Real World APIs: Snagging a Global Entry Interview

As my new job will have me traveling a bit more often, I finally bit the bullet and signed up for Global Entry (which is similar to TSA PreCheck but works for international travel as well). A few days after submitting my application and payment, I was conditionally approved. The next step was to schedule an “interview,” which is essentially a 10-minute appointment where they ask a few questions and take biometrics. The interview must be done in person at one of relatively few CBP locations.

Here in Raleigh, North Carolina, my two closest locations are Richmond and Charlotte. Unfortunately, CBP’s scheduling portal indicated no availability for new appointments at either location. No additional context is provided, so I have no idea whether I should keep trying every few days, or attempt to schedule an appointment at a remote location to coincide with future travel.

no_appointments.png

My only hope at this point is that spots will eventually open up as other applicants cancel their appointments or CBP adds sufficient staff to meet demand. But that means manually logging into the portal, completing two-factor authentication, and checking both of my desired appointment locations each and every time.

Sounds like a great use Continue reading

Microsoft finds Russia-backed attacks that exploit IoT devices

The STRONTIUM hacking group, which has been strongly linked by security researchers to Russia’s GRU military intelligence agency, was responsible for an IoT-based attack on unnamed Microsoft customers, according to the company. a blog post from the company’s security response center issued Monday.Microsoft said in a blog that the attack, which it discovered in April, targeted three specific IoT devices – a VoIP phone, a video decoder and a printer (the company declined to specify the brands) – and used them to gain access to unspecified corporate networks. Two of the devices were compromised because nobody had changed the manufacturer’s default password, and the other one hadn’t had the latest security patch applied.To read this article in full, please click here

Microsoft finds Russia-backed attacks that exploit IoT devices

The STRONTIUM hacking group, which has been strongly linked by security researchers to Russia’s GRU military intelligence agency, was responsible for an IoT-based attack on unnamed Microsoft customers, according to the company. a blog post from the company’s security response center issued Monday.Microsoft said in a blog that the attack, which it discovered in April, targeted three specific IoT devices – a VoIP phone, a video decoder and a printer (the company declined to specify the brands) – and used them to gain access to unspecified corporate networks. Two of the devices were compromised because nobody had changed the manufacturer’s default password, and the other one hadn’t had the latest security patch applied.To read this article in full, please click here

Sponsored Post: Educative, PA File Sight, Etleap, PerfOps, InMemory.Net, Triplebyte, Stream, Scalyr

Who's Hiring? 

  • Triplebyte lets exceptional software engineers skip screening steps at hundreds of top tech companies like Apple, Dropbox, Mixpanel, and Instacart. Make your job search O(1), not O(n). Apply here.

  • Need excellent people? Advertise your job here! 

Cool Products and Services

  • Grokking the System Design Interview is a popular course on Educative.io (taken by 20,000+ people) that's widely considered the best System Design interview resource on the Internet. It goes deep into real-world examples, offering detailed explanations and useful pointers on how to improve your approach. There's also a no questions asked 30-day return policy. Try a free preview today.

  • PA File Sight - Actively protect servers from ransomware, audit file access to see who is deleting files, reading files or moving files, and detect file copy activity from the server. Historical audit reports and real-time alerts are built-in. Try the 30-day free trial!

  • For heads of IT/Engineering responsible for building an analytics infrastructure, Etleap is an ETL solution for creating perfect data pipelines from day one. Unlike older enterprise solutions, Etleap doesn’t require extensive engineering work to set up, maintain, and scale. It automates most ETL setup and Continue reading

Intel pulls the plug on Omni-Path networking fabric architecture

Intel’s battle to gain ground in the high-performance computing (HPC) market isn’t going so well. The Omni-Path Architecture it had pinned its hopes on has been scrapped after one generation.An Intel spokesman confirmed to me that the company will no longer offer Intel OmniPath Architecture 200 (OPA200) products to customers, but it will continue to encourage customers, OEMs, and partners to use OPA100 in new designs. “We are continuing to sell, maintain, and support OPA100. We actually announced some new features for OPA100 back at International Supercomputing in June,” the spokesperson said via email.[ Learn who's developing quantum computers. ] Intel said it continues to invest in connectivity solutions for its customers and that the recent acquisition of Barefoot Networks is an example of Intel’s strategy of supporting end-to-end cloud networking and infrastructure. It would not say if Barefoot’s technology would be the replacement for OPA.To read this article in full, please click here

Intel pulls the plug on Omni-Path networking fabric architecture

Intel’s battle to gain ground in the high-performance computing (HPC) market isn’t going so well. The Omni-Path Architecture it had pinned its hopes on has been scrapped after one generation.An Intel spokesman confirmed to me that the company will no longer offer Intel OmniPath Architecture 200 (OPA200) products to customers, but it will continue to encourage customers, OEMs, and partners to use OPA100 in new designs. “We are continuing to sell, maintain, and support OPA100. We actually announced some new features for OPA100 back at International Supercomputing in June,” the spokesperson said via email.[ Learn who's developing quantum computers. ] Intel said it continues to invest in connectivity solutions for its customers and that the recent acquisition of Barefoot Networks is an example of Intel’s strategy of supporting end-to-end cloud networking and infrastructure. It would not say if Barefoot’s technology would be the replacement for OPA.To read this article in full, please click here

2019 Indigenous Connectivity Summit Training: Empowering Communities to Create Connections on Their Own Terms

Indigenous communities across North America are working to bridge the digital divide.

Each year the Indigenous Connectivity Summit (ICS) brings together community leaders, network operators, policymakers, and others to talk about new and emerging networks and the policies that impact them. During the two-day Summit, people from across the United States, Canada, and the rest of the world share best practices, challenges, and success stories – and learn how they can work together when they return home to solve connectivity challenges in Indigenous communities.

This year, we’ll be in Hilo, Hawaii from November 12-15.

But that’s not nearly enough time to cover everything, especially with close to 1,000 amazing participants (200 in-person and 700 online) ready to share their stories and create new connections.

So we’re trying something new. As we’ve done before, the ICS will still be split into two parts: a two-day training and a two-day event. But this year, participants can also attend a series of two distinct virtual training sessions before the event in Hawaii: Community Networks and Policy and Advocacy.

These sessions will allow participants to spend time over the course of several weeks getting in-depth information about two of the topics we spend Continue reading

Evolution of the internet: Celebrating 50 years since Arpanet

Arpanet carried its first message on October 29, 1969, laying the foundation for today’s networked world. Fifty years later, more than 4 billion people have internet access, and the number of devices connected to IP networks is more than double the global population. Here’s a look at some key milestones in the history of the internet and  projections for its future growth.Arpanet, precursor to the internet The name Arpanet came from the U.S. military arm that funded it, the Advanced Research Projects Agency. When Arpanet was created, it connected five sites: UCLA, Stanford, UC Santa Barbara, the University of Utah and BBN Technologies.To read this article in full, please click here

Network Break 246: Cloudflare Dumps 8chan; Cisco Settles Whistleblower Suit

This week's Network Break examines Cloudflare's decision to drop 8Chan, analyzes Cisco's settlement of a security-related whistleblower suit the company fought for eight years, discusses a new VMware/Google cloud partnership, reviews the latest financial news from tech vendors, and more.

The post Network Break 246: Cloudflare Dumps 8chan; Cisco Settles Whistleblower Suit appeared first on Packet Pushers.

The Week in Internet News: Capital One Breach Affects Over 100 Million

Millions and millions served: More than 100 million people were affected by a massive data breach at banking and credit card company Capital One, Krebs on Security says. The stolen data included about 140,000 U.S. Social Security numbers and approximately 80,000 bank account numbers, and about 1 million Social Insurance Numbers for Canadian credit card customers. A former software engineer has been arrested and accused of stealing the data. The breach is one of the 10 largest ever, USA Today says.

Here we go again: The so-called Five Eyes spy agencies are again calling on tech vendors to allow law enforcement agencies access to encrypted material, Reuters reports. Encryption should not come at the expense of the public’s safety, the five countries argued, even though many security experts say encryption backdoors will hurt public safety. Meanwhile, the U.S and U.K. are specifically targeting encryption in WhatsApp, Forbes says.

Expanded access: Cuba has brought Internet access to private homes and businesses, the New York Times reports. The Cuban government has put into effect a new set of regulations that seek to expand Internet access across the country. The regulations permit the creation of private wired and WiFi internet Continue reading

Is your enterprise software committing security malpractice?

Back when this blog was dedicated to all things Microsoft I routinely railed against the spying aspects of Windows 10. Well, apparently that’s nothing compared to what enterprise security, analytics, and hardware management tools are doing.An analytics firm called ExtraHop examined the networks of its customers and found that their security and analytic software was quietly uploading information to servers outside of the customer's network. The company issued a report and warning last week.ExtraHop deliberately chose not to name names in its four examples of enterprise security tools that were sending out data without warning the customer or user. A spokesperson for the company told me via email, “ExtraHop wants the focus of the report to be the trend, which we have observed on multiple occasions and find alarming. Focusing on a specific group would detract from the broader point that this important issue requires more attention from enterprises.”To read this article in full, please click here

Is your enterprise software committing security malpractice?

Back when this blog was dedicated to all things Microsoft I routinely railed against the spying aspects of Windows 10. Well, apparently that’s nothing compared to what enterprise security, analytics, and hardware management tools are doing.An analytics firm called ExtraHop examined the networks of its customers and found that their security and analytic software was quietly uploading information to servers outside of the customer's network. The company issued a report and warning last week.ExtraHop deliberately chose not to name names in its four examples of enterprise security tools that were sending out data without warning the customer or user. A spokesperson for the company told me via email, “ExtraHop wants the focus of the report to be the trend, which we have observed on multiple occasions and find alarming. Focusing on a specific group would detract from the broader point that this important issue requires more attention from enterprises.”To read this article in full, please click here

How to get the most out of network performance-management tools

(Editor’s note: Enterprise Management Associates took a look at how individual organizations use multiple network performance management (NPM) tools and how they try to integrate them to improve efficiency. In this article, EMA’s research director for network management Shamus McGillicuddy presents findings from “Network Performance Management for Today’s Digital Enterprise,” a recent survey of 250 network managers that suggests best practices for dealing with this issue.)The typical IT organization has three to six network performance management (NPM) tools installed today, and if they remain siloed, network operations will be fragmented and inefficient – a persistent challenge for network managers for many years.To read this article in full, please click here

Terminating Service for 8Chan

The mass shootings in El Paso, Texas and Dayton, Ohio are horrific tragedies. In the case of the El Paso shooting, the suspected terrorist gunman appears to have been inspired by the forum website known as 8chan. Based on evidence we've seen, it appears that he posted a screed to the site immediately before beginning his terrifying attack on the El Paso Walmart killing 20 people.

Unfortunately, this is not an isolated incident. Nearly the same thing happened on 8chan before the terror attack in Christchurch, New Zealand. The El Paso shooter specifically referenced the Christchurch incident and appears to have been inspired by the largely unmoderated discussions on 8chan which glorified the previous massacre. In a separate tragedy, the suspected killer in the Poway, California synagogue shooting also posted a hate-filled “open letter” on 8chan. 8chan has repeatedly proven itself to be a cesspool of hate.

8chan is among the more than 19 million Internet properties that use Cloudflare's service. We just sent notice that we are terminating 8chan as a customer effective at midnight tonight Pacific Time. The rationale is simple: they have proven themselves to be lawless and that lawlessness has caused multiple tragic deaths. Even if Continue reading

Securing devices for DEFCON

There's been much debate whether you should get burner devices for hacking conventions like DEF CON (phones or laptops). A better discussion would be to list those things you should do to secure yourself before going, just in case.

These are the things I worry about:
  • backup before you go
  • update before you go
  • correctly locking your devices with full disk encryption
  • correctly configuring WiFi
  • Bluetooth devices
  • Mobile phone vs. Stingrays
  • USB
Backup

Traveling means a higher chance of losing your device. In my review of crime statistics, theft seems less of a threat than whatever city you are coming from. My guess is that while thieves may want to target tourists, the police want to even more the target gangs of thieves, to protect the cash cow that is the tourist industry. But you are still more likely to accidentally leave a phone in a taxi or have your laptop crushed in the overhead bin. If you haven't recently backed up your device, now would be an extra useful time to do this.

Anything I want backed up on my laptop is already in Microsoft's OneDrive, so I don't pay attention to this. However, I have a Continue reading
1 1,168 1,169 1,170 1,171 1,172 3,832