NetworkingNexus.net

3 ways Windows Server 2016 is tackling security

Every version of Windows — client and server — has promised improved security. But with Windows 10 and Windows Server 2016, Microsoft is going beyond the usual incremental improvements and closing of loopholes and giving you the tools to reduce the dangers of phished credentials, over-privileged admins and untrustworthy binaries.“In the past, security was always something that was part of another technology” says Jeff Woolsey, principal group program manager at Microsoft. “We needed to pull it out.”Security and protecting identity comes up in every conversation Microsoft has with customers, he says. And the scale of attacks means that security isn’t just something for the IT team to worry about any more, adds Jeffrey Snover, lead architect for the enterprise cloud group and the Microsoft Azure stack. “When we asked customers ‘what are your IT concerns?’ there were some messages we heard consistently. There were too many stories about getting hacked and not knowing for months.”To read this article in full or to leave a comment, please click here(Insider Story)

3 ways Windows Server 2016 is tackling security

Citrix’s Optimism Continues After a Robust Q3

'Workplace IoT' could be in Citrix's future.

Free tool protects PCs from master boot record attacks

Cisco Systems' Talos team has developed an open-source tool that can protect the master boot record of Windows computers from modification by ransomware and other malicious attacks.The tool, called MBRFilter, functions as a signed system driver and puts the disk's sector 0 into a read-only state. It is available for both 32-bit and 64-bit Windows versions and its source code has been published on GitHub.The master boot record (MBR) consists of executable code that's stored in the first sector (sector 0) of a hard disk drive and launches the operating system's boot loader. The MBR also contains information about the disk's partitions and their file systems.To read this article in full or to leave a comment, please click here

Free tool protects PCs from master boot record attacks

Technology confirms election ballot error is less than .001%

Distrust in the U.S. voting process and the presidential election has reached an all-time high, with many concerned their ballots won’t be counted. Voters can rest easy, though, when it comes to voting technology. Ballot errors are almost non-existent, said the CEO of voting system builder Clear Ballot.+ Also on Network World: Hacking the Election: Myths & Realities + Clear Ballot, a venture-backed company in Boston, builds an end-to-end voting system that includes precinct voting, accessible voting to serve disabled voters, central tabulation, consolidation and reporting, and an election management system, all using commodity off-the-shelf hardware. Most voting systems are built using proprietary hardware and software platforms. Because the voting system relies on commodity hardware, acquiring and setting up a ballot verification system is straightforward.To read this article in full or to leave a comment, please click here

The Age of Real-Time IT

Virtualization can help IT organizations break down the silos that exist between application developers and enable operations teams to deliver real-time IT.

US intelligence targets advanced security management of virtual systems

Looking to lock down government cloud-based resources in particular, researchers from the Intelligence Advance Research Projects Activity this week announced a program that will develop better technology to manage and secure Virtual Desktop Infrastructure environments. +More on Network World: Gartner: Virtual personal health assistants and other technology eliminate the physician for annual exams+ The advanced research arm of the Office of the Director of National Intelligence rolled out the Virtuous User Environment (VirtUE) program which the agency says “is looking to use the federal government’s impending migration to commercial cloud-based IT infrastructures and the current explosion of new virtualization and operating system concepts to create and demonstrate a more secure interactive user computing environment than the government has had in the past or likely to have in the near future.”To read this article in full or to leave a comment, please click here

US intelligence targets advanced security management of virtual systems

Docker Networking Fundamentals

This excerpt from "Learning Docker Networking" covers the container technology's networking elements.

Regaining Control In The Cloud

The cloud undercuts data center security, but infrastructure security as a service provides a way to reclaim centralized control.

Windows users face update bloat, and tough choices

Windows 10's cumulative updates have ballooned in size, and a similar bloat will also affect the Windows 7 updates that Microsoft revamped this month.According to data published last month by LANDesk and refreshed by Computerworld with October's numbers, Windows 10 cumulative updates for the three versions of the new OS have surged in size.Updates for Windows 10 version 1507 -- the debut that launched in July 2015 -- have grown 153% (for the 32-bit edition) and 181% (64-bit), from 184MB and 368MB to 466MB and 1,034MB (or over a gigabyte), respectively, in just over a year.Those for version 1511 -- Windows 10's first "feature update," issued in November 2015 -- exploded in comparison: The first 64-bit 1511 update was 49MB, but the cumulative update released earlier this month was a whopping 989MB, for a growth rate of 1,918% in under 12 months.To read this article in full or to leave a comment, please click here

Stupid encryption mistakes criminals make

Writing secure code can be challenging, and implementing cryptography correctly in software is just plain hard. Even experienced developers can get tripped up. And if your goal is to swindle people quickly, not to wow them with the quality of your software, there are sure to be serious crypto mistakes in your code.Malware authors may provide significant lessons in how not to implement cryptography. Such was the upshot of research by Check Point’s Yaniv Balmas and Ben Herzog at the recent Virus Bulletin conference in Denver. Malware authors may be more likely to insert crypto doozies in their code than developers working on legitimate software because they may not care as much about code quality or design, said Balmas and Herzog. These criminals are focused on getting a product that does enough to satisfy their immediate requirements -- and no more.To read this article in full or to leave a comment, please click here

Apple Pay at two years: Not much to celebrate (yet)

Apple Pay marks its two-year anniversary this week, and while it supposedly helped spark a revolution for in-store mobile payments, there's not much celebrating by Apple or its payments rivals. While Apple, Samsung Pay, Android Pay and many others keep adding users, the rate of adoption is far below what was expected when Apple Pay arrived on Oct. 20, 2014. More worrisome is the low repeat-user rate. Many consumers will sign up for a payment app and try it out with contactless technology like Near Field Communications (NFC) on a smartphone once to buy something in a store. After that, many don't bother to do it a second time, because it is just too easy to use a credit or debit card -- or even cash, according to a recent survey.To read this article in full or to leave a comment, please click here

10 PC programs Windows 10 renders obsolete

Pedal to the metalImage by ThinkstockFor as long as Windows has existed, third-party programs have sprouted up to fix its most glaring headaches and omissions—only to be eventually squashed when Microsoft corrected course. Several of those programs, from PDF readers to ISO mounting tools to file management boosters, became unnecessary when Windows 8 rolled out. But Microsoft’s relentless axe didn’t stop there.To read this article in full or to leave a comment, please click here

In three debates, H-1B visa untouched by Clinton and Trump

In three presidential debates, including the final one Wednesday night, the two candidates did not talk about the H-1B visa program. This was the last opportunity for Donald Trump and Hillary Clinton to compare and contrast what may be tech's most controversial issue.The portion of the debate set aside Wednesday night for immigration quickly shifted to a discussion about hacked emails and Kremlin meddling. Fox New anchor Chris Wallace may be criticized for allowing this portion of the debate to run off the rails, but the person who deserves the most blame is Trump, the Republican nominee.Trump had everything to gain by raising the temporary visa issue and its use in offshore outsourcing. The tech industry has thrown its financial support behind Clinton, the Democratic nominee.To read this article in full or to leave a comment, please click here

The first things to do with your new Pixel phone

Pixel PerfectImage by Derek WalterIt’s finally here.The new Google Pixel is in your hands and ready to deliver on the promise of Google-designed smartphone bliss. There’s a lot to unpack, even if you’ve already been down the Nexus road before. Google has taken the integration of Android and hardware to a new level, and there are a lot of little features hiding just underneath the surfaceTo read this article in full or to leave a comment, please click here

Intel’s $1.4B antitrust verdict should be reviewed, top EU judge says

Intel's hope of recovering a record antitrust fine have improved with a recommendation from a top European Union judge on Thursday that the case be reviewed.The company paid the €1.06 billion (then US$1.4 billion) fine in 2009 after the European Commission found it guilty of abusing its dominant position in the market for x86 processors. Since then, it has been seeking to have the judgment overturned, first by the EU's General Court and then, since 2014, by the EU's highest legal authority, the Court of Justice.The CJEU heard that appeal in June, and now Advocate General Nils Wahl has issued his recommendation to the court. The opinions of the court's advocates general are not binding, but it often follows them.To read this article in full or to leave a comment, please click here

Here’s how Google is overhauling its cloud storage offerings

There are big changes afoot for Google Cloud Platform's storage offerings. On Thursday, the company announced a complete overhaul of the storage options available to customers, complete with new storage tiers and reduced pricing.Customers that need incredibly high availability storage can use Google's new fully managed Multi-Regional Cloud Storage service, which will replicate data across multiple Google Cloud data centers in different areas for high-uptime access. On the opposite end of the spectrum, the company also launched a new Coldline storage service that's designed for data accessed less than once a year like backups.The storage changes are part of Google’s overall pitch to capture businesses in a highly-competitive cloud market. Managed, multi-region storage will be helpful for customers who don’t want to worry about reliability, and the new Coldline storage will help GCP compete with other cold storage offerings like Amazon Glacier.To read this article in full or to leave a comment, please click here

Do You Use SSL between Load Balancers and Servers?

One of my readers sent me this question:

Using SSL over the Internet is a must when dealing with sensitive data. What about SSL between data center components (frontend load-balancers and backend web servers for example)? Does it make sense to you? Can the question be summarized as "do I trust my Datacenter network team"? Or is there more at stake?

In the ideal world in which you’d have a totally reliable transport infrastructure the answer would be “There’s no need for SSL across that infrastructure”.