Worth Reading: Privacy is disappearing

So the main question raised by all this surveillance tech is how much we’re willing to risk loss of liberty for the sake of greater security. A saying often attributed to Benjamin Franklin has it: “Those who prefer security to liberty deserve neither.” Assuming that’s true, we need to come together as a polity to decide when to say “Enough!” to all the spying. Intellectual Takeout

LinkedInTwitterGoogle+Facebook

The post Worth Reading: Privacy is disappearing appeared first on 'net work.

Streaming telemetry

The OpenConfig project has been getting a lot of attention lately.  A number of large network operators, lead by Google, are developing "a consistent set of vendor-neutral data models (written in YANG) based on actual operational needs from use cases and requirements from multiple network operators."

The OpenConfig project extends beyond configuration, "Streaming telemetry is a new paradigm for network monitoring in which data is streamed from devices continuously with efficient, incremental updates. Operators can subscribe to the specific data items they need, using OpenConfig data models as the common interface."

Anees Shaikh's Network Field Day talk provides an overview of OpenConfig and includes an example that demonstrates how configuration and state are combined in a single YANG data model. In the example, read/write config attributes used to configure a network interface (name, description, MTU, operational state) are combined with the state attributes needed to verify the configuration (MTU, name, description, oper-status, last-change) and collect metrics (in-octets, in-ucast-pkts, in-broadcast-pkts, ...).

Anees positions OpenConfig streaming telemetry mechanism as an attractive alternative to polling for metrics using Simple Network Management Protocol (SNMP) - see Push vs Pull for a detailed comparison between pushing (streaming) and pulling (polling) metrics.

Streaming telemetry is Continue reading

IDG Contributor Network: Handle with care: IoT solutions help workers avoid back injuries

Over a million workers suffered back injuries last year, costing U.S. firms over $70 billion. A single incident can cost a firm over $6,000. Why are there so many back injuries? How can IoT help reduce injuries and expenses?The demand to work faster often causes bad lifting habits. Couple this with bad operations design, and you can see why there are so many back injuries. The Occupational Safety & Health Administration (OSHA) recommends ergonomic equipment and workflow design to reduce the physical demands on workers. To begin with, it helps to know which activities and equipment cause the most injuries to workers.To read this article in full or to leave a comment, please click here

Android gets patches for serious flaws in hardware drivers and media server

The June batch of Android security patches addresses nearly two dozen vulnerabilities in system drivers for various hardware components from several chipset makers. The largest number of critical and high severity flaws were patched in the Qualcomm video driver, sound driver, GPU driver, Wi-Fi driver, and camera driver. Some of these privilege escalation vulnerabilities could allow malicious applications to execute malicious code in the kernel leading to a permanent device compromise. Similar high-risk flaws were fixed in the Broadcom Wi-Fi driver, NVIDIA camera driver, and MediaTek power management driver. These vulnerabilities can give regular applications access to privileges or system settings that they shouldn't have. In some cases, the flaws allow kernel code execution, but only if the attacker compromises a different service first to communicate with the vulnerable driver.To read this article in full or to leave a comment, please click here

Android gets patches for serious flaws in hardware drivers and media server

The June batch of Android security patches addresses nearly two dozen vulnerabilities in system drivers for various hardware components from several chipset makers. The largest number of critical and high severity flaws were patched in the Qualcomm video driver, sound driver, GPU driver, Wi-Fi driver, and camera driver. Some of these privilege escalation vulnerabilities could allow malicious applications to execute malicious code in the kernel leading to a permanent device compromise. Similar high-risk flaws were fixed in the Broadcom Wi-Fi driver, NVIDIA camera driver, and MediaTek power management driver. These vulnerabilities can give regular applications access to privileges or system settings that they shouldn't have. In some cases, the flaws allow kernel code execution, but only if the attacker compromises a different service first to communicate with the vulnerable driver.To read this article in full or to leave a comment, please click here

When prepend fails, what next? (2)

This week’s post was written by Johnny Britt over at FreedomPay. I’ve edited in some small places to add more information, etc., but I think Johnny needs to start blogging…

Once you have determined that AS-Path prepending can no longer help us what are our next steps? Routing is based on the longest matched prefix, this is true when BGP routes are being compared as well regardless of the AS-PATH. So one option you have is to split your address space into longer advertised prefixes and advertise a slice to each of our upstream providers. In Fig. 1, AS65000 splits its /44 IPv6 into 2 prefixes and advertises them out to AS65001 and AS65004 respectively. This forces half of AS65000 subnet traffic to flow inbound from one specific provider and we can combine both this technique and AS-Path prepending to give us more load sharing capabilities.

AS-Prepend-2-Fig-1

Using longer prefixes to direct traffic to a more preferred inbound link can take us a long way in creating the desired inbound traffic pattern. Sometimes there are scenarios where you may need to direct traffic at a more granular level.

But what if you don’t have the ability to create longer prefixes Continue reading

Microsoft Research comes up with a workable low-end VR system

There is one inevitable real-world reality when it comes to virtual reality: you need high-end gear. It’s no accident that VR headsets like Oculus Rift and Vive are taking off this year because both Nvidia and AMD are launching very powerful video cards that can generate the realistic graphics needed to make VR work. There are more low-cost VR alternatives, such as Google Cardboard and Samsung’s Gear VR, but they don’t give the same experience as Oculus and Vive. However, Microsoft Research may have come up with a workaround that can lower the barrier to entry for VR systems and make underpowered devices viable VR platforms.FlashBack is a new system from Microsoft Research that eliminates real-time frame rendering and instead relies on cached, pre-rendered frames that are displayed based on the user’s actions. According to a research paper just published (PDF), the system provides eight times improved frame rate, 97 times less energy consumption and a 15-fold latency reduction in mobile devices.To read this article in full or to leave a comment, please click here

Hyperscalers, Enterprises Pull Back On Server Spending

The server cycle has some long waves that are not always in phase with each other, and that is generally a good thing. But every now and then, the waves synchronize, and it is either really exciting as the market rises or something of a bummer as it falls. In the first quarter of this year, there was a bit of a dip but still an order of magnitude less dramatic than the collapse in shipments and sales during the Great Recession.

It is important to keep perspective, and it is actually quite remarkable that the server market is as

Hyperscalers, Enterprises Pull Back On Server Spending was written by Timothy Prickett Morgan at The Next Platform.

IDG Contributor Network: Open source networking: The time is now

Vendor lock-in is dead. Proprietary specifications are dead. Closed vendor ecosystems are dead. Today’s networks are increasingly defined on de facto and de jour open standards—call it open source, call it open APIs, call it whatever you want. It’s all about openness and collaboration. Vendor consortia are open, as are the many partnerships and pairings between standards-defining organizations.It’s about time, and it’s all good.The power of open source and open standards In May, I attended TM Forum Live, the big telecommunications management conference in Nice, France, produced by the TM Forum. Once a bastion of operations support systems (OSS) and business support systems (BSS) for carriers, TM Forum is all about digital transformation and open standards. More than two dozen multivendor interoperability and proof-of-concept demonstrations—which the conference calls “Catalysts”—showed off the power of open source and open standards. But that was only the start.To read this article in full or to leave a comment, please click here

Microsoft takes a swing at Trello and Asana with new Planner app

Microsoft has taken a big step toward helping employees stay on track with the launch of a new app called Planner.It's a Web-based tool for Office 365 subscribers designed to let them easily lay out plans for projects and business objectives and then share them with other people. After creating a plan, users can create and assign tasks, share files and update their colleagues on the status of key to-dos.Planner appears to be a response to the likes of Trello and Asana -- startups that have built their businesses on making it easier for other companies to improve their employees' productivity. Microsoft has positioned Office 365 as a key part of a users'  productivity workflow, and this app is supposed to make it easier for them to stay on track and effectively collaborate with colleagues. To read this article in full or to leave a comment, please click here

Review: LiveCode 8 is freaking incredible

For those unfamiliar with LiveCode, it is a visual software development environment (and corresponding language). Think Hypercard—the the Hypermedia authoring tool/development environment that shipped with every old Macintosh. Then make the language more powerful. Make the interface usable for experienced developers. And allow it to build Linux, Windows, MacOS, Android, iOS and HTML5 applications—while running on Linux, Windows or MacOS.That is, in a nutshell, LiveCode. Oh, and it's open source under the GPLv3 and available right up on GitHub—a fact I rather like.To read this article in full or to leave a comment, please click here

Worth Reading: Troubleshooting Cisco Remote Access

The Cisco Mobile and Remote Access (MRA) feature is a “client edge” solution that allows external software and hardware clients to register to enterprise Cisco Unified Communication (UC) solutions without requiring a VPN. Like most things, there are a lot of moving parts working together to create a relatively seamless user experience. And, like most things, the first time you deploy MRA there are a few “gotchas” that can eat up a significant amount of troubleshooting time. Netcraftsmen

LinkedInTwitterGoogle+Facebook

The post Worth Reading: Troubleshooting Cisco Remote Access appeared first on 'net work.

IDG Contributor Network: Ping Identity invests in blockchain vendor to create new identity standard

Now, this is interesting.Ping Identity is a well-known identity vendor. Basically, Ping handles authentication, single sign-on (SSO) and other identity-related functions that large organizations have. The company competes with vendors such as OneLogin and Okta. So, what is it doing investing in a formerly stealthy blockchain vendor?It seems Ping sees blockchain as a potential disruptor for identity session management. It's so excited about it that it is spending some of its hard-earned cash to invest in Swirlds, a new platform that is creating the "hashgraph," a distributed consensus platform. Swirlds sees itself as solving some of the limitations that are inherent in blockchain. Swirlds contends that it delivers the three legs of the consensus stool: fairness, distributed trust and resilience to Denial of Service attacks.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Ping Identity invests in blockchain vendor to create new identity standard

Now, this is interesting.Ping Identity is a well-known identity vendor. Basically, Ping handles authentication, single sign-on (SSO) and other identity-related functions that large organizations have. The company competes with vendors such as OneLogin and Okta. So, what is it doing investing in a formerly stealthy blockchain vendor?It seems Ping sees blockchain as a potential disruptor for identity session management. It's so excited about it that it is spending some of its hard-earned cash to invest in Swrlds, a new platform that is creating the "hashgraph," a distributed consensus platform. Swrlds sees itself as solving some of the limitations that are inherent in blockchain. Swrlds contends that it delivers the three legs of the consensus stool: fairness, distributed trust and resilience to Denial of Service attacks.To read this article in full or to leave a comment, please click here

1 2,944 2,945 2,946 2,947 2,948 3,872