HTIRW: The Internet Society

In ending this series — which I hope has been useful for Packet Pusher’s readers to get a solid survey of the entire Internet’s operational structure — we’ll talk about one of the “forgotten” groups of people helping to build and maintain the ‘net as we know it. Without this organization the Internet probably simply […]

The post HTIRW: The Internet Society appeared first on Packet Pushers.

FireEye takes security firm to court over vulnerability disclosure

A spat between two security companies shows just how sensitive reporting software vulnerabilities can be, particularly when it involves a popular product.The kerfuffle between FireEye and ERNW, a consultancy in Germany, started after an ERNW researcher found five software flaws in FireEye's Malware Protection System (MPS) earlier this year.One of the flaws, found by researcher Felix Wilhelm, could be exploited to gain access to the host system, according to an advisory published by ERNW. To read this article in full or to leave a comment, please click here

Android ransomware changes a device’s PIN code

Researchers at security company ESET have found a type of malware that changes an Android device's PIN, the first of its kind in an ever-evolving landscape of ransomware attacks. For most users, the only option to get rid of the malware is to reset the phone to its factory settings, which unfortunately also deletes all the data on the device. The malware calls itself "Porn Droid" and bills itself as a viewer for adult content. It has only been seen on third-party Android application marketplaces or forums for pirated software, wrote Lukas Stefanko, an ESET malware analyst. But after it's installed, users see a warning supposedly from the FBI that they've allegedly viewed "prohibited pornography." It asks for a US$500 fine to be paid within three days.To read this article in full or to leave a comment, please click here

Think your meeting’s important? 25 years ago, this one spawned Wi-Fi

If you're reading this story over Wi-Fi, thank a department store designer.It was retail remodeling that spurred NCR, a venerable cash-register company, to find out how it could use newly opened frequencies to link registers and mainframes without wires. Its customers wanted to stop drilling new holes in their marble floors for cabling every time they changed a store layout.In 1985, the U.S. Federal Communications Commission voted to leave large blocks of spectrum unlicensed and let vendors build any kind of network they wanted as long as they didn't keep anyone else from using the frequencies. NCR jumped at the chance to develop a wireless LAN, something that didn't exist at the time, according to Vic Hayes, a former engineer at the company who's been called the Father of Wi-Fi. To read this article in full or to leave a comment, please click here

Think your meeting’s important? 25 years ago, this one spawned Wi-Fi

If you're reading this story over Wi-Fi, thank a department store designer.It was retail remodeling that spurred NCR, a venerable cash-register company, to find out how it could use newly opened frequencies to link registers and mainframes without wires. Its customers wanted to stop drilling new holes in their marble floors for cabling every time they changed a store layout.RELATED: WiFi blocking debate far from overIn 1985, the U.S. Federal Communications Commission voted to leave large blocks of spectrum unlicensed and let vendors build any kind of network they wanted as long as they didn't keep anyone else from using the frequencies. NCR jumped at the chance to develop a wireless LAN, something that didn't exist at the time, according to Vic Hayes, a former engineer at the company who's been called the Father of Wi-Fi. To read this article in full or to leave a comment, please click here

Video: VMworld’s not just a virtualization show anymore

VMworld used to be a conference to learn how to use server virtualization.+MORE VMWORLD COVERAGE FROM NETWORK WORLD: Why (and how) VMware created a whole new virtualization platform just for containers +Forrester analyst Dave Bartoletti says it’s not nearly a virtualization show anymore though. This year the conference focused on a variety of topics, from cloud to network virtualization, storage virtualization and hybrid cloud enablement.In the video below Bartoletti discusses VMware’s hybrid cloud strategy, and why there’s so much hype about containers in the market.To read this article in full or to leave a comment, please click here

Tech startups need to get serious about security

The head of the nation's primary consumer protection agency on Wednesday paid a visit to San Francisco, where she called on technology startups to do a better job of incorporating security protections as they race to bring new applications into the market.Federal Trade Commission Chairwoman Edith Ramirez's comments amplified the agency's "Start With Security" initiative, a program that aims to encourage businesses to prioritize cybersecurity as an integral part of their product development.[ Related: The 7 deadly sins of startup security ]To read this article in full or to leave a comment, please click here

Reports of attacks on the Department of Energy raise alarms

Attackers successfully infiltrated computer systems at the Department of Energy more than 150 times between 2010 and 2014, according to a review of federal documents by USA Today that  were obtained as a result of a Freedom of Information Act request. In all, DoE networks were targeted 1,131 times over the four-year span.While this sounds worrying -- the DoE oversees the country's power grid and nuclear weapons stockpile, after all -- there are a few things missing from the report. The attacks appear to be against the DoE's office systems and not the real-time systems that control the power grid. Those systems are typically operated by utilities and aren't directly connected to DoE's networks. The attacks in the USA Today report are equivalent to the kind universities, corporations, and other organizations regularly face.To read this article in full or to leave a comment, please click here

Berlin, Germany: CloudFlare’s 44th data center

Our data center in Berlin is our 3rd in Germany following Frankfurt and Düsseldorf, 14th in Europe, and 44th globally. Berlin is of considerable importance not just because it is the capital of Europe's most populous country, but also because it is the 2nd largest city in the European Union by population* trailing only London. As of this moment, CloudFlare has a point of presence (PoP) in 7 out of Europe's 10 most populous cities, and we're headed for a perfect 10-for-10.

Ich bin ein Berliner

"I am one with the people of Berlin," best expresses our sentiments following this latest launch, but is more famously a reference to U.S. President John F. Kennedy's June 26th, 1963 speech in West Berlin (and also the source of an amusing urban legend). The story goes that Kennedy should have said "Ich bin Berliner" ("I am a citizen of Berlin"), but instead remarked "Ich bin ein Berliner" which translates as "I am a jelly doughnut."

The Berliner: we treated ourselves to one a few in celebration of the launch

As it turns out, and despite decades of misinformation, Kennedy was linguistically correct. While in proper German an actual Berliner Continue reading

Why (and how) VMware created a new type of virtualization just for containers

As the hype about containers has mounted over the past year, it has raised questions about what this technology – which is for packaging applications - means for traditional management and virtualization vendors. Some have wondered: Will containers kill the virtual machine?VMware answered that question with a resounding no at its annual conference in San Francisco last week. But, company officials say containers can benefit from having a new type of management platform. And it’s built a whole new type of virtualization just for containers.To read this article in full or to leave a comment, please click here

Cyberattack exposes 10 million records at US health insurer Excellus

Hackers have penetrated the IT systems of U.S. health insurer Excellus BlueCross BlueShield and gained access to personal, financial and medical information of more than 10 million people, the company disclosed Thursday.The initial attack occurred in December 2013, but the company did not learn about it until Aug. 5. Since then it has been working with the FBI and cybersecurity firm Mandiant to investigate the breach.The hackers may have had access to customer records which include names, addresses, telephone numbers, dates of birth, Social Security numbers, member identification numbers, financial accounts and medical claims information.To read this article in full or to leave a comment, please click here

IDG Contributor Network: ‘Get Smart’ when it comes to using cloud-based services for file sharing

For those of you old enough to remember the TV comedy series "Get Smart" featuring a spy that used his shoe for a phone, the good guys belonged to an agency called "Control," and the bad guys were affiliated with "Chaos." This month "Get Smart" celebrates its 50th anniversary, yet CIOs continue to struggle in a seemingly never-ending battle to restore control in a chaotic, cloudy world in which data security is less than transparent.Much like the BYOD trend, the use of cloud-based services for sharing files is widespread and it's likely that if you're a CIO, your employees are already using them, whether they are officially sanctioned or not. Dropbox has led the charge to offer cross-platform file syncing for your personal files, and all the major players have followed suit, from Google (Google Drive), to Microsoft (SkyDrive), to Apple (iCloud). There's also Box, Sugarsync, and many others. For consumers, they are perfect, providing easy instant access to photos and documents from any device. That familiarity and accessibility is why they've crept into the enterprise.To read this article in full or to leave a comment, please click here

Xerox PARC’s new chip will self destruct in 10 seconds

Engineers at Xerox PARC have developed a chip that will self-destruct upon command, providing a potentially revolutionary tool for high-security applications.The chip, developed as part of DARPA’s vanishing programmable resources project, could be used to store data such as encryption keys and, on command, shatter into thousands of pieces so small, reconstruction is impossible.It was demonstrated at DARPA’s Wait, What? event in St. Louis on Thursday.“The applications we are interested in are data security and things like that,” said Gregory Whiting, a senior scientist at PARC in Palo Alto, California. “We really wanted to come up with a system that was very rapid and compatible with commercial electronics.”To read this article in full or to leave a comment, please click here

Ashley Madison coding blunder made over 11 million passwords easy to crack

Until today, the creators of the hacked AshleyMadison.com infidelity website appeared to have done at least one thing well: protect user passwords with a strong hashing algorithm. That belief, however, was painfully disproved by a group of hobbyist password crackers.The 16-man team, called CynoSure Prime, sifted through the Ashley Madison source code that was posted online by hackers and found a major error in how passwords were handled on the website.They claim that this allowed them to crack over 11 million of the 36 million password hashes stored in the website's database, which has also been leaked.A few weeks ago such a feat seemed impossible because security experts quickly observed from the leaked data that Ashley Madison stored passwords in hashed form -- a common security practice -- using a cryptographic function called bcrypt.To read this article in full or to leave a comment, please click here

1 3,325 3,326 3,327 3,328 3,329 3,841