ARM Server Chips Challenge X86 in the Cloud

The idea of ARM processors being used in datacenter servers has been kicking around more most of the decade. The low-power architecture dominates the mobile world of smartphones and tablets as well as embedded IoT devices, and with datacenters increasingly consuming more power and generating more heat, the idea of using highly efficient ARM chips in IT infrastructure systems gained steam.

That was furthered by the rise of cloud computing environments and hyperscale datacenters, which can be packed with tens of thousands of small servers running massive numbers of workloads. The thought of using ARM-based server chips that are more

ARM Server Chips Challenge X86 in the Cloud was written by Nicole Hemsoth at The Next Platform.

Riding The Coattails Of Google Kubernetes And AWS Lambda

There are individuals and companies that create whole new technologies for their own consumption and that sometimes open source them for others to help steer their development and fix their bugs. And then there are still other companies that polish these tools, giving them some enterprise fit and finish, and thereby make it possible for others to deploy a particular technology without having to have PhDs, who are not available anyway, on staff.

From the enterprise perspective, the Apache web server and related Tomcat application server needed its Big Blue, the Linux operating system needed its Red Hat, and the

Riding The Coattails Of Google Kubernetes And AWS Lambda was written by Timothy Prickett Morgan at The Next Platform.

Protecting everyone from WordPress Content Injection

Today a severe vulnerability was announced by the WordPress Security Team that allows unauthenticated users to change content on a site using unpatched (below version 4.7.2) WordPress.

CC BY-SA 2.0 image by Nicola Sap De Mitri

The problem was found by the team at Sucuri and reported to WordPress. The WordPress team worked with WAF vendors, including Cloudflare, to roll out protection before the patch became available.

Earlier this week we rolled out two rules to protect against exploitation of this issue (both types mentioned in the Sucuri blog post). We have been monitoring the situation and have not observed any attempts to exploit this vulnerability before it was announced publicly.

Customers on a paid plan will find two rules in WAF, WP0025A and WP0025B, that protect unpatched WordPress sites from this vulnerability. If the Cloudflare WordPress ruleset is enabled then these rules are automatically turned on and blocking.

Protecting Everyone

As we have in the past with other serious and critical vulnerabilities like Shellshock and previous issues with JetPack, we have enabled these two rules for our free customers as well.

Free customers who want full protection for their WordPress sites can upgrade to a Continue reading

Serverless computing’s future is now – and why you should care

Although vendor-written, this contributed piece does not advocate a position that is particular to the author’s employer and has been edited and approved by Network World editors.

Serverless computing, a disruptive application development paradigm that reduces the need for programmers to spend time focused on how their hardware will scale, is rapidly gaining momentum for event-driven programming. Organizations should begin exploring this opportunity now to see if it will help them dramatically reduce costs while ensuring applications run at peak performance.

For the last decade, software teams have been on a march away from the practice of directly managing hardware in data centers toward renting compute capacity from Infrastructure as a Service (IAAS) vendors such as Amazon Web Services (AWS) and Microsoft Azure. It is rare that a software team creates unique value by managing hardware directly, so the opportunity to offload that undifferentiated heavy lifting to IaaS vendors has been welcomed by software teams worldwide.

To read this article in full or to leave a comment, please click here

Serverless computing’s future is now – and why you should care

Although vendor-written, this contributed piece does not advocate a position that is particular to the author’s employer and has been edited and approved by Network World editors. Serverless computing, a disruptive application development paradigm that reduces the need for programmers to spend time focused on how their hardware will scale, is rapidly gaining momentum for event-driven programming. Organizations should begin exploring this opportunity now to see if it will help them dramatically reduce costs while ensuring applications run at peak performance. For the last decade, software teams have been on a march away from the practice of directly managing hardware in data centers toward renting compute capacity from Infrastructure as a Service (IAAS) vendors such as Amazon Web Services (AWS) and Microsoft Azure. It is rare that a software team creates unique value by managing hardware directly, so the opportunity to offload that undifferentiated heavy lifting to IaaS vendors has been welcomed by software teams worldwide.To read this article in full or to leave a comment, please click here

Mobile security firm offers cash to hackers for their old exploits

Mobile security firm Zimperium has launched an exploit acquisition program that aims to bring undisclosed attack code for already patched vulnerabilities out in the open.Paying for old exploits might seem like a waste of money, but there are technical and business arguments to justify such an acquisition system and they ultimately have to do with the difference between exploits and vulnerabilities.A vulnerability is a software defect with potential security implications, while an exploit is the actual code that takes advantage of that bug to achieve a specific malicious goal, often by bypassing other security barriers along the way.In practice, many vulnerabilities that get reported to vendors are not accompanied by working exploits. Showing that a programming error can lead to memory corruption is typically enough for the vendor to understand its potential implications -- for example, arbitrary code execution.To read this article in full or to leave a comment, please click here

Mobile security firm offers cash to hackers for their old exploits

Mobile security firm Zimperium has launched an exploit acquisition program that aims to bring undisclosed attack code for already patched vulnerabilities out in the open.Paying for old exploits might seem like a waste of money, but there are technical and business arguments to justify such an acquisition system and they ultimately have to do with the difference between exploits and vulnerabilities.A vulnerability is a software defect with potential security implications, while an exploit is the actual code that takes advantage of that bug to achieve a specific malicious goal, often by bypassing other security barriers along the way.In practice, many vulnerabilities that get reported to vendors are not accompanied by working exploits. Showing that a programming error can lead to memory corruption is typically enough for the vendor to understand its potential implications -- for example, arbitrary code execution.To read this article in full or to leave a comment, please click here

Help Wanted: Stitching a Federated SDN on OpenStack with EVPN

I am working with a client that has a rather unique problem and I’m looking for help on the possible solution.

For unusual, but practical, reasons there is a need to deploy three SDN solutions.

  1. VMware Integrated OpenStack with NSX
  2. Mirantis OpenStack with OpenContrail
  3. BGP-EVPN for existing and future

What I need help with is the stitching these different overlays together so that high bandwidth (>500Gbps), low latency (<5ms) data can flow in between virtual and physical networks.

There is no alignment to a hardware vendor and will buy whatever hardware can meet the requirements based on its software features.

SDN Federation in 3 parts (24-01-2017, 11-15-21).png

Questions

  1. I know that each of these solution supports VXLAN overlay and can be terminated (VTEP) in hardware. But which hardware ? What operating systems ? What protocols are used for any given hardware/software platform  ?
  2.  What is the configuration of the VTEP devices and can they be integrated into an orchestration (self-developed) ? What APIs are used to configure the VTEP instances ?
  3. What are the performance considerations around VTEP ?
  4. Is is practical to stitch a BGP-EVPN physical underlay to an SDN overlay such as NSX or OpenContrail ?

Discussion

I would be interested in talking to anyone who could offer advice and input Continue reading

Worth Reading: Running from DDoS

As we look back over 2016, one of the most obvious stories will be the dramatic rise in the weaponization and size of DDoS attacks. At the beginning of 2016 we noted the largest attack being approximately 500Gbps. In the later months of 2016, we saw the monetization of multiple IoT-based botnet DDoS attacks that were close to breaking the 1 Tbps mark. —Arbor

The post Worth Reading: Running from DDoS appeared first on 'net work.

Cisco unveils Tetration 2.0, focuses on application security

The middle of last year, Cisco held an event in New York to release its newest product, Tetration. The product moved Cisco into the analytics market, with the information being used to help customers better understand application performance and improve data center security. This week, Cisco announced the next version of Tetration Analytics, which is focused at providing security at the application layer. Cisco also released some new deployment options to make it easier for customers to get started with Tetration. To read this article in full or to leave a comment, please click here

Cisco unveils Tetration 2.0, focuses on application security

The middle of last year, Cisco held an event in New York to release its newest product, Tetration. The product moved Cisco into the analytics market, with the information being used to help customers better understand application performance and improve data center security. This week, Cisco announced the next version of Tetration Analytics, which is focused at providing security at the application layer. Cisco also released some new deployment options to make it easier for customers to get started with Tetration. To read this article in full or to leave a comment, please click here

iPhone sales get one-time windfall from Samsung Note 7 woes

During Apple’s earnings report last night, CEO Tim Cook did not mention why Apple squeaked by with 3 percent revenue growth. Almost every product category he spoke about was predicated with the words “record setting.” But a closer look reveals, Cook’s praise might be overstated, and Apple’s quest to produce another iPhone-scale new product to reignite growth continues.Radio Free Mobile’s Richard Windsor explained in an early-morning report from London what Cook did not. iPhone shipments at higher prices were driven by the defection of Samsung Galaxy Note customers due to the recall of the Note 7.To read this article in full or to leave a comment, please click here

Witcher dev, XBOX 360 ISO & PSP ISO forums hacked: Over 4.4 million accounts exposed

Well it’s bad news for some gamers and modders, about 4.5 million of them, as three different forums were hacked. If you are looking for the silver lining in the dark breach cloud, then none of the hacks were recent; the flipside? The email addresses, usernames and passwords have been “out there” since as far back as September 2015.The Witcher fans started receiving breach notifications from Have I Been Pwned, but the CD Projekt Red forum was compromised in March 2016. Have I Been Pwned Nearly 1.9 million CD Projekt Red accounts were exposed; Have I Been Pwned numbered the burned accounts at 1,871,373.To read this article in full or to leave a comment, please click here

Witcher dev, XBOX 360 ISO & PSP ISO forums hacked: Over 4.4 million accounts exposed

Well it’s bad news for some gamers and modders, about 4.5 million of them, as three different forums were hacked. If you are looking for the silver lining in the dark breach cloud, then none of the hacks were recent; the flipside? The email addresses, usernames and passwords have been “out there” since as far back as September 2015.The Witcher fans started receiving breach notifications from Have I Been Pwned, but the CD Projekt Red forum was compromised in March 2016. Have I Been Pwned Nearly 1.9 million CD Projekt Red accounts were exposed; Have I Been Pwned numbered the burned accounts at 1,871,373.To read this article in full or to leave a comment, please click here

IPv6 Q&A For The Home Network Nerd

I was a guest on the Daily Tech News Show, episode 2957A. We chatted about the news of the day, then had an IPv6 discussion aimed at folks who are curious, but haven’t had a chance to work with v6 yet. My goal was to dispel FUD and spread the gospel of IPv6 to the nerdy public.

For those of you that listened to the show, here’s the text I’d prepped. We didn’t get to all of this when recording, so you might find more information here to inspire your IPv6-related Google-fu.

What are the benefits to me as a general consumer of IPv6? (beyond having fifteen bajillion addresses)

In a certain sense, there is little tangible benefit for consumers. Addressing is largely transparent to general consumers. I think many consumers don’t know or care about the IPv4 address assigned to their gear. They care whether or not they can access the Internet resource they are trying to access.

For the more tech savvy, IPv6 does indeed bring fifteen bajillion addresses, so to speak. And while that doesn’t seem like a big deal, it is. For example, most of us at home have gear obscured by NAT. This makes us feel more secure Continue reading

Veteran IT Journalist, Jeffrey Burt, Joins The Next Platform as Senior Editor

We are thrilled to announce the full-time addition of veteran IT journalist, Jeffrey Burt to The Next Platform ranks.

Jeffrey Burt has been a journalist for more than 30 years, with the last 16-plus year writing about the IT industry. During his long tenure with eWeek, he covered a broad range of subjects, from processors and IT infrastructure to collaboration, PCs, AI and autonomous vehicles.

He’s written about FPGAs, supercomputers, hyperconverged infrastructure and SDN, cloud computing, deep learning and exascale computing. Regular readers here will recognize that his expertise in these areas fits in directly with our coverage

Veteran IT Journalist, Jeffrey Burt, Joins The Next Platform as Senior Editor was written by Nicole Hemsoth at The Next Platform.

TLS 1.3 explained by the Cloudflare Crypto Team at 33c3

Nick Sullivan and I gave a talk about TLS 1.3 at 33c3, the latest Chaos Communication Congress. The congress, attended by more that 13,000 hackers in Hamburg, has been one of the hallmark events of the security community for more than 30 years.

You can watch the recording below, or download it in multiple formats and languages on the CCC website.

The talk introduces TLS 1.3 and explains how it works in technical detail, why it is faster and more secure, and touches on its history and current status.

The slide deck is also online.

This was an expanded and updated version of the internal talk previously transcribed on this blog.

TLS 1.3 hits Chrome and Firefox Stable

In related news, TLS 1.3 is reaching a percentage of Chrome and Firefox users this week, so websites with the Cloudflare TLS 1.3 beta enabled will load faster and more securely for all those new users.

The last few days

You can enable the TLS 1.3 beta from the Crypto section of your control panel.

TLS 1.3 toggle

Nominations Open for the Next Class of Internet Hall of Fame Inductees

Do you know someone who has played a significant role in the development and advancement of the open, global Internet?  Organizations and individuals from around the world are invited to submit nominations to the Internet Hall of Fame.

2017 marks a significant milestone for the Internet Society as we celebrate 25 years of dedication to an open, secure Internet that benefits all people throughout the world.  The Internet has come a long way since its earliest days, and the Internet Hall of Fame honors a select group of visionaries and innovators who were instrumental in the Internet’s development and advancement along the way.

Ms. Kathryn Brown
1 2,346 2,347 2,348 2,349 2,350 3,844