London is next in line for Google-backed gigabit Wi-Fi

London is next in line to receive the Link high-speed Wi-Fi service that briefly brought high-speed porn to the streets of New York.Intersection, the company behind LinkNYC, is partnering with British telecommunications operator BT and outdoor advertising company Primesight to deliver the service in London. Intersection is partly funded by Sidewalk Labs, a subsidiary of Google's parent Alphabet.Next year, BT will replace 100 of its phone booths with the LinkUK pillars, delivering gigabit Wi-Fi, free phone calls, and local information services on built-in Android tablets. The companies aim to install up to 750 of the hotspots across the UK in the coming years.To read this article in full or to leave a comment, please click here

Microsoft Graveyard: What Microsoft has killed in 2016

RIPMicrosoft has rolled out plenty of new things in 2016, including the latest edition of Windows Server, additions to its Azure cloud platform and increased availability of its futuristic HoloLens mixed reality technology. But as always, the company has had to make room for the new by ditching some of the old. Here’s a roundup of products, services and more that Microsoft rid itself of in 2016. (Here’s our broader 2016 Tech Industry Graveyard and our 2016 Google Graveyard)To read this article in full or to leave a comment, please click here

US transport agency guidance on vehicle cybersecurity irks lawmakers

Guidance from the National Highway Traffic Safety Administration for improving motor vehicle cybersecurity has attracted criticism from lawmakers who said that mandatory security standards were required.“This new cybersecurity guidance from the Department of Transportation is like giving a take-home exam on the honor code to failing students,” said Senators Edward J. Markey, a Democrat from Massachusetts, and Richard Blumenthal, a Democrat from Connecticut, who are both members of the Commerce, Science and Transportation Committee.“In this new Internet of Things era, we cannot let safety, cybersecurity, and privacy be an afterthought,” the senators added.To read this article in full or to leave a comment, please click here

US transport agency guidance on vehicle cybersecurity irks lawmakers

Guidance from the National Highway Traffic Safety Administration for improving motor vehicle cybersecurity has attracted criticism from lawmakers who said that mandatory security standards were required.“This new cybersecurity guidance from the Department of Transportation is like giving a take-home exam on the honor code to failing students,” said Senators Edward J. Markey, a Democrat from Massachusetts, and Richard Blumenthal, a Democrat from Connecticut, who are both members of the Commerce, Science and Transportation Committee.“In this new Internet of Things era, we cannot let safety, cybersecurity, and privacy be an afterthought,” the senators added.To read this article in full or to leave a comment, please click here

Lamers: the problem with bounties

In my last two posts, I pointed out that the anti-spam technique known as "DKIM" cryptographically verifies emails. This can be used to verify that some of the newsworthy emails are, indeed, correct and haven't been doctored. I offer a 1 btc (one bitcoin, around ~$600 at current exchange rates) bounty if anybody can challenge this assertion.

Unfortunately, bounties attract lamers who think they deserve the bounty. 


This guy insists he wins the bounty because he can add spaces to the email, and add fields like "Cc:" that DKIM doesn't check. Since DKIM ignores extra spaces and only checks important fields, these changes pass. The guy claims it's "doctored" because technically, he has changed things, even though he hasn't actually changed any of the important things (From, Date, Subject, and body content).

No. This doesn't qualify for the bounty. It doesn't call into question whether the Wikileaks emails say what they appear to say. It's so obvious that people have already contacted me and passed on it, Continue reading

Twitter said to plan 300 more job cuts this week

Twitter may trim its staff again by about 300 people or 8 percent of its workforce, as the company tries to cut costs in trying times.The widespread job cuts could come before the company releases its third-quarter earnings on Thursday, according to Bloomberg, which cited people familiar with the matter. It cautioned that the precise number of jobs affected could change.A Twitter spokeswoman said in an email that the company doesn’t comment on rumor or speculation.Twitter announced in October last year that it was laying off 336 employees.To read this article in full or to leave a comment, please click here

Lyft customers face potential hack from recycled phone numbers

Giving up an old cell phone number for a new one may seem harmless. But for Lyft customers, it can potentially expose their accounts to complete strangers.That's what happened to Lara Miller, a media relations specialist living in California. Earlier this month, she discovered two credit card charges made in Las Vegas, over 400 miles away."I thought it was legit fraud on my debit card," Miller said.  But in reality, another woman had accidentally taken over her old Lyft account. It happened because the phone company had recycled the cell phone number Miller had canceled back in April -- opening the door to the hack.The problem involves Lyft's login process. The ride-hailing app does away with the hassle of usernames and passwords, and instead signs up customers with their smartphone's cell number.To read this article in full or to leave a comment, please click here

Lyft customers face potential hack from recycled phone numbers

Giving up an old cell phone number for a new one may seem harmless. But for Lyft customers, it can potentially expose their accounts to complete strangers.That's what happened to Lara Miller, a media relations specialist living in California. Earlier this month, she discovered two credit card charges made in Las Vegas, over 400 miles away."I thought it was legit fraud on my debit card," Miller said.  But in reality, another woman had accidentally taken over her old Lyft account. It happened because the phone company had recycled the cell phone number Miller had canceled back in April -- opening the door to the hack.The problem involves Lyft's login process. The ride-hailing app does away with the hassle of usernames and passwords, and instead signs up customers with their smartphone's cell number.To read this article in full or to leave a comment, please click here

L3 vPC Support on Nexus 5k

So… I'm a little embarrased to admit this but I only very recently found out that there are significant differences in how Virtual Port Channels (vPC) behave on the Nexus 5k vs the Nexus 7k when it comes to forming routing adjacencies over the vPC.

Take the title literally!

I've read the vPC Best Practice whitepaper and have often referred

others to it and also referred back to it myself from time to time. What I failed to realize is that I should've been taking the title of this paper more literally: it is 100% specific to the Nexus 7k. The behaviors the paper describes, particularly around the data plane loop prevention protections for packets crossing the vPC peer-link, are specific to the n7k and are not necessarily repeated on the n5k.

White House: Small satellites bring “Moore’s Law” into space

Small satellites, sometimes called cubesats or just smallsats are a very popular way of getting inexpensive communications and surveillance into space quickly.Looking to bolster that notion, the White House recently revealed a number of program that it says will help drive the use of smallsats even further. The White House Office of Science and Technology Policy (OSTP) announced what it called the “Harnessing the Small Satellite Revolution” initiative, which basically brings together National Aeronautics and Space Administration (NASA), the Department of Defense, the Department of Commerce, and other Federal agencies, to promote and support government and private use of small satellites for remote sensing, communications, science, and the exploration of space. To read this article in full or to leave a comment, please click here

White House: Small satellites bring “Moore’s Law” into space

Small satellites, sometimes called cubesats or just smallsats are a very popular way of getting inexpensive communications and surveillance into space quickly.Looking to bolster that notion, the White House recently revealed a number of program that it says will help drive the use of smallsats even further. The White House Office of Science and Technology Policy (OSTP) announced what it called the “Harnessing the Small Satellite Revolution” initiative, which basically brings together National Aeronautics and Space Administration (NASA), the Department of Defense, the Department of Commerce, and other Federal agencies, to promote and support government and private use of small satellites for remote sensing, communications, science, and the exploration of space. To read this article in full or to leave a comment, please click here

The enterprise wish-list for the hybrid cloud

If you know how to drive one car, you know how to drive pretty much any car. The gas pedal is always on the right and brake on the left. Push the turn signal up to go right and down to go left. Whether it’s a Ford or a Toyota, you don’t need to relearn how to drive each car.Public cloud should be the same way, argues Bob Wysocki, CTO of Digital Infrastructure for General Electric and a member of the Open Networking User Group (ONUG). This week at ONUG’s annual fall meeting in New York a key theme is making it easier for enterprises to use public IaaS cloud services. Earlier this year ONUG created a new Hybrid Cloud Working Group that has created a sort of wish-list of what enterprise customers from GE, Pfizer, Citigroup and Gap would like to see from public cloud vendors to achieve easier usability.To read this article in full or to leave a comment, please click here

Answers to ‘Is the internet broken?’ and other Dyn DDoS questions

The massive DDoS attacks that took down internet address-translation service Dyn and its customers last week raise a lot of need-to-know questions about the overall security of online infrastructure and its performance.While the attacks were ultimately mitigated and have subsided, the means for carrying out others are still viable and could crop up at any time with other targets. Here are some questions and answers that address what happened, how it happened, whether it could happen again and what the consequences might be.Is the internet broken?No, or at least not any more than it was before. It’s made up of a system of independent vendors and institutions working cooperatively to provide access to sites around the world. Each works in its own best interests but also cooperates with the others to make the system work for everybody. Like any such system, it’s got flaws and weaknesses. The Dyn attackers targeted some of these vulnerabilities and exploited them for maximum effect.To read this article in full or to leave a comment, please click here

Answers to ‘Is the internet broken?’ and other Dyn DDoS questions

The massive DDoS attacks that took down internet address-translation service Dyn and its customers last week raise a lot of need-to-know questions about the overall security of online infrastructure and its performance.While the attacks were ultimately mitigated and have subsided, the means for carrying out others are still viable and could crop up at any time with other targets. Here are some questions and answers that address what happened, how it happened, whether it could happen again and what the consequences might be.Is the internet broken?No, or at least not any more than it was before. It’s made up of a system of independent vendors and institutions working cooperatively to provide access to sites around the world. Each works in its own best interests but also cooperates with the others to make the system work for everybody. Like any such system, it’s got flaws and weaknesses. The Dyn attackers targeted some of these vulnerabilities and exploited them for maximum effect.To read this article in full or to leave a comment, please click here

Annual Security Survey – Call for Participation

It’s that time again! Arbor Networks is opening its 12th annual Worldwide Infrastructure Security Report survey. Findings from this survey are compiled and analyzed to provide insights on a comprehensive range of issues from threat detection and incident response to staffing, budgets and partner relationships.  A copy of the report will be sent to all participants. We […]

Worth Reading: Some notes on today’s DDoS

As a techy, I want to know the composition of the traffic. Is it blindly overflowing incoming links with junk traffic? Or is it cleverly sending valid DNS requests, overloading the ability of servers to respond, and overflowing outgoing link (as responses are five times or more as big as requests). Such techy details and more make a big difference. Was Dyn the only target? Why were non-Dyn customers effected? —Errata Security

LinkedInTwitterGoogle+Facebook

The post Worth Reading: Some notes on today’s DDoS appeared first on 'net work.

1 2,566 2,567 2,568 2,569 2,570 3,832