Some comments on the Wikileaks CIA/#vault7 leak

I thought I'd write up some notes about the Wikileaks CIA "#vault7" leak. This post will be updated frequently over the next 24 hours.


The CIA didn't remotely hack a TV. The docs are clear that they can update the software running on the TV using a USB drive. There's no evidence of them doing so remotely over the Internet. If you aren't afraid of the CIA breaking in an installing a listening device, then you should't be afraid of the CIA installing listening software.


The CIA didn't defeat Signal/WhattsApp encryption. The CIA has some exploits for Android/iPhone. If they can get on your phone, then of course they can record audio and screenshots. Technically, this bypasses/defeats encryption -- but such phrases used by Wikileaks arehighly misleading, since nothing related to Signal/WhatsApp is happening. What's happening is the CIA is bypassing/defeating the phone. Sometimes. If they've got an exploit for it, or can trick you into installing their software.


There's no overlap or turf war with the NSA. The NSA does "signals intelligence", so they hack radios and remotely across the Internet. The CIA does "humans intelligence", so they hack locally, with a human. The sort of thing they do Continue reading

Extreme grabs Avaya’s networking business for $100M

Extreme Networks continued to expand its enterprise networking portfolio today buying up the network technology of Avaya Holdings– which is in Chapter 11 bankruptcy -- for $100 million. Extreme’s Ed Meyercord, President and CEO said he expects the deal will broaden the company’s software and strengthen its presence in vertical markets such as healthcare and manufacturing. Norman Rice, an executive vice president with Extreme added that some of Avaya’s strengths included its networking fabric and Network Micro-Segmentation technology that helps customers secure enterprise components. +More on Network World: Avaya wants out of S.F. stadium suite, not too impressed with 49ers on field performance either+ To read this article in full or to leave a comment, please click here

Extreme grabs Avaya’s networking business for $100M

Extreme Networks continued to expand its enterprise networking portfolio today buying up the network technology of Avaya Holdings– which is in Chapter 11 bankruptcy -- for $100 million. Extreme’s Ed Meyercord, President and CEO said he expects the deal will broaden the company’s software and strengthen its presence in vertical markets such as healthcare and manufacturing. Norman Rice, an executive vice president with Extreme added that some of Avaya’s strengths included its networking fabric and Network Micro-Segmentation technology that helps customers secure enterprise components. +More on Network World: Avaya wants out of S.F. stadium suite, not too impressed with 49ers on field performance either+ To read this article in full or to leave a comment, please click here

Extreme grabs Avaya’s networking business for $100M

Extreme Networks continued to expand its enterprise networking portfolio today buying up the network technology of Avaya Holdings– which is in Chapter 11 bankruptcy -- for $100 million. Extreme’s Ed Meyercord, President and CEO said he expects the deal will broaden the company’s software and strengthen its presence in vertical markets such as healthcare and manufacturing. Norman Rice, an executive vice president with Extreme added that some of Avaya’s strengths included its networking fabric and Network Micro-Segmentation technology that helps customers secure enterprise components. +More on Network World: Avaya wants out of S.F. stadium suite, not too impressed with 49ers on field performance either+ To read this article in full or to leave a comment, please click here

Wikileaks’ dump of CIA exploits exposes enterprises to new risks

Corporations concerned about the release of thousands of CIA documents detailing hacks against Apple iOS and Mac OSX, Google’s Android, Microsoft’s Windows, Linux and Solaris need to conduct a fresh round of risk assessment that takes the new revelations into account.While the trove of leaked data – known as Vault 7 – doesn’t include code for actual exploits, it does describe the types of vulnerabilities they take advantage of, which can still be of value to both defenders and potential attackers, says John Pironti, president of IP Architects, a security risk consulting firm.To read this article in full or to leave a comment, please click here

Wikileaks’ dump of CIA exploits exposes enterprises to new risks

Corporations concerned about the release of thousands of CIA documents detailing hacks against Apple iOS and Mac OSX, Google’s Android, Microsoft’s Windows, Linux and Solaris need to conduct a fresh round of risk assessment that takes the new revelations into account.While the trove of leaked data – known as Vault 7 – doesn’t include code for actual exploits, it does describe the types of vulnerabilities they take advantage of, which can still be of value to both defenders and potential attackers, says John Pironti, president of IP Architects, a security risk consulting firm.To read this article in full or to leave a comment, please click here

Amazon S3 Outage: Another Opinion Piece

So Amazon S3 had some “issues” last week and it’s taken me a few days to put my thoughts together around this. Hopefully I’ve made the tail-end of the still interested-enough-to-find-this-blog-valuable period.

Trying to make the best of a bad situation, the good news, in my opinion, is that this shows that infrastructure people still have a place in the automated cloudy world of the future. At least that’s something right?

What happened:

You can read the detailed explanation on Amazon’s summary here.

In a nutshell

  • there was a small problem
  • they tried to fix it
  • things went bad for a relatively short time
  • They fixed it

What happened during:

The internet lost it’s minds. Or more accurately, some parts of the internet went down. Some of them extremely ironic

UNADJUSTEDNONRAW thumb bbfd

Initial thoughts

The reaction to this event is amusing and it drives home the point that infrastructure engineers are as critical as ever, if not even more important considering the complete lack of architecture that seems to have gone into the majority of these “applications”.

First let’s talk about availability: Looking at the Amazon AWS S3 SLA, available here, it looks like they did fall below there 99.9% SLA for Continue reading

Cisco’s exam prices increase for first time in three years

Cisco recently updated the pricing for its certification exams, raising them by between 10 and 20 percent.Certification exams price increases include (all amounts in US dollars): Entry Skills exams (certifications 101-105 and 200-105) changed from $150 to $165, a 10% increase CCN Routing and Switching exam (certifications 220-125) increased from $295 to $325, a 10% increase Professional, Specialist and Technical skill certification exams (300, 500, 600, 640, 642, 642 and 648 series certifications), went up from $250 to $300, a 20% increase. CCIE and CCDE written exams, (350 and 400 level certifications, as well as the 352 level exams) rose from $400 to $450, a 12.5% increase. “Cisco continues to make investments in the content and integrity of its certification and training program to support the increased demand for skilled IT professionals,” wrote Chris Jacobs, Director of certifications and lab deliveries in Cisco's Technical Services Department. “As a result, effective February 9, 2017, Cisco has adjusted the prices of some of its certification exams to align with this effort.”To read this article in full or to leave a comment, please click here

Worth Reading: Cisco’s identity crisis

Our Cisco team has been reaching out to get feedback on our relationship with Cisco and its products — a healthy practice for any vendor. I’ve tried to be open, honest, and consistent in all our talks. As I mentally review our conversations, I conclude I’ve been contradictory. On one hand, I’ve talked about how the industry is changing and Cisco’s products need to evolve in a software-defined marketplace. At the same time, I’ve decried their decision to move last-generation data center products to the campus portfolio to make way for newer technology. —Eyvonne Sharp

The post Worth Reading: Cisco’s identity crisis appeared first on 'net work.

IDG Contributor Network: The future of work is surprisingly human: 2 trends to relieve your fears

AI, big data and bots! Oh my! You don’t need to be a troglodyte or tech-wary prognosticator to fear the future of work. Everywhere we look, the same trend is making headlines: less human, more artificial. But is the future of work really inhuman? To answer that question, it is vital to understand the rise of tech at both the popular and professional level. While it’s certainly given us the ability to defy distance, only recent innovations have cracked the code, allowing us to truly relate. Many lament the perceived shallowness of this tide, but communication and collaboration are primitive desires. We are, after all, tribal creatures who rally around shared purposes and common goals. Dangers exist, but the good news is technology is finally catching up with human nature.To read this article in full or to leave a comment, please click here

BrandPost: 17 questions to measure DevOps

If you ask 10 people to define DevOps, you’ll probably get 10 different answers. Some answers will focus on culture and collaboration; others may focus on tooling. (If you’re interested in our definition of DevOps, we wrote a post called What is DevOps?)DevOps is hard to pin down, but most people agree that it’s about much more than tooling. It’s about people, processes and tools — and probably in that order. It’s about aligning team values and workflows to achieve business objectives. By adopting DevOps practices, you can move faster without sacrificing quality, and set yourself up for future innovation and growth.To read this article in full or to leave a comment, please click here

Stanford’s TETRIS Clears Blocks for 3D Memory Based Deep Learning

The need for speed to process neural networks is far less a matter of processor capabilities and much more a function of memory bandwidth. As the compute capability rises, so too does the need to keep the chips fed with data—something that often requires going off chip to memory. That not only comes with a performance penalty, but an efficiency hit as well, which explains why so many efforts are being made to either speed that connection to off-chip memory or, more efficiently, doing as much in memory as possible.

The advent of 3D or stacked memory opens new doors,

Stanford’s TETRIS Clears Blocks for 3D Memory Based Deep Learning was written by Nicole Hemsoth at The Next Platform.

Microsoft’s Slack competitor is coming March 14

Microsoft’s entry into the modern workplace chat app market will be generally available in a week. The company announced Tuesday it will be marking the occasion with a webcast to discuss what’s new since the service was announced last year.The Teams product is Microsoft’s answer to group chat apps like Slack and HipChat. The service provides Office 365 customers with shared workspaces they can use to discuss work with one another. It connects with Office 365 to let users collaborate on notes, documents, spreadsheets, and more while discussing work in the same place.To read this article in full or to leave a comment, please click here

Raspberry Pi roundup: Happy 5th birthday, baby! Also, new software, a tough piano, and, well, Windows 98

I am a shameful forgetter of important dates, as family and ex-girlfriends will be happy to tell you. They can detail the brainless “duh?” expression, with tinges of dawning comprehension, that I make when I am reminded that, yes, it’s today, and yes, I have forgotten.It’s a different story, professionally – I did remember that the Raspberry Pi’s fifth birthday took place this weekend, but I was traveling to cover a wireless company’s annual conference for work, and I simply couldn’t fit it in. So, to the little tiny computer that was one of the very first stories I covered for Network World, I’m sorry. I really did have other stuff to do.To read this article in full or to leave a comment, please click here

1 2,280 2,281 2,282 2,283 2,284 3,873