Google, Yahoo tighten spam filtering

Google and Yahoo are expanding their use of a successful system for identifying spam.The move is part of years-long effort to implement a series of checks designed to figure out if an email really has been sent by the domain it purports to come from.Email spoofing has long been a problem since its easy to forge the "from" address, making it more likely the receiver will believe it came from a legitimate source.By Nov. 2, Yahoo plans to being using DMARC (Domain-based Message Authentication, Reporting & Conformance) for its ymail.com and rocketmail.com services. Next year, Google also plans to move Gmail to a strict DMARC policy, according to a news release.To read this article in full or to leave a comment, please click here

6WIND Offering Accelerated L3 Virtual Appliances

6WIND, a Packet Pushers sponsor, has been helping get the most networking performance from x86 hardware, making the acceleration software that other companies could use to make the most of their standard servers with multi-core CPUs and Linux. 6WIND has recently taken a further step, offering its own VNFs and virtual networking acceleration software packages to end users like you and me. For example, the Turbo Router and Turbo IPSEC appliances compete with virtual routers from Cisco and Brocade. 6WIND will be appearing on the Packet Pushers Priority Queue podcast near the end of October 2015.

The post 6WIND Offering Accelerated L3 Virtual Appliances appeared first on Packet Pushers.

Magento says compromised sites haven’t patched older vulnerabilities

Magento said Tuesday there does not appear to be a new vulnerability in its e-commerce platform that is causing some websites to become infected with the Neutrino exploit kit. Some of the affected websites appear to not have patched a code execution vulnerability nicknamed the Shoplift Bug Patch, Magento's security team wrote in a blog post. A patch was released in February. Other Magento-powered sites have not applied other patches, making them vulnerable. The latest attack against Magento was highlighted by Malwarebytes and Sucuri, two security companies, who noticed attacks on the client and server sides.To read this article in full or to leave a comment, please click here

DNSSEC is Open for Beta

DNSSEC logo

Since January, CloudFlare has been running a small, private beta for DNSSEC. Starting today, the DNSSEC beta is open for everyone. To request access, email [email protected].

A Background on DNS and DNSSEC

DNS is the system that lets your browser know which web server to connect to when you request to visit a website. It’s the underlying backbone of the usable internet, and yet, is vulnerable to man in the middle attacks.

In DNS, an attacker sitting in the middle of your connection to the internet can tell your browser to connect to any web server they’d like. Browsers trust any DNS records they receive as a response to a DNS query, because DNS, invented in 1983 before the public consumption of the Internet, does not perform any authentication.

There is a solution. It’s called DNSSEC and it adds cryptographic hashes and signatures for authenticating DNS records. You can read more about DNSSEC and how it works in a previous blog post.

The DNSSEC beta is open to all websites that use CloudFlare for DNS. If you want to be a part of our beta and be one of the first CloudFlare websites with DNSSEC, email us for beta Continue reading

Dell targets hyperscale wannabes with new line of bare-bones servers

Dell has released a new family of servers aimed at companies that want some of the cost savings of using custom-built hardware but without having to do as much of the engineering work.The servers are aimed at what Dell calls the second tier of hyper-scale customers -- those big enough to buy hundreds or even thousands of servers at a time, but who aren't as massive as a Google or a Facebook. That includes smaller Web-scale companies as well as telcos, financial services firms, cloud software companies and others.The Googles of the world design their own hardware to make it as energy- and space-efficient as possible. That means stripping out management software and redundant components, and building resiliency into their software stack rather than the hardware itself.To read this article in full or to leave a comment, please click here

Former Cisco CTO taking a seat at Microsoft?

Is Padmasree Warrior in line to take a seat on Microsoft’s board? She’s been nominated, along with Sandra Peterson, group worldwide chairman of health products giant Johnson & Johnson. Cisco Padmasree Warrior, Cisco's former chief technology and strategy officer. Warrior was Cisco’s CTO and chief strategy officer and was one of the executives swept out shortly after new CEO Chuck Robbins was tapped to succeed John Chambers. Warrior was highly visible, always keynoting a Cisco or industry trade show and conference, and is omnipresent on Twitter.To read this article in full or to leave a comment, please click here

Western Digital self-encrypting external hard disk drives have flaws that can expose data

The hardware-based encryption built into popular Western Digital external hard disk drives has flaws that could allow attackers to recover data without knowing the user password.A team of three security researchers investigated how the self-encryption feature was implemented in several popular Western Digital My Passport and My Book models. Depending on the type of microchip used for the encryption operation, they found design flaws and backdoor-like features that enable brute-force password guessing attacks or even decryption of the data without knowing the password.In some cases they found that the encryption is performed by the chip that bridges the USB and SATA interfaces. In other cases the encryption is done by the HDD's own SATA controller, with the USB bridge handling only the password validation.To read this article in full or to leave a comment, please click here

Automating Adding New Networks to a Data Center with UCS Director

Introduction Working as an Cloud Architect with Cisco means I get the chance to talk to many different customers and discuss their challenges and pain points.  One that continually comes up is what should be fairly simple, adding a new network segment to their data center network. It used to be that a network team […]

The post Automating Adding New Networks to a Data Center with UCS Director appeared first on Packet Pushers.

What’s hot in driverless cars?

Who's drivingImage by REUTERS/Edgar SuThe development of self-driving and autonomous cars seems to be all the rage in the automotive community these days. Certainly lots of work remains to be done around safety and communications technologies but there is a heavy push to make car drones a reality. Here we take a look at some of the most recent developments.To read this article in full or to leave a comment, please click here

IRS, tax industry players detail identity theft, fraud combat plans

As tax identity theft and fraud continue to spiral upwards, the IRS and key industry players are trying to develop new technolgies and techniques to slow the swindle juggernaught down.The IRS this week updated the community about what work has been done by its collarborative group of chief executive officers and private sector firms such as H&R Block and Intuit since March when it formed the group to bolster protections against identity theft refund fraud for the 2016 tax season.To read this article in full or to leave a comment, please click here

MPAA shuts down BrowserPopcorn

Well that was crazy fast.A browser-based version of Popcorn Time, which is often referred to as a 'Netflix for pirates,' was recently launched and picking up steam. BrowserPopcorn was created by a 15-year-old and didn't require anything to be downloaded or for users to login before streaming movies or TV shows. If you had visited browserpopcorn.xyz this morning to partake in an illegal movie streaming fest, you would have seen this: BrowserPopcorn But now you see this:To read this article in full or to leave a comment, please click here

Spousetivities in Tokyo

Regular readers of this site know that my wife, Crystal, organizes spouse activities (aka “Spousetivities”, like the combination of “spouse” and “activities”) at conferences. This year she’s adding activities in Tokyo, Japan, in conjunction with the Fall OpenStack Summit!

Here’s a quick look at what is planned:

  • Tokyo city tour w/ tea ceremony (very cool!)
  • Tour of Tokyo Tower, Meiji Jingu, and Odaiba
  • A visit to Mt. Fuji and Hakone
  • Nikko tour

More details on these activities is available on the Spousetivities site.

The activities are funded in part by VMware NSX and Blue Box (their sponsorship helps reduce the cost of activities for participants). If you have a loved one (spouse, domestic partner, family member, friend, whatever!) traveling with you to Tokyo, head on over to the registration page to get them signed up for some great activities while you’re at the Summit.