Worth Reading: Who pays security costs?

Computer security costs money. It costs more to develop secure software, and there’s an ongoing maintenance cost to patch the remaining holes. Spending more time and money up front will likely result in lesser maintenance costs going forward, but too few companies do that. Besides, even very secure operating systems like Windows 10 and iOS have had security problems and hence require patching. (I just installed iOS 10.3.2 on my phone. It fixed about two dozen security holes.) So — who pays? —CircleID

The post Worth Reading: Who pays security costs? appeared first on rule 11 reader.

10 more killer Raspberry Pi projects

Prolific developers of Raspberry PiImage by Mark GibbsWelcome to the third collection of Killer Raspberry Pi Projects. Our first and second collections were such a hit that we just had to produce another. There are so many interesting applications of the Raspberry Pi it's getting hard to pick and choose but, once again, we've sorted the wheat from the chaff to bring you ten more projects that embody the creativity and enthusiasm that defines the Raspberry Pi market. We have animatronic horror driven by Alexa, toy cars driven by deep learning, a couple of display projects, and cats recognized and monitored by Raspberry Pis. In short, more RPi goodness than you can shake a stick at.To read this article in full or to leave a comment, please click here

Spring Boot Development with Docker

The AtSea Shop is an example storefront application that can be deployed on different operating systems and can be customized to both your enterprise development and operational environments. In my last post, I discussed the architecture of the app. In this post, I will cover how to setup your development environment to debug the Java REST backend that runs in a container.

Building the REST Application

I used the Spring Boot framework to rapidly develop the REST backend that manages products, customers and orders tables used in the AtSea Shop. The application takes advantage of Spring Boot’s built-in application server, support for REST interfaces and ability to define multiple data sources. Because it was written in Java, it is agnostic to the base operating system and runs in either Windows or Linux containers. This allows developers to build against a heterogenous architecture.

Project setup

The AtSea project uses multi-stage builds, a new Docker feature, which allows me to use multiple images to build a single Docker image that includes all the components needed for the application. The multi-stage build uses a Maven container to build the the application jar file. The jar file is then copied to a Java Development Kit image. This Continue reading

iPhone 8 might be cheaper than we thought

Apple's upcoming iPhone 8 is going to be jam-packed with all sorts of advanced technologies and compelling new features. Of course, the most obvious change will be the iPhone 8's brand new form factor. Seeing as how the iPhone form factor hasn't really changed at all since the iPhone 6 and iPhone 6s Plus were released in 2014, the iPhone 8 will finally provide users with a fresh new design.Hardly a secret at this point, the iPhone 8 will feature an edgeless OLED display wherein the entire front face of the device will be the display. As for the home button and the Touch ID sensor, rumor has it that Apple has figured out a way to embed these into the display itself. The end result is that the iPhone 8 will essentially look like one giant piece of glass, which, interestingly enough, has long been Jony Ive's vision of an ideal iPhone design.To read this article in full or to leave a comment, please click here

Reflections on reflection (attacks)

Recently Akamai published an article about CLDAP reflection attacks. This got us thinking. We saw attacks from Conectionless LDAP servers back in November 2016 but totally ignored them because our systems were automatically dropping the attack traffic without any impact.

CC BY 2.0 image by RageZ

We decided to take a second look through our logs and share some statistics about reflection attacks we see regularly. In this blog post, I'll describe popular reflection attacks, explain how to defend against them and why Cloudflare and our customers are immune to most of them.

A recipe for reflection

Let's start with a brief reminder on how reflection attacks (often called "amplification attacks") work.

To bake a reflection attack, the villain needs four ingredients:

  • A server capable of performing IP address spoofing.
  • A protocol vulnerable to reflection/amplification. Any badly designed UDP-based request-response protocol will do.
  • A list of "reflectors": servers that support the vulnerable protocol.
  • A victim IP address.

The general idea:

  • The villain sends fake UDP requests.
  • The source IP address in these packets is spoofed: the attacker sticks the victim's IP address in the source IP address field, not their own IP address as they normally would.
  • Each packet Continue reading

Speed, Power, Performance: NSX & Memorial Day Motorsports

With Memorial Day weekend coming up, for me, it’s all about hot dogs, hamburgers, and fast car racing. I am huge Formula 1 fanatic, but Memorial Day is a bonanza of racing from the F1 Monaco Grand Prix, to NASCAR’s Coke 600, and of course the Indianapolis 500 all on the same day! The raw speed and performance of these races remind me of a 2016 VMworld presentation (NET8030) on NSX performance.

The argument still comes up now and again that “hardware is faster than software.” Network guys like me just assume that’s true. So, it came as a surprise to me when I watched the session which turned that assumption on its head. In this session, the presenter demonstrated that software is faster than hardware, way faster. Of course, I was dubious at first but quickly learned that physical networking and virtual networking is like the difference between the pace car and the race car. I always assumed the physical switch was the race car, but in the throughput presentation, Samuel showed two VM’s running on the same host with NSX routing, switching, and firewalling between them could get up to 106G! This information surprised me. Sort of like the same experience I had Continue reading

Reading List: WannaCry and Ransomware

A good bit has been written about the recent WannaCry outbreak over the last few weeks; rather than stringing the best out through Worth Reading posts, I have collected the three best posts on the topic here.

There are a number of takeaways and lessons to learn from the far-reaching attack that we witnessed. Let me tie those to voluntary cooperation and collaboration which together represent the foundation for the Internet’s development. The reason for making this connection is because they provide the way to get the global cyber threat under control. Not just to keep ourselves and our vital systems and services protected, but to reverse the erosion of trust in the Internet. —CircleID

Over the weekend a cyber attack known as “WannaCry” infected hundreds of computers all over the world with ransomware (malware which encrypts your data until you pay a ransom, usually in Bitcoin). The attack takes advantage of an exploit for Windows known as “EternalBlue” which was in the possession of NSA and, in mid April, was made public by a group known as “The Shadow Brokers.” Microsoft issued a patch for the vulnerability on March 14 for all supported versions of Windows (Vista and Continue reading

Memory-Like Storage Means File Systems Must Change

The term software defined storage is in the new job title that Eric Barton has at DataDirect Networks, and he is a bit amused by this. As one of the creators of early parallel file systems for supercomputers and one of the people who took the Lustre file systems from a handful of supercomputing centers to one of the two main data management platforms for high performance computing, to a certain way of looking at it, Barton has always been doing software-defined storage.

The world has just caught up with the idea.

Now Barton, who is leaving Intel in the

Memory-Like Storage Means File Systems Must Change was written by Timothy Prickett Morgan at The Next Platform.

Help Shape the Future of the Internet

This year, the Internet Society celebrates its 25th anniversary.  Our own history is inextricably tied to the history of the Internet. We were founded in 1992 by Internet pioneers who believed that “a society would emerge from the idea that is the Internet” – and they were right.

As part of the celebration, this September we will launch a comprehensive report that details the key forces that could impact the future of the Internet. The report will also offer recommendations for the Future and we need your input.

Constance Bommelaer de Leusse

A Health Check For Code And Infrastructure In The Cloud

As businesses continue their migration to the cloud, the issue of monitoring the performance and health of their applications gets more challenging as they try to track them across both on-premises environments and in both private and public clouds. At the same time, as they become more cloud-based, they have to keep an eye on the entire stack, from the customer-facing applications to the underlying infrastructure they run on.

Since its founding eight years ago, New Relic has steadily built upon its first product, a cloud-based application performance management (APM) tool that is designed to assess how well the

A Health Check For Code And Infrastructure In The Cloud was written by Jeffrey Burt at The Next Platform.

IDG Contributor Network: Why we need more shades of gray

Few things in life can be expressed in black and white terms. Sure, a light switch is either on or it's off; one baseball team wins the World Series each year and one doesn't; and every line of computer binary starts with either a one or a zero.Most of the time, though, our lives are full of gray areas, not absolutes. Brent crude almost never drops below $40 a barrel, but it did happen once and the chances of it happening again are greater than zero. There may be a 60 or 70 percent chance of rain tomorrow, but it's rarely 100 percent. And, sometimes, even the Chicago Cubs win the World Series.So why is it that security practitioners often treat their threat environment as if it's black or white, rather than a spectrum of possible states or probable outcomes — even when this binary view diminishes the quality of their comprehension and decision-making and thus jeopardizes their actual security?To read this article in full or to leave a comment, please click here

Top 5 Reasons IoT projects fail

If you’re doing an Internet of Things deployment, prepare for failure. That’s the overarching takeaway from a survey Cisco conducted of more than 1,800 IT leaders in the U.S. and U.K.Up to 60% of IoT projects that respondents started stalled at the proof of concept phase, Cisco found. Just 26% of respondents said they had what they considered a successful IoT deployment. So where do IoT projects go south?+MORE AT NETWORK WORLD: Cisco: Secure IoT networks, not the devices +To read this article in full or to leave a comment, please click here

Worth Reading: The Embiggening Bite of GPUs

That is how CPUs got their name, after all. And perhaps this is a good time to remind everyone that systems used to be a collection of different kinds of compute, and that is why the central compute complex in an IBM System/360 was called the main frame. There were other frames, and in the case of RISC processors at IBM, the original 801 RISC chip that underlies half of its systems business today was commercialized as a controller for mainframe disk controllers. The Xeon processor that now dominates the datacenters of the world made a three-decade long jump off our desks. —The Next Platform

The post Worth Reading: The Embiggening Bite of GPUs appeared first on rule 11 reader.

1 1,969 1,970 1,971 1,972 1,973 3,763