US says it’s ok to hack cars and medical devices (sometimes)

The U.S. Copyright Office has given security researchers reason to hope that they'll be able to search for flaws in car systems and medical devices without the threat of legal action. On Tuesday, the Librarian of Congress, who makes final rulings on exemptions to copyright rules, granted several exceptions to Section 1201 of the Digital Millennium Copyright Act (DMCA), which prohibits the circumvention of the technological methods that are used to protect copyright works. The U.S. Copyright Office is a department of the Library of Congress. The exemptions allow for "good-faith security research" to be performed on computer programs that run on lawfully acquired cars, tractors and other motorized land vehicles; medical devices designed to be implanted in patients and their accompanying personal monitoring systems and other devices that are designed to be used by consumers, including voting machines.To read this article in full or to leave a comment, please click here

Five Lessons from Ten Years of IT Failures

IEEE Spectrum has a wonderful article series on Lessons From a Decade of IT Failures. It’s not your typical series in that there are very cool interactive graphs and charts based on data collected from past project failures. They are really fun to play with and I can only imagine how much work it took to put them together.

The overall takeaway of the series is:

Even given the limitations of the data, the lessons we draw from them indicate that IT project failures and operational issues are occurring more regularly and with bigger consequences. This isn’t surprising as IT in all its various forms now permeates every aspect of global society. It is easy to forget that Facebook launched in 2004, YouTube in 2005, Apple’s iPhone in 2007, or that there has been three new versions of Microsoft Windows released since 2005. IT systems are definitely getting more complex and larger (in terms of data captured, stored and manipulated), which means not only are they increasing difficult and costly to develop, but they’re also harder to maintain.

Here are the specific lessons:

First look: Microsoft Azure Active Directory Domain Services puts it all in the cloud

On Oct. 14, Microsoft announced the preview release of Azure Active Directory Domain Services or, as I like to call it, a domain in a cloud.Next up, you will need to either create a new virtual network or select an existing virtual network. This network has to be in the U.S. or Asia Azure regions. (These are the only geographic locales that the preview supports; of course, this feature will likely be available globally when the code comes out of the preview phase).To read this article in full or to leave a comment, please click here(Insider Story)

6 tips for your security awareness training

Keep a sharp eye out forImage by ThinkstockSecurity experts remind us that awareness is an ongoing effort. Here are some best practices for keeping your organization educated and aware year-round.Get the C-Suite involvedImage by ThinkstockTo read this article in full or to leave a comment, please click here

Split between EU privacy watchdogs on Safe Harbor worries business lobby

German data protection authorities' decision to break ranks with their counterparts in other European Union countries and block alternatives to Safe Harbor has business lobbyists worried.The striking down of the Safe Harbor data sharing agreement by the European Union's highest court on Oct. 6 left a legal vacuum that European Commission officials immediately sought to fill with a reminder of the legal alternatives available and promises of coordinated action by national privacy regulators, who responded with their own reassurances on Oct. 16.To read this article in full or to leave a comment, please click here

InteliSecure building a high-end security-services boutique

Data-loss-prevention provider InteliSecure is taking in new money, new employees and an entire U.K. security company in an effort to establish itself as a high-end security boutique.The company has raised $22 million in equity financing and a $6 million debt financing in order to buy Pentura – a U.K. managed security service provider – as well as expand its operations globally and hire additional hard-to-find security personnel. CEO Rob Eggebrecht Its premiere service, protecting data by identifying the most critical assets, configuring the infrastructure to enforce security policies and managing it, is highly customized, says CEO Rob Eggebrecht.To read this article in full or to leave a comment, please click here

CISA legislation would lift liability for businesses sharing cyber threat information

A bill that encourages businesses to share threat intelligence with each other and the government is closer to becoming a law than it has been for years now that it offers businesses near immunity from liability if the data they share is stolen and causes harm, but such sharing is still fraught with problems. Nathan Taylor The proposed Cybersecurity Information Sharing Act (CISA) proposal doesn’t force anyone to participate in sharing, but it creates incentives for businesses to do so willingly, says Nathan Taylor, a partner in the law firm Morrison & Foerster, who is following the bill as it wends its way through Congress.To read this article in full or to leave a comment, please click here

Techies back Democrats in Presidential race

It will be many months before presidential candidates face their respective conventions, but for the time being the Democrats are winning the wallets of technology workers. Finance reform bars corporations from directly funding campaigns, but that doesn’t stop individuals from backing candidates of their choice. And according to Network World’s analysis of candidates’ most recent filings to the Federal Elections Commission, those technology workers donated far more to Democratic presidential candidates than did their Republican counterparts since the inception of each candidate’s campaign. The two frontrunning Democrats outpaced the three Republicans examined: $393,444 to $36,588. Network World reviewed the campaign finance reports of the two candidates from each party who are currently leading the polls and also included former HP chief Carly Fiorina.To read this article in full or to leave a comment, please click here

Examining 5 Presidential candidates’ support from tech company employees

Money talksImage by WikimediaIn a review of the Presidential candidates’ latest campaign finance reports, which list employee donations by company, we found seven tech companies that were common across most of the five candidates examined. Here’s a look at how much employees have contributed since the campaigns of Bernie Sanders, Donald Trump, Hillary Clinton, Carly Fiorina and Ben Carson began.To read this article in full or to leave a comment, please click here

Survey: Vendor NETCONF and REST API Support

Time for another fill-in-the-blanks survey: how many vendors support NETCONF and/or REST API in their data center switches, routers, firewalls and load balancers?

Please help me complete the tables by writing a comment – and do keep in mind that it only counts if it’s documented in a public configuration guide on vendor’s web site.

Also, I’m not aware of any vendor using standard NETMOD YANG models. If someone does, please let me know.

Read more ...

A Few Easy Steps: Cisco IOS, Setup for Automation

In this session of A Few Easy Steps, we will be doing the initial setup for automation on a Cisco IOS Device. In General this will work on any Cisco IOS Device.  Session Prerequisites: You have a Cisco Console Cable You have a serial port You have a Terminal Program that you can access your …

Network Simulation – Cisco VIRL Increases Node Count

Great news everyone. Some of you might have seen that I created a petition to increase the node limit in VIRL. I know there have been discussions within Cisco about the node limit and surely our petition wasn’t the single thing that convinced the VIRL team but I know that they have seen it and I’m proud that we were able to make a difference!

On November 1st the node limit will be increased to 20 nodes for free! That’s right, you get 5 extra nodes for free. There will also be a license upgrade available that gets you to 30 nodes. I’m not sure of the pricing yet for the 30 node limit so I will get back when I get more information on that.

When the community comes together, great things happen! This post on Cisco VIRL will get updated as I get more information. Cisco VIRL will be a much more useful tool now to simulate the CCIE lab and large customer topologies. I tip my hat to the Cisco VIRL team for listening to the community.

The post Network Simulation – Cisco VIRL Increases Node Count appeared first on Daniels Networking Blog.

Windows users often forget to patch their Apple programs

A survey of applications installed on Windows computers found that a lot of users don't run up-to-date versions of Apple programs. Apple's multimedia program, QuickTime, and its iTunes software were ranked as some of the most "exposed" programs based on risk by Secunia Research, which is now part of Flexera Software. Among U.S. users, some 61 percent of computers detected running QuickTime did not have the latest version. With iTunes, 47 percent of the installations were outdated versions. It's not Apple's fault. Although many software companies alert users to new versions of applications, it's largely up to users to install them.To read this article in full or to leave a comment, please click here

OpenStack Kolla: Dependency Management Done Right With Docker and Ansible

Openstack-Tokyo

Kolla provides production-ready containers and deployment tools for operating OpenStack clouds that are scalable, fast, reliable, and upgradable, using community best practices.  Kolla entered the OpenStack Big Tent during the Liberty cycle by submitting Kolla to OpenStack technical committee oversight --  enabling the Kolla project and its contributors to have access to community resources such as marketing, technical resources, bi-yearly conference space and voting rights in the OpenStack Technical Committee election.

During the creation of the Kolla mission statement, we agreed as a community not to permit the selection of technology choices in our mission statement. Still: we knew we would choose Docker as our container runtime technology, and Ansible as our orchestration system. We made these choices not only because “that’s what all the cool kids are doing’ -- but also because they solve real technical problems for our problem domain.  Docker solves our image management process and Ansible solves our multi-node deployment process.  We could have chosen other technologies to solve these problems, but both Docker and Ansible do something orders of magnitude better than competitors: a complete and absolute focus on simplicity coupled with a high degree of capability.

Since a fundamental factor in outcome of Continue reading

Iranian hackers show strong interest in Android spying tools

Iranian hackers are showing strong interest in malware that can secretly pull data from Android devices, which are popular in the Middle East.The analysis comes from Recorded Future, a cybersecurity intelligence firm based in Somerville, Massachusetts.One of Recorded Future's specialties is monitoring hacking forums, looking for clues and chatter that might indicate future attacks.Over the last six months, there appears to have been high interest on Iranian hacking forums in remote access tools, or programs designed to listen to calls and collect text message and GPS data, according to a blog post.To read this article in full or to leave a comment, please click here

OpenStack Summit 2015 Day 2 Keynote

Mark Collier, COO of the OpenStack Foundation, takes the stage to kick things off. He starts with a story about meeting new people, learning new things, and sharing OpenStack stories, and encourages attendees to participate in all of these things while they are here at the Summit.

Mark then transitions into a discussion of Liberty (the latest release), and revisits Jonathan Bryce’s discussion of the new organizational model (“the Big Tent”). He specifically calls out Astara and Kuryr as new projects in the Big Tent model. Out of curiosity, he looked at development activity for all the various projects to see which project was the “most active”. It turns out that Neutron was the most active project across all of the various OpenStack projects. According to the user survey last year, 68% were running Neutron. In the most recent user survey, that number climbed to 89%—meaning the vast majority of OpenStack clouds in production are now running Neutron.

So why is networking (and Neutron) so hot right now? Mark believes that this is due to the increasing maturity of software-defined networking and network virtualization. Mark shows data from Crehan Research that states SDN is growing twice as fast as server Continue reading

1 3,124 3,125 3,126 3,127 3,128 3,696