Encryption Isn’t Perfect, That’s Why Choices Are Important

Encryption is a critical building block for online trust, but it’s never perfect. Any encryption you use is the product of many steps. Encryption methods have to be defined; protocols for implementation have to be specified; and then the protocols have to be implemented. Each step is handled by different people and potentially introduces vulnerabilities along the way. Even with the best lock design in the world, if someone builds the lock with variations in the design (either intentionally or accidentally), it might be easily picked.

When you own a broken lock, you have it fixed or use a different one – encryption is no different.

Yesterday (14 May 2018), the Internet security community was alerted to newly discovered vulnerabilities in the secure email ecosystem, dubbed “EFAIL”. EFAIL can make the content of emails encrypted with PGP and S/MIME readable to an attacker. While there are some fixes users and companies can make to mitigate EFAIL, cases like this underscore the importance of choice when it comes to secure communications.

How does the EFAIL attack work?

EFAIL abuses a combination of vulnerabilities in the OpenPGP and S/MIME specifications and the way that many email clients render remote content in Continue reading

BrandPost: Using “The 3 V’s of Automation” to Maximize Automation ROI

For traditional Communications Service Providers (CSPs), the barriers to applying automation are coming down faster than ever before due to the use of new technologies such as analytics and machine learning. So, what is different, and why is now the time to act?The three V’s of automationWithin most traditional Operations Support System (OSS) projects there is an established methodology for identifying the environments best suited for automation. People use different names for these network automation target areas, but I like to refer to them as The Three V’s. These are:WHITE PAPERTo read this article in full, please click here

Hitachi, HPE and IBM enhance their SSD-based storage products

When three major vendors all make similar product announcements, you know things are cooking in that space. In this case, Hitachi Vantara, HP Enterprise, and IBM all made news around SSD-based storage, much of it related to de-duplication and other ways to get control over data creep.With users generating gigabytes of data every week, the solution for many enterprises has been to throw storage at it. That can get expensive, especially with SSD. SSD averages about 40 cents per gigabyte, while HDD storage averages about 5 cents per gigabyte.To get control over data sprawl, storage vendors are offering de-duplication, or in the case of Hitachi Vantara, better de-duplication with their new systems. We’ll run down the news alphabetically.To read this article in full, please click here

When it comes to hyperconverged infrastructure, the hardware matters

At Nutanix's .NEXT user conference last week, the company certainly flexed its software muscles with a cornucopia of new products and a roadmap to becoming the next big enterprise platform vendor. To achieve this status, Nutanix has shifted to selling software and letting its customers run its stack on their preferred hardware platform.There is currently a wide range of hardware partners supporting Nutanix, including Lenovo, IBM, and HPE. However, the vendor that has done perhaps the best job at providing the widest range of options for Nutanix customers is Dell EMC.To read this article in full, please click here

When it comes to hyperconverged infrastructure, the hardware matters

At Nutanix's .NEXT user conference last week, the company certainly flexed its software muscles with a cornucopia of new products and a roadmap to becoming the next big enterprise platform vendor. To achieve this status, Nutanix has shifted to selling software and letting its customers run its stack on their preferred hardware platform.There is currently a wide range of hardware partners supporting Nutanix, including Lenovo, IBM, and HPE. However, the vendor that has done perhaps the best job at providing the widest range of options for Nutanix customers is Dell EMC.To read this article in full, please click here

Manually Installing Firefox 60 on Fedora 27

Mozilla recently released version 60 of Firefox, which contains a number of pretty important enhancements (as outlined here). However, the Fedora repositories don’t (yet) contain Firefox 60 (at least not for Fedora 27), so you can’t just do a dnf update to get the latest release. With that in mind, here are some instructions for manually installing Firefox 60 on Fedora 27.

These instructions assume you have a dnf-installed version of Firefox (typically Firefox 59) already installed on your Fedora system. These steps should allow you to upgrade your Fedora system to Firefox 60:

  1. Download the Firefox 60 archive (typically named firefox-60.0.tar.bz2 or similar) onto your Fedora system. You can do this with your already-installed version of Firefox, but be sure to close/quit Firefox before proceeding with the rest of the instructions.
  2. Make a copy of /usr/share/applications/firefox.desktop; you’ll use this later.
  3. Remove the version of Firefox installed from the Fedora repositories with dnf remove firefox. This will remove the firefox.desktop file you copied in the previous step (which is why you copied it somewhere else).

  4. Use bunzip2 to decompress the downloaded Firefox 60 archive. This will leave you with a plain . Continue reading

GPUs: Designed for gaming now crucial to HPC and AI

It’s rare to see a processor find great success outside of the area it was intended for, but that’s exactly what has happened to the graphics processing unit (GPU). A chip originally intended to speed up gaming graphics and nothing more now powers everything from Adobe Premier and databases to high-performance computing (HPC) and artificial intelligence (AI).GPUs are now offered in servers from every major OEM plus off-brand vendors like Supermicro, but they aren’t doing graphics acceleration. That’s because the GPU is in essence a giant math co-processor, now being used to perform computation-intensive work ranging from 3D simulations to medical imaging to financial modelingTo read this article in full, please click here

Will Huawei become a pawn in a high-stakes U.S.-China technology war?

The Justice Department investigation into Huawei recalls a similar probe into whether Shenzhen rival ZTE broke U.S. sanctions by exporting devices containing American components to Iran. ZTE was found guilty last year not only of breaking the sanctions, which resulted in an $892 million fine, but of breaking the settlement deal’s terms by failing to punish those involved.To read this article in full, please click here(Insider Story)

GPUs: Designed for gaming now crucial to HPC and AI

It’s rare to see a processor find great success outside of the area it was intended for, but that’s exactly what has happened to the graphics processing unit (GPU). A chip originally intended to speed up gaming graphics and nothing more now powers everything from Adobe Premier and databases to high-performance computing (HPC) and artificial intelligence (AI).GPUs are now offered in servers from every major OEM plus off-brand vendors like Supermicro, but they aren’t doing graphics acceleration. That’s because the GPU is in essence a giant math co-processor, now being used to perform computation-intensive work ranging from 3D simulations to medical imaging to financial modelingTo read this article in full, please click here

Will Huawei become a pawn in a high-stakes U.S.-China technology war?

The Justice Department investigation into Huawei recalls a similar probe into whether Shenzhen rival ZTE broke U.S. sanctions by exporting devices containing American components to Iran. ZTE was found guilty last year not only of breaking the sanctions, which resulted in an $892 million fine, but of breaking the settlement deal’s terms by failing to punish those involved.To read this article in full, please click here(Insider Story)

Will Huawei become a pawn in a high-stakes U.S.-China technology war?

The Justice Department investigation into Huawei recalls a similar probe into whether Shenzhen rival ZTE broke U.S. sanctions by exporting devices containing American components to Iran. ZTE was found guilty last year not only of breaking the sanctions, which resulted in an $892 million fine, but of breaking the settlement deal’s terms by failing to punish those involved.To read this article in full, please click here(Insider Story)

Is OSPF or IS-IS Good Enough for My Data Center?

Our good friend mr. Anonymous has too many buzzwords and opinions in his repertoire, at least based on this comment he left on my Using 4-byte AS Numbers with EVPN blog post:

But IGPs don't scale well (as you might have heard) except for RIFT and Openfabric. The others are trying to do ECMP based on BGP.

Should you be worried about OSPF or IS-IS scalability when building your data center fabric? Short answer: most probably not. Before diving into a lengthy explanation let's give our dear friend some homework.

Read more ...

Re-coding Black Mirror, Part II

We’ll be looking at a couple more papers from the re-coding Black Mirror workshop today:

(If you don’t have ACM Digital Library access, all of the papers in this workshop can be accessed either by following the links above directly from The Morning Paper blog site, or from the WWW 2018 proceedings page).

Pitfalls of affective computing

It’s possible to recognise emotions from a variety of signals including facial expressions, gestures and voices, using wearables or remote sensors, and so on.

In the current paper we envision a future in which such technologies perform with high accuracy and are widespread, so that people’s emotions can typically be seen by others.

Clearly, this could potentially reveal information people do not wish to reveal. Emotions can be leaked through facial micro-expressions and body language making concealment very difficult. It could also weaken social skills if it is believed that there is no need to speak or move to convey emotions. “White lies” might become impossible, removing a person’s responsibility to be compassionate. It could also lead to physical harm:

The ability Continue reading

Don’t Reply To Everything

I recently came across a simple idea that is having a positive impact on productivity. That idea is to not reply to everything. While this can be applied to social media broadly, I’m focused on email management here.

For me, not replying is more difficult than it sounds. I am a personality type that doesn’t like loose ends. I like to meet other’s expectations, and have them think cuddly, happy thoughts about what a swell person I am. I know that when I send an email, I hope to get a response. Therefore, when I receive an e-mail, my natural inclination is to respond.

Too cuddly?

Now, I don’t feel I overly waste time on replying to email. I’ve improved my response technique over the years. I bring an e-mail thread to a conclusion as rapidly as possible by anticipating and proactively answering questions. That’s more time-consuming than a quick, lazy “back to you” response, but saves time in the long run.

However, an advance on the proactive reply is never replying at all. Not responding is the ultimate way to bring an email thread to a conclusion.

You’re So Rude

On the surface, ignoring inbox messages seems rude. However, Continue reading

1 1,597 1,598 1,599 1,600 1,601 3,832