IDG Contributor Network: The allure of free storage with FormationOne

Interesting news from Formation Data Systems, an enterprise storage vendor, around the launch of a new technology that should help IT departments eke out greater efficiencies from their existing storage assets. The new feature allows enterprises to recapture unused storage in their virtualized server environments.Fetchingly called Virtual Storage Recapture (VSR) this technology allows Formation customers to extend their FormationOne deployments beyond standard software-defined storage implementations to be able to utilize storage capacity that is “stranded” within most virtual servers and hypervisor clusters. To read this article in full or to leave a comment, please click here

Split Tunnel Insecurities

I really dislike corporate VPNs that don’t allow split tunneling—disconnecting from the VPN to print on a local printer, or access a local network attached drive, puts a real crimp in productivity. In the case of services reachable over both IPv6 and IPv4, particularly if the IPv6 path is preferred, split tunneling can be quite dangerous, as explained in RFC7359. Let’s use the network below to illustrate.

rfc7359-illustrated

In this network, host A is communicating with server B through a VPN, terminated by the VPN concentrator marked as “VPN.” Assume the host is reachable on both 192.0.2.1 and 2001:fb8:0:1::1. The host, the upstream router, the network in the cloud, and the server are all IPv6 reachable. When the host first connects, it will attempt both the IPv6 and IPv4 connections, and choose to use the IPv6 connection (this is what most current operating systems will do).

The problem is: the VPN connection doesn’t support IPv6 at all—it only supports IPv4. Because IPv6 is preferred, the traffic between the host and the server will take the local IPv6 connection, which is not encrypted—the blue dash/dot line—rather than the encrypted IPv4 tunnel—the red dashed line. The user, host, and Continue reading

IDG Contributor Network: Chime: A lifeguard for vulnerable IoT devices

Smart appliances are supposed to be the next big thing. Analysts predict that it’s a multi-billion dollar market. Why aren’t we there yet? Security. It’s a challenge for both manufacturers and users.Once connected to the internet, IoT devices can do amazing things, but they also become vulnerable to hackers. There are two main reasons for this: Limited resources: Low-cost IoT toolkits simplify the task of developing new smart devices. The downside of these devices is that they’re often too underpowered to run security software or communicate securely. Lack of standards: Connected devices vary greatly in their security safeguards by manufacturer. If one device is hacked, it potentially compromises other devices on the same network. Cloud-enabled security Chime from Innovation Labs by AVG (the antivirus and online security company) protects smart appliances by ensuring network traffic is authorized only to approved websites and mobile apps. Chime is installed on Wi-Fi routers and uses an online directory to stay current with new malware and hacking threats. It applies security techniques originally developed for enterprise security to also protect connected devices:To read this article in full or to leave a comment, please click here

Amazon’s Elastic File System is now open for business

Following an extended preview period, Amazon's Elastic File System is now generally available in three geographical regions, with more on the way.Originally announced last year, EFS is a fully managed elastic file storage service for deploying and scaling durable file systems in the Amazon Web Services cloud. It's currently available in the U.S. East (northern Virginia), U.S. West (Oregon) and EU (Ireland) regions, the company announced Wednesday.Customers can use EFS to create file systems that are accessible to multiple Amazon Elastic Compute Cloud (Amazon EC2) instances via the Network File System (NFS) protocol. They can also scale those systems up or down without needing to provision storage or throughput.To read this article in full or to leave a comment, please click here

Juniper addresses both sides of the branch networking problem

The numerous struggles businesses must go through to address the network needs of a branch have been well documented on this site and many others. The importance of the branch can’t be understated either. The branch is where the majority of workers reside today—81 percent of employees, according to a recent ZK Research survey. For many businesses, such as retailers and banks, the branch is the business, so curing branch woes needs to be a top priority for business and IT leaders.+ Also on Network World: Annual State of the Network survey results +To read this article in full or to leave a comment, please click here

Juniper addresses both sides of the branch networking problem

The numerous struggles businesses must go through to address the network needs of a branch have been well documented on this site and many others. The importance of the branch can’t be understated either. The branch is where the majority of workers reside today—81 percent of employees, according to a recent ZK Research survey. For many businesses, such as retailers and banks, the branch is the business, so curing branch woes needs to be a top priority for business and IT leaders.+ Also on Network World: Annual State of the Network survey results +To read this article in full or to leave a comment, please click here

Scaling Hotjar’s Architecture: 9 Lessons Learned

Hotjar offers free website analytics so they have a challenging mission: handle hundreds of millions of requests per day from mostly free users. Marc von Brockdorff, Co-Founder & Director of Engineering at Hotjar, summarized the lessons they've learned in: 9 Lessons Learned Scaling Hotjar's Tech Architecture To Handle 21,875,000 Requests Per Hour.

In response to the criticism their architecture looks like a hot mess, Erik Näslund, Chief Architect at Hotjar, gives the highlights of their architecture:

  • We use nginx + lua for the really hot code paths where python doesn't quite cut it. No language is perfect and you might have to break out of your comfort zone and use something different every now and then.
  • Redis, Memcached, Postgres, Elasticsearch and S3 are all suitable for different kinds of data storage and we eventually needed them all to be able to query and store data in a cost effective way. We didn't start out using 5 different data-stores though...it's something that we "grew into".
  • Each application server is a (majestic) monolith. Micro-services are one way of architecting things, monoliths are another - I'm still waiting to be convinced that one way is superior to the other when it comes Continue reading

ACLU lawsuit challenges US computer hacking law

The American Civil Liberties Union has filed a lawsuit challenging a 30-year-old hacking-crimes law, with the civil liberties group saying the law inhibits research about online discrimination.The ACLU on Wednesday filed a lawsuit challenging the Computer Fraud and Abuse Act on behalf of a group of academic researchers, computer scientists, and journalists. The CFAA limits online research because of its "overbroad criminal prohibitions," the ACLU said.The group of plaintiffs in the lawsuit want to investigate online discrimination in areas like housing and employment, "but they often can't," the ACLU said in a blog post. Courts have interpreted a provision of the CFAA prohibiting people from exceeding authorized access to a computer to include violations of website terms of service, the ACLU said.To read this article in full or to leave a comment, please click here

ACLU lawsuit challenges US computer hacking law

The American Civil Liberties Union has filed a lawsuit challenging a 30-year-old hacking-crimes law, with the civil liberties group saying the law inhibits research about online discrimination.The ACLU on Wednesday filed a lawsuit challenging the Computer Fraud and Abuse Act on behalf of a group of academic researchers, computer scientists, and journalists. The CFAA limits online research because of its "overbroad criminal prohibitions," the ACLU said.The group of plaintiffs in the lawsuit want to investigate online discrimination in areas like housing and employment, "but they often can't," the ACLU said in a blog post. Courts have interpreted a provision of the CFAA prohibiting people from exceeding authorized access to a computer to include violations of website terms of service, the ACLU said.To read this article in full or to leave a comment, please click here

Worth Reading: The great DevOps train wreck

Well, I see one coming, and I’m raising the alarm. Based on the conversations I’m hearing, it’s becoming dangerously fashionable to say: “All the interesting technology problems in DevOps are solved. We have Docker. We have Kubernetes. We have OpenStack. They’re stable, and they’re widely deployed. All that’s left to do is process transformation, teaching dullard enterprise IT teams how to consume the new-new IT.” -The New Stack

LinkedInTwitterGoogle+Facebook

The post Worth Reading: The great DevOps train wreck appeared first on 'net work.

Delivering a Seamless Guest Experience

Author: Diana Shtil, Product Marketing Manager The Hospitality Industry Technology Exposition and Conference (HITEC) 2016 took place in New Orleans last week, bringing together over 300 companies who all specialize in products, services, and solutions for the hospitality industry. From...

DockerCon 2016: Part 1 of Top 10 Videos

DockerCon 2016 was packed lots with great conference sessions! Attendees enjoyed the variety of topics in the agenda including advanced technical deep dives in the Black Belt track and practical applications of Docker in the Use Case track.

Through the mobile app (powered by Docker of course!), DockerCon 2016 attendees voted on their favorite sessions at the conference. Here are 5 of the top 10 highest rated sessions at DockerCon 2016: Continue reading

Mapping firm invites auto industry to improve spec for sharing vehicle sensor data

A key specification for exchanging sensor data between vehicles has found a new sponsor, in a move that may help future drivers avoid dangers before they see them.New vehicles are increasingly laden with sensors -- accelerometers, thermometers, radar and lidar (light detection and range) -- and the best of them can use the streams of incoming data to warn of or even avoid hazards such as ice or obstacles.But what if they could share information about changes to a road since the map was last updated or even warn one another of a stopped vehicle hidden by a blind curve? Vehicles might then be able to choose more efficient routes or avoid the need for sudden braking.To read this article in full or to leave a comment, please click here

Wormable flaws in Symantec products expose millions of computers to hacking

A Google security researcher has found high severity vulnerabilities in enterprise and consumer products from antivirus vendor Symantec that could be easily be exploited by hackers to take control of computers.Symantec released patches for the affected products, but while some products were updated automatically, some affected enterprise products could require manual intervention.The flaws were found by Tavis Ormandy, a researcher with Google's Project Zero team who has found similar vulnerabilities in antivirus products from other vendors. They highlight the poor state of software security in the antivirus world, something that has been noted by researchers.To read this article in full or to leave a comment, please click here

Wormable flaws in Symantec products expose millions of computers to hacking

A Google security researcher has found high severity vulnerabilities in enterprise and consumer products from antivirus vendor Symantec that could be easily be exploited by hackers to take control of computers.Symantec released patches for the affected products, but while some products were updated automatically, some affected enterprise products could require manual intervention.The flaws were found by Tavis Ormandy, a researcher with Google's Project Zero team who has found similar vulnerabilities in antivirus products from other vendors. They highlight the poor state of software security in the antivirus world, something that has been noted by researchers.To read this article in full or to leave a comment, please click here

Emerging “Universal” FPGA, GPU Platform for Deep Learning

In the last couple of years, we have written and heard about the usefulness of GPUs for deep learning training as well as, to a lesser extent, custom ASICs and FPGAs. All of these options have shown performance or efficiency advantages over commodity CPU-only approaches, but programming for all of these is often a challenge.

Programmability hurdles aside, deep learning training on accelerators is standard, but is often limited to a single choice—GPUs or, to a far lesser extent, FPGAs. Now, a research team from the University of California Santa Barbara has proposed a new middleware platform that can combine

Emerging “Universal” FPGA, GPU Platform for Deep Learning was written by Nicole Hemsoth at The Next Platform.

Oracle pledges ‘x86 economics’ with new Sparc servers

Larry Ellison doesn't do "cheap." The Oracle chairman isn't interested in selling the low-cost one- and two-socket servers that make up a huge slice of the server market but yield little profit for the companies that make them. Even if he did, that business is pretty much sewn up by Hewlett Packard Enterprise, Dell, and the "white box" makers from China and Taiwan.But Ellison's also a realist, and he knows customers are gradually turning away from his pricey Unix systems in favor of x86 boxes to build scale-out private and hybrid clouds. So to keep customers interested in Sparc, Ellison needs to come downmarket and provide more affordable options.To read this article in full or to leave a comment, please click here

What is Google Up To?

The astonishing rise and rise of the fortunes of Google has been one of the major features of both social and business life of the early 21st century. In the same way that Microsoft transformed the computer into a mainstream consumer product, Google has had a similar transformative effect upon its environment.

The complete guide to Go net/http timeouts

When writing an HTTP server or client in Go, timeouts are amongst the easiest and most subtle things to get wrong: there’s many to choose from, and a mistake can have no consequences for a long time, until the network glitches and the process hangs.

HTTP is a complex multi-stage protocol, so there's no one-size fits all solution to timeouts. Think about a streaming endpoint versus a JSON API versus a Comet endpoint. Indeed, the defaults are often not what you want.

In this post I’ll take apart the various stages you might need to apply a timeout to, and look at the different ways to do it, on both the Server and the Client side.

SetDeadline

First, you need to know about the network primitive that Go exposes to implement timeouts: Deadlines.

Exposed by net.Conn with the Set[Read|Write]Deadline(time.Time) methods, Deadlines are an absolute time which when reached makes all I/O operations fail with a timeout error.

Deadlines are not timeouts. Once set they stay in force forever (or until the next call to SetDeadline), no matter if and how the connection is used in the meantime. So to build a timeout with SetDeadline you'll have to Continue reading

1 2,807 2,808 2,809 2,810 2,811 3,793