How fake users are impacting business … and your wallet

A few weeks ago, Kristen Faughnan got something that surprised her: a "low balance" text message from her bank. That didn't make sense. She'd just paid for a haircut, but she knew how much was in her account.  Even after paying her stylist, it was much more than the level at which the bank would tell her she was almost out of funds. "I logged onto my bank account to find two recent charges from Groupon," she says. They were from a cologne store in Texas. Faughnan lives in Pennsylvania. Faughnan was most likely victim of a costly form of cybercrime: a fake user taking over her account. Fake users spam real users that are part of a site, steal confidential information or, as in the case with Faughnan, take over an account (the fraudulent purchases were made through a credit card she had stored in the site -- a credit card that had expired, which added another piece to the puzzle). To read this article in full or to leave a comment, please click here

Wyndham settlement: No fine, but more power to the FTC

On the face of it, Wyndham Hotels and Resorts dodged a major bullet from the Federal Trade Commission (FTC).After three major data breaches in 2008 and 2009 that compromised the credit card information of more than 619,000 customers and led to more than $10.6 million in fraudulent charges, the company earlier this month settled a lawsuit brought by the FTC that doesn’t require it to pay a penny in fines or even admit that it did anything wrong.To read this article in full or to leave a comment, please click here

What is a micro loop in routing?

Micro loop can be found in fast-rerouted networks. Fast reroute, as a proactive convergence mechanism, provides sub-second data plane convergence. If there are technical glitches, upstream node sends the traffic through the repaired path to the downstream device. For the downstream node to be used as a backup/repair node, it should be loop-free. What do […]

The post What is a micro loop in routing? appeared first on Network Design and Architecture.

Trump is right about “schlong”

The reason Trump is winning is because the attacks against him are unfair. The recent schlong-gate is a great example.

Yes, "schlong" means "penis", but is also means "rubber hose". Getting beaten by a rubber hose has long been a severe way of beating somebody. Getting "schlonged" has long meant getting a severe beating with absolutely no sexual connotation. Sure, you may never heard of this slang, because it's very regional, but it does exist. Fact checkers have gone back and found many uses of this word to mean just that [1] [2] [3] [4] [5], meaning "severe beating" in a non-sexual sense.

We regularly use words like hosed, shafted, stiffed, chapped, and boned to mean something similar. Sure, some of these derive from a base word for "penis", but are commonly used these days without any sexual or derogatory connotation. The only different about "schlonged" is that most Americans were unfamiliar with the idiom. Had Trump said "shafted" instead, this controversy would not have erupted.

But those who hate Trump, and who have only known "schlong" to mean something dirty and derogatory, are unwilling to let go Continue reading

Segment Routing Fast Reroute

Segment Routing Fast Reroute  – Traffic Engineering with Segment Routing uses LFA mechanism to provide 50 msec fast reroute capability. Current Segment Routing implementation for the OSPF uses regular LFA (Loop Free Alternate) for fast reroute in Cisco devices. Because LFA (Loop Free Alternate) has topology limitations, it does not include many faulty scenarios. On the […]

The post Segment Routing Fast Reroute appeared first on Network Design and Architecture.

10 amazing algorithms

Figuring out mysteriesImage by FlickrCyber technology couldn’t get by without algorithms to encrypt, analyze metadata and find traffic anomalies, but they are used more and more widely in other fields. Here are 10 algorithms that perform functions as varied as scanning for disease genes, catching classroom cheats and figuring out murder mysteries as well as Agatha Christie’s heroine Miss Marple.To read this article in full or to leave a comment, please click here

Quick look: History-making Space X rocket launch/return

The FirstImage by Reuters/Joe SkipperThey have talked about it for years and had a couple failures but SpaceX this week did what no one has done before – they launched a multi-stage rocket into space, delivered 11 satellites into low-Earth orbit and landed the first stage of the spacecraft back on the launching pad. The Falcon rocket becomes the first of what SpaceX hopes will become a family of reusable launcher systems. Take a look.To read this article in full or to leave a comment, please click here

The year in security, identify theft and fraud

We all like to talk about security, but sometimes words can't tell the whole the story. That's especially true in the case of cyber-threats, identify theft and fraud. It's a numbers game. And as you'll see, users weren't the winners in 2015. To paint a picture of 2015, we asked CIO.com contributor Jen A. Miller to comb through the headlines and industry reports to uncover on how hackers, scammers and thieves got the best of us. Rather than ramble on, we decided to let the numbers do the talking Check out our infographic below (and you can also download the PDF). Click for a larger image or download the PDF using the link below. To read this article in full or to leave a comment, please click here(Insider Story)

Keeping IT Up With The Joneses

 

Keeping-Up-With-The-Joneses

We’ve all been in that meeting. We’re learning the important facts about a company and their awesome technology. We think we’ve got a handle of the problem they’re solving and how we can apply it to our needs. And then…BAM! Our eyes are assaulted by a billboard full of company logos. We’re told how every one of these companies think that this product or solution is awesome. And because they think it’s awesome and bought it, you should think it’s awesome as well and buy it too.

Do As They Do

This particular exchange in a presentation has a term: the NASCAR slide. When I came up with the term years ago during a Tech Field Day presentation, I referred to the fact that the slide was covered by all of the logos of customers and sponsors, not unlike the side of a NASCAR race car or the coveralls worn by the drivers. It turned the presentation into a giant neon sign signaling all the companies that bought the solution.

Vendors love to tell you who their customers are. They love holding those solution bidding wins over their competitor’s heads and informing the populace that a company like Victoria’s Continue reading

The Juniper VPN backdoor: buggy code with a dose of shady NSA crypto

Security researchers and crypto experts have spent the last few days trying to figure out the details of a recently announced backdoor in Juniper NetScreen firewalls that could allow attackers to decrypt VPN (Virtual Private Network) traffic. They believe that they found the answer: a combination of likely malicious third-party modifications and Juniper's own crypto failures. According to experts, Juniper was using a known flawed random number generator called Dual_EC_DRBG as the foundation for cryptographic operations in NetScreen's ScreenOS, but believed it was doing so securely because of additional precautions it had taken. It turns out those safeguards were ineffective.To read this article in full or to leave a comment, please click here

Why it’s harder to forge a SHA-1 certificate than it is to find a SHA-1 collision

It’s well known that SHA-1 is no longer considered a secure cryptographic hash function. Researchers now believe that finding a hash collision (two values that result in the same value when SHA-1 is applied) is inevitable and likely to happen in a matter of months. This poses a potential threat to trust on the web, as many websites use certificates that are digitally signed with algorithms that rely on SHA-1. Luckily for everyone, finding a hash collision is not enough to forge a digital certificate and break the trust model of the Internet.

We’ll explore how hash collisions have been used to forge digital signatures in the past. We’ll also discuss how certificate authorities can make this significantly harder for attackers in the future by including randomness in certificate serial numbers.

Digital signatures are the bedrock of trust

The Internet relies on trust. Whether it’s logging in to your bank or reading Reddit, HTTPS protects you by encrypting the data you exchange with a site and authenticating the site's identity with a digital certificate. Browsers visually display the added security of HTTPS as a padlock in the address bar.

HTTPS can prove a site’s authenticity to a browser when a Continue reading

1 3,148 3,149 3,150 3,151 3,152 3,785