0

Traffic Pattern Attacks: A Real Threat

Assume, for a moment, that you have a configuration something like this—

Some host, A, is sending queries to, and receiving responses from, a database at C. An observer, B, has access to the packets on the wire, but neither the host nor the server. All the information between the host and the server is encrypted. There is nothing the observer, B, can learn about the information being carried between the client and the server? Given the traffic is encrypted, you might think… “not very much.”

A recent research paper published at CCS ’16 in Vienna argues the observer could know a lot more. In fact, based on just the patterns of traffic between the server and the client, given the database uses atomic operations and encrypts each record separately, it’s possible to infer the key used to query the database (not the cryptographic key). The paper can be found here. Specifically:

We then develop generic reconstruction attacks on any system supporting range queries where either access pattern or communication volume is leaked. These attacks are in a rather weak passive adversarial model, where the untrusted server knows only the underlying query distribution. In particular, to perform our attack Continue reading

0

Huawei Seeks More Information Technology Talent in Europe

It joins the club of telco equipment makers seeking top IT talent.

0

Global Mentor Week: Thank you Docker Community!

Danke, рақмет сізге, tak, धन्यवाद, cảm ơn bạn, شكرا, mulțumesc, Gracias, merci, asante, ευχαριστώ, thank you Docker community for an incredible Docker Global Mentor Week! From Tokyo to Sao Paulo, Kisimu to Copenhagen and Ottowa to Manila, it was so awesome to see the energy from the community coming together to celebrate and learn about Docker!

Over 7,500 people registered to attend one of the 110 mentor week events across 5 continents! A huge thank you to all the Docker meetup organizers who worked hard to make these special events happen and offer Docker beginners and intermediate users an opportunity to participate in Docker courses.

None of this would have been possible without the support (and expertise!) of the 500+ advanced Docker users who signed up as mentors to help newcomers #LearnDocker.

Whether it was mentors helping attendees, newcomers pushing their first image to Docker Hub or attendees mingling and having a good time, everyone came together to make mentor week a success as you can see on social media and the Facebook photo album.

Here are some of our favorite tweets from the meetups:

 

@Docker #LearnDocker #DevOps #Containers #DockerDatacenter #WomenInTech #dockermeetup at #HPE Grenoble France 17Nov2016 @HPE_FR Continue reading

0

New Ericsson CEO Has Big Job Ahead

The company needs to embrace open source and analytics to thrive.

0

How to use data to design the best market for your company

Your business spends a lot of time analyzing the market you sell to, but can you take a step back and instead create the market that you want? Experts in the little-known field of behavioral economics and market design say “yes.”To read this article in full or to leave a comment, please click here(Insider Story)

0

Google launches Trusted Contacts location sharing app

How do you feel about sharing your location with “trusted contacts”? From Google’s point of view, its new Trusted Contacts app will “help you feel safe and give your friends and family peace of mind.”The “personal safety app” will work even if your phone is offline.Google software engineer Minh Nguyen explained: Here’s how it works: Once you install the Android app, you can assign “trusted” status to your closest friends and family. Your trusted contacts will be able to see your activity status — whether you’ve moved around recently and are online — to quickly know if you're OK. If you find yourself in a situation where you feel unsafe, you can share your actual location with your trusted contacts. And if your trusted contacts are really worried about you, they can request to see your location. If everything’s fine, you can deny the request. But if you’re unable to respond within a reasonable time-frame, your location is shared automatically and your loved ones can determine the best way to help you out. Of course, you can stop sharing your location or change your trusted contacts whenever you want.To read this article in full or Continue reading

0

Google launches Trusted Contacts location sharing app

How do you feel about sharing your location with “trusted contacts”? From Google’s point of view, its new Trusted Contacts app will “help you feel safe and give your friends and family peace of mind.”The “personal safety app” will work even if your phone is offline.Google software engineer Minh Nguyen explained: Here’s how it works: Once you install the Android app, you can assign “trusted” status to your closest friends and family. Your trusted contacts will be able to see your activity status — whether you’ve moved around recently and are online — to quickly know if you're OK. If you find yourself in a situation where you feel unsafe, you can share your actual location with your trusted contacts. And if your trusted contacts are really worried about you, they can request to see your location. If everything’s fine, you can deny the request. But if you’re unable to respond within a reasonable time-frame, your location is shared automatically and your loved ones can determine the best way to help you out. Of course, you can stop sharing your location or change your trusted contacts whenever you want.To read this article in full or Continue reading

0

HPE Intros a Micro Datacenter on Wheels

It can't do 'zero to 60' but it can rev up the IoT network edge.

0

Amazon’s biggest re:Invent cloud announcements

IoT, Machine Learning and trucking data into the cloudImage by AmazonAWS’s 2016 re:Invent conference is a wrap, and if you missed any of the news check out the biggest announcements Amazon made in Las Vegas. From data analytics tools to machine learning platforms and new IoT functions, there was a lot to digest. Amazon will even truck your data into its cloud!To read this article in full or to leave a comment, please click here

0

IDG Contributor Network: How to build the business case for a digital workplace

In my blog post last month, I wrote about why digital-workplace technology has become a mandate in today’s hyper-mobile world. This month, I explore basics of building a strategy and a business case so you can get budget and make your digital workplace a reality.The other day, I heard a great story about how a colleague of mine got board approval to hire more than two dozen new staff members—and the whole negotiation took less than an hour. He used digital-workplace technology to pull a remote team member into a board meeting on the fly and run ROI scenarios in real time. Without being able to see the specific figures, the decision would have taken weeks and cost millions in potential revenue.To read this article in full or to leave a comment, please click here

0

De-Risking NFV via Systems Integration or NFV One-Stop-Shops

Because NFV is just too complicated for end users.

0

67% off iClever BoostCube 40W 4-Port USB Wall Charger with Foldable Plug – Deal Alert

This 40W/8A 4-port output wall charger from iClever detects the charging capacity of each device, and provides the fastest possible charge of up to 2.4 amps per port, charging any four USB-enabled devices simultaneously. Its compact design features a foldable plug.  It contains multiple internal protection mechanisms to guarantee the safety of your device. iClever's BoostCube averages 4.5 out of 5 stars on Amazon from nearly 1,000 people (read reviews). It's typical list price has beed reduced 67% to just $19.99. See it on Amazon.To read this article in full or to leave a comment, please click here

0

AWS Shield – Managed DDoS Protection

AWS now offers a DDOS service. Some non-specific thinking out loud on what this means.

The post AWS Shield – Managed DDoS Protection appeared first on EtherealMind.

0

The Tech that Turns Each of Us Into a Walled Garden

 

How we treat each other is based on empathy. Empathy is based on shared experience. What happens when we have nothing in common?

Systems are now being constructed so we’ll never see certain kinds of information. Each of us live in our own algorithmically created Skinner Box /silo/walled garden, fed only information AIs think will be simultaneously most rewarding to you and their creators (Facebook, Google, etc).

We are always being manipulated, granted, but how we are being manipulated has taken a sharp technology driven change and we should be aware of it. This is different. Scary different. And the technology behind it all is absolutely fascinating.

Divided We Are Exploitable

0

Chrome bug triggered errors on websites using Symantec SSL certificates

If you've encountered errors over the past month when trying to access HTTPS-enabled websites on your computer or Android phone, it might have been due to a bug in Chrome.The bug affected the validation for some SSL certificates issued by Symantec, one of the world's largest certificate authorities, as well as by GeoTrust and Thawte, two CAs that Symantec also controls.The bug was introduced in Chrome version 53, but also affected the Android WebView component that Android apps use to display Web content, said Rick Andrews, senior technical director at Symantec in a blog post Friday.To read this article in full or to leave a comment, please click here

0

Chrome bug triggered errors on websites using Symantec SSL certificates

If you've encountered errors over the past month when trying to access HTTPS-enabled websites on your computer or Android phone, it might have been due to a bug in Chrome.The bug affected the validation for some SSL certificates issued by Symantec, one of the world's largest certificate authorities, as well as by GeoTrust and Thawte, two CAs that Symantec also controls.The bug was introduced in Chrome version 53, but also affected the Android WebView component that Android apps use to display Web content, said Rick Andrews, senior technical director at Symantec in a blog post Friday.To read this article in full or to leave a comment, please click here

0

Worth Reading: Navigating the Pentest World

The demand for penetration testing and security assessment services worldwide has been growing year-on-year. Driven largely by Governance, Risk, and Compliance (GRC) concerns, plus an evolving pressure to be observed taking information security and customer privacy seriously, most CIO/CSO/CISO’s can expect to conduct regular “pentests” as a means of validating their organizations or product’s security —CircleID

The post Worth Reading: Navigating the Pentest World appeared first on 'net work.

0

Why are Self Service, Agility and Cloud Linked?

You get agility through cloud by making the cloud self-service.

0

Network Break 115: Avaya Considers Bankruptcy; AWS Reinvents

Todays Network Break episode looks at Avayas reported consideration of Chapter 11, financial results from HPE & Nutanix, announcements from AWS ReInvent, and more The post Network Break 115: Avaya Considers Bankruptcy; AWS Reinvents appeared first on Packet Pushers.

0

OpenAI releases Universe, a platform for training AIs to play games, use apps

OpenAI, an artificial intelligence research company, wants to let AIs loose in their own universe, where they can learn to play games, use apps and interact with websites.Universe is the name of OpenAI's tool for training AIs on, as it puts it, "any task a human can complete with a computer." Using a VNC (Virtual Network Computing) remote desktop, it allows the AI to control the game or app using a virtual keyboard and mouse, and to see its output by analyzing the pixels displayed on the screen. It's essentially an interface to the company's Gym toolkit for developing reinforcement algorithms, a type of machine learning system.To read this article in full or to leave a comment, please click here