CFAA anti-hacking law applies to using shared password, appeals court said

Millions of Americans willingly share passwords with family or friends to access devices or accounts, but the Ninth Circuit Court of Appeals said using a willingly shared password is covered under the anti-hacking Computer Fraud and Abuse Act (CFAA).After previously being found guilty of violating the CFAA, David Nosal appealed because he doesn't believe he actually hacked his former employer, Korn/Ferry. Instead, he gained access through passwords that other employees voluntarily shared with him after he left the company and his credentials were revoked.But in a 2-1 decision, the federal appeals court may have set a dangerous precedent that could ultimately affect millions of Americans who use a willingly shared password. Password sharing was not allowed by Korn/Ferry, so Circuit Judge Margaret McKeowin wrote (pdf) that Nosal had acted “without authorization” and, therefore, falls under the CFAA.To read this article in full or to leave a comment, please click here

CFAA anti-hacking law applies to using shared password, appeals court said

Millions of Americans willingly share passwords with family or friends to access devices or accounts, but the Ninth Circuit Court of Appeals considered using a willingly shared password to be covered under the anti-hacking Computer Fraud and Abuse Act (CFAA) law.After previously being found guilty, David Nosal appealed since he believed he should not have been found guilty of CFAA as he didn’t actually hack his former employer, Korn/Ferry. Instead, he gained access through passwords that had been voluntarily shared with him by other employees after he left the company and his credentials were revoked.But in a 2-1 decision, the federal appeals court may have set a dangerous precedent which could ultimately affect millions of Americans who use a willingly shared password. Password-sharing was not allowed by Korn/Ferry, so Circuit Judge Margaret McKeowin wrote (pdf) that Nosal had acted “without authorization” and therefore falls under the CFAA.To read this article in full or to leave a comment, please click here

DockerCon 2016 Videos: Docker, Docker, Docker track

We are excited to share the videos and slides from the Docker, Docker, Docker track at DockerCon 2016!

Note that the following sessions videos from the Docker, Docker, Docker track have already been published in previous blog post:

Check out the videos (and slides) from the remaining sessions below!

Continue reading

Worth Reading: The great 21st century data rush

In the digital age, data is currency and information is the energy that drives the 21st century economy. Today, 46.1 percent of the world’s population is online. These 3.4 billion Internet users collectively generate a significant amount of commercial and personal data that can be stored, collated, and analyzed. This data is the lifeline that charts users’ online identities: it can also be monetized by Internet service providers, social media platforms, and end user applications. As a necessary corollary, control over data and the flow of information has become highly politicized. One who controls this data retains the power to shape the global geopolitical order. -Lawfare

LinkedInTwitterGoogle+Facebook

The post Worth Reading: The great 21st century data rush appeared first on 'net work.

Machine Learning Driven Programming: A New Programming for a New World

 

If Google were created from scratch today, much of it would be learned, not coded. Around 10% of Google's 25,000 developers are proficient in ML; it should be 100% -- Jeff Dean

Like the weather, everybody complains about programming, but nobody does anything about it. That’s changing and like an unexpected storm the change comes from an unexpected direction: Machine Learning / Deep Learning.

I know, you are tired of hearing about Deep Learning. Who isn’t by now? But programming has been stuck in a rut for a very long time and it's time we do something about it.

Lots of silly little programming wars continue to be fought that decide nothing. Functions vs objects; this language vs that language; this public cloud vs that public cloud vs this private cloud vs that ‘fill in the blank’; REST vs unrest; this byte level encoding vs some different one; this framework vs that framework; this methodology vs that methodology; bare metal vs containers vs VMs vs unikernels; monoliths vs microservices vs nanoservices; eventually consistent vs transactional; mutable vs immutable; DevOps vs NoOps vs SysOps; scale-up vs scale-out; centralized vs decentralized; single threaded vs massively parallel; sync vs async. And so Continue reading

9 best technology jobs in the U.S.

The best tech jobs in 2016Image by ThinkstockComputers, smartphones, tablets, e-readers -- technology touches every aspect of our daily lives. It facilitates business, communication, travel, entertainment and healthcare, just to name a few, and the industry boasts high salaries and low unemployment rates. The U.S. Bureau of Labor Statistics predicts that technology jobs will grow at a rate of 12 percent this decade, almost twice the growth rate of jobs growth overall. Here, based on the number of projected jobs from 2014 to 2024, the median salary and the unemployment rate are the nine best technology jobs as ranked by US News & World Report. 1. Computer systems analystImage by ThinkstockTo read this article in full or to leave a comment, please click here

Finding, retaining IT talent still a struggle

What's the biggest threat to IT organizations today? According to global human resources and staffing solutions firm Randstad Technologies' 2016 Workplace Trends Report, it's the scarcity of skilled talent and an increasingly competitive landscape in which to attract and hire that talent.Of the 2,004 hiring managers and hiring decision makers surveyed between November and December 2015, 55 percent say finding the skilled talent they need is the biggest threat to meeting their revenue or business performance targets in 2016."These results validated for us what we already suspected -- there's absolutely a skills shortage, the war for talent is real, and it's having a corresponding effect on ROI and productivity and on companies' bottom line," says Bob Dickey, group president, technology and engineering, Randstad U.S.To read this article in full or to leave a comment, please click here

Spending on public cloud IT infrastructure to hit $23.3 billion

The first quarter of 2016 may have shown some softness in hyperscale cloud service provider (CSP) demand for IT infrastructure products for deployment in cloud environments — server, enterprise storage and Ethernet switches — but it's coming back with a vengeance in the second half, according to the latest forecast from IDC).The IDC Worldwide Quarterly Cloud IT Infrastructure Tracker, released yesterday, forecasts that total spending on IT infrastructure products for deployment in cloud environments will hit $37.1 billion in 2016, an increase of 15.5 percent. IDC forecasts that spending on public cloud IT infrastructure, in particular, will increase by 18.8 percent in 2016 to $23.3 billion.To read this article in full or to leave a comment, please click here

Amazon’s amazingly wasteful packaging

“Why did they come in such a big box,” asks my 14-year-old daughter, Emma, who is hopeful she won’t need them – special dental flossers for kids who wear braces – beyond summer’s end. But she needs them now and none were available at my local grocery or two pharmacies, so, I had resorted to Amazon. Two days later, a box big enough to hold a DVD player lands on our doorstep carrying two tiny packages of 24 flossers, the pair wrapped tightly together in more Amazon plastic. The box measures 15.5 by 13 by 3.5 inches.To read this article in full or to leave a comment, please click here

Network, host, and application monitoring for Amazon EC2

Microservices describes how visibility into network traffic is the key to monitoring, managing and securing applications that are composed of large numbers of communicating services running in virtual machines or containers.

Amazon Virtual Private Cloud (VPC) Flow Logs can be used to monitor network traffic:
However, there are limitations on the types of traffic that are logged, a 10-15 minute delay in accessing flow records, and costs associated with using VPC and storing the logs in CloudWatch (currently $0.50 per GB ingested, $0.03 per GB archived per month, and possible addition Data Transfer OUT charges).

In addition, collecting basic host metrics at 1 minute granularity using CloudWatch is an additional $3.50 per instance per month.

The open source Host sFlow agent offers an alternative:
  1. Lightweight, requiring minimal CPU and memory on EC2 instances.
  2. Real-time, up to the second network visibility
  3. Efficient, export of extensive set of host metrics every 10-60 seconds (configurable).
This article will demonstrate how to install Host sFlow on an Amazon Linux instance:
$ cat /etc/issue
Amazon Linux AMI release 2016.03
The following commands build the latest Continue reading

Tetris comes to Megaprocessor

The game Tetris has gone through many configurations over its 30-plus years in existence (including on an MIT building in in a pumpkin), but perhaps none is more impressive than a Cambridge, England man's version running on a giant homemade computer.The BBC reports on James Newman, who has been building his 33-foot wide, 6-foot high Megaprocessor since 2012, and has shared a series of Youtube videos about the project, including a demo of the behemoth running Tetris.To read this article in full or to leave a comment, please click here

21% off SentrySafe Fire-Safe Waterproof File Storage Box – Deal Alert

Where do you store your most important CD's, DVD's, USB drives and documents? Are they protected from fire and water damage, if that "worst-case scenario" actually happens? SentrySafe's HD4100CG storage box is UL classified with 1/2-hour fire protection and ETL verified 1/2 hour fire protection for CD's, DVD's, USB drivers and memory sticks up to 1550F. It’s also ETL verified waterproof. It measures roughly 11x8 with a 9-inch depth. It currently averages 4.5 out of 5 stars on Amazon from over 300 customers (read reviews) and its list price of $85 has been reduced by 21% to $68. See the discounted SentrySafe HD4100CG Fire-Safe Waterproof File now on Amazon.To read this article in full or to leave a comment, please click here

21% off SentrySafe Fire-Safe Waterproof File Storage Box – Deal Alert

Where do you store your most important CD's, DVD's, USB drives and documents? Are they protected from fire and water damage, if that "worst-case scenerio" actually happens? SentrySafe's HD4100CG storage box is UL classified with 1/2-hour fire protection and ETL verified 1/2 hour fire protection for CD's, DVD's, USB drivers and memory sticks up to 1550F. It’s also ETL verified waterproof. It measures roughly 11x8 with a 9-inch depth. It currently averages 4.5 out of 5 stars on Amazon from over 300 customers (read reviews) and its list price of $85 has been reduced by 21% to $68. See the discounted SentrySafe HD4100CG Fire-Safe Waterproof File now on Amazon.To read this article in full or to leave a comment, please click here

New Tor-powered backdoor program targets Macs

Security researchers have found a new backdoor program that allows attackers to hijack Mac systems and control them over the Tor network.The new malware has been dubbed Backdoor.MAC.Eleanor by researchers from antivirus vendor Bitdefender and is distributed as a file converter application through reputable websites that offer Mac software.The rogue application is called EasyDoc Converter. Once installed it displays a fake interface where users can supposedly drag and drop files for conversion, but which in reality doesn't do anything.In the background, the application executes a shell script that installs multiple malicious components in a folder called “/Users/$USER/Library/.dropbox." The Dropbox name is used to make the malware harder to spot and has nothing to do with the legitimate Dropbox file synchronization software.To read this article in full or to leave a comment, please click here

New Tor-powered backdoor program targets Macs

Security researchers have found a new backdoor program that allows attackers to hijack Mac systems and control them over the Tor network.The new malware has been dubbed Backdoor.MAC.Eleanor by researchers from antivirus vendor Bitdefender and is distributed as a file converter application through reputable websites that offer Mac software.The rogue application is called EasyDoc Converter. Once installed it displays a fake interface where users can supposedly drag and drop files for conversion, but which in reality doesn't do anything.In the background, the application executes a shell script that installs multiple malicious components in a folder called “/Users/$USER/Library/.dropbox." The Dropbox name is used to make the malware harder to spot and has nothing to do with the legitimate Dropbox file synchronization software.To read this article in full or to leave a comment, please click here

Solarwinds Geek Speak

I’m sharing some articles I wrote on the Solarwinds Geek Speak blog.  I recommend you start with the 80/20 rule below post below before reading through the rest.

A disclaimer: Solarwinds didn’t ask me to promote these posts –  I’m sharing them because they’re posts I would have otherwise published on this blog.

Add a comment below if anything strikes a chord, or if you want to disagree, correct me, etc.

The post Solarwinds Geek Speak appeared first on NetworkSherpa.

Google buys sneaker-scanning machine learning company Moodstocks

Someone at Google really likes sneakers: The company has just bought a French machine learning startup that taught a computer how to recognize 15,000 different types of them.Paris-based Moodstocks builds image and object recognition software using deep learning techniques, and offered an Android app and visual search API that could recognize certain kinds of object. By analyzing video from a smartphone camera, and correlating it with accelerometer readings to determine how the camera is moving around, the software is able to infer information about the three-dimensional shape of objects in the video, facilitating their recognition.In February 2015 the company demonstrated its ability to identify sneakers through its app. Three months later, after training the software using 15,000 photos of shoes from an online retailer's website, Moodstocks claimed to be able to shop online for all the sneakers on sale in a Macy's store.To read this article in full or to leave a comment, please click here

1 2,854 2,855 2,856 2,857 2,858 3,854