MySQL face-off: Amazon outscales Google

Many web applications have been built on an open source stack that included MySQL. Despite its limitations, MySQL managed to become the world’s most widely used open source RDBMS. What limitations, you ask? Out of the box, MySQL does not scale all that well and, in particular, cannot handle a lot of simultaneous clients compared to commercial databases.To read this article in full or to leave a comment, please click here(Insider Story)

Flash mobs the latest threat this holiday season

The holiday season rings in more than just higher sales for retailers. There's also more shoplifting and lower profit margins than the rest of the year, according to a report released today. Plus, this year, there's an extra surprise -- flash mobs.Not the dancing, music-playing, watching-a-couple-get-engaged kind of flash mobs. But the kind of flash mobs where a bunch of people all show up at a store at once, pull hats low over their heads, grab everything in sight, and split.Just last week, there was a flash mob at an Apple store in Natick, Mass., that took off with more than $13,000 worth of iPhones in less than a minute.To read this article in full or to leave a comment, please click here

Flash mobs the latest threat this holiday season

The holiday season rings in more than just higher sales for retailers. There's also more shoplifting and lower profit margins than the rest of the year, according to a report released today. Plus, this year, there's an extra surprise -- flash mobs.Not the dancing, music-playing, watching-a-couple-get-engaged kind of flash mobs. But the kind of flash mobs where a bunch of people all show up at a store at once, pull hats low over their heads, grab everything in sight, and split.Just last week, there was a flash mob at an Apple store in Natick, Mass., that took off with more than $13,000 worth of iPhones in less than a minute.To read this article in full or to leave a comment, please click here

Russian criminals’ bank attacks go global

Russian cybercriminals have field tested their attack techniques on local banks, and have now begun taking them global, according to a new report -- and a new breed of mobile attack apps is coming up next.Criminals stole nearly $44 million directly from Russian banks in the last half of 2015 and the first half of 2016, according to Dmitiry Volkov, co-founder and head of threat intelligence at Moscow-based Group-IB.That was up 292 percent from the same period a year earlier. Direct, targeted attacks against banks now account for 45 percent of all bank-related cybercrime in Russia.To read this article in full or to leave a comment, please click here

Russian criminals’ bank attacks go global

Russian cybercriminals have field tested their attack techniques on local banks, and have now begun taking them global, according to a new report -- and a new breed of mobile attack apps is coming up next.Criminals stole nearly $44 million directly from Russian banks in the last half of 2015 and the first half of 2016, according to Dmitiry Volkov, co-founder and head of threat intelligence at Moscow-based Group-IB.That was up 292 percent from the same period a year earlier. Direct, targeted attacks against banks now account for 45 percent of all bank-related cybercrime in Russia.To read this article in full or to leave a comment, please click here

Cyber after Snowden

Since Edward Snowden leaked classified information from the National Security Agency (NSA) in 2013, the FBI and Apple had a public battle around privacy, Shadow Brokers leaked some of the NSA's hacking tools, and Hal Martin, an ex-NSA contractor was arrested for stealing classified information.To read this article in full or to leave a comment, please click here

Cyber after Snowden

Since Edward Snowden leaked classified information from the National Security Agency (NSA) in 2013, the FBI and Apple had a public battle around privacy, Shadow Brokers leaked some of the NSA's hacking tools, and Hal Martin, an ex-NSA contractor was arrested for stealing classified information.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Serverless computing: Do we need to rethink the serverless framework?

Serverless computing is one of today’s hottest technology topics. Now that Amazon has announced AWS Lambda and Microsoft is previewing Azure Functions, the concept is becoming real.Serverless is billed as a solution that dynamically creates cloud services to process events in an ephemeral container that are executed on your behalf as a backend-as-a-service. Instead of leasing a virtual machine, then writing and deploying your code, you get to use a new “pay-per-event” pricing model while leveraging a catalogue of executable functions (building blocks) to construct your own service. It is a DIY cloud deployment model that promises to allow clouds to be used the same way we have become accustomed to using mobile applications on our smartphones: simply access the app (“function”) you need at any moment.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Serverless computing: Do we need to rethink the serverless framework?

Serverless computing is one of today’s hottest technology topics. Now that Amazon has announced AWS Lambda and Microsoft is previewing Azure Functions, the concept is becoming real.Serverless is billed as a solution that dynamically creates cloud services to process events in an ephemeral container that are executed on your behalf as a backend-as-a-service. Instead of leasing a virtual machine, then writing and deploying your code, you get to use a new “pay-per-event” pricing model while leveraging a catalogue of executable functions (building blocks) to construct your own service. It is a DIY cloud deployment model that promises to allow clouds to be used the same way we have become accustomed to using mobile applications on our smartphones: simply access the app (“function”) you need at any moment.To read this article in full or to leave a comment, please click here

IDG Contributor Network: OwnBackup: Don’t rely on SaaS vendors to do their own backup and recovery

Back when Salesforce and its ilk invented software as a service (SaaS), there was much wailing and gnashing of the teeth about the security around these new, as-yet-unproven approaches to delivering software. Many people suggested that these vendors were fly-by-nighters—that they would fail and customers’ data would be lost forever.A decade or so later, and apart from some high-profile cases (who remembers Magnol.ia?), that doomsday scenario hasn’t occurred. SaaS vendors are safely doing their job and keeping customers’ data safe.+ Also on Network World: Why it takes a cloud service to manage cloud services + Given this fact, you could be forgiven for assuming that there would be no opportunity for a vendor whose core mission is to help users backup their SaaS data. For one thing, SaaS vendors hardly ever fail and for another, even if short-term outages and small-scale losses occur, SaaS vendors can be relied upon to do their own backup and recovery. Right?To read this article in full or to leave a comment, please click here

IDG Contributor Network: OwnBackup: Don’t rely on SaaS vendors to do their own backup and recovery

Back when Salesforce and its ilk invented software as a service (SaaS), there was much wailing and gnashing of the teeth about the security around these new, as-yet-unproven approaches to delivering software. Many people suggested that these vendors were fly-by-nighters—that they would fail and customers’ data would be lost forever.A decade or so later, and apart from some high-profile cases (who remembers Magnol.ia?), that doomsday scenario hasn’t occurred. SaaS vendors are safely doing their job and keeping customers’ data safe.+ Also on Network World: Why it takes a cloud service to manage cloud services + Given this fact, you could be forgiven for assuming that there would be no opportunity for a vendor whose core mission is to help users backup their SaaS data. For one thing, SaaS vendors hardly ever fail and for another, even if short-term outages and small-scale losses occur, SaaS vendors can be relied upon to do their own backup and recovery. Right?To read this article in full or to leave a comment, please click here

IDG Contributor Network: OpenStack: It’s interoperable after all

A few months ago at the OpenStack Summit in Austin, Texas, Don Rippert, IBM’s general manager of cloud strategy, challenged the various players involved in the OpenStack initiative to demonstrate that OpenStack distributions are, in fact, interoperable—between each other and across on-premises, public cloud and hybrid cloud deployments.The Interop Challenge had a very good basis, since one of the major criticisms of OpenStack has been that there is very little consistency between distributions, and as a result, users need to chose their “flavor” of OpenStack and stick to it.To read this article in full or to leave a comment, please click here

General – Why Are Certification Exams Not Higher Quality?

I was reading Ivan’s blog as I often do when I came across this post about why certifications suck.

The author Robert Graham had a sample question from the GIAC Penetration Tester (GPEN) exam. The question looked like this:

By default, which protocol do Linux systems use to transmit packets for tracing a network path?

a) UDP
b) TCP
c) ICMP
d) TTL
e) ECHO

Obviously being a networking expert I have my networking glasses on but I have to respectfully disagree with these gentlemen that I don’t think this is such a bad question at all. Trust me, I’ve seen much worse.

So traceroute works differently on different operating systems. If you work with penetration testing I would argue that you need to have a good understanding of different operating systems. You should know how they behave, what their characteristics are and how you can fingerprint them. The correct answer here is UDP. Linux systems and Cisco devices normally use UDP to send packets for a traceroute while Windows systems use ICMP when doing a traceroute. The answer is of course not TCP because TCP would require the three-way handshake and why would a device want to start a Continue reading

DNS DDOS

The recent attacks on the DNS infrastructure operated by DYN in October 2016 have generated a lot of comment in recent days. Indeed, it’s not often that the DNS itself has been prominent in the mainstream of news commentary, and in some ways this DNS DDOS prominence is for all the wrong reasons! I’d like to speculate a bit on what this attack means for the DNS and what we could do to mitigate the recurrence of such attacks.

ARM Predicts Cambrian Server Explosion In The Coming Decades

What happens to the datacenter when a trillion devices embedded in every manner of product and facility are chatting away with each other, trying to optimize the world? There is a very good chance that the raw amount of computing needed to chew on that data at the edge, in the middle, and in a datacenter ­– yes, we will still have datacenters – will absolutely explode.

The supply chain for datacenters – including the ARM collective — is absolutely counting on exponential growth in sensors, which ARM Holding’s top brass and its new owner, Japanese conglomerate SoftBank Group, spent

ARM Predicts Cambrian Server Explosion In The Coming Decades was written by Timothy Prickett Morgan at The Next Platform.

ARM Predicts Cambrian Server Explosion In The Coming Decades

What happens to the datacenter when a trillion devices embedded in every manner of product and facility are chatting away with each other, trying to optimize the world? There is a very good chance that the raw amount of computing needed to chew on that data at the edge, in the middle, and in a datacenter ­– yes, we will still have datacenters – will absolutely explode.

The supply chain for datacenters – including the ARM collective — is absolutely counting on exponential growth in sensors, which ARM Holding’s top brass and its new owner, Japanese conglomerate SoftBank Group, spent

ARM Predicts Cambrian Server Explosion In The Coming Decades was written by Timothy Prickett Morgan at The Next Platform.