How Google reinvented security and eliminated the need for firewalls

SAN FRANCISCO -- In some ways, Google is like every other large enterprise. It had the typical defensive security posture based on the concept that the enterprise is your castle and security involves building moats and walls to protect the perimeter.Over time, however, that perimeter developed holes as Google’s increasingly mobile workforce, scattered around the world, demanded access to the network. And employees complained about having to go through a sometimes slow, unreliable VPN. On top of that, Google, like everyone else, was moving to the cloud, which was also outside of the castle.In other ways, Google is unlike any other company. Without much of a detailed business plan or cost/benefit analysis, Google execs gave the green light to an ambitious project aimed at totally reinventing the company’s security infrastructure.To read this article in full or to leave a comment, please click here(Insider Story)

Yahoo warns users of account breaches related to recent attacks

Yahoo has begun warning individual users that their accounts with the service may have been compromised in a massive data breach it reported late last year.The warning, in email messages sent from Yahoo CISO Bob Lord, tell users that a forged cookie may have been used to access their accounts in previous years.The warning to Yahoo users come at the same time that news reports suggest that Verizon Communications, in negotiations to buy Yahoo, may be seeking a discount of US$250 million because of the data breaches.To read this article in full or to leave a comment, please click here

Yahoo warns users of account breaches related to recent attacks

Yahoo has begun warning individual users that their accounts with the service may have been compromised in a massive data breach it reported late last year.The warning, in email messages sent from Yahoo CISO Bob Lord, tell users that a forged cookie may have been used to access their accounts in previous years.The warning to Yahoo users come at the same time that news reports suggest that Verizon Communications, in negotiations to buy Yahoo, may be seeking a discount of US$250 million because of the data breaches.To read this article in full or to leave a comment, please click here

Why Google’s Spanner Database Won’t Do As Well As Its Clone

Google has proven time and again it is on the extreme bleeding edge of invention when it comes to scale out architectures that make supercomputers look like toys. But what would the world look like if the search engine giant had started selling capacity on its vast infrastructure back in 2005, before Amazon Web Services launched, and then shortly thereafter started selling capacity on its high level platform services? And what if it had open sourced these technologies, as it has done with the Kubernetes container controller?

The world would be surely different, and the reason it is not is

Why Google’s Spanner Database Won’t Do As Well As Its Clone was written by Timothy Prickett Morgan at The Next Platform.

Metacognitive

If I could choose just a handful of skills you must learn to be a successful engineer, being metacognitive would certainly be among them. What is metacognition? OOne of my favorite books on the virtue ethic applied to mental skills defines it thus—

Metacognitive people are concerned not just with what they need to know but with what thinking strategies are best suited to achieve that end. —Philip Dow, Virtuous Minds

The concept is simple. Implementation, as always, is the hard part. Particularly as engineers, we spend a lot of time thinking about technique. We ask questions like—

  • How do I configure this?
  • How would I use this technology?
  • What is the problem here?
  • Why would I want to do it that way?

These technos focused questions are great for solving day to day, or even no-so-day-to-day problems. But they aren’t so great for mental growth? Why not? Imagine you are tasked with cutting wood for a living. You might start out by simply cutting the wood. You place a piece on the block, swing the axe, and the splits fall off. You can consider this the what of cutting wood (or, for those who are interested in philosophy, the Continue reading

How open compute cuts server costs in the enterprise

The open compute project (OCP) means you can get the designs that Microsoft, Facebook and (to a lesser extent) Google use for their data centers.  The goal is to get original design manufacturers (ODMs) to build them for you rather than buying standard servers and switches from original equipment manufacturers (OEMs).To read this article in full or to leave a comment, please click here(Insider Story)

Facebook throws an open source hackathon

Facebook’s Boston-area outpost is in Cambridge, close to MIT – they’ve just expanded from a smaller site and annexed a whole floor of a well-kept office building near Kendall Square Station. The first thing you see when you get off the elevator is a floor-to-ceiling pattern of blue lines that are meant to spell out the words “Ship Love” (Facebook’s unofficial motto) in binary.It’s an airy, open-plan space, like many major tech company offices, with exposed concrete and pipes here and there, along with original art on the walls and the requisite amusements – in this case, a couple of Oculus Rifts, some musical instruments and a foosball table.+ALSO ON NETWORK WORLD: 6 Internet of Things companies to watch + Munich's great Linux desktop initiative may endTo read this article in full or to leave a comment, please click here

India blasts 104 satellites into orbit aboard one rocket

India’s space agency said today it had launched 104 satellites from a single rocket, crushing the previous record of 37 satellites from a single rocket by the Russian space agency in 2014.The rocket – India’s Polar Satellite Launch Vehicle (PSLV), also known as Cartosat-2 –is a four-stage rocket that India has used for a variety of missions since 1993. This was its 39th flight.+More on Network World: Small satellites bring “Moore’s Law” into space+To read this article in full or to leave a comment, please click here

India blasts 104 satellites into orbit aboard one rocket

India’s space agency said today it had launched 104 satellites from a single rocket, crushing the previous record of 37 satellites from a single rocket by the Russian space agency in 2014.The rocket – India’s Polar Satellite Launch Vehicle (PSLV), also known as Cartosat-2 –is a four-stage rocket that India has used for a variety of missions since 1993. This was its 39th flight.+More on Network World: Small satellites bring “Moore’s Law” into space+To read this article in full or to leave a comment, please click here

This DARPA-backed Machine Learning program is a quick thinker

Gamalon is a Cambridge, MA-based startup that has received $7.7 million from DARPA to create an advanced machine learning and artificial intelligence platform that the company says is more time and computationally efficient than others on the market.Gamalon uses a new type of machine learning it has developed named Bayesian Program Synthesis, which the company says can accelerate machine learning by more than 100X. The basis of the BPS system is that it uses probability statistics to determine potential connections among the data. By doing so, it drastically reduces the amount of data that it needs to conduct artificial intelligence tasks, the company says.To read this article in full or to leave a comment, please click here

Memristor Research Highlights Neuromorphic Device Future

Much of the talk around artificial intelligence these days focuses on software efforts – various algorithms and neural networks – and such hardware devices as custom ASICs for those neural networks and chips like GPUs and FPGAs that can help the development of reprogrammable systems. A vast array of well-known names in the industry – from Google and Facebook to Nvidia, Intel, IBM and Qualcomm – is pushing hard in this direction, and those and other organizations are making significant gains thanks to new AI methods as deep learning.

All of this development is happening at a time when the

Memristor Research Highlights Neuromorphic Device Future was written by Jeffrey Burt at The Next Platform.

JavaScript-based ASLR bypass attack simplifies browser exploits

Researchers have devised a new attack that can bypass one of the main exploit mitigations in browsers: address space layout randomization (ASLR). The attack takes advantage of how modern processors cache memory and, because it doesn't rely on a software bug, fixing the problem is not easy.Researchers from the Systems and Network Security Group at Vrije Universiteit Amsterdam (VUSec) unveiled the attack, dubbed AnC, Wednesday after having coordinated its disclosure with processor, browser and OS vendors since October.ASLR is a feature present in all major operating systems. Applications, including browsers, take advantage of it to make the exploitation of memory corruption vulnerabilities like buffer overflows more difficult.To read this article in full or to leave a comment, please click here

JavaScript-based ASLR bypass attack simplifies browser exploits

Researchers have devised a new attack that can bypass one of the main exploit mitigations in browsers: address space layout randomization (ASLR). The attack takes advantage of how modern processors cache memory and, because it doesn't rely on a software bug, fixing the problem is not easy.Researchers from the Systems and Network Security Group at Vrije Universiteit Amsterdam (VUSec) unveiled the attack, dubbed AnC, Wednesday after having coordinated its disclosure with processor, browser and OS vendors since October.ASLR is a feature present in all major operating systems. Applications, including browsers, take advantage of it to make the exploitation of memory corruption vulnerabilities like buffer overflows more difficult.To read this article in full or to leave a comment, please click here

IBM Wants to Make Mainframes Next Platform for Machine Learning

Despite the emphasis on X86 clusters, large public clouds, accelerators for commodity systems, and the rise of open source analytics tools, there is a very large base of transactional processing and analysis that happens far from this landscape. This is the mainframe, and these fully integrated, optimized systems account for a large majority of the enterprise world’s most critical data processing for the largest companies in banking, insurance, retail, transportation, healthcare, and beyond.

With great memory bandwidth, I/O, powerful cores, and robust security, mainframes are still the supreme choice for business-critical operations at many Global 1000 companies, even if the

IBM Wants to Make Mainframes Next Platform for Machine Learning was written by Nicole Hemsoth at The Next Platform.

RSA: Elite cryptographers scoff at idea that law enforcement can ‘overcome’ encryption

U.S. Attorney General Jeff Sessions’ call for a way to “overcome” cryptography met with scorn from a panel of elite cryptographers speaking at this week’s RSA Conference 2017 in San Francisco.“Any one of my students will be capable of writing good crypto code,” says Adi Shamir, the ‘S’ in RSA and a professor at the Weizmann Institute in Israel.Sessions’ use of the term “overcome” during his confirmation hearings actually means installing backdoors, says Ronald Rivest, the ‘R’ in RSA and a professor at MIT. He cited a joint Congressional study that concluded that weakening encryption works against the national interest, and that encryption is global anyway -- so the U.S. can’t call all the shots.To read this article in full or to leave a comment, please click here

RSA: Elite cryptographers scoff at idea that law enforcement can ‘overcome’ encryption

U.S. Attorney General Jeff Sessions’ call for a way to “overcome” cryptography met with scorn from a panel of elite cryptographers speaking at this week’s RSA Conference 2017 in San Francisco.“Any one of my students will be capable of writing good crypto code,” says Adi Shamir, the ‘S’ in RSA and a professor at the Weizmann Institute in Israel.Sessions’ use of the term “overcome” during his confirmation hearings actually means installing backdoors, says Ronald Rivest, the ‘R’ in RSA and a professor at MIT. He cited a joint Congressional study that concluded that weakening encryption works against the national interest, and that encryption is global anyway -- so the U.S. can’t call all the shots.To read this article in full or to leave a comment, please click here

Worth Reading: The inconvenience of privacy

Unfortunately, it is not easy to assess the weight of privacy losses. Typically, in the online world, no small privacy loss will create a catastrophe. One business tracking one click of yours is not a big deal. But privacy losses accumulate, and the entirety of what you have revealed online through browsing, clicking, buying and liking, can paint a frighteningly detailed portrait of you. Privacy losses are like ecologic damages or health deterioration: no one act of littering, no one puff of a cigarette will bring about disaster, but the sum of them through time might. —Connecting

The post Worth Reading: The inconvenience of privacy appeared first on 'net work.

1 2,295 2,296 2,297 2,298 2,299 3,833