Popular desktop Linux distro Ubuntu has potentially serious privacy flaw

A feature in the just-released 16.04 version of Ubuntu could pose a serious threat to the privacy of desktop Linux users, according to a well-known open-source software expert.Version 16.04, the latest long-term-support release of Ubuntu, features a new package format used for installing software on an Ubuntu system, called snap. Snaps are designed to be easier for developers to construct, simpler to deploy, and able to work comfortably alongside the existing deb package format.ALSO ON NETWORK WORLD: Windows 10's upgrade model temporarily wipes $1.6B from Microsoft's books | One of GNU/Linux’s most important networking components just got an update  To read this article in full or to leave a comment, please click here

DevOps and deviance: How bad IT practices become accepted as normal

Peter Waterhouse, Senior Strategist, CA TechnologiesAlthough vendor-written, this contributed piece does not promote a product or service and has been edited and approved by Network World editors.How many times have you witnessed a sub-optimal IT practice that everyone else thinks is ok, then over time accepted the behavior as being just fine and dandy?Regardless of whether you lead a startup or work in an established business, we all have a tendency to accept dodgy behaviors. Even if outsiders see them as wrong, our IT teams are so accustomed to using them (without any adverse consequences) that they’re quickly established as “normal” and accepted.To read this article in full or to leave a comment, please click here

Google and Microsoft agree to end regulatory battles

Google and Microsoft have agreed to end their long-running regulatory battles and stop complaining to government agencies about each other.Microsoft had been one of the leading companies calling for governments to investigate Google over potential antitrust violations in recent years. Earlier this year, though, Microsoft withdrew its support for FairSearch, a coalition of companies pushing the EU to file formal antitrust complaints against Google.The announcement of the new agreement between the two companies comes just two days after the European Commission filed new antitrust charges against Google related to packaging its apps on Android phones.To read this article in full or to leave a comment, please click here

Stuff The Internet Says On Scalability For April 22nd, 2016

Hey, it's HighScalability time:


A perfect 10. Really stuck that landing. Nadia Comaneci approves.

 

If you like this sort of Stuff then please consider offering your support on Patreon.
  • $1B: Supercell’s Clash Royale projected annual haul; 3x: Messenger and WhatsApp send more messages than SMS; 20%: of big companies pay zero corporate taxes; Tens of TB's RAM: Netflix's Container Runtime; 1 Million: People use Facebook over Tor; $10.0 billion: Microsoft raining money in the cloud; 

  • Quotable Quotes:
    • @nehanarkhede: @LinkedIn's use of @apachekafka:1.4 trillion msg/day, 1400 brokers. Powers database replication, change capture etc
    • @kenkeiter~ Full-duplex on a *single antenna* -- this is huge.  (single chip, too -- that's the other huge part, obviously) 
    • John Langford: In the next few years, I expect machine learning to solve no important world issues.
    • Dan Rayburn: By My Estimate, Apple’s Internal CDN Now Delivers 75% Of Their Own Content
    • @BenedictEvans: If Google sees the device as dumb glass, Apple sees the cloud as dumb pipes & dumb storage. Both views could lead to weakness
    • @JordanRinke: We need less hackathons, more apprenticeships. Less bootcamps, more classes. Less rockstars, more mentors. Develop people instead of product
    • @alicegoldfuss: Nagios screaming / Continue reading

How contact centers can benefit from SD-WANs

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach. The single location contact/call center of years past would have had little need for Software-Defined WAN (SD-WAN) technology. But today’s call/contact centers for customer service, technical support, outgoing call banks and other use cases are almost always multi-location and usually global, and the right SD-WAN solution can improve reliability and the customer experience while lowering costs. Call centers were among the first adopters of VoIP, at least within the call center network, and they have historically used MPLS in the WAN, very often dual MPLS networks. While the latter is expensive, the approach has been needed to maintain reliability and call quality.To read this article in full or to leave a comment, please click here

How contact centers can benefit from SD-WANs

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.The single location contact/call center of years past would have had little need for Software-Defined WAN (SD-WAN) technology. But today’s call/contact centers for customer service, technical support, outgoing call banks and other use cases are almost always multi-location and usually global, and the right SD-WAN solution can improve reliability and the customer experience while lowering costs.Call centers were among the first adopters of VoIP, at least within the call center network, and they have historically used MPLS in the WAN, very often dual MPLS networks. While the latter is expensive, the approach has been needed to maintain reliability and call quality.To read this article in full or to leave a comment, please click here

Facebook bug hunter stumbles on backdoor left by hackers

When Orange Tsai set out to participate in Facebook's bug bounty program in February, he successfully managed to gain access to one of Facebook's corporate servers. But once in, he realized that malicious hackers had beaten him to it.Tsai, a consultant with Taiwanese penetration testing outfit Devcore, had started by mapping Facebook's online properties, which extend beyond user-facing services like facebook.com or instagram.com.One server that caught his attention was files.fb.com, which hosted a secure file transfer application made by enterprise software vendor Accellion and was presumably used by Facebook employees for file sharing and collaboration.To read this article in full or to leave a comment, please click here

Facebook bug hunter stumbles on backdoor left by hackers

When Orange Tsai set out to participate in Facebook's bug bounty program in February, he successfully managed to gain access to one of Facebook's corporate servers. But once in, he realized that malicious hackers had beaten him to it.Tsai, a consultant with Taiwanese penetration testing outfit Devcore, had started by mapping Facebook's online properties, which extend beyond user-facing services like facebook.com or instagram.com.One server that caught his attention was files.fb.com, which hosted a secure file transfer application made by enterprise software vendor Accellion and was presumably used by Facebook employees for file sharing and collaboration.To read this article in full or to leave a comment, please click here

Some People Don’t Get It: It Will Eventually Fail

Mark Baker left this comment on my Stretched Firewalls across Layer-3 DCI blog post:

Strange how inter-DC clustering failure is considered a certainty in this blog.

Call it experience or exposure to a larger dataset. Anything you build will eventually fail; just because you haven’t experienced the failure yet doesn’t mean that the system will never fail but only that you were lucky so far.

Read more ...

There is NO IPv6 Standard

Geoff Huston highlights that the IETF has never completed their standard process. One hundred and forty-six of these RFCs are Informational, four of these are Historic, 23 are Experimental, five are Best Current Practice and the remaining 193 are Standards Track documents. Of these 193 documents, 24 are already obsoleted, 164 are Proposed Standards, just five […]

The post There is NO IPv6 Standard appeared first on EtherealMind.

NANOG 67 Hackathon

Sponsored by:

Join us for the NANOG 67 Hackathon -- a one-day event Sunday, June 12, 2016, at the Fairmont Chicago Millennium Park. 

The NANOG 67 Hackathon will bring network operators together in a room to develop new ideas and hacks for automating production internet networks.  Tools and software beyond those provided by vendors and existing open-source projects are needed to keep those networks up and running. By gathering together at NANOG 67 to collaboratively hack on code or hardware, develop ideas, and documentation we can open the possibilities of holistic network management through automation.  And we will have fun while doing it!

Registration for the Hackathon is open on a space-available basis to all interested attendees of NANOG 67.  All skill levels are welcome, but participants are expected to actively participate in the hacks.  The theme of the Hackathon is holistic network management through automation.  Proposals of hacks will be solicited from registrants and published prior to NANOG 67 to allow the forming of teams of 1-6 individuals to work on hacks. And several example hacks will be available for inspiration.  A standardized hacking environment for prototyping will be provided or teams are welcome to Continue reading

Amazon Dash Button Events On A Catalyst

Lots of folks are detecting Amazon Dash button events by watching for ARP traffic with python.

I took a slightly different approach by watching for the button's MAC address with an EEM applet.

My Mac 'n Cheese button speaks on the network twice with each push: once right when it's pushed, and then a second time about 40 seconds later.

The applet sleeps for 60 seconds after it's fired to ensure that the button only creates a single event with each press.

 event manager applet macNcheese  
  event mat mac-address 00bb.3a4b.5a01 type add maxrun 90  
  action 1 syslog msg "It's Mac N Cheese time!"  
  action 2 cli command "enable"  
  action 3 cli command "copy https://username:password@some_server/path/to/events.php^V?eventtype=MAC%20N%20CHEESE%20TIME! null:"  
  action 4 wait 60  
  action 5 cli command "clear mac address-table dynamic address 00bb.3a4b.5a01"

event mat refers to "mac address table" changes. This applet fires only when the button's address is added to the table. Without the add keyword, the event would fire twice, once when the entry is added, and again when the entry is removed from the switch L2 filtering table.

I'm triggering an external event by hitting a web server that's already configured to receive Continue reading

The Importance of System Hardening

locksystemhardening

Most operating systems are not very secure out of the box and favor convenience and ease of use over security. IT Security professionals may not agree with a vendor’s user friendly approach to their OS, but that does not mean they have to accept it. There are steps that can be taken to harden a system and eliminate as many security risks as possible

System Hardening Examples

The most basic hardening procedure is to change the vendor default user name and password. You would be surprised how many vendor default access codes can found with a simple Google search!

System hardening can include configuration settings to remove unnecessary services, applying firewall rules, enforcing password complexity, setting failed login thresholds, and system idle time outs.

System hardening can also include installing an anti-virus program, forwarding logs to a centralized log management solution, and applying vendor released system patches.

Basically system hardening is a way to lock down the Operating System before the system goes into production. The hardening guides can not only detail the steps to follow to secure a system, but can complement any system deployment guides. Along with the list of procedures to follow to improve system security the hardening Continue reading

1 2,998 2,999 3,000 3,001 3,002 3,818