Zenly + Docker 1.12 + 1M teenagers

Zenly is a mobile app that helps you locate your friends in real time. Recently the Zenly app reached the million registered users mark — and half of them signed up in the last three months.

In the words of Steeve Morin, VP Engineering of Zenly, “Behold, the power of teenagers.”

zenlyThe rapid growth in users, traffic and data points generated posed new challenges for the Zenly team.

As one of the early users of Docker 1.12, the Zenly team shared their experience during the keynote presentation at DockerCon US 2016 in Seattle.

Here is the story as told by Steeve, JB Daildo and Corentin Kerisit:

 

The sudden growth of traffic has been both amazing and a real challenge to scale, not on our production stack, but our analytics pipeline as our app started to generate half a billion events a day and counting. Our analytics stack was starting to experience failures due to scaling issues, the costs were rising with how we were running the cluster in the cloud and our 6 person team was challenged in supporting it while also building, scaling and supporting the Zenly app.

What we wanted was to Continue reading

Real-time BGP route analytics

The diagram shows how sFlow-RT real-time analytics software can combine BGP route information and sFlow telemetry to generate route analytics. Merging sFlow traffic with BGP route data significantly enhances both data streams:
  1. sFlow real-time traffic data identifies active BGP routes
  2. BGP path attributes are available in flow definitions
The following example demonstrates how to configure sFlow / BGP route analytics. In this example, the switch IP address is 10.0.0.253, the router IP address is 10.0.0.254, and the sFlow-RT address is 10.0.0.162.

Setup

First download sFlow-RT. Next create a configuration file, bgp.js, in the sFlow-RT home directory with the following contents:
var reflectorIP  = '10.0.0.254';
var myAS         = '65162';
var myID         = '10.0.0.162';
var sFlowAgentIP = '10.0.0.253';

// allow BGP connection from reflectorIP
bgpAddNeighbor(reflectorIP,myAS,myID);

// direct sFlow from sFlowAgentIP to reflectorIP routing table
// calculate a 60 second moving average byte rate for each route
bgpAddSource(sFlowAgentIP,reflectorIP,60,'bytes');
The following sFlow-RT System Properties load the configuration file and enable BGP:
  • script.file=bgp.js
  • bgp.start=yes
Start sFlow-RT and the following log lines will confirm that BGP has been enabled and configured:
 Continue reading

Brown University offers Ivy League CISO creds

Freshly minted CISOs as well as other mid-career professionals with a need for a broad grounding in cybersecurity can get an advanced degree in the topic through a new program at Brown University. The Executive Master in Cybersecurity set to launch in October is a 16-month program to instruct students in technology, law and policy, human behavior, and leadership-skills development. “What the industry is crying out for is interdisciplinary training,” says Alan Usas, the program director. The idea is to prepare cybersecurity leaders who not only understand the technical needs of protecting data and privacy but who can also talk effectively to the boards of directors about these issues in a way that nets results for security and for business goals, he says.To read this article in full or to leave a comment, please click here

Brown University offers Ivy League CISO creds

Freshly minted CISOs as well as other mid-career professionals with a need for a broad grounding in cybersecurity can get an advanced degree in the topic through a new program at Brown University.The Executive Master in Cybersecurity set to launch in October is a 16-month program to instruct students in technology, law and policy, human behavior, and leadership-skills development. “What the industry is crying out for is interdisciplinary training,” says Alan Usas, the program director.The idea is to prepare cybersecurity leaders who not only understand the technical needs of protecting data and privacy but who can also talk effectively to the boards of directors about these issues in a way that nets results for security and for business goals, he says.To read this article in full or to leave a comment, please click here

Hackers are coming for your healthcare records — here’s why

Data stolen from a bank quickly becomes useless once the breach is discovered and passcodes are changed. But data from the healthcare industry, which includes both personal identities and medical histories, can live a lifetime.Cyberattacks will cost hospitals more than $305 billion over the next five years and one in 13 patients will have their data compromised by a hack, according to industry consultancy Accenture. Accenture And a study by the Brookings Institution predicts that one in four data breaches this year will hit the healthcare industry.To read this article in full or to leave a comment, please click here

Hackers are coming for your healthcare records — here’s why

Data stolen from a bank quickly becomes useless once the breach is discovered and passcodes are changed. But data from the healthcare industry, which includes both personal identities and medical histories, can live a lifetime.Cyberattacks will cost hospitals more than $305 billion over the next five years and one in 13 patients will have their data compromised by a hack, according to industry consultancy Accenture. Accenture And a study by the Brookings Institution predicts that one in four data breaches this year will hit the healthcare industry.To read this article in full or to leave a comment, please click here

Jeremiah Grossman: Focus on ransomware, SDLC, and endpoints

With so many elements in information security -- application, network infrastructure, the endpoint, perimeter defenses, and data-centric approaches -- it's easy to fall in the trap of touting one as more important than the other. But it's a mistake to consider information security as a series of silos when it's actually an intersection of different areas. That overlap is most evident with application and endpoint security.For Jeremiah Grossman, the new chief security strategist at security vendor Sentinel One, application security and endpoint security are just different steps in the kill chain. As the founder and former CTO of the consultancy WhiteHat Security, Grossman has been the go-to-expert for web application security for years, and his new focus on endpoint security at Sentinel One does not mean that he has given up on securing web applications.To read this article in full or to leave a comment, please click here

What security pros can learn from the networking team

No need to fightImage by Flickr/Peretz Partensky/REMIXEDIt's a familiar scenario: your security team wants—needs—to lock down part of your enterprise's network. And yet the network team resists you at every turn. Don't they understand that security is paramount? Do they want to get hacked?To read this article in full or to leave a comment, please click here

How to contract for outsourcing agile development

Agile software development methodologies are hardly new. But figuring out a way to adequately contract for them in IT outsourcing deal is.“Under traditional contracting approaches, there is an assumption that the development team can define, with some specificity, the ultimate ‘thing’ to be created supported by a detailed project plan and key milestones tied to client acceptance and financial payment triggers,” says Derek J. Schaffner, attorney in the Washington, D.C. office of law firm Mayer Brown. “These concepts are very easy to memorialize in a development agreement due to the linear nature of a traditional software development approach that commences with detailed planning, followed by design, coding, testing and deployment.”To read this article in full or to leave a comment, please click here

IDG Contributor Network: Videoconferencing leaks get plugged

Trade secret leaks through videoconference camera angles are about to become a thing of the past, according to scientists at Duke University.The researchers there say they’ve developed a system that will block camera shots that include confidential information, such as whiteboard presentations. The blocking advantage being that one will no longer have to carefully sweep an office backdrop for secrets, or disable the camera even, before placing or receiving videoconference calls—the call can simply be placed.Duke’s under-development system also works for smartphone camera shots of receipts, say, for expense accounting.To read this article in full or to leave a comment, please click here

HPE has won $3 billion in a lawsuit against Oracle

Hewlett Packard Enterprise has been awarded $3 billion in a lawsuit it brought against Oracle five years ago over a now largely forgotten Intel processor.The two sides had been fighting over Oracle's decision to stop developing versions of its software for Intel's Itanium, a server chip that never found much success in the market. After the jury verdict Thursday, Oracle said it planned to appeal.It's Oracle's second big court loss in as many months. In May, a jury rejected Oracle's claim that Google infringed its copyright when it copied parts of Java into Android. Oracle was seeking nearly $9 billion in that case. It plans to appeal that outcome, too.To read this article in full or to leave a comment, please click here

Tesla’s autopilot is being investigated after a fatal crash

Federal regulators are investigating Tesla's autopilot feature after a fatal crash involving a tractor trailer and one of its Model S cars.The U.S. National Highway Traffic Safety Administration opened the investigation after a man was killed while driving a Model S with the self-driving mode engaged."This is the first known fatality in just over 130 million miles where Autopilot was activated," Tesla said in a statement Thursday. It called the incident a "tragic loss."The car was on a divided highway when a tractor trailer made a left turn in front of the Tesla at an intersection. "Neither Autopilot nor the driver noticed the white side of the tractor trailer against a brightly lit sky, so the brake was not applied," Tesla said.To read this article in full or to leave a comment, please click here

This mobile Trojan from China fills your phone with porn apps

Malware that secretly installs porn apps on your phone is infecting devices by the millions, becoming the world’s largest mobile Trojan.The malware, called "Hummer," is a family of Trojans that imitate Android apps before striking, according to Cheetah Mobile, a maker of security and utility apps.The company’s researchers have been tracking Hummer since 2014. It's been infecting more than 1 million devices per day, far outpacing other kinds of mobile Trojans, the company said in a post on Wednesday.India, Indonesia, Turkey, China and Mexico are the top five countries where the Trojan has been spreading the most, but it's also hit victims in the U.S. and Europe.To read this article in full or to leave a comment, please click here

This mobile Trojan from China fills your phone with porn apps

Malware that secretly installs porn apps on your phone is infecting devices by the millions, becoming the world’s largest mobile Trojan.The malware, called "Hummer," is a family of Trojans that imitate Android apps before striking, according to Cheetah Mobile, a maker of security and utility apps.The company’s researchers have been tracking Hummer since 2014. It's been infecting more than 1 million devices per day, far outpacing other kinds of mobile Trojans, the company said in a post on Wednesday.India, Indonesia, Turkey, China and Mexico are the top five countries where the Trojan has been spreading the most, but it's also hit victims in the U.S. and Europe.To read this article in full or to leave a comment, please click here

Eyefi leaves some card owners stranded, highlighting IoT hazards

Older networked flash cards from Eyefi will become the next IoT devices to effectively die in consumers’ hands when the company cuts off support for older models in September.Eyefi's cards store data like other SD cards but also include a Wi-Fi radio so users can send photos straight from a camera to their laptop or phone. When Eyefi's first card went on sale in 2007, it already had some of the qualities of what’s now called an IoT device: It was remarkably small and had no display but could connect to a local network or the Internet over the air.The products are also tied into a cloud-based service, which they usually rely on to get configured each time they’re used. Important functions of the device don’t work without a service that has to be maintained throughout the life of the product.To read this article in full or to leave a comment, please click here

DNC hacker Guccifer 2.0 denies Russian links and mocks security firms

The hacker who claims to have breached the Democratic National Committee’s networks is trying to beat back accusations that he’s linked with the Russian government.The intrusion, which stole confidential files from the DNC, was his “personal project,” hacker Guccifer 2.0 said in a Thursday blog post.Security firms and the DNC may be trying to blame the attack on Russia, but “they can prove nothing!” Guccifer 2.0 added.“All I hear is blah-blah-blah, unfounded theories, and somebody’s estimates,” he wrote.Guccifer 2.0 appeared on the web just a day after the DNC revealed it had been hacked. To prove he was behind the breach, the hacker began posting the files he stole. This included opposition research on presidential candidate Donald Trump, along with donor lists and foreign policy files. To read this article in full or to leave a comment, please click here

1 2,860 2,861 2,862 2,863 2,864 3,852