Minimizing Risk: How to Be Secure on Twitter and Other Social Networks

Last week’s news that the passwords of every Twitter user around the world had been exposed in plain text is a stark reminder of the sometimes-fragile nature of security in the online places we trust with our personal information.

In this latest example, Twitter says it was a technical error that led to the exposure of the passwords of the social network’s 330 million users. Twitter also says it’s fixed the bug and has no evidence that anyone’s accounts have been breached or misused.

While the error led to exposure only within Twitter’s internal systems, the social network has urged everyone to change their passwords anyway.

“Out of an abundance of caution, we ask that you consider changing your password on all services where you’ve used this password. You can change your Twitter password anytime by going to the password settings page.”

It’s sound advice, and it’s a step we have taken at the Internet Society with our own social media channels.

Yet, you may wonder what the point is in changing your password if a mistake like this can happen. If it happened once, surely it can happen again.

Yes, it could, there’s no doubt. We have compelling Continue reading

Nvidia Hitting On All GPU Cylinders

Even if Nvidia had not pursued a GPU compute strategy in the datacenter a decade and a half ago, the company would have turned in one of the best periods in its history as the first quarter of fiscal 2019 came to a close on April 29.

As it turns out, though, the company has a fast-growing HPC, AI, and cryptocurrency compute business that runs alongside of its core gaming GPU, visualization, and professional graphics businesses, and Nvidia is booming. That is a six cylinder engine of commerce, unless you break AI into training and inference (which is sensible), and

Nvidia Hitting On All GPU Cylinders was written by Timothy Prickett Morgan at The Next Platform.

Dustin’s Internet Community Roadtrip: In Portland, Recognizing the Role of Women in Tech

Dustin Phillips, Co-Executive Director of ICANNWiki, is traveling across the United States in his red Toyota Corolla, making connections with the people who are making their communities – and the Internet – a better place. First stop: Portland, Oregon, where attended the ICANNWiki’s Girls in ICT Day Edit-a-thon and met up with Hack Oregon.

On the first day of the Internet Community Roadtrip, I headed down to Portland for ICANNWiki’s Girls in ICT Day Edit-a-thon. Making this my first stop was particularly special for me, because it is where I was introduced to the world of Internet governance three years ago. In my time at ICANNNWiki, I’ve experienced the important role that collaborative resources and tools play in the bottom-up, community-driven processes that keep the Internet free and global. At ICANNWiki, we focus on providing capacity-development, an informative resource and a sense of community. We build community by capturing and promoting the work that is being done, in order to provide well-deserved recognition and increase awareness for what is happening in the Internet governance ecosystem.

The stop in Portland focused on increasing the recognition for the role of women in the Internet’s history as planned, but also included Continue reading

Nutanix looks to turn its hyperconverged infrastructure (HCI) products into a platform

Every big vendor has had to start small and then grow into a major platform. Nutanix is no exception. And this week at its .NEXT user conference, the hyperconverged infrastructure (HCI) provider outlined a plan to move from being a niche vendor that makes VDI work better to becoming the next big enterprise platform vendor.In a recent interview, Nutanix CEO Dheeraj Pandey talked about the building blocks of becoming a major enterprise vendor. Nutanix started off with an integrated hardware/software appliance to deliver its HCI solution. Pandey referred to this as their “iPhone,” meaning it was a fully integrated and turnkey product where Nutanix owns the entire experience.To read this article in full, please click here

Nutanix looks to turn its hyperconverged infrastructure (HCI) products into a platform

Every big vendor has had to start small and then grow into a major platform. Nutanix is no exception. And this week at its .NEXT user conference, the hyperconverged infrastructure (HCI) provider outlined a plan to move from being a niche vendor that makes VDI work better to becoming the next big enterprise platform vendor.In a recent interview, Nutanix CEO Dheeraj Pandey talked about the building blocks of becoming a major enterprise vendor. Nutanix started off with an integrated hardware/software appliance to deliver its HCI solution. Pandey referred to this as their “iPhone,” meaning it was a fully integrated and turnkey product where Nutanix owns the entire experience.To read this article in full, please click here

Nutanix looks to turn its products into a platform — and attract CIOs

Every big vendor has had to start small and then grow into a major platform. Nutanix is no exception. And this week at its .NEXT user conference, the hyperconverged infrastructure (HCI) provider outlined a plan to move from being a niche vendor that makes VDI work better to becoming the next big enterprise platform vendor.In a recent interview, Nutanix CEO Dheeraj Pandey talked about the building blocks of becoming a major enterprise vendor. Nutanix started off with an integrated hardware/software appliance to deliver its HCI solution. Pandey referred to this as their “iPhone,” meaning it was a fully integrated and turnkey product where Nutanix owns the entire experience.To read this article in full, please click here

Nutanix looks to turn its products into a platform — and attract CIOs

Every big vendor has had to start small and then grow into a major platform. Nutanix is no exception. And this week at its .NEXT user conference, the hyperconverged infrastructure (HCI) provider outlined a plan to move from being a niche vendor that makes VDI work better to becoming the next big enterprise platform vendor.In a recent interview, Nutanix CEO Dheeraj Pandey talked about the building blocks of becoming a major enterprise vendor. Nutanix started off with an integrated hardware/software appliance to deliver its HCI solution. Pandey referred to this as their “iPhone,” meaning it was a fully integrated and turnkey product where Nutanix owns the entire experience.To read this article in full, please click here

Solving challenges with Linux networking, programmable pipelines and tunnels

Exciting advances in modern data center networking

Many moons ago, Cumulus Networks set out to further the cause of open networking. The premise was simple: make networking operate like servers. To do that, we needed to develop an operating system platform, create a vibrant marketplace of compatible and compliant hardware and get a minimum set of features implemented in a robust way.

Today, these types of problems are largely behind us, and the problem set has moved in the right direction towards innovation and providing elegant solutions to the problems around scale, mobility and agility. Simply put, if “Linux is in the entire rack,” then it follows that the applications and services deployed via these racks should be able to move to any rack and be deployed for maximum overall efficiency.

The formula for this ephemeral agility then is based on two constructs.

  1. If the application can deploy anywhere, the policies governing the application’s ability to interact with the world need to be enforceable anywhere and on any rack in the entire data center.
  2. It should be possible to place an application on any rack and all the connectivity it needs should be available without needing any physical changes in Continue reading

Technology Short Take 99

Welcome to Technology Short Take 99! What follows below is a collection of various links and articles about (mostly) data center-related technologies. Hopefully something I’ve included will be useful. Here goes!

Networking

  • David Gee makes the connection between coffee and network automation. No, really. It’s worth reading.
  • Matt Oswalt, one of the co-authors of our recently-released network automation book from O’Reilly, recently tackled the topic of running Kubernetes with Tungsten Fabric (formerly known as OpenContrail). A network engineer using AWS and CloudFormation? Yep, get used to it folks—it’s where the industry is headed.
  • Vince Power provides a high-level overview of some of the key principles underlying Kubernetes networking.

Servers/Hardware

Sorry, I don’t have anything for you. Feel free to send me links you’d like me to consider for inclusion in the next Tech Short Take!

Security

10 competitors Cisco just can’t kill off

10 competitors Cisco just can't kill offImage by IDG / jesadaphorn, Getty ImagesCreating a short list of key Cisco competitors is no easy task as the company now competes in multiple markets.  In this case we tried to pick companies that have been around awhile or firms that have developed key technologies that directly impacted the networking giant. Cisco is now pushing heavily into software and security, a move that will open it up to myriad new competitors as well. Take a look.To read this article in full, please click here

10 competitors Cisco just can’t kill off

10 competitors Cisco just can't kill offImage by IDG / jesadaphorn, Getty ImagesCreating a short list of key Cisco competitors is no easy task as the company now competes in multiple markets.  In this case we tried to pick companies that have been around awhile or firms that have developed key technologies that directly impacted the networking giant. Cisco is now pushing heavily into software and security, a move that will open it up to myriad new competitors as well. Take a look.To read this article in full, please click here

10 competitors Cisco just can’t kill off

10 competitors Cisco just can't kill offImage by IDG / jesadaphorn, Getty ImagesCreating a short list of key Cisco competitors is no easy task as the company now competes in multiple markets.  In this case we tried to pick companies that have been around awhile or firms that have developed key technologies that directly impacted the networking giant. Cisco is now pushing heavily into software and security, a move that will open it up to myriad new competitors as well. Take a look.To read this article in full, please click here

10 competitors Cisco just can’t kill off

10 competitors Cisco just can't kill offImage by IDG / jesadaphorn, Getty ImagesCreating a short list of key Cisco competitors is no easy task as the company now competes in multiple markets.  In this case we tried to pick companies that have been around awhile or firms that have developed key technologies that directly impacted the networking giant. Cisco is now pushing heavily into software and security, a move that will open it up to myriad new competitors as well. Take a look.To read this article in full, please click here

RIPE 76 dans le Midi

The RIPE 76 meeting starts next week in Marseille, which surprisingly is only the second RIPE meeting to have ever been held in France. RIPEs are always a key event for the Internet Society, with one of our colleagues, Jan Žorž, being a member of the RIPE Programme Committee, and another, Salam Yamout, being a member of the RIPE NCC Board. Andrei Robachevsky will be presenting during the Connect Working Group, and I’ll be there reporting on the highlights of the meeting, as well as staffing the MANRS stand on Thursday, so please come and say hello!

The Internet Society is also sponsoring the new RIPE on-site childcare service, whilst on Thursday we’ll be raising awareness of the MANRS initiative by organising a lunch for MANRS advocates, as well as having a stand in the exhibition area with goodies such as MANRS t-shirts and stickers.

The RIPE meeting is back to its usual Monday morning start after Dubai, and there’s three tutorials to choose from on Event-driven Network Automation and Orchestration using Salt (Mircea Ulinic), SRv6 Network Programming (Pablo Camarillo Garvia, Cisco), or IPv6 Security (Alvaro Vives, RIPE NCC).

The opening plenary commences at 14.00 CEST/UTC+2, and after the Continue reading

Video: Use Network Device REST API with PowerShell

More and more network devices support REST API as the configuration method. While it’s not as convenient as having a dedicated cmdlet, it’s possible to call REST API methods (and configure or monitor network devices) directly from a PowerShell script, as Mitja Robas demonstrated during the PowerShell for Networking Engineers webinar.

Watch the video

You’ll need at least free ipSpace.net subscription to watch the video.

Inaudible voice commands: the long-range attack and defense

Inaudible voice commands: the long-range attack and defense Roy et al., NSDI’18

Although you can’t hear them, I’m sure you heard about the inaudible ultrasound attacks on always-on voice-based systems such as Amazon Echo, Google Home, and Siri. This short video shows a ‘DolphinAttack’ in action:

To remain inaudible, the attack only works from close range (about 5ft). And it can work at up to about 10ft when partially audible. Things would get a whole lot more interesting if we could conduct inaudible attacks over a longer range. For example, getting all phones in a crowded area to start dialling your premium number, or targeting every device in an open plan office, or parking your car on the road and controlling all voice-enabled devices in the area. “Alexa, open my garage door…”. In today’s paper, Roy et al. show us how to significantly extend the range of inaudible voice command attacks. Their experiments are limited by the power of their amplifier, but succeed at up to 25ft (7.6m). Fortunately, the authors also demonstrate how we can construct software-only defences against the attacks.

We test our attack prototype with 984 commands to Amazon Echo and 200 commands to smartphones Continue reading

PQ 149: WPA3 And Wireless Security Improvements

In January 2018, the WiFi Alliance announced that WPA3 was coming this year, a collection of security enhancements to address issues with WPA2.

Today, we discuss WPA3 with Dan Harkins, a scientist at Aruba Networks, a Hewlett Packard Enterprise company. Dan has been closely involved with WPA3 s development, and I heard Dan present on his work at Aruba Atmosphere 2018 in March of this year.

Dan was kind enough to join us today for a preview of what s coming, with a special focus on one aspect of WPA3 that interests me personally, Opportunistic Wireless Encryption (OWE).

We also discuss the fixes that WPA3 makes to WPA2, and when we can anticipate product support.

Sponsor: Paessler AG

Paessler AG is the maker of PRTG Network Monitor. PRTG monitors your whole IT infrastructure 24/7 and alerts you to problems before users even notice. Find out more about the monitoring software that helps system administrators work smarter, faster, better. Visit paessler.com today.

Show Links:

Wi-Fi Alliance® introduces security enhancements – Wi-Fi Alliance

Opportunistic Wireless Encryption (RFC 8110) – IETF

Dragonfly Key Exchange (RFC 7664) – IETF

The post PQ 149: WPA3 And Wireless Security Improvements appeared first on Packet Pushers.

1 1,609 1,610 1,611 1,612 1,613 3,841