iPhone 7 and 7 Plus ship on Sept. 16 sans headphone jack

The rumors were true: Apple’s next-generation iPhones, the 7 and 7 Plus, traded the headphone jack for Lightning EarPods. What this means for you: Now there’s one port instead of two. The company is including Lightning-connected earpods with the iPhone 7 and 7 Plus. Apple is also including a Lightning to 3.5mm adapter in the box to avoid causing too much outrage over supporting non-Lightning headphones. iPhone 7 preorders start Sept. 9 and begin shipping Sept. 16.So why that lack of a jack?“It’s been with us for a really long time,” Apple marketing VP Phil Schiller said during Apple’s iPhone presentation on Wednesday. “It comes down to courage—courage to move on, do something new that betters all of us.”To read this article in full or to leave a comment, please click here

iOS 10: Everything you need to know about the iPhone and iPad update

iOS 10 deserves attentionImage by AppleThe iPhone 7 may have been the star of Apple’s media event earlier today, but the impending release of iOS 10 is worthy of attention in its own right. Packed with a number of compelling new features, iOS 10 should help iPhone owners with even older devices feel like they have a brand new smartphone. Apple last covered iOS 10 indepth at WWDC, so we thought we’d highlight some of the upcoming OS’ most exciting new features to help you refresh your memory. And for those curious, iOS 10 can run on devices as old as the iPhone 5 and the iPad Mini 2.To read this article in full or to leave a comment, please click here

US must beef up its cyber muscle, Trump says

The U.S. Department of Defense must pump up its cyber capabilities, including its offense, as part of a huge planned expansion of the military, Republican presidential candidate Donald Trump said Wednesday.Trump, repeatedly criticized in the IT community for a lack of a tech policy agenda, called for new investments in cybersecurity during a speech focused on military programs. The businessman didn't put a dollar figure on the new cybersecurity investments but mentioned them as part of a proposed multibillion-dollar expansion of the U.S. military.To read this article in full or to leave a comment, please click here

US must beef up its cyber muscle, Trump says

The U.S. Department of Defense must pump up its cyber capabilities, including its offense, as part of a huge planned expansion of the military, Republican presidential candidate Donald Trump said Wednesday.Trump, repeatedly criticized in the IT community for a lack of a tech policy agenda, called for new investments in cybersecurity during a speech focused on military programs. The businessman didn't put a dollar figure on the new cybersecurity investments but mentioned them as part of a proposed multibillion-dollar expansion of the U.S. military.To read this article in full or to leave a comment, please click here

Google just blew up its all-in strategy for productivity software

For a very long time, Google has focused on building its own productivity software to serve everyone from consumers to massive enterprises, and then locking people into its core experience. That all changed on Wednesday. The company announced that it's partnering with Box to let users of the enterprise cloud storage and content services platform edit documents with Google Docs, Sheets and Slides, but keep them stored inside Box. It's a vast departure from the company's previous direction, which required people to store files edited with Docs inside Google Drive. Google said that the company is working on turning its Docs productivity suite into an open platform, and is open to working with other storage providers in a similar way.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Building an insider threat program that works – Part I

The consequences of failure range from failed security audits and interruptions of service or product deliveries to more significant degradation of ongoing operations, monetary losses and lasting reputational damage. In extreme scenarios, there is even the potential for bodily injury and loss of life.In response, many corporate and government leaders have invested heavily over the past few years in controls designed to mitigate the likelihood and consequences of a damaging insider event. Policy and procedural controls naturally have played a big part in these nascent insider threat programs, but so have a number of emerging technologies grouped under the umbrella of Security Analytics.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Building an insider threat program that works – Part I

The consequences of failure range from failed security audits and interruptions of service or product deliveries to more significant degradation of ongoing operations, monetary losses and lasting reputational damage. In extreme scenarios, there is even the potential for bodily injury and loss of life.In response, many corporate and government leaders have invested heavily over the past few years in controls designed to mitigate the likelihood and consequences of a damaging insider event. Policy and procedural controls naturally have played a big part in these nascent insider threat programs, but so have a number of emerging technologies grouped under the umbrella of Security Analytics.To read this article in full or to leave a comment, please click here

Security firm faces lawsuit with stock tanking tactic

One security firm’s controversial approach to pointing out flaws in products is facing legal action. On Wednesday, the firm MedSec was hit with a lawsuit after trying to tank a company’s stock. The company, St. Jude Medical, has filed the legal action against MedSec for making false accusations about its products and for conspiring to manipulate its stock. Two weeks ago, MedSec ignited an ethical firestorm when it publicized allegations that pacemakers and other devices from St. Jude Medical were insecure and open to hacks. Pointing out flaws is nothing new in the security industry. But MedSec took the unusual step of trying to profit from the research by betting against St. Jude Medical. To do so, it partnered with investment firm Muddy Waters Capital to short the stock.To read this article in full or to leave a comment, please click here

Security firm faces lawsuit with stock tanking tactic

One security firm’s controversial approach to pointing out flaws in products is facing legal action. On Wednesday, the firm MedSec was hit with a lawsuit after trying to tank a company’s stock.The company, St. Jude Medical, has filed the legal action against MedSec for making false accusations about its products and for conspiring to manipulate its stock.Two weeks ago, MedSec ignited an ethical firestorm when it publicized allegations that pacemakers and other devices from St. Jude Medical were insecure and open to hacks.Pointing out flaws is nothing new in the security industry. But MedSec took the unusual step of trying to profit from the research by betting against St. Jude Medical. To do so, it partnered with investment firm Muddy Waters Capital to short the stock.To read this article in full or to leave a comment, please click here

Is Microsoft building a Slack killer?

A few months ago, rumors circulated that Microsoft considered buying the cloud-based team collaboration tool Slack for a generous $8 billion. Overpaying again, it seems, as Slack's last known valuation was $2.8 billion.Now it seems that Microsoft has decided to build rather than buy, using its own Skype messaging service as the basis for a new product. According to the site MSPoweruser, Microsoft is coming for the Slack market with a product called Skype Teams. To read this article in full or to leave a comment, please click here

DC Fabric Segment Routing Use Case (5)

In this, the last post on DC fabrics as a Segment Routing use case, I mostly want to tie up some final loose ends. I will probably return to SR in the future to discuss other ideas and technical details.

Anycast

Anyone who keeps up with LinkedIn knows anycast plays a major role in many parts of the infrastructure. This isn’t unique to LinkedIn, though; most DNS implementations and/or providers, as well as just about every large scale public facing web application, also uses anycast. Which leads to an obvious question—how would SR work with anycast? The answer turns out to be much simpler than it might appear. The small diagram below might be helpful—

anycast-01

Assume A and B have two copies of a single service running on them, and we want hosts behind F to use one service or the other, just depending on which the routing system happens to route towards first. This isn’t quite the classical case for anycast, as anycast normally involves choosing the closest service, and both of the services in this example are equal distance from the hosts—but this is going to be the case more often than not in a data center. In Continue reading

Half of network management systems vulnerable to injection attacks

Cross-site scripting and SQL injection attacks are well-known threats for public-facing Web applications, but internal systems can be attacked as well. For example, about half of network management systems studied had these vulnerabilities, according to a report released today.It all comes down to input validation, or lack of it, said Deral Heiland, research lead at Boston-based Rapid7, Inc. and one of the authors of the report.Network management systems are in regular communication with the devices on a company's network. But, because the communications are machine-to-machine people sometimes forget that the inputs still need to be checked to make sure there's nothing weird or malicious in there.To read this article in full or to leave a comment, please click here

Half of network management systems vulnerable to injection attacks

Cross-site scripting and SQL injection attacks are well-known threats for public-facing Web applications, but internal systems can be attacked as well. For example, about half of network management systems studied had these vulnerabilities, according to a report released today.It all comes down to input validation, or lack of it, said Deral Heiland, research lead at Boston-based Rapid7, Inc. and one of the authors of the report.Network management systems are in regular communication with the devices on a company's network. But, because the communications are machine-to-machine people sometimes forget that the inputs still need to be checked to make sure there's nothing weird or malicious in there.To read this article in full or to leave a comment, please click here

Half of network management systems vulnerable to injection attacks

Cross-site scripting and SQL injection attacks are well-known threats for public-facing Web applications, but internal systems can be attacked as well. For example, about half of network management systems studied had these vulnerabilities, according to a report released today.It all comes down to input validation, or lack of it, said Deral Heiland, research lead at Boston-based Rapid7, Inc. and one of the authors of the report.Network management systems are in regular communication with the devices on a company's network. But, because the communications are machine-to-machine people sometimes forget that the inputs still need to be checked to make sure there's nothing weird or malicious in there.To read this article in full or to leave a comment, please click here

The new Dell Technologies: 6 things you need to know

Dell and EMC have completed their US$67 billion merger to create Dell Technologies, the world's largest privately held technology company. It's a historic day, far from the PC company that sponsored the "Dude, I've bought a Dell" campaign.The new company will sell PCs, servers, storage, networking and software products. It has an impressive list of assets including Dell's PC and servers, EMC storage, VMWare, RSA, Wyse, Force10, and the Pivotal software and Boomi cloud services.Work has started for the autonomous units to work in unison, but there are also new priorities for the company. Here's what you need to know.Dell Technologies is thinking like Alphabet/Google Dell Technologies will be a mix of independent units tethered to each other. That's similar to Alphabet, which has a bunch of independent units led by Google working closely with each other. The Dell Technologies units will continue to function independently, but also work together to offer integrated products like hyperconverged systems that mix Dell's servers, EMC's storage, VMWare virtualization, and private-public cloud assets.To read this article in full or to leave a comment, please click here

IDG Contributor Network: HashiCorp slurps up cash to deliver DevOps goodness

Seemingly every company under the sun is now a DevOps leader—even ones that, while purporting to be about a new way of doing things, continue to market legacy, monolithic products and services.  So, it’s nice to see some genuine players achieve success and recognition in this space. A good example of this is HashiCorp—an important, but little-known DevOps vendor. The company manages a host of open-source tools, all of which tick of different parts of the application and infrastructure lifecycle. + Also on Network World: The shift to DevOps requires a new approach to security +To read this article in full or to leave a comment, please click here

IDG Contributor Network: HashiCorp slurps up cash to deliver DevOps goodness

Seemingly every company under the sun is now a DevOps leader—even ones that, while purporting to be about a new way of doing things, continue to market legacy, monolithic products and services.  So, it’s nice to see some genuine players achieve success and recognition in this space. A good example of this is HashiCorp—an important, but little-known DevOps vendor. The company manages a host of open-source tools, all of which tick of different parts of the application and infrastructure lifecycle. + Also on Network World: The shift to DevOps requires a new approach to security +To read this article in full or to leave a comment, please click here

1 2,685 2,686 2,687 2,688 2,689 3,837