0

39% off American Red Cross Blackout Buddy Emergency Nightlight – Deal Alert

Just leave the slim and trim Blackout Buddy in your wall socket and you’ll never be in the dark. It automatically turns on when the power goes out so that you can easily locate it. Then, fold away the prongs and you've got yourself a flashlight. A very bright idea from the American Red Cross. Flip a switch and the Blackout Buddy also doubles as an LED nightlight, so you can keep your kids' rooms, hallways, or kitchen always illuminated. The Blackout Buddy keeps itself charged and provides up to 4 hours of light when needed. It averages 4.5 out of 5 stars from over 1,800 people on Amazon (read reviews). Its typical list price of $14.64 has been reduced 39% to just $8.98.To read this article in full, please click here

0

34% off TurboTax Deluxe 2017 Tax Software, Federal & State – Deal Alert

TurboTax coaches you every step of the way and double checks your return as you go to handle even the toughest tax situations, so you can be confident you’re getting every dollar you deserve. Its typical list price of $59.99 has been reduced a generous 34% to $39.86 in a deal that is exclusive to Amazon. Also exclusive to this Amazon deal, receive a free 1-year subscription to Quicken Starter Edition 2018. Learn more, or take advantage of the deal now, on Amazon.To read this article in full, please click here

0

Intel’s processor flaw is a virtualization nightmare

2018 is off to a very bad start for Intel after the disclosure of a flaw deep in the design of its processors, dubbed Meltdown. And while the company has publicly said the issue won’t affect consumers, they aren’t the ones who need to be worried.The issue is found in how Intel processors work with page tables for handling virtual memory. It is believed that an exploit would be able to observe the content of privileged memory by exploiting a technique called speculative execution.Speculative execution exploit Speculative execution is a part of a methodology called out-of-order execution (OOE), where basically the CPU makes an educated guess on what will happen next based on the data it has. It’s designed to speed up the CPU rather than burn up CPU cycles working its way through a process. It’s all meant to make the CPU as efficient as possible.To read this article in full, please click here

0

Intel’s processor flaw is a virtualization nightmare

2018 is off to a very bad start for Intel after the disclosure of a flaw deep in the design of its processors. And while the company has publicly said the issue won’t affect consumers, they aren’t the ones who need to be worried.The issue is found in how Intel processors work with page tables for handling virtual memory. It is believed that an exploit would be able to observe the content of privileged memory by exploiting a technique called speculative execution.Speculative execution exploit Speculative execution is a part of a methodology called out-of-order execution (OOE), where basically the CPU makes an educated guess on what will happen next based on the data it has. It’s designed to speed up the CPU rather than burn up CPU cycles working its way through a process. It’s all meant to make the CPU as efficient as possible.To read this article in full, please click here

0

Meltdown and Spectre

0

25% off SanDisk 256GB iXpand Base for iPhone charging and backup – Deal Alert

Here's something you probably didn't know existed. With SanDisk's iXpand iPhone base, you'll never have to worry about losing your memories again. Every time you charge your iPhone with the iXpand Base, it automatically backs up your photos, videos and contacts. The iXpand Base offers plenty of room to save your files in their original quality with no worry about recurring monthly fees for Internet-based storage. Designed for everyday use with a soft rubber top, a sturdy base, and a wrap-around groove to keep your Apple Lightning to USB cable tidy. Its typical list price has been discounted $50, for now, to $149.99. See this deal on Amazon.To read this article in full, please click here

0

IoT: A vulnerable asset but also a recovery tool in disasters

If you think the proliferation of mobile devices changed the concept of the network edge, get ready for the emerging Internet of Things (IoT), where a network-connected sensor could be located on top of a mountain, in a corn field or even in the ocean.So, how does an enterprise incorporate IoT into its disaster recovery plan? In one sense, IoT creates a unique challenge because it is far-flung and vulnerable. But it can also become part of a DR solution, helping to protect the business in the event of a disaster, according to experts.+Also on Network World: REVIEW: 4 top disaster-recovery platforms compared; Review: Microsoft Azure IoT Suite+To read this article in full, please click here

0

A Networking To-Do List for 2018

0

32% off Kidde Carbon Monoxide Alarm with Display and 10 Year Battery – Deal Alert

Carbon Monoxide is odorless, tasteless and invisible, and it accounts for over 72,000 cases of poisoning each year. Kidde calls their C3010D model "worry free" because its sensor and sealed battery provide 10 years of uninterrupted CO detection, and a digital display that updates every 15 seconds. The unit will chirp when its reaching the ends of its life, so you don't have to wonder. The Kidde C3010D alarm is currently discounted 32% to $34.91. See this deal now on Amazon.To read this article in full, please click here

0

32% off Kidde Carbon Monoxide Alarm with Display and 10 Year Battery – Deal Alert

Carbon Monoxide is odorless, tasteless and invisible, and it accounts for over 72,000 cases of poisoning each year. Kidde calls their C3010D model "worry free" because its sensor and sealed battery provide 10 years of uninterrupted CO detection, and a digital display that updates every 15 seconds. The unit will chirp when its reaching the ends of its life, so you don't have to wonder. The Kidde C3010D alarm is currently discounted 32% to $34.91. See this deal now on Amazon.To read this article in full, please click here

0

Nmap Tutorial: Common Commands

0

Some notes on Meltdown/Spectre

I thought I'd write up some notes.

You don't have to worry if you patch. If you download the latest update from Microsoft, Apple, or Linux, then the problem is fixed for you and you don't have to worry. If you aren't up to date, then there's a lot of other nasties out there you should probably also be worrying about. I mention this because while this bug is big in the news, it's probably not news the average consumer needs to concern themselves with.

This will force a redesign of CPUs and operating systems. While not a big news item for consumers, it's huge in the geek world. We'll need to redesign operating systems and how CPUs are made.

Don't worry about the performance hit. Some, especially avid gamers, are concerned about the claims of "30%" performance reduction when applying the patch. That's only in some rare cases, so you shouldn't worry too much about it. As far as I can tell, 3D games aren't likely to see less than 1% performance degradation. If you imagine your game is suddenly slower after the patch, then something else broke it.

This wasn't foreseeable. A common cliche is that such bugs Continue reading

0

AT&T Plans to Launch Mobile 5G in 12 Markets This Year

The race is on to be the first U.S. operator to launch 5G.

0

Why Meltdown exists

So I thought I'd answer this question. I'm not a "chipmaker", but I've been optimizing low-level assembly x86 assembly language for a couple of decades.

I’d love a blogpost written from the perspective of a chipmaker - Why this issue exists. I’d never question their competency, but it seems like a violation of expectations in hindsight. Based on my very limited understanding of these issues.

— SwiftOnSecurity (@SwiftOnSecurity) January 4, 2018

0

Let’s see if I’ve got Metldown right

I thought I'd write down the proof-of-concept to see if I got it right.

So the Meltdown paper lists the following steps:

 ; flush cache
 ; rcx = kernel address
 ; rbx = probe array
 retry:
 mov al, byte [rcx]
 shl rax, 0xc
 jz retry
 mov rbx, qword [rbx + rax]
 ; measure which of 256 cachelines were accessed

So the first step is to flush the cache, so that none of the 256 possible cache lines in our "probe array" are in the cache. There are many ways this can be done.

Now pick a byte of secret kernel memory to read. Presumably, we'll just read all of memory, one byte at a time. The address of this byte is in rcx.

Now execute the instruction:
    mov al, byte [rcx]
This line of code will crash (raise an exception). That's because [rcx] points to secret kernel memory which we don't have permission to read. The value of the real al (the low-order byte of rax) will never actually change.

But fear not! Intel is massively out-of-order. That means before the exception happens, it will provisionally and partially execute the following instructions. While Intel has only 16 Continue reading

0

Fortinet FortiGate-VMX and NSX use cases

NSX is an extensible platform; other vendors security solutions can be added to it by means of the Northbound REST API, and two private APIs: NETX for network introspection, and EPSEC for guest introspection. Fortinet’s FortiGate-VMX solution uses the NSX NETX API to provide advanced layer 4-7 services via service insertion, also called service chaining.  This enables... Read more →

0

Fortinet FortiGate-VMX and NSX use cases

NSX is an extensible platform; other vendors security solutions can be added to it by means of the Northbound REST API, and two private APIs: NETX for network introspection, and EPSEC for guest introspection.

Fortinet’s FortiGate-VMX solution uses the NSX NETX API to provide advanced layer 4-7 services via service insertion, also called service chaining.  This enables the additional inspection of VM traffic prior to that traffic reaching the vSwitch.  This enhances micro-segmentation where there is need for greater application recognition, anti-malware, and other Next Generation Firewall features.  The scale-out nature of NSX is maintained as NSX handles the instantiation of FortiGate service VMs on the hosts within the deployed cluster retaining its operational advantages, if the cluster grows additional FortiGate-VMX service machines will be created as needed.

 

 

One of the primary advantages to FortiGate-VMX is the availability of VDOMs for multi-tenancy in a service provider or enterprise environment – this enables segmenting traffic by organization, business group, or other construct in addition to application.  The segregation includes the administration, VDOMs are managed independently of one another, this can also be used to split the different security functions such as anti-virus, IPS, and application control into isolated units or only Continue reading

0

VMware AppDefense & CB Defense Demo

As you may have heard, VMware and Carbon Black have come together to deliver best-in-class security architected for today’s data centers.

In this demo, you’ll see an example of how CB Defense and VMware AppDefense combine to enforce known good application behavior and detect threats using industry leading detection and response technology.

For this demo, we’ll show how an advanced security breach can come in under the guise of an innocuous application (Powershell) and often go undetected.  We’ll walk through the steps that security teams can now take to respond and address the attack all in one application.

 

The post VMware AppDefense & CB Defense Demo appeared first on Network Virtualization.

0

Its time for Network Field Day 17

My privilege to review whats coming up 24th Jan

0

Twistlock Ties Container and Serverless Security Into a Single Platform

Company notes complexity remains the enemy of security.