Introducing Cloudflare for Campaigns

During the past year, we saw nearly 2 billion global citizens go to the polls to vote in democratic elections. There were major elections in more than 50 countries, including India, Nigeria, and the United Kingdom, as well as elections for the European Parliament. In 2020, we will see a similar number of elections in countries from Peru to Myanmar. In November, U.S citizens will cast their votes for the 46th President, 435 seats in the U.S House of Representatives, 35 of the 100 seats in the U.S. Senate, and many state and local elections.

Recognizing the importance of maintaining public access to election information, Cloudflare launched the Athenian Project in 2017, providing U.S. state and local government entities with the tools needed to secure their election websites for free. As we’ve seen, however, political parties and candidates for office all over the world are also frequent targets for cyberattack. Cybersecurity needs for campaign websites and internal tools are at an all time high.

Although Cloudflare has helped improve the security and performance of political parties and candidates for office all over the world for years, we’ve long felt that we could do more. So today, Continue reading

Google Chrome towards making third party cookies obsolete

Not really. They were forced to by Mozilla and Apple.

The post Google Chrome towards making third party cookies obsolete appeared first on EtherealMind.

Review: SaltStack brings SecOps to network orchestration and automation

SaltStack Enterprise, and its optional SecOps modules, is one of the only platforms available today that can fully manage complex enterprise environments while also protecting them.

3 easy ways to make your Windows network harder to hack

Start the new year off by eliminating common paths for attackers to breach your network.

Review: SaltStack brings SecOps to network orchestration and automation

SaltStack Enterprise, and its optional SecOps modules, is one of the only platforms available today that can fully manage complex enterprise environments while also protecting them.

EVPN Auto-RD and Duplicate MAC Addresses

Another EVPN reader question, this time focusing on auto-RD functionality and how it works with duplicate MAC addresses:

If set to Auto, RD generated will be different for the same VNI across the EVPN switches. If the same route (MAC and/or IP) is present under different leaves of the same L2VNI, since the RD is different there is no best path selection and both will be considered. It’s a misconfiguration and shouldn’t be allowed. How will the BGP deal with this?

Programmatically interpretable reinforcement learning

Programmatically interpretable reinforcement learning, Verma et al., ICML 2018

Being able to trust (interpret, verify) a controller learned through reinforcement learning (RL) is one of the key challenges for real-world deployments of RL that we looked at earlier this week. It’s also an essential requirement for agents in human-machine collaborations (i.e, all deployments at some level) as we saw last week. Since reading some of Cynthia Rudin’s work last year I’ve been fascinated with the notion of interpretable models. I believe there are a large set of use cases where an interpretable model should be the default choice. There are so many deployment benefits, even putting aside any ethical or safety concerns.

So how do you make an interpretable model? Today’s paper choice is the third paper we’ve looked at along these lines (following CORELS and RiskSlim), enough for a recognisable pattern to start to emerge. The first step is to define a language — grammar and associated semantics — in which the ultimate model to be deployed will be expressed. For CORRELS this consists of simple rule based expressions, and for RiskSlim it is scoring sheets. For Programmatically Interpretable Reinforcement Learning (PIRL) as we shall Continue reading

BGP in 2019 – Part 2

Serverless computing: Ready or not?

Until a few years ago, physical servers were a bedrock technology, the beating digital heart of every data center. Then the cloud materialized. Today, as organizations continue to shovel an ever-growing number of services toward cloud providers, on-premises servers seem to be on the verge of becoming an endangered species.Serverless computing is doing its share to accelerate the demise of on-premises servers. The concept of turning to a cloud provider to dynamically manage the allocation of machine resources and bill users only for the actual amount of resources consumed by applications is gaining increasing acceptance. A late 2019 survey conducted by technical media and training firm O'Reilly found that four out of 10 enterprises, spanning a wide range of locations and industries, have already adopted serverless technologies.To read this article in full, please click here

Serverless computing: Ready or not?

Until a few years ago, physical servers were a bedrock technology, the beating digital heart of every data center. Then the cloud materialized. Today, as organizations continue to shovel an ever-growing number of services toward cloud providers, on-premises servers seem to be on the verge of becoming an endangered species.Serverless computing is doing its share to accelerate the demise of on-premises servers. The concept of turning to a cloud provider to dynamically manage the allocation of machine resources and bill users only for the actual amount of resources consumed by applications is gaining increasing acceptance. A late 2019 survey conducted by technical media and training firm O'Reilly found that four out of 10 enterprises, spanning a wide range of locations and industries, have already adopted serverless technologies.To read this article in full, please click here

The Inevitability Of FPGAs In The Datacenter

You don’t have to be a chip designer to program an FPGA, just like you don’t have to be a C++ programmer to code in Java, but it probably helps in both cases if you want to do them well. …

The Inevitability Of FPGAs In The Datacenter was written by Timothy Prickett Morgan at The Next Platform.

Google Absorbs AppSheet to Automate Code

Daily Roundup: Nokia Slashes Jobs

Microsoft Patches Critical Windows Security Flaw

SDxCentral Adds Career Resources for IT Professionals

European Weather Center Breaks Tradition With Upcoming Supercomputer

Weather forecasting in Europe is going to get a big boost later this year when the European Centre for Medium-Range Weather Forecasts (ECMWF) installs its next-generation supercomputer. …

European Weather Center Breaks Tradition With Upcoming Supercomputer was written by Michael Feldman at The Next Platform.

Instant, secure ‘teleportation’ of data in the works

Sending information instantly between two computer chips using quantum teleportation has been accomplished reliably for the first time, according to scientists from the University of Bristol, in collaboration with the Technical University of Denmark (DTU). Data was exchanged without any electrical or physical connection – a transmission method that may influence the next generation of ultra-secure data networks.Teleportation involves the moving of information instantaneously and securely. In the “Star Trek” series, fictional people move immediately from one place to another via teleportation. In the University of Bristol experiment, data is passed instantly via a single quantum state across two chips using light particles, or photons. Importantly, each of the two chips knows the characteristics of the other, because they’re entangled through quantum physics, meaning they therefore share a single physics-based state.To read this article in full, please click here

AT&T Wins 5G Contract for Nellis Air Force Base

Deep Dive: U.S. Federal Government’s Security and Privacy Practices

In April 2019, the Internet Society’s Online Trust Alliance released its 10th Annual Online Trust Audit & Honor Roll. The Audit looks at the security and privacy practices of over 1,000 of the top sites on the Internet, from retailers to government sites. In this post we will take a deeper dive into the U.S. Federal Government sector of the Audit. The Government sector is defined as the top 100 sites in the U.S. Federal Government by traffic (based on Alexa ranking). Given the nature of the U.S. Government compared to companies, this sample has some unique properties, namely site security.

The most obvious place the government excels is in the area of encryption. The reason for this is largely due to a mandate from the Homeland Security Department that all U.S. Government sites be encrypted, but the standard should still be the same for any site. Put another way, the other sectors in the Audit do not have an excuse for lagging in security.

In site security the Government sector fared the best with 100% adoption of “Always-On Secure Socket Layer” (AOSSL) and/or “HTTP Strict Transport Security” (HSTS), compared to 91% of sites overall. The Continue reading

Google Partners With CNCF, HackerOne on Kubernetes Bug Bounty