Latest leap second plan poses a dilemma for conscientious sysadmins

Conscientious sysadmins face a dilemma on December 31, when a new leap second will threaten the stability of computer systems and networks.Scientists occasionally add a leap second to Coordinated Universal Time (UTC), the time reference most clocks are set by, so as to keep it in step with the earth's gradually slowing rotation. If they didn't, then clocks would be off by about a minute at midday by 2100.Computer systems don't like leap seconds as they are programmed to expect the same number of seconds in every minute of every hour of every day. The various ways of tricking them into accepting the extra second -- stretching out all the other seconds in the preceding minute, hour or day, repeating the same second twice, or creating a 61st second in a minute, can cause chaos as they affect different computers in different ways.To read this article in full or to leave a comment, please click here

Plea to Cisco: ‘CCIE routing and switching written exam needs to be fixed’

Tom Hollingsworth, a CCIE and author of a popular blog called “The Networking Nerd,” used that forum last week  – smack in the middle of Cisco’s annual user conference -- to issue a blistering critique of the CCIE routing and switching written exam. “The discontent is palpable,” according to Hollingsworth. “From what I’ve heard around Las Vegas this week, it’s time to fix the CCIE Written Exam.”That contention has received broad though not unanimous support on Twitter and comments on the post itself. As for Cisco, it tells me they’re always open to suggestions.To read this article in full or to leave a comment, please click here

Plea to Cisco: ‘CCIE routing and switching written exam needs to be fixed’

Tom Hollingsworth, a CCIE and author of a popular blog called “The Networking Nerd,” used that forum last week  – smack in the middle of Cisco’s annual user conference -- to issue a blistering critique of the CCIE routing and switching written exam.  “The discontent is palpable,” according to Hollingsworth. “From what I’ve heard around Las Vegas this week, it’s time to fix the CCIE Written Exam.” That contention has received broad though not unanimous support on Twitter and comments on the post itself. As for Cisco, it tells me they’re always open to suggestions.To read this article in full or to leave a comment, please click here

Introducing Ansible Tower 3

tower-3-blog-2.png

The Best Way To Run Ansible In Your Organization Just Got Better

We’ve been hard at work since the last release of Tower, listening to community feedback and working to create the best possible experience for Tower users. We are pleased to introduce Ansible Tower 3, evolving from Ansible’s simple, powerful and agentless automation and extending that power to your team and organization.

Tower 3 boasts an entirely reworked UI that makes it simpler and easier to use Tower to automate your environments and share your automation. On top of that, we’ve equipped this newest edition of Tower with a host of new features to speed productivity and visibility within your Tower workflows, managing complex deployments and scaling the power of automation.

These features include: 

Expanded and Simplified Permissions

In prior releases of Tower, we operated on an implicit permissions system. For a user to be able to see, and run, a job, they needed permissions on not only the project that housed the Playbook, but also the inventory, and the credential used.

Now, with Tower 3, we’ve made things much simpler… if you have a job that you want a user or team to run, just give them Continue reading

Fixing The CCIE Written – A Follow Up

955951_28854808

I stirred up quite the hornet’s nest last week, didn’t I? I posted about how I thought the CCIE Routing and Switching Written Exam needed to be fixed. I got 75 favorites on Twitter and 40 retweets of my post, not to mention the countless people that shared it on a variety of forums and other sites. Since I was at Cisco Live, I had a lot of people coming up to me saying that they agreed with my views. I also had quite a few people that weren’t thrilled with my perspective. Thankfully, I had the chance to sit down with Yusuf Bhaiji, head of the CCIE program, and chat about things. I wanted to share some thoughts here.

Clarity Of Purpose

One of the biggest complaints that I’ve heard is that I was being “malicious” in my post with regards to the CCIE. I was also told that it was a case of “sour grapes” and even that the exam was as hard as it was on purpose because the CCIE is supposed to be hard. Mostly, I felt upset that people were under the impression that my post was designed to destroy, harm, or otherwise defame the Continue reading

Oracle issues largest patch bundle ever, fixing 276 security flaws

Oracle has released a new quarterly batch of security updates for more than 80 products from its software portfolio, fixing 276 vulnerabilities.This is the largest Oracle Critical Patch Update (CPU) to date. The average number of flaws fixed per Oracle update last year was 161, according to security vendor Qualys. Furthermore, out of the 276 security flaws fixed in this update, 159 can be exploited remotely without authentication.At the top of the priority list should be the Java patches, which address 13 new vulnerabilities. That's because Java is used in a lot of applications and is installed on a large number of systems."Customers really do need to apply these Java CPU patches as soon as possible,"  said John Matthew Holt, the CTO of application security firm Waratek, via email. Among the patches that require urgent attention are those for the HotSpot Java virtual machine for desktops and servers, which received high CVSS (Common Vulnerabilities Scoring System) scores, Holt noted.To read this article in full or to leave a comment, please click here

Oracle issues largest patch bundle ever, fixing 276 security flaws

Oracle has released a new quarterly batch of security updates for more than 80 products from its software portfolio, fixing 276 vulnerabilities.This is the largest Oracle Critical Patch Update (CPU) to date. The average number of flaws fixed per Oracle update last year was 161, according to security vendor Qualys. Furthermore, out of the 276 security flaws fixed in this update, 159 can be exploited remotely without authentication.At the top of the priority list should be the Java patches, which address 13 new vulnerabilities. That's because Java is used in a lot of applications and is installed on a large number of systems."Customers really do need to apply these Java CPU patches as soon as possible,"  said John Matthew Holt, the CTO of application security firm Waratek, via email. Among the patches that require urgent attention are those for the HotSpot Java virtual machine for desktops and servers, which received high CVSS (Common Vulnerabilities Scoring System) scores, Holt noted.To read this article in full or to leave a comment, please click here

5 tips to avoid summer’s plummeting productivity

Avoid summer's plummeting productivityImage by Thinkstock Investment in employee education and learning increases engagement and makes employees more productive. If you find your workload is a bit light during the summer months, consider sitting down with your manager to identify existing professional development programs or courses to add to your skill set, Battles says. If you can't physically attend courses, take advantage of virtual training tools and online massive open online courses. 1. The more you knowImage by Thinkstock To read this article in full or to leave a comment, please click here

Skype sets a course for the cloud, ditching some apps on the way

Skype is leaving behind its peer-to-peer roots and going all in on the cloud. While the popular messaging app made it this far by facilitating connections between computers for video calls and other communications, it's moving to a cloud architecture that is supposed to improve performance and expand the service's capabilities.According to Skype Corporate Vice President Amritansh Raghav, the architecture shift has taken three years of work. It is supposed to provide a number of benefits, including improved message syncing across devices. Certain Skype features are already built on top of the new cloud infrastructure, including the mobile group video calling and live translation features that the service introduced recently.To read this article in full or to leave a comment, please click here

Review: Windows 10 Anniversary Update fails to excite

One year after the initial, faltering release of Windows 10 “RTM” (build 10240) and almost nine months after the arrival of Win 10 Fall Update (version 1511), we finally have a new tenant at the apex of the Windows 10 “as a service” heap. Windows 10 Anniversary Update, aka Redstone 1, aka version 1607, is available to Windows Insiders. The update should start rolling out to Windows 10 version 1511 users on August 2.To read this article in full or to leave a comment, please click here

New HIPAA guidance addresses ransomware

The U.S. Department of Human Services has released new guidance for health care organizations that focuses on the growing threat of ransomware, stresses the need for better education and regular backups, and confirms that a ransomware attack against plain-text health information is, in fact, a breach that must be disclosed. The guidance recommends that organizations identify the risks facing their patient information, create a plan to address those links, set up procedures to protect systems from malware, train users to spot malware, limit access to sensitive information to just the people who need it most, and have a disaster recovery plan that includes frequent data backups.To read this article in full or to leave a comment, please click here

New HIPAA guidance addresses ransomware

The U.S. Department of Human Services has released new guidance for health care organizations that focuses on the growing threat of ransomware, stresses the need for better education and regular backups, and confirms that a ransomware attack against plain-text health information is, in fact, a breach that must be disclosed. The guidance recommends that organizations identify the risks facing their patient information, create a plan to address those links, set up procedures to protect systems from malware, train users to spot malware, limit access to sensitive information to just the people who need it most, and have a disaster recovery plan that includes frequent data backups.To read this article in full or to leave a comment, please click here

Feds shut down tech support scammers, freeze assets

Federal authorities have shut down several alleged tech support scammers working out of Florida, Iowa, Nevada and Canada, freezing their assets and seizing control of their businesses.The action was one of the largest in the U.S. against scammers, who bilk consumers out of an estimated $1.5 billion annually with bogus tales of infected Windows PCs and Apple Macs, high-pressure sales tactics, and grossly overpriced services and software.After the Federal Trade Commission (FTC) filed complaints against six companies and six individuals in late June, courts shuttered alleged scammers doing business under names like Big Dog Solutions, Help Desk National, Help Desk Global, PC Help Desk, Inbound Call Specialist, BlackOptek CE, 9138242 Canada and Digital Growth Properties. Five of the six operated as a single enterprise, muddying the waters with multiple names.To read this article in full or to leave a comment, please click here

Feds shut down tech support scammers, freeze assets

Federal authorities have shut down several alleged tech support scammers working out of Florida, Iowa, Nevada and Canada, freezing their assets and seizing control of their businesses.The action was one of the largest in the U.S. against scammers, who bilk consumers out of an estimated $1.5 billion annually with bogus tales of infected Windows PCs and Apple Macs, high-pressure sales tactics, and grossly overpriced services and software.After the Federal Trade Commission (FTC) filed complaints against six companies and six individuals in late June, courts shuttered alleged scammers doing business under names like Big Dog Solutions, Help Desk National, Help Desk Global, PC Help Desk, Inbound Call Specialist, BlackOptek CE, 9138242 Canada and Digital Growth Properties. Five of the six operated as a single enterprise, muddying the waters with multiple names.To read this article in full or to leave a comment, please click here

An immodest proposal for expanding Twitter’s 140-character limit

Twitter has a problem.In fact, it has several problems. On the one hand, its iconic 140-character limit has helped make the service popular and easy to use. On the other hand, many tweeters desperately want to say more than they can squeeze into those 140 characters. And on the third hand, Twitter continues to struggle monetizing its vast user base.A simple formula to save Twitter Fortunately, I have an immodest proposal designed to solve all three problems in one fell swoop. And all it takes is a single, relatively simple formula.Ready? Here goes:If Twitter users want to exceed the 140-character limit, all they have to do is pay for the privilege. But instead of a flat fee, my clever formula works to maximize all of the important values.To read this article in full or to leave a comment, please click here

Riding the new Wi-Fi wave (part 2)

In part 1 of this mini-series looking at the new wireless mesh networking aimed at home systems, I looked at Luma’s system. Instead of a single router providing coverage for the house, a mesh system uses multiple nodes that work in conjunction with each other to provide greater coverage and faster speeds.So here's part 2, in which I tested another wireless mesh system - this one from San Francisco-based startup eero. Like the Luma devices, the eero system comes in a three-pack of nodes (it costs $499), but you can also buy individual nodes for $199. You can get away with using just one node as its own Wi-Fi router/access point as long as you connect it to your modem (cable/DSL), but the added benefits of the mesh kick in when you add the second, third or any additional nodes. In the three-pack, the system includes power cables for each eero node, and one Ethernet cable that links the first node into your cable modem or WAN connection.To read this article in full or to leave a comment, please click here

IBM’s Watson just landed a new job: helping Macy’s shoppers

IBM's Watson may be putting its cognitive muscle to work battling cancer and cybercriminals, but it's no slouch at shopping, either. On Wednesday, retail brand Macy's announced that it's testing out a new mobile service that lets in-store shoppers ask Watson for help.Dubbed Macy’s On-Call, the tool gives smartphone-equipped shoppers a way to ask Watson questions about a store's products, services and facilities by typing their questions into a mobile browser. It's delivered through location-based engagement software from IBM partner Satisfi, which accesses Watson from the cloud, and it works in both English and Spanish.To read this article in full or to leave a comment, please click here