First Look: AnsibleFest San Francisco 2015

Untitled_design

We are happy to announce that AnsibleFest will be returning to San Francisco this November. After a sell-out AnsibleFest in New York City, we have moved the West Coast event to an even larger location. 

If you are new to Ansible, AnsibleFest is a day-long conference bringing together hundreds of Ansible users, developers and industry partners to share best-practices, case studies and Ansible news. AnsibleFest is for anyone who is passionate (or becoming passionate) about Ansible.

Attendees include DevOps engineers, operations engineers, open source fans, systems engineers, system administrators, operations staff, release engineers, DBAs, network engineers and security professionals.

Again, we are offering Super Early Bird pricing for just $275 a ticket through August 31st. Don't miss out as we are only offering a limited number of Super Early Bird tickets at this time.

We are also accepting speaker applications here.

Here is a sample of what to expect at AnsibleFest San Francisco 2015.

See all of the presentations here.

Learn More About AnsibleFest San Francisco 2015

 

FAA has approved more than 1,000 drone exemptions

The Federal Aviation Administration today said it has issued 1,008 exemptions to businesses wanting to fly unmanned aircraft in the national airspace.The FAA said most of the exemptions allow aerial filming for uses such as motion picture production, precision agriculture and real estate photography. The agency also said it has issued grants for new and novel approaches to inspecting power distribution towers and wiring, railroad infrastructure and bridges.+More on Network World: The weirdest, wackiest and coolest sci/tech stories of 2015 (so far!)+To read this article in full or to leave a comment, please click here

Improve Your Open Networking Experience with Cumulus® VX™

In past jobs, when I was responsible for the architecture and engineering of networks, my peers and I would often spend measurable time working in the lab and testing out the setup of new network designs or approaches that we were looking to implement.

As anyone who has had to build a lab themselves will attest, you never have enough gear, power or space to do all of the testing you would like.  Between the problems of having to build the network from gear that’s been cast-off from the production network to not being able to run the latest software, you can end up questioning your testing results.  From being limited on cooling and power to having to find and run the cables to connect it all together, it can be a lot of work that may not answer everything you need for production.

In the compute space, this has been less of an issue in recent years. With the introduction of accessible virtualization, the application teams could simulate entire solution stacks on their desktop.  While you wouldn’t want to run your production environment on many of them, you could at least simulate all of the components in the solution and verify what you were doing different was viable. Continue reading

MikroTik unveils new RouterOS development cycle

 

[adrotate banner=”4″]

 

As we all patiently await the release of RouterOS (RoS) v7 beta, MikroTik has announced a change in the way RoS development is organized.  There will now be three different tracks of development:

Bugfix only – When a current build is released, only fixes to known bugs will be added to this branch of development

Current – Current release will contain bugfixes and new features

Release Candidate – The release candidate will remain the development build for the next “current” release.

 

Graphical Overview of the new development cycle

MikroTik-bugfix-map

Image and notes below are from here

A small addendum: the Bugfix only will only contain verified fixes, and no new features. The Current release contains the same fixes but also new features and other improvements, sometimes also less critical fixes than in Bugfix. And finally the Release Candidate is more likely to a nightly build. We will not to intensive testing before publishing these, only quick check if upgrade can be done and if most features work fine.

Origin

The idea originally came out of this thread and after a flurry of positive commentary, it became a working practice shortly therafter.

We plan to make sub-version releases Continue reading

MikroTik unveils new RouterOS development cycle

 

[adrotate banner=”4″]

 

As we all patiently await the release of RouterOS (RoS) v7 beta, MikroTik has announced a change in the way RoS development is organized.  There will now be three different tracks of development:

Bugfix only – When a current build is released, only fixes to known bugs will be added to this branch of development

Current – Current release will contain bugfixes and new features

Release Candidate – The release candidate will remain the development build for the next “current” release.

 

Graphical Overview of the new development cycle

MikroTik-bugfix-map

Image and notes below are from here

A small addendum: the Bugfix only will only contain verified fixes, and no new features. The Current release contains the same fixes but also new features and other improvements, sometimes also less critical fixes than in Bugfix. And finally the Release Candidate is more likely to a nightly build. We will not to intensive testing before publishing these, only quick check if upgrade can be done and if most features work fine.

Origin

The idea originally came out of this thread and after a flurry of positive commentary, it became a working practice shortly therafter.

We plan to make sub-version releases Continue reading

Windows 10 is possibly the worst spyware ever made

The usual bumps of an OS launch are understandable and forgivable, but some of the terms of the end user service agreement for Windows 10 put the NSA to shame.Microsoft is already getting heat after it was found that Windows 10 was being auto-downloaded to user PCs without warning, and more seriously, that it was using the Internet connections of Windows 10 users to deliver Windows 10 and updates to others.But there are worse offenders. Microsoft's service agreement is a monstrous 12,000 words in length, about the size of a novella. And who reads those, right? Well, here's one excerpt from Microsoft's terms of use that you might want to read:To read this article in full or to leave a comment, please click here

TECH.unplugged And Being Present

techunplugged-logo

I wanted to let everyone know that I’m going to be taking part in an excellent event being put on by my friend Enrico Signoretti (@ESignoretti) this September. TECH.unplugged is a jam-packed day of presentations from people that cover storage, computing, and in my case networking. We’re getting together to share knowledge and discuss topics of great interest to the IT community. As excited as I am to be taking part, I also wanted to take a few moments to discuss why events like this are important to the technology community.

WORM Food

There’s no doubt that online events are becoming the standard for events in recent years. It’s much more likely to find an event that offers streaming video, virtual meeting rooms, and moderated discussions taking place in a web browser. The costs of travel and lodging are far higher than they were during the recession days of yore. Finding a meeting room that works with your schedule is even harder. It’s much easier to spin up a conference room in the cloud and have people dial in to hear what’s going on.

For factual information, such as teaching courses, this approach works rather well. That’s Continue reading

Organizations should focus data sharing post-incident, not attribution

LAS VEGAS - There have been several notable security incidents in the news this year, from healthcare and retail breaches, to financial; even security firms themselves have been targeted.In each instance, attribution seems to take the lead during incident response, something organizations should resist. The key is collecting the right information and passing it on to the right people. When it comes to figuring out who did it and where they are, authorities are the ones who should take the lead – organizations that focus on this area first are wasting resources and time.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers US Attorney Ed McAndrew (DE), who has years of experience working cases dealing with Internet-based crimes under his belt, recently spoke to CSO Online and offered some unique insight into the federal side of incident response and what organizations can to do better prepare for law enforcement involvement.To read this article in full or to leave a comment, please click here

Black Hat 2015: Ransomware not all it’s cracked up to be

All ransomware is not created equal and therefore should not be universally feared, a researcher will tell the Black Hat 2015 conference this week. Engin Kirda In fact, some ransomware – which locks up infected computers until a demanded sum is paid – makes false claims about the damage it is capable of doing, and some of the data it purports to seize can be recovered, says Engin Kirda, the cofounder and chief architect at Lastline Labs.To read this article in full or to leave a comment, please click here

Black Hat 2015: Attackers use commercial Terracotta VPN to launch attacks

RSA researchers have discovered a China-based VPN network dubbed Terracotta that is used extensively to launch advanced persistent threat (APT) attacks and that hijacks servers of unsuspecting organizations in order to add new nodes to its network.The Terracotta VPN provides the infrastructure that anchors several anonymizing VPN services that are commercially marketed to the public in China, according to a briefing delivered today at the Black Hat conference.The services are pushed as a means for individuals to hide their Internet activity from prying government eyes, but are used as well by criminals seeking to cloak the origins of their attacks, RSA researchers will tell the conference.To read this article in full or to leave a comment, please click here

A deep look at CVE-2015-5477 and how CloudFlare Virtual DNS customers are protected

Last week ISC published a patch for a critical remotely exploitable vulnerability in the BIND9 DNS server capable of causing a crash with a single packet.

CC BY 2.0 image by Ralph Aversen

The public summary tells us that a mistake in handling of queries for the TKEY type causes an assertion to fail, which in turn crashes the server. Since the assertion happens during the query parsing, there is no way to avoid it: it's the first thing that happens on receiving a packet, before any decision is made about what to do with it.

TKEY queries are used in the context of TSIG, a protocol DNS servers can use to authenticate to each other. They are special in that unlike normal DNS queries they include a “meta” record (of type TKEY) in the EXTRA/ADDITIONAL section of the message.

CC BY 2.0 image by Ralph Aversen

Since the exploit packet is now public, I thought we might take a dive and look at the vulnerable code. Let's start by taking a look at the output of a crashing instance:

03-Aug-2015 16:38:55.509 message.c:2352: REQUIRE(*name == ((void*)0)) failed, back trace  
03-Aug-2015 16:38:55.510 #0 0x10001510d in  Continue reading

The Upload: Your tech news briefing for Tuesday, August 4

Google has already started its own car companyTurns out that even while Google has been sweet-talking automakers to get its software platform into their cars, it had set up a subsidiary to compete with them, the Guardian reports. Google Auto LLC is registered as a passenger vehicle manufacturer, and was licensed last year as a carmaker in California. It’s run by Chris Urmson, project lead for Google’s self-driving cars. Google wouldn’t talk to the Guardian, which uncovered the company registration via documents it requested under the public records act.To read this article in full or to leave a comment, please click here

1 3,322 3,323 3,324 3,325 3,326 3,791