There’s now a tool to test for NSA spyware

Has your computer been infected with a suspected NSA spying implant? A security researcher has come up with a free tool that can tell.Luke Jennings of security firm Countercept wrote a script in response to last week’s high-profile leak of cyberweapons that some researchers believe are from the U.S. National Security Agency. It's designed to detect an implant called Doublepulsar, which is delivered by many of the Windows-based exploits found in the leak and can be used to load other malware.To read this article in full or to leave a comment, please click here

There’s now a tool to test for NSA spyware

Has your computer been infected with a suspected NSA spying implant? A security researcher has come up with a free tool that can tell.Luke Jennings of security firm Countercept wrote a script in response to last week’s high-profile leak of cyberweapons that some researchers believe are from the U.S. National Security Agency. It's designed to detect an implant called Doublepulsar, which is delivered by many of the Windows-based exploits found in the leak and can be used to load other malware.To read this article in full or to leave a comment, please click here

Self Driving Cars and Network Automation

Last year at Interop, there was a great mini-conference dedicated to the DevOps for Networking community. In that session, I kicked off the day with a general view of where the industry was with respect to the intersection of DevOps and networking with a focus on network automation.

One of the analogies I made was comparing network automation to self-driving cars posing the question, “Are they real?”…“Are they real for us (the consumer)?”

No, they are not, but I continued to make the analogy. Is complete network automation real today? While, the answer is yes, it’s not really a reality for most…yet.

So, what’s the connection between self-driving cars and network automation?

Start small and expand. Pick a problem, solve it, and integrate it.

Self-Driving Cars are Coming

While self-driving cars aren’t a reality for us to buy and purchase today, intelligent cars are– these are cars that have high-value services and features enhancing the way we drive, our safety, and much more generally, the way we in which we consume the streets and infrastructure around us.

These include automated features like self-parking, back-up cameras, automated beeping as you back-up, automatic-brakes, GPS, and computer systems that give Continue reading

Self Driving Cars and Network Automation

Last year at Interop, there was a great mini-conference dedicated to the DevOps for Networking community. In that session, I kicked off the day with a general view of where the industry was with respect to the intersection of DevOps and networking with a focus on network automation.

One of the analogies I made was comparing network automation to self-driving cars posing the question, “Are they real?”…“Are they real for us (the consumer)?”

No, they are not, but I continued to make the analogy. Is complete network automation real today? While, the answer is yes, it’s not really a reality for most…yet.

So, what’s the connection between self-driving cars and network automation?

Start small and expand. Pick a problem, solve it, and integrate it.

Self-Driving Cars are Coming

While self-driving cars aren’t a reality for us to buy and purchase today, intelligent cars are– these are cars that have high-value services and features enhancing the way we drive, our safety, and much more generally, the way we in which we consume the streets and infrastructure around us.

These include automated features like self-parking, back-up cameras, automated beeping as you back-up, automatic-brakes, GPS, and computer systems that give Continue reading

Mirantis Cloud Platform Combines OpenStack and Kubernetes Container Management

OpenStack is not dead, but 'containers are sexy.'

Join forces to eliminate spam – read the new report from the CRTC

Worth Reading: A usability approach to interdependent privacy in cloud apps

Given this state of affairs, the authors consider what practical steps can be taken to make users more aware of potential privacy loss, and perhaps change their decision making processes, when deciding which third-party apps should have access to files. Their elegant solution involves a privacy indicator (extra information shown to the user when deciding to grant a third-party app permissions) which a user study shows significantly increases the chances of a user making privacy-loss minimising decisions. Extrapolating the results of this study to simulations of larger Google Drive networks and an author collaboration network show that the indicator can help reduce privacy loss growth by 40% and 70% respectively. —the morning paper

The post Worth Reading: A usability approach to interdependent privacy in cloud apps appeared first on rule 11 reader.

HPE Joins 5G Lab Germany to Study IoT for Motor Vehicles

Ericsson also has a 5G/motor vehicle consortium based in Germany.

The Future Of SDN Is Up In The Air

The announcement this week that Riverbed is buying Xirrus was a huge sign that the user-facing edge of the network is the new battleground for SDN and SD-WAN adoption. Riverbed is coming off a number of recent acquisitions in the SDN space, including Ocedo just over a year ago. So, why then, would Riverbed chase down a wireless company when they’re so focused on the wiring behind the walls?

The New User Experience

When SDN was a pile of buzzwords attached to an idea that had just come out of Stanford, a lot of people were trying to figure out just what exactly SDN could offer them in terms of their network. Things like network slicing were the first big pieces to be put up before things like orchestration, programmability, and APIs were really brought to the fore. People were trying to figure out how to make this hot new thing work for them. Well, almost everyone.

Wireless professionals are a bit jaded when it comes to SDN. That’s because they’ve seen it already in the form of controller-based solutions. The idea that a central device can issue commands to remote access devices and control configurations easily? Airespace was doing Continue reading

Cloud Native Computing Foundation Addresses Container Networking Standards

'The time has come to standardize on a common interface,' says CNCF.

Response: Bose headphones spy on listeners: lawsuit | Reuters

How much money is there in customer profiling ?

The post Response: Bose headphones spy on listeners: lawsuit | Reuters appeared first on EtherealMind.

OpenStack Distances Itself from Intel-Rackspace Bad Press

The typical size of an OpenStack cloud increased, says survey.

AT&T’s 5G Test Sites Cater to Different Types of Users

Multiple vendors will use the test sites at the same time.

Monkey on a Wire

The post Monkey on a Wire appeared first on rule 11 reader.

Phishing attacks using internationalized domains are hard to block

The latest version of Google Chrome, released earlier this week, restricts how domain names that use non-Latin characters are displayed in the browser. This change is in response to a recently disclosed technique that could allow attackers to create highly credible phishing websites.The ability to register domain names made up of characters like those found in the Arabic, Chinese, Cyrillic, Hebrew and other non-Latin alphabets dates back over a decade. Since 2009, the Internet Corporation for Assigned Names and Numbers (ICANN) has also approved a large number of internationalized top-level domains (TLDs) -- domain extensions -- written with such characters.To read this article in full or to leave a comment, please click here

Phishing attacks using internationalized domains are hard to block

The latest version of Google Chrome, released earlier this week, restricts how domain names that use non-Latin characters are displayed in the browser. This change is in response to a recently disclosed technique that could allow attackers to create highly credible phishing websites.The ability to register domain names made up of characters like those found in the Arabic, Chinese, Cyrillic, Hebrew and other non-Latin alphabets dates back over a decade. Since 2009, the Internet Corporation for Assigned Names and Numbers (ICANN) has also approved a large number of internationalized top-level domains (TLDs) -- domain extensions -- written with such characters.To read this article in full or to leave a comment, please click here

SDxCentral Weekly News Roundup — April 21, 2017

Ixia collaborates with CORD Project; IBM releases new developer capabilities on Bluemix.

AES-CBC is going the way of the dodo

A little over a year ago, Nick Sullivan talked about the beginning of the end for AES-CBC cipher suites, following a plethora of attacks on this cipher mode.

Today we can safely confirm that this prediction is coming true, as for the first time ever the share of AES-CBC cipher suites on Cloudflare’s edge network dropped below that of ChaCha20-Poly1305 suites, and is fast approaching the 10% mark.

CC BY-SA 2.0 image by aesop

Over the course of the last six months, AES-CBC shed more than 33% of its “market” share, dropping from 20% to just 13.4%.

All of that share, went to AES-GCM, that currently encrypts over 71.2% of all connections. ChaCha20-Poly1305 is stable, with 15.3% of all connections opting for that cipher. Surprisingly 3DES is still around, with 0.1% of the connections.

The internal AES-CBC cipher suite breakdown as follows:

The majority of AES-CBC connections use ECDHE-RSA or RSA key exchange, and not ECDHE-ECDSA, which implies that we mostly deal with older clients.

RSA is also dying

In other good new, the use of ECDSA surpassed that of RSA at the beginning of the year. Currently more than 60% of all connections use Continue reading

Users’ orders: Make it easier to build hybrid clouds

A funny thing happened on the way to the hybrid cloud: Building the infrastructure was a pain in the neck.That's what enterprise IT people in the Open Networking User Group have discovered Last year, public cloud providers persuaded C-level executives to move significant corporate workloads to the cloud, but the tools weren't there to make it work, said Nick Lippis, co-founder and co-chairman of ONUG."There is a ton of custom work that has to be done," Lippis said.So the user group, which includes IT executives from hundreds of enterprises, chose building hybrid cloud infrastructure as its focus for this year. It will be the main topic at ONUG Spring 2017, taking place next week in San Francisco.To read this article in full or to leave a comment, please click here

Users’ orders: Make it easier to build hybrid clouds

A funny thing happened on the way to the hybrid cloud: Building the infrastructure was a pain in the neck.That's what enterprise IT people in the Open Networking User Group have discovered Last year, public cloud providers persuaded C-level executives to move significant corporate workloads to the cloud, but the tools weren't there to make it work, said Nick Lippis, co-founder and co-chairman of ONUG."There is a ton of custom work that has to be done," Lippis said.So the user group, which includes IT executives from hundreds of enterprises, chose building hybrid cloud infrastructure as its focus for this year. It will be the main topic at ONUG Spring 2017, taking place next week in San Francisco.To read this article in full or to leave a comment, please click here