What does Donald Trump have to say about technology? Not much

Donald Trump isn't much of a technophile. The surprise frontrunner for the Republican nomination in the 2016 U.S. Presidential election said he hadn't adopted email as late as 2007, and was only using it "very rarely" by 2013, according to The New York Times, which published these admissions among many other revealing statements Trump has made under oath in depositions over the past decade.Trump still reads hard-copy news and magazine articles, and even dictates his oft-controversial Tweets to a team of PR underlings who send them out on his account, according to The Washington Post.To read this article in full or to leave a comment, please click here

Federal prison system wants anti-drone technology

Looking to counter the threat unmanned aircraft might bring to Federal prison guards and prisoners, the Federal Bureau of Prisons is looking at what types of technology could be used to defeat the drones.The group, which is an agency of the Department of Justice issued a Request for Information specifically targeting what it called a fully integrated systems that will allow for the detection, tracking, interdiction, engagement and neutralization of small -- less the 55lb -- unmanned aerial system.+More on Network World: The International Space Station: Reveling at 15+To read this article in full or to leave a comment, please click here

The Godwin fallacy

As Wikipedia says:
Godwin's law and its corollaries would not apply to discussions covering known mainstays of Nazi Germany such as genocide, eugenics, or racial superiority, nor to a discussion of other totalitarian regimes or ideologies, if that was the explicit topic of conversation, because a Nazi comparison in those circumstances may be appropriate, in effect committing the fallacist's fallacy, or inferring that an argument containing a fallacy must necessarily come to incorrect conclusions.
An example is a discussion whether waving the Confederate flags was "hate speech" or "fighting words", and hence undeserving of First Amendment protections.

Well, consider the famous march by the American Nazi party through Skokie, Illinois, displaying the Swastika flag, where 1 in 6 residents was a survivor of the Holocaust. The Supreme Court ruled that this was free-speech, that the Nazi's had a right to march.

Citing the Skokie incident isn't Godwin's Law. It's exactly the precedent every court will cite when deciding whether waving a Confederate flag is free-speech.

I frequently discuss totalitarianism, as it's something that cyberspace can both enable and defeat. Comparisons with other totalitarian regimes, notably Soviet Russia and Nazi Germany, are inevitable. They aren't Godwin hyperbole, they are on point. Continue reading

Trojanized Android apps flood third-party stores, compromise phones

Attackers are creating rogue versions of popular Android applications that compromise the security of devices and are extremely hard to remove.Researchers from mobile security firm Lookout have found more than 20,000 samples of such trojanized apps. They're typically fully functional copies of top Android applications like Candy Crush, Facebook, Google Now, NYTimes, Okta, SnapChat, Twitter or WhatsApp, but with malicious code added to them.The goal of these rogue apps is to aggressively display advertisements on devices. A scary development though is that, unlike traditional adware, they root the devices where they get installed in order to prevent users from removing them.To read this article in full or to leave a comment, please click here

Strategy: Avoid Lots of Little Files

I've been bitten by this one. It happens when you quite naturally use the file system as a quick and dirty database. A directory is a lot like a table and a file name looks a lot like a key. You can store many-to-one relationships via subdirectories. And the path to a file makes a handy quick lookup key. 

The problem is a file system isn't a database. That realization doesn't hit until you reach a threshold where there are actually lots of files. Everything works perfectly until then.

When the threshold is hit iterating a directory becomes very slow because most file system directory data structures are not optimized for the lots of small files case. And even opening a file becomes slow.

According to Steve Gibson on Security Now (@16:10) LastPass ran into this problem. LastPass stored every item in their vault in an individual file. This allowed standard file syncing technology to be used to update only the changed files. Updating a password changes just one file so only that file is synced.

Steve thinks this is a design mistake, but this approach makes perfect sense. It's simple and robust, which is good design given, what I assume, Continue reading

The International Space Station: Reveling at 15

Hailing 15Image by NASANASA and the world cosmos community this month celebrate the International Space Station’s 15th consecutive year of humans living in its celestial lab. In those 15 years, 45 crewed expeditions -- more than 220 people from 17 countries -- have visited the station, constructed over more than 115 space flights conducted on five different types of launch vehicles. The station now measures 357 feet end-to-end and provides more livable room than a conventional six-bedroom house, NASA says. Here we take a look at life onboard and what the ISS has meant to space exploration.To read this article in full or to leave a comment, please click here

VBulletin resets patches and issues emergency patches following breach

VBulletin Solutions has reset the passwords for over 300,000 accounts on its website following a security breach, and also released emergency security patches. The company's Internet forum software is used on tens of thousands of websites.It's not clear if the patches were prompted by the security breach, but the hacker who claimed to have compromised the vBulletin.com database put a zero-day vBulletin exploit -- an exploit for an unpatched vulnerability -- up for sale on Monday.VBulletin Solutions did not immediately respond to an inquiry seeking more details about the patches and their relationship to the breach.To read this article in full or to leave a comment, please click here

VBulletin resets passwords, issues emergency patches following breach

VBulletin Solutions has reset the passwords for over 300,000 accounts on its website following a security breach, and also released emergency security patches. The company's Internet forum software is used on tens of thousands of websites. It's not clear if the patches were prompted by the security breach, but the hacker who claimed to have compromised the vBulletin.com database put a zero-day vBulletin exploit -- an exploit for an unpatched vulnerability -- up for sale on Monday. VBulletin Solutions did not immediately respond to an inquiry seeking more details about the patches and their relationship to the breach.To read this article in full or to leave a comment, please click here

TalkTalk breach investigation leads to fourth arrest

Police investigating the data breach at U.K. telecommunications operator TalkTalk made their fourth arrest late Tuesday, as lawmakers launched their own inquiry into the case.The Metropolitan Police Cyber Crime Unit and the National Crime Agency arrested a 16-year-old boy at an address in Norwich, England, after visiting it with a search warrant.Police had previously arrested a 15-year-old boy from County Antrim, Northern Ireland, on Oct. 26, a 16-year-old boy in Feltham, England, on Oct. 29, and a 20-year-old man in Staffordshire on Oct. 31.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers All four were arrested on suspicion of offenses under the Computer Misuse Act, and all have now been released on bail without charge while police continue their investigation.To read this article in full or to leave a comment, please click here

How to push security earlier into the dev process

A new crop of products is emerging that aim to implant security best practices and compliance checks as early and often as possible when new infrastructure is spun up in the cloud or when new applications are launched in a rapid development environment.The idea behind these products is that security should be incorporated into the entire life cycle of resources being used or applications being developed. Some vendors contend that too often security assessments are either not performed, or they’re done too late in the process of managing resources and apps. Tools from companies like Amazon Web Services, Microsoft and Chef are all aiming to ensure security best practices are automatically enforced as early on in the process as possible.To read this article in full or to leave a comment, please click here

How to test and fix IPv6 fragmentation issues

In an earlier blog post, I discussed the issues associated with IPv6 packet fragmentation. Of particular significance, IPv6 fragmentation relies extensively on the computer sourcing packets being able to receive ICMPv6 “packet too big” message type 2 sent from any intermediate device in the route to the packet’s destination. The capability to confirm that an […]

How to test and fix IPv6 fragmentation issues

In an earlier blog post, I discussed the issues associated with IPv6 packet fragmentation. Of particular significance, IPv6 fragmentation relies extensively on the computer sourcing packets being able to receive ICMPv6 “packet too big” message type 2 sent from any intermediate device in the route to the packet’s destination.

The capability to confirm that an end user in a network will correctly receive the packet-too-big ICMPv6 message has been added to the test-ipv6 mirrors, including http://test-ipv6.arbor.net. This new capability allows a user to identify if the packet-too-big message is being discarded between the user’s computer and the web site.

In the “Tests Run” tab of the main test-ipv6 mirror page, the “Test IPv6 large packet” test documents the IPv6 fragmentation behavior. If further information is desired, one can click on the “Technical Info” link.

If the “Test IPv6 large packet” test is failing, the packet-too-big ICMPv6 message is likely being dropped. This indicates issues within the user’s computer, enterprise network or elsewhere along the path to the test-ipv6 mirror.  The problematic device may be a router or firewall device, although it may even be the “firewall” software configured on the user’s computer.

Any device in the Continue reading

1 3,254 3,255 3,256 3,257 3,258 3,836