Ethernet Checksums Are Not Good Enough for Storage (Updated)

A while ago I described why some storage vendors require end-to-end layer-2 connectivity for iSCSI replication.

TL&DR version: they were too lazy to implement iSCSI checksums and rely on Ethernet checksums because TCP/IP checksums are not good enough.

It turns out even Ethernet checksums fail every now and then.

2015-12-06: I misunderstood the main technical argument in Evan’s post. The real problem is that switches recalculate CRC, so the Ethernet CRC is no longer end-to-end protection mechanism.

Read more ...

After a lapse, Intel looks to catch up with Moore’s Law again

For Intel, the temporary inability to keep pace with Moore's Law -- the foundation of its business -- was a bit of an embarrassment, but the company is trying hard to catch up.Moore's Law is an observation that has led to faster, cheaper and smaller computers, and a concept that Intel has followed for decades. It states that the density of transistors doubles every two years, while cost per transistor declines.Until recently, the company released chips every two years like clockwork. But making smaller chips is becoming challenging and more expensive, said Bill Holt, executive vice president and general manager for Intel's Technology and Manufacturing Group, during the company's annual investor day last week.To read this article in full or to leave a comment, please click here

Get started with Windows PowerShell DSC

In today's cloud-centric world, we’re seeing an explosion in the number of servers under IT management. Virtual machines made servers cheap, and containers will push prices down further. As a result, businesses can afford to deploy a server for every new need, but they can no longer afford to manage servers individually. Your servers no longer garner individual attention but are simply soldiers in a huge resource pool, dutifully fulfilling the resource requests of the data center.To read this article in full or to leave a comment, please click here(Insider Story)

Police arrest blackmail suspect in TalkTalk data breach case

Police believe they may have found the person who tried to blackmail the CEO of TalkTalk, the U.K. telecommunications company that was the target of a data breach.Following the attack on Oct. 21, in which customers' personal information was accessed, TalkTalk CEO Dido Harding said she had received a ransom demand via email.Police have now arrested an 18-year-old on suspicion of blackmail, the fifth arrest made in connection with an attack on the company's website in which customers' personal information was accessed.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers London's Metropolitan Police Service said officers from its Cyber Crime Unit and from the Southern Wales Regional Organised Crime Unit made the latest arrest in Llanelli, Wales, after searching an address there. The person has been released on bail without charge while police continue their investigation.To read this article in full or to leave a comment, please click here

Holiday light show set in Skyrim using Light-O-Rama

Just because you love your privacy doesn’t mean you can’t make kids of all ages smile with a holiday light show. It’s not like they will be peering into your house. I’m excited to be having my first light show this year, having recently purchased a Light-O-Rama controller and software. As word leaked out about my light show, I warned people it’s not going to be all that this year. What kind of silly soul gets the hardware, tries to learn the software, how to program songs, learns about circuits, makes their own props, sets up and kicks off a show in a mere 30 days? Yes, my adventure was more like how not to do a light show.The fault is mine as I set a goal of getting it up and running by Thanksgiving night, thinking kids don’t have school the next day. Although I told only one person, when I went to vote on Election Day he was spreading the word. Then a lady approached me about bringing a bus load of kids to the show as a Thanksgiving treat. Great; I’m a total noob who doesn’t know what I’m doing yet and it’s only the first Continue reading

Slack has transformed the way teams communicate & they now plan to go IPO!

Having kept my pensive empty for quite some time now its time for a kick start. And what better way to start than to talk about Slack - A communication tool that has revolutionized intra-team, inter-team interactions and day to day messaging.
After the dot com burst and the difficult times of 2009 technology industry is now at a point where innovation is ever more flourishing with new companies announcing their birth and the more mature ones going through multiple rounds of funding, acquisitions and IPOs. Slack is one such company that has gone from a small startup to a multi-billion dollar venture and now in the process of going IPO (TechCrunch). The customer first approach with product re-engineering from customer feedback has yet again proved to be one of the most important ingredients to being successful along with laser sharp focus areas. Slack's growth trajectory is clearly exponential, one that I'm sure any founder would love to have in their annual revenue reports.

Being an engineer in a startup, I am lucky enough to be using this communication tool daily. Having used other paid tools like Cisco Jabber to the free ones like Google Hangouts, Skype and Continue reading

This gizmo knows your Amex card number before you’ve received it

A device built by legendary hacker Samy Kamkar calls into question the security of payment cards as the U.S. continues to grapples with card fraud. Kamkar's device, nicknamed MagSpoof, is about the size of a U.S. quarter, and it's safe to say it would be a fraudster's dream. MagSpoof can predict what a new American Express card number will be based on a canceled card's number. The new expiration date can also be predicted based on when the replacement card was requested. It can also trick point-of-sale readers into accepting payment from cards that are supposed to have a microchip with advanced cryptographic capabilities designed to deter fraud, a system known as chip-and-PIN, but do not.To read this article in full or to leave a comment, please click here

An Introduction to Terraform

In this post, I’m going to provide a quick introduction to Terraform, a tool that is used to provision and configure infrastructure. Terraform allows you to define infrastructure configurations and then have those configurations implemented/created by Terraform automatically. In this respect, you could compare Terraform to similar solutions like OpenStack Heat, AWS CloudFormation, and others.

Before I continue, though, allow me to first address this question: why Terraform?

Why Terraform?

This is a fair question, and one that you should be asking. After all, if Terraform is considered similar to OpenStack Heat or AWS CloudFormation, then why use Terraform instead of one of the comparable solutions? I believe there are a couple (related) reasons why you might consider Terraform over a similar solution:

  1. Within a single Terraform definition, you can orchestrate across multiple cloud services. For example, you could create instances with a cloud provider (AWS, DigitalOcean, etc.), create DNS records with a DNS provider, and register key/value entries in Consul. Heat and CloudFormation are, quite naturally, designed to work almost exclusively with OpenStack and AWS, respectively. (Astute readers will know that Heat supports CloudFormation templates, but you get the idea.) Therefore, one reason to use Terraform Continue reading

Hilton says malware targeted its credit card system

Hilton Worldwide says it has identified and removed malware that targeted card payment systems at some of its hotels over a 17 week period from late 2014 to mid 2015. The malware collected cardholder names, payment card numbers, security codes and expiration dates, the company said in a statement. The hotel chain is advising its customers to check their payment card statements for any unauthorized activity. "As a precautionary measure, customers may wish to review and monitor their payment card statements if they used a payment card at a Hilton Worldwide hotel over a seventeen-week period, from Nov. 18 to Dec. 5, 2014 or April 21 to July 27, 2015," the company said.To read this article in full or to leave a comment, please click here

DARPA wants early warning system for power-grid cyberattacks

Developing systems to protect the nation’s electric grid has been a key goal for many public, private and government developers for years – yet exerts say the grid is still largely vulnerable of serious cyberattackers.The Defense Advanced Research Projects Agency (DARPA) is looking to bolster the nation’s grid defenses with a system called Rapid Attack Detection, Isolation and Characterization (RADICS) that will detect and automatically respond to cyber-attacks on US critical infrastructure.+More on Network World: 21 more crazy and scary things the TSA has found on travelers+To read this article in full or to leave a comment, please click here

DARPA wants early warning system for power-grid cyberattacks

Developing systems to protect the nation’s electric grid has been a key goal for many public, private and government developers for years – yet exerts say the grid is still largely vulnerable of serious cyberattackers.The Defense Advanced Research Projects Agency (DARPA) is looking to bolster the nation’s grid defenses with a system called Rapid Attack Detection, Isolation and Characterization (RADICS) that will detect and automatically respond to cyber-attacks on US critical infrastructure.+More on Network World: 21 more crazy and scary things the TSA has found on travelers+To read this article in full or to leave a comment, please click here

And then there were two: Another dangerous Dell root certificate discovered

The plot thickens: After Dell confirmed that one of its support tools installed a dangerous self-signed root certificate and private key on computers, users discovered a similar certificate deployed by a different Dell tool. The second certificate is called DSDTestProvider and is installed by an application called Dell System Detect (DSD). Users are prompted to download and install this tool when they visit the Dell support website and click the “Detect Product” button. The first certificate, which was reported over the weekend, is called eDellRoot and is installed by the Dell Foundation Services (DFS), an application that implements several support functions.To read this article in full or to leave a comment, please click here

1 3,157 3,158 3,159 3,160 3,161 3,763