White House hopes for ‘common ground’ in Silicon Valley meeting

The White House hopes a Friday summit between senior government officials and Silicon Valley tech leaders will find common ground on ways to work together to combat extremism and radicalization. Government officials will seek to convince tech executives that they need to heed President Barack Obama's call to action and step up to help the U.S. in its fight against militants. But some tech executives are still wary of assisting the government after former National Security Agency (NSA) contractor Edward Snowden leaked information about U.S. spying back in 2013.To read this article in full or to leave a comment, please click here

White House hopes for ‘common ground’ in Silicon Valley meeting

The White House hopes a Friday summit between senior government officials and Silicon Valley tech leaders will find common ground on ways to work together to combat extremism and radicalization. Government officials will seek to convince tech executives that they need to heed President Barack Obama's call to action and step up to help the U.S. in its fight against militants. But some tech executives are still wary of assisting the government after former National Security Agency (NSA) contractor Edward Snowden leaked information about U.S. spying back in 2013.To read this article in full or to leave a comment, please click here

Cisco disrupts another exploit kit

Cisco has disrupted another exploit kit that was emanating from Russian service providers. The company’s Talos security operation said it blacklisted several Class C subnets from provider Eurobyte that were serving the RIG exploit kit or scored negatively in web reputation. RIG is an exploit kit that delivers malicious payloads to unsuspecting users. It redirects users to a landing page and the delivers the exploit payload – in this case, spambot variants -- via a GET request, according to this Talos blog post.To read this article in full or to leave a comment, please click here

Sample Internet usage policy

This Internet usage policy from a manufacturing company with fewer than 50 employees establishes the company's ownership of data transmitted over its computer systems, establishes the right to monitor, and ofifers examples of activities that violate the policy.You are free to use or adapt this sample policy, which was contributed by the security community, for use in your own organization (but not for re-publication or for-profit use).Want to provide a policy or checklist? Contributions are welcome, as is expert commentary. Send your thoughts to Amy Bennett ([email protected]). Internet Usage Policy COMPANY may provide you with Internet access to help you do your job. This policy explains our guidelines for using the Internet.To read this article in full or to leave a comment, please click here(Insider Story)

Sample password protection policy

This password policy from a large financial services institution with more than 5,000 employees covers standards for creation of strong passwords, the protection of those passwords, and the frequency of change. You are free to use or adapt this sample policy, which was contributed by the security community, for use in your own organization (but not for re-publication or for-profit use). Want to provide a policy or checklist? Contributions are welcome, as is expert commentary. Send your thoughts to Amy Bennett ([email protected]). Overview Passwords are an integral aspect of our computer security program. Passwords are the front line of protection for user accounts. A poorly chosen password may result in the compromise of critical (organization) resources. As such, all (organization) staff and outside contractors and vendors with access to our systems are responsible for taking the appropriate steps, as outlined below, to select and secure their passwords.To read this article in full or to leave a comment, please click here(Insider Story)

Unlike Mozilla, Google anticipated SHA-1 errors caused by HTTPS traffic inspection systems

Earlier this week, Mozilla was forced to backpedal on banning new SHA-1 digital certificates because the move completely cut off some Firefox users from the encrypted Web. It appears that Google saw the problem coming.Instead of banning all digital certificates signed with SHA-1 and issued after Jan. 1, Google plans to only "untrust" those that originate from public certificate authorities.This decision takes into account that some companies might still use self-generated SHA-1 certificates internally on their networks, or that some antivirus programs and security devices will continue to generate such certificates when inspecting HTTPS traffic.To read this article in full or to leave a comment, please click here

Intelligence agency wants computer scientists to develop brain-like computers

If you are a computer scientist and have any thoughts on developing human brain-like functions into a new wave of computers, the researchers at the Intelligence Advanced Research Projects Activity want to hear from you.IARPA, the radical research arm of the of the Office of the Director of National Intelligence this week said it was looking at two groups to help develop this new generation of computers: computer scientists with experience in designing or building computing systems that rely on the same or similar principles as those employed by the brain and neuroscientists who have credible ideas for how neural computing can offer practical benefits for next-generation computers.To read this article in full or to leave a comment, please click here

DDoS attack on BBC may have been biggest in history

Last week's distributed denial of service attack against the BBC website may have been the largest in history.A group calling itself New World Hacking said that the attack reached 602Gbps. If accurate, that would put it at almost twice the size of the previous record of 334Gbps, recorded by Arbor Networks last year."Some of this information still needs to be confirmed," said Paul Nicholson, director of product marketing at A10 Networks, a security vendor that helps protect companies against DDoS attacks."If it's proven, it would be the largest attack on record. But it depends on whether it's actually confirmed, because it's still a relatively recent attack."To read this article in full or to leave a comment, please click here

Privacy, mobile broadband top tech priorities for FTC, FCC

The nation's top technology regulators provided a glimpse of the year to come this week at the Consumer Electronics Show in Las Vegas, offering a warning about privacy and an ambitious projection for a spectrum auction to boost mobile broadband capacity.Tom Wheeler and Edith Ramirez, the respective chairs of the Federal Communications Commission and Federal Trade Commission, sat for an on-stage interview with Gary Shapiro, head of the Consumer Technology Association, which puts on the annual tech gala.Privacy and consumer protection top FTC’s priority list Privacy and consumer-protection considerations remain at the forefront at the FTC, which has been probing the consumer implications of a variety of emerging technologies, including big data and the Internet of things.To read this article in full or to leave a comment, please click here

Court rules Shutterfly may have violated privacy by scanning face photos

A federal judge has has denied a motion to dismiss a civil case against photo-sharing site Shutterfly that claims the company violated users' privacy by collecting and scanning face geometries from uploaded images without consent.The first of its kind ruling could open the door to future class-action lawsuits against Shutterfly and other social networks that use facial recognition technology without an opt-in policy.The civil lawsuit, brought by the law firm Carey Rodriguez Milian Gonya LLP on behalf of Brian Norberg, alleges that Shutterfly violated the Illinois Biometric Privacy Act (BIPA) by collecting and scanning face geometry in photos uploaded on Shutterfly's website without the consent of those featured in the images.To read this article in full or to leave a comment, please click here

NSF puts $30M behind software bug killing, synthetic biology & computational sustainability

The National Science Foundation this week announced it is divvying up $30 million in funding among three multidisciplinary research projects designed to put advanced computing models to work on nixing software bugs, boosting synthetic biology and creating a more sustainable world.Researchers at Princeton University, Boston University and Cornell University will lead the Expeditions in Computing projects, which each get $10 million over 5 years. The NSF's Expeditions program has funded 19 projects to the tune of $190 million to date, with areas of focus ranging from robotics to the mobile Internet.To read this article in full or to leave a comment, please click here

Antivirus software could make your company more vulnerable

Imagine getting a call from your company's IT department telling you your workstation has been compromised and you should stop what you're doing immediately. You're stumped: You went through the company's security training and you're sure you didn't open any suspicious email attachments or click on any bad links; you know that your company has a solid patching policy and the software on your computer is up to date; you're also not the type of employee who visits non-work-related websites while on the job. So, how did this happen? A few days later, an unexpected answer comes down from the security firm that your company hired to investigate the incident: Hackers got in by exploiting a flaw in the corporate antivirus program installed on your computer, the same program that's supposed to protect it from attacks. And all it took was for attackers to send you an email message that you didn't even open.To read this article in full or to leave a comment, please click here

OSPF Forwarding Address Part III: The perfect recipe for chaos

After getting familiar with the FA, when it’s set and when not, we’re ready to cook the recipe for chaos: NSSAs, Default Route injection and Forwarding Address.

Probably a good disclaimer for this article is – I agree, usually there are other, more simple and straightforward solutions to doing what I did, but in cases where you know 3 solutions to a problem, and none can be applied, it’s good to have the 4th one a click away.

Network Design

To begin with, the network design we’re going to be experimenting on today is not extremely common, but has a practical application though.

ospf-p3-1

Configuration

I will start by not sharing the configuration files for this design, with a simple reason – Please lab it yourselves! You will have all sorts of things to gain from this, from typing rapidity, thinking the addressing scheme to troubleshooting your own mistakes. It’s not that big of a deal and it should not take you more than half an hour.

On a high level overview, everything you need to know is on the scheme. Nevertheless, here are the configuration principles:

  • Each router has a loopback configured, to ease things when it comes to Continue reading

Stuff The Internet Says On Scalability For January 8th, 2016

Hey, it's HighScalability time:


Finally, a clear diagram of Amazon's industry impact. (MARK A. GARLICK)

 

If you like this Stuff then please consider supporting me on Patreon.
  • 150: # of globular clusters in the Milky Way; 800 million: Facebook Messenger users; 180,000: high-res images of the past; 1 exaflops: 1 million trillion floating-point operations per second; 10%: of Google's traffic is now IPv6; 100 milliseconds: time it takes to remember; 35: percent of all US Internet traffic used by Netflix; 125 million: hours of content delivered each day by Netflix's CDN;

  • Quotable Quotes:
    • Erik DeBenedictis: We could build an exascale computer today, but we might need a nuclear reactor to power it
    • wstrange: What I really wish the cloud providers would do is reduce network egress costs. They seem insanely expensive when compared to dedicated servers.
    • rachellaw: What's fascinating is the bot-bandwagon is mirroring the early app market.
      With apps, you downloaded things to do things. With bots, you integrate them into things, so they'll do it for you. 
    • erichocean: The situation we're in today with RAM is pretty much the identical situation with the disks of Continue reading
1 3,123 3,124 3,125 3,126 3,127 3,773