudFlare, we spend a lot of time talking about the PoPs (Points of Presence) we have around the globe, however, on December 14th, another kind of POP came to the world: a vulnerability being exploited in the wild against Joomla’s Content Management System. This is known as a zero day attack, where it has been zero days since a patch has been released for that bug. A CVE ID has been issued for this particular vulnerability as CVE-2015-8562. Jaime Cochran and I decided to take a closer look.
In this blog post we’ll explain what the vulnerability is, give examples of actual attack payloads we’ve seen, and show how CloudFlare automatically protects Joomla users. If you are using Joomla with CloudFlare today and have our WAF enabled, you are already protected.
The Joomla Web Application Firewall rule set is enabled by default for CloudFlare customers with a Pro or higher plan, which blocks this attack. You can find it in the Joomla section of the CloudFlare Rule Set in the WAF Dashboard.
Joomla is an open source Content Management System which allows you to build web applications and control every aspect of the content of your Continue reading