IDG Contributor Network: Data breaches: This time it’s more personal

Summer 2016 was not a good time for data breaches.First, news broke that the Democratic National Committee was hacked, leading to the resignation of DNC Chair Debbie Wasserman Schultz and driving a wedge between Democratic Party members.Later, the World Anti-Doping Agency (WADA) announced that Russian hackers had illegally accessed its Anti-Doping Administration and Management System (ADAMS) database, leaking confidential medical information for U.S. athletes, including Simone Biles and Serena Williams.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Data breaches: This time it’s more personal

Summer 2016 was not a good time for data breaches.First, news broke that the Democratic National Committee was hacked, leading to the resignation of DNC Chair Debbie Wasserman Schultz and driving a wedge between Democratic Party members.Later, the World Anti-Doping Agency (WADA) announced that Russian hackers had illegally accessed its Anti-Doping Administration and Management System (ADAMS) database, leaking confidential medical information for U.S. athletes, including Simone Biles and Serena Williams.To read this article in full or to leave a comment, please click here

Can I2RS Keep Up? (I2RS Performance)

What about I2RS performance?

The first post in this series provides a basic overview of I2RS; there I used a simple diagram to illustrate how I2RS interacts with the RIB—

rib-fib-remote-proxy

One question that comes to mind when looking at a data flow like this (or rather should come to mind!) is what kind of performance this setup will provide. Before diving into the answer to this question, though, perhaps it’s important to ask a different question—what kind of performance do you really need? There are (at least) two distinct performance profiles in routing—the time it takes to initially start up a routing peer, and the time it takes to converge on a single topology and/or route change. In reality, this second profile can be further broken down into multiple profiles (with or without an equal cost path, with or without a loop free alternate, etc.), but for our purposes I’ll just deal with the two broad categories here.

If your first instinct is to say that initial convergence time doesn’t matter, go back and review the recent Delta Airlines outage carefully. If you are still not convinced initial convergence time matters, go back and reread what you can Continue reading

TLS 1.3 gets early adoption boost through CloudFlare

Website security and performance vendor CloudFlare has made the newest version of the TLS secure communications protocol available to all of its customers.The TLS (Transport Layer Security) 1.3 specification is yet to be finalized by the Internet Engineering Task Force (IETF), the body that develops internet standards. However, the protocol is already supported in beta versions of Google Chrome and Mozilla Firefox, and it's being hailed as an important step forward in securing internet communications.TLS 1.3 removes some cryptographic algorithms present in TLS 1.2 that are known to be vulnerable. This makes it easier for server administrators to deploy secure-by-default HTTPS configurations. HTTPS (HTTP Secure) is a mix between HTTP and TLS.To read this article in full or to leave a comment, please click here

TLS 1.3 gets early adoption boost through CloudFlare

Website security and performance vendor CloudFlare has made the newest version of the TLS secure communications protocol available to all of its customers.The TLS (Transport Layer Security) 1.3 specification is yet to be finalized by the Internet Engineering Task Force (IETF), the body that develops internet standards. However, the protocol is already supported in beta versions of Google Chrome and Mozilla Firefox, and it's being hailed as an important step forward in securing internet communications.TLS 1.3 removes some cryptographic algorithms present in TLS 1.2 that are known to be vulnerable. This makes it easier for server administrators to deploy secure-by-default HTTPS configurations. HTTPS (HTTP Secure) is a mix between HTTP and TLS.To read this article in full or to leave a comment, please click here

Stanford researchers invent tech workaround to net neutrality fights

Engineers at Stanford University have invented a new technology that would give broadband customers more control over their pipes and, they say, possibly put an end to a stale net neutrality debate in the U.S.The new technology, called Network Cookies, would allow broadband customers to decide which parts of their network traffic get priority delivery and which parts are less time sensitive. A broadband customer could then decide video from Netflix should get preferential treatment over email messages, for example.The technology could put an end to the current net neutrality debate focused on whether broadband providers are allowed to prioritize some network traffic and block or degrade other traffic, said the researchers, Professors Nick McKeown and Sachin Katti and electrical engineering grad student Yiannis Yiakoumis.To read this article in full or to leave a comment, please click here

Stanford researchers invent tech workaround to net neutrality fights

Engineers at Stanford University have invented a new technology that would give broadband customers more control over their pipes and, they say, possibly put an end to a stale net neutrality debate in the U.S.The new technology, called Network Cookies, would allow broadband customers to decide which parts of their network traffic get priority delivery and which parts are less time sensitive. A broadband customer could then decide video from Netflix should get preferential treatment over email messages, for example.The technology could put an end to the current net neutrality debate focused on whether broadband providers are allowed to prioritize some network traffic and block or degrade other traffic, said the researchers, Professors Nick McKeown and Sachin Katti and electrical engineering grad student Yiannis Yiakoumis.To read this article in full or to leave a comment, please click here

What to expect from Google’s big Oct. 4 hardware event

Get ready for a Google hardware-palooza.The company is set to not only unveil a pair of smartphones during its just-announced Oct. 4 event in San Francisco, but we also may also see some other gear that will surely make it onto the holiday wish list of anyone that’s a fan of Google services.The story behind the story: Late Monday, the company sent out a press invite and a playful tweet that takes you to a not-so-subtle teaser site. It’s clearly a phone and the URL of madeby.google.com tells us that instead of this being just another Nexus partnership, Google is more fully in control of its latest smartphones. To read this article in full or to leave a comment, please click here

SanDisk reveals world’s first 1TB SD card

SanDisk today showcased its upcoming 1TB SDXC card prototype at a European trade show for photo and video professionals."There is no definitive timing for availability as of now," a company spokesperson said in an email to Computerworld. "Western Digital plans to monitor industry trends and demands, and introduce the card in retail accordingly. Price would depend on market conditions at the time it’s released." Amazon SanDisk's current 512GB SD card retails for $345.77 on Amazon.com.To read this article in full or to leave a comment, please click here

Cisco CEO: Spin-in technologies aren’t dead at Cisco

The spin-in culture that developed some major innovations and once shaped a ton of advanced technologies at Cisco isn’t dead but it sure is unrecognizable.That’s because the notions of innovation and developing new ways of bringing cutting-edge technology to the networking arena at least from Cisco has changed.+More on Network World: Cisco unearths its inner startup culture via companywide innovation contest; Cisco names winners of Innovate Everywhere Challenge+ To read this article in full or to leave a comment, please click here

Cisco CEO: Spin-in technologies aren’t dead at Cisco

The spin-in culture that developed some major innovations and once shaped a ton of advanced technologies at Cisco isn’t dead but it sure is unrecognizable.That’s because the notions of innovation and developing new ways of bringing cutting-edge technology to the networking arena at least from Cisco has changed.+More on Network World: Cisco unearths its inner startup culture via companywide innovation contest; Cisco names winners of Innovate Everywhere Challenge+ To read this article in full or to leave a comment, please click here

Data hoarding site represents the dark side of data breach monitoring

A site that's been warning the public about data breaches might actually be doing more harm than good.Enter LeakedSource, a giant repository online that can potentially make hacking easier. Your email address and the associated Internet accounts -- including the passwords -- is probably in it.In fact, the giant repository is made up of stolen databases taken from LinkedIn, Myspace, Dropbox, and thousands of other sites. It bills itself as a data breach monitoring site and for months now, it's been collecting details on hacks, both old and new, and alerting the media about them.To read this article in full or to leave a comment, please click here

Data hoarding site represents the dark side of data breach monitoring

A site that's been warning the public about data breaches might actually be doing more harm than good.Enter LeakedSource, a giant repository online that can potentially make hacking easier. Your email address and the associated Internet accounts -- including the passwords -- is probably in it.In fact, the giant repository is made up of stolen databases taken from LinkedIn, Myspace, Dropbox, and thousands of other sites. It bills itself as a data breach monitoring site and for months now, it's been collecting details on hacks, both old and new, and alerting the media about them.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Zuznow (who?) offers a Siri-like tool for developers

Zuznow is a little-known vendor that offers a mobile development platform. Essentially Zuznow is focused on enabling businesses, even those businesses without technical development resource on staff, to create mobile applications. It’s a busy space, and it's getting busier—large vendors (Salesforce, BMC), smaller vendors (Caspio, Mendix) and standalone mobile application development platforms (Xamarin) are all trying to solve this problem.+ Also on Network World: Will companies trust their communications to AI chatbots? + Zuznow wants to steal a march on the opposition with the introduction of its intelligent voice assistant. The tool can be thought of as a plug-and-play Siri. Indeed Zuznow has even called the offering Susie, as an homage of Apple’s Siri voice assistant. Zuznow promises that it is delivering the world's first intelligent assistant plugin that brings voice-control and chatbots to any enterprise mobile app within hours. To read this article in full or to leave a comment, please click here

BackConnect’s Suspicious BGP Hijacks

Earlier this month, security blogger Brian Krebs broke a story about an Israeli DDoS-for-hire service, vDOS, which had been hacked, revealing “tens of thousands of paying customers and their (DDoS) targets.”  Afterwards, Krebs noticed that vDOS itself was also a victim of a recent BGP hijack from a company called BackConnect, which claims to be the “world’s first and leading open source based DDoS and network security provider.”

Bryant Townsend, CEO of BackConnect, confirmed to Krebs that they had indeed conducted a BGP hijack on vDOS, but claimed that it was for “defensive purposes.”  In an email to the NANOG list, Townsend explained that in doing so they “were able to collect intelligence on the actors behind the botnet as well as identify the attack servers used by the booter service,” implying this was a one-time event.  Krebs then contacted Dyn for some assistance in researching what appeared to be a series of BGP hijacks conducted by BackConnect over the past year.  What emerges from this analysis is that the hijack against vDOS probably wasn’t the first time BackConnect used BGP hijacks in the course of its business.  And via the use of Continue reading

BrandPost: Driven to Connect

Businesses large and small are under the gun to satisfy network access for varied constituencies: not only centralized and remote workers, but outsiders ranging from consumers to partners. Typically, that means supporting multiple access technologies such as a secure virtual private network (VPN) and any number of Wi-Fi guest access devices.Businesses typically have spent years trying to catch up with the access needs of their workers. Larger firms may use a variety of networking technologies from high-performing carrier-based Multiprotocol Label Switching (MPLS) virtual private networks (VPNs), campus or metro Ethernet local area networks (LANs), and public internet VPNs. Smaller organizations are more likely inclined to the public internet options.To read this article in full or to leave a comment, please click here

Multi-site with Cross-VC NSX and Palo Alto Networks Security

In a prior post, Multi-site with Cross-VC NSX: Consistent Security and Micro-segmentation Across Sites, we discussed how Cross-VC NSX provides micro-segmentation and consistent security across multiple sites. We looked at five reasons to seriously consider Cross-VC NSX for a multi-site solution in terms of security alone: centralized management, consistent security across vCenter domains/sites, security policies follow the workload(s), ease of security automation across vCenter domains/sites, and enhanced disaster recovery use case. In this post, we’ll discuss how advanced third party security services can also be leveraged in a Cross-VC NSX environment. 

Prior Cross-VC NSX Blogs:
Multi-site with Cross-VC NSX: Consistent Security and Micro-segmentation Across Sites
Cross-VC NSX: Multi-site Deployments with Ease and Flexibility
NSX-V: Multi-site Options and Cross-VC NSX Design Guide
Enhanced Disaster Recovery with Cross-VC NSX and SRM
Cross-VC NSX for Multi-site Solutions

NSX provides a solid platform for security in general: inherent isolation via logical networks, micro-segmentation via distributed firewall, edge firewall capabilities, third party guest introspection services, third party network introspection services, and a robust security policy orchestration and automation framework.

With Cross-VC NSX, micro-segmentation and consistent security policies for workloads expands beyond a single vCenter boundary. Typically, customers who have multiple sites also have multiple vCenters – at least one vCenter Continue reading

Live Debugging Java in Docker – Just in time for JavaOne!

Developing Java web applications often requires that they can be deployed on multiple technology stacks. These typically include an application server and a database, but these components can vary from deployment to deployment. Building and managing multiple development stacks in a development environment can be a time consuming task often requiring unique configurations for each stack.

Docker can simplify the process of building and maintaining develop environments for Java web applications by building custom images that application developers can create on demand and use for development, testing and debugging applications. We have recently published a tutorial for building a Java web application using containers and three popular Java IDEs.  Docker enables developers to debug their code as it runs in containers. The tutorial covers setting up a debug session with an application server in Docker using IDEs that developers typically use such as Eclipse, IntelliJ IDEA and Netbeans. Developers can build the application, change code, and set breakpoints while the application is running in the container. The tutorials use a simple Spring MVC application to illustrate how use containers when developing Java applications

The tutorial is available on GitHub in our Docker Labs repository. These tutorials show you how to: