CORALS: who are my potential new customers? Tapping into the wisdom of customers’ decisions

CORALS: who are my potential new customers? Tapping into the wisdom of customers’ decisions Li et al., WSDM’19

The authors of this paper won round 9 of the Yelp dataset challenge for their work. The goal is to find new target customers for local businesses by mining location-based checkins of users, user preferences, and online reviews.

Location-based social networks attract millions of users to share their social friendship and their locations via check-ins. For example, an average of 142 million users check in at local businesses via Yelp every month. Foursquare and 55 million monthly active users and 8 million daily check-ins on the Swarm application. Facebook Local, powered by 70 million businesses, facilitates the discovery of local events and places for over one billion active daily users.

(And of course these are just the explicit check-ins, location tracking has proved tempting to many businesses without requiring explicit user checkin actions. For example: Facebook is tracking your phone’s location… , Google’s location history is still recording your every move…, Google tracks your movements, like it or not, …).

Check-ins give us a location history. Preference for a given business will be influenced by the proximity of that Continue reading

Developing good BGP neighbour relationships @ APRICOT 2019

Routing Security is featuring heavily on the APRICOT 2019 programme, which is being held on 23-28 February 2019 in Daejeon, South Korea. This helps build on the MANRS initiative being supported by the Internet Society,

On Wednesday, 27 February (09.30-13.00 UTC+9) there will be a Routing Security session that will discuss the latest problems, developments, and how routing security measures can be implemented. Speakers include Job Snijders (NTT) who’ll be discussing changes to BGP in the coming 18 months; Töma Gavrichenkov (Qrator Labs) on how BGP hijacks can be used to compromise the digital certificates used to secure online transactions; and from Anurag Bhatia (Hurricane Electric) who’ll analyse the top misused ASNs.

During the second part of the session, Tashi Puntsho (APNIC) will cover the practical issues and implications of deploying your own RPKI Certificate Authority; Tim Bruijnzeels (NLnet Labs) will discuss the use of route servers at Internet Exchange Points; whilst Ed Lewis (ICANN) will discuss the issues with using the RIR Whois databases.

Following on from this, our colleague Andrei Robachevsky will be raising awareness of the MANRS Initiative during the FIRST Technical Colloquium (16.30-18.00 UTC+9).

FIRST is the global organisation of Computer Security Continue reading

How to identify shell builtins, aliases and executable files on Linux systems

Shell builtins are commands that are loaded into memory when a shell — such as bash, sh, or zsh — is invoked. The reason for this is that keeping these commands in memory helps ensure that these commands will be run very efficiently whenever someone uses them. They run faster because they don't have to first be loaded into memory. They're "built in."Determining whether commands that you use are builtins, aliases, or executable files on your system that are loaded as needed requires the use of several interesting commands. These include type, which, and compgen. So, let's take a look at how these commands work and what they can tell us.To read this article in full, please click here

How to identify shell builtins, aliases and executable files on Linux systems

Shell builtins are commands that are loaded into memory when a shell — such as bash, sh, or zsh — is invoked. The reason for this is that keeping these commands in memory helps ensure that these commands will be run very efficiently whenever someone uses them. They run faster because they don't have to first be loaded into memory. They're "built in."Determining whether commands that you use are builtins, aliases, or executable files on your system that are loaded as needed requires the use of several interesting commands. These include type, which, and compgen. So, let's take a look at how these commands work and what they can tell us.To read this article in full, please click here

BGP: What is it, how can it break, and can Linux BGP fix it?

Border Gateway Protocol (BGP) is one of the most important protocols on the internet. At the same time, when it breaks, it is one of the most potentially catastrophic.

As the internet grows ever larger and becomes ever more complex, having a well-configured BGP is crucial to keeping everything running smoothly. Unfortunately, when a BGP is not configured correctly, there can be disastrous consequences.

This blog will provide a brief explanation of what BGP is, and then dive into some of the common protocol issues and pitfalls. We cannot go too deep into the intricacies of BGP – those can (and do) fill entire books. However, we can provide an overview of how Linux (which has a standardized BGP protocol set and in-depth monitoring, analysis, and control tools) can be used to alleviate some of these common issues.

What is BGP?

BGP is a routing protocol that relies on TCP, designed for providing routing information in and between autonomous systems (ASes). In large networks, BGP is responsible for informing all hosts that need to know of the ways a packet can travel from site A to site B – and, if a site or router goes down, how to reroute the packet so Continue reading

Cisco warns on HyperFlex security vulnerabilities

Cisco this week identified two “High” security vulnerabilities in its HyperFlex data-center package that could let attackers gain control of the system.  HyperFlex is Cisco’s hyperconverged infrastructure that offers computing, networking and storage resources in a single system. More about edge networking How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The more critical of the two warnings – an 8.8 on Cisco’s severity scale of 1-10 – is a command-injection vulnerability in the cluster service manager of Cisco HyperFlex Software that could let an unauthenticated, attacker execute commands as the root user.To read this article in full, please click here

Cisco warns on HyperFlex security vulnerabilities

Cisco this week identified two “High” security vulnerabilities in its HyperFlex data-center package that could let attackers gain control of the system.  HyperFlex is Cisco’s hyperconverged infrastructure that offers computing, networking and storage resources in a single system. More about edge networking How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The more critical of the two warnings – an 8.8 on Cisco’s severity scale of 1-10 – is a command-injection vulnerability in the cluster service manager of Cisco HyperFlex Software that could let an unauthenticated, attacker execute commands as the root user.To read this article in full, please click here

Cisco warns on HyperFlex security vulnerabilities

Cisco this week identified two “High” security vulnerabilities in its HyperFlex data-center package that could let attackers gain control of the system.  HyperFlex is Cisco’s hyperconverged infrastructure that offers computing, networking and storage resources in a single system. More about edge networking How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The more critical of the two warnings – an 8.8 on Cisco’s severity scale of 1-10 – is a command-injection vulnerability in the cluster service manager of Cisco HyperFlex Software that could let an unauthenticated, attacker execute commands as the root user.To read this article in full, please click here

Cisco warns on HyperFlex security vulnerabilities

Cisco this week identified two “High” security vulnerabilities in its HyperFlex data-center package that could let attackers gain control of the system.  HyperFlex is Cisco’s hyperconverged infrastructure that offers computing, networking and storage resources in a single system. More about edge networking How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The more critical of the two warnings – an 8.8 on Cisco’s severity scale of 1-10 – is a command-injection vulnerability in the cluster service manager of Cisco HyperFlex Software that could let an unauthenticated, attacker execute commands as the root user.To read this article in full, please click here

Cisco warns on HyperFlex security vulnerabilities

Cisco this week identified two “High” security vulnerabilities in its HyperFlex data-center package that could let attackers gain control of the system.  HyperFlex is Cisco’s hyperconverged infrastructure that offers computing, networking and storage resources in a single system. More about edge networking How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The more critical of the two warnings – an 8.8 on Cisco’s severity scale of 1-10 – is a command-injection vulnerability in the cluster service manager of Cisco HyperFlex Software that could let an unauthenticated, attacker execute commands as the root user.To read this article in full, please click here

Cisco warns on HyperFlex security vulnerabilities

Cisco this week identified two “High” security vulnerabilities in its HyperFlex data-center package that could let attackers gain control of the system.  HyperFlex is Cisco’s hyperconverged infrastructure that offers computing, networking and storage resources in a single system. More about edge networking How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The more critical of the two warnings – an 8.8 on Cisco’s severity scale of 1-10 – is a command-injection vulnerability in the cluster service manager of Cisco HyperFlex Software that could let an unauthenticated, attacker execute commands as the root user.To read this article in full, please click here

1 1,300 1,301 1,302 1,303 1,304 3,836