Former NSA chief undercuts FBI’s desire for encryption backdoors

The former head of the NSA says the U.S. is better served by strong encryption than it would be by encryption schemes with backdoors that allow law enforcement to decrypt the content of communications, according to reports, and he should know.Under Michael Hayden’s watch as director of the NSA, the agency exploited back doors into phone switches in Greece in order to spy on calls including those made by the Greek prime minister and the mayor of Athens.The legal-intercept capabilities baked into the switches are supposed to be used only under strict legal supervision, but they can be abused. According to a story by James Bamford for The Intercept, documents stolen by Edward Snowden help show that the NSA took unauthorized advantage of legal-intercept backdoors in the Greek phone system to eavesdrop on what calling parties assumed would be private communications.To read this article in full or to leave a comment, please click here

Arista stock up on review of Cisco patent claims

The U.S. Patent and Trademark Office this week reportedly agreed to consider the validity of two Cisco patents at issue in litigation with data center switching rival Arista Networks.The development boosted Arista stock by over 5% on Tuesday, Oct. 6, according to Bloomberg. Cisco is suing Arista for copyright and patent infringement, and is seeking an injunction on the sale of Arista products that allegedly infringe on the Cisco patents.To read this article in full or to leave a comment, please click here

Non-technical manager’s guide to protecting energy ICS/SCADA

Sophisticated cyber-attacks known as Advanced Persistent Threats (APT) are a growing challenge to the energy sector of our nation’s critical infrastructure. These attacks can largely be attributed to well-funded, dedicated nation-state actors.APT attacks against Industrial Control Systems (ICS) and to Supervisory Control and Data Acquisition (SCADA) systems are increasing; the U.S. Department of Homeland Security (DHS) Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) cited ICS/SCADA and control system networks as one of the top two targets for hackers and viruses. These vulnerabilities begin with the human interface (13% of vulnerabilities required local access) and end with the actual Internet-facing ICS/SCADA hardware (87% of vulnerabilities are web-accessible).To read this article in full or to leave a comment, please click here

Attackers target OWA for domain credentials

A targeted attack against Outlook Web Application (OWA) illustrates how far adversaries will go to establish persistent control over the organization's entire network.As seen in recent breaches, attackers typically use stolen credentials or malware to get a foothold on the network, and then target the domain controller. Once attackers successfully compromise the domain controller, they can impersonate any user and move freely throughout the enterprise network. Since the OWA server, which provides companies with a Web interface for accessing Outlook and Microsoft Exchange, depends on the domain controller for authentication, whoever gains access to the OWA server automatically wins the domain credentials prize.To read this article in full or to leave a comment, please click here

Zappos’s Website Frozen for Two Years as it Integrates with Amazon

Here's an interesting nugget from a wonderfully written and deeply interesting article by Roger Hodge in the New Republic: A radical experiment at Zappos to end the office workplace as we know it:

Zappos's customer-facing web site has been basically frozen for the last few years while the company migrates its backend systems to Amazon's platforms, a multiyear project known as Supercloud.

It's a testament to Zappos that they still sell well with a frozen website while most of the rest of the world has adopted a model of continuous deployment and constant evolution across multiple platforms.

Amazon is requiring the move, otherwise a company like Zappos would probably be sensitive to the Conway's law implication of such a deep integration. Keep in mind Facebook is reportedly keeping WhatsApp and Instagram independent. This stop the world plan must mean something, unfortunately I don't have the strategic insight to understand why this might be. Any thoughts?

The article has more tantalizing details about what's going on with the move:

IoT will become a matter of life or death for security pros

Orlando, Fla. -- Internet of Things means different things to different people; self-driving cars, smart cities, connected homes, health and fitness apps, etc. But for security professionals, IoT will become a safety issue. Christian Byrnes That’s the stark assessment of analyst Christian Byrnes, who delivered Gartner’s scenario for cyber-security looking out toward the year 2020.Gartner is all-in on IoT, predicting that we’re moving inexorably toward “the universal connectivity of everything,’’ according to Byrnes. The impact cannot be overestimated.To read this article in full or to leave a comment, please click here(Insider Story)

Gartner: Risk, relentless data center demand, open source and other tech trends IT needs to know

ORLANDO --It’s not a surprise to most in IT that the info/tech world is fraught with risk, change, and disruption but most of the time all of those issues aren’t laid out in front of them in nice, neat fashion like they are at Gartner Symposium/ITxpo.There are a number of key themes echoing around the Symposium this week many having to do the smart algorithms and how that kind of technology is going to change the world forever. Another is the move to an all-digital world – a trend well underway and mostly understood by most large companies.+More on Network World: Gartner: Top 10 strategic predictions that could shake up IT+To read this article in full or to leave a comment, please click here

Gartner: Risk, relentless data center demand, open source and other tech trends IT needs to know

ORLANDO --It’s not a surprise to most in IT that the info/tech world is fraught with risk, change, and disruption but most of the time all of those issues aren’t laid out in front of them in nice, neat fashion like they are at Gartner Symposium/ITxpo.There are a number of key themes echoing around the Symposium this week many having to do the smart algorithms and how that kind of technology is going to change the world forever. Another is the move to an all-digital world – a trend well underway and mostly understood by most large companies.+More on Network World: Gartner: Top 10 strategic predictions that could shake up IT+To read this article in full or to leave a comment, please click here

Worth Reading: Revisiting Internet Governance

The realpoltik is that in addition to all of its other aspects — such as its social and economic elements — the internet has become a weapon in the arsenal of the military and security forces. Of course, we all knew that this was the case but the abovementioned affairs brought this out into the open, and I think even the most militant opponents of internet governance were shocked by the extent to which these agencies were already using the internet and the other technologies it facilitates, such as data-gathering and data analytics. -via circleid

The post Worth Reading: Revisiting Internet Governance appeared first on 'net work.

Control Plane Protection in Cisco IOS

How does Internet work - We know what is networking

CoPP – Control Plane Protection or better Control Plain Policing is the only option to make some sort of flood protection or QoS for traffic going to control plane. In the router normal operation the most important traffic is control plain traffic. Control plane traffic is traffic originated on router itself by protocol services running on it and destined to other router device on the network. In order to run properly, routers need to speak with each other. They speak with each other by rules defined in protocols and protocols are run in shape of router services. Examples for this

Control Plane Protection in Cisco IOS

SDN Myths Revisited

techunplugged-logo

I had a great time at TECHunplugged a couple of weeks ago. I learned a lot about emerging topics in technology, including a great talk about the death of disk from Chris Mellor of the Register. All in all, it was a great event. Even with a presentation from the token (ring) networking guy:

I had a great time talking about SDN myths and truths and doing some investigation behind the scenes. What we see and hear about SDN is only a small part of what people think about it.

SDN Myths

Myths emerge because people can’t understand or won’t understand something. Myths perpetuate because they are larger than life. Lumberjacks and blue oxen clearing forests. Cowboys roping tornadoes. That kind of thing. With technology, those myths exist because people don’t want to believe reality.

SDN is going to take the jobs of people that can’t face the reality that technology changes rapidly. There is a segment of the tech worker populace that just moves from new job to new job doing the same old things. We leave technology behind all the time without a care in the world. But we worry when people can’t work on that technology.

I Continue reading

McAfee plans to be elected president in a landslide on the backs of 40 million tatooed voters

It has been a whirlwind few years for John McAfee, the man noted for developing the first commercial anti-virus program. It was only a few years ago when rumors were frantically flying around in following an incredibly sensational story of McAfee as a murder suspect. With all of that seemingly behind him, he now turns his attention to taking up residency in the White House.McAfee, 70, who founded the McAfee security brand, which was later sold to Intel in 2010, recently filed papers as a candidate for president as a member of the Cyber Party. McAfee’s political views are likely to be viewed by many as out of the mainstream, and he believes that if the government is not working for the people, then the citizens have the right to abolish it. He believes that the government has gotten too big and unwieldy. He often cites how it would take 600 years to read all of the laws Congress has passed through the years.To read this article in full or to leave a comment, please click here

Apple’s new two-factor authentication bumps up security and ease of use

Apple has a new, easier-to-use, and more robust system to protect your login if you’re running the latest major OS release and the latest iTunes on every device connected to the same iCloud account. But you may have to wait for it: the system started rolling out in testing this summer for early public beta testers and developers, and started its full rollout a few days ago with the release of El Capitan.The new two-factor authentication (2FA) system requires that whenever you log in to a new device or browser, you have to enter not just your password but a confirmation code from another piece of equipment you’ve established is under your control. A second factor prevents someone from stealing or guessing your password and gaining access to your account, which can be done remotely or through a security breach. In addition, they have to have a token that can only be generated by or sent to equipment under your control, which means they typically need physical access to a computer, mobile device, or SIM.To read this article in full or to leave a comment, please click here

1 3,150 3,151 3,152 3,153 3,154 3,696