The FIDO Alliance provides strong authentication for online services  

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  For many security professionals, passwords are the scourge of the authentication world, and their death can't come soon enough. Passwords are too often stolen, shared, forgotten or simply too weak or obvious to be effective. According to the 2016 Verizon Data Breach Investigations Report, 63% of confirmed data breaches involve the use of weak, default or stolen passwords.End users hate passwords too, because they create a bad user experience (UX). We are advised (or forced) to use complex combinations of numbers, characters and symbols that are practically impossible to remember, and we are supposed to have a different password for every system and application we use. Years ago I resorted to a password manager to keep track of my 300+ sets of credentials.To read this article in full or to leave a comment, please click here

The FIDO Alliance provides strong authentication for online services  

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  For many security professionals, passwords are the scourge of the authentication world, and their death can't come soon enough. Passwords are too often stolen, shared, forgotten or simply too weak or obvious to be effective. According to the 2016 Verizon Data Breach Investigations Report, 63% of confirmed data breaches involve the use of weak, default or stolen passwords.End users hate passwords too, because they create a bad user experience (UX). We are advised (or forced) to use complex combinations of numbers, characters and symbols that are practically impossible to remember, and we are supposed to have a different password for every system and application we use. Years ago I resorted to a password manager to keep track of my 300+ sets of credentials.To read this article in full or to leave a comment, please click here

Check out these 11 new Windows 10 features Microsoft sneakily revealed

Microsoft was quiet about several planned features in the Creators UpdateImage by Blair Hanley FrankMicrosoft showed off a handful of marquee features for next year's Windows 10 update on Wednesday, but the company sneakily hid 11 more new releases in its sizzle reel preview of the Creators Update. To read this article in full or to leave a comment, please click here

Worth Reading: Implementing multifactor authentication in the enterprise

IT systems must manage users and control access privileges to protect sensitive resources. This function is usually implemented in enterprise networks through authentication (verification of identity), authorization (control of access privileges) and accounting (recording of actions for auditing)—an “AAA” security framework. —Data Center Journal

The post Worth Reading: Implementing multifactor authentication in the enterprise appeared first on 'net work.

A spam-control issue unique to Australia?

A user of Reddit’s section devoted to systems administration yesterday offered up for inspection an F-bomb-laden phishing email that had eluded his company’s spam filter despite the filter having been set to weed out such cursing. Then this exchange ensued: Reddit I also laughed out loud.To read this article in full or to leave a comment, please click here

A spam-control issue unique to Australia?

A user of Reddit’s section devoted to systems administration yesterday offered up for inspection an F-bomb-laden phishing email that had eluded his company’s spam filter despite the filter having been set to weed out such cursing. Then this exchange ensued: Reddit I also laughed out loud.To read this article in full or to leave a comment, please click here

To solve IoT security, look at the big picture, ARM says

The recent DDoS attacks launched from IoT devices demonstrate that the internet of things spans all parts of IT and that most companies deploying it still need a lot of help.That's the message from ARM, the chip design company behind nearly every smartphone and a big chunk of IoT, at its annual TechCon event this week in Silicon Valley.Small, low-power devices like sensors and security cameras are the most visible part of IoT, and they’re right in ARM’s wheelhouse as the dominant force in low-power chips. But on Wednesday, the company highlighted a cloud-based SaaS offering rather than chips or edge devices themselves. IoT depends on back-end capabilities as much as edge devices, and the company wants to play a role in all of it.To read this article in full or to leave a comment, please click here

To solve IoT security, look at the big picture, ARM says

The recent DDoS attacks launched from IoT devices demonstrate that the internet of things spans all parts of IT and that most companies deploying it still need a lot of help.That's the message from ARM, the chip design company behind nearly every smartphone and a big chunk of IoT, at its annual TechCon event this week in Silicon Valley.Small, low-power devices like sensors and security cameras are the most visible part of IoT, and they’re right in ARM’s wheelhouse as the dominant force in low-power chips. But on Wednesday, the company highlighted a cloud-based SaaS offering rather than chips or edge devices themselves. IoT depends on back-end capabilities as much as edge devices, and the company wants to play a role in all of it.To read this article in full or to leave a comment, please click here

Formula One puts you in the Grand Prix with VR and AR

When it comes to cars, there can be little question that Formula 1 is at the bleeding edge, pushing the limits of engineering. So, it is fitting that it is now helping to push the limits of virtual reality (VR) and augmented reality (AR).For the third year running, the motor racing competition's "Official Connectivity Provider," Tata Communications (also the Official Managed Connectivity Supplier of the Mercedes AMG Petronas Formula One Team), operated the F1 Connectivity Innovation Prize — which seeks to leverage F1's legacy of innovation to inspire fans around the world to harness their technical expertise and passion for the sport to drive their own innovation.To read this article in full or to leave a comment, please click here

60% off Anker 60W 10-Port USB Charger – Deal Alert

PowerIQ and VoltageBoost technology combine to provide the fastest possible charge of up to 2.4 amps per port on this charging station from Anker. A total of ten ports pump out 60 watts of power, enabling simultaneous multi-device charging, from smartphones to tablets and everything in between. Built-in safety features protect you and your devices. This powerful 10-port charging station currently averages 5 out of 5 stars from 1,100 people on Amazon (read reviews). Its typical list price has been reduced 60% to $39.99.To read this article in full or to leave a comment, please click here

CIO security lessons: Dark thinking on IoT & exploding enterprise networks

“How many of you or your staff had trouble getting on the internet Friday?”That was how cybersecurity consultant Bryce Austin kicked off his talk Tuesday at SIMposium 2016, a big gathering of CIOs and IT execs at the Mohegan Sun resort in Connecticut, on the "Unintended Consequences of the Internet of Things."Uncomfortable laughter ensued.Austin, who then went on to make attendees even more uncomfortable, swears that even though his session didn't make the original program, it wasn’t added to the agenda as a result of the now notorious IoT-exploiting Dyn DDoS attack that unfolded Friday.To read this article in full or to leave a comment, please click here

Nokia Hit With Q3 Net Loss as Network Buildouts Slow

About that $17B Alcatel-Lucent buy — why didn't that help?

Designer or Architect? It’s A Matter Of Choice

I had a great time at ONUG this past week. I got to hear a lot of great presentations from some great people, and I got a chance to catch up with some friends as well. One of those was Pete Lumbis (@PeteCCDE) who had a great presentation this past spring at Interop. We talked a lot about tech and networking, but one topic he brought up that made me stop and think for a moment was the wide gulf between design and architecture.

Binary Designers

Design is a critical part of an IT project. Things must fit and make sense before the implementors can figure out how to put the pieces together. Design is all about building a list of products and describing how they’ll interact once turned on. Proper design requires you to step away from the keyboard for a moment and think about a bigger picture than just hacking CLI commands or Python code to make some lights start blinking in the right order.

But design is inherently limited. Think about the last design you did, whether it be wireless or networking or even storage. When you start a design, you automatically make assumptions about Continue reading

Reaction: Keith’s Law

Ethan pointed me to this post about complexity and incremental improvement in a slack message. There are some interesting things here, leading me in a number of different directions, that might be worth your reading time. The post begins with an explanation of what the author calls “Keith’s law”—

I am going to paraphrase the version he shared over lunch at the Facebook campus a few years ago and call it Keith’s Law: In a complex system, the cumulative effect of a large number of small optimizations is externally indistinguishable from a radical leap. If you want to do big things in a software-eaten world, it is absolutely crucial that you understand Keith’s Law. —Breaking Smart

The author attributes this to the property of emergence; given I don’t believe in blind emergence, I would attribute this effect to the combined intertwining of many intelligent actors producing an effect that at least many of them probably wanted (the improvement of the complex system), and each of them working in their own spheres to achieve that result without realizing the overall multiplier effect of their individual actions. If that was too long and complicated, perhaps this is shorter and better—

The law of Continue reading

Big Switch Networks, A Career-Launching Company

Qualcomm to Acquire NXP for $38B, the Latest Chip Megamerger

5G meets automotive in a bid to build an IoT powerhouse.

It Takes a Lot of Supercomputing to Simulate Future Computing

The chip industry is quickly reaching the limits of traditional lithography in its effort to cram more transistors onto a piece of silicon at a pace consistent with Moore’s Law. Accordingly, new approaches, including using extreme ultraviolet light sources, are being developed. While this can promise new output for chipmakers, developing this technology to enhance future computing is going to take a lot of supercomputing.

Lawrence Livermore National Lab’s Dr. Fred Streitz and his teams at the HPC Innovation Center at LLNL are working with Dutch semiconductor company, ASML, to push advances in lithography for next-generation chips. Even as a …

It Takes a Lot of Supercomputing to Simulate Future Computing was written by Nicole Hemsoth at The Next Platform.

It Takes a Lot of Supercomputing to Simulate Future Computing

The chip industry is quickly reaching the limits of traditional lithography in its effort to cram more transistors onto a piece of silicon at a pace consistent with Moore’s Law. Accordingly, new approaches, including using extreme ultraviolet light sources, are being developed. While this can promise new output for chipmakers, developing this technology to enhance future computing is going to take a lot of supercomputing.

Lawrence Livermore National Lab’s Dr. Fred Streitz and his teams at the HPC Innovation Center at LLNL are working with Dutch semiconductor company, ASML, to push advances in lithography for next-generation chips. Even as a …

It Takes a Lot of Supercomputing to Simulate Future Computing was written by Nicole Hemsoth at The Next Platform.

Containerize Windows workloads with Image2Docker

Yesterday, we held a packed webinar on using the Image2Docker tool that prototypes shifting a legacy Windows virtual machine to a Windows Container Dockerfile.

Image2Docker is an open source, community generated powershell module that searches for common components of a Windows Server VM and generates a Dockerfile to match. Originally created by Docker Captain Trevor Sullivan, it is now an open source tool hosted in our GitHub repository. Currently there is discovery of components such IIS, Apache, SQL Server and more. As an input it supports VHD, VHDX, and WIM files. When paired with Microsoft’s Virtual Machine Converter, you can start with pretty much any VM format.

Image2Docker is community supported and designed to show you how easy it is to create Windows Containers from your existing servers. We strongly encourage you to fork it, play with it and contribute pull requests back to the community. Or just install it and use it to generate your own Dockerfiles.

Watch the on-demand webinar to learn more about how it was built, how to use it, and how to contribute.

 Here are some of the most popular questions from the sessions with answers.

Is it possible to containerize an application Continue reading

IDG Contributor Network: Securing the breach trumps breach prevention

In my prior posts, I discussed both the changing face of data breaches and the reality distortion field surrounding today’s IT security professionals when they talk about effective ways to combat data breaches. Three things we know for certain, though, is that data breaches are not going away, our adversaries are continuing to innovate and attack, and the costs of a breach are becoming more tangible.Just this month, Verizon claimed the massive hack on Yahoo caused irreparable harm to the tech company in terms of customer trust, possibly allowing the wireless provider to withdraw from or renegotiate the terms of its $4.83 billion acquisition agreement. Also, in October, the U.K. Information Commissioner’s Office hit TalkTalk with more than $400,000 in fines for its 2015 cyber attack.To read this article in full or to leave a comment, please click here