NYT says Moscow bureau was targeted by cyberattack

The Moscow bureau of The New York Times was the target of a cyberattack, though there are no indications yet that the hackers were successful, according to the newspaper.The hackers are believed to be Russian, the newspaper said Tuesday evening. It quoted a spokeswoman for the newspaper as saying that it had not hired outside firms to investigate the attempted breach.Earlier in the day, CNN reported that the FBI and other U.S. security agencies were investigating attacks by hackers, thought to be working for Russian intelligence, that targeted reporters at the New York Times and other U.S. news organizations. CNN quoted unnamed U.S. officials briefed on the matter.To read this article in full or to leave a comment, please click here

NYT says Moscow bureau was targeted by cyberattack

The Moscow bureau of The New York Times was the target of a cyberattack, though there are no indications yet that the hackers were successful, according to the newspaper.The hackers are believed to be Russian, the newspaper said Tuesday evening. It quoted a spokeswoman for the newspaper as saying that it had not hired outside firms to investigate the attempted breach.Earlier in the day, CNN reported that the FBI and other U.S. security agencies were investigating attacks by hackers, thought to be working for Russian intelligence, that targeted reporters at the New York Times and other U.S. news organizations. CNN quoted unnamed U.S. officials briefed on the matter.To read this article in full or to leave a comment, please click here

Open source 25-core chip can be stringed into a 200,000-core computer

Researchers want to give a 25-core open-source processor called Piton some serious bite. The developers of the chip at Princeton University have in mind a 200,000-core computer crammed with 8,000 64-bit Piton chips. It won't happen anytime soon, but that's one possible usage scenario for Piton. The chip is designed to be flexible and quickly scalable, and will have to ensure the giant collection of cores are in sync when processing applications in parallel. Details about Piton were provided at the Hot Chips conference this week. The goal was to design a chip that could be used in large data centers that handle social networking requests, search and cloud services. The response time in social networking and search is tied to the horsepower of servers in data centers.To read this article in full or to leave a comment, please click here

MIT is dragging hard-wired network chips into the agile era

Cloud computing is changing the demands on networks more quickly than ever. Now researchers say it’s possible to program routers all the way down to their packet-forwarding chips in the quest to keep up.Researchers from the Massachusetts Institute of Technology and five other organizations have found a way to make data-center routers more programmable without making them slower. This could allow enterprises to take advantage of new traffic and congestion management algorithms without replacing their routers.The project takes SDN (software-defined networking) beyond the control plane, where things like configuration are handled, and into the data plane that actually forwards packets. Now programmers can change how the network decides which packets to send and which to keep in a buffer, for example. Eventually, that might mean deploying networks with fewer routers.To read this article in full or to leave a comment, please click here

MIT is dragging hard-wired network chips into the agile era

Cloud computing is changing the demands on networks more quickly than ever. Now researchers say it’s possible to program routers all the way down to their packet-forwarding chips in the quest to keep up.Researchers from the Massachusetts Institute of Technology and five other organizations have found a way to make data-center routers more programmable without making them slower. This could allow enterprises to take advantage of new traffic and congestion management algorithms without replacing their routers.The project takes SDN (software-defined networking) beyond the control plane, where things like configuration are handled, and into the data plane that actually forwards packets. Now programmers can change how the network decides which packets to send and which to keep in a buffer, for example. Eventually, that might mean deploying networks with fewer routers.To read this article in full or to leave a comment, please click here

The Always On Architecture – Moving Beyond Legacy Disaster Recovery

Failover does not cut it anymore. You need an ALWAYS ON architecture with multiple data centers.
-- Martin Van Ryswyk, VP of Engineering at DataStax

Failover, switching to a redundant or standby system when a component fails, has a long and checkered history as a way of dealing with failure. The reason is your failover mechanism becomes a single point of failure that often fails just when it's needed most. Having worked on a few telecom systems that used a failover strategy I know exactly how stressful failover events can be and how stupid you feel when your failover fails. If you have a double or triple fault in your system failover is exactly the time when it will happen. 

For a long time the only real trick we had for achieving fault tolerance was to have a hot, warm, or cold standby (disk, interface, card, server, router, generator, datacenter, etc.) and failover to it when there's a problem. This old style of Disaster Recovery planning is no longer adequate or necessary.

Now, thanks to cloud infrastructures, at least at a software system level, we have an alternative: an always on architecture. Google calls this a Continue reading

62% off MovieSherlock Pro Video Downloader for Mac – Deal Alert

MovieSherlock converts the videos you download to MP4 and MP3 formats, all saved in high-definition native video format at 1080P/780P quality. So you can download your video 15 times faster than real time, perfect for stockpiling hours of HD video for later viewing.This MovieSherlock Pro Video Downloader program is currently 62% off, and iIf you’re a movie buff, MovieSherlock Pro Video Downloader for Mac is about to be your new best friend. The software lets you download videos from nearly any website, including both YouTube and Hulu.  See it now for $15 for a limited time only.To read this article in full or to leave a comment, please click here

Ashley Madison misled users with a fake security award

It’s never a good sign when a website markets itself with a phony security award. But that’s what Ashley Madison did prior to last year’s massive data breach.On Monday, privacy officials in Canada and Australia found that the Canadian adultery website used deceptive and confusing practices to make customers think the service was secure.Privacy authorities from both countries have been investigating Ashley Madison following last year’s hack, which exposed personal data on 36 million users, including names, credit card numbers, and in some cases, their sexual fantasies. To read this article in full or to leave a comment, please click here

Ashley Madison misled users with a fake security award

It’s never a good sign when a website markets itself with a phony security award. But that’s what Ashley Madison did prior to last year’s massive data breach.On Monday, privacy officials in Canada and Australia found that the Canadian adultery website used deceptive and confusing practices to make customers think the service was secure.Privacy authorities from both countries have been investigating Ashley Madison following last year’s hack, which exposed personal data on 36 million users, including names, credit card numbers, and in some cases, their sexual fantasies. To read this article in full or to leave a comment, please click here

FPGA Based Deep Learning Accelerators Take on ASICs

Over the last couple of years, the idea that the most efficient and high performance way to accelerate deep learning training and inference is with a custom ASIC—something designed to fit the specific needs of modern frameworks.

While this idea has racked up major mileage, especially recently with the acquisition of Nervana Systems by Intel (and competitive efforts from Wave Computing and a handful of other deep learning chip startups), yet another startup is challenging the idea that a custom ASIC is the smart, cost-effective path.

The argument is a simple one; deep learning frameworks are not unified, they are

FPGA Based Deep Learning Accelerators Take on ASICs was written by Nicole Hemsoth at The Next Platform.

Amped Wireless goes mesh with Ally brand

The wireless mesh wave is in high gear now. Just a day after Netgear announced its new wireless mesh-based home Wi-Fi system (Orbi), Amped Wireless today announced that pre-orders were now open for its system, the ALLY Wi-Fi System.The system is a wireless mesh system (Amped Wireless calls it a “seamless roaming solution”) that includes MU-MIMO technology, AC1900 Wi-Fi (802.11ac) and a mobile app for setup and network monitoring purposes. Customers can buy one unit (aka the ‘router’) for $199.99, or buy a two-unit system (with a ‘router’ and ‘extender’, branded ALLY Plus) for $379.99. Amped Wireless says the units will ship in early October. The two units are pre-paired and labeled as a router and extender, similar to the Netgear Orbi system. This is different from systems by eero and Luma, which are identical units that then become routers or extenders based on placement during the setup process.To read this article in full or to leave a comment, please click here

Android is switching to a regular maintenance schedule for more predictable updates

Minor tweaks and bug fixes aren’t new for Android updates, but Google wants to make the process far less haphazard. A post on the Android Developers Blog details that Google is moving to a regular maintenance schedule “over the coming quarters,” with an eye towards a predictable process and more feedback from developers.Vice president of engineering Dave Burke said Google has already started work on some issues that are on the list and will transition to a new schedule in the coming months. Just as it did with the Android N Preview, updates will come first to a Dev Preview before they’re sent out to everyone else. You’ll be able to download and flash the latest preview to try it out in advance of a final release.To read this article in full or to leave a comment, please click here

IDG Contributor Network: SimpliVity delivers use case-focused hyperconverged solutions

SimpliVity is a vendor in the hyperconverged infrastructure market. What that means in plain English is that SimpliVity offers a product that is both hardware and software. Essentially it's about specific software tailored to the infrastructure on what it sits. The hyperconverged space is a busy one with several vendors all trying to justify their existence and differentiate themselves from the commodity way the large webscale vendors think about their infrastructure. The continuum is very stark. On one end lies Google, Facebook, et al., which consider physical servers to be replaceable, generic items that they think little about, focusing instead on the software that sits on top of them. At the other end, lies vendors such as HP, VMware and SimpliVity, which articulate the extra value that comes from converging hardware with software.To read this article in full or to leave a comment, please click here

iPhone 8 may feature a curved OLED display

Based on no shortage of product leaks and rumblings from the rumor mill, the iPhone 7 design will in large part be similar to what we've already seen on Apple's iPhone 6 and 6s models. In fact, there will likely be only two minor design changes on Apple's next-gen iPhone: the removal of the standard 3.5mm headphone jack and the migration of the iPhone's antenna lines from the back to the side of the device.In turn, it's only natural that some industry analysts have expressed concern that the current iPhone design is getting a little bit long in the tooth. Compounding matters is the fact that surveys have suggested that current iPhone owners would be more inclined to upgrade with a completely new design as opposed to the standard introduction of improved internals.To read this article in full or to leave a comment, please click here

Securing the Enterprise Software Supply Chain Using Docker

At Docker we have spent a lot of time discussing runtime security and isolation as a core part of the container architecture. However that is just one aspect of the total software pipeline. Instead of a one time flag or setting, we need to approach security as something that occurs at every stage of the application lifecycle. Organizations must apply security as a core part of the software supply chain where people, code and infrastructure are constantly moving, changing and interacting with each other.

If you consider a physical product like a phone, it’s not enough to think about the security of the end product. Beyond the decision of what kind of theft resistant packaging to use, you might want to know  where the materials are sourced from and how they are assembled, packaged, transported. Additionally it is important to ensure that  the phone is not tampered with or stolen along the way.

Software Supply Chain

The software supply chain maps almost identically to the supply chain for a physical product. You have to be able to identify and trust the raw materials (code, dependencies, packages), assemble them together, ship them by sea, land, or air (network) to a store (repository) so the item Continue reading

How Virtualization Will Transform Security Architectures: Spotlight at #VMworld U.S. 2016

It’s clear today that security is at a crossroads, and we are losing the cybersecurity war. VMware’s SVP of Security Products Tom Corn explained to me recently, “There are no objective measures we can credibly point to which suggest we are – in any way – succeeding as we battle to protect systems and data.”

Register for this VMworld 2016 session to learn about the transformation of security architecture

One of the biggest problems, he points out, is that Cyberwarfare is an asymmetric battle: an attacker fires a thousand bullets and only one needs to get thru. Defenders need to stop all 1,000. So what are we doing to address this challenge?

We don’t appear to have an issue with how much we spend, or that there is a lack of security innovation. We are spending at record levels, and security innovation is at an all time high.

At the heart of the issue is an architectural gap – between the applications and data we are trying to protect, and the infrastructure from which we are trying to protect them. Virtualization could be the key to solving this problem — enabling security to be architected-in, rather than bolted on.  Continue reading

Your Software is Safer in Docker Containers

The Docker security philosophy is Secure by Default. Meaning security should be inherent in the platform for all applications and not a separate solution that needs to be deployed, configured and integrated.

Today, Docker Engine supports all of the isolation features available in the Linux kernel. Not only that, but we’ve supported a simple user experience by implementing default configurations that provide greater protection for applications running within the Docker Engine, making strong security default for all containerized applications while still leaving the controls with the admin to change configurations and policies as needed.

But don’t take our word for it.  Two independent groups have evaluated Docker Engine for you and recently released statements about the inherent security value of Docker.

Gartner analyst Joerg Fritsch recently published a new paper titled How to Secure Docker Containers in Operation on this blog post.  In it Fritsch states the following:

“Gartner asserts that applications deployed in containers are more secure than applications deployed on the bare OS” because even if a container is cracked “they greatly limit the damage of a successful compromise because applications and users are isolated on a per-container basis so that they cannot compromise other containers or the host OS”.

Additionally, NCC Group contrasted the security Continue reading