IPv6 and SSL for Yandy.IO

Thanks to Digitalocean the site is now fully IPv6 capable. Also, thanks to the awesome service at Cloudflare, just because I can, Yandy.IO is also now SSL encrypted. Your browser should redirect to...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

Risky Business #389 — US law: CFAA isn’t a bug, it’s a feature!

On this week's show we're chatting with computer crime lawyer extraordinaire Tor Ekeland! He's worked on a number of high profile CFAA cases. Most recently he's been defending former Reuters and LA Times journalist Matthew Keys on some pretty hefty CFAA charges. He's also the guy who got Andrew Aurenheimer out of jail so he could go and live a free life as a Nazi troll. (Is that really a win?) He also defended Lauri Love... basically if you're a hacker who's fallen foul of the CFAA, this is the guy you want on your team.

read more

sFlow Test

sFlow Test has been released on GitHub, https://github.com/sflow-rt/sflow-test. The suite of checks is intended to validate the implementation of sFlow on a data center switch. In particular, the tests are designed to verify that the sFlow agent implementation provides measurements under load with the accuracy needed to drive SDN control applications, including:
Many of the tests can be run while the switches are in production and are a useful way of verifying that a switch is configured and operating correctly.

The stress tests can be scaled to run without specialized equipment. For example, the recommended sampling rate for 10G links in production is 1-in-10,000. Driving a switch with 48x10G ports to 30% of total capacity would require a load generator capable of generating 288Gbit/s. However, dropping the sampling rate to 1-in-100 and generating a load of 2.88Gbit/s is an equivalent test of the sFlow agent's performance and can be achieved by two moderately powerful servers with 10G network adapters.

For example, using the test setup above, run an iperf server on Server2: 
iperf -su
Then run the following sequence of tests on Server1: 
#!/bin/bash
RT="10.0.0. Continue reading

Thousands of Java applications vulnerable to nine-month-old remote code execution exploit

A popular Java library has a serious vulnerability, discovered over nine months ago, that continues to put thousands of Java applications and servers at risk of remote code execution attacks.The flaw is located in Apache Commons, a library that contains a widely used set of Java components maintained by the Apache Software Foundation. The library is used by default in multiple Java application servers and other products including Oracle WebLogic, IBM WebSphere, JBoss, Jenkins and OpenNMS.The flaw is specifically in the Collections component of Apache Commons and stems from unsafe deserialization of Java objects. In programming languages, serialization is the process of converting data to a binary format for storing it in a file or memory, or for sending it over the network. Deserialization is the reverse of that process.To read this article in full or to leave a comment, please click here

Supporters and opponents of LTE-U both claim victory after collaborative testing

Recent tests to see whether LTE-U technology interferes with Wi-Fi signals prove conclusively that LTE-U poses no problems whatsoever for Wi-Fi networks, and also that LTE-U (Long-term evolution in Unlicensed spectrum) will drown out Wi-Fi, depending on which party is to be believed.Both the pro-LTE-U side of the debate, backed largely by Qualcomm, and the anti-LTE-U side, made up of a host of different tech companies under the aegis of the Wi-Fi Alliance, say that testing has vindicated their respective positions.+ MORE: LTE-U -- A quick explainer | Worries mount over upcoming LTE-U deployments hurting Wi-Fi +To read this article in full or to leave a comment, please click here

kubernetes + opencontrail install

In this post we walk through the steps required to install a 2 node cluster running kubernetes that uses opencontrail as the network provider. In addition to the 2 compute nodes, we use a master and a gateway node. The master runs both the kubernetes api server and scheduler as well as the opencontrail configuration management and control plane.

OpenContrail implements an overlay network using standards based network protocols:

This means that, in production environments, it is possible to use existing network appliances from multiple vendors that can serve as the gateway between the un-encapsulated network (a.k.a. underlay) and the network overlay. However for the purposes of a test cluster we will use an extra node (the gateway) whose job is to provide access between the underlay and overlay networks.

For this exercise, I decided to use my MacBookPro which has 16G of RAM. However all the tools used are supported on Linux also; it should be relativly simple to reproduce the same steps on a Linux machine or on a cloud such as AWS or GCE.

The first step Continue reading

What’s up with Google Fiber?

Let’s face it: when it comes to Internet connectivity, there’s no such thing as “too fast.” And optical fiber is the only choice for connectivity that exceed 1,000 Mbps, aka Gigabit Internet. Optical fiber provides higher bandwidths – download speeds 40 times faster and upload speeds more than 300 times faster than garden variety broadband – and spans much longer distances than electrical cabling. And some companies, such as Bell Labs, Cisco and Comcast are claiming that their new "fiber optic" services (when eventually installed) will be 10 times faster than Google. In the meantime, Google Fiber is the hottest ticket in town, and it's popping up in municipalities all over America. It started in Kansas City during the summer of 2012 -- followed by Austin, Texas and Provo, Utah in 2014. And on the official Google Fiber team blog, director of Fiber Expansion Jill Szuchmacher noted that Google is in the process of designing the San Antonio network, and construction has started in Atlanta, Nashville, Charlotte and Raleigh-Durham, N.C., and Salt Lake City. To read this article in full or to leave a comment, please click here

How to recognize an online fraudster

What makes an online fraudster? Can you tell by looking at their age? Gender? Billing address? When they shop? The answer is both yes and no, according to a recent report called "The United States of Fraud," produced Sift Science, a fraud detection and prevention software company. They identified factors including age, billing address, shipping address and purchase value that are more likely to signal fraud. This is especially important given the U.S.'s ongoing shift to EMV credit cards. With cards being harder to clone to then use in-store, fraudsters are predicted to shift their efforts online. "EMV technology makes it so much more difficult to duplicate a physical credit card," says Jason Tan, CEO and co-founder of Sift Science. "They're still looking to make their money, and doing their business online is a lucrative channel because it's scalable and anonymous."  To read this article in full or to leave a comment, please click here

Vizio tracks what 10 million smart TV owners’ watch, sells data to advertisers

If you are looking for a good deal, then Black Friday is generally a smart time to buy a TV. For example, Vizio is one of the most popular brands and there are dozens of Vizio TVs showing up in leaked Black Friday ads; but good luck finding one that isn’t “smart.”In the case of Vizio, smart equals spying. So before you jump on a steal of a deal – or if you already own a Vizio smart TV – then you need to know that Vizio is tracking your viewing habits and sharing it with advertisers so you can be tracked across your phone and other devices.Samsung and LG have previously been involved in smart TV spying scandals, but the companies now track users’ viewing habits if customers turn on the feature. “Vizio’s actions,” according to a ProPublica investigation, “appear to go beyond what others are doing in the emerging interactive television industry…. Vizio appears “to provide the information in a form that allows advertisers to reach users on other devices.”To read this article in full or to leave a comment, please click here

$400K award at stake as Japan Prize Foundation hunts for Electronics, Information and Communication stars

Japan Prize Foundation The Japan Prize medal The Japan Prize Foundation announced this week that it has begun the process of finding nominees for its 2017 awards, which will honor outstanding achievements in the fields of “Electronics, Information and Communication” and “Life Science.” Winners receive a certificate of merit and medal, plus a none-too-shabby monetary award of 50 million yen ($407K US dollars).To read this article in full or to leave a comment, please click here

Internet Returns to Aleppo, Syria

Syria_Blobby_Control_Map_22_MAY_15_HIGH-01.0

In the past week, we have detected the first signs of the Internet returning to Syria’s largest city, Aleppo.  Internet service in this part of the country was knocked out on March 24 — over seven months ago.  Internet connectivity, and the lack of it, has been a continuing subplot to this bloody civil war well into its fifth year.

178.253.99.0_24-2

A notable difference with the restored service is that it is no longer routed via Turkey (as it had been) — likely due to the fact that the Syrian government no longer controls the ground between Aleppo (in the northern part of the country) and Turkey.  The restoration of Internet service in Aleppo may be an outcome of Russia’s recent engagement (with assistance from Iran) in the battle for Aleppo — and perhaps an indicator of the scales tipping towards government forces in this protracted battle.

Background

The first Syrian Internet shutdown occurred in June 2011 during ‘Arab Spring’ protests as two thirds of the country’s routed networks were taken down for over 48 hours.  As the conflict has continued over the years, Syria has suffered numerous Internet blackouts including a multi-day outage in November Continue reading

1 3,183 3,184 3,185 3,186 3,187 3,773