Microsoft paying a bug bounty of $30,000

First off, I have to issue something of a correction regarding last week's blog post on Intel price cuts. As it turns out, I have been informed that Intel didn't cut the prices, Micro Center cut them as a loss leader, something it frequently does. It doesn't change the bargain prices, just the motivation. So, I wanted to set the record straight on that. Onward. Microsoft is looking for a few good bugs. And people who will keep it quiet. OK, so I have no evidence of direct causality, but it seems convenient. Over the past few weeks, Google has embarrassed Microsoft twice by publicly disclosing security vulnerabilities in Windows 10 that still have not been patched after 90 days. Google has no mercy with its Zero Day disclosures and plays no favorites. Any company that does not fix a bug by 90 days after Google informs them of it will be hung out to dry. To read this article in full or to leave a comment, please click here

Microsoft paying a bug bounty of $30,000

First off, I have to issue something of a correction regarding last week's blog post on Intel price cuts. As it turns out, I have been informed that Intel didn't cut the prices, Micro Center cut them as a loss leader, something it frequently does. It doesn't change the bargain prices, just the motivation. So, I wanted to set the record straight on that. Onward. Microsoft is looking for a few good bugs. And people who will keep it quiet. OK, so I have no evidence of direct causality, but it seems convenient. Over the past few weeks, Google has embarrassed Microsoft twice by publicly disclosing security vulnerabilities in Windows 10 that still have not been patched after 90 days. Google has no mercy with its Zero Day disclosures and plays no favorites. Any company that does not fix a bug by 90 days after Google informs them of it will be hung out to dry. To read this article in full or to leave a comment, please click here

IBM’s new Q program to include a 50-qubit quantum computer

Characters named Q in film and TV have been portrayed as being exceptional. Q in the James Bond movies served up futuristic gadgets, and Q in Star Trek was omnipotent.A new quantum computing program called Q at IBM will be remarkable in its own right. In a few years, IBM plans to create a quantum computer with more than 50 qubits, which should push conventional computers one step closer to the trash heap.IBM Q will deliver paid quantum computing consulting and services to users. It's much like IBM's Watson, which uses conventional computers, but Q uses quantum computers.The 50-qubit quantum computer will be 10 times larger than a 5-qubit system already housed by IBM. And the new system will be able to do things that conventional computers can't do. It will accelerate drug discovery and make scientific discoveries, IBM said.To read this article in full or to leave a comment, please click here

Checklist for choosing a small cloud host or ISP

I’ve gone through a number of hosting companies. My NOC is at Expedient in Indianapolis (Carmel). They do a great job for my testing needs. They have a large, well-designed facility, lots of power and, most important, they know what they’re doing and do it 24/7.In my role as someone who knows the difference between UDP and TCP, I get asked a lot to recommend an ISP or cloud host for purposes of web and mail hosting for small businesses, organizations and even generic civilians. Over the years, I’ve found some common difficulties that can mean the difference between enjoyable experiences and long, drawn-out support problems with incumbent frustration.To read this article in full or to leave a comment, please click here

Interdatacenter broadcast control – ARP Proxy in OTV and EVPN

When it comes to multi domain or Inter datacenter communication, minimizing the broadcast traffic between the datacenters is an important scaling requirement. Especially if you are dealing with millions of end hosts, localizing the broadcast traffic is critical to save resources on the network and the end hosts. Resources are bandwidth , CPU , memory […]

The post Interdatacenter broadcast control – ARP Proxy in OTV and EVPN appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Should police departments be able to have their own DNA databases?

DNA is supposed to be the answer for solving cold cases. For example, Wisconsin police have turned to DNA to help solve a 42-year-old cold case of “Baby Sarah.” Recently in Niagara Falls, cops found the man responsible for a smash and grab robbery committed 11 years ago, in 2006, via DNA which the man had been ordered to submit for unrelated offences. But it takes some state labs a year-and-a-half to process DNA, so some police departments are bypassing the state labs and creating their own DNA databases to track criminals.To read this article in full or to leave a comment, please click here

Should police departments be able to have their own DNA databases?

DNA is supposed to be the answer for solving cold cases. For example, Wisconsin police have turned to DNA to help solve a 42-year-old cold case of “Baby Sarah.” Recently in Niagara Falls, cops found the man responsible for a smash and grab robbery committed 11 years ago, in 2006, via DNA which the man had been ordered to submit for unrelated offences. But it takes some state labs a year-and-a-half to process DNA, so some police departments are bypassing the state labs and creating their own DNA databases to track criminals.To read this article in full or to leave a comment, please click here

Part 4 of Thinking Serverless —  Addressing Security Issues

This is a guest repost by Ken Fromm, a 3x tech co-founder — Vivid Studios, Loomia, and Iron.io. Here's Part 1 and 2 and 3

This post is the last of a four-part series of that will dive into developing applications in a serverless way. These insights are derived from several years working with hundreds of developers while they built and operated serverless applications and functions.

The platform was the serverless platform from Iron.io but these lessons can also apply to AWS LambdaGoogle Cloud FunctionsAzure Functions, and IBM’s OpenWhisk project.

Arriving at a good definition of cloud IT security is difficult especially in the context of highly scalable distributed systems like those found in serverless platforms. The purpose of this post is to not to provide an exhaustive set of principles but instead highlight areas that developers, architects, and security officers might wish to consider when evaluating or setting up serverless platforms.

Serverless Processing — Similar But Different

High-scale task processing is certainly not a new concept in IT as it has parallels that date back to the days of job processing on mainframes. The abstraction layer provided by serverless process — in combination with Continue reading

Worth Reading: Redliner

…due to the nature of rapid-growing web services like LinkedIn, we face big challenges when trying to measure service capacity limits. These challenges come from the constantly changing traffic shape, the heterogeneous infrastructure characteristics, and the evolving bottlenecks. In order to determine service capacity limits accurately and pinpoint capacity bottlenecks effectively, we need a solution that… —LinkedIn Engineering Blog

The post Worth Reading: Redliner appeared first on 'net work.

IDG Contributor Network: Why BPM is now taking a central role in digital transformation

Business Process Management (BPM) has always been one of those disciplines that sounded great on paper but was difficult to realize in practice. It made sense that documenting, analyzing and managing the entirety of an organization’s business processes would enable those organizations to increase operational efficiency. But for those brave organizations that gave it the "old college try"—particularly in the early days of BPM—the results were seldom spectacular.A new generation of BPM software, however, is changing this trajectory. Driven by the need for speed and agility, in addition to the traditional needs of efficiency and optimization, organizations are now turning to BPM as a key driver of digital transformation.To read this article in full or to leave a comment, please click here

IPAM and DNS with CNI

In the first post of this series we talked about some of the CNI basics.  We then followed that up with a second post showing a more real world example of how you could use CNI to network a container.  We’ve covered IPAM lightly at this point since CNI relies on it for IP allocation but we haven’t talked about what it’s doing or how it works.  In addition – DNS was discussed from a parameter perspective in the first post where we talked about the CNI spec but that’s about it.  The reason for that is that CNI doesn’t actually configure container DNS.  Confused?  I was too.  I mean why is it in the spec if I can’t configure it?

To answer these questions, and see how IPAM and DNS work with CNI, I think a deep dive into an actual CNI implementation would be helpful.  That is – let’s look at a tool that actually implements CNI to see how it uses it.  To do that we’re going to look at the container runtime from the folks at CoreOS – Rocket (rkt).  Rkt can be installed fairly easily using this set of commands…

wget https://github.com/coreos/rkt/releases/download/v1.25.0/rkt_1. Continue reading

Pardon the interruption: Here’s how your smartphone could be less of a noodge

Rutgers University researchers have examined the tolerance levels of different personality types for being interrupted by smartphone notifications in an effort that could help phone makers and app developers build offerings that are more useful and less annoying.The research, outlined in a paper titled "How Busy Are You? Predicting the Interruptibility Intensity of Mobile Users," will be presented at the ACM CHI Conference on Human Factors in Computing Systems in Denver this May.In fact, this research will have plenty of company in terms of new insights into how technology intrudes on people's lives. Other papers being presented include: "'If a person is emailing you, it just doesn't make sense': Exploring Changing Consumer Behaviors in Email" and "Reducing Interruptions at Work: A Large-Scale Field Study of FlowLight."To read this article in full or to leave a comment, please click here

Administravia 030417

Just a few notes on the blog site in general. I’ve rebuilt the sixty books pages without tables. I don’t know if this is better, but it does load a bit faster. I’ve also added links to my GoodReads and Feedly profiles just in case you’re interested in what I’m currently reading/read on a regular basis. I didn’t include all the RSS feeds I read in the shared Feedly profile, just general, culture, and technology.

The post Administravia 030417 appeared first on 'net work.

IDG Contributor Network: Digital fingerprints: The truth is out there

People lie all the time. At least I think so. It’s hard to know for sure. It can be really hard to tell if someone is lying, as few of us have Larry David’s ability to see truth by looking deeply into someone’s eyes. If only there were a machine or something that could tell us if someone is lying.Whoever dubbed the polygraph a lie detector was a liar. A polygraph when paired with questioning techniques is supposed to ascertain truths and falsehoods. Unfortunately, polygraphs lie. On the unsuspecting they can be slightly more effective than guessing, but they can be easily fooled so can’t be trusted.+ Also on Network World: Cops use pacemaker data to charge homeowner with arson, insurance fraud + Instead of relying on one device to measure a statement, the truth is increasingly found by using lots of devices that can corroborate or contradict one’s story. In other words, there’s no need to catch someone with their hand in the cookie jar if the cookie jar has biometric sensors.To read this article in full or to leave a comment, please click here

Aruba’s top execs talk new tech, IoT and the competition

In the roughly two years since Aruba Networks was acquired by HPE, it’s become the larger company’s de facto wireless arm, more or less taking over HPE’s existing networking division and changing almost not at all after the merger. Network World sat down with Senior Vice President and General Manager Keerti Melkote and CTO Partha Narasimhan at Aruba’s annual Atmosphere conference in Nashville last week to talk about future wireless technology, security, and more. + ALSO ON NETWORK WORLD: University of Washington Wi-Fi-meister talks Aruba, managing big networks | Aruba’s top exec, customers talk about Wi-Fi’s present and future at Atmosphere 2017 +To read this article in full or to leave a comment, please click here

Aruba’s top execs talk new tech, IoT and the competition

In the roughly two years since Aruba Networks was acquired by HPE, it’s become the larger company’s de facto wireless arm, more or less taking over HPE’s existing networking division and changing almost not at all after the merger.Network World sat down with Senior Vice President and General Manager Keerti Melkote and CTO Partha Narasimhan at Aruba’s annual Atmosphere conference in Nashville last week to talk about future wireless technology, security, and more.+ ALSO ON NETWORK WORLD: University of Washington Wi-Fi-meister talks Aruba, managing big networks | Aruba’s top exec, customers talk about Wi-Fi’s present and future at Atmosphere 2017 +To read this article in full or to leave a comment, please click here

Face-off: SAP vs. IBM for talent management

SAP acquired HR software company SuccessFactors for $3.4 billion in 2012. IBM acquired HR software company Kenexa for $1.3 billion the same year. Now the two are locked in a battle with Oracle, Cornerstone, Workday and many other vendors offering corporate software for talent management.To read this article in full or to leave a comment, please click here(Insider Story)

Serverless computing: Freedom for devs at last

Serverless computing provides a great opportunity for developers seeking relief from the burden of infrastructure. By abstracting away everything but a block of code, the serverless model makes it faster for developers to iterate and deploy new code, enabling smaller teams with smaller budgets to do things that only big companies could do before. Or, as Mat Ellis, founder and CEO of Cloudability, recently said in a CloudCast episode, “Serverless attempts to industrialize developer impact.”On-premises serverlessTo read this article in full or to leave a comment, please click here(Insider Story)

1 2,254 2,255 2,256 2,257 2,258 3,841