Is Apple’s security honeymoon on OS X ending?

Apple scored unforgettable hits against Microsoft with its Mac vs. PC ads, which anthropomorphized Windows as a sneezing, miserable office worker.   Security experts always knew that the campaign was a clever bit of marketing fluff, one that allowed Apple to capitalize on Microsoft's painful, years-long security revamp. The landscape is changing, however. Apple's market share of desktop computers is nearing 17 percent. OS X, Apple's operating system, is popular with consumers and enterprises now, making it a more interesting target for hackers. A report to be released on Thursday by the security company Bit9 + Carbon Black shows that more malware has been found this year for OS X than in the last five years combined.To read this article in full or to leave a comment, please click here

Using Docker Machine with Photon TP2

In this post, I’ll show you how to use Docker Machine in conjunction with VMware Photon OS Technical Preview 2 (aka “TP2”). Given that Photon was designed to host containers, this is—for the most part—pretty straightforward. There are a couple of glitches that I need to point out, though, that might hang up new users.

First off, kudos to Fabio Rapposelli for taking some time at VMworld to help me work through the details. I really appreciate his time!

If you want to use Docker Machine with Photon, there are four major requirements today (stress the word “today,” as all these products are rapidly evolving and these requirements may soon disappear or change):

  1. You’ll need to use Fabio’s special build of Docker Machine that includes support for AppCatalyst and Photon OS. I anticipate that support for AppCatalyst and Photon OS (the latter of which is what’s really needed in this case) will get rolled into Docker Machine (main branch) soon, but for now a different build is needed. (If you don’t use Fabio’s build, Docker Machine will report an “unrecognized OS” or similar).

  2. You’ll have to use Docker Machine’s generic driver. Even Fabio’s branch of Docker Machine doesn’t yet (to Continue reading

BT Group may give OpenStack the boot

OpenStack has gained considerable popularity over the years for its open-source cloud platform, but this week it looks like one major user is seriously considering dropping the technology in favor of a proprietary alternative.U.K.-based telecom giant BT Group said it will switch to a different option for delivering virtual enterprise services, according to a Wednesday report in Light Reading, unless OpenStack can address its concerns regarding six key areas: virtual network functions, service chain modification, scalability, security, backward compatibility and what's known as "start-up storms" when numerous nodes all come online at the same time.To read this article in full or to leave a comment, please click here

Think Apple OS X is below the malware radar? Think again

Instances of Apple OS X malware are soaring this year, already totaling more than five times the number tallied over the previous five years combined, according to an in-house Bit9 + Carbon Black tally.Instances totaled 180 from 2010 through 2014, but have already reached 948, according to “2015: The most Prolific Year in History for OS X Malware”, the results of a 10-week study of malware crafted for the operating system.The Bit9+Carbon Black research team analyzed data it gathered from its own research efforts, culling open source data such as Contagio malware dump, experience from incident response-engagements involving OS X that were made by Bit9 + Carbon Black’s partners, and suspicious code uploaded to Bit9 + Carbon Black from its customers. They came up with 1,400 unique OS X malware samples.To read this article in full or to leave a comment, please click here

Why Intel continues to make money while PCs nose-dive, in two words

We normally think of Intel as the engine of the PC. But as Intel proved on Tuesday, the company can keep increasing revenue even as the PC market declines—and if it ever recovers, Intel’s business is poised to take off.Why? Data centers.Intel’s consumer processor division, called the Client Computing Group, still makes up close to 60 percent of its business—$8.51 billion in total third-quarter revenue, compared to $4.1 billion for its Data Center Group. But while CCG profits fell by 20 percent that quarter, Intel still recorded flat revenue because profits at DCG, which include SSDs and Xeon chips, are up 9.3 percent.To read this article in full or to leave a comment, please click here

Bracket Computing advancements boost enterprise cloud security control

Bracket Computing is expanding its cloud-storage data protection offerings and has received an additional $46.4 million in venture funding to further develop its products and roll them out worldwide.Now in addition to Bracket’s Computing Cell service, customers can license an in-house version of the technology and control all aspects of the encryption/policy enforcement/data integrity platform.+ More on Network World: Gartner: Risk, relentless data center demand, open source and other tech trends IT needs to know +To read this article in full or to leave a comment, please click here

Technology scares the hell out of people, university survey finds

Technology-related concerns account for 3 of the top 5 biggest fears among Americans surveyed recently by Chapman University of Orange, Calif. -- and a couple of the other concerns on the top 10 list could be considered tech-related worries as well.Number 1 on the list, according to the online survey of more than 1,500 adults, is Corruption of Government Officials, while technology-related concerns ranked #2 (Cyber-terrorism), #3 (Corporate tracking  of personal information) and #5 (Government tracking of personal information). Numbers 7 (Identity theft) and #10 (Credit card fraud) could also be classified as tech-related worries.To read this article in full or to leave a comment, please click here

Hackers exploit new zero-day in fully patched Adobe Flash

If you haven’t kicked Adobe Flash to the curb, and you should, then don’t feel secure even if you are running a fully patched version of Flash Player.Although Adobe released a mega-sized patch yesterday, including security fixes for 69 critical vulnerabilities in Flash, Reader and Acrobat, attackers are armed with a zero-day exploit that leaves fully patched versions of Flash Player vulnerable.To read this article in full or to leave a comment, please click here

Global Impacts of Recent Leaks

65.54.215.0_24_1444474800

Recent routing leaks remind us why monitoring Internet routing and performance is important and requires effective tools.  Routing leaks are the ‘benign cousin’ of the malicious BGP route hijack.  They happen accidentally, but the result is the same: traffic to affected prefixes is redirected, lost, or intercepted.  And if they happen to you, your online business and brand suffers.

In this blog, we look at examples of a full-table peer leak, an origination leak, and a small peer leak and what happens to traffic when these incidents occur.  As we will see, some events can go on for years, undetected and hence, unremediated, but extremely impactful never the less.  As you read this blog, keep the following  questions in mind.  Would  you know if the events described here were happening to you?  Would you know how to identify the culprit if you did?

 

iTel/Peer1 routing leak

Starting on 10 October at 10:54 UTC, iTel (AS16696) leaked a full routing table (555,010 routes) to Peer 1 (AS13768).  Normally, iTel exports 49 routes to Peer 1;  however, over the course of several minutes, it leaked 436,776 routes from Hurricane Electric (AS6939) and 229,537 Continue reading

Save some bandwidth by turning off TCP Timestamps

This is a guest post by Donatas Abraitis, System Engineer at Vinted, with an unusual approach for saving a little bandwidth.

Looking at https://tools.ietf.org/html/rfc1323 there is a nice title: 'TCP Extensions for High Performance'. It's worth to take a look at date May 1992. Timestamps option may appear in any data or ACK segment, adding 12 bytes to the 20-byte TCP header. 

Using TCP options, the sender places a timestamp in each data segment, and the receiver reflects these timestamps back in ACK segments. Then a single subtract gives the sender an accurate RTT measurement for every ACK segment.

To prove this let's dig into kernel source:

./include/net/tcp.h:#define TCPOLEN_TSTAMP_ALIGNED    12
./net/ipv4/tcp_output.c:static void tcp_connect_init(struct sock *sk)
  ...
  tp->tcp_header_len = sizeof(struct tcphdr) +
    (sysctl_tcp_timestamps ? TCPOLEN_TSTAMP_ALIGNED : 0);

Some visualizations:

Worth Reading: Digital Content and the Fate of Businesses

There are two key differences between buying media in a physical format versus a digital one. First, there’s the technical aspect: Maintaining long-term access to a file requires a hard copy of it—that means, for example, downloading a film, not just streaming from a third party’s server. The second distinction is a bit more complicated, and it has to do with how the law has shaped digital rights in the past 15 years. It helps to think about the experience of a person giving up CDs and using iTunes for music purchases instead. —via the atlantic

Continue reading

1 3,285 3,286 3,287 3,288 3,289 3,841