New Android vulnerabilities put over a billion devices at risk of remote hacking

Newly discovered vulnerabilities in the way Android processes media files can allow attackers to compromise devices by tricking users into visiting maliciously-crafted Web pages.The vulnerabilities can lead to remote code execution on almost all devices that run Android, starting with version 1.0 of the OS released in 2008 to the latest 5.1.1, researchers from mobile security firm Zimperium said in a report scheduled to be published Thursday.The flaws are in the way Android processes the metadata of MP3 audio files and MP4 video files, and they can be exploited when the Android system or another app that relies on Android's media libraries previews such files.To read this article in full or to leave a comment, please click here

IPv6 Support in VRF on Catalyst 3k

I was looking for information on running IPv6 in VRF on the Catalyst 3k platform and there wasn’t much information available. I tried running IPv6 in VRF on Catalyst 3560 with correct SDM profile but got this error message:

Switch(config-vrf)#address-family ipv6
 IPv6 VRF not supported for this platform or this template

I checked with Cisco and you need to have Catalyst 3560-X/3750-X with release 15.2(1)E for IPv6 to be supported in a VRF. This means the feature is not supported on the non X models.

The feature is also available on the 3650/3850 platform with IOS-XE 3.6.0E.

I hope this information helps someone looking for IPv6 support in VRF.

In Pursuit of the CCIE

Just a short post to let you know this blog is not dead. I have not written anything in several months. While I have several posts that are partially complete, I have not been able to finish them…..yet.

For the past several months, I have been busy studying for the CCIE Wireless lab exam. Prior to that, I was sort of working towards the CCIE Route/Switch written and lab exam. I wasn’t fully committed, so my studying was sporadic at best. My heart just wasn’t in forcing myself to learn more about IPv6, multicast, MPLS, and some of the other blueprint items.

Somewhere along the line it changed. Maybe it was having another co-worker who was serious in his pursuit of the CCIE Wireless. Maybe it was that my job working for a reseller had me doing more and more Cisco wireless work. Maybe I just liked the fact that wireless was hard. I’m not really sure. I just know that at some point, a switch flipped inside my head and I just decided to go all in on my studies. Honestly, I should have done this years ago, but the timing just didn’t seem right.

I’ve been studying Continue reading

Startup NodePrime decloaks, wants to manage your whole data center

San Francisco-based startup NodePrime wants to be the proverbial single pane of glass that you use to manage your complicated, heavily virtualized data center, the company announced as it exited stealth today with a $7 million seed funding round in the books.The idea is to provide the type of infrastructure management that Google and Facebook use to manage their outsized data centers. But where Google and Facebook have to spend big on custom hardware and elite engineering talent, NodePrime wants to offer the same capabilities as a commodity.+ ALSO ON NETWORK WORLD: Hottest Enterprise Network & Computing Startups of 2015To read this article in full or to leave a comment, please click here

Voice hackers can record your voice then use morpher to trick authentication systems

It's easy for someone with potentially malicious intentions to record your voice, as you leave traces of your voice when simply talking somewhere out in public, during mobile phone calls, in videos posted on social networking sites, or even when sending a recorded voice greeting card. Your voice is considered to be unique enough to serve as an authentication of your identity.But after studying the implications of commonplace voice leakage and developing voice impersonation attacks, researchers from the University of Alabama at Birmingham warned that an attacker, in possession of only a very limited number of your voice samples, with "just a few minutes worth of audio of a victim's voice," can clone your voice and could compromise your security, safety, and privacy.To read this article in full or to leave a comment, please click here

Microsoft’s Windows chief Myerson falls short of addressing Windows 10 spying concerns

After a month of stern accusations, including one from yours truly, the chief of Microsoft's Windows group addressed user concerns over privacy and information gathering in a blog post.Since its launch two months ago, Windows 10 has been dogged by a number of privacy concerns, ranging from machine IDs to keylogging to spying on your Cortana queries. Windows 7 and 8 were also drawn into the controversy, as Microsoft back-ported some of its telemetry gathering functions to the older operating systems, and the company was also found to be downloading the multigigabyte installation files to Windows 7 and Windows 8 machines without user permission.To read this article in full or to leave a comment, please click here

Jeb Bush is a cyber-weenie

Jeb Bush, one of them many 2016 presidential candidates, has numerous positions on "cyber" issues. They are all pretty silly, demonstrating that not only he but also his advisors profoundly misunderstand the issues.

For example, his recent position opposing "NetNeutrality" regulations says this:
these rules prohibit one group of companies (ISPs) from charging another group of companies (content companies) the full cost for using their services
Uh, no, that's how Democrats frame the debate. ISPs charging content providers is actually a very bad thing. That we Republicans oppose NetNeutrality is not based on the belief that "charging content companies" is a good thing.

Instead, NetNeutrality is about technical issues like congestion and routing. Congestion is an inherent property of the Internet. NetNeutrality shifts the blame for congestion onto the ISPs. NetNeutrality means the 90% of Comcast subscribers who do not use Netflix must subsidize the 10% who are.

Or at least, that's one of the many ways Republicans would phrase the debate. More simply, all Republicans oppose NetNeutrality simply because it's over-regulation. My point is that Jeb Bush doesn't realized he's been sucked into the Democrat framing, and that what he says is garbage.


A better example is Jeb's position Continue reading

21 of the greatest computer quotes ever

He said itImage by Mark GibbsThe world of computers and programming isn’t just a world of algorithms, bits, and coding; it’s also a world of dark, sarcastic and or sardonic humor about the world of computers and programming, by which I mean it’s also recursive (see recursive). Here are arguably (and I’m sure you will argue) 21 of the greatest computer quotes ever. Let the wit begin!To read this article in full or to leave a comment, please click here

Is Apple’s walled garden showing signs of erosion?

Apple has long benefitted from a perception that its devices and the software that powers them are more safe and secure than the competition, but last year's high-profile iCloud hack and a recent large-scale malware attack bring Apple security into question. Earlier this month, Apple suffered a potentially catastrophic security lapse when malicious code injected into a counterfeit version of Xcode, the company's app development toolset, made its way into hundreds (and perhaps thousands) of apps from Chinese developers. The malware affected hugely popular apps, including WeChat, which was eventually pulled from the App Store. Apple failed to detect and stop the malware from entering its "walled garden" and gaining access to an untold number of customers' iOS devices.To read this article in full or to leave a comment, please click here

Breaking free of legacy tech

Rotary Club members who donate $1,000 or more to the Rotary Foundation get a lot of special attention. They are named Paul Harris Fellows in honor of the organization's founder. They receive a certificate and an elegant lapel pin. It's an important award in the Rotary world, and one that has been around since 1957. But recently it had become the source of a lot of unhappiness.When Discover Financial Services set out to expand its offerings beginning in 2007, the company's legacy technology was an obvious impediment, according to executive vice president and CIO Glenn Schneider. "As with many others who've been around for years and have multiple generations of technology in their data centers, the question was, how do we leverage that?" he says. The company's move into the banking business, with IRAs, CDs and many other types of accounts, made its banking platform an obvious choice for an update. "Our mission is to be the leading direct bank and payments platform," Schneider says. "We are all online, so to create competitive differentiation, we felt the necessity to start at the foundation level itself and create a new platform."To read this article in full or Continue reading

2015’s most dangerous celebrity web searches

DJ Armin van BuurenImage by Jorge Mejía PeraltaElectronic Dance Music (EDM) DJ Armin van Buuren replaces comedian and talk show host Jimmy Kimmel as Intel Security’s most dangerous celebrity to search for online. For the ninth year in a row, Intel Security researched popular culture’s most famous people to reveal which of them generates the most dangerous search results.To read this article in full or to leave a comment, please click here

1 3,225 3,226 3,227 3,228 3,229 3,763