How to prepare for (and prevent) ransomware attacks

You've likely heard all about "crypto ransomware," or simply "ransomware," a specific type of malware that attempts to hold your digital existence hostage by encrypting personal files and then offering decryption keys in exchange for payment. When the malware first takes root, it shows no outward signs that anything is wrong. Only after the malware does its nefarious work in the background are you presented with the ransom, typically via demands for Bitcoin or other forms of digital currency.Some early ransomware was riddled with software bugs that made it possible to recover encrypted files that had been held hostage, but newer variants that use robust symmetric and asymmetric encryption are much more troublesome. (Symmetric encryption is typically used to rapidly scramble files, and the asymmetric encryption can then be applied to the original symmetric keys so data can only be recovered by cybercriminals with the appropriate private keys.)To read this article in full or to leave a comment, please click here

BYOD can pose privacy risks to employees

Companies that use remote device management software to oversee employee devices used for business have the ability to collect a lot more information than employees may be comfortable with, according to a report released today."The intent of these MDM solutions is not to spy on employees, but to monitor for things like malware and general security," said Salim Hafid, product manager at Bitglass, which produced the report.But if the company wants to, these tools provide the ability to do a lot more, he said. That includes seeing where the phone is located, what apps are on the phone, and even what websites the user was accessing.To read this article in full or to leave a comment, please click here

BYOD can pose privacy risks to employees

Companies that use remote device management software to oversee employee devices used for business have the ability to collect a lot more information than employees may be comfortable with, according to a report released today."The intent of these MDM solutions is not to spy on employees, but to monitor for things like malware and general security," said Salim Hafid, product manager at Bitglass, which produced the report.But if the company wants to, these tools provide the ability to do a lot more, he said. That includes seeing where the phone is located, what apps are on the phone, and even what websites the user was accessing.To read this article in full or to leave a comment, please click here

Rethinking The WAN

The traditional wide area network is complicated and costly, buy it doesn't have to be that way. In this episode of Network Matters with Ethan Banks, learn about new software-defined technologies, called SD-WAN, that allow you to leverage Internet-based connectivity with the same benefits as a private WAN.

Google Fiber will add urban coverage and wireless by acquiring Webpass

Google Fiber is acquiring Internet service provider Webpass to be able to increase its urban coverage quickly and offer customers a combination of fiber and wireless delivery of high-speed Internet. For Google Fiber, which has typically worked with cities in planning and building a fiber network from scratch, the acquisition will give the Alphabet business a headstart in many markets, particularly in dense urban areas. The financial terms of the acquisition were not disclosed. Google did not immediately comment on the acquisition. Webpass in San Francisco owns and operates its Ethernet network, thus removing its dependence on phone and cable companies. It has operations in San Francisco, Oakland, Emeryville, Berkeley, San Diego, Miami, Miami Beach, Coral Gables, Chicago and Boston. The company offers business connections from 10 to 1,000 Mbps and to residential customers service from 100 Mbps to 1Gbps.To read this article in full or to leave a comment, please click here

Google Fiber will add urban coverage and wireless by acquiring Webpass

Google Fiber is acquiring Internet service provider Webpass to be able to increase its urban coverage quickly and offer customers a combination of fiber and wireless delivery of high-speed Internet. For Google Fiber, which has typically worked with cities in planning and building a fiber network from scratch, the acquisition will give the Alphabet business a headstart in many markets, particularly in dense urban areas. The financial terms of the acquisition were not disclosed. Google did not immediately comment on the acquisition. Webpass in San Francisco owns and operates its Ethernet network, thus removing its dependence on phone and cable companies. It has operations in San Francisco, Oakland, Emeryville, Berkeley, San Diego, Miami, Miami Beach, Coral Gables, Chicago and Boston. The company offers business connections from 10 to 1,000 Mbps and to residential customers service from 100 Mbps to 1Gbps.To read this article in full or to leave a comment, please click here

Career advice from the programming masters

As a career path, software development couldn't be hotter. Programming languages are proliferating and the U.S. Department of Labor's Bureau of Labor Statistics projects that demand for developers will grow at rate of 17 percent from 2014 to 2024 -- much faster than the 7 percent average for all occupations.To read this article in full or to leave a comment, please click here(Insider Story)

A look inside the Microsoft Local Administrator Password Solution

Windows administrators have a problem -- passwords. Specifically, administrator passwords that lurk out there, identical across machines, just ready to be compromised. But there is finally a solution at the right price that mitigates this problem almost completely. Interested? Let's dive in.The solutionTo read this article in full or to leave a comment, please click here(Insider Story)

A look inside the Microsoft Local Administrator Password Solution

Windows administrators have a problem -- passwords. Specifically, administrator passwords that lurk out there, identical across machines, just ready to be compromised. But there is finally a solution at the right price that mitigates this problem almost completely. Interested? Let's dive in.The scenario The issue at hand is simple: Every Windows NT-based box, as far back as Windows 2000 and up to Windows 10, including all of the server releases, has a local administrator account. This account, sometimes called the "500" account after the group ID number it has within the bowels of the Windows operating system, has full control over the machine on which it is located. It does not by default have any domain privileges. (Domain administrator accounts, of course, also have by default full control over local machines that are members of the domain -- but this can generally be scoped to a more limited set of permissions if necessary.)To read this article in full or to leave a comment, please click here(Insider Story)

A look inside the Microsoft Local Administrator Password Solution

Windows administrators have a problem -- passwords. Specifically, administrator passwords that lurk out there, identical across machines, just ready to be compromised. But there is finally a solution at the right price that mitigates this problem almost completely. Interested? Let's dive in.The solutionTo read this article in full or to leave a comment, please click here(Insider Story)

More code deploys means fewer security headaches

Organizations with high rates of code deployments spend half as much time fixing security issues as organizations without such frequent code updates, according to a newly released study.In its latest annual state-of-the-developer report, Devops software provider Puppet found that by better integrating security objectives into daily work, teams in "high-performing organizations" build more secure systems. The report, which surveyed 4,600 technical professionals worldwide, defines high IT performers as offering on-demand, multiple code deploys per day, with lead times for changes of less than one hour. Puppet has been publishing its annual report for five years.To read this article in full or to leave a comment, please click here

More code deploys means fewer security headaches

Organizations with high rates of code deployments spend half as much time fixing security issues as organizations without such frequent code updates, according to a newly released study.In its latest annual state-of-the-developer report, Devops software provider Puppet found that by better integrating security objectives into daily work, teams in "high-performing organizations" build more secure systems. The report, which surveyed 4,600 technical professionals worldwide, defines high IT performers as offering on-demand, multiple code deploys per day, with lead times for changes of less than one hour. Puppet has been publishing its annual report for five years.To read this article in full or to leave a comment, please click here

Use the freakin’ debugger

This post is by a guy who does "not use a debugger". That's stupid. Using a friendly source-level debugger (Visual Studio, XCode, Eclipse) to step line-by-line through working code is what separates the 10x programmers from the wannabes. Yes, it's a bit of a learning hurdle, and creating "project" files for small projects is a bit of a burden, but do it. It'll vastly improve your coding skill.

That post quotes people like Rob Pike saying that stepping line-by-line is a crutch, that instead you should be able to reason about code. And that's true, if you understand what you are doing completely.

But in the real world, you never do. Programmers are constantly forced to stretch and use unfamiliar languages. Worse yet, they are forced to use unfamiliar libraries. Documentation sucks, there's no possible way to understand APIs than to step through code -- either watching the returned values, or compiling their source and stepping into it.

As an experienced programmer, it's true I often don't step through every line. The lines I understand completely, the ones I can fully reason about, I don't bother. But the programmer spends only a small percentage of their time on things Continue reading

Intel, SAP, other tech companies pledge to get more inclusive in hiring

Intel, SAP, Lyft, Spotify and VMware are among over 30 Silicon Valley companies that on Wednesday signed a pledge that they would take action to make their technology workforce "fully representative of the American people, as soon as possible."The absence of diversity in the tech industry in Silicon Valley was highlighted about two years ago by civil rights leader Rev. Jesse Jackson, who pressed some companies to release data on their employment of Blacks, Hispanics and women. Many tech companies like Google and Intel released data but it was found that their workforce was predominantly male and white.Under pressure from Jackson to set specific goals, some companies announced their plans for promoting inclusion. Intel, for example, made a pledge to invest US$300 million on diversity and inclusion and announced a goal to reach full representation of women and underrepresented minorities in its U.S. workforce by 2020. Google also announced a $150 million expenditure to get more women and other minorities into the tech industry.To read this article in full or to leave a comment, please click here

Optimize Your Data Center: Reduce the Number of Uplinks

Remember our journey toward two-switch data center? So far we:

Time for the next step: read a recent design guide from your favorite hypervisor vendor and reduce the number of server uplinks to two.

Not good enough? Building a bigger data center? There’s exactly one seat left in the Building Next Generation Data Center online course.

Watch the video

Microsoft helps troubleshoot Windows 10 activation with new beta

As Microsoft hurtles towards the release of its major Windows 10 Anniversary Update, the company has introduced a tool that's supposed to help PC owners resolve problems with activating the operating system on their computers.Microsoft has a complex system in place to ensure people are using a copy of Windows that hasn't been pirated. But that system sometimes gets too aggressive and ends up dinging people with authorized copies of Windows. The new Activation Troubleshooter is supposed to help. It should make it easier for people to reactivate their computers after changing hardware, such as swapping out their motherboard or hard drive.To read this article in full or to leave a comment, please click here

Independence from L2 Data Centers

We’ve all been there. That “non-disruptive” maintenance window that should “only be a blip”. You sit down at the terminal at 10pm expecting that adding a new server to the MLAG domain or upgrading a single switch will be a simple process, only to lose the rack of dual-attached servers and spend the rest of your Thursday night frantically trying to bring the cluster back online.

If I never spend another evening troubleshooting an outage caused by MLAG, I’ll die happy!

While MLAG provides higher availability than single attaching or a creating multi-port bond to a single switch, it comes with the cost of a delicate balancing act. What if there was a way to provide redundancy without MLAG’s fragility and its risk to maintenance windows?

We at Cumulus Networks have seen many of our customers solve these problems by leveraging Cumulus Quagga, our enhanced version of the routing suite, on their server hosts, so we’ve decided to call it Routing on the Host and make it broadly available for download.

By leveraging the routing protocols OSPF or BGP all the way to the server, we can resolve that MLAG problem once and for all.

Figure-1--MLAG-Topology-Vs-All-Routed-Topology

Over the last five years, Continue reading

1 2,876 2,877 2,878 2,879 2,880 3,849