Updated: User Authentication in Ansible Network Modules

Ansible network modules (at least in the way they’re implemented in Ansible releases 2.1 and 2.2) were one of the more confusing aspects of my Building Network Automation Solutions online course (and based on what I’m seeing on various chat sites we weren’t the only ones).

I wrote an in-depth explanation of how you’re supposed to be using them a while ago and now updated it with user authentication information.

Apple acquires Workflow automation app, offers it free

Apple has acquired the Workflow automation app, which allows iOS users to trigger a sequence of tasks across apps with a single tap.A spokesman for Apple confirmed on Wednesday the company's acquisition of DeskConnect, the developer of the app, and the Workflow app, but did not provide further details.Workflow, developed for the iPhone, iPad, and Apple Watch, allows users to drag and drop combinations of actions to create workflows that interact with the apps and content on the device. It won an Apple design award in 2015 at its annual Worldwide Developers Conference.Some of the examples of tasks for which Workflow can be used are making animated GIFs, adding a home screen icon to call a loved one and tweeting a song the user has been listening to, according to a description of the app.To read this article in full or to leave a comment, please click here

iPhone 8 may include incredible augmented reality features

The truth is we really don't need more of a reason to get excited for Apple's iPhone 8. After all, Apple's next-gen iPhone will likely feature an OLED edgeless display, ushering in the first change to the iPhone form factor since 2014's iPhone 6.New display technologies aside, it's widely believed that the iPhone 8 will also feature facial recognition functionality, improved camera technology, improved internals and much more.+ Also on Network World: New iPhone 8 concept photos are jaw-dropping + That said, a new report via Bloomberg relays augmented reality (AR) may very well be one of the iPhone 8's defining features. Apple is said to have assembled an incredibly strong and diverse team with expertise across all facets of the AR user experience. What's more, Apple may eventually complement the iPhone 8 with a pair of AR-based eyeglasses, echoing a number of previous rumors we've seen over the past few months.To read this article in full or to leave a comment, please click here

iPhone 8 may include incredible Augmented Reality features

The truth is that we really don't need more of a reason to get excited for Apple's iPhone 8. After all, Apple's next-gen iPhone will likely feature an OLED edgeless display, ushering in the first change to the iPhone form factor since 2014's iPhone 6. New display technologies aside, it's widely believed that the iPhone 8 will also feature facial recognition functionality, improved camera technology, improved internals and much more.That said, a new report via Bloomberg relays that Augmented Reality may very well be one of the iPhone 8's defining features. Apple is said to have assembled an incredibly strong and diverse team with expertise across all facets of the AR user experience. What's more, Apple may eventually be planning to complement the iPhone 8 with a pair of Augmented Reality based eyeglasses, echoing a number of previous rumors we've seen over the past few months.To read this article in full or to leave a comment, please click here

Buongiorno, Roma! Cloudflare Data Center CV

CC-BY 2.0 image by Ilaria Giacomi

We’re excited to announce Cloudflare’s 105th data center in Rome. Visitors in Italy (and especially around the region of Lazio) to over 6 million Internet properties now benefit from reduced latency and increased security. As our global network grows in breadth and capacity, we are able to stop attacks (typically, outside of Italy!), while serving legitimate traffic from our nearest in-country data center. Rome serves as a point of redundancy to our existing data center in Milan, and expands Cloudflare’s Europe network to 29 cities, with at least five more cities already in the works.

Siamo orgogliosi di annunciare il 105esimo data center di Cloudflare a Roma. Utenti in tutta Italia (e specialmente nel Lazio e regioni limitrofe) insieme ad oltre 6 milioni di proprietà in rete beneficeranno di latenze ridotte e maggior sicurezza. Con la crescita della nostra rete sia in copertura che capacità, abbiamo la possibilità di fermare attacchi (tipicamente originati fuori del territorio Italiano!) e di servire traffico legittimo dal data center più vicino. Roma offre maggiore ridondanza nella rete in coppia con il data center di Milano ed espande la rete Europea di Cloudflare a 29 Continue reading

LastPass fixes serious password leak vulnerabilities

Developers of the popular LastPass password manager rushed to push out a fix to solve a serious vulnerability that could have allowed attackers to steal users' passwords or execute malicious code on their computers.The vulnerability was discovered by Google security researcher Tavis Ormandy and was reported to LastPass on Monday. It affected the browser extensions installed by the service's users for Google Chrome, Mozilla Firefox and Microsoft Edge.According to a description in the Google Project Zero bug tracker, the vulnerability could have given attackers access to internal commands inside the LastPass extension. Those are the commands used by the extension to copy passwords or fill in web forms using information stored in the user's secure vault.To read this article in full or to leave a comment, please click here

LastPass fixes serious password leak vulnerabilities

Developers of the popular LastPass password manager rushed to push out a fix to solve a serious vulnerability that could have allowed attackers to steal users' passwords or execute malicious code on their computers.The vulnerability was discovered by Google security researcher Tavis Ormandy and was reported to LastPass on Monday. It affected the browser extensions installed by the service's users for Google Chrome, Mozilla Firefox and Microsoft Edge.According to a description in the Google Project Zero bug tracker, the vulnerability could have given attackers access to internal commands inside the LastPass extension. Those are the commands used by the extension to copy passwords or fill in web forms using information stored in the user's secure vault.To read this article in full or to leave a comment, please click here

The anatomy of a powerful desktop with an ARM chip

When he was growing up, a dream of Linux pioneer Linus Torvalds was to acquire the Acorn Archimedes, a groundbreaking personal computer with the first ARM RISC chips.But in 1987, Archimedes wasn't available to Torvalds in Finland, so he settled for the Sinclair QL. In the meanwhile, the Archimedes failed and disappeared from the scene, killing any chance for ARM chips to dominate PCs.Since then, multiple attempts to put ARM chips in PCs have failed. Outside of a few Chromebooks, most PCs have x86 chips from Intel or AMD.The domination of x86 is a problem for Linaro, an industry organization that advocates ARM hardware and software. Many of its developers use x86 PCs to compile programs for ARM hardware. That's much like trying to write Windows programs on a Mac.To read this article in full or to leave a comment, please click here

Rough Guide to IETF 98: DNS Privacy and Security, including DNSSEC

It is a remarkably quiet week for DNS security and privacy topics at the IETF 98 meeting in Chicago next week. Both the DANE and DPRIVE working groups are moving along very well with their work on their mailing lists and so chose not to meet in Chicago. Similarly, with DNSSEC deployment steadily increasing (as we outlined in the 2016 State of DNSSEC Deployment report in December), the work to be discussed in DNS Operations (DNSOP) is more about exploring ideas to make DNSSEC even more secure.

Here is a quick view of what is happening in Chicago.

Dan York

Ex-prison guard who was shot 6 times to speak at FCC meeting on contraband cellphones

Thursday morning's FCC meeting promises to be dramatic: It will feature testimony by an ex-prison guard who survived after being shot six times at his South Carolina home as the result of a hit ordered on him hit by an inmate using a contraband cellphone.Capt. Robert Johnson (ret.) of the South Carolina Department of Corrections has become an advocate for putting the clamps on contraband cellphones since that 2010 incident, and he has an ally in new FCC Commissioner Ajit Pai. A year ago Pai and then South Carolina Gov. Nikki Haley co-authored an op-ed piece in USA Today titled "Cellphones are too dangerous for prison."To read this article in full or to leave a comment, please click here

AI, machine learning blossom in agriculture and pest control

Artificial intelligence (AI) is rising in prominence with the proliferation of chatbots, virtual assistants and other conversational tools that companies are using to improve customer service, productivity and operational efficiency. But AI is also helping to automate and streamline tasks in data-intensive industries traditionally ruled by rigorous science and good old-fashioned human analysis.Seed retailers, for example, are using AI products to churn through terabytes of precision agricultural data to create the best corn crops, while pest control companies are using AI-based image-recognition technology to identify and treat various types of bugs and vermin. Such markedly different scenarios underscore how AI has evolved from science fiction to practical solutions that can potentially help companies get a leg up on their competition.To read this article in full or to leave a comment, please click here

iPhone, Mac owners: How to stymie hackers extorting Apple, threatening to wipe devices

Hackers claiming to have hundreds of millions of iCloud credentials have threatened to wipe date from iPhones, iPads and Macs if Apple does not fork over $150,000 within two weeks."This group is known for getting accounts and credentials, they have gotten credentials in the past," said Lamar Bailey, director of security research and development at Tripwire, of the purported hackers. "But whether they have that many ... who knows?"There's another reason for not panicking, Bailey said: People can quickly make their accounts more secure, assuming the criminals have only collected, not actually compromised the iCloud accounts by changing millions of passwords.To read this article in full or to leave a comment, please click here

iPhone, Mac owners: How to stymie hackers extorting Apple, threatening to wipe devices

Hackers claiming to have hundreds of millions of iCloud credentials have threatened to wipe date from iPhones, iPads and Macs if Apple does not fork over $150,000 within two weeks."This group is known for getting accounts and credentials, they have gotten credentials in the past," said Lamar Bailey, director of security research and development at Tripwire, of the purported hackers. "But whether they have that many ... who knows?"There's another reason for not panicking, Bailey said: People can quickly make their accounts more secure, assuming the criminals have only collected, not actually compromised the iCloud accounts by changing millions of passwords.To read this article in full or to leave a comment, please click here

Cisco: IOS security update includes denial of service and code execution warnings

Cisco is warning IOS and IOS EXE users of five security vulnerabilities it rates as “High” that could lead to denial of service attacks or allow an invader to execute arbitrary code on an particular system.The warnings – which include Cisco’s DHCP client, L2TP, Zero Touch Provisioning, HTTP server and Web user interface -- are part of what Cisco says are a twice-yearly bundle of IOS security advisories it issues to keep those users up-to-date on current IOS security issues.To read this article in full or to leave a comment, please click here

Cisco: IOS security update includes denial of service and code execution warnings

Cisco is warning IOS and IOS EXE users of five security vulnerabilities it rates as “High” that could lead to denial of service attacks or allow an invader to execute arbitrary code on an particular system.The warnings – which include Cisco’s DHCP client, L2TP, Zero Touch Provisioning, HTTP server and Web user interface -- are part of what Cisco says are a twice-yearly bundle of IOS security advisories it issues to keep those users up-to-date on current IOS security issues.To read this article in full or to leave a comment, please click here

Google cites progress in Android security, but patching issues linger

The chances of you encountering malware on your Android phone is incredibly small, according to Google.By the end of last year, less than 0.71 percent of Android devices had installed a "potentially harmful application," such as spyware, a Trojan, or other malicious software.That figure was even lower, at 0.05 percent, for Android phones that downloaded apps exclusively from the Google Play store.The internet giant revealed the figures in a new report detailing its efforts to making the Android OS secure. Thanks to better app review systems, the company is detecting and cracking down on more malware.To read this article in full or to leave a comment, please click here

Google cites progress in Android security, but patching issues linger

The chances of you encountering malware on your Android phone is incredibly small, according to Google.By the end of last year, less than 0.71 percent of Android devices had installed a "potentially harmful application," such as spyware, a Trojan, or other malicious software.That figure was even lower, at 0.05 percent, for Android phones that downloaded apps exclusively from the Google Play store.The internet giant revealed the figures in a new report detailing its efforts to making the Android OS secure. Thanks to better app review systems, the company is detecting and cracking down on more malware.To read this article in full or to leave a comment, please click here

New opportunities for augmented reality

Augmented reality, virtual reality and mixed reality are three realities that exist on the reality-virtuality continuum—and they are probably the three terms you have heard again and again.  However, there is a fourth reality you probably haven’t heard of—diminished reality.Diminished reality can be thought of as the opposite of augmented reality. Augmented reality (AR) enhances our reality by overlaying digital elements like 3D models on the physical world.  Contrary to that, diminished reality (DR) diminishes parts of the physical world. It removes unwanted objects in our view.To read this article in full or to leave a comment, please click here

Know your encryption workarounds: a paper

As The 21st Century Encryption Wars continue with no end in sight, security experts Bruce Schneier and Orin Kerr have collaborated on a paper that seeks to establish a common understanding of one aspect of the clash: encryption workarounds.  The authors consciously avoid policy recommendations, but rather hope to better the understanding of those who will do so in our political and law enforcement arenas.From the paper’s abstract: The widespread use of encryption has triggered a new step in many criminal investigations: the encryption workaround. We define an encryption workaround as any lawful government effort to reveal an unencrypted version of a target's data that has been concealed by encryption. This essay provides an overview of encryption workarounds. It begins with a taxonomy of the different ways investigators might try to bypass encryption schemes. We classify six kinds of workarounds: find the key, guess the key, compel the key, exploit a flaw in the encryption software, access plaintext while the device is in use, and locate another plaintext copy. For each approach, we consider the practical, technological, and legal hurdles raised by its use.To read this article in full or to leave a comment, please click here