Feature Spotlight: System Tracking

Ansible_Feature_Spotlight

During the second installment of our webinar series about Ansible Tower features, we highlighted system tracking, a functionality which was just added to Tower with our 2.2. release.

System Tracking was created to give administrators the necessary tools to audit and verify that machines are in compliance. Use the tool to see how a machine has changed over time, or compare machines in your cluster to see how they are different.

system_tracking_image

For example, you may need to determine whether a set of machines had a security patch applied, or determine when a patch was applied. The System Tracking tools can help you do that. They can also help you evaluate your infrastructure for compliance against specific requirements, and periodically examine machines for unexpected changes.

When you run a scan, you’ll be able to see packages, services, and Ansible facts side-by-side for comparison. All differences in Ansible facts are highlighted in red for easy reference.

You can also expand this function by writing your own Ansible module that gathers the custom facts you want to see. Simply implement a module that returns the “ansible_facts” key, as described in the Ansible documentation.

Our goal with system tracking was to empower you Continue reading

SHA-1 hashing algorithm could succumb to $75K attack, researchers say

Researchers have found a new way to attack the SHA-1 hashing algorithm, still used to sign almost one in three SSL certificates that secure major websites, making it more urgent than ever to retire it, they said Thursday.SHA-1 is a cryptographic hashing function designed to produce a fingerprint of a document, making it easy to tell if a document has been modified after the fingerprint was calculated.Weaknesses had already been identified in SHA-1, and most modern Web browsers will no longer accept SSL certificates signed with it after Jan. 1, 2017. That date was chosen based on the ever-decreasing cost of the computing power required to attack the algorithm.To read this article in full or to leave a comment, please click here

Lyft’s CTO accused of hacking Uber

Uber recently submitted new court filings seeking more information on an IP address believed to be involved in a hack that was made public in February, in which the names and email addresses of 50,000 of its drivers were stolen. And two anonymous sources reportedly told Reuters that the IP address points to Chris Lambert, the chief technology officer of Uber's main competitor, Lyft.In court papers, Uber claims the Comcast IP address was used to access a security key in the breach, and is seeking more information to identify who was using the address. U.S. Magistrate Judge Laurel Beeler has said that the information Uber is seeking with the subpoena is "'reasonably likely' to help reveal the 'bad actor' responsible for the hack," according to Reuters.To read this article in full or to leave a comment, please click here

PQ 58: Alibi Routing With UMD’s Dave Levin

In this podcast, Packet Pushers co-host Ethan Banks gets a bit into the weeds with University of Maryland's Dave Levin in this detailed discussion of Alibi Routing, a privacy-driven research project to prove that traffic flowing between a particular source and destination did not traverse a specific geographic region.

The post PQ 58: Alibi Routing With UMD’s Dave Levin appeared first on Packet Pushers.

Why have most merchants missed the EMV deadline?

Last Friday’s Oct. 1 deadline for so-called EMV or “chip-and-PIN” credit card technology to replace the 1960s-vintage “swipe-and-signature” magnetic stripe card system should not have been a surprise to any of the major players in the payment card industry (PCI) – merchants, card issuers and banks.Visa, one of the three developers of the EMV standard (along with Europay and MasterCard) announced in August 2011 – more than four years ago – that it would be moving to EMV in the U.S. (it has been in use in Europe for more than a decade). The EMV Migration Forum was created by the Smart Card Alliance in July 2012.To read this article in full or to leave a comment, please click here

Doubling the speed of jpegtran with SIMD

It is no secret that at CloudFlare we put a great effort into accelerating our customers' websites. One way to do it is to reduce the size of the images on the website. This is what our Polish product is for. It takes various images and makes them smaller using open source tools, such as jpegtran, gifsicle and pngcrush.

However those tools are computationally expensive, and making them go faster, makes our servers go faster, and subsequently our customers' websites as well.

Recently, I noticed that we spent ten times as much time "polishing" jpeg images as we do when polishing pngs.

We already improved the performance of pngcrush by using our supercharged version of zlib. So it was time to look what can be done for jpegtran (part of the libjpeg distribution).

Quick profiling

To get fast results I usually use the Linux perf utility. It gives a nice, if simple, view of the hotspots in the code. I used this image for my benchmark.

CC BY 4.0 image by ESO

perf record ./jpegtran -outfile /dev/null -progressive -optimise -copy none test.jpeg

And we get:

perf report 54.90% lt-jpegtran libjpeg.so.9.1.0 [.] encode_mcu_AC_refine Continue reading

Journalist convicted of helping Anonymous hack the LA Times

A journalist accused of helping a rogue hacking group briefly take control of the LA Times' website was convicted by a federal jury in California on Wednesday.Matthew Keys, 28, of Vacaville, California, was convicted of conspiracy to make unauthorized changes to a computer, transmitting malicious code and attempted transmission of malicious code, according to the Department of Justice.One of Keys' attorneys, Jay Leiderman, wrote on Twitter that "we'll proceed forward to sentencing and look forward to appealing this verdict."To read this article in full or to leave a comment, please click here

Dell said to be talking with EMC about possible blockbuster merger

Dell is reportedly in talks to buy all or part of enterprise storage powerhouse EMC, which would mark a bold and unexpected new chapter in the PC maker's history.A total merger would be one of the biggest deals ever in the technology industry, with EMC holding a market value of about US$50 billion. It would also bring together two of the most important vendors to enterprise IT departments. MORE ON MERGERS: 2015 Networking & IT M&A Tracker The report about the deal Wednesday in the Wall Street Journal cited unnamed sources, and cautioned that the the companies might not finalize any agreement. To read this article in full or to leave a comment, please click here

Android malware hammers phones with unwanted ads

Android users in more than 20 countries have been infected with a particularly aggressive malware program that bombards devices with unwanted advertisements.Researchers from FireEye found that the malicious component, nicknamed Kemoge, has been seeded inside what appear to be legitimate apps offered on third-party application stores."This is another malicious adware family, possibly written by Chinese developers or controlled by Chinese hackers, spreading on a global scale that represents a significant threat," wrote Yulong Zhang, a staff research scientist with FireEye.To read this article in full or to leave a comment, please click here

Amazon makes it easier to lock down the cloud

If there's a common refrain in enterprise security these days, it's that nobody wants to become the next Sony, Experian, Scottrade, Target or Home Depot. Moving workloads to a public cloud service means that companies can leave some of the day-to-day work of securing their infrastructure to professionals who manage those services. To read this article in full or to leave a comment, please click here

Amazon makes it easier to lock down the cloud

If there's a common refrain in enterprise security these days, it's that nobody wants to become the next Sony, Experian, Scottrade, Target or Home Depot. Moving workloads to a public cloud service means that companies can leave some of the day-to-day work of securing their infrastructure to professionals who manage those services. To read this article in full or to leave a comment, please click here

Hackers who targeted Samsung Pay may be looking to track individuals

The security breach at Samsung subsidiary LoopPay was probably more about spying than about gathering consumer data for profit, and the worst could be yet to come, a security analyst said Wednesday. Samsung acknowledged the attack on LoopPay, which it acquired in February for technology that it uses in its Samsung Pay service. It said hackers only breached LoopPay's office network, not systems used by Samsung Pay. The affected servers have been isolated and no personal payment information was put at risk, according to Samsung.To read this article in full or to leave a comment, please click here

They’re baaaack! Verizon’s zombie cookies to track users across massive AOL ad network

Remember Verizon’s zombie cookies, hidden super-cookie identifiers that tracked users across the Internet? They’re baaaack! moviemaniacsDE Poltergeist screenshot Verizon was previously caught manipulating users’ traffic by inserting supercookies. “By attaching a Unique Identifier Header to all traffic that passes through their network, Verizon could effectively build profiles about users habits, the sites they visit, and deliver targeted advertisements based on this tracking,” explained EVDO. “This Unique Identifier Header was then popularly renamed the ‘Zombie Cookie’ since even after being deleted, the tracking cookie would be added back to the network and users would be tracked again.”To read this article in full or to leave a comment, please click here

1 3,226 3,227 3,228 3,229 3,230 3,773