U.S. may be financing encryption apps to stay ahead of terrorists

The U.S. government's financial support for the development of smartphone encryption apps doesn't surprise security experts.U.S. intelligence agencies are probably involved in funding commercial encryption apps through the government's Open Technology Fund to stay on top of terrorists and organized criminals that use encryption to cloak their communications, several security experts said Wednesday.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers "It would not surprise me if federal agencies were funding encryption apps because it is possibly the only option available to monitor terrorism and organized crime," said Darren Hayes, assistant professor and director of cybersecurity at Pace University. "ISIS members have been actively pushing potential recruits to move to encrypted communications."To read this article in full or to leave a comment, please click here

FTC loses: Judge dismisses FTC data security case against LabMD

Cancer-screening laboratory LabMD won its case against the FTC. LabMD was accused of two data breaches, one in 2012 and one in 2008, when a company spreadsheet that contained sensitive personal information of 9,000 consumers was found on a peer-to-peer network. Seven years of litigation later, FTC Chief Administrative Law Judge Chappell’s issued an initial ruling (pdf) dismissing the FTC’s complaint against LabMD since the FTC had failed to prove that LabMD’s “alleged failure to employ ‘reasonable and appropriate’ data security ‘caused, or is likely to cause, substantial injury to consumers’.”To read this article in full or to leave a comment, please click here

Google-owned VirusTotal starts analyzing Mac malware in a sandbox

VirusTotal, the most widely used online file-scanning service, is now executing suspicious Mac apps submitted by users inside a sandbox to generate information that could improve the analysis and detection of Mac malware.This comes at a time when, according to security vendors, the number of potentially unwanted Mac OS X applications, especially adware programs, is at an all time high.VirusTotal, a Google-owned service, allows users to upload suspicious files and scan them with 54 different antivirus products. However, its scan results are not perfect and should not be taken as guarantees that files are safe.To read this article in full or to leave a comment, please click here

Supersonic passenger jet service by 2023?

There could be supersonic private passenger flights buy 2023 if Airbus and Aerion have their way.The two companies this week expanded their existing partnership and detailed the results of their research – the AS2, a 170-ft. long needle-shaped, three-engine jet capable of hitting speeds over 1,200MPH – about Mach 1.5. The idea is to test fly the jet by 2021 -- which can handle about 12 passengers -- and have it in service by 2023. Airbus/Aerion AS2To read this article in full or to leave a comment, please click here

Free Book: Practical Scalablility Analysis with the Universal Scalability Law

If you are very comfortable with math and modeling Dr. Neil Gunther'Universal Scalability Law is a powerful way of predicting system performance and whittling down those bottlenecks. If not, the USL can be hard to wrap your head around.

There's a free eBook for that. Performance and scalability expert Baron Schwartz, founder of VividCortex, has written a wonderful exploration of scalability truths using the USL as a lens: Practical Scalablility Analysis with the Universal Scalability Law

As a sample of what you'll learn, here are some of the key takeaways from the book:

  • Scalability is a formal concept that is best defined as a mathematical function.
  • Linear scalability means equal return on investment. Double down on workers and you’ll get twice as much work done; add twice as many nodes and you’ll increase the maximum capacity twofold. Linear scalability is oft claimed but seldom delivered.
  • Systems scale sublinearly because of contention, which adds queueing delay, and crosstalk, which inflates service times. The penalty for contention grows linearly and the crosstalk penalty grows quadratically. (An alternative to the crosstalk theory is that longer queues are more costly to manage.)
  • Contention causes throughput to asymptotically approach the reciprocal of Continue reading

The Next Horizon for Cloud Networking & Security

VMware NSX has been around for more than two years now, and in that time software-defined networking and network virtualization have become VMware Networking Expert Guido Appenzellerinextricably integrated into modern data center architecture. It seems like an inconceivable amount of progress has been made. But the reality is that we’re only at the beginning of this journey.

The transformation of networking from a hardware industry into a software industry is having a profound impact on services, security, and IT organizations around the world, according to VMware’s Chief Technology Strategy Officer for Networking, Guido Appenzeller.

“I’ve never seen growth like what we’ve found with NSX,” he says. “Networking is going through a huge transition.” Continue reading

Arista steps outside the data center with Cloud Connect solution

The rise of virtualization has had a profound impact on the technology industry. In the networking industry, perhaps no vendor has ridden the wave of cloud more than Arista Networks. The company was founded a little over a decade ago, and today it is a publicly traded company with a market capitalization of over $4.6 billion. However, almost all of Arista's revenues today come from selling products inside the data center. The company was one of the most aggressive vendors in pushing the concept of a spine/leaf architecture as a replacement for a traditional multi-tier network. This week, Arista announced its first solution that is outside the data center. The Arista Cloud Connect solution connects public and private cloud data centers. Moving into the data center interconnect market is a logical extension for Arista and highlights just how far merchant silicon has come over the past decade.To read this article in full or to leave a comment, please click here

How to use SANless clusters to protect SQL in the cloud

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

While cloud computing has proven to be beneficial for many organizations, IT departments have been slow to trust the cloud for business-critical Microsoft SQL Server workloads. One of their primary concerns is the availability of their SQL Server, because traditional shared-storage, high-availability clustering configurations are not practical or affordable in the cloud.

Amazon Web Services and Microsoft Azure both offer service level agreements that guarantee 99.95% uptime (fewer than 4.38 hours of downtime per year) of IaaS servers. Both SLAs require deployment in two or more AWS Availability Zones or Azure Fault Domains respectively. Availability Zones and Fault Domains enable the ability to run instances in locations that are physically independent of each other with separate compute, network, storage or power source for full redundancy. AWS has two or three Availability Zones per region, and Azure offers up to 3 Fault Domains per “Availability Set.”

To read this article in full or to leave a comment, please click here

Adobe patches flaws in ColdFusion, LiveCycle Data Services and Premiere Clip

Adobe has released security updates for its ColdFusion application server, LiveCycle Data Services framework and Premiere Clip iOS app. The company published hotfixes for ColdFusion versions 11 and 10, namely ColdFusion 11 Update 7 and ColdFusion 10 Update 18. Both updates address two input validation issues that could be exploited to execute cross-site scripting (XSS) attacks. In addition, the hotfixes include an updated version of BlazeDS, a Java messaging protocol for rich Internet applications, that resolves an important server-side request- forgery vulnerability.To read this article in full or to leave a comment, please click here

A Stack Full Of It

pancakestack

During the recent Open Networking User Group (ONUG) Meeting, there was a lot of discussion around the idea of a Full Stack Engineer. The idea of full stack professionals has been around for a few years now. Seeing this label applied to networking and network professionals seems only natural. But it’s a step in the wrong direction.

Short Stack

Full stack means having knowledge of the many different pieces of a given area. Full stack programmers know all about development, project management, databases, and other aspects of their environment. Likewise, full stack engineers are expected to know about the network, the servers attached to it, and the applications running on top of those servers.

Full stack is a great way to illustrate how specialized things are becoming in the industry. For years we’ve talked about how hard networking can be and how we need to make certain aspects of it easier for beginners to understand. QoS, routing protocols, and even configuration management are critical items that need to be decoded for anyone in the networking team to have a chance of success. But networking isn’t the only area where that complexity resides.

Server teams have their own jargon. Their language Continue reading

Initial Thoughts: BroadView

On a technical level, BroadView is a collection of open-source software, plugins to multiple ecosystem projects (such as OpenDaylight and OpenStack), and documentation. It offers programmable access to the internal workings of switching architecture for enhanced network control tasks such as monitoring, congestion control and advanced troubleshooting. via broadcom

What’s interesting about this “product,” produced by Broadcom, is they are open source. We tend to think software will eat the world, but when something like this comes out in the open source space, it makes me think that if software eats the world, profit is going to take a long nosedive into nothingness. From Broadcom’s perspective this makes sense, of course; any box you buy that has a Broadcom chipset, no matter who wrapped the sheet metal around the chipset, will have some new added capability in terms of understanding the traffic flow through the network. Does this sort of thing take something essential away from the vendors who are building their products based on Broadcom, however? It seems the possibility is definitely there, but it’s going to take a lot deeper dive than what’s provided in the post above to really understand. If these interfaces are exposed simply through Continue reading

How a telecom investment in North Korea went horribly wrong

An Egyptian company that launched North Korea's first 3G cellular network and attracted as many as 3 million subscribers has revealed that it lost control of the operator despite owning a majority stake.The plight of Orascom Telecom and Media Technology in North Korea takes place against a backdrop of rapid telecom modernization and a public eager to adopt a new technology. It's ultimately a lesson in the perils of getting into bed with a government that's not known for respecting international law.When Orascom announced plans to launch the 3G service in 2008 it met with skepticism. The North Korean government severely limits its citizens' ability to communicate and has jailed or killed anyone who speaks out against the regime. The regime has regularly threatened war against its foes and was under sanctions at the time for a 2006 nuclear test.To read this article in full or to leave a comment, please click here

Extreme tech positions of the presidential candidates

This is an election where extreme positions have become the norm, and the implications for science and technology may be huge.In some cases, the Republican and Democratic candidates have stated positions with clarity. But many of ideas are still vague, roughly sketched out and incomplete.+ ALSO ON NETWORK WORLD Techies back Democrats in Presidential race +These emerging proposals, the ones with the most impact on technology, deserve attention. The surviving candidates are certain to refine them in the months ahead. But here's a look at some tech implications of the 2016 contest.To read this article in full or to leave a comment, please click here

Spearphishing Attacks Against Hostmonster Customers

I tend to see a lot of phishing emails. The message I received this morning caught my eye. It was fairly well crafted and obviously targeted. After searching the Internet, I found that some GoDaddy customers have received something similar. This seems to be making its way around the internet to website administrators. The most curious thing to me is how someone associated the email address with a Hostmonster account.

Phishing Email Message

Screen Shot 2015-11-18 at 6.58.02 AM

As can be seen above, the message read–

Your account contains more than 4035 directories and may pose a potential performance risk to the server. Please reduce the number of directories for your account to prevent possible account deactivation.

In order to prevent your account from being locked out we recommend that you create special temp directory.

The link goes to kct67<dot>ru.

Message headers also suggest a Russian origin–

Received: by 10.140.27.139 with SMTP id 11csp1084546qgx;
        Tue, 17 Nov 2015 20:25:39 -0800 (PST)
X-Received: by 10.25.161.211 with SMTP id k202mr1408853lfe.161.1447820739327;
        Tue, 17 Nov 2015 20:25:39 -0800 (PST)
Return-Path: <[email protected]>
Received: from bmx1.z8.ru (bmx1.z8.ru. [80.93.62.39])
        by mx.google.com with ESMTPS  Continue reading

Carrier Grade NAT and the DoS Consequences

Republished from Corero DDoS Blog:

The Internet has a very long history of utilizing mechanisms that may breathe new life into older technologies, stretching it out so that newer technologies may be delayed or obviated altogether. IPv4 addressing, and the well known depletion associated with it, is one such area that has seen a plethora of mechanisms employed in order to give it more shelf life.

In the early 90s, the IETF gave us Classless Inter-Domain Routing (CIDR), which dramatically slowed the growth of global Internet routing tables and delayed the inevitable IPv4 address depletion. Later came DHCP, another protocol which assisted via the use of short term allocation of addresses which would be given back to the provider's pool after use. In 1996, the IETF was back at it again, creating RFC 1918 private addressing, so that networks could utilize private addresses that didn't come from the global pool. Utilizing private address space gave network operators a much larger pool to use internally than would otherwise have been available if utilizing globally assigned address space -- but if they wanted to connect to the global Internet, they needed something to translate those addresses. This is what necessitated the development of Network Address Translation (NAT).

NAT Continue reading

1 3,174 3,175 3,176 3,177 3,178 3,773