NetworkingNexus.net

Windows Secure Boot: Insecure by design and mostly likely can’t be fixed

Encryption backdoors don’t work; the latest proof of that was discovered by security researchers Slipstream and MY123. This time, the security flub-up involves “golden keys” which can unlock Windows devices allegedly protected by Secure Boot.The researchers sounded the alarm, saying Microsoft messed up and accidentally leaked the security key which is supposed to protect Windows devices from attackers as a box boots up. This same flaw could be used by the machine’s owner to jailbreak a locked box and run a different OS like Linux – anything really, so long as it is cryptographically signed.To read this article in full or to leave a comment, please click here

Melding Hyperscale And HPC To Reach Exascale

It is going to take a lot of different things to build an exascale system. One of them is money, and the other is a lot of good – and perhaps unconventional – ideas. It may also take more cooperation between the hyperscale and HPC communities, who both stand to benefit from the innovation.

As a professor of computer architectures at the University of Manchester, the director of technology and systems at chip designer ARM, and the founder of a company called Kaleao to create microservers that implement many of his architectural ideas, John Goodacre has some strong opinions about …

Melding Hyperscale And HPC To Reach Exascale was written by Timothy Prickett Morgan at The Next Platform.

Raspberry Pi roundup: Keys to Pi foundry changing hands; Pi in the ocean, sky

One reason the Raspberry Pi’s runaway success has been a fun story to cover is that it’s very non-corporate – there’s relatively little branding silliness or careful PR stage management involved, and journalists like me instead get to write about an inventive little tool that is letting normal people around the world accomplish interesting and creative things.Yet the business side does, occasionally, rear its ugly head – late last month, U.S.-based electronics vendor Avnet purchased Premier Farnell, one of two licensed manufacturers of the Raspberry Pi, for about $900 million.+ ALSO ON NETWORK WORLD: How a 96-year-old company modernized its infrastructure by embracing innovation | Oracle says it didn’t ask employee to cook cloud accounts+To read this article in full or to leave a comment, please click here

DC Fabric Segment Routing Use Case (3)

In the second post in this series, we considered the use of IGP-Prefix segments to carry a flow along a specific path in a data center fabric. Specifically, we looked at pulling the green flow in this diagram—

—along the path [A,F,G,D,E]. Let’s assume this single flow is an elephant flow that we’re trying to separate out from the rest of the traffic crossing the fabric. So—we’ve pulled the elephant flow onto its own path, but this still leaves other flows to simple ECMP forwarding through the fabric. This means some number of other flows are still going to follow the [A,F,G,D,E] path. The flows that are randomly selected (or selected by the ECMP has) to follow the same path as the elephant flow are still going to contend with the elephant flow for queue space, etc.

So we need more than just a way to pull an elephant flow onto a specific path. In fact, we also need a way to pull a specific set of flows off a particular path in the ECMP set. Returning to our diagram, assume we want all the traffic other than the elephant flow to be load shared between H and B, and Continue reading

Using Machine Learning To Extend Life Of Flash Storage

New paper says machine learning will extend the life cycle of flash memory, which experiences "cell wear" with repeated use.

Nervana CEO on Intel Acquisition, Future Technology Outlook

Following yesterday’s acquisition of deep learning chip startup Nervana Systems by Intel, we talked with the company’s CEO, Naveen Rao, about what plans are for both the forthcoming hardware and internally developed Neon software stack now that the technology is under a much broader umbrella.

Media outlets yesterday reported the acquisition was $350 million, but Rao tells The Next Platform it was not reported correctly and is actually more than that. He was not allowed to state the actual amount but said it was quite a bit higher than the figure given yesterday.

Nervana had been seeking a way to …

Nervana CEO on Intel Acquisition, Future Technology Outlook was written by Nicole Hemsoth at The Next Platform.

Docker Online Meetup # 41: Docker Captains Share their Tips and Tricks for Built In Docker Orchestration

It’s been nearly two weeks since Docker released Docker 1.12 as generally available for production environments, introducing a number of new features and concepts to the Docker project. Our #DockerCaptain team has already started to dig in and share their learnings with the community via blog posts, talks and peer-to-peer help. Docker Captains are technology experts who have been awarded the distinction of being a Docker Captain in part because of their passion for sharing their Docker knowledge with others. So, we’ve invited three of our Docker Captains to speak at the next Docker Online Meetup on August 31st and share their tips and tricks for using Docker 1.12. Continue reading

Disable WPAD now or have your accounts and private data compromised

The Web Proxy Auto-Discovery Protocol (WPAD), enabled by default on Windows and supported by other operating systems, can expose computer users' online accounts, web searches, and other private data, security researchers warn.Man-in-the-middle attackers can abuse the WPAD protocol to hijack people's online accounts and steal their sensitive information even when they access websites over encrypted HTTPS or VPN connections, said Alex Chapman and Paul Stone, researchers with U.K.-based Context Information Security, during the DEF CON security conference this week.WPAD is a protocol, developed in 1999 by people from Microsoft and other technology companies, that allows computers to automatically discover which web proxy they should use. The proxy is defined in a JavaScript file called a proxy auto-config (PAC) file.To read this article in full or to leave a comment, please click here

Disable WPAD now or have your accounts and private data compromised

Worth Reading: Exploiting man in the middle against HTTPS

A key guarantee provided by HTTPS encryption is that the addresses of visited websites aren’t visible to attackers who may be monitoring an end user’s network traffic. Now, researchers have devised an attack that breaks this protection. The attack can be carried out by operators of just about any type of network, including public Wi-Fi networks, which arguably are the places where Web surfers need HTTPS the most. It works by abusing a feature known as WPAD—short for Web Proxy Autodisovery—in a way that exposes certain browser requests to attacker-controlled code. —ARS Technica

The post Worth Reading: Exploiting man in the middle against HTTPS appeared first on 'net work.

Four things to consider before upgrading your data center net to 25G

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.Hyperscale public cloud providers and social media giants have already made the jump to 40Gbps Ethernet for their server and storage connectivity for lower total cost of ownership (TCO) and operational efficiency, and now they are migrating to 50 and 100Gbps Ethernet.Forward thinking enterprises are looking at these hyperscale giants and trying to understand how to achieve Webscale IT efficiencies on an enterprise scale IT budget. Rather than bolting from 10Gbps server connectivity straight to 100Gbps, many are considering 25Gbps as an affordable and less disruptive step that will still provide significant performance improvements.To read this article in full or to leave a comment, please click here

Four things to consider before upgrading your data center net to 25G

IDG Contributor Network: Measure cloud performance like a customer

When businesses hire outside contractors for a job, they always try to ensure that there are clear measures of whether the contractor is doing the job. Whether it be expanding office space, ensuring the office is cleaned regularly, having the bookkeeping up to date or reviewing HR procedures, any sound management decision always depends on independently measurable performance goals. Otherwise, you're just hiring someone with the conditions, "It's OK, we trust you."+ Also on Network World: Measurement is key to cloud success +To read this article in full or to leave a comment, please click here

Stuff The Internet Says On Scalability For August 12th, 2016

Hey, it's HighScalability time:

The big middle finger to the Olympic Committee. They pulled this video of the incredibly beautiful Olympic cauldron at Rio.

If you like this sort of Stuff then please support me on Patreon.

25 years ago: the first website went online; $236M: Pokemon Go revenue in 5 weeks in 3 countriesSeveral thousand: work on Apple maps; 2500 Nimitz Carriers: weight of iPhone if implemented using tube transistors; $50 trillion: cost of iPhone in 1950, economic output of the world in your hand; 1000x: faster phase-change RAM; 15lbs: Americans heavier than 20 years ago; 2 years: for hacking the IRS; 3.6PB: hypothetical storage pod based on 60 TB SSD; 330,000: cash registers hacked; 162%: increased love for electric cars in China;

Quotable Quotes:
- @carllerche: it is hard to imagine how a node app could get closer to the metal with only 20MM LOC between the app and the hardware.
- David Heinemeier Hansson (RoR)~ Lots and lots of huge systems that are running the gosh darn Internet are built by remote people operating asynchronously. You don't think that's good enough for your little Continue reading

IDG Contributor Network: Computers to diagnose supervisors’ emotions, fatigue

Will we be able to take a nap behind the wheel of a future autonomous car? Probably not. Autopilots and other automated machinery require forms of human-operator supervision.Autonomy, for example, is dependent on chips and sensors, such as GPS for position and magnometers for directional bearing, among others. That tech, at least in the near-term, has to be monitored by humans in real time in case the sensors become glitchy.+ Also on Network World: Self-driving warehouse robots give Giant Eagle a lift +To read this article in full or to leave a comment, please click here

Notes from the 2016 Ansible Community Survey

We recently ran the 2016 version of our Ansible Community Survey. This is a survey of Ansible users and community members, regarding how they're using Ansible in their environments. We thought it would be useful to share some of the aggregate results. (As we did not ask for permission to distribute individual responses, we cannot make the raw data public.)

We had over 1,600 survey respondents, up from 1,300 when we last ran the survey in March of 2015.

How long have you been using Ansible?
Answer Options		Response Percent
A month or less		7.8%
1-2 months		7.3%
2-6 months		18.8%
6-12 months		18.6%
over a year		47.4%
number of respondents		1,625

Ansible continues to grow more veteran users - when surveyed in 2015, only 30% of respondents had used Ansible for more than a year.

What version(s) of Ansible are you currently running?
Answer Options		Response Percent
pre-1.9.x		5.0%
1.9.x		27.8%
2.0.x		41.6%
2.1.x		51.4%
2.2/development		6.7%
number of respondents		1,623

Note that respondents could pick multiple versions. All told, 80% of respondents have at least some usage of Ansible 2. Continue reading

When dolphins attack… iPads

It's for times like this that you really wish Apple would waterproof its iPads (and iPhones). Don't be surprised if a competitor works out something with the video creator here to use this footage of a dolphin snagging a women's iPad at SeaWorld Orlando in a marketing campaign... In case you didn't know, animals have quite a long track record of playing with iPads. This includes everything from penguins...to cats...To read this article in full or to leave a comment, please click here

How to prevent millennials from burning out at work

Millennials have been typecast as lazy, entitled and unwilling to work -- but the rate at which these young professionals burn out suggests otherwise. According to the American Psychology Association, 39 percent of millennials say their stress increased last year, 52 percent report lying awake at night from stress at some point in the past month and 44 percent report feeling irritability or anger because of their stress.James Goodnow, attorney at Fennemore Craig, P.C., dubbed "America's Techiest Lawyer," is known for his quick rise in the business world as a millennial. He's spoken extensively on the topic of millennials at work, and has insights into why this generation is burning out. Goodnow says he sees a trend with millennials where they're simply "driven by different goals than workers from other generations."To read this article in full or to leave a comment, please click here

How underemployment contributes to the STEM skills gap

While unemployment remains low, underemployment is a severely underrated problem in today's economy, and it's contributing to the IT skills gap across the board, according to a new report from cloud compensation and benchmarking services provider PayScale.The report, The War on the American Worker: The Underemployed, surveyed 962,956 U.S. workers between March 26, 2014 and March 26, 2016, and found that almost half, 46 percent, of workers feel they are underemployed, which PayScale defines as working part-time when you'd rather be working full-time, or not using your education and training in your current role.To read this article in full or to leave a comment, please click here

« Previous 1 … 2,706 2,707 2,708 2,709 2,710 … 3,792 Next »