Archive

Category Archives for "Security"

IoT Security is the Heart of the Matter

The Internet Society is raising awareness around the issues and challenges with Internet of Things (IoT) devices, and the OTA IoT Trust Framework is promoting best practices in protection of user security and privacy. The importance of this was brought home with the keynote talk at the recent TNC18 Conference, which was given by Marie Moe (SINTEF) who related her experiences with her network-connected heart pacemaker.

Marie is a security researcher (who also formerly worked for NorCERT, the Norwegian National Cybersecurity Centre) who has an implanted pacemaker to monitor and control her heart, and has used the opportunity to investigate the firmware and security issues that have had detrimental and potentially fatal consequences. Quite aside from uncovering misconfigurations that required tweaking (e.g. the maximum heartbeat setting turned out to be set too low for a younger person), and an adverse event that required a firmware upgrade, she was even more concerned to discover that little consideration had gone into the authentication and access aspects that might allow an attacker to take control of the device.

These devices allow their recipients to lead normal lives, and of course being network-connectable has many practical advantages in terms of monitoring and Continue reading

The Week in Internet News: X-Ray I

AI to get X-ray vision: Researchers at MIT’s Computer Science and Artificial Intelligence Laboratory are getting close to creating AI that can see through walls, Geek.com reported. The research team is using AI to analyze radio signals bouncing off human bodies. The result is a neural network-generated stick figure that moves like the targeted person does.

Dr. AI will see you now: Perhaps more useful that looking through walls, some AI technologies are now being used to identify tuberculosis, pneumonia, upper respiratory infection, and bronchitis based on how a cough sounds, said AdWeek. Several companies are exploring other ways to use AI in healthcare settings.

Encryption wars, part 207: Apple has moved to close a security hole that law enforcement agencies used to defeat encryption on iPhones, according to many news reports, including one in the New York Times. The Apple move set off a new round of debate about encrypted devices and law enforcement access, the Washington Post noted.

It appears that at least one company that builds iPhone cracking tools already has a workaround, however, Motherboard reported.

Meanwhile, an FBI official suggested that each encrypted device that law enforcement agencies cannot crack represents a victim without justice, BusinessInsider. Continue reading

Notes on “The President is Missing”

Former president Bill Clinton has contributed to a cyberthriller "The President is Missing", the plot of which is that the president stops a cybervirus from destroying the country. This is scary, because people in Washington D.C. are going to read this book, believe the hacking portrayed has some basis in reality, and base policy on it. This "news analysis" piece in the New York Times is a good example, coming up with policy recommendations based on fictional cliches rather than a reality of what hackers do.


The cybervirus in the book is some all powerful thing, able to infect everything everywhere without being detected. This is fantasy no more real than magic and faeries. Sure, magical faeries is a popular basis for fiction, but in this case, it's lazy fantasy, a cliche. In fiction, viruses are rarely portrayed as anything other than all powerful.

But in the real world, viruses have important limitations. If you knew anything about computer viruses, rather than being impressed by what they can do, you'd be disappointed by what they can't.

Go look at your home router. See the blinky lights. The light flashes every time a packet of data goes across the network. Continue reading

Federated Application Management in Docker Enterprise Edition

Today at DockerCon, we demonstrated new application management capabilities for Docker Enterprise Edition that will allow organizations to federate applications across Docker Enterprise Edition environments deployed on-premises and in the cloud as well as across cloud-hosted Kubernetes. This includes Azure Kubernetes Service (AKS), AWS Elastic Container Service for Kubernetes (EKS), and Google Kubernetes Engine (GKE).

A Single Control Plane for Multi-Cloud Deployments

Most enterprise organizations have a hybrid or multi-cloud strategy and the rise of containers has helped to make applications more portable. However, when organizations start to adopt containers as their default application format, they start to run into the challenges of managing multiple container environments, especially when each of them has a different set of access controls, governance policies, content repositories and operational models. For common hybrid and multi-cloud use cases like bursting applications to the cloud for additional capacity or migrating them from one site to another for availability or compliance reasons, organizations start to realize the need for a singular control plane for all containerized applications – no matter where it will be deployed.

Docker Enterprise Edition is the only enterprise-ready container platform that can deliver federated application management with a secure supply chain. Not only Continue reading

ISOC has goals at TNC18

This week is TNC18, the largest European research and education networking conference, which is being held at the Lerkendal Stadium in Trondheim, Norway – the home of current Norwegian Football Champions Rosenborg BK. Of course we’re actually in a conference centre underneath one of the grandstands and not on the pitch, but this is still a premier event that brings together managers, network engineers, and researchers from R&E networks in Europe and the rest of the world.

The Internet Society is not only one of the conference sponsors, but has a significant role in the programme as well. Our colleague Karen O’Donoghue on Monday spoke about NRENs and IoT Security in the ‘What’s Coming Next In Privacy Innovation‘ session, where she’s discussing the security and privacy challenges of burgeoning numbers of IoT devices and how these will impact R&E communities. ISOC is encouraging the development of best practices through the Online Trust Alliance’s IoT Security & Privacy Trust Framework, and this is a good opportunity to discuss how the NREN community can take the lead in adopting good operational practice.

Karen will also be talking about Time and Security during the ‘Security‘ session on Tuesday. Continue reading

Pivotal Container Service (PKS) Integration With NSX-T Data Center: A lab study with Tips

Contributions from: Alka Gupta, Prasad Kalpurekkal

Pivotal Container Service (PKS) aims to simplify how enterprises deploy, run and manage Kubernetes clusters on any cloud. For detailed documentation of PKS installation and configuration, go here. For details on configuring PKS with NSX-T Data Center, go here.

Every enterprise wants to run containers in production. However, primary questions being asked are: “How do I get Kubernetes to work in my data center? How do I simplify deployment of Kubernets clusters? What about Networking and Security? ”

PKS answers these questions with a feature set tailored to the requirements of the enterprises.  Read about PKS features in detail here.

One of the features PKS offers is tight integration with NSX-T Data Center, enabling advanced networking and security for container based emerging application architectures, just as it does for traditional 3-tier apps. In these environments, NSX-T Data Center provides Layer 3 container networking and advanced networking services such as built-in load balancing, micro-segmentation, multi-tenancy, central visibility with a central SDN controller, network topology choices and more. We demonstrated this at the Network Field Day 17 which you can see here.

In this blog, we call out the work done at VMware Global Solutions Partner lab on configuring Pivotal Continue reading

Announcing General Availability of VMware NSX-T Data Center 2.2.0

VMware is pleased to announce that VMware NSX-T Data Center 2.2.0 has been released on June 5, 2018!

 

With this release we have introduced a number of excellent new features for on-premise deployments as well as the ability to manage Microsoft Azure based workloads as part of the NSX Cloud product. VMware NSX-T Data Center has also been updated to provide networking and security infrastructure for VMware Cloud on AWS.

Here is list of highlighted features that may be of most interested to customers. Note that this is not a complete list of new features. Please see the release notes for this release for all of the details.

Management of Workloads in Microsoft Azure

 

One of the most interesting new features of NSX-T Data Center 2.2 is the enablement of NSX Cloud, managing networking and security for applications running natively in public clouds, now including Microsoft Azure. This feature enables a true hybrid cloud with management of network security in a single view. This feature is detailed well in the following blog by Jonathan Morin so instead of repeating all the details here it is highly recommended you review this page:  https://blogs.vmware.com/networkvirtualization/2018/06/nsx-cloud-a-new-and-improved-model-for-end-to-end-networking-and-security.html/

Enhanced Data Path Mode in N-VDS

 

Continue reading

1 88 89 90 91 92 178