AES-CBC is going the way of the dodo

A little over a year ago, Nick Sullivan talked about the beginning of the end for AES-CBC cipher suites, following a plethora of attacks on this cipher mode.

Today we can safely confirm that this prediction is coming true, as for the first time ever the share of AES-CBC cipher suites on Cloudflare’s edge network dropped below that of ChaCha20-Poly1305 suites, and is fast approaching the 10% mark.

CC BY-SA 2.0 image by aesop

Over the course of the last six months, AES-CBC shed more than 33% of its “market” share, dropping from 20% to just 13.4%.

All of that share, went to AES-GCM, that currently encrypts over 71.2% of all connections. ChaCha20-Poly1305 is stable, with 15.3% of all connections opting for that cipher. Surprisingly 3DES is still around, with 0.1% of the connections.

The internal AES-CBC cipher suite breakdown as follows:

The majority of AES-CBC connections use ECDHE-RSA or RSA key exchange, and not ECDHE-ECDSA, which implies that we mostly deal with older clients.

RSA is also dying

In other good new, the use of ECDSA surpassed that of RSA at the beginning of the year. Currently more than 60% of all connections use Continue reading

Users’ orders: Make it easier to build hybrid clouds

A funny thing happened on the way to the hybrid cloud: Building the infrastructure was a pain in the neck.That's what enterprise IT people in the Open Networking User Group have discovered Last year, public cloud providers persuaded C-level executives to move significant corporate workloads to the cloud, but the tools weren't there to make it work, said Nick Lippis, co-founder and co-chairman of ONUG."There is a ton of custom work that has to be done," Lippis said.So the user group, which includes IT executives from hundreds of enterprises, chose building hybrid cloud infrastructure as its focus for this year. It will be the main topic at ONUG Spring 2017, taking place next week in San Francisco.To read this article in full or to leave a comment, please click here

Users’ orders: Make it easier to build hybrid clouds

A funny thing happened on the way to the hybrid cloud: Building the infrastructure was a pain in the neck.That's what enterprise IT people in the Open Networking User Group have discovered Last year, public cloud providers persuaded C-level executives to move significant corporate workloads to the cloud, but the tools weren't there to make it work, said Nick Lippis, co-founder and co-chairman of ONUG."There is a ton of custom work that has to be done," Lippis said.So the user group, which includes IT executives from hundreds of enterprises, chose building hybrid cloud infrastructure as its focus for this year. It will be the main topic at ONUG Spring 2017, taking place next week in San Francisco.To read this article in full or to leave a comment, please click here

Researchers build a microprocessor from flexible materials

Researchers have built a primitive microprocessor out of a two-dimensional material similar to graphene, the flexible conductive wonder material that some believe will revolutionize the design and manufacture of batteries, sensors and chips.With only 115 transistors, their processor isn't going to top any benchmark rankings, but it's "a first step towards the development of microprocessors based on 2D semiconductors," the researchers at Vienna University of Technology said in a paper published in the journal Nature this month.To read this article in full or to leave a comment, please click here

Show 336: Ethan & Greg Ask Me Anything Part 1

Todays show is an AMA (Ask Me Anything). Greg and Ethan answer listener questions about professional development, staying relevant, and career regrets and successes. The post Show 336: Ethan & Greg Ask Me Anything Part 1 appeared first on Packet Pushers.

DARPA opens massive “Colosseum” to develop radical wireless applications

DARPA today said it the opened unique and massive testbed it will use as a battleground for researchers to build and test autonomous, intelligent and collaborative wireless technologies.Calling it a “magnificent electronic arena” The Colosseum will be primarily used to host the Defense Advanced Research Projects Agency’s $3.75 million three-year Spectrum Collaboration Challenge (SC2), which will pit researchers against each other to develop what the agency calls radically new technologies for “using and managing access to the electromagnetic spectrum in both military and civilian domains.”To read this article in full or to leave a comment, please click here

DARPA opens massive “Colosseum” to develop radical wireless applications

DARPA today said it the opened unique and massive testbed it will use as a battleground for researchers to build and test autonomous, intelligent and collaborative wireless technologies.Calling it a “magnificent electronic arena” The Colosseum will be primarily used to host the Defense Advanced Research Projects Agency’s $3.75 million three-year Spectrum Collaboration Challenge (SC2), which will pit researchers against each other to develop what the agency calls radically new technologies for “using and managing access to the electromagnetic spectrum in both military and civilian domains.”To read this article in full or to leave a comment, please click here

Microsoft updates Office Online Server, announces release schedule

Microsoft announced it intends to stick to a twice-per-year cadence of major releases for Windows 10 and Office. Along with that, it has updated the Office Online Server for data centers.Office Online Server basically lets companies deliver Office Online to their users from their data centers rather than over the internet and from Microsoft’s servers. Microsoft introduced the Office Online Server (OOS) as a successor to Office Web Apps Server 2013.+ Also on Network World: Microsoft ends updates for Windows 7/8.1 on new processors + Office Online is not the same as Office 365. There are differences in the apps, although the core remains the same. One thing different is that Office Online doesn’t use the ribbon in some apps. But the basics—Word, Excel, Powerpoint and OneNote—are all there. Outlook is available only through Outlook.com.To read this article in full or to leave a comment, please click here

Stuff The Internet Says On Scalability For April 21st, 2017

Hey, it's HighScalability time:

• year 1899: “Nobody has to use the Internet”; 12MPH: Speed news of Lincoln's assassination traveled the US; $200 million: Lyft tips; 500: data structures and algorithms interview questions; %0.00244140625: Odds of 13 straight male Dr. Who regens; 100: gigafactories could power the world; 100K: bots on Messenger; 1 million: containers Netflix lanched in one week; 5.2 trillion: 2014 US revenue; 52,129: iterations to converge on NFL schedule; 36 Gbps: Facebook's network in the sky; 


• Quotable Quotes:
  • @mipsytipsy: "That doesn't sound hard. I could build that in a weekend."
  • @Noahpinion: The Elon Musk Future is the good future. The Peter Thiel Future is the bad future. But honestly you'll probably get the Jeff Bezos Future.
  • @BenedictEvans: In 2007 Google, Apple, Facebook & Amazon had maybe 50k staff between them. Today it's more like 400k.
  • @AWSonAir: @Expedia inserting 70,000 rows per second of hotel data with Amazon Aurora.
  • @swardley: STOP! If you're thinking of moving Continue reading

Forget signatures for malware detection. SparkCognition says AI is 99% effective  

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  The notion of detecting malware by looking for malicious file signatures is obsolete. Depending on which source is cited, anywhere from 300,000 to one million new malware files are identified every day.Kaspersky Lab says it finds 323,000 files daily, AV-TEST claims to discover more than 390,000 new malicious programs every day, and Symantec says it uncovers almost a million new threats per day. No matter how you count it, that’s a lot of malicious software being unleased into the wild day after day.To read this article in full or to leave a comment, please click here

Forget signatures for malware detection. SparkCognition says AI is 99% effective  

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  The notion of detecting malware by looking for malicious file signatures is obsolete. Depending on which source is cited, anywhere from 300,000 to one million new malware files are identified every day.Kaspersky Lab says it finds 323,000 files daily, AV-TEST claims to discover more than 390,000 new malicious programs every day, and Symantec says it uncovers almost a million new threats per day. No matter how you count it, that’s a lot of malicious software being unleased into the wild day after day.To read this article in full or to leave a comment, please click here

75% off Lamicall S1 Cell Phone Dock – Deal Alert

Designed on a low center of gravity makes it stable. The extended hooks keep the phone in safety, and rubber cushions protect the phone from scratches and sliding. Suitable height, perfect angle of view when using Facetime and YouTube, makes it so easy to read message and emails. Compatible with iPhone and Android phones even when they have an added case.  The doc averages 4.8 out of 5 stars from over 4,500 reviewers on Amazon (86% rate a full 5 stars: see reviews), where its typical list price of $36.99 has been reduced 19% to $29.99. See this deal on Amazon.To read this article in full or to leave a comment, please click here

Worth Reading: An opaque alternative to oblivious cloud analytics

Even as encryption methods and security procedures have improved, the data is still at risk of being attacked through such vulnerabilities as access pattern leakage through memory or the network. It’s the threat of an attack via access pattern leakage that a group of researchers from UC Berkeley wanted to address when they developed an “oblivious” distributed data analytics platform that leverages the hardware enclave technology available in Intel’s Software Guard Extensions (SGX). The sensitive nature of much of the data that is being collected and analyzed in the cloud – from medical and financial data to user information like emails and shopping histories – makes it an attractive target for cyber-criminals, so the need to protect the data in such cloud environments is growing. —The Next Platform

The post Worth Reading: An opaque alternative to oblivious cloud analytics appeared first on rule 11 reader.

MIT selling 8 million coveted IPv4 addresses; Amazon a buyer

MIT is selling half of its 16 million valuable IPv4 addresses – an increasingly scarce stash it has held since the birth of the Internet. While details of the sale have not been made public, at least some of those addresses have already been transferred to Amazon.MIT says it will use the proceeds of the sale to finance its own IPv6 network upgrades and “support activities focused on the future of the Internet and the global cyber-infrastructure.”From an announcement by Next Generation MITnet. Fourteen million of these IPv4 addresses have not been used, and we have concluded that at least eight million are excess and can be sold without impacting our current or future needs, up to the point when IPv6 becomes universal and address scarcity is no longer an issue. The Institute holds a block of 20 times 10^30 (20 nonillion) IPv6 addresses.To read this article in full or to leave a comment, please click here

MIT selling 8 million coveted IPv4 addresses; Amazon a buyer

MIT is selling half of its 16 million valuable IPv4 addresses – an increasingly scarce stash it has held since the birth of the Internet. While details of the sale have not been made public, at least some of those addresses have already been transferred to Amazon.MIT says it will use the proceeds of the sale to finance its own IPv6 network upgrades and “support activities focused on the future of the Internet and the global cyber-infrastructure.”From an announcement by Next Generation MITnet. Fourteen million of these IPv4 addresses have not been used, and we have concluded that at least eight million are excess and can be sold without impacting our current or future needs, up to the point when IPv6 becomes universal and address scarcity is no longer an issue. The Institute holds a block of 20 times 10^30 (20 nonillion) IPv6 addresses.To read this article in full or to leave a comment, please click here

MIT selling 8 million coveted IPv4 addresses; Amazon a buyer

MIT is selling half of its 16 million valuable IPv4 addresses – an increasingly scarce stash it has held since the birth of the Internet. While details of the sale have not been made public, at least some of those addresses have already been transferred to Amazon.MIT says it will use the proceeds of the sale to finance its own IPv6 network upgrades and “support activities focused on the future of the Internet and the global cyber-infrastructure.”From an announcement by Next Generation MITnet. Fourteen million of these IPv4 addresses have not been used, and we have concluded that at least eight million are excess and can be sold without impacting our current or future needs, up to the point when IPv6 becomes universal and address scarcity is no longer an issue. The Institute holds a block of 20 times 10^30 (20 nonillion) IPv6 addresses.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Is your company spending on the right security technologies?

Investing in security technologies is a given for most companies today, and with stories of breaches and hacks making headlines every week, the importance of these tools has risen to prominence.While there’s no shortage of security technologies to choose from, the big question that remains is: How does a company choose the right security investments? Many organizations struggle to implement the right tools to manage and mitigate risk, and getting all of these solutions to actually work together often presents an even bigger challenge.With that in mind, here are three considerations that can help companies make the right decisions when it comes to investing in security technology:To read this article in full or to leave a comment, please click here

IDG Contributor Network: Is your company spending on the right security technologies?

Investing in security technologies is a given for most companies today, and with stories of breaches and hacks making headlines every week, the importance of these tools has risen to prominence.While there’s no shortage of security technologies to choose from, the big question that remains is: How does a company choose the right security investments? Many organizations struggle to implement the right tools to manage and mitigate risk, and getting all of these solutions to actually work together often presents an even bigger challenge.With that in mind, here are three considerations that can help companies make the right decisions when it comes to investing in security technology:To read this article in full or to leave a comment, please click here

The Carrier Cloud Needs a New Fabric, Not a Patched Cloth

The unique advantage of NFCL is that it is built for the cloud.

IDG Contributor Network: Why banks should stay well clear of blockchain

If the financial services industry is banking on blockchain as the basis for new service innovation, it will be sorely disappointed. Blockchain's design principles are completely at odds with those of the industry, and the technology is fraught with flaws that could be catastrophic for financial institutions.I’ll come on to why in a moment. Clearly, there is a lot of hype and momentum around blockchain. WANdisco sees this first hand: We’re increasingly being approached by banks that think this is the kind of thing we do (it isn’t). And why are they interested? Because senior directors and investors have heard the buzz and concluded that this is something they need—that if they don’t seize the opportunity, they’ll miss out. They’re wrong. Banks need blockchain like a hole in the head.To read this article in full or to leave a comment, please click here