Pwn2Own hacking contest ends with two virtual machine escapes

Two teams of researchers managed to win the biggest bounties at this year's Pwn2Own hacking contest by escaping from the VMware Workstation virtual machine and executing code on the host operating system.Virtual machines are in used in many scenarios to create throw-away environments that pose no threat to the main operating system in case of compromise. For example, many malware researchers execute malicious code or visit compromise websites inside virtual machines to observe their behavior and contain their impact.One of the main goals of hypervisors like VMware Workstation is to create a barrier between the guest operating system that runs inside the virtual machine and the host OS where the hypervisor runs. That's why VM escape exploits are highly prized, more so than browser or OS exploits.To read this article in full or to leave a comment, please click here

Pwn2Own hacking contest ends with two virtual machine escapes

Two teams of researchers managed to win the biggest bounties at this year's Pwn2Own hacking contest by escaping from the VMware Workstation virtual machine and executing code on the host operating system.Virtual machines are in used in many scenarios to create throw-away environments that pose no threat to the main operating system in case of compromise. For example, many malware researchers execute malicious code or visit compromise websites inside virtual machines to observe their behavior and contain their impact.One of the main goals of hypervisors like VMware Workstation is to create a barrier between the guest operating system that runs inside the virtual machine and the host OS where the hypervisor runs. That's why VM escape exploits are highly prized, more so than browser or OS exploits.To read this article in full or to leave a comment, please click here

Maybe iPhone 8 will gain augmented reality — or maybe AR will replace the iPhone

Growing in stature among the many iPhone 8 (or iPhone X) rumors is that Apple might bring augmented reality to iOS 11 this summer and to its 10th anniversary iPhone this coming fall. After all, CEO Tim Cook has absolutely gushed about AR, even saying it will become an essential part of your daily life.A Bloomberg report this week that details the personnel hires, company buyouts and other efforts underway at Apple involving AR is fueling speculation that big doings are indeed afoot. Apple — which declined to comment for Bloomberg — has hired those who have worked on technologies such as Oculus, HoloLens and THX audio, and has a cross-departmental group of hundreds of engineers on the project, the report says. Gene Munster, a longtime Apple watcher who recently formed Loup Ventures to invest in companies focused in areas such as AR, VR and robotics, tells Bloomberg that AR devices could even someday replace iPhones. To read this article in full or to leave a comment, please click here

IDG Contributor Network: SREcon17: Brave new world of site reliability engineering

Last week, I was fortunate to participate in SREcon17 Americas, a conference organized by USENIX for site reliability engineers. What’s a site reliability engineer (SRE)? Ben Treynor, founder of Google's site reliability team, once explained it’s "what happens when a software engineer is tasked with what used to be called operations."An important role in the DevOps practice, these engineers concentrate on reliability (of course) and scalability (at amazing levels) in highly distributed systems (microservices multiplying like rabbits). They run some of the largest websites on the planet and are inventing a new field of expertise while they do it.To read this article in full or to leave a comment, please click here

ARP, ARP Inspection, ARP Types and Deployment Considerations

Layer 2 security –  ARP and ARP Inspection   Introduction   This article is the second of our layer 2 attacks identification and mitigation techniques series, which will be a part of a bigger series discussing Security Infrastructure. Dynamic ARP Inspection relies on DHCP snooping technology explained in the previous article. It’s strongly recommended to […]

The post ARP, ARP Inspection, ARP Types and Deployment Considerations appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Google News: Brady jerseys more important than Trump/Russia or Supreme Court

Whether strictly the creation of an algorithm run amok or an inexplicable human error, Google News right now is demonstrating the kind of news judgment that has made it one of the company’s weakest products … and may well speak to the state of our celebrity-worshipping society.As Congress simultaneously holds hearings on Russian interference in last year’s presidential election and the pending confirmation of a justice to the United States Supreme Court, topping both stories in terms of importance, at least according to Google News, is the recovery of Tom Brady’s missing Super Bowl jerseys. Google News I’ve been a Patriots fan longer than I’ve been a journalist and I’ve been both for longer than I’d like to admit. This is nuts.  To read this article in full or to leave a comment, please click here

Rough Guide to IETF 98: Internet Infrastructure Resilience

Let’s look at what’s happening in the area of Internet infrastructure resilience in the IETF and at the upcoming IETF 98 meeting. My focus here is primarily on the routing and forwarding planes and specifically routing security and unwanted traffic of Distributed Denial of Service Attacks (DDoS) attacks. There is interesting and important work underway at the IETF that can help address problems in both areas.

Andrei Robachevsky

Middleboxes and the End-to-End Principle

The IP suite was always loosely grounded in the end-to-end principle, defined here (a version of this paper is also apparently available here), is quoted in RFC2775 as:

The function in question can completely and correctly be implemented only with the knowledge and help of the application standing at the endpoints of the communication system. Therefore, providing that questioned function as a feature of the communication system itself is not possible. … This principle has important consequences if we require applications to survive partial network failures. An end-to-end protocol design should not rely on the maintenance of state (i.e. information about the state of the end-to-end communication) inside the network.

How are the Internet and (by extension) IP networks in general doing in regards to the end-to-end principle? Perhaps the first notice in IETF drafts is RFC2101, which argues the IPv4 address was originally a locater and an identifier, and that the locater usage has become the primary usage. This is much of the argument around LISP and many other areas of work—but I think 2101 mistates the case a bit. That the original point of an IP address is to locate a topological location in the network is Continue reading

Google Team Refines GPU Powered Neural Machine Translation

Despite the fact that Google has developed its own custom machine learning chips, the company is well-known as a user of GPUs internally, particularly for its deep learning efforts, in addition to offering GPUs in its cloud.

At last year’s Nvidia GPU Technology Conference, Jeff Dean, Senior Google Fellow offered a vivid description of how the search giant has deployed GPUs for a large number of workloads, many centered around speech recognition and language-oriented research projects as well as various computer vision efforts. What was clear from Dean’s talk—and from watching other deep learning shops with large GPU cluster

Google Team Refines GPU Powered Neural Machine Translation was written by Nicole Hemsoth at The Next Platform.

39% off Samsung Gear 360, 360-degree High-Res VR Camera – Deal Alert

The Gear 360 is smaller than a baseball, so you can just hold it and shoot. Or set it down on the included tripod and live in the moment. Look all around you -- that’s what you capture with the Gear 360. Every angle, all at once, every time. Play videos back, trim and instantly share your creation on YouTube, Facebook or Samsung VR. Right now the Gear 360 is significantly discounted from its typical list price of $350. With the current 39% off deal you can get it now for just $214 on Amazon, where it averages 4 out of 5 stars (read recent reviews).  See the discounted Samsung Gear 360-degree camera now on Amazon.To read this article in full or to leave a comment, please click here

How IBM wants to bring blockchain from Bitcoin to your data center

At its InterConnect conference in Las Vegas this week, IBM is announcing new features for its open source cloud-hosted blockchain service in an attempt to bring this distributed database technology from its initial use of powering Bitcoin to a broader market, including the financial services industry.Blockchain is a distributed database that maintains a continually growing list of records that can be verified using hashing techniques. Vendors such as IBM and Microsoft are attempting to commercialize it by offering customers a platform for hosting their own implementations. Analysts say the market to do so is just emerging.+MORE AT NETWORK WORLD: The future of networking is in a white box | How to get the most out of data and services in a multi-cloud world +To read this article in full or to leave a comment, please click here

Cisco issues critical warning after CIA WikiLeaks dump bares IOS security weakness

A vulnerability in Cisco’s widely deployed IOS software that was disclosed in the recent WikiLeaks dump of CIA exploits has triggered the company to release a critical warning for its Catalyst networking customers.+More on Cisco Security on Network World: Cisco security advisory dump finds 20 warnings, 2 critical+The vulnerability -- which could let an attacker cause a reload of an affected device or remotely execute code and take over a device -- impacts more than 300 models of Cisco Catalyst switches from the model 2350-48TD-S Switch to the Cisco SM-X Layer 2/3 EtherSwitch Service Module.To read this article in full or to leave a comment, please click here

Cisco issues critical warning after CIA WikiLeaks dump bares IOS security weakness

A vulnerability in Cisco’s widely deployed IOS software that was disclosed in the recent WikiLeaks dump of CIA exploits has triggered the company to release a critical warning for its Catalyst networking customers.+More on Cisco Security on Network World: Cisco security advisory dump finds 20 warnings, 2 critical+The vulnerability -- which could let an attacker cause a reload of an affected device or remotely execute code and take over a device -- impacts more than 300 models of Cisco Catalyst switches from the model 2350-48TD-S Switch to the Cisco SM-X Layer 2/3 EtherSwitch Service Module.To read this article in full or to leave a comment, please click here