Steve Wozniak chimes in on the Apple/FBI debate

At this point, it seems that there's truly no end in sight for Apple's ongoing legal battle with the FBI. While the FBI and the DOJ have made it clear that they want Apple to create a new version of iOS designed to bypass iOS security mechanisms, Apple has made it clear that it's not even going to entertain the idea. Quite the opposite, Apple CEO Tim Cook even categorized the FBI's request as akin to asking Apple to create the software equivalent of cancer.Over the past few weeks, many tech companies have come out in support of Apple. Indeed, any time a tech figure of any prominence has been interviewed in recent weeks, the topic of discussion invariably turns to mobile encryption.To read this article in full or to leave a comment, please click here

Network and system analytics as a Docker microservice

Microservices describes why the industry standard sFlow instrumentation embedded within cloud infrastructure is uniquely able to provide visibility into microservice deployments.

The sFlow-RT analytics engine is well suited to deployment as a Docker microservice since the application is stateless and presents network and system analytics as a RESTful service.

The following steps demonstrate how to create a containerized deployment of sFlow-RT.

First, create a directory for the project and edit the Dockerfile:
mkdir sflow-rt
cd sflow-rt
vi Dockerfile
Add the following contents to Dockerfile:
FROM   centos:centos6
RUN    yum install -y java-1.7.0-openjdk
RUN    rpm -i http://www.inmon.com/products/sFlow-RT/sflow-rt-2.0-1072.noarch.rpm
EXPOSE 8008 6343/udp
CMD    /etc/init.d/sflow-rt start && tail -f /dev/null
Build the project:
docker build -t sflow-rt .
Run the service:
docker run -p 8008:8008 -p 6343:6343/udp -d sflow-rt
Access the API at http://docker_host:8008/ to verify that the service is running.

Now configure sFlow agents to send data to the docker_host on port 6343:
The following articles provide examples of using the sFlow-RT REST API:
The diagram shows how new and existing cloud based or locally hosted orchestration, operations, and security tools can leverage sFlow-RT's analytics service to gain real-time visibility. The solution is extremely scaleable, a single sFlow-RT instance can monitor thousands of servers and the network devices connecting them.

TeslaCrypt ransomware now impossible to crack, researchers say

The latest version of the TeslaCrypt ransomware has tidied up a weakness in previous versions that in some cases allowed victims to recover their files without paying a ransom. Cisco's Talos research group found that TeslaCrypt 3.0.1 has improved its implementation of a cryptographic algorithm making it impossible now to decrypt files.  "We can not say it loud and often enough, ransomware has become the black plague of the internet," wrote Andrea Allievi and Holger Unterbrink, both security researchers with Cisco, in a blog post on Wednesday. "The adversaries are modifying and improving it in every version."To read this article in full or to leave a comment, please click here

On the Topic of Lock-In

While talking with customers over the past couple of weeks during a multi-country/multi-continent trip, one phrase that kept coming up is “lock-in”, as in “we’re trying to avoid lock-in” or “this approach doesn’t have any lock-in”. While I’m not a huge fan of memes, this phrase always brings to mind The Princess Bride, Vizzini’s use of the word “inconceivable,” and Inigo Montoya’s famous response. C’mon, you know you want to say it: “You keep using that word. I do not think it means what you think it means.” I feel the same way about lock-in, and here’s why.

Lock-in, as I understand how it’s viewed, is an inability to migrate from your current solution to some other solution. For example, you might feel “locked in” to Microsoft (via Office or Windows) or “locked in” to Oracle (via their database platform or applications), or even “locked in” to VMware through vCenter and vSphere. Although these solutions/platforms/products might be the right fit for your particular problem/need, the fact that you can’t migrate is a problem. Here you are, running a product or solution or platform that is the right fit for your needs, but because you may not be able Continue reading

Network Automation @Interop Vegas 2015

I’m happy to be given the opportunity to speak once more at Interop Vegas in 2016. No workshop for me this year, but I will be putting on three individual talks, all focusing on topics that have been very near and dear to me over the past year.

Last year I was very focused on putting the theory behind network automation into practical terms, and making it “real”. Over the past year I’ve seen rapid growth in adoption of these ideas, and I was happy to be just one very small part of helping to make that happen.

Since the last Interop, my career has steered me towards a more direct approach to network automation, specifically through software development. So I’d like to spend some time providing an overview of my sessions at the upcoming Interop Vegas 2016, which are all inspired by the last year of my career.

Test-Driven Network Automation

The Network Revolution Is A Lie

http://info.interop.com/lasvegas/scheduler/session/the-network-revolution-is-a-lie

DevOps-Centric Networking at eBay

I am running the other two talks as an independent - just happy to participate

In case you are planning on attending Interop in Las Vegas this year, I’d like to let you know about my Continue reading

Air Force faces challenges managing drone force

As unmanned aircraft become a larger part of the Air Force a number of challenges have surfaced that could impact drone squadron efficiency.A Government Accountability Office report out this week stated that while the Air Force has made efforts to manage its unmanned aircraftpilots but has not fully addressed issues related to: “identifying personnel requirements, recruiting and retention difficulties, the potential use of Department of Defense civilians as pilots, pilots completing their required training and moving pilots through the training pipeline.”+More on Network World: What’s hot at the monster CeBit show?+To read this article in full or to leave a comment, please click here

This new discovery could put quantum computers within closer reach

One of the obstacles that have kept quantum computers on the distant horizon is the fact that quantum bits -- the building blocks with which they're made -- are prone to magnetic disturbances. Such "noise" can interfere with the work qubits do, but on Wednesday, scientists announced a new discovery that could help solve the problem.Specifically, by tapping the same principle that allows atomic clocks to stay accurate, researchers at Florida State University’s National High Magnetic Field Laboratory (MagLab) have found a way to give qubits the equivalent of a pair of noise-canceling headphones.The approach relies on what are known as atomic clock transitions. Working with carefully designed tungsten oxide molecules that contained a single magnetic holmium ion, the MagLab team was able to keep a holmium qubit working coherently for 8.4 microseconds -– potentially long enough for it to perform useful computational tasks.To read this article in full or to leave a comment, please click here

Attackers exploit Apple DRM weakness to infect non-jailbroken iOS devices

Attackers are exploiting a weakness in Apple's digital rights management technology to install malicious apps on supposedly protected, non-jailbroken iOS devices.In late February, security researchers from Palo Alto Networks found three malicious applications on the official App Store. An analysis revealed the malicious apps were part of a scheme to steal Apple IDs and passwords from Chinese users under the guise of an alternative app store.The more interesting aspect of the apps: In addition to being published on the official app store, they were also silently installed through software running on users' Windows PCs.An iOS device that hasn't been jailbroken, and hasn't had its security restrictions removed, should only be able to run apps downloaded from the App Store or installed through the iTunes software from users' PCs.To read this article in full or to leave a comment, please click here

Recoding for the Future

It’s been three years since the Docker project launched, and it’s been a bit of a whirlwind. In just the past year, we’ve nearly tripled the number of employees and contributors, launched a broad set of both open source and … Continued

Steam Stealer malware provides a thriving business for cyber thugs

A new Kaspersky Lab report (pdf) by security researchers Santiago Pontiroli and Bart P looks at the big business of Steam Stealers that “have turned the threat landscape for the entertainment ecosystem into a devil’s playground.”Wannabe cyber crooks might turn to malware which steals Steam credentials because it’s incredibly cheap. The report said $3 will buy usage rights for a Steam platform credential stealer and $7 adds source code and a user manual. Researchers said comparative malicious campaigns usually start at the $500 range. There are Steam Stealers which cost more, but “it would be hard to find any stealer being sold for more than $30.”To read this article in full or to leave a comment, please click here

Worth Reading: DROWN attack

More than 11 million websites and e-mail services protected by the transport layer security protocol are vulnerable to a newly discovered, low-cost attack that decrypts sensitive communications in a matter of hours and in some cases almost immediately, an international team of researchers warned Tuesday. More than 81,000 of the top 1 million most popular Web properties are among the vulnerable HTTPS-protected sites. -via ARS

LinkedInTwitterGoogle+FacebookPinterest

The post Worth Reading: DROWN attack appeared first on 'net work.

Giveaway: Navigating Network Complexity

netcomplexI have one remaining copy of my latest book from the initial ten Addison-Wesley sent me on publication… What I’ve decided to do is sign it and give it away to one of my readers. What’s the catch? There are actually two.

First, you have to go to the contact form and leave me feedback with three design concepts (or other interesting things) you’d like to see me write about on this blog. I won’t do “how to configure” type articles, as I think there’s enough of that around on the ‘web. It’s useful stuff, but it’s not my “thing.”

Second, I can’t ship this thing out of the US.

I’ll ship the book, after I’ve signed it, to the person with the three best questions.

LinkedInTwitterGoogle+FacebookPinterest

The post Giveaway: Navigating Network Complexity appeared first on 'net work.

1 3,056 3,057 3,058 3,059 3,060 3,806