IT manager gets 30 months in jail for code-bombing firm’s intellectual property

He could have gotten 10 years behind bars but this week a former IT manager at software maker Smart Online only got 30 months for sending malicious code that destroyed the company’s computers and data.+More on Network World: The weirdest, wackiest and coolest sci/tech stories of 2015+The Department of Justice said that according to the plea agreement, from 2007 to 2012, Nikhil Shah, 33 was an information technology manager at Smart Online Inc., of Durham, North Carolina, that develops mobile applications.To read this article in full or to leave a comment, please click here

Japan’s infrastructure probed by cybergroup, security firm says

A group of cyberattackers that emerged in 2010 and then went quiet has resurfaced and is targeting Japan's critical infrastructure, a security vendor said this week.The attacks have targeted utilities and energy companies in Japan, as well as other companies in finance, transportation and construction, said Greg Fitzgerald, chief marketing officer at Cylance, which specializes in end-point protection.The group appears to be based in Asia, and its methods and procedures suggest it may be linked to a nation state, Fitzgerald said.Symantec detected signs of the group, which Cylance calls Operation Dust Storm, in 2010, Fitzgerald said. The group went quiet in March 2013, shortly after Mandiant -- the forenics investigative unit of FireEye -- published a lengthy report on APT 1, which the company believes to be an elite cyber unit of the Chinese army.To read this article in full or to leave a comment, please click here

QOS Your Life

So as we’re all busy network professionals, I’m sure you’ve ran into the problem of a work-life balance. I personally know lots of engineers that have burned out at one time, or their family life has suffered, and their kids barely know them. Now granted these are extreme case scenarios, but it could happen to […]

The post QOS Your Life appeared first on Packet Pushers.

QOS Your Life

So as we’re all busy network professionals, I’m sure you’ve ran into the problem of a work-life balance. I personally know lots of engineers that have burned out at one time, or their family life has suffered, and their kids barely know them. Now granted these are extreme case scenarios, but it could happen to […]

The post QOS Your Life appeared first on Packet Pushers.

Apple v. FBI – Who’s for, against opening up the terrorist’s iPhone

Everyone has an opinionApple and the Department of Justice are locked in a court fight over whether the company should disable the anti-brute force mechanism on the iPhone used by the San Bernardino terrorists. Public opinion is split on which side is right, and everyone from tech experts to presidential candidates is weighing in on whether the order actually threatens privacy or whether it’s just a way to find out what’s on that particular phone. Here’s a sampling of comments about the issue from the likes of Bill Gates, Mark Zuckerberg and Donald Trump.To read this article in full or to leave a comment, please click here

Here’s what tech leaders have said about the Apple-FBI dispute so far

In the week since Apple said it would do battle with the FBI over the agency's request for access to a smartphone belonging to one of the San Bernardino terrorists, tech industry leaders have been weighing in with their views.Most have come down in support of Apple, though others, including Bill Gates and Simon Segars, CEO of UK chip company ARM, have leaned more towards the FBI's position.Here's a roundup of what tech leaders have said so far, starting with some of the most recent views expressed.To read this article in full or to leave a comment, please click here

Asus settles charges over insecure routers and cloud services

Critical security flaws in routers and cloud computing services offered by Asus put hundreds of thousands of customers at risk, the U.S. Federal Trade Commission has charged.Taiwan-based Asus has agreed to settle an FTC complaint that it failed to take reasonable steps to secure the software on its routers, the agency said Tuesday. In addition to well-documented vulnerabilities in the routers, its cloud services led to thousands of customers' storage devices being compromised and exposed their personal information, the agency said.To read this article in full or to leave a comment, please click here

Asus settles charges over insecure routers and cloud services

Critical security flaws in routers and cloud computing services offered by Asus put hundreds of thousands of customers at risk, the U.S. Federal Trade Commission has charged.Taiwan-based Asus has agreed to settle an FTC complaint that it failed to take reasonable steps to secure the software on its routers, the agency said Tuesday. In addition to well-documented vulnerabilities in the routers, its cloud services led to thousands of customers' storage devices being compromised and exposed their personal information, the agency said.To read this article in full or to leave a comment, please click here

Fave Raves 2016 call for submissions

Fave Raves is Network World’s annual roundup of the best products, as chosen by IT pros. Do you have a favorite enterprise IT product you can't live without? Tell us about it and we'll share your raves with our readers.Please send your submissions to Ann Bednarz at Network World ([email protected]) by Friday, March 11. Please note: Submissions must be received directly from IT professionals, not through a third party.Items to address:1. Please provide your name, title and employer.2. What's your favorite product? (vendor name and product name)3. Why do you like it?4. How has it helped you and/or your company?5. How many years have you worked in IT?6. What upcoming IT projects are you most excited about and why?7. Please include a picture of yourself.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Network outages, low-speed, biggest tech problem, survey finds

Almost a third (31%) of workplace tech-users said that network outages and poor Internet speeds were the “biggest recurring technology problem” at their company, a new survey has found.Remembering passwords was also a big issue. Close to a quarter (22%) of the respondents thought remembering all of their passwords was the biggest tech difficulty they faced.INSIDER: 5 tricks to improve poor TCP performance IT service management company Samanage surveyed about 3,000 U.S. adults. Around half of them said they used technology at work. Those respondents were given the study’s questions.To read this article in full or to leave a comment, please click here

Apple is reportedly fighting 12 more iPhone data extraction orders

Apple’s refusal to help the FBI get into the San Bernardino shooter’s iPhone 5c is the most public, but the company is resisting similar court orders in 12 more cases.The Wall Street Journal reported that the Justice Department is trying to compel Apple to help crack iPhones in a dozen cases that are all based on the centuries-old All Writs Act, the same law being used in the San Bernardino case. The details of the cases aren’t clear because they haven’t been made public, but the WSJ’s sources say they have nothing to do with terrorism.To read this article in full or to leave a comment, please click here

Security ‘net: Security by obscurity

This week I have two major themes to discuss on the topic of security, and one interesting bit of research. Let’s start with some further thoughts on security by obscurity.

First: Obscurity isn’t security

I’ve heard this at least a thousand times in my life as a network engineer, generally stated just about the time someone says, “well, we could hide this server…” Reality, of course, is far different; I still put curtains on my house even though they don’t increase the amount of time it takes a thief to break in. Whether or not we want to believe it, obscurity does play a positive role in security.

But there are two places where obscurity is a bad thing in the world of security. The first is the original reference of this common saying: algorithms and implementations. Hiding how you encrypt things doesn’t improve security; in fact, it decreases the overall security of the system. The second place? Communication between companies and security professionals about the types, frequency, and methods of attack. Imagine, for a moment, that you were commanding a unit on a battlefield. You hear the sounds of combat in the distance. Realizing a unit in your army is Continue reading

AnsibleFest London 2016 Presentations

ansiblefest-london2.jpg

We broke records last week with over 500 people attending AnsibleFest London last week. If you were able to attend, we hope you enjoyed the event and will come again in 2017. If you couldn't attend, don't worry, we plan on 2 more events this year.

Follow Ansible on Twitter to get the latest news and details.

Deploying a Mesos Based Visual Effects StudioIndustrial Light and Magic

Continuous Deployment for an Order SystemAtlassian

Ansible 2.0 and Windows, M*Modal

Ansible Accelerates Deployment at Societe Generale, Theodo

Managing Your Cisco Data Center Network with Ansible, Cisco

Immutable Infrastructure at Scale with AnsibleBeamly

View all of the presentations here.

 

 
 

 

 

uKnowKids child monitoring firm takes aim at security researcher after database breach

If you are “a leader in the Internet safety and security field for over 15 years” and run a company that has monitored and maintained the digital activity records of “260,000 kids in more than 50 countries around the world,” when you fail to password-protect the database for your child activity tracker firm and the database is exposed, would the reasonable response be akin to killing the messenger?MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords The company, uKnowKids, sells parents a service to track their kid’s online activity such as social media accounts, chats, posted pictures, etc. as well as text messages via smartphone. While that may seem a bit creepy with a control-freakish vibe, Steve Woda, CEO of uKnowKids, said the company was “created after one of our family children was victimized by an online predator.” Right now it seems like Woda is steaming mad at security researcher Chris Vickery, considering a good portion of the post alerting parents to a uKnowKids breach is devoted to blistering Vickery.To read this article in full or to leave a comment, please click here

Google’s Transition from Single Datacenter, to Failover, to a Native Multihomed Architecture

 

Making a system work in one datacenter is hard. Now imagine you move to two datacenters. Now imagine you need to support multiple geographically distributed datacenters. That’s the journey described in another excellent and thought provoking paper from Google: High-Availability at Massive Scale: Building Google’s Data Infrastructure for Ads.

The main idea of the paper is that the typical failover architecture used when moving from a single datacenter to multiple datacenters doesn’t work well in practice. What does work, where work means using fewer resources while providing high availability and consistency, is a natively multihomed architecture:

Our current approach is to build natively multihomed systems. Such systems run hot in multiple datacenters all the time, and adaptively move load between datacenters, with the ability to handle outages of any scale completely transparently. Additionally, planned datacenter outages and maintenance events are completely transparent, causing minimal disruption to the operational systems. In the past, such events required labor-intensive efforts to move operational systems from one datacenter to another

The use of “multihoming” in this context may be confusing because multihoming usually refers to a computer connected to more than one network. At Google scale perhaps it’s just as natural Continue reading

1 2,981 2,982 2,983 2,984 2,985 3,696