Linux Foundation smushes two smaller projects together to form Open Networking Automation Platform

The Linux Foundation announced yesterday that it had combined open source ECOMP and the Open Orchestrator Project into ONAP, the Open Networking Automation Platform, with the aim of helping users automate network service delivery, design, and service through a unified standard.Jim Zemlin, executive director of the Linux Foundation, said that ONAP should be a boon to enterprise IT departments, thanks to improved speed and flexibility.+MORE ON NETWORK WORLD: FCC rolls back net neutrality ISP transparency rules + Brocade's Ruckus Wi-Fi business finds a buyerTo read this article in full or to leave a comment, please click here

Ransomware ‘customer support’ chat reveals criminals’ ruthlessness

Ransomware criminals chatting up victims, offering to delay deadlines, showing how to obtain Bitcoin, dispensing the kind of customer support that consumers lust for from their cable and mobile plan providers, PC and software makers?What's not to love?Finnish security vendor F-Secure yesterday released 34 pages of transcripts from the group chat used by the crafters of the Spora ransomware family. The back-and-forth not only put a spotlight on the gang's customer support chops, but, said a company security advisor, illustrated the intertwining of Bitcoin and extortion malware.To read this article in full or to leave a comment, please click here

Ransomware ‘customer support’ chat reveals criminals’ ruthlessness

Ransomware criminals chatting up victims, offering to delay deadlines, showing how to obtain Bitcoin, dispensing the kind of customer support that consumers lust for from their cable and mobile plan providers, PC and software makers?What's not to love?Finnish security vendor F-Secure yesterday released 34 pages of transcripts from the group chat used by the crafters of the Spora ransomware family. The back-and-forth not only put a spotlight on the gang's customer support chops, but, said a company security advisor, illustrated the intertwining of Bitcoin and extortion malware.To read this article in full or to leave a comment, please click here

How big data is changing the nature of policing from reactive to proactive

Dwindling budgets, the changing nature of crime and the contemporary demands of communities are forcing police across the country to reevaluate their approach to law enforcement. Adding data-driven insights to their traditional policing expertise could provide a solution. It has already found a home in numerous areas of policing, from fraud detection to the identification of crime hotspots, and is transforming methods of policing from reactive to preventative."We strive to be more preventative," Detective Chief Superintendent of West Midlands Police Andy Hill told the audience at the Reform Big Data in Government Conference on Tuesday. "That isn't a new concept for policing. If we look back to Sir Robert Peel's 1829 Principles of Policing, it's number one on that list and then it recurs again down at number nine [the final entry on the list]."To read this article in full or to leave a comment, please click here

Create your own Slack bots — and web APIs — in R

One of Slack's greatest appeals is that it's so extensible. While its main purpose is group collaboration, add-on apps can do everything from answer questions about business analytics to offer project updates from tools like Jira and Trello.Step 3: Host the R API remotelyTo read this article in full or to leave a comment, please click here(Insider Story)

The future of biometrics and IoT

Biometrics in useImage by ThinkstockBiometrics falls into the third category of security modalities: (1) what we have: e.g. key, RFID card or ID card; (2) what we know: e.g. password, PIN, challenge/response answers like mother’s maiden name or first pet; and (3) what we are: e.g. biometrics, such as our fingerprint, face, iris, etc.To read this article in full or to leave a comment, please click here(Insider Story)

Has fraud met its match?

Many prognosticators have pronounced privacy a pipe dream. With the mountains of personal information on social networks and the lack of security awareness by many users, cybercriminals have more than a snowball’s chance to grab anyone’s identity.However, there are new ideas for counteracting identity theft that would take into account a person’s physical attributes to add another layer of security. The idea of using a fingerprint reader to log on to a smartphone isn't new, but the latest wrinkle is to incorporate the pressure with which that finger types on the phone.More than 41 million Americans have had their identities stolen, and millions more have had their personally identifiable information (PII) placed at risk through a data breach, according to a Bankrate.com survey of 1,000 adults conducted last month.To read this article in full or to leave a comment, please click here

Has fraud met its match?

Many prognosticators have pronounced privacy a pipe dream. With the mountains of personal information on social networks and the lack of security awareness by many users, cybercriminals have more than a snowball’s chance to grab anyone’s identity.However, there are new ideas for counteracting identity theft that would take into account a person’s physical attributes to add another layer of security. The idea of using a fingerprint reader to log on to a smartphone isn't new, but the latest wrinkle is to incorporate the pressure with which that finger types on the phone.More than 41 million Americans have had their identities stolen, and millions more have had their personally identifiable information (PII) placed at risk through a data breach, according to a Bankrate.com survey of 1,000 adults conducted last month.To read this article in full or to leave a comment, please click here

Trump expected to cut federal IT spending

President Donald Trump said this week that the federal budget is a "mess" and is promising to make it leaner. This means that federal IT spending -- now at $81.6 billion -- is likely to see cuts, analysts said.The Trump administration is still filling top technology policy positions, including replacing former federal CIO Tony Scott, who left last month. Scott, a former CIO of Microsoft and The Walt Disney Co., was appointed by President Barack Obama in February 2015.For now, all eyes are on former U.S. Rep. Mick Mulvaney (R-S.C.), Trump's just-confirmed budget director. Elected in 2010, Mulvaney was part of the Tea Party wave and a member of the conservative House voting block, the Freedom Caucus.To read this article in full or to leave a comment, please click here

The Use of Graph Database in Network Complexity Analysis

How Does Internet Work - We know what is networking

Computer networks are probably the best example of graphs these days. I started therefore to consider graph database as an excellent tool for storing experimental results of my networking complexity analysis method. It’s a project that I’m doing (starting to do) in which I will try to create a better method of computer network complexity audit by combining few of already existing methods and by additionally enhancing some of their algorithms to get more precise results out of the whole thing. The idea is that most of network complexity measurement mechanism rely strongly on graph theory in which most metrics

The Use of Graph Database in Network Complexity Analysis

5 things to think about for industrial IoT readiness

Industrial IoT explodingImage by ThinkstockThe number of connected devices is growing exponentially. In fact, current estimates from IDC Research predict IoT spending will reach $1.29 trillion by 2020. Although many of these are consumer devices (such as Fitbits or smartphones), the presence of IoT devices in industrial settings is skyrocketing as well, with manufacturing forecasted to be the industry making the largest investment in IoT. With this increased connectivity, the Industrial Internet of Things (IIoT) offers exciting possibilities for transforming many different industries – from industrial automation and manufacturing, to oil & gas and building security. By utilizing the IIoT, industrial companies can leverage technologies like big data analytics to optimize operations, improve efficiency and generate insights that can increase profitability and competitive advantage.To read this article in full or to leave a comment, please click here

10 Most Popular articles of 2016 on orhanergun.net and statistics

Below is the Google Analytics page views for the articles between January 1st 2016 and January 1st 2017. I didn’t include Home page , CCDE Course and the CCDE E-book pages but just the technical articles. If you haven’t looked at some of those yet, I recommend definitely read them now.   BGP Route Reflector […]

The post 10 Most Popular articles of 2016 on orhanergun.net and statistics appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

A Glimmer of Light Against Dark Silicon

Moore’s Law has been the driving force behind computer evolution for more than five decades, fueling the relentless innovation that led to more transistors being added to increasingly smaller processors that rapidly increased the performance of computing while at the same time driving down the cost.

Fifty-plus years later, as the die continues to shrink, there are signs that Moore’s Law is getting more difficult to keep up with. For example, Intel – the keeper of the Moore’s Law flame – has pushed back the transition from 14-nanometers to 10nm by more than a year as it worked through issues

A Glimmer of Light Against Dark Silicon was written by Jeffrey Burt at The Next Platform.

Adding Metadata to the Arista vEOS Vagrant Box

This post addresses a (mostly) cosmetic issue with the current way that Arista distributes its Vagrant box for vEOS. I say “mostly cosmetic” because while the Vagrant box for vEOS is perfectly functional if you use it via Arista’s instructions, adding metadata as I explain here provides a small bit of additional flexibility should you need multiple versions of the vEOS box on your system.

If you follow Arista’s instructions, then you’ll end up with something like this when you run vagrant box list:

arista-veos-4.18.0    (virtualbox, 0)
bento/ubuntu-16.04    (virtualbox, 2.3.1)
centos/6              (virtualbox, 1611.01)
centos/7              (virtualbox, 1611.01)
centos/atomic-host    (virtualbox, 7.20170131)
coreos-stable         (virtualbox, 1235.9.0)
debian/jessie64       (virtualbox, 8.7.0)

Note that the version of the vEOS box is embedded in the name. Now, you could not put the version in the name, but because there’s no metadata—which is why it shows (virtualbox, 0) on that line—you wouldn’t have any way of knowing which version you had. Further, what happens when you want to have multiple versions of the vEOS box?

Fortunately, there’s an easy fix (inspired by the way CoreOS distributes their Vagrant box). Just create a file with the Continue reading

Incident report on memory leak caused by Cloudflare parser bug

Last Friday, Tavis Ormandy from Google’s Project Zero contacted Cloudflare to report a security problem with our edge servers. He was seeing corrupted web pages being returned by some HTTP requests run through Cloudflare.

It turned out that in some unusual circumstances, which I’ll detail below, our edge servers were running past the end of a buffer and returning memory that contained private information such as HTTP cookies, authentication tokens, HTTP POST bodies, and other sensitive data. And some of that data had been cached by search engines.

For the avoidance of doubt, Cloudflare customer SSL private keys were not leaked. Cloudflare has always terminated SSL connections through an isolated instance of NGINX that was not affected by this bug.

We quickly identified the problem and turned off three minor Cloudflare features (email obfuscation, Server-side Excludes and Automatic HTTPS Rewrites) that were all using the same HTML parser chain that was causing the leakage. At that point it was no longer possible for memory to be returned in an HTTP response.

Because of the seriousness of such a bug, a cross-functional team from software engineering, infosec and operations formed in San Francisco and London to fully understand Continue reading

1 2,278 2,279 2,280 2,281 2,282 3,840