Google Plus Is Mouldering

A quick search for “Google Plus is dead” reveals a number of recent articles about the pending death of the social media platform. It’s not fair to say it’s dead as yet. But it’s certainly mouldering. I took an informal survey on Twitter, LinkedIn, and Slack, asking folks if they were still using […]

HP adds protection against firmware attacks to enterprise printers

Researchers have been demonstrating attacks against printers for years. Now, Hewlett-Packard has started building defenses directly into its printers' firmware instead of just patching individual vulnerabilities.The company's new M506, M527 and M577 series of LaserJet Enterprise printers, set to go on sale in October and November, will have built-in detection for unauthorized BIOS and firmware modifications.HP refers to this capability as "self-healing security," but it's actually a set of code integrity checking mechanisms that security researchers have asked embedded systems manufacturers to implement for years.One of the new features, called HP Sure Start, validates the integrity of the BIOS code at boot time and if any modification is detected, it reboots the device and loads a clean copy. This is based on a similar feature that HP's Elite line of PCs have had since 2013.To read this article in full or to leave a comment, please click here

Tips For Presenting On Video

video

Giving a presentation is never an easy thing for a presenter. There’s a lot that you have to keep in mind, like pacing and content. You want to keep your audience in mind and make sure you’re providing value for the time they are giving you.

But there is usually something else you need to keep in mind today. Most presentations are being recorded for later publication. When presenting for an audience that has a video camera or two, there are a few other things you want to keep in mind on top of every other thing you are trying to keep track of.

Tip 1: Introduce Early. And Often

One of the things you really need to keep in mind for recorded presentations is time. If the videos are going to be posted to Youtube after the event the length of your presentation is going to matter. People that stumble across your talk aren’t going to want to watch an hour or two of slide discussion. A fifteen minute overview of a topic works much better from a video perspective.

Never rely on a lower third to do something you are capable of taking five seconds to say.

Keeping Continue reading

CIA details agency’s new digital and cyber espionage focus

It seems like it might be about 10 years too late to the party but come October 1, the Central Intelligence Agency will ad a new directorate that will focus on all things cyber and digital espionage.The CIA’s Deputy Director David Cohen to a Cornell University audience last week that once the new Directorate of Digital Innovation (DDI) is up and running “it will be at the center of the Agency’s effort to inject digital solutions into every aspect of our work. It will be responsible for accelerating the integration of our digital and cyber capabilities across all our mission areas—human intelligence collection, all-source analysis, open source intelligence, and covert action.”To read this article in full or to leave a comment, please click here

Why we raised $110m from Fidelity, Google, Microsoft, Baidu and Qualcomm

The past few years have been marked by tremendous growth for CloudFlare. At the time of our last fundraising in December 2012, CloudFlare was a team of 37 operating a network in 23 cities and 15 countries—today we number over 200 with a presence in 62 cities and 33 countries. We’ve grown from delivering 85 billion page views per month for 500 thousand customers to nearly 1 trillion each month across 4 million Internet properties, all the while protecting our customers from hundreds of billions of cyber threats. The growth and resonance of our service since CloudFlare’s founding 5 years ago is beyond our wildest of expectations, but it is only in the coming years that our scale and efforts to build a better Internet will become visible.

In 2016 alone we will more than double our global presence, increase the size of our network by an order of magnitude, and with that allow millions of new businesses and online publishers to accelerate and secure their online applications and harness the growing power of the Internet economy. Our service is built on the simple premise that any individual or business should be able to quickly and easily ensure the global Continue reading

Chip card reality check: Oct. 1 deadline termed a ‘soft incentive’

Despite an Oct. 1 deadline for U.S. merchants to accept secure chip-enabled credit and debit cards, experts believe it will take years for the conversion."Realistically, we should expect the adoption of chip cards in the U.S. to take a few years," said Avivah Litan, an analyst at Gartner who has been following the conversion for a decade, in an interview this week.Oct. 1 is the deadline for merchants to begin using newer point-of-sale terminals to accept chip cards. Meanwhile, banks are steadily sending chip cards to millions of customers as replacements for magnetic stripe cards. Chip cards are more secure than the older technology, and the U.S. is one of the latest countries to make the conversion.To read this article in full or to leave a comment, please click here

Hack iOS 9 and get $1 million, cybersecurity firm says

The market for unpatched vulnerabilities has grown so much that an exploit reseller is willing to pay US$1 million dollars for an attack that can compromise iOS 9 devices.Zerodium, an exploit acquisition company, promises to pay $1 million to researchers who can provide it with an "exclusive, browser-based, and untethered jailbreak for the latest Apple iOS 9 operating system and devices."In the context of iOS devices, jailbreaking refers to bypassing the security restrictions enforced by the mobile operating system in order to install applications that haven't been authorized by Apple and are not distributed through the official app store.To read this article in full or to leave a comment, please click here

Cisco Intelligent WAN (IWAN)

cisco-logo

When I made a stab at defining SD WAN recently, I noted that Cisco’s IWAN solution had provided a bit of a contrast to some of the other Software Defined WAN solutions I’d seen; not in a bad way, but I was certainly interested in the approach.

SD WAN Definition

I’m going to “do a Joe Onisick” here and quote myself as a reference for what I might be hoping for from the Cisco IWAN solution:

“SD WAN is a solution that uses real time WAN link performance monitoring and data packet inspection to autonomously manage the distribution of network traffic across multiple, likely heterogenous, WAN links with the aim of improving and optimizing WAN performance in alignment with the business requirements.” – John Herbert

One thing my definition doesn’t mention is how these systems get deployed, and since that’s interesting, perhaps let’s start there.

IWAN Zero Touch Deployment

It seems to me that ZTD has become a checkbox requirement for all the SD WAN solutions, and perhaps it’s about time. Zero Touch Deployment in the context of SD WAN means being able to ship a box to a spoke site, have ‘Dumb Hands’ on site plug in the Continue reading

Worth Reading: Energy Prices and the Data Center

Energy is the biggest expense for data centers, and although efficiency improvements can help by reducing consumption, cost remains a critical factor in determining operating budgets. The recent crash in oil prices raises a number of questions about demand, but there’s more to the picture—especially for such a politically charged topic. via the data center journal

The post Worth Reading: Energy Prices and the Data Center appeared first on 'net work.

US, China appear close on cyber economic espionage deal

China and the U.S. appear close to a ground-breaking agreement on cyber espionage that could be signed later this week when President Xi and President Obama meet in Washington.On the eve of the state visit, both countries have expressed a desire to stop cyber espionage for economic gain and agreed it's illegal.But the two countries are still in disagreement over whether China's government plays any part in trans-national cyber hacking for economic purposes.On Monday, U.S. National Security Advisor Susan Rice said "cyber-enabled economic espionage must stop."During a speech in Washington, D.C., she said the issue was more than an irritation and "puts enormous strain on our bilateral relationship and it is a critical factor in determining the future trajectory of U.S.-China ties."To read this article in full or to leave a comment, please click here

Catalyst 3750 IPv6 ACL Limitations

I recently ran into some limitations of IPv6 ACLs on the Catalyst 3750 platform. I had developed an ACL to protect from receiving traffic from unwanted address ranges such as ::, ::1, ::FFFF:0:0/96. The first address is the unspecified address, the second one is the loopback address and the last one is IPv4 mapped traffic. The ACL also contained an entry to deny traffic with routing-type 0.

Note that no error is output when adding the entries in the ACL, only when applying the ACL to an interface.

% This ACL contains following unsupported entries.
% Remove those entries and try again.
    deny ipv6 any any routing-type 0 sequence 20
    deny ipv6 host ::1 any sequence 290
    deny ipv6 host :: any sequence 310
    deny ipv6 ::FFFF:0.0.0.0/96 any sequence 330
% This ACL can not be attached to the interface.
SW1(config-if)#
%PARSE_RC-4-PRC_NON_COMPLIANCE: `ipv6 traffic-filter v6-ACL-IN in'

From the configuration guide, the following limitations apply to the Catalyst 3750 platform.

Cat3750

What this means is that we can’t match on flowlabel, routing-header and undetermined transport upper layer protocol. We also need to match on networks ranging from /0 to /64 and host addresses that are belonging to global unicast Continue reading

1 3,245 3,246 3,247 3,248 3,249 3,773