Proposed ‘social media ID, please’ law draws outrage

A plan by the U.S. government to require some foreign travelers to provide their social media IDs on key travel documents is drawing outrage.People who responded to the government’s request for comment about the proposal spared little in their criticisms. They call it “ludicrous,” an “all-around bad idea,” “blatant overreach,” “desperate, paranoid heavy-handedness,” “preposterous,” “appalling,” and “un-American.”But the feds are most serious about it.The plan affects people traveling from “visa waiver” countries to the U.S., where a visa is not required. This includes most of Europe, Singapore, Chile, Japan, South Korea, Australia and New Zealand -- 38 countries in total.To read this article in full or to leave a comment, please click here

Data lakes security could use a life preserver

As big data initiatives gain steam at organizations, many companies are creating “data lakes” to provide a large number of users with access to the data they need. And as with almost every type of new IT initiative, this comes with a variety of security risks that enterprises must address.Data lakes are storage repositories that hold huge volumes of raw data kept in its native format until it’s needed. They’re becoming more common as organizations gather enormous amounts of data from a variety of resources.The growing business demand for analytics is helping to fuel the move to large repositories of data. And data lakes are likely to take on even more significance with the growth of the internet of things (IoT), in which companies will gather data from and about countless networked objects.To read this article in full or to leave a comment, please click here

Data lakes security could use a life preserver

As big data initiatives gain steam at organizations, many companies are creating “data lakes” to provide a large number of users with access to the data they need. And as with almost every type of new IT initiative, this comes with a variety of security risks that enterprises must address.Data lakes are storage repositories that hold huge volumes of raw data kept in its native format until it’s needed. They’re becoming more common as organizations gather enormous amounts of data from a variety of resources.The growing business demand for analytics is helping to fuel the move to large repositories of data. And data lakes are likely to take on even more significance with the growth of the internet of things (IoT), in which companies will gather data from and about countless networked objects.To read this article in full or to leave a comment, please click here

New collision attacks against triple-DES, Blowfish break HTTPS sessions

There is now a practical, relatively fast attack on 64-bit block ciphers that lets attackers recover authentication cookies and other credentials from HTTPS-protected sessions, a pair of French researchers said. Legacy ciphers Triple-DES and Blowfish need to go the way of the broken RC4 cipher: Deprecated and disabled everywhere.Dubbed Sweet32, researchers were able to take authentication cookies from HTTPS-protected traffic using triple-DES (3DES) and Blowfish and recover login credentials to be able to access victim accounts, said the researchers, Karthikeyan Bhargavan and Gaëtan Leurent of INRIA in France. The attack highlights why it is necessary for sites to stop using legacy ciphers and upgrade to modern, more secure ciphers.To read this article in full or to leave a comment, please click here

New collision attacks against triple-DES, Blowfish break HTTPS sessions

There is now a practical, relatively fast attack on 64-bit block ciphers that lets attackers recover authentication cookies and other credentials from HTTPS-protected sessions, a pair of French researchers said. Legacy ciphers Triple-DES and Blowfish need to go the way of the broken RC4 cipher: Deprecated and disabled everywhere.Dubbed Sweet32, researchers were able to take authentication cookies from HTTPS-protected traffic using triple-DES (3DES) and Blowfish and recover login credentials to be able to access victim accounts, said the researchers, Karthikeyan Bhargavan and Gaëtan Leurent of INRIA in France. The attack highlights why it is necessary for sites to stop using legacy ciphers and upgrade to modern, more secure ciphers.To read this article in full or to leave a comment, please click here

New collision attacks against triple-DES, Blowfish break HTTPS sessions

There is now a practical, relatively fast attack on 64-bit block ciphers that lets attackers recover authentication cookies and other credentials from HTTPS-protected sessions, a pair of French researchers said. Legacy ciphers Triple-DES and Blowfish need to go the way of the broken RC4 cipher: Deprecated and disabled everywhere.Dubbed Sweet32, researchers were able to take authentication cookies from HTTPS-protected traffic using triple-DES (3DES) and Blowfish and recover login credentials to be able to access victim accounts, said the researchers, Karthikeyan Bhargavan and Gaëtan Leurent of INRIA in France. The attack highlights why it is necessary for sites to stop using legacy ciphers and upgrade to modern, more secure ciphers.To read this article in full or to leave a comment, please click here

Experts challenge Skyhigh’s patent for cloud-based encryption gateway

Skyhigh announced today that it has received a patent for its technology, which moves that encryption gateway into a hosted environment.Enterprises looking to protect sensitive data stored in cloud services can funnel user traffic through on-premises encryption gateways that allow them to keep control of their encryption keys. Moving the encryption process to Skyhigh's servers allows for easier access by remote employees, mobile users, business partners, or customers, said Rajiv Gupta, Skyhigh's CEO. He says the company offers these encryption gateways in various locations, allowing customers to comply with data residency and privacy laws.To read this article in full or to leave a comment, please click here

Experts challenge Skyhigh’s patent for cloud-based encryption gateway

Skyhigh announced today that it has received a patent for its technology, which moves that encryption gateway into a hosted environment.Enterprises looking to protect sensitive data stored in cloud services can funnel user traffic through on-premises encryption gateways that allow them to keep control of their encryption keys. Moving the encryption process to Skyhigh's servers allows for easier access by remote employees, mobile users, business partners, or customers, said Rajiv Gupta, Skyhigh's CEO. He says the company offers these encryption gateways in various locations, allowing customers to comply with data residency and privacy laws.To read this article in full or to leave a comment, please click here

Trying to make sense of Google’s messaging mess

Google appears to finally be trying to clarify its strategies for communication and messaging. However, the company determined it needs more messaging apps — not fewer apps. By the end of this year, Google will maintain at least eight different messaging apps, including Hangouts, Google Messenger, Google Chat, Google Voice, the Jibe rich communication services (RCS) app for carriers, Allo, Duo and the Spaces group-sharing app. Following the early August release of Duo, a new one-to-one video calling app, and the complementary messaging app Allo, which is expected to launch before summer's end, Google says it plans to reposition Hangouts as an enterprise service.To read this article in full or to leave a comment, please click here

Linux’s brilliant career, in pictures

A momentous milestoneAug. 25 marks the 25th anniversary of Linux, the free and open source operating system that's used around the globe in smarphones, tablets, desktop PCs, servers, supercomputers, and more. Though its beginnings were humble, Linux has become the world’s largest and most pervasive open source software project in history. How did it get here? Read on for a look at some of the notable events along the way.To read this article in full or to leave a comment, please click here

Docker Online Meetup #41: Deep Dive into Docker 1.12 Networking

For this week’s Docker Online Meetup, Sr. Director, Networking at Docker, Madhu Venugopal, joined us to talk about Docker 1.12 Networking and answer questions.

Starting with Docker 1.12, Docker has added features to the core Docker Engine to make multi-host and multi-container orchestration simple to use and accessible to everyone. Docker 1.12 Networking plays a key role in enabling these orchestration features.

In this online meetup, we learned all the new and exciting networking features introduced in Docker 1.12:

  • Swarm-mode networking
  • Routing Mesh
  • Ingress and Internal Load-Balancing
  • Service Discovery
  • Encrypted Network Control-Plane and Data-Plane
  • Multi-host networking without external KV-Store
  • MACVLAN Driver

 

The number of questions Madhu got at the end of the online meetup was amazing and because he did not have time to answer all of them, we’ve added the rest of the Q&A below:

Q: Will you address the DNS configuration in Docker? We have two apps created with docker compose and would like to enable communication and DNS resolution from containers in one of the apps to containers in the other app.

Check out the PTAL external network feature in docker compose in the Docker docs to get started. If that Continue reading

AMD Strikes A Balance – And Strikes Back – With Zen

Being too dependent on one source for a key component is not just a bad idea because of supply chain risks, but because it can result in higher prices.

Intel customers don’t need to be reminded of the lack of direct competitive pressure in the X86 chip market for servers, because they remember what competition that felt like. And customers and system makers that had taken a risk with AMD Opteron processors a decade ago don’t need to be reminded of either of these facts, particularly after AMD walked away from the server business in the wake of technical problems

AMD Strikes A Balance – And Strikes Back – With Zen was written by Timothy Prickett Morgan at The Next Platform.

IDG Contributor Network: Shippable ships its newest thing: Industrial strength continuous deployment

Founded back in 2013, Shippable is one of the cool kids in the continuous deployment (CD) space. For those unaware, CD is a movement in which development teams deploy code frequently instead of in irregular and widely spaced occurrences. It is a movement popularized by organizations such as Facebook, Google and Twitter that deploy code many, many times a day.Shippable, therefore builds a platform to reduce friction and therefore allow software development teams to not only ship code fast, but far more frequently as well. DevOps, the movement that brought together the development and operations side of IT departments, aims to increase this velocity.To read this article in full or to leave a comment, please click here

Another lesson in confirmation bias

The biggest problem with hacker attribution is the confirmation bias problem. Once you develop a theory, your mind shifts to distorting evidence trying to prove the theory. After a while, only your theory seems possible as one that can fit all your carefully selected evidence.

You can watch this happen in two recent blogposts [1] [2] by Krypt3ia attributing bitcoin payments to the Shadow Broker hackers as coming from the government (FBI, NSA, TAO). These posts are absolutely wrong. Nonetheless, the press has picked up on the story and run with it [*]. [Note: click on the pictures in this post to blow them up so you can see them better].


The Shadow Brokers published their bitcoin address (19BY2XCgbDe6WtTVbTyzM9eR3LYr6VitWK) asking for donations to release the rest of their tools. They've received 66 transactions so far, totally 1.78 bitcoin, or roughly $1000 at today's exchange rate.

Bitcoin is not anonymous by pseudonymous. Bitcoin is a public ledger with all transaction visible by everyone. Sometimes we can't tie addresses back to people, but sometimes we can. There are a lot of researchers who spent a lot of time on "taint anlysis" trying to Continue reading

Facebook, Google, Twitter lax on terrorists’ misuse of their sites, say UK MPs

A panel of U.K. lawmakers has described as “alarming” that social networking companies like Facebook, Twitter and Google's YouTube have teams of only a few hundred employees to monitor billions of accounts for extremist content.“These companies are hiding behind their supranational legal status to pass the parcel of responsibility and refusing to act responsibly in case they damage their brands,” said a report released early Thursday in the U.K. by the Home Affairs Committee appointed by the House of Commons.To read this article in full or to leave a comment, please click here

Facebook, Google, Twitter lax on terrorists’ misuse of their sites, say UK MPs

A panel of U.K. lawmakers has described as “alarming” that social networking companies like Facebook, Twitter and Google's YouTube have teams of only a few hundred employees to monitor billions of accounts for extremist content.“These companies are hiding behind their supranational legal status to pass the parcel of responsibility and refusing to act responsibly in case they damage their brands,” said a report released early Thursday in the U.K. by the Home Affairs Committee appointed by the House of Commons.To read this article in full or to leave a comment, please click here

1 2,732 2,733 2,734 2,735 2,736 3,855