Get Out While You Still Can

For years, this blog has mostly been about enterprise IT with a focus on networking. I’ll spare you the entire history because no one cares. But in short, if you dig through the archives, you’ll find content going all the way back to the beginning of 2007 when I was writing for my CCIE study blog.

Ten years, hundreds of articles, and millions of words later, I am a full-time writer and podcaster covering enterprise technology for engineers from behind a microphone and keyboard. But I don’t do that here anymore. I do that at PacketPushers.net.

Before Packet Pushers became the thing that put food in my mouth, I’d split my enterprise tech writing between this blog and that, but splitting the content just doesn’t make sense now. Thus, I’ve been putting all my enterprise tech writing under the Packet Pushers flag. Packet Pushers Interactive is my company that I co-founded, and I’m proud of it. There is no reason to straddle the fence.

So, what of this blog?

EthanCBanks.com will be where I write about…

  • General technology. For example, I’m into the Garmin & Apple ecosystems. I read a lot about alt-energy. I cover many other nerdy topics with my friend Eric Sutphen on the weekly Citizens Continue reading

Worth Reading: The Dangers of the New UK Investigatory Powers Act

There is an old adage that trust takes years to build, seconds to break, and forever to repair. When it comes to the Internet and its users, the same holds true. For average Internet users, trust in the Internet has to be built. They have to gain confidence in the safety of their private information online. When a user’s private online information is made public, they lose trust in the Internet and its services. —The Internet Society

LinkedInTwitterGoogle+Facebook

The post Worth Reading: The Dangers of the New UK Investigatory Powers Act appeared first on 'net work.

Traffic Pattern Attacks: A Real Threat

Assume, for a moment, that you have a configuration something like this—

db-key-traffic-attack

Some host, A, is sending queries to, and receiving responses from, a database at C. An observer, B, has access to the packets on the wire, but neither the host nor the server. All the information between the host and the server is encrypted. There is nothing the observer, B, can learn about the information being carried between the client and the server? Given the traffic is encrypted, you might think… “not very much.”

A recent research paper published at CCS ’16 in Vienna argues the observer could know a lot more. In fact, based on just the patterns of traffic between the server and the client, given the database uses atomic operations and encrypts each record separately, it’s possible to infer the key used to query the database (not the cryptographic key). The paper can be found here. Specifically:

We then develop generic reconstruction attacks on any system supporting range queries where either access pattern or communication volume is leaked. These attacks are in a rather weak passive adversarial model, where the untrusted server knows only the underlying query distribution. In particular, to perform our attack Continue reading

Global Mentor Week: Thank you Docker Community!

Danke, рақмет сізге, tak, धन्यवाद, cảm ơn bạn, شكرا, mulțumesc, Gracias, merci, asante, ευχαριστώ, thank you Docker community for an incredible Docker Global Mentor Week! From Tokyo to Sao Paulo, Kisimu to Copenhagen and Ottowa to Manila, it was so awesome to see the energy from the community coming together to celebrate and learn about Docker!

Docker Global mentor week

Over 7,500 people registered to attend one of the 110 mentor week events across 5 continents! A huge thank you to all the Docker meetup organizers who worked hard to make these special events happen and offer Docker beginners and intermediate users an opportunity to participate in Docker courses.

None of this would have been possible without the support (and expertise!) of the 500+ advanced Docker users who signed up as mentors to help newcomers #LearnDocker.

Whether it was mentors helping attendees, newcomers pushing their first image to Docker Hub or attendees mingling and having a good time, everyone came together to make mentor week a success as you can see on social media and the Facebook photo album.

Here are some of our favorite tweets from the meetups:

 

Google launches Trusted Contacts location sharing app

How do you feel about sharing your location with “trusted contacts”? From Google’s point of view, its new Trusted Contacts app will “help you feel safe and give your friends and family peace of mind.”The “personal safety app” will work even if your phone is offline.Google software engineer Minh Nguyen explained: Here’s how it works: Once you install the Android app, you can assign “trusted” status to your closest friends and family. Your trusted contacts will be able to see your activity status — whether you’ve moved around recently and are online — to quickly know if you're OK. If you find yourself in a situation where you feel unsafe, you can share your actual location with your trusted contacts. And if your trusted contacts are really worried about you, they can request to see your location. If everything’s fine, you can deny the request. But if you’re unable to respond within a reasonable time-frame, your location is shared automatically and your loved ones can determine the best way to help you out. Of course, you can stop sharing your location or change your trusted contacts whenever you want.To read this article in full or Continue reading

Google launches Trusted Contacts location sharing app

How do you feel about sharing your location with “trusted contacts”? From Google’s point of view, its new Trusted Contacts app will “help you feel safe and give your friends and family peace of mind.”The “personal safety app” will work even if your phone is offline.Google software engineer Minh Nguyen explained: Here’s how it works: Once you install the Android app, you can assign “trusted” status to your closest friends and family. Your trusted contacts will be able to see your activity status — whether you’ve moved around recently and are online — to quickly know if you're OK. If you find yourself in a situation where you feel unsafe, you can share your actual location with your trusted contacts. And if your trusted contacts are really worried about you, they can request to see your location. If everything’s fine, you can deny the request. But if you’re unable to respond within a reasonable time-frame, your location is shared automatically and your loved ones can determine the best way to help you out. Of course, you can stop sharing your location or change your trusted contacts whenever you want.To read this article in full or Continue reading

Amazon’s biggest re:Invent cloud announcements

IoT, Machine Learning and trucking data into the cloudImage by AmazonAWS’s 2016 re:Invent conference is a wrap, and if you missed any of the news check out the biggest announcements Amazon made in Las Vegas. From data analytics tools to machine learning platforms and new IoT functions, there was a lot to digest. Amazon will even truck your data into its cloud!To read this article in full or to leave a comment, please click here

IDG Contributor Network: How to build the business case for a digital workplace

In my blog post last month, I wrote about why digital-workplace technology has become a mandate in today’s hyper-mobile world. This month, I explore basics of building a strategy and a business case so you can get budget and make your digital workplace a reality.The other day, I heard a great story about how a colleague of mine got board approval to hire more than two dozen new staff members—and the whole negotiation took less than an hour. He used digital-workplace technology to pull a remote team member into a board meeting on the fly and run ROI scenarios in real time. Without being able to see the specific figures, the decision would have taken weeks and cost millions in potential revenue.To read this article in full or to leave a comment, please click here

67% off iClever BoostCube 40W 4-Port USB Wall Charger with Foldable Plug – Deal Alert

This 40W/8A 4-port output wall charger from iClever detects the charging capacity of each device, and provides the fastest possible charge of up to 2.4 amps per port, charging any four USB-enabled devices simultaneously. Its compact design features a foldable plug.  It contains multiple internal protection mechanisms to guarantee the safety of your device. iClever's BoostCube averages 4.5 out of 5 stars on Amazon from nearly 1,000 people (read reviews). It's typical list price has beed reduced 67% to just $19.99. See it on Amazon.To read this article in full or to leave a comment, please click here

The Tech that Turns Each of Us Into a Walled Garden

 

How we treat each other is based on empathy. Empathy is based on shared experience. What happens when we have nothing in common?

Systems are now being constructed so we’ll never see certain kinds of information. Each of us live in our own algorithmically created Skinner Box /silo/walled garden, fed only information AIs think will be simultaneously most rewarding to you and their creators (Facebook, Google, etc).

We are always being manipulated, granted, but how we are being manipulated has taken a sharp technology driven change and we should be aware of it. This is different. Scary different. And the technology behind it all is absolutely fascinating.

Divided We Are Exploitable

Chrome bug triggered errors on websites using Symantec SSL certificates

If you've encountered errors over the past month when trying to access HTTPS-enabled websites on your computer or Android phone, it might have been due to a bug in Chrome.The bug affected the validation for some SSL certificates issued by Symantec, one of the world's largest certificate authorities, as well as by GeoTrust and Thawte, two CAs that Symantec also controls.The bug was introduced in Chrome version 53, but also affected the Android WebView component that Android apps use to display Web content, said Rick Andrews, senior technical director at Symantec in a blog post Friday.To read this article in full or to leave a comment, please click here

Chrome bug triggered errors on websites using Symantec SSL certificates

If you've encountered errors over the past month when trying to access HTTPS-enabled websites on your computer or Android phone, it might have been due to a bug in Chrome.The bug affected the validation for some SSL certificates issued by Symantec, one of the world's largest certificate authorities, as well as by GeoTrust and Thawte, two CAs that Symantec also controls.The bug was introduced in Chrome version 53, but also affected the Android WebView component that Android apps use to display Web content, said Rick Andrews, senior technical director at Symantec in a blog post Friday.To read this article in full or to leave a comment, please click here

Worth Reading: Navigating the Pentest World

The demand for penetration testing and security assessment services worldwide has been growing year-on-year. Driven largely by Governance, Risk, and Compliance (GRC) concerns, plus an evolving pressure to be observed taking information security and customer privacy seriously, most CIO/CSO/CISO’s can expect to conduct regular “pentests” as a means of validating their organizations or product’s security —CircleID

LinkedInTwitterGoogle+Facebook

The post Worth Reading: Navigating the Pentest World appeared first on 'net work.

1 2,481 2,482 2,483 2,484 2,485 3,844