U.S. uncovers $20M H-1B fraud scheme

The U.S. government has indicted a Virginia couple for running an H-1B visa-for-sale scheme the government said generated about $20 million.Raju Kosuri and Smriti Jharia of Ashburn, Va., along with four co-conspirators, were indicted last week by a federal grand jury in Alexandria, Va., according to the Department of Justice (DOJ).The scheme involved, in part, setting up a network of shell companies and the filing of H-1B visas applications for non-existent job vacancies.Workers were required to pay their own visa processing fees and were treated as hourly contractors, the DOJ alleged. Treating H-1B workers as hourly contractors is in violation of the program rules, the government said.To read this article in full or to leave a comment, please click here

Why your iPhone-unlocking fingerprint is susceptible to FBI search warrants

Should you be able to plead the Fifth when a judge forces you to use your fingerprints to unlock an iPhone?That’s the latest ongoing debate in a Los Angeles courtroom after a judge compelled a woman in custody to use Touch ID to unlock an iPhone. Legal experts are arguing that this goes against the Fifth Amendment’s protection against self-incrimination because the authorities would then have access to potentially-incriminating personal data stored on the device.+ MORE IPHONE: Best Apple iPhone 7 design concepts of 2016 +To read this article in full or to leave a comment, please click here

Why your iPhone-unlocking fingerprint is susceptible to FBI search warrants

Intel’s Atom architecture to live on despite smartphone chip cancellations

Intel's Atom processor architecture will live on despite the recent cancellation of next-generation smartphone chips.The chip maker will continue the development and use of the processor architecture, which stresses power efficiency, though the chips may not necessarily carry the Atom label. Last week Intel canceled upcoming Atom smartphone chips code-named Broxton and Sofia.The next-generation Atom architecture, code-named Goldmont, will first appear in future Pentium and Celeron processors, code-named Apollo Lake, an Intel spokeswoman said. Current top-line Atom chips are based on an architecture named Airmont.To read this article in full or to leave a comment, please click here

Why Windows 10 wants your feedback and diagnostics, and how to control them

We now know the tradeoff for free Windows 10: Microsoft wants data about what you do with your device. But you don't have to send everything you do back to Redmond.You can control the data you send back, and how often, by delving into Windows 10's privacy settings (we've taken you here before) and looking specifically at Feedback frequency and Diagnostic and usage data. The former is typically just an automated survey, but the diagnostic component actually peers into your machine.INSIDER Review: Enterprise guide to Windows 10 These features comprised the Customer Experience Improvement Program, or CEIP, in previous versions of Windows—and they were voluntary. In Windows 10 they've become mandatory, but you can control some aspects.To read this article in full or to leave a comment, please click here

Why you need DRM for your documents

If you pay $1.99 to download an ebook for your Kindle, it’s protected by DRM that stops you sharing the contents, and if Amazon wants to, it can revoke the document so you can’t read it any more. Is your company’s current price list protected nearly as well?With information rights management (often known as enterprise DRM, short for digital rights management), you could make sure that price list was only shared with your customers, blocking them from sending it on to your competitors and automatically blocking it at the end of the quarter when you come out with new prices. Or you could share specifications with several vendors in your supply chain during a bidding process and then block everyone but the winning vendor from opening the document after the contract is finalized. You can make sure that contractors aren’t working from out of date plans by making the old plan expire when there’s an update. Tracking and visibility is useful for compliance as well as security; you could track how many people had opened the latest version of the employee handbook, or see that a document you’d shared with a small team was being actually read by Continue reading

Why you need DRM for your documents

That printer in the corner is still a threat

They sit off in the corner, some of them collecting dust. Yet, a printer is a legitimate attack surface. Many companies don’t bother to update the firmware on older models, or don’t include every model in a security audit (such as the one in the CEO’s office everyone forgot about), or the organization assumes a hacker won’t bother with an Epson or HP that is barely even connected to Wi-Fi.Interestingly enough, because a printer is so innocuous and seemingly harmless, that’s the exact reason it poses a threat, according to the security analysts who talked to CSO about this issue. Sometimes, the best attack vector for an attacker is the one no one bothers to think about. However, a recent IDC survey found that 35 percent of all security breaches in offices were traced back to an unsecured printer or multi-function device, costing companies $133,800 each year.To read this article in full or to leave a comment, please click here

That printer in the corner is still a threat

Introducing CloudFlare Origin CA

Free and performant encryption to the origin for CloudFlare customers

Introducing CloudFlare Origin CA

In the fall of 2014 CloudFlare launched Universal SSL and doubled the number of sites on the Internet accessible via HTTPS. In just a few days we issued certificates protecting millions of our customers’ domains and became the easiest way to secure your website with SSL/TLS.

At the time, we "strongly recommend[ed] that site owners install a certificate on their web servers so we can encrypt traffic to the origin." This recommendation was followed by a blog post describing two readily-available options for doing so—creating a self-signed certificate and purchasing a publicly trusted certificate—and a third, still-in-beta option: using our private CA. Even though out-of-pocket costs of acquiring public CA certificates have since fallen to $0 since that post, we have continued to receive requests from our customers for an even easier (and more performant) option.

Operating a public certificate authority is difficult because you don't directly control either endpoint of the HTTPS connection (browser or web server). As a result, public CAs are limited both in their ability to issue certificates optimized for inter-server communication, as well as in their ability to revoke certificates if they are compromised. Continue reading

Cloud Orchestration: 8 Benefits

Find out how cloud orchestration tools can help streamline deployment and management of your cloud resources.

The IoT company behind the curtain

Greenwave Systems is sort of the BASF of Internet of Things: It doesn’t make the IoT products you buy, it makes them better. Greenwave (one of Network World’s recently named IoT Companies to Watch) provides software and services that help consumer-facing companies like Verizon deliver IoT features to their customers. IDG US Media Chief Content Officer John Gallant talked recently to Greenwave’s Chief Scientist, Jim Hunter, about how the company is empowering IoT applications and how new voice and social-media-driven capabilities will change the market. Hunter also explored the evolving IoT market and offered a candid assessment of how data ownership and security issues could hamper the IoT revolution.To read this article in full or to leave a comment, please click here

Response: Are Open-Source Controllers Ready for Carrier-Grade Services?

My beloved source of meaningless marketing messages led me to a blog post with a catchy headline: are open-source SDN controllers ready for carrier-grade services?

It turned out the whole thing was a simple marketing gig for Ixia testers, but supposedly “the response of the attendees of an SDN event was overwhelming”, which worries me… or makes me happy, because it’s easy to see plenty of fix-and-redesign work in the future.

Hot products at Interop 2016

Interop 2016The 30th version running this week in Las Vegas features a trade show with more than 160 vendors displaying their wares and where its interoperability mission ventures far outside the show’s signature InteropNet Demo Lab. This year it is focused on promoting interoperability among Internet of Things devices, a category of gear unheard of that first year. (See Network World's preview story of the show.)To read this article in full or to leave a comment, please click here

Hot products at Interop 2016

Overheard At Interop, Day 1

Observations and highlights from the first day of Interop Las Vegas 2016.

Satoshi: how Craig Wright’s deception worked

My previous post shows how anybody can verify Satoshi using a GUI. In this post, I'll do the same, with command-line tools (openssl). It's just a simple application of crypto (hashes, public-keys) to the problem.

I go through this step-by-step discussion in order to demonstrate Craig Wright's scam. Dan Kaminsky's post and the redditors comes to the same point through a different sequence, but I think my way is clearer.

Step #1: the Bitcoin address

We know certain Bitcoin addresses correspond to Satoshi Nakamoto him/her self. For the sake of discussion, we'll use the address 15fszyyM95UANiEeVa4H5L6va7Z7UFZCYP. It's actually my address, but we'll pretend it's Satoshi's. In this post, I'm going to prove that this address belongs to me.

The address isn't the public-key, as you'd expect, but the hash of the public-key. Hashes are a lot shorter, and easier to pass around. We only pull out the public-key when we need to do a transaction. The hashing algorithm is explained on this website [http://gobittest.appspot.com/Address]. It's basically base58(ripemd(sha256(public-key)).

Step #2: You get the public-key

Hashes are one-way, so given a Bitcoin address, we can't immediately convert it into a public-key. Instead, we have to look it Continue reading

China’s booming middle class augurs well for Apple, says Tim Cook

Apple CEO Tim Cook still sees great potential in the Chinese market despite a drop in its revenue from the country in the first quarter.In an interview to Jim Cramer of CNBC's Mad Money program, Cook said Monday that the middle class in China is expected to boom from 50 million people five years ago to almost 500 million in the next five years. “This is an unprecedented growth of the middle class,” said Cook, adding that he “could not be more optimistic about China.”To a question from Cramer, Cook said it was an error by him not to to mention the figures about the burgeoning Chinese middle class during the company’s recent earnings call.To read this article in full or to leave a comment, please click here

CiscoLive 2016: ‘Summer Camp for Geeks’

The other day I was talking with a friend about my summer plans. As we were talking about July….. my face apparently lit up and my voice got all excited and happy when I mentioned CiscoLive.

“What exactly is CiscoLive?” she asked.

I answered, “CiscoLive is my absolute favorite work week of the entire year. Has been since my first one back in 2006.”

“What do you like so much about it?” she asked. ……

My answer to her?

“It’s like a week long Summer Camp for Geeks”

Why I Love Cisco Live US

Learning & Sharing Knowledge
1. Breakouts, Technical Seminars, and Labs
2. Meet the Expert
3. Lunch and Learn (Formerly Table Topics)
Social Media Fun

Learning & Sharing Knowledge

Learning… learning… learning ….. learning. I just love learning! For me… learning from others and passing that on is one of my passions in life.

And WOW is there knowledge to learn at CiscoLive!

Of course, I have never been to a CiscoLive as a non Cisco employee. Nor have I ever gone and not been a speaker. So, for me, CiscoLive has always involved me prioritizing technical knowledge sharing/teaching with CiscoLive Continue reading

Microsoft’s CEO explains why his company sued the U.S. government

Microsoft surprised the world last month when it filed a lawsuit against the U.S. Department of Justice, alleging that the frequent practice of attaching gag orders to search warrants for customer data violates the U.S. Constitution.On Monday, CEO Satya Nadella told a group of tech luminaries why the company did so: Microsoft has a strong view on its privacy promises to users, and the company will fight to prevent government overreach that, in its view, compromises the principles of privacy. Governments have a compelling need to help preserve public safety, but Microsoft wants to make sure that users' privacy is also preserved, Nadella said. To read this article in full or to leave a comment, please click here

« Previous 1 … 3,037 3,038 3,039 3,040 3,041 … 3,882 Next »