Android is switching to a regular maintenance schedule for more predictable updates

Minor tweaks and bug fixes aren’t new for Android updates, but Google wants to make the process far less haphazard. A post on the Android Developers Blog details that Google is moving to a regular maintenance schedule “over the coming quarters,” with an eye towards a predictable process and more feedback from developers.Vice president of engineering Dave Burke said Google has already started work on some issues that are on the list and will transition to a new schedule in the coming months. Just as it did with the Android N Preview, updates will come first to a Dev Preview before they’re sent out to everyone else. You’ll be able to download and flash the latest preview to try it out in advance of a final release.To read this article in full or to leave a comment, please click here

Worth Reading: Photographing the Internet

Shuli Hallak photographs the Internet. And when we say she photographs it, we’re not just talking about cool pictures of wires (although those are in her portfolio) but entire worlds that are up and running right under our noses but remain invisible. Her work is helping to demystify the sometimes complicated language surrounding the open Internet and is building a new understanding of how important the open Internet is for people everywhere. —Internet Society

LinkedInTwitterGoogle+Facebook

The post Worth Reading: Photographing the Internet appeared first on 'net work.

IDG Contributor Network: SimpliVity delivers use case-focused hyperconverged solutions

SimpliVity is a vendor in the hyperconverged infrastructure market. What that means in plain English is that SimpliVity offers a product that is both hardware and software. Essentially it's about specific software tailored to the infrastructure on what it sits. The hyperconverged space is a busy one with several vendors all trying to justify their existence and differentiate themselves from the commodity way the large webscale vendors think about their infrastructure. The continuum is very stark. On one end lies Google, Facebook, et al., which consider physical servers to be replaceable, generic items that they think little about, focusing instead on the software that sits on top of them. At the other end, lies vendors such as HP, VMware and SimpliVity, which articulate the extra value that comes from converging hardware with software.To read this article in full or to leave a comment, please click here

iPhone 8 may feature a curved OLED display

Based on no shortage of product leaks and rumblings from the rumor mill, the iPhone 7 design will in large part be similar to what we've already seen on Apple's iPhone 6 and 6s models. In fact, there will likely be only two minor design changes on Apple's next-gen iPhone: the removal of the standard 3.5mm headphone jack and the migration of the iPhone's antenna lines from the back to the side of the device.In turn, it's only natural that some industry analysts have expressed concern that the current iPhone design is getting a little bit long in the tooth. Compounding matters is the fact that surveys have suggested that current iPhone owners would be more inclined to upgrade with a completely new design as opposed to the standard introduction of improved internals.To read this article in full or to leave a comment, please click here

Securing the Enterprise Software Supply Chain Using Docker

At Docker we have spent a lot of time discussing runtime security and isolation as a core part of the container architecture. However that is just one aspect of the total software pipeline. Instead of a one time flag or setting, we need to approach security as something that occurs at every stage of the application lifecycle. Organizations must apply security as a core part of the software supply chain where people, code and infrastructure are constantly moving, changing and interacting with each other.

If you consider a physical product like a phone, it’s not enough to think about the security of the end product. Beyond the decision of what kind of theft resistant packaging to use, you might want to know  where the materials are sourced from and how they are assembled, packaged, transported. Additionally it is important to ensure that  the phone is not tampered with or stolen along the way.

Software Supply Chain

The software supply chain maps almost identically to the supply chain for a physical product. You have to be able to identify and trust the raw materials (code, dependencies, packages), assemble them together, ship them by sea, land, or air (network) to a store (repository) so the item Continue reading

How Virtualization Will Transform Security Architectures: Spotlight at #VMworld U.S. 2016

It’s clear today that security is at a crossroads, and we are losing the cybersecurity war. VMware’s SVP of Security Products Tom Corn explained to me recently, “There are no objective measures we can credibly point to which suggest we are – in any way – succeeding as we battle to protect systems and data.”

Register for this VMworld 2016 session to learn about the transformation of security architecture

One of the biggest problems, he points out, is that Cyberwarfare is an asymmetric battle: an attacker fires a thousand bullets and only one needs to get thru. Defenders need to stop all 1,000. So what are we doing to address this challenge?

We don’t appear to have an issue with how much we spend, or that there is a lack of security innovation. We are spending at record levels, and security innovation is at an all time high.

At the heart of the issue is an architectural gap – between the applications and data we are trying to protect, and the infrastructure from which we are trying to protect them. Virtualization could be the key to solving this problem — enabling security to be architected-in, rather than bolted on.  Continue reading

Your Software is Safer in Docker Containers

The Docker security philosophy is Secure by Default. Meaning security should be inherent in the platform for all applications and not a separate solution that needs to be deployed, configured and integrated.

Today, Docker Engine supports all of the isolation features available in the Linux kernel. Not only that, but we’ve supported a simple user experience by implementing default configurations that provide greater protection for applications running within the Docker Engine, making strong security default for all containerized applications while still leaving the controls with the admin to change configurations and policies as needed.

But don’t take our word for it.  Two independent groups have evaluated Docker Engine for you and recently released statements about the inherent security value of Docker.

Gartner analyst Joerg Fritsch recently published a new paper titled How to Secure Docker Containers in Operation on this blog post.  In it Fritsch states the following:

“Gartner asserts that applications deployed in containers are more secure than applications deployed on the bare OS” because even if a container is cracked “they greatly limit the damage of a successful compromise because applications and users are isolated on a per-container basis so that they cannot compromise other containers or the host OS”.

Additionally, NCC Group contrasted the security Continue reading

Where the monsters live

The monsters read your full network traffic flow if they have your keys or you used weak ones.The monsters are in the hidden partitions of USB flash drives left in parking lots and technical conferences.The monsters are in the weakened smartphone OS that most of your users own.The monsters are in the containers you used from that interesting GitHub pull.The monsters are in the Cisco router where the Zero Day lives waiting for the NSA.The monsters are in the fake certificates your user swallowed in their browsers.The monsters are 10,000 CVEs that you never, ever checked.The monsters live inside your kernel, watching for the network traffic that brings them alive from their zombie state.To read this article in full or to leave a comment, please click here

Where the monsters live

The monsters read your full network traffic flow if they have your keys or you used weak ones.The monsters are in the hidden partitions of USB flash drives left in parking lots and technical conferences.The monsters are in the weakened smartphone OS that most of your users own.The monsters are in the containers you used from that interesting GitHub pull.The monsters are in the Cisco router where the Zero Day lives waiting for the NSA.The monsters are in the fake certificates your user swallowed in their browsers.The monsters are 10,000 CVEs that you never, ever checked.The monsters live inside your kernel, watching for the network traffic that brings them alive from their zombie state.To read this article in full or to leave a comment, please click here

Epic Games forum hack underscores the need to install security patches

A recent data breach at Epic Games may have been avoided if the company had simply installed a security patch.On Monday, Epic Games reported that its internet forums had been compromised. The leaked data includes email addresses and hashed passwords taken from legacy forums at Infinity Blade, previous Unreal Tournament games, and an archived Gears of War forum.Epic Games declined to explain how the leak occurred, but a website that stores information on data breaches said hackers were responsible and that 808,000 users are affected.The anonymous attackers targeted the vBulletin forum software on Aug. 11, according to the website Leaked Source, which has been in contact with the hackers.  To read this article in full or to leave a comment, please click here

Epic Games forum hack underscores the need to install security patches

A recent data breach at Epic Games may have been avoided if the company had simply installed a security patch.On Monday, Epic Games reported that its internet forums had been compromised. The leaked data includes email addresses and hashed passwords taken from legacy forums at Infinity Blade, previous Unreal Tournament games, and an archived Gears of War forum.Epic Games declined to explain how the leak occurred, but a website that stores information on data breaches said hackers were responsible and that 808,000 users are affected.The anonymous attackers targeted the vBulletin forum software on Aug. 11, according to the website Leaked Source, which has been in contact with the hackers.  To read this article in full or to leave a comment, please click here

Do what you love?

How many times have you heard this? Or this?

Love-Quote-Do-what-you-love-and-you'll-never-work-a-day-in-your-life 92bce9fa2b136aa1c3ca5839e4aafad9

Two of the most oft repeated, and driven home, ideas in modern times are be true to yourself and do what you love. But just because they’re oft repeated and driven home doesn’t mean they are actually true. The problem with both statements is they have just enough truth to sound really plausible—and yet they are both simplistic enough to be dangerous when taken raw.

Or maybe it’s just that I’m a grumpy old man who’s been in a bad mood for the last couple of weeks, and misery likes company. ?

Let’s try to put some reality into the do what you love statement.

Sometimes you’re just not very good at what you love to do. When I was a kid, I wanted to be an artist. And then a musician. Apparently there are no real jobs for artists or musicians with my somewhat mediocre skills in these two areas. I just have to face it—I’m never going to be a professional basketball player, either. Sometimes it doesn’t matter how much you love something, you just don’t have the skills to master it.

Sometimes there’s just no market for what you Continue reading

MIT researchers discover method to triple wireless speeds

MIT researchers have found a way to transfer wireless data using a smartphone at a speed about three times faster and twice as far as existing technology.The researchers developed a technique to coordinate multiple wireless transmitters by synchronizing their wave phases, according to a statement from MIT on Tuesday. Multiple independent transmitters will be able to send data over the same wireless channel to multiple independent receivers without interfering with each other.Since wireless spectrum is scarce, and network congestion is only expected to grow, the technology could have important implications.ALSO ON NETWORK WORLD 9 tips for speeding up your business Wi-Fi The researchers called the approach MegaMIMO 2.0 (Multiple Input, Multiple Output) .To read this article in full or to leave a comment, please click here

For Your Ears: Citizens of Tech Podcast 40

In this show, we get into what expiration dates on packaged food and drugs really mean. How should you react when the date expires? If you assume, “Throw it out to be safe,” you’d be wrong.

We also chat about dealing with password expiration policies. They must be super complex and changed frequently, right? Maybe not. Super complex and frequently changed means hard to remember, which studies show can lead to less security, not more.

IBM has manufactured an artificial neuron, which isn’t so interesting by itself. We’ve been here before. The interesting bit is the material used to behave like a neuronal membrane. A genuine advance.

Microsoft has announced a smaller XBoxOne S, now with 4K capabilities. Just not gaming 4K capabilities.

Blackberry is on permanent deathwatch now, as they have begun the, “All else has failed, so let’s litigate,” phase of operations.

All that, plus our regular “Content I Like” and “Today I Learned” features.

Expiring Stochastic Passwords – Citizens of Tech 040

1 2,722 2,723 2,724 2,725 2,726 3,840