Security ‘net: Security by obscurity

This week I have two major themes to discuss on the topic of security, and one interesting bit of research. Let’s start with some further thoughts on security by obscurity.

First: Obscurity isn’t security

I’ve heard this at least a thousand times in my life as a network engineer, generally stated just about the time someone says, “well, we could hide this server…” Reality, of course, is far different; I still put curtains on my house even though they don’t increase the amount of time it takes a thief to break in. Whether or not we want to believe it, obscurity does play a positive role in security.

But there are two places where obscurity is a bad thing in the world of security. The first is the original reference of this common saying: algorithms and implementations. Hiding how you encrypt things doesn’t improve security; in fact, it decreases the overall security of the system. The second place? Communication between companies and security professionals about the types, frequency, and methods of attack. Imagine, for a moment, that you were commanding a unit on a battlefield. You hear the sounds of combat in the distance. Realizing a unit in your army is Continue reading

AnsibleFest London 2016 Presentations

ansiblefest-london2.jpg

We broke records last week with over 500 people attending AnsibleFest London last week. If you were able to attend, we hope you enjoyed the event and will come again in 2017. If you couldn't attend, don't worry, we plan on 2 more events this year.

Follow Ansible on Twitter to get the latest news and details.

Deploying a Mesos Based Visual Effects StudioIndustrial Light and Magic

Continuous Deployment for an Order SystemAtlassian

Ansible 2.0 and Windows, M*Modal

Ansible Accelerates Deployment at Societe Generale, Theodo

Managing Your Cisco Data Center Network with Ansible, Cisco

Immutable Infrastructure at Scale with AnsibleBeamly

View all of the presentations here.

 

 
 

 

 

uKnowKids child monitoring firm takes aim at security researcher after database breach

If you are “a leader in the Internet safety and security field for over 15 years” and run a company that has monitored and maintained the digital activity records of “260,000 kids in more than 50 countries around the world,” when you fail to password-protect the database for your child activity tracker firm and the database is exposed, would the reasonable response be akin to killing the messenger?MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords The company, uKnowKids, sells parents a service to track their kid’s online activity such as social media accounts, chats, posted pictures, etc. as well as text messages via smartphone. While that may seem a bit creepy with a control-freakish vibe, Steve Woda, CEO of uKnowKids, said the company was “created after one of our family children was victimized by an online predator.” Right now it seems like Woda is steaming mad at security researcher Chris Vickery, considering a good portion of the post alerting parents to a uKnowKids breach is devoted to blistering Vickery.To read this article in full or to leave a comment, please click here

Google’s Transition from Single Datacenter, to Failover, to a Native Multihomed Architecture

 

Making a system work in one datacenter is hard. Now imagine you move to two datacenters. Now imagine you need to support multiple geographically distributed datacenters. That’s the journey described in another excellent and thought provoking paper from Google: High-Availability at Massive Scale: Building Google’s Data Infrastructure for Ads.

The main idea of the paper is that the typical failover architecture used when moving from a single datacenter to multiple datacenters doesn’t work well in practice. What does work, where work means using fewer resources while providing high availability and consistency, is a natively multihomed architecture:

Our current approach is to build natively multihomed systems. Such systems run hot in multiple datacenters all the time, and adaptively move load between datacenters, with the ability to handle outages of any scale completely transparently. Additionally, planned datacenter outages and maintenance events are completely transparent, causing minimal disruption to the operational systems. In the past, such events required labor-intensive efforts to move operational systems from one datacenter to another

The use of “multihoming” in this context may be confusing because multihoming usually refers to a computer connected to more than one network. At Google scale perhaps it’s just as natural Continue reading

‘Racking a switch upside down?’

The frequenter of Reddit’s section devoted to networking had an unusual question for his professional peers:“Anyone ever had to rack a switch upside down? Our data center uses these garbage PDUs that are blocking the QSFP ports on a 1U 9k switch. Any reason besides it’s f*****g stupid that I shouldn't rack it upside down? Like something technical?”Cue the wise guys: “Be careful, the packets might fall out!”“The real problem comes from managed switches that have any sort of security setups. A managed switch puts unwanted frames in the bit bucket for disposal, but if it's upside down the bits will spill out of the bucket and clog the switch's cooling fans.”To read this article in full or to leave a comment, please click here

Report: IBM looking to buy incident-response platform maker Resilient Systems

IBM is considering buying Resilient Systems, whose software platform defines workflows to follow when corporate networks are hit with security incidents, according to a report.The price tag for the company is more than $100 million, according to a story by Xconomy that attributes its information to two unnamed sources. IBM and Resilient haven’t answered requests yet for more information.MORE: 2015 enterprise tech M&A trackerTo read this article in full or to leave a comment, please click here

SD-WAN startup Versa software defines security

NFV and SD-WAN start-up Versa Networks unveiled new FlexVNF virtualized network functions (VNFs) for branch office security, and enhanced the performance of its other security VNFs.The new FlexVNFs include software for DNS security and a secure Web gateway, both designed for secure direct Internet access from the branch. The enhanced FlexVNFs include a 40G per rack unit stateful firewall, a 20G per RU next-gen firewall, and 10G Unified Threat Management (UTM) per RU, all designed to exceed – even double – the performance of hardware-based products.To read this article in full or to leave a comment, please click here

Worth Reading: IPv6 Paradigm Change

Link-Local Addresses (LLAs) have the rather obvious property of being linked locally. This means that a layer-3 route cannot route IP packets destined to a LLAs. Instead they can only be forwarded within a layer-2 domain. As such, LLAs have an interesting security property – they cannot be reached from outside of the layer-2 link as they are hidden and isolated. -via apnic

LinkedInTwitterGoogle+FacebookPinterest

The post Worth Reading: IPv6 Paradigm Change appeared first on 'net work.

Real Time Deals: Our Picks for Best Tech Discounts Happening Right Now

Our top 5 quick fire list of real-time deals, found around the web and available for only a few days. Discounted by $1,300 at BestBuy.com: Samsung 65" Class (64.5" Diag.) LED 4K Ultra HD Smart 3D TV. Save $800 at BestBuy on Sony's 65" Class (64.5" Diag.) - LED - 2160p - Smart - 3D - 4K Ultra HD TV Save $80 (reg $179.99) - Plus Free Shipping - on Sony's BDPS6500 – Streaming 4K Upscaling 3D Wi-Fi Built-In Blu-ray Player Discounted by $100 with free shipping: Microsoft - Surface Pro 4 - 12.3" - 128GB - Intel Core i5 Save $204.85 (reg $379) on the LaView 4 Camera 960H Security System, 4 Channel 960H DVR w/500GB HDD and 4 600TVL Black Bullet Camera Surveillance Kit To read this article in full or to leave a comment, please click here

Top 5 Tech Discounts For Feb 23 & 24

Our top 5 quick fire list of real-time deals, found around the web and available for only a few days.Discounted by $1,300 at BestBuy.com: Samsung 65" Class (64.5" Diag.) LED 4K Ultra HD Smart 3D TV.Save $800 at BestBuy on Sony's 65" Class (64.5" Diag.) - LED - 2160p - Smart - 3D - 4K Ultra HD TVTo read this article in full or to leave a comment, please click here

Latest attack against Russian bank employees highlights the threat to financial institutions

The employees of at least six Russian banks were recently the target of a well-crafted email attack where hackers masqueraded as the Russian Central Bank to trick them into installing malware.The incident is the latest in a string of malware attacks against financial institutions over the past year. Together they signal a shift in focus for many cybercriminal groups, from stealing money from bank customers to stealing money directly from banks themselves.According to researchers from Symantec, employees from different Russian banks received emails in December offering them employment at the Central Bank of Russia. The messages were sent from a domain that closely resembled that of the Russian Central Bank and contained a link to an archive file with a Trojan named Ratopak inside.To read this article in full or to leave a comment, please click here

Mark Zuckerberg on Apple vs. FBI: ‘We’re sympathetic with Apple’

Mark Zuckerberg is the latest tech leader to voice his support of Apple against the FBI.“We’re sympathetic with Apple,” the Facebook CEO told the audience at Mobile World Congress in Barcelona on Monday. “We believe encryption is a good thing that people will want.”Even though Zuckerberg was clearly in support of Apple’s case for user privacy, the Facebook CEO acknowledged both sides. + BACKGROUND ON APPLE: Tim Cook refuses order to help unlock terrorist's iPhone 5c +“At the same time, we feel we have a pretty big responsibility to help prevent terrorism,” Zuckerberg said, adding that Facebook cooperates with authorities to remove terrorist posts, profiles, or pages. “We have very strong policies that if there’s content [on Facebook] promoting terrorism, we’ll kick them off.”To read this article in full or to leave a comment, please click here

FAQ: Everything we know so far about Apple’s battle with the FBI

At this writing, Apple’s battle with the FBI over how much it can and should help in the investigation of the San Bernardino shootings is less than a week old. But already it’s explosive to say the least. The government has accused Apple of being more concerned with marketing than the fight against terrorism, and Apple has drawn a line in the sand, saying that complying with the FBI’s request “would undermine the very freedoms and liberty our government is meant to protect.”This fight isn’t going to be over anytime soon, so we’ll keep this FAQ updated as events unfold. If you have more questions—or want to respectfully debate the implications this case will have on privacy and security—please chime away in the comments and we’ll do our best to make everything about this confusing case as clear as possible.To read this article in full or to leave a comment, please click here

Countless computers vulnerable to MouseJack attack through wireless mice and keyboards

Countless wireless mice and keyboards can be hacked from 100 yards away leaving their host machines and the networks they are attached to open to malware, Bastille has discovered.The problem, which is being called MouseJack, affects Amazon, Dell, Gigabyte, HP, Lenovo, Logitech and Microsoft products, the company says, and likely more vendors’ gear that they haven’t tested. Logitech alone shipped its billionth mouse in 2008, so the problem is widespread.+More on Network World: Startup Trusona is launching what it claims to be a 100% accurate authentication scheme aimed at corporate executives+To read this article in full or to leave a comment, please click here

Bill Gates backs the U.S. government in Apple’s iPhone privacy standoff

Microsoft founder Bill Gates says he supports the U.S. government in its efforts to unearth the contents of a terrorist’s iPhone, countering a trend by other tech leaders to back Apple’s refusal to code a backdoor into its iOS operating system.Gates appears to have made the case, however, that he is in favor of the government’s request because he feels it is narrowly worded. “This is a specific case where the government is asking for access to information,” Gates told the Financial Times in a story published Monday night Pacific time. “They are not asking for some general thing; they are asking for a particular case.”To read this article in full or to leave a comment, please click here

Blessay: Successful Private Clouds Aren’t Spoken Of In Public

You don’t hear much about successful “Private Clouds” because they aren’t done in public. Two takeaways. People are talking a lot about public cloud because its good business not necessarily because its good technology [1] Private Clouds are being successfully deployed in vast numbers and no one is talking about them. This is also good […]

The post Blessay: Successful Private Clouds Aren’t Spoken Of In Public appeared first on EtherealMind.

1 3,066 3,067 3,068 3,069 3,070 3,780