A Few Easy Steps: Cisco Switch, Setup IP Device Tracking

In this session of A Few Easy Steps, we will be setting up IP Device Tracking on a Cisco IOS Switch. In General this will work on any Cisco IOS switch.  Session Prerequisites: You have terminal or console access to your Cisco device. Session Assumptions: You have host devices connected to your switch Our goals of …

Companies scramble to fix lack of encryption on mobile apps

Several companies have moved quickly to add encryption to their mobile apps after it was discovered they failied to encrypt payment card information in transit, putting users at risk. The apps were not using SSL/TLS (Secure Sockets Layer/Transport Layer Security), an encryption protocol that scrambles data as it's sent across the Internet, according to Wandera, a cloud and mobile security vendor. "With so many breaches and costly data loss incidents in the news, it's hard to believe that any business would fail to take such a basic precaution as to encrypt sensitive traffic as it's transmitted to or from a website," said Michael J. Covington, senior product manager, in a video posted Wednesday.To read this article in full or to leave a comment, please click here

NASA’s not so keen to talk about quantum computer security

The D-Wave 2X quantum computer at NASA's Advanced Supercomputing facility in Silicon Valley is an impressive machine. Engineers from NASA and Google are using it to research a whole new area of computing -- one that's years from commercialization but could revolutionize the way computers solve complex problems.The machine is also being used by researchers at universities, and it's hooked up to the Internet, like other NASA supercomputers made available to academics.Engineers who showed the machine to the media on Tuesday were keen to talk about its capabilities, but less so about the security measures in place to stop hackers.To read this article in full or to leave a comment, please click here

Arista mitigating Cisco patents in question

As litigation continues in the patent infringement case Cisco filed against Arista Networks, the defendant is developing “work arounds” for its customers should the courts rule in Cisco’s favor. Arista said during its Q3 earnings call on Nov. 5 that it has developed “design arounds” for each of the patents in question in the event of an adverse outcome.From Marc Taxay, Arista vice president and general counsel:To read this article in full or to leave a comment, please click here

Ex-US State Dept. worker pleads guilty to extensive “sextortion,” hacking and cyberstalking acts

The former US Department of State man accused of hacking into hundreds of victims’ e-mail and social media accounts, stealing thousands of sexually explicit photographs, and threatening at least 75 victims that he would post those photos and other personal information unless they agreed to his “sextortionate” demands has entered a guilty plea to the nefarious attacks.+More on Network World: 20 years ago: Hot sci/tech images from 1995+Michael C. Ford, 36, of Atlanta, was indicted by a grand jury in the U.S. District Court for the Northern District of Georgia on Aug. 18, 2015, with nine counts of cyberstalking, seven counts of computer hacking to extort and one count of wire fraud.To read this article in full or to leave a comment, please click here

Some notes on fast grep

This thread on the FreeBSD mailing discusses why GNU grep (that you get on Linux) is faster than the grep on FreeBSD. I thought I'd write up some notes on this.

I come from the world of "network intrusion detection", where we search network traffic for patterns indicating hacker activity. In many cases, this means solving the same problem of grep with complex regexes, but doing so very fast, at 10gbps on desktop-class hardware (quad-core Core i7). We in the intrusion-detection world have seen every possible variation of the problem. Concepts like "Boyer-Moore" and "Aho-Corasick" may seem new to you, but they are old-hat to us.

Zero-copy

Your first problem is getting the raw data from the filesystem into memory. As the thread suggests, one way of doing this is "memory-mapping" the file. Another option would be "asynchronous I/O". When done right, either solution gets you "zero-copy" performance. On modern Intel CPUs, the disk controller will DMA the block directly into the CPU's L3 cache. Network cards work the same way, which is why getting 10-gbps from the network card is trivial, even on slow desktop systems.

Double-parsing

Your next problem is stop with the line parsing, idiots. All these Continue reading

U.S. Marshals issue telephone scam warning

The U.S. Marshals Service today warned of a telephone scam that has some scamster calling random victims and alleging they or their family members have an active federal arrest warrant and demanding payment of fines.From the US Marshals office: “On December 7, 2015, the fraudster identified himself as a Deputy United States Marshal and informed the potential victims they or their family member had active federal warrants for their arrest. The caller then gave the potential victims a contact number and information to pay the fine. The phony law enforcement officer threatened the potential victims with arrest if the fine was not paid. The fraudster then tells the victim to buy a prepaid money card from a local grocery store in the Cincinnati area. The victim is then instructed to give the access account code for the prepaid money card to the phony law enforcement officer. “To read this article in full or to leave a comment, please click here

U.S. Marshals issue telephone scam warning

The U.S. Marshals Service today warned of a telephone scam that has some scamster calling random victims and alleging they or their family members have an active federal arrest warrant and demanding payment of fines.From the US Marshals office: “On December 7, 2015, the fraudster identified himself as a Deputy United States Marshal and informed the potential victims they or their family member had active federal warrants for their arrest. The caller then gave the potential victims a contact number and information to pay the fine. The phony law enforcement officer threatened the potential victims with arrest if the fine was not paid. The fraudster then tells the victim to buy a prepaid money card from a local grocery store in the Cincinnati area. The victim is then instructed to give the access account code for the prepaid money card to the phony law enforcement officer. “To read this article in full or to leave a comment, please click here

Homeland Security’s role in cybersecurity

CSO Contributing Writer Ira Winkler (The Irari Report) recently sat down for an interview with Alejandro N. Mayorkas, the deputy secretary of Homeland Security.We’ve separated the interview into three video segments, covering a variety of security-related topics.In the first video (above), Mayorkas describes the role of Homeland Security when it comes to cybersecurity, and how government agencies are working together to improve the overall cybersecurity of critical systems and infrastructure.In part 2, Winkler and Mayorkas discuss whether the power grid is vulnerable to cyberattack, and where opportunities exist for improving our defenses.To read this article in full or to leave a comment, please click here

Google continues enterprise push with Data Loss Prevention for Gmail

Google on Wednesday released a new tool for companies that want to make sure their sensitive information isn't shared via email.Gmail for Work now has Data Loss Prevention (DLP) capabilities, which allow administrators to set policies about what information users can send through Gmail. The goal is to protect confidential records and make sure users don't accidentally leak key data. For example, a policy could prohibit members of the accounting team from sending any emails with a spreadsheet attached. Policies could also be used to quarantine messages until an administrator can review them, or modify them to remind users not to share confidential information outside of the company. Google has tried to make crafting those policies easier with a library of predefined content detectors that help administrators build intelligent policies. For situations that aren't covered by the pre-built detectors, administrators can create their own. To read this article in full or to leave a comment, please click here

Free Red Book: Readings in Database Systems, 5th Edition

For the first time in ten years there has been an update to the classic Red Book, Readings in Database Systems, which offers "readers an opinionated take on both classic and cutting-edge research in the field of data management."

Editors Peter Bailis, Joseph M. Hellerstein, and Michael Stonebraker curated the papers and wrote pithy introductions. Unfortunately, links to the papers are not included, but a kindly wizard, Nindalf, gathered all the referenced papers together and put them in one place.

What's in it?

  • Preface 
  • Background introduced by Michael Stonebraker 
  • Traditional RDBMS Systems introduced by Michael Stonebraker 
  • Techniques Everyone Should Know introduced by Peter Bailis 
  • New DBMS Architectures introduced by Michael Stonebraker
  • Large-Scale Dataflow Engines introduced by Peter Bailis 
  • Weak Isolation and Distribution introduced by Peter Bailis 
  • Query Optimization introduced by Joe Hellerstein 
  • Interactive Analytics introduced by Joe Hellerstein 
  • Languages introduced by Joe Hellerstein 
  • Web Data introduced by Peter Bailis 
  • A Biased Take on a Moving Target: Complex Analytics by Michael Stonebraker 
  • A Biased Take on a Moving Target: Data Integration by Michael Stonebraker

Related Articles