10 things you need to know about the security risks of wearables

The risks from corporate use of activity trackers and other wearables is low, some experts say -- especially in comparison to all the other security and privacy risks CISOs, CIOs and IT folks must worry about.That said, as with any connected device, there is risk potential. For example, recent research suggests that devices such as Fitbits can be hacked (when the hacker is within close proximity). By focusing on accelerometers and other motion sensors, researchers at the University of Michigan and the University of South Carolina found that it’s possible to, among other things, use sound waves at different frequencies to add thousands of steps to a Fitbit. (Scroll down to read Fitbit’s response to the research results.)To read this article in full or to leave a comment, please click here(Insider Story)

IDG Contributor Network: Cloud Foundry Foundation launches developer certification

Many years ago I created and ran the CloudU program, a vendor-neutral cloud education initiative that, in its day, had many thousands of individuals participate and graduate from the program. The rationale for creating the program back then was what I saw occurring in the industry: much interest in cloud as a concept, but little understanding of what it actually is and how to use it. Bear in mind this was years ago, before cloud became the default position for everything.RELATED: 10 tech skills that will boost your salary The idea of providing education programs to help individuals transition into a new way of thinking and working is a good one. A similar situation exists today with the move away from server-based infrastructures (be they physical or virtual) and into container or serverless-based approaches. Essentially we’re seeing challenges around the understanding and implementation of new “cloud native” ways of building applications.To read this article in full or to leave a comment, please click here

Windows 10’s next major update arrives April 11

After months of waiting, beta tests, and trickles of information about new features, the next major update for Windows 10 will arrive on April 11. Microsoft announced Wednesday that the Creators Update, as it’s known, will start rolling out to users of the company’s latest operating system in roughly two weeks.The update includes a slew of new features, including changes to the Microsoft Edge browser, improvements to gaming on Windows 10 and more features for devices with touch screens. As the name implies, the Creators Update includes new tools for people who make and consume media on their PCs, including a new Paint3D app that updates Microsoft’s classic drawing tool to create three-dimensional models.To read this article in full or to leave a comment, please click here

Pajama-wearing remote worker stereotypes shattered

A recent satirical piece in the New Yorker played the stereotypical remote worker for laughs -- disheveled, disoriented, starved for human contact, still in his pajamas after who-knows-how-many-days. Unproductive, he calls 911 for help. While it's hilarious -- and for those who work from home, there's certainly a few grains of truth buried within -- new research from Future Workplace and Polycom might finally put to rest the perception that remote workers are lazy, anti-social and unproductive.The report, The Human Face of Remote Working, polled 25,234 employees across 12 countries, including the U.S., Canada, Brazil, Japan, the UK, India, Singapore, Germany, Russia, France, Australia and China. Of the respondents, 55 percent held managerial or higher job titles; 58 percent are responsible for care in some capacity and 68 percent are parents. The study found that despite the remote working stigma of laziness and isolation, remote workers are more empathetic, desire human connection and pick up the phone more than their in-office counterparts.To read this article in full or to leave a comment, please click here

Review: Windows 10 Creators Update is worth waiting for

Windows 10 Creators Update is coming for you, and it will get you sooner or later. The question is whether to embrace Creators Update immediately or to wait a few months until the bugs get worked out—because, as we learned with Anniversary Update, there will be bugs.Many who rushed to Anniversary Update paid the price with inexplicable freezes, broken antivirus utilities, stalled or disabled apps, disappearing volumes and drives, changed settings, and a legion of installation problems. No doubt many of those users wished they had waited the four months for Anniversary Update to reach Current Branch for Business status—Microsoft’s designation for builds that are finally stable enough for enterprise deployment.To read this article in full or to leave a comment, please click here

AI will transform information security, but it won’t happen overnight

Although it dates as far back as the 1950s, Artificial Intelligence (AI) is the hottest thing in technology today.An overarching term used to describe a set of technologies such as text-to-speech, natural language processing (NLP) and computer vision, AI essentially enables computers to do things normally done by people.Machine learning, the most prominent subset of AI, is about recognizing patterns in data and computer learning from them like a human. These algorithms draw inferences without being explicitly programmed to do so. The idea is the more data you collect, the smarter the machine becomes.To read this article in full or to leave a comment, please click here

Feds to battle cybersecurity with analytics

For the federal government to better secure its information systems and support cybersecurity in the private sector, departments and agencies will need to dramatically improve the way they collect, analyze and share information about emerging threats, current and former government officials are cautioning.At a government IT conference convened by Akamai, a content delivery and cloud service provider, officials stressed the importance of casting a wide net for gathering information about cyberthreats, calling for the advancement of new standards and protocols to automate information sharing across the public and private sectors."The more participants we have in our process, the better that process is going to be," said Danny Toler, acting assistant secretary at the Department of Homeland Security's Office of Cybersecurity and Communications.To read this article in full or to leave a comment, please click here

Expert: NY breach report highlights third-party risk

New York reported a record high number of breaches last year, just after a new set of cybersecurity regulations went into effect in the state."In 2016, New Yorkers were the victims of one of the highest data exposure rates in our state’s history," said Attorney General Eric Schneiderman in a statement released last week. "The total annual number of reported security breaches increased by 60% and the number of exposed personal records tripled."According to the report, the stolen data consisted overwhelmingly of Social Security numbers and financial account information, and hacking was the leading cause of the breaches. The 1,300 breaches involved the private data of 1.6 million state residents, and 81 percent of the breaches involved the loss of Social Security numbers or financial information.To read this article in full or to leave a comment, please click here

IDG Contributor Network: How to bring true interoperability to the Internet of Things

The Internet of Things (IoT) is an incredibly diverse space, encompassing a large variety of hardware form factors and software ecosystems unlike anything we have seen in technology. Smartwatches, connected cameras, drones, thermostats, voice-enabled speakers, smart appliances and more—they all live together within the IoT.RELATED: 8 tips for building a cost-effective IoT sensor network But the diversity and innovation that excites many IoT fans is a big challenge not just for manufacturers and developers, but also (and most importantly) consumers. Which technology options should be used when designing or deploying IoT devices? How do they keep up with updated or new operating systems? What about new software and connectivity technologies coming up? Those are just some of today’s challenges.To read this article in full or to leave a comment, please click here

IDG Contributor Network: How to bring true interoperability to the Internet of Things

The Internet of Things (IoT) is an incredibly diverse space, encompassing a large variety of hardware form factors and software ecosystems unlike anything we have seen in technology. Smartwatches, connected cameras, drones, thermostats, voice-enabled speakers, smart appliances and more—they all live together within the IoT.RELATED: 8 tips for building a cost-effective IoT sensor network But the diversity and innovation that excites many IoT fans is a big challenge not just for manufacturers and developers, but also (and most importantly) consumers. Which technology options should be used when designing or deploying IoT devices? How do they keep up with updated or new operating systems? What about new software and connectivity technologies coming up? Those are just some of today’s challenges.To read this article in full or to leave a comment, please click here

Digital India threatened by Internet shutdowns

The government of Narendra Modi has set out ambitious goals for the digitalization of India, through a program called Digital India. It is hard to see this program get fully realized when state or local governments keep turning the Internet off.

Since January 2016, we have tracked that state governments have switched off the Net more than 34 times across India.

Sixty-two incidents of Internet shutdowns across 12 Indian states have been recorded by SFLC.in from 2012 till date.

In the country's northeast, in Nagaland, there was no Internet service at all from January 30 until February 19 .2017

In Kashmir, there have been 27 shutdowns since 2012, in a region market by long-standing conflicts.

Mishi Choudhary

containerd joins the Cloud Native Computing Foundation

Today, we’re excited to announce that containerd – Docker’s core container runtime – has been accepted by the Technical Oversight Committee (TOC) as an incubating project in the Cloud Native Computing Foundation (CNCF). containerd’s acceptance into the CNCF alongside projects such as Kubernetes, gRPC and Prometheus comes three months after Docker, with support from the five largest cloud providers, announced its intent to contribute the project to a neutral foundation in the first quarter of this year.

In the process of spinning containerd out of Docker and contributing it to CNCF there are a few changes that come along with it.  For starters, containerd now has a logo; see below. In addition, we have a new @containerd twitter handle. In the next few days, we’ll be moving the containerd GitHub repository to a separate GitHub organization. Similarly, the containerd slack channel will be moved to separate slack team which will soon available at containerd.slack.com

containerd logo

containerd has been extracted from Docker’s container platform and includes methods for transferring container images, container execution and supervision and low-level local storage, across both Linux and Windows. containerd is an essential upstream component of the Docker platform used by millions of end users that  also provides the industry with an open, Continue reading

Railroads and Cars: a Fairy Tale

Imagine a Flatworld in which railways are the main means of transportation. They were using horses and pigeons in the past, and experimenting with underwater airplanes, but railways won because they were cheaper than anything else (for whatever reason, price always wins over quality or convenience in that world).

As always, there were multiple railroad tracks and trains manufacturers, and everyone tried to use all sorts of interesting tricks to force the customers to buy tracks and trains from the same vendor. Different track gauges and heptagonal wheels that worked best with grooved rails were the usual tricks.

Read more ...

Tell Policy Makers to Think Twice Before Blocking Content or Flipping the Internet Kill Switch

RightsCon 2017 is kicking off today (29-31 March, Brussels) so we wanted to give you an update and also ask for your help amplifying our message.    

Restrictions to Internet access are on the rise globally. Data shows that between 2015 and 2016, the number of Internet shutdowns bumped up from 15 to 56 worldwide. Not only is this causing collateral damage to the Internet, but we’re also putting the society and economy at risk. If we don’t do anything, we are at serious risk of eroding the trust that people have in the Internet - to the point of no return.

Nicolas Seidler

Kubernetes and VMware NSX

Attending CloudNativeCon/KubeCon this week in Berlin (29th – 30th of March)? Please visit us at our booth #G1 and click for more details about what’s happening at the show!


IT is undergoing a huge transformation.

Organizations are moving away from static infrastructure to full automation on every aspect of IT. This major shift is not happening overnight. It is an evolutionary process, and people decide to evolve their IT at different speeds based on organizational needs.

When I decided to join the VMware Networking & Security Business Unit four years ago, the key deciding factor for me was that I felt that networking is adopting automation far too slowly. Do not get me wrong – we always automated network configurations in some form. I still remember vividly my time as a networking consultant at a major German airport. Back at the beginning of the new millennium, I used a combination of Perl, Telnet and Expect to migrate the configuration of a huge core network from a single-tenant configuration to a multi-tenant MPLS/VPN.  Nevertheless, at some point, network operators stopped evolving, and even today largely, we continue to automate by manually setting up new configuration into Continue reading

IDG Contributor Network: Smyte wants to get biblical on all those bad online actors

It’s really hard to come up with good startup names, especially names for which the URL is still available, so it is interesting to see startups go back, way back, to find names. One of those is San Francisco security startup Smyte.Smyte's reason for being is to smite (see what I did there?) bad online actors. Its SaaS software is already used by a number of peer-to-peer marketplaces and social apps to combat spam, scam, online harassment and credit card fraud. In other words, Smyte fights pretty much everything social media has, alas, come to be known for. Smyte is a graduate of Y Combinator’s Winter 2015 program.To read this article in full or to leave a comment, please click here

Easily Finding the Latest CoreOS AMI ID

It seems as if finding the right Amazon Machine Image (AMI) ID for the workload you’d like to deploy can sometimes be a bit of a challenge. Each combination of region and AMI produces a unique ID, so you have to look up the AMI for the particular region where you’re going to deploy the workload. This in and of itself wouldn’t be so bad, but then you have to wade through multiple versions of the same AMI in each region. Fortunately, if you’re using CoreOS Container Linux on AWS, there’s an easy way to find the right AMI ID. Here’s how it works.

CoreOS publishes a JSON feed of the latest AMI for each of their channels (stable, beta, and alpha). You can find links to these JSON feeds on this page. This is powerful for 2 reasons:

  1. Because it’s available via HTTP, you can use curl to retrieve it anytime you need it.

  2. Because it’s in JSON, you can use jq (see my post on jq for more information) to easily parse it to find the information you need. (Not super comfortable with JSON? Check out my introductory post.)

Putting these two reasons together, you end up Continue reading

US House votes to undo broadband privacy rules

The U.S. House of Representatives has followed the Senate in voting to repeal privacy rules that can prevent broadband providers from selling customers’ internet-browsing histories and other data without their permission.On Tuesday, the House voted 215-205 to do away with the privacy rules that the U.S. Federal Communications Commission passed last year. The rules had yet to come into effect.They require broadband carriers to first obtain opt-in approval from customers before using and sharing their sensitive personal information, such as web browsing history, geo-location data and what applications they've used.To read this article in full or to leave a comment, please click here

US House votes to undo broadband privacy rules

The U.S. House of Representatives has followed the Senate in voting to repeal privacy rules that can prevent broadband providers from selling customers’ internet-browsing histories and other data without their permission.On Tuesday, the House voted 215-205 to do away with the privacy rules that the U.S. Federal Communications Commission passed last year. The rules had yet to come into effect.They require broadband carriers to first obtain opt-in approval from customers before using and sharing their sensitive personal information, such as web browsing history, geo-location data and what applications they've used.To read this article in full or to leave a comment, please click here