0

Worth Reading: Open season

Let’s once more look at this topic again, and start with what we mean by the term “Open Internet.” The expression builds upon a rich pedigree of the term “open” in various contexts. It gives the impression that “open” is some positive attribute, and when we use the expression of the “open Internet”, it seems that we’re lauding it in some way. But are we, and if so, in what way? -CircleID

The post Worth Reading: Open season appeared first on 'net work.

0

Scrutiny of Google’s tax liabilities intensifies with Spanish raid

Spain has joined the scrum of tax authorities examining Google's accounts to see if the company has paid all that it should.A team of 35 inspectors from Agencia Tributaria, the Spanish tax authority, raided Google offices on two sites in Madrid on Thursday, according to Spanish newspaper El País. The authority requested court approval for the raid on Tuesday, the report said.They were investigating the tax liabilities of Google's subsidiaries in Spain and Ireland, through which the company channels much of its European revenue.+ ALSO  ON NETWORK WORLD Is Google pushing the cloud envelope too far? +To read this article in full or to leave a comment, please click here

0

Hillary Clinton’s tech agenda draws cheers from IT industry

Leading tech groups hailed the release of Hillary Clinton's agenda for promoting technology and innovation, praising the presumptive Democratic presidential nominee's focus on issues like cybersecurity and her acknowledgement that the industry is vital to the nation's economic prosperity.[ Related: Obama, Zuckerberg push better broadband, innovative startups ]Clinton's "initiative on technology and innovation" comes as the most detailed elucidation of a technology platform from a major presidential candidate this election season, a multi-pronged plan that touches on issues like promoting science and technical education, building out broadband infrastructure and defending net neutrality.To read this article in full or to leave a comment, please click here

0

Study reveals security gap in big data projects

Ideally, the ultimate output of big-data analysis can provide a company with a valuable competitive advantage. But those results aren’t getting much additional security, according to an IDG Enterprise study of big-data initiatives.To read this article in full or to leave a comment, please click here(Insider Story)

0

Big Brother is listening as well as watching

In a world of ubiquitous security cameras, most people know by now that some form of Big Brother – government or private – is watching them. But they are less likely to know that in some areas, he is also listening.While it is not yet widespread, audio surveillance is increasingly being used on parts of urban mass transit systems.That is the bad news, in the view of privacy advocates. But the good news is that public awareness can, at least in some cases, curtail it.This past week, following revelations that New Jersey Transit didn’t have policies governing storage and who had access to data from audio surveillance on some of its light-rail trains, the agency ended the program.To read this article in full or to leave a comment, please click here

0

Cloud Native Security Paradigm Shift

Exciting time is ahead for the cloud security industry.

0

Zenly + Docker 1.12 + 1M teenagers

Zenly is a mobile app that helps you locate your friends in real time. Recently the Zenly app reached the million registered users mark — and half of them signed up in the last three months.

In the words of Steeve Morin, VP Engineering of Zenly, “Behold, the power of teenagers.”

The rapid growth in users, traffic and data points generated posed new challenges for the Zenly team.

As one of the early users of Docker 1.12, the Zenly team shared their experience during the keynote presentation at DockerCon US 2016 in Seattle.

Here is the story as told by Steeve, JB Daildo and Corentin Kerisit:

---

 

The sudden growth of traffic has been both amazing and a real challenge to scale, not on our production stack, but our analytics pipeline as our app started to generate half a billion events a day and counting. Our analytics stack was starting to experience failures due to scaling issues, the costs were rising with how we were running the cluster in the cloud and our 6 person team was challenged in supporting it while also building, scaling and supporting the Zenly app.

What we wanted was to Continue reading

0

Real-time BGP route analytics

The diagram shows how sFlow-RT real-time analytics software can combine BGP route information and sFlow telemetry to generate route analytics. Merging sFlow traffic with BGP route data significantly enhances both data streams:

1. sFlow real-time traffic data identifies active BGP routes
2. BGP path attributes are available in flow definitions

The following example demonstrates how to configure sFlow / BGP route analytics. In this example, the switch IP address is 10.0.0.253, the router IP address is 10.0.0.254, and the sFlow-RT address is 10.0.0.162.

Setup

First download sFlow-RT. Next create a configuration file, bgp.js, in the sFlow-RT home directory with the following contents:

var reflectorIP  = '10.0.0.254';
var myAS         = '65162';
var myID         = '10.0.0.162';
var sFlowAgentIP = '10.0.0.253';

// allow BGP connection from reflectorIP
bgpAddNeighbor(reflectorIP,myAS,myID);

// direct sFlow from sFlowAgentIP to reflectorIP routing table
// calculate a 60 second moving average byte rate for each route
bgpAddSource(sFlowAgentIP,reflectorIP,60,'bytes');

The following sFlow-RT System Properties load the configuration file and enable BGP:

• script.file=bgp.js
• bgp.start=yes

Start sFlow-RT and the following log lines will confirm that BGP has been enabled and configured:

 Continue reading

0

Brown University offers Ivy League CISO creds

Freshly minted CISOs as well as other mid-career professionals with a need for a broad grounding in cybersecurity can get an advanced degree in the topic through a new program at Brown University. The Executive Master in Cybersecurity set to launch in October is a 16-month program to instruct students in technology, law and policy, human behavior, and leadership-skills development. “What the industry is crying out for is interdisciplinary training,” says Alan Usas, the program director. The idea is to prepare cybersecurity leaders who not only understand the technical needs of protecting data and privacy but who can also talk effectively to the boards of directors about these issues in a way that nets results for security and for business goals, he says.To read this article in full or to leave a comment, please click here

0

Brown University offers Ivy League CISO creds

Freshly minted CISOs as well as other mid-career professionals with a need for a broad grounding in cybersecurity can get an advanced degree in the topic through a new program at Brown University.The Executive Master in Cybersecurity set to launch in October is a 16-month program to instruct students in technology, law and policy, human behavior, and leadership-skills development. “What the industry is crying out for is interdisciplinary training,” says Alan Usas, the program director.The idea is to prepare cybersecurity leaders who not only understand the technical needs of protecting data and privacy but who can also talk effectively to the boards of directors about these issues in a way that nets results for security and for business goals, he says.To read this article in full or to leave a comment, please click here

0

Response: Cumulus ndependence from L2 Data Centers

L3 routing to to the host. An idea whose time has come, again.

The post Response: Cumulus ndependence from L2 Data Centers appeared first on EtherealMind.

0

Hackers are coming for your healthcare records — here’s why

Data stolen from a bank quickly becomes useless once the breach is discovered and passcodes are changed. But data from the healthcare industry, which includes both personal identities and medical histories, can live a lifetime.Cyberattacks will cost hospitals more than $305 billion over the next five years and one in 13 patients will have their data compromised by a hack, according to industry consultancy Accenture. Accenture And a study by the Brookings Institution predicts that one in four data breaches this year will hit the healthcare industry.To read this article in full or to leave a comment, please click here

0

Hackers are coming for your healthcare records — here’s why

Data stolen from a bank quickly becomes useless once the breach is discovered and passcodes are changed. But data from the healthcare industry, which includes both personal identities and medical histories, can live a lifetime.Cyberattacks will cost hospitals more than $305 billion over the next five years and one in 13 patients will have their data compromised by a hack, according to industry consultancy Accenture. Accenture And a study by the Brookings Institution predicts that one in four data breaches this year will hit the healthcare industry.To read this article in full or to leave a comment, please click here

0

Jeremiah Grossman: Focus on ransomware, SDLC, and endpoints

With so many elements in information security -- application, network infrastructure, the endpoint, perimeter defenses, and data-centric approaches -- it's easy to fall in the trap of touting one as more important than the other. But it's a mistake to consider information security as a series of silos when it's actually an intersection of different areas. That overlap is most evident with application and endpoint security.For Jeremiah Grossman, the new chief security strategist at security vendor Sentinel One, application security and endpoint security are just different steps in the kill chain. As the founder and former CTO of the consultancy WhiteHat Security, Grossman has been the go-to-expert for web application security for years, and his new focus on endpoint security at Sentinel One does not mean that he has given up on securing web applications.To read this article in full or to leave a comment, please click here

0

What security pros can learn from the networking team

No need to fightImage by Flickr/Peretz Partensky/REMIXEDIt's a familiar scenario: your security team wants—needs—to lock down part of your enterprise's network. And yet the network team resists you at every turn. Don't they understand that security is paramount? Do they want to get hacked?To read this article in full or to leave a comment, please click here

0

How to contract for outsourcing agile development

Agile software development methodologies are hardly new. But figuring out a way to adequately contract for them in IT outsourcing deal is.“Under traditional contracting approaches, there is an assumption that the development team can define, with some specificity, the ultimate ‘thing’ to be created supported by a detailed project plan and key milestones tied to client acceptance and financial payment triggers,” says Derek J. Schaffner, attorney in the Washington, D.C. office of law firm Mayer Brown. “These concepts are very easy to memorialize in a development agreement due to the linear nature of a traditional software development approach that commences with detailed planning, followed by design, coding, testing and deployment.”To read this article in full or to leave a comment, please click here

0

IDG Contributor Network: Videoconferencing leaks get plugged

Trade secret leaks through videoconference camera angles are about to become a thing of the past, according to scientists at Duke University.The researchers there say they’ve developed a system that will block camera shots that include confidential information, such as whiteboard presentations. The blocking advantage being that one will no longer have to carefully sweep an office backdrop for secrets, or disable the camera even, before placing or receiving videoconference calls—the call can simply be placed.Duke’s under-development system also works for smartphone camera shots of receipts, say, for expense accounting.To read this article in full or to leave a comment, please click here

0

Thwarting APT Attacks

0

Typical SDN Architectures

Now that we know which definitions of SDN make no sense (and which one might) let’s see what a typical architecture of an SDN solution might look like.

I described some of them in the SDN 101 webinar, for more details watch the SDN Architectures and Deployment Guidelines webinar.

0

HPE has won $3 billion in a lawsuit against Oracle

Hewlett Packard Enterprise has been awarded $3 billion in a lawsuit it brought against Oracle five years ago over a now largely forgotten Intel processor.The two sides had been fighting over Oracle's decision to stop developing versions of its software for Intel's Itanium, a server chip that never found much success in the market. After the jury verdict Thursday, Oracle said it planned to appeal.It's Oracle's second big court loss in as many months. In May, a jury rejected Oracle's claim that Google infringed its copyright when it copied parts of Java into Android. Oracle was seeking nearly $9 billion in that case. It plans to appeal that outcome, too.To read this article in full or to leave a comment, please click here