People can’t read (Equifax edition)

One of these days I'm going to write a guide for journalists reporting on the cyber. One of the items I'd stress is that they often fail to read the text of what is being said, but instead read some sort of subtext that wasn't explicitly said. This is valid sometimes -- as the subtext is what the writer intended all along, even if they didn't explicitly write it. Other times, though the imagined subtext is not what the writer intended at all.


A good example is the recent Equifax breach. The original statement says:
Equifax Inc. (NYSE: EFX) today announced a cybersecurity incident potentially impacting approximately 143 million U.S. consumers.
The word consumers was widely translated to customers, as in this Bloomberg story:
Equifax Inc. said its systems were struck by a cyberattack that may have affected about 143 million U.S. customers of the credit reporting agency
But these aren't the same thing. Equifax is a credit rating agency, keeping data on people who are not its own customers. It's an important difference.


Another good example is yesterday's quote "confirming" that Equifax is confirming the "Apache Struts" vulnerability was to blame:
Equifax has been intensely Continue reading

Stuff The Internet Says On Scalability For September 15th, 2017

Hey, it's HighScalability time: 

 

Earth received Cassini’s final signal at 7:55am ET. Let's bid a fond farewell. After a 13-year tour of duty, job well done!

 

If you like this sort of Stuff then please support me on Patreon.

 

  • 12.9 million: DynamoDB requests per second on Prime Day; 4 billion: transistors on Apple's A11 Bionic chip; 4x: extreme weather events since 1970; 51: qubit device; 50%: Messenger.com converted to Reason56.6 million: US cord cutters; 5000: bikes abandoned at Burning Man; 500 million: yearly visitors to Apple stores; 30 min: time to send one HD color image from Mars to Earth; 

  • Quoteable Quotes:
    • @randyshoup: Interesting idea of a *Negative* MTTR by @adrianco: notice something is going to fail and proactively fix it before it breaks!
    • @rob_pike: "The Equifax executives who let my data be stolen will probably suffer fewer consequences than I will for an overdue library book." @nytimes
    • @avantgame: on weaponized social media: "We’re in an information war with Russia. It’s time we started acting like it."
    • Jamie Dimon: It's [Bitcoin] worse than tulip bulbs. It won't end well. Someone is going Continue reading

New BlueBorne Vulnerability to Bluetooth Devices – What happened and what to do about it

Billions of Bluetooth-enabled devices may be exposed to a new remote attack called “BlueBorne”, even without user interaction or pairing. Affected systems include Windows, iOS (older than iOS 10), the Linux kernel, and Android. What should you do about it?

Bluetooth is ubiquitous, commonly connecting accessories like headsets and keyboards, but is also used throughout the brave new Internet of Things (IoT) world. An attacker exploiting these BlueBorne vulnerabilities can mount a man-in-the-middle attack, or even take control of a device without the user even noticing it.

The vulnerabilities were discovered by a security company called Armis earlier this year. Researchers reached out to the companies responsible for vulnerable implementations that lead to the coordinated disclosure (and patches) on September 12. (You can read more about our views on responsible disclosure and collaborative security in Olaf Kolkman’s blog post here.)

This case once again highlights how crucial it is that software update mechanisms are available to fix vulnerabilities, update configuration settings, and add new functionality to devices. There are challenges, both technological and economic, in having update capabilities ubiquitously deployed, as discussed in the recently published Report from the Internet of Things Software Update (IoTSU) Workshop 2016.

Vulnerabilities Continue reading

Worth Reading: Hunting AdwindRAT

An increasing number of malware families employ SSL/TLS encryption in order to evade detection by Network Intrusion Detection Systems (NIDS). In this blog post I’m gonna have a look at Adwind, which is a cross-platform Remote Access Trojan (RAT) that has been using SSL to conceal it’s traffic for several years. AdwindRAT typically connects SSL sessions to seemingly random TCP ports on the C2 servers. Hence, a heuristic that could potentially be used to hunt for Adwind RAT malware is to look for SSL traffic going to TCP ports that normally don’t use SSL. However, relying on ONLY that heuristic would generate way too many false positives. —Erik Hjelmvik @ Netrecsec

The post Worth Reading: Hunting AdwindRAT appeared first on rule 11 reader.

Penny Pinching With Open Source

You might have seen this Register article this week which summarized a Future:Net talk from Peyton Koran. In the article and the talk, Peyton talks about how the network vendor and reseller market has trapped organizations into a needless cycle of bad hardware and buggy software. He suggests that organizations should focus on their new “core competency” of software development and run whitebox or merchant hardware on top of open source networking stacks. He says that developers can use code that has a lot of community contributions and shares useful functionality. It’s a high and mighty goal. However, I think the open source part of the equation is going to cause some issues.

A Penny For Your Thoughts

The idea behind open source isn’t that hard to comprehend. Everything available to see and build. Anyone can contribute and give back to the project and make the world a better place. At least, that’s the theory. Reality is sometimes a bit different.

Many times, I’ve had off-the-record conversations with organizations that are consuming open source resources and projects as a starting point for building something that will end up containing many proprietary resources. When I ask them about contributing back to Continue reading

LAG vs. ECMP discussion on real network deployments

We discussed LAG (Link Aggregation Group) and the ECMP (Equal Cost Multipath) on real network deployments with the Service Provider/Telco Engineer engineers on my slack group.   I thought it was good discussion so you can see what others are doing and the reasons of their deployments.    In this talk, three people involved. Myself […]

The post LAG vs. ECMP discussion on real network deployments appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

What’s behind the Linux umask?

The Linux umask setting plays a big role in determining the permissions that are assigned to files that you create. But what's behind this variable, and how do the numbers relate to settings like rwxr-xr-x?First, umask is a setting that directly controls the permissions assigned when you create files or directories. Create a new file using a text editor or simply with the touch command, and its permissions will be derived from your umask setting. You can look at your umask setting simply by typing umask on the command line.$ umask 0022 Where the umask setting comes from The umask setting for all users is generally set up in a system-wide file like /etc/profile, /etc/bashrc or /etc/login.defs — a file that's used every time someone logs into the system. The setting can be overidden in user-specific files like ~/.bashrc or ~/.profile since these files are read later in the login process. It can also be reset on a temporary basis at any time with the umask command.To read this article in full or to leave a comment, please click here

What’s behind the Linux umask

The umask setting plays a big role in determining the permissions that are assigned to files that you create. But what's behind this variable and how do the numbers relate to settings like rwxr-xr-x?First, umask is a setting that directly controls the permissions assigned when you create files or directories. Create a new file using a text editor or simply with the touch command and its permissions will be derived from your umask setting. You can look at your umask setting simply by typing umask on the command line.$ umask 0022 Where the umask setting comes from The umask setting for all users is generally set up in a system-wide file like /etc/profile, /etc/bashrc or /etc/login.defs -- a file that's used every time someone logs into the system. The setting can be overidden in user-specific files like ~/.bashrc or ~/.profile since these files are read later in the login process. It can also be reset on a temporary basis at any time with the umask command.To read this article in full or to leave a comment, please click here

Build Your DockerCon Europe 2017 Agenda!

DockerCon Europe 2017

It’s that moment you’ve been waiting for…It’s time to build your DockerCon Agenda!

DockerCon is coming back to Europe with some of the best content we’ve ever presented. Don’t miss out and register now before it’s too late. If you are just learning about Docker or have been dabbling in containers for a while, we’re confident that DockerCon will have the right content for you. With eight tracks, two summits (Moby Project Summit and Enterprise Summit) and more than 60 sessions presented by Docker Engineering, Docker Captains, partners, practitioners and customers such as Finnish Railways, MetLife, PayPal, Splunk and Assa Abloy, DockerCon 2017 will cover a wide range of use cases and topics.

Build your agenda

We encourage you to review the full catalogue of DockerCon sessions and build your agenda for the week. You’ll find a new agenda builder that allows you to apply filters based on your areas of interest, experience, job role and more! If you’ve registered you’ll also be able to get recommended sessions as well build you schedule.

DockerCon Europe AgendaCheck Out All The Sessions

One of our favorite features of the Agenda Builder is the recommendations generated based on your profile and marked interest Continue reading

1 1,911 1,912 1,913 1,914 1,915 3,851