IP was Middle School, Named Data Networking is College

Named Data Networking Project Van Jacobson: "In vocabulary terms, IP is like a good middle school education. There’s a lot of things you can say and communicate in society but it’s not so great for writing a poetry volume or a thesis... The real goal of NDN was to get us into college." Much of the Named Data Networking (NDN) project codebase is still at the Version zero-dot-something level. But things are nevertheless starting to get real for this content-centric architecture designed to blast past today’s host-based and point-to-point Internet scheme to one more suited for accessing applications across hugely scalable networks that are mobile and extend to all sorts of sensor-equipped things.To read this article in full or to leave a comment, please click here

NetDevOps: Networking Methods with a DevOps Mindset

DevOps brings together software developers and IT operations through mutual and organic cooperation and collaboration. In legacy IT shops, the roles of developers and IT operations are logically segregated, which stifles progress and prohibits progressive integration efforts. Products that leverage DevOps provide developers self-service capabilities they’ve never had before — eliminating provisioning bottlenecks and adapting to changes quickly. The platform becomes highly scalable and flexible, removing much of the “red tape” in getting things done.

This is all well and good, and is often sufficient for most, but networking is often neglected as a part of the DevOps model. Common questions that arise include the following:

  • Is your current networking strategy holding you back from scaling new projects quickly?
  • Is your network topology designed to quickly add and remove compute infrastructure?
  • How can your network integrate in a DevOps orchestrated world?

This is where including DevOps for networking comes in, or “NetDevOps.” Traditional networking infrastructure can be difficult to manage when requiring agility with updated tools. If your organization is already implementing DevOps principles or has an organization that is flat or non-siloed, integrating networking into your framework may be right for you.

NetDevOps extends what you’re already doing Continue reading

Feature Spotlight: System Tracking

Ansible_Feature_Spotlight

During the second installment of our webinar series about Ansible Tower features, we highlighted system tracking, a functionality which was just added to Tower with our 2.2. release.

System Tracking was created to give administrators the necessary tools to audit and verify that machines are in compliance. Use the tool to see how a machine has changed over time, or compare machines in your cluster to see how they are different.

system_tracking_image

For example, you may need to determine whether a set of machines had a security patch applied, or determine when a patch was applied. The System Tracking tools can help you do that. They can also help you evaluate your infrastructure for compliance against specific requirements, and periodically examine machines for unexpected changes.

When you run a scan, you’ll be able to see packages, services, and Ansible facts side-by-side for comparison. All differences in Ansible facts are highlighted in red for easy reference.

You can also expand this function by writing your own Ansible module that gathers the custom facts you want to see. Simply implement a module that returns the “ansible_facts” key, as described in the Ansible documentation.

Our goal with system tracking was to empower you Continue reading

SHA-1 hashing algorithm could succumb to $75K attack, researchers say

Researchers have found a new way to attack the SHA-1 hashing algorithm, still used to sign almost one in three SSL certificates that secure major websites, making it more urgent than ever to retire it, they said Thursday.SHA-1 is a cryptographic hashing function designed to produce a fingerprint of a document, making it easy to tell if a document has been modified after the fingerprint was calculated.Weaknesses had already been identified in SHA-1, and most modern Web browsers will no longer accept SSL certificates signed with it after Jan. 1, 2017. That date was chosen based on the ever-decreasing cost of the computing power required to attack the algorithm.To read this article in full or to leave a comment, please click here

Lyft’s CTO accused of hacking Uber

Uber recently submitted new court filings seeking more information on an IP address believed to be involved in a hack that was made public in February, in which the names and email addresses of 50,000 of its drivers were stolen. And two anonymous sources reportedly told Reuters that the IP address points to Chris Lambert, the chief technology officer of Uber's main competitor, Lyft.In court papers, Uber claims the Comcast IP address was used to access a security key in the breach, and is seeking more information to identify who was using the address. U.S. Magistrate Judge Laurel Beeler has said that the information Uber is seeking with the subpoena is "'reasonably likely' to help reveal the 'bad actor' responsible for the hack," according to Reuters.To read this article in full or to leave a comment, please click here

PQ 58: Alibi Routing With UMD’s Dave Levin

In this podcast, Packet Pushers co-host Ethan Banks gets a bit into the weeds with University of Maryland's Dave Levin in this detailed discussion of Alibi Routing, a privacy-driven research project to prove that traffic flowing between a particular source and destination did not traverse a specific geographic region.

The post PQ 58: Alibi Routing With UMD’s Dave Levin appeared first on Packet Pushers.

Why have most merchants missed the EMV deadline?

Last Friday’s Oct. 1 deadline for so-called EMV or “chip-and-PIN” credit card technology to replace the 1960s-vintage “swipe-and-signature” magnetic stripe card system should not have been a surprise to any of the major players in the payment card industry (PCI) – merchants, card issuers and banks.Visa, one of the three developers of the EMV standard (along with Europay and MasterCard) announced in August 2011 – more than four years ago – that it would be moving to EMV in the U.S. (it has been in use in Europe for more than a decade). The EMV Migration Forum was created by the Smart Card Alliance in July 2012.To read this article in full or to leave a comment, please click here

Doubling the speed of jpegtran with SIMD

It is no secret that at CloudFlare we put a great effort into accelerating our customers' websites. One way to do it is to reduce the size of the images on the website. This is what our Polish product is for. It takes various images and makes them smaller using open source tools, such as jpegtran, gifsicle and pngcrush.

However those tools are computationally expensive, and making them go faster, makes our servers go faster, and subsequently our customers' websites as well.

Recently, I noticed that we spent ten times as much time "polishing" jpeg images as we do when polishing pngs.

We already improved the performance of pngcrush by using our supercharged version of zlib. So it was time to look what can be done for jpegtran (part of the libjpeg distribution).

Quick profiling

To get fast results I usually use the Linux perf utility. It gives a nice, if simple, view of the hotspots in the code. I used this image for my benchmark.

CC BY 4.0 image by ESO

perf record ./jpegtran -outfile /dev/null -progressive -optimise -copy none test.jpeg

And we get:

perf report 54.90% lt-jpegtran libjpeg.so.9.1.0 [.] encode_mcu_AC_refine Continue reading

Journalist convicted of helping Anonymous hack the LA Times

A journalist accused of helping a rogue hacking group briefly take control of the LA Times' website was convicted by a federal jury in California on Wednesday.Matthew Keys, 28, of Vacaville, California, was convicted of conspiracy to make unauthorized changes to a computer, transmitting malicious code and attempted transmission of malicious code, according to the Department of Justice.One of Keys' attorneys, Jay Leiderman, wrote on Twitter that "we'll proceed forward to sentencing and look forward to appealing this verdict."To read this article in full or to leave a comment, please click here

Dell said to be talking with EMC about possible blockbuster merger

Dell is reportedly in talks to buy all or part of enterprise storage powerhouse EMC, which would mark a bold and unexpected new chapter in the PC maker's history.A total merger would be one of the biggest deals ever in the technology industry, with EMC holding a market value of about US$50 billion. It would also bring together two of the most important vendors to enterprise IT departments. MORE ON MERGERS: 2015 Networking & IT M&A Tracker The report about the deal Wednesday in the Wall Street Journal cited unnamed sources, and cautioned that the the companies might not finalize any agreement. To read this article in full or to leave a comment, please click here

Android malware hammers phones with unwanted ads

Android users in more than 20 countries have been infected with a particularly aggressive malware program that bombards devices with unwanted advertisements.Researchers from FireEye found that the malicious component, nicknamed Kemoge, has been seeded inside what appear to be legitimate apps offered on third-party application stores."This is another malicious adware family, possibly written by Chinese developers or controlled by Chinese hackers, spreading on a global scale that represents a significant threat," wrote Yulong Zhang, a staff research scientist with FireEye.To read this article in full or to leave a comment, please click here

Amazon makes it easier to lock down the cloud

If there's a common refrain in enterprise security these days, it's that nobody wants to become the next Sony, Experian, Scottrade, Target or Home Depot. Moving workloads to a public cloud service means that companies can leave some of the day-to-day work of securing their infrastructure to professionals who manage those services. To read this article in full or to leave a comment, please click here

Amazon makes it easier to lock down the cloud

If there's a common refrain in enterprise security these days, it's that nobody wants to become the next Sony, Experian, Scottrade, Target or Home Depot. Moving workloads to a public cloud service means that companies can leave some of the day-to-day work of securing their infrastructure to professionals who manage those services. To read this article in full or to leave a comment, please click here

Hackers who targeted Samsung Pay may be looking to track individuals

The security breach at Samsung subsidiary LoopPay was probably more about spying than about gathering consumer data for profit, and the worst could be yet to come, a security analyst said Wednesday. Samsung acknowledged the attack on LoopPay, which it acquired in February for technology that it uses in its Samsung Pay service. It said hackers only breached LoopPay's office network, not systems used by Samsung Pay. The affected servers have been isolated and no personal payment information was put at risk, according to Samsung.To read this article in full or to leave a comment, please click here

1 3,284 3,285 3,286 3,287 3,288 3,832