NetworkingNexus.net

July 2016 Patch Tuesday: Microsoft releases 11 security updates, 6 rated critical

For July, Microsoft released 11 security bulletins, six of which were rated critical due to remote code execution (RCE) vulnerabilities.CriticalMS16-084 is the cumulative patch for Internet Explorer, fixing a plethora of RCE problems that an attacker could exploit if a victim viewed a maliciously crafted webpage using IE. The security update also addresses spoofing vulnerabilities, security feature bypass and information disclosure flaws.MS16-085 is the monthly cumulative security update for Microsoft’s Edge browser. The most severe vulnerabilities could allow RCE. The patch also resolves security feature bypass issues, information disclosure problems and many memory corruption flaws.To read this article in full or to leave a comment, please click here

July 2016 Patch Tuesday: Microsoft releases 11 security updates, 6 rated critical

Shifting the cost of security

If you deal with enterprise systems security, you likely have an idea what your annual expenditure for security and forensic security is. It’s huge. It’s a time and resource suck like few others. The licensing costs will vary, but they’re a considerable fraction of most organizations’ annual IT spend. Ready-made modular costs are platform-dependent. In Windows, it might be a framework from Symantec, Intel Security, or a host of others. Integration into Active Directory isn’t so much difficult as it is tedious. If you start or add Linux, the cost shifts towards any number of frameworks that require at least a moderate amount of labor costs in customization, maintenance and ongoing platform mods.To read this article in full or to leave a comment, please click here

Killing the password: FIDO says long journey will be worth it

The FIDO (formerly Fast Identity Online) Alliance is out to kill the password.It wouldn’t seem to be a tough sales job. There is little debate among security experts that passwords are a lousy, obsolete form of authentication.The evidence is overwhelming. Most people in spite of exhortations to use long, complicated passwords, to change them at least monthly and to avoid using the same one for multiple sites, don’t.The latest Verizon Data Breach Incident Report (DBIR) found that 63 percent of all data breaches involved the use of stolen, weak or default passwords.To read this article in full or to leave a comment, please click here

BGP Code Dive (3)

This week, I want to do a little more housekeeping before we get into actually asking questions of the bgp code. First there is the little matter of an editor. I use two different editors most of the time, Notepad++ and Atom.

Notepad++ is a lightweight, general purpose text editor that I use for a lot of different things, from writing things in XML, HTML, CSS, Python Javascript, C, and just about anything else. This is an open source project hosted on the Notepad++ web site with the code hosted at github.
Atom is a more GUI oriented “programmer’s editor.” This is a more full featured editor, going beyond basic syntax highlighting into projects, plugins that pull diffs in side by side windows, and the like. I don’t really have a build environment set up right now, so I don’t know how it would interact with compiled code, but I assume it would probably have a lot of the tricks I’m used to, like being able to trace calls through the code, etc. Atom is available here.

I haven’t actually chosen one or the other—I tend to use both pretty interchangeably, so you’re likely to see screen shots from Continue reading

GE’s Predix IoT Platform Will Be Available On Microsoft Azure

Predix on Azure will be available in Q2 2017.

More data, more data

"multas per gentes et multa per aequora" ¹

The life of a request to CloudFlare begins and ends at the edge. But the afterlife! Like Catullus to Bithynia, the log generated by an HTTP request or a DNS query has much, much further to go.

This post comes from CloudFlare's Data Team. It reports the state of processing these sort of edge logs, including what's worked well for us and what remains a challenge in the time since our last post from April 2015.

Numbers, sense

In an edge network, where HTTP and DNS clients connect to thousands of servers distributed across the world, the key is to distribute those servers across many carefully picked points of presence—and with over 80 PoPs, no network has better representation than CloudFlare. The reverse, however, has to happen for that network's logs. After anycast has scattered requests (and queries) to thousands of nodes at the edge, it's the Data Team's job to gather the resulting logs to a small number of central points and consolidate them for easy use by our customers.

logfwdr forwarded metrics, HTTP & DNS events per second, 2016-07-11

The charts above depict (with some artifacts due to counter resets) the total structured logs sent from the edge to one Continue reading

China loads up on chip technology with new ARM license

China already has the world's fastest computer with its homegrown chip, but the country hasn't stopped loading up on technology to make more of its own chips.ARM announced Tuesday it has licensed the ARMv8-A architecture to Huaxintong Semiconductor Technology, a joint venture between China's Guizhou province and a subsidiary of Qualcomm.The Chinese company will make ARM-based chipsets for servers in data centers. The small Guizhou province is considered a big data hub, and the province hosts 2.5 million servers, including some used by China's top telecom companies.To read this article in full or to leave a comment, please click here

Vertical Scaling Works for Bits and Bites

This is just to delicious a parallel to pass up.

Here we have Google building a new four story datacenter Scaling Up: Google Building Four-Story Data Centers:

And here we have a new vertical farm from AeroFarms:

Both have racks of consumables. One is a rack of bits, the other is a rack of bites. Both used to sprawl horizontally across huge swaths of land and now are building up. Both designs are driven by economic efficiency, extracting the most value per square foot. Both are expanding to meet increased demand. It's a strange sort of convergence.

IDG Contributor Network: Does ‘share-nothing’ NoSQL signal the end to system resources sharing?

Driven by the need to partition databases into independent data sets to facilitate concurrent data access, NoSQL databases have been at the forefront of the “share-nothing” resource movement. But if NoSQL’s share-nothing philosophy is correct, then how do you explain the explosive growth and acceptance of Linux containers that share resources on the same host and the clusters and data center operating systems that run over them?On the surface, these two movements appear to be at odds, but a deeper look shows merits for both.+ Also on Network World: Containers: Most developers still don’t understand how to use them +To read this article in full or to leave a comment, please click here

Is Wi-Fi finally ‘fast enough?’

Wi-Fi has become so ubiquitous over the past decade and a half that we talk about it – and complain about it – like it’s part of the weather. Be honest, average user – the first thing you think when your connection starts acting up is “damn it, what’s wrong with the Wi-Fi now?” But the degree to which Wi-Fi is likely to be the limiting factor for any given connection is shrinking. Wi-Fi has evolved quickly over the past few years, so much so that it can seem like wireless is outstripping wired networks in terms of raw capability. + ALSO ON NETWORK WORLD:Why one Cisco shop is willing to give Wi-Fi startup Mist a shot +To read this article in full or to leave a comment, please click here

Microsoft delays its Azure Stack software until mid-2017

Azure Stack, Microsoft's system for building private clouds that run the same software it uses in its public cloud, has been delayed until the middle of 2017, the company announced Tuesday.Microsoft has changed its strategy and will provide Azure Stack through integrated systems built by hardware partners, rather than allowing companies to deploy the software on any compatible hardware they choose. Microsoft has been pushing Azure Stack as a differentiator of its cloud platform compared to many of its competitors in the public cloud arena -- especially Amazon. The change came about because the company wants to give businesses prevalidated hardware to simplify deployments of Azure Stack, according to Mike Schutz, the general manager of product marketing for Microsoft's Server and Tools division. At launch, Microsoft will be working with Hewlett-Packard Enterprise, Dell, and Lenovo. To read this article in full or to leave a comment, please click here

Microsoft delays its Azure Stack software until mid-2017

Prime Deal: 46% off Segway miniPRO Personal Transporter, Now Shipping – Prime Deal Alert

Forget hoverboards. The Segway miniPRO is a smarter, stronger and safer personal transporter, UL 2272 Certified for the highest standards of electrical and fire safety requirements established by Underwriter Laboratories. The miniPRO has large air-filled tires suitable for almost any terrain. Its innovative knee bar makes steering easy and precise, and its powerful lithium-ion battery will take you up to 14 miles on a single charge at speeds of up to 10 miles per hour. Automatic head and tail-lights produce maximum visibility night or day, personalized from a spectrum of 16 million color variations. It comes with a full-featured app, available for iOS and Android, that lets you personalize your miniPRO, activate anti-theft features, control your miniPRO remotely, and much more. It's available to ship now, and its initial list price of $1,299 has been reduced to $699. See or buy it now on Amazon.To read this article in full or to leave a comment, please click here

Pokemon Go maker addresses Google account access scare

It looks like it's safe to go back into the Pokemon Gyms and PokeStops, as Pokemon Go maker Niantic has addressed concerns that it has unfettered access to Google accounts of those who signed up for the popular mobile game via their iOS devices.(Those who have signed up for Pokemon Go via the Pokemon Trainer Club weren't threatened with the security/privacy issue, but it has proven difficult for some to get through the crowded Trainer Club servers.)Niantic, looking to assuage fears that it can read/send from your Gmail account and dip into your Google Docs, has issued the following statement: Permissions update We recently discovered that the Pokémon GO account creation process on iOS erroneously requests full access permission for the user’s Google account. However, Pokémon GO only accesses basic Google profile information (specifically, your User ID and email address) and no other Google account information is or has been accessed or collected. Once we became aware of this error, we began working on a client-side fix to request permission for only basic Google profile information, in line with the data that we actually access. Google has verified that no other information has been received or Continue reading

Worth Reading: What makes a network architecture or design good?

The defining quality of good network architecture is elegance. Elegance as a word has an ethereal abstract quality that we liken to what makes an artwork beautiful. However the definition of elegance gives us a clue to what the real defining quality of network architecture and design is: Complexity. —route-spf.net

The post Worth Reading: What makes a network architecture or design good? appeared first on 'net work.

Moto G4 and G4 Plus: Phones continue to get better and cheaper

iPhones and cable TV have a lot in common: Consumers tend to buy more than they need. iPhones and the Android flagship phones have more features than an individual consumer will use—like cable TV has a lot of channels that an individual consumer won’t watch. Given the choice, consumers might shave their consumption of both and save a few hundred dollars to a thousand dollars a year.Compare the prices of Apple’s entry-level iPhone SE to the Moto G4 Plus. It’s not an apples-to-apples comparison, but an insightful one, nevertheless. The comparison is in a way apples to oranges. The iPhone SE has Apple’s powerful brand, an NFC chip for payments, and a glass and metal design. The G4 Plus, on the other hand, lacks the NFC chip and is has a mostly plastic exterior design. But the G4 Plus has a larger higher-resolution screen and its storage can be expanded with a microSD cards with as much as 128GB. Depending on the configuration of the Chinese-manufactured devices, the G4 Plus costs $150 to $200 less than the iPhone SE.To read this article in full or to leave a comment, please click here

DockerCon 2016: Videos from Microsoft, Cisco and IBM’s Sessions

Major thank you to our Diamond sponsor Microsoft and Platinum sponsors Cisco and IBM! Your continued support of DockerCon helps us organize an awesome conference for the Docker community.

We are excited to share with you the recordings from their sessions in the Ecosystem track. Microsoft’s session with Steve Lasker covered the container workflow. IBM’s Jason McGee and Chris Rosen talk about how to create production ready containers with IBM and Docker and Balaji Sivasubramanian discuss how Cisco covers the solution addressing the needs of enabling product-grade containerized applications.

Workflows for Developing, Debugging and Deploying Containerized Applications by Steve Lasker, Microsoft

Watch @Microsoft’s @SteveLasker discuss #container + orchestration + workflow dev at #DockerCon 2016
Click To Tweet

Enabling Production Grade Containerized Applications through Policy Based Infrastructure by Balaji Sivasubramanian, Cisco

#DockerCon: @balajisiva explains how @Cisco uses @Docker for #containerized apps in production
Click To Tweet

Production Ready Containers from IBM and Docker by Jason R McGee and Chris Rosen, IBM

#DockerCon: @jrmcgee & @ChrisRosen188 on running #containers in production with @Docker and @IBM
Click To Tweet

Lack of VC funding forces startups to think lean

Startups are typically at the mercy of venture capitalist funding, but as of the first quarter of 2016, VCs are pulling back on how quickly they hand over that much-needed funding. According to a report from Dow Jones VentureSource, funding for U.S. startups fell 25 percent from the previous quarter -- marking the largest quarterly decline since the dot-com bust in 2000.It's bad news for startups. As these small companies feel the pressure, they're forced to budget cuts, layoffs and buy-outs as a way to stay afloat amid limited funding. Startups will need to get strategic, says Al Stevenson, a principal with WinterWyman Executive Search's Technology practice.To read this article in full or to leave a comment, please click here

Offshore and cloud service providers upset IT outsourcing’s top tier

The most recent top 25 list of IT service providers from outsourcing analyst firm HfS Research leads with a couple of the usual suspects, with IBM and Accenture in the No. 1 and 2 spots, with 7.8 percent and 5.1 percent market shares, respectively.[ Related: 10 outsourcing trends to watch in 2016 ]But not far behind are India’s Tata Consultancy Services (TCS), at No. 5, offshore-centric Cognizant in 8th, and as-a-service Amazon Web Services (AWS) already in the No. 12 spot. HfS is calling it a “full-scale assault” on the traditional providers.To read this article in full or to leave a comment, please click here

« Previous 1 … 2,837 2,838 2,839 2,840 2,841 … 3,852 Next »