Only lobbyist and politicians matter, not techies

The NSA/CIA will only buy an 0day if they can use it. They can't use it if they disclose the bug.

I point this out, yet again, because of this WaPo article [*] built on the premise that the NSA/CIA spend millions of dollars on 0day they don't use, while unilaterally disarming tiself. Since that premise is false, the entire article is false. It's the sort of article you get when all you interview are Washington D.C. lobbyists and Washington D.C. politicians -- and no outside experts.


It quotes former cyberczar (under Obama) Michael Daniel explaining that the "default assumption" is to disclose 0days that the NSA/CIA get. This is a Sean Spicer style lie. He's paid to say this, but it's not true. The NSA/CIA only buy 0day if they can use it. They won't buy 0day if the default assumption is that they will disclose it. QED: the default assumption of such 0day is they won't disclose them.

The story quotes Ben Wizner of the ACLU saying that we should patch 0days instead of using them. Patching isn't an option. If we aren't using them, then we aren't buying them, and hence, there are Continue reading

Microsoft’s Visual Studio 2017 hits general availability

Microsoft’s tools for developers hit another milestone Tuesday, when the company made Visual Studio 2017 generally available. As the name implies, this is the next major release of Microsoft’s integrated development environment. It’s aimed at providing tools for developers to create modern apps for the cloud, mobile platforms and more. The software gained a Xamarin Forms previewer that lets users view a mobile user interface for iOS and Android apps as they’re writing XAML, an XML-based markup language developed by Microsoft.To read this article in full or to leave a comment, please click here

Extreme Networks buying Avaya networking good for customers of both companies

The fate of Avaya’s networking business has been the subject of speculation for well over a year now. In December, I wrote about the most likely suitors for the business. Ideally, I would have liked to have seen Avaya remain a “full stack” solution provider and keep the group, but it appears that wasn’t in the bankruptcy cards. This brings us to the current news where the winner of the Avaya Networking sweepstakes is (drum roll… although its in the title) Extreme Networks. That’s correct: Purple Extreme Networks is purchasing the networking assets from Avaya (Red) that came to it from Nortel (blue), so from a color perspective, it all makes sense. To read this article in full or to leave a comment, please click here

Extreme Networks buying Avaya networking good for customers of both companies

The fate of Avaya’s networking business has been the subject of speculation for well over a year now. In December, I wrote about the most likely suitors for the business. Ideally, I would have liked to have seen Avaya remain a “full stack” solution provider and keep the group, but it appears that wasn’t in the bankruptcy cards. This brings us to the current news where the winner of the Avaya Networking sweepstakes is (drum roll… although its in the title) Extreme Networks. That’s correct: Purple Extreme Networks is purchasing the networking assets from Avaya (Red) that came to it from Nortel (blue), so from a color perspective, it all makes sense. To read this article in full or to leave a comment, please click here

Extreme Networks buying Avaya networking good for customers of both companies

The fate of Avaya’s networking business has been the subject of speculation for well over a year now. In December, I wrote about the most likely suitors for the business. Ideally, I would have liked to have seen Avaya remain a “full stack” solution provider and keep the group, but it appears that wasn’t in the bankruptcy cards. This brings us to the current news where the winner of the Avaya Networking sweepstakes is (drum roll… although its in the title) Extreme Networks. That’s correct: Purple Extreme Networks is purchasing the networking assets from Avaya (Red) that came to it from Nortel (blue), so from a color perspective, it all makes sense. To read this article in full or to leave a comment, please click here

CIA-made malware? Now antivirus vendors can find out

Thanks to WikiLeaks, antivirus vendors will soon be able to figure out if you have been hacked by the CIA. On Tuesday, WikiLeaks dumped a trove of 8,700 documents that allegedly detail the CIA’s secret hacking operations, including spying tools designed for mobile phones, PCs and smart TVs. WikiLeaks has redacted the actual source code from the files to prevent the distribution of cyber weapons, it said. Nevertheless, the document dump -- if real -- still exposes some of the techniques that the CIA has allegedly been using.To read this article in full or to leave a comment, please click here

CIA-made malware? Now antivirus vendors can find out

Thanks to WikiLeaks, antivirus vendors will soon be able to figure out if you have been hacked by the CIA. On Tuesday, WikiLeaks dumped a trove of 8,700 documents that allegedly detail the CIA’s secret hacking operations, including spying tools designed for mobile phones, PCs and smart TVs. WikiLeaks has redacted the actual source code from the files to prevent the distribution of cyber weapons, it said. Nevertheless, the document dump -- if real -- still exposes some of the techniques that the CIA has allegedly been using.To read this article in full or to leave a comment, please click here

Cloudflare at Google NEXT 2017

The Cloudflare team is headed to Google NEXT 2017 from March 8th - 10th at Moscone Center in San Francisco, CA. We’re excited to meet with customers, partners, and new friends.

Come learn about Cloudflare’s recent partnership with Google Cloud Platform (CGP) through their CDN Interconnect Program. Cloudflare offers performance and security to over 25,000 Google Cloud Platform customers. The CDN Interconnect program allows Cloudflare’s servers to establish high-speed interconnections with Google Cloud Platform at various locations around the world, accelerating dynamic content while reducing bandwidth and egress billing costs.

We’ll be at booth C7 discussing the benefits of Cloudflare, our partnership with Google Cloud Platform, and handing out Cloudflare SWAG. In addition, our Co-Founder, Michelle Zatlyn, will be presenting “What is Google Cloud Platform’s CDN Interconnect Program?

Google Cloud Platform’s CDN Interconnect program allows select CDN providers to establish direct interconnect links with Google’s edge network at various locations. Customers egressing network traffic from Google Cloud Platform through one of these links will benefit from the direct connectivity to the CDN providers and will Continue reading

Naples Opterons Give AMD A Second Chance In Servers

There are not a lot of second chances in the IT racket. AMD wants one, and we think, has earned one.

Such second chances are hard to come by, and we can rattle off a few of them because they are so rare. Intel pivoted from a memory maker to a processor maker in the mid-1980s, and has come to dominate compute in everything but handheld devices. In the mid-1990s, IBM failed to understand the RISC/Unix and X86 server waves swamping the datacenter and nearly went bankrupt and salvaged itself as software and services provider to glass houses. A decade

Naples Opterons Give AMD A Second Chance In Servers was written by Timothy Prickett Morgan at The Next Platform.

Some comments on the Wikileaks CIA/#vault7 leak

I thought I'd write up some notes about the Wikileaks CIA "#vault7" leak. This post will be updated frequently over the next 24 hours.


The CIA didn't remotely hack a TV. The docs are clear that they can update the software running on the TV using a USB drive. There's no evidence of them doing so remotely over the Internet. If you aren't afraid of the CIA breaking in an installing a listening device, then you should't be afraid of the CIA installing listening software.


The CIA didn't defeat Signal/WhattsApp encryption. The CIA has some exploits for Android/iPhone. If they can get on your phone, then of course they can record audio and screenshots. Technically, this bypasses/defeats encryption -- but such phrases used by Wikileaks arehighly misleading, since nothing related to Signal/WhatsApp is happening. What's happening is the CIA is bypassing/defeating the phone. Sometimes. If they've got an exploit for it, or can trick you into installing their software.


There's no overlap or turf war with the NSA. The NSA does "signals intelligence", so they hack radios and remotely across the Internet. The CIA does "humans intelligence", so they hack locally, with a human. The sort of thing they do Continue reading

Extreme grabs Avaya’s networking business for $100M

Extreme Networks continued to expand its enterprise networking portfolio today buying up the network technology of Avaya Holdings– which is in Chapter 11 bankruptcy -- for $100 million. Extreme’s Ed Meyercord, President and CEO said he expects the deal will broaden the company’s software and strengthen its presence in vertical markets such as healthcare and manufacturing. Norman Rice, an executive vice president with Extreme added that some of Avaya’s strengths included its networking fabric and Network Micro-Segmentation technology that helps customers secure enterprise components. +More on Network World: Avaya wants out of S.F. stadium suite, not too impressed with 49ers on field performance either+ To read this article in full or to leave a comment, please click here

Extreme grabs Avaya’s networking business for $100M

Extreme Networks continued to expand its enterprise networking portfolio today buying up the network technology of Avaya Holdings– which is in Chapter 11 bankruptcy -- for $100 million. Extreme’s Ed Meyercord, President and CEO said he expects the deal will broaden the company’s software and strengthen its presence in vertical markets such as healthcare and manufacturing. Norman Rice, an executive vice president with Extreme added that some of Avaya’s strengths included its networking fabric and Network Micro-Segmentation technology that helps customers secure enterprise components. +More on Network World: Avaya wants out of S.F. stadium suite, not too impressed with 49ers on field performance either+ To read this article in full or to leave a comment, please click here

Extreme grabs Avaya’s networking business for $100M

Extreme Networks continued to expand its enterprise networking portfolio today buying up the network technology of Avaya Holdings– which is in Chapter 11 bankruptcy -- for $100 million. Extreme’s Ed Meyercord, President and CEO said he expects the deal will broaden the company’s software and strengthen its presence in vertical markets such as healthcare and manufacturing. Norman Rice, an executive vice president with Extreme added that some of Avaya’s strengths included its networking fabric and Network Micro-Segmentation technology that helps customers secure enterprise components. +More on Network World: Avaya wants out of S.F. stadium suite, not too impressed with 49ers on field performance either+ To read this article in full or to leave a comment, please click here

Wikileaks’ dump of CIA exploits exposes enterprises to new risks

Corporations concerned about the release of thousands of CIA documents detailing hacks against Apple iOS and Mac OSX, Google’s Android, Microsoft’s Windows, Linux and Solaris need to conduct a fresh round of risk assessment that takes the new revelations into account.While the trove of leaked data – known as Vault 7 – doesn’t include code for actual exploits, it does describe the types of vulnerabilities they take advantage of, which can still be of value to both defenders and potential attackers, says John Pironti, president of IP Architects, a security risk consulting firm.To read this article in full or to leave a comment, please click here

Wikileaks’ dump of CIA exploits exposes enterprises to new risks

Corporations concerned about the release of thousands of CIA documents detailing hacks against Apple iOS and Mac OSX, Google’s Android, Microsoft’s Windows, Linux and Solaris need to conduct a fresh round of risk assessment that takes the new revelations into account.While the trove of leaked data – known as Vault 7 – doesn’t include code for actual exploits, it does describe the types of vulnerabilities they take advantage of, which can still be of value to both defenders and potential attackers, says John Pironti, president of IP Architects, a security risk consulting firm.To read this article in full or to leave a comment, please click here

Amazon S3 Outage: Another Opinion Piece

So Amazon S3 had some “issues” last week and it’s taken me a few days to put my thoughts together around this. Hopefully I’ve made the tail-end of the still interested-enough-to-find-this-blog-valuable period.

Trying to make the best of a bad situation, the good news, in my opinion, is that this shows that infrastructure people still have a place in the automated cloudy world of the future. At least that’s something right?

What happened:

You can read the detailed explanation on Amazon’s summary here.

In a nutshell

  • there was a small problem
  • they tried to fix it
  • things went bad for a relatively short time
  • They fixed it

What happened during:

The internet lost it’s minds. Or more accurately, some parts of the internet went down. Some of them extremely ironic

UNADJUSTEDNONRAW thumb bbfd

Initial thoughts

The reaction to this event is amusing and it drives home the point that infrastructure engineers are as critical as ever, if not even more important considering the complete lack of architecture that seems to have gone into the majority of these “applications”.

First let’s talk about availability: Looking at the Amazon AWS S3 SLA, available here, it looks like they did fall below there 99.9% SLA for Continue reading

1 2,215 2,216 2,217 2,218 2,219 3,808