WhatsApp: The FBI’s worst nightmare

If encryption is something to be feared in the hands of terrorists, WhatsApp just delivered them a tool that will give the FBI nightmares much worse than the encryption on iPhones. WhatsApp enlisted the help of Open Whisper Systems to implement the encryption, and according to that company’s blog, “This includes chats, group chats, attachments, voice notes, and voice calls across Android, iPhone, Windows Phone, Nokia S40, Nokia S60, Blackberry, and BB10.” This will likely drive law enforcement crazy, the FBI in particular, because it makes it impossible for WhatsApp to obey court orders to decrypt specified communications. Even if it wanted to comply, it couldn’t. The encryption is set up between the endpoints in the communication and WhatsApp just moves the traffic.To read this article in full or to leave a comment, please click here

WhatsApp: The FBI’s worst nightmare

If encryption is something to be feared in the hands of terrorists, WhatsApp just delivered them a tool that will give the FBI nightmares much worse than the encryption on iPhones. WhatsApp enlisted the help of Open Whisper Systems to implement the encryption, and according to that company’s blog, “This includes chats, group chats, attachments, voice notes, and voice calls across Android, iPhone, Windows Phone, Nokia S40, Nokia S60, Blackberry, and BB10.” This will likely drive law enforcement crazy, the FBI in particular, because it makes it impossible for WhatsApp to obey court orders to decrypt specified communications. Even if it wanted to comply, it couldn’t. The encryption is set up between the endpoints in the communication and WhatsApp just moves the traffic.To read this article in full or to leave a comment, please click here

Intel and the Network Arms Race

IntelLogo

Networking is undergoing a huge transformation. Software is surely a huge driver for enabling technology to grow by leaps and bounds and increase functionality. But the hardware underneath is growing just as much. We don’t seem to notice as much because the port speeds we deal with on a regular basis haven’t gotten much faster than the specs we read about years go. But the chips behind the ports are where the real action is right now.

Fueling The Engines Of Forwarding

Intel has jumped into networking with both feet and is looking to land on someone. Their work on the Data Plane Development Kit (DPDK) is helping developers write code that is highly portable across CPU architecture. We used to deal with specific microprocessors in unique configurations. A good example is Dynamips.

Most everyone is familiar with this program or the projects that spawned, Dynagen and GNS3. Dynamips worked at first because it emulated the MIPS processor found in Cisco 7200 routers. It just happened that the software used the same code for those routers all the way up to the first releases of the 15.x train. Dynamips allowed for the emulation of Cisco router software but it Continue reading

At MIT, a glimpse into our techno future

In the future, you may use aeroponic systems at home to bring in water mixed with nutrients. You'll use this water to grow vegetables, home-grown food that can cut your produce costs in half.Your commute to work may be on a covered, quasi-bike vehicle that uses battery power to assist the pedaling rider (who gets healthier from the effort).And the era of the large suburban homes will end. Why have multiple rooms for various purposes?"The cost of transformable furniture is much less than a mortgage," said David Rose, a visiting scientist at the MIT Media Lab and author of Enchanted Objects: Innovation, Design and the Future of Technology. Rose was at Tuesday's MIT "Connected Things" Enterprise Forum.To read this article in full or to leave a comment, please click here

Hospitals hacks put patient health at risk

A report that highlights the vulnerabilities in medical devices and the risks they pose to patient health issued by Independent Security Evaluators comes at an opportune time as the past month has shown that hospitals are becoming targets for criminals.Ted Harrington, executive partner at Independent Security Evaluators said, "It’s a scary report in a lot of ways, but our hope is to organize an industry in recognizing these problems. We are trying to make an entire industry start changing, especially one that is very regulated and complex. The conversations need to start happening."To read this article in full or to leave a comment, please click here

Kinder, gentler hacks: A bevy of low-stakes early computer breaches

When the world was newImage by National Security AgencyToday, IT security is a deadly serious business. But in the early days of computing, the stakes were a bit lower. Maybe it's just that we're seeing it through a nostalgic lens, but the computer breaches in the '70s, '80s, and '90s just seemed a bit more ... fun? We spoke to some people who were there, who enjoyed reminiscing about a gentler era, whether they were the ones hacking or the ones being hacked.To read this article in full or to leave a comment, please click here

Are you failing Security Basics 101?

Security tools are getting more sophisticated. DevOps is bringing us automation in operations, and a more holistic way of looking at how we manage infrastructure. But all too often, we’re not doing basic things to improve security and reliability, like protecting against known vulnerabilities.Hewlett Packard Enterprise’s 2016 Cyber Risk Report points out that “29 percent of all exploits samples discovered in 2015 continued to use a 2010 Stuxnet infection vector that has been patched twice.” It takes an average of 103 days for companies to patch known network and security vulnerabilities, according to a study vulnerability risk management vendor NopSec ran last year; that goes down to 97 days for healthcare providers and up to 176 days for financial services, banking and education organisations. That’s not taking into account misconfigurations, or lack of communication between different teams.To read this article in full or to leave a comment, please click here

Who’s the boss of workplace culture?

Who really drives culture in your workplace? According to a study from The Workforce Institute at Kronos and the research and consultancy firm WorkplaceTrends.com, HR believes it does. So do managers and executives. So, too, do your employees.There's clearly a disagreement about who's in charge of creating, maintaining and supporting workplace culture, but there's one thing every group agrees on: Workplace culture is incredibly important. The disconnect, though, isn't just comical. Without understanding the who, what and why of workplace culture and how it affects engagement, retention and loyalty, organizations risk destroying it and losing out on top talent.To read this article in full or to leave a comment, please click here

How to build cybersecurity into outsourcing contracts

Any time a company shares data or provides access to third-parties, it increases its vulnerability to unauthorized access or breach. So in today’s IT environment in which enterprises partner with multiple IT service providers, who in turn may have multiple subcontracters, cyber risks increase exponentially.To read this article in full or to leave a comment, please click here(Insider Story)

How to build cybersecurity into outsourcing contracts

Any time a company shares data or provides access to third-parties, it increases its vulnerability to unauthorized access or breach. So in today’s IT environment in which enterprises partner with multiple IT service providers, who in turn may have multiple subcontracters, cyber risks increase exponentially.[ Related: Why CIOs can’t wait to renegotiate their outsourcing contracts ]“Customer data and systems are only as secure as the weakest link in the vendor ecosystem,” says Paul Roy, a partner in the business and technology sourcing practice of Mayer Brown. “The risks for customers are twofold: not only does the customer increase its risk of a data breach, it also increases the risk that it will be in breach of its regulatory or contractual obligations if its vendors fail to comply with such obligations.”To read this article in full or to leave a comment, please click here(Insider Story)

Hands-on with Surface Hub: Microsoft’s huge tablet has some productivity holes

For $21,999, I expected a little more from Microsoft’s new Surface Hub.Don’t get me wrong: the Hub's 84-inch 4K touchscreen, flanked by a pair of eye-height, 1080p cameras, videoconferencing, and full Windows 10 capabilities—all makes for one very impressive package, especially when it dominates one wall of a room. Heck, it practically is the wall. Mark Hachman Microsoft’s Surface Hub is, in a word, enormous.To read this article in full or to leave a comment, please click here

Software-Based Switching Is not SDN

Russ White made an excellent remark while discussing the news that the CloudRouter pushed 650 Gbps through commodity hardware: “If this is software defined networking, then we’ve been doing this since sometime in the 1990’s, perhaps even earlier…

He’s absolutely right – the first routers (like AGS or IGS from Cisco) did all packet forwarding in software, so as I explained during the Introduction to SDN webinar while reaching dozens of gigabits with software-based packet forwarding is exciting, calling it SDN doesn’t make much sense.

Adobe to issue emergency patch for Flash vulnerability

Adobe is working on an emergency patch for its Flash Player after attackers are reportedly exploiting a critical flaw.The vulnerability, CVE-2016-1019, affects Flash Player version 21.0.0.197 on Windows, Mac, Linux and Chrome OS, according to an advisory published on Tuesday.The flaw is being actively exploited on Windows XP and 7 systems running Flash Player versions 20.0.0.306 and earlier."Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system," it said.A patch could be released as soon as Thursday.To read this article in full or to leave a comment, please click here