FIDO two-factor authentication goes wireless

Expect vendors soon to introduce devices with three forms of wireless support to Fast Identity Online (FIDO) two-factor authentication. The FIDO Alliance today is issuing a new specification for FIDO to support Bluetooth, low-energy Bluetooth (BLE) and near field communications (NFC) wireless technologies in two-factor authentication tokens, according to FIDO Alliance executive director Brett McDowell. That means the alliance recommends that device manufacturers use the spec to start producing and selling these wireless devices.MORE: 10 mobile startups to watch Existing FIDO specs already defined how to make authentication tokens that can be plugged into USB ports. With the new specification these authentication devices would just have to be near a phone, tablet, laptop or desktop that also supports the same wireless technology and is trying to connect with a server that supports FIDO authentication. So devices without USB ports could still authenticate via FIDO.To read this article in full or to leave a comment, please click here

Network Break 42

Take a Network Break! Grab a coffee, a doughnut and then join us for an analysis of the latest IT news, vendor moves and new product announcements. We’ll separate the signal from the noise–or at least make some noise of our own. Sponsor: Sonus Networks This week’s show was sponsored by Sonus Networks. Sonus wants […]

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

TwitterFacebookGoogle+LinkedIn

The post Network Break 42 appeared first on Packet Pushers Podcast and was written by Greg Ferro.

Cisco and OpenDNS – The Name Of The Game?

This morning, Cisco announced their intent to acquire OpenDNS, a security-as-a-service (SaaS) provider based around the idea of using Domain Naming Service (DNS) as a method for preventing the spread of malware and other exploits. I’ve used the OpenDNS free offering in the past as a way to offer basic web filtering to schools without funds as well as using OpenDNS at home for speedy name resolution when my local name servers have failed me miserably.

This acquistion is curious to me. It seems to be a line of business that is totally alien to Cisco at this time. There are a couple of interesting opportunities that have arisen from the discussions around it though.

Internet of Things With Names

The first and most obivious synergy with Cisco and OpenDNS is around Internet of Things (IoT) or Internent of Everything (IoE) as Cisco has branded their offering. IoT/IoE has gotten a huge amount of attention from Cisco in the past 18 months as more and more devices come online from thermostats to appliances to light sockets. The number of formerly dumb devices that now have wireless radios and computers to send information is staggering.

All of those devices depend Continue reading

RP: OODA

Get Inside the Loop

The post RP: OODA appeared first on 'net work.

Worth Reading: Why We Encrypt

Encryption should be enabled for everything by default, not a feature you turn on only if you’re doing something you consider worth protecting.

The post Worth Reading: Why We Encrypt appeared first on 'net work.

Unlike Uber, more sharing-economy companies are hiring workers as employees

Amidst the battles raging over whether sharing-economy workers should be considered contractors or employees, last week I called for a compromise that would combine the appropriate features of both independent contractors and employees to create a new way to deal with this new kind of business relationship.I still believe that this is the best approach for coping with an emerging class of workers that doesn't fit neatly into either of the existing categories. But what happens until companies, workers, and regulators can strike such a compromise? And what if compromise proves impossible to achieve? Will forcing companies like Uber to actually "hire" its workforce really spell doom for the sharing economy?To read this article in full or to leave a comment, please click here

How to achieve low latency with 10Gbps Ethernet

Good morning!

In a recent blog post we explained how to tweak a simple UDP application to maximize throughput. This time we are going to optimize our UDP application for latency. Fighting with latency is a great excuse to discuss modern features of multiqueue NICs. Some of the techniques covered here are also discussed in the scaling.txt kernel document.

CC BY-SA 2.0 image by Xiaojun Deng

Our experiment will be setup up as follows:

• We will have two physical Linux hosts: the 'client' and the 'server'. They communicate with a simple UDP echo protocol.
• Client sends a small UDP frame (32 bytes of payload) and waits for the reply, measuring the round trip time (RTT). Server echoes back the packets immediately after they are received.
• Both hosts have 2GHz Xeon CPU's, with two sockets of 6 cores and Hyper Threading (HT) enabled - so 24 CPUs per host.
• The client has a Solarflare 10Gb NIC, the server has an Intel 82599 10Gb NIC. Both cards have fiber connected to a 10Gb switch.
• We're going to measure the round trip time. Since the numbers are pretty small, there is a lot of jitter when counting the averages. Instead, it Continue reading

Reading

Reading takes a long time, though, don’t you find? It takes such a long time to get from, say, page twenty-one to page thirty. I mean, first you’ve got page twenty-three, then page twenty-five, then page twenty-seven, then page twenty-nine, not to mention the even numbers. Then page thirty. Then you’ve got page thirty-one and page thirty-three — there’s no end to it. Luckily Animal Farm isn’t that long a novel. But novels . . . they’re all long, aren’t they. I mean, they’re all so long.

The post Reading appeared first on 'net work.

The Upload: Your tech news briefing for Tuesday, June 30

Government personnel agency takes background check system offline for background checksHoping to avoid a third strike against it, the U.S. Office of Personnel Management has taken offline a system used for performing background checks on potential new hires. The agency discovered a security flaw in the web app, E-QIP, while auditing its IT systems after two spectacular hacks resulted in the theft of personnel records of millions of government employees and the security clearance questionnaires of many others. There is no evidence the flaw was exploited, OPM said Monday, but it will keep the system offline for up to six weeks while it checks it out.To read this article in full or to leave a comment, please click here

Push It To The Limit! Understand Wi-Fi’s Breaking Point to Design Better WLANs

This is the fourth and final blog post in the WLAN capacity planning series. Be sure to read the first, second, and third posts.

We all want high performing WLANs. In order to do that we must push Wi-Fi to its limits! 

(Cue Scarface Theme, verse 1)…

We walk a fine line when designing wireless networks, attempting to push as many users and bandwidth through our APs as possible, ensuring adequate capacity is available to meet demand, while not overbuilding the network. But what are the limits and how do we know we’ve hit them? Or more importantly, how do we plan Continue reading

Gartner lowers its IT spending forecast, but says activity remains high

Worldwide IT spending is expected to decline by 5.5 percent this year, with enterprises benefitting from lower prices on communications and IT services but also having to pay higher hardware prices in some parts of the world.Market research company Gartner revised its spending forecast downward on Tuesday: In April, it said IT spending in 2015 would decline 1.3 percent compared to last year.But numbers can sometimes be deceptive; IT activity is stronger than the spending indicates, according to John-David Lovelock, research vice president at Gartner. Price declines in segments like communications and IT services, and the move to cloud-based services, mask an increase in activity, he said.To read this article in full or to leave a comment, please click here

Ethernet Standards Ramp Up For Faster IT

Junos Space backup location

Just a note for future reference:

Space’s local database backups are kept in /var/cache/jboss/backups  (Platform version 13.1R1)

You can retrieve these using WinSCP in SFTP mode.   For some reason there’s a shell error when using SCP. This appears to have started happening since the bash shell vuln was discovered – although I’ve never applied Juniper’s bash patch to the system.   Upgraded WinSCP to the latest, but no luck.

Junos Space backup location

Just a note for future reference:

Space’s local database backups are kept in /var/cache/jboss/backups  (Platform version 13.1R1)

You can retrieve these using WinSCP in SFTP mode.   For some reason there’s a shell error when using SCP. This appears to have started happening since the bash shell vuln was discovered – although I’ve never applied Juniper’s bash patch to the system.   Upgraded WinSCP to the latest, but no luck.

Musing: Virtual Appliances and Shorter Lifecycles

I’ve been writing and talking about the need for IT teams to reduce the lifecycle of infrastructure to 3 years. For this to happen, the following items: pay less for products so that money can be spent on projects to replace and upgrade pay less so that ROI can be achieved 3 years design so […]

The post Musing: Virtual Appliances and Shorter Lifecycles appeared first on EtherealMind.

Project Calico: Is It Any Good?

At least a dozen engineers sent me emails or tweets mentioning Project Calico in the last few weeks – obviously the project is getting some real traction, so it was high time to look at what it’s all about.

TL&DR: Project Calico is yet another virtual networking implementation that’s a perfect fit for a particular use case, but falters when encountering the morass of edge cases.

OPM hit by class-action suit over breach of federal employee data

A federal employees union has filed a lawsuit against the U.S. Office of Personnel Management, its leadership and a contractor, alleging that their negligence led to a data breach that compromised the personal information of millions of current, former and prospective government employees and contractors.Since at least 2007, the OPM has been warned by its Office of Inspector General of significant deficiencies in its cybersecurity protocol, according to the proposed class-action suit filed Monday by the American Federation of Government Employees in the U.S. District Court for the District of Columbia.However, OPM failed to take measures to correct these issues, despite handling massive amounts of federal applicants’ private, sensitive and confidential information, it added. The data handled by the OPM included a 127-page form, called Standard Form 86, which requires applicants for security clearances to answer questions on their financial histories and investment records, children’s and relatives’ names, foreign trips and contacts with foreign nationals, past residences, and names of neighbors and close friends, according to the filing.To read this article in full or to leave a comment, please click here

Which songs stumped Shakira? Shazam will now show you

Shazam is releasing a new version of its music recognition app that lets users connect with artists they like and see what songs they’ve searched for using its service.Shazam lets people identify songs, TV shows and movies by capturing a brief snippet onto their phone, which gets matched against Shazam’s database. The new version due out Tuesday, for iOS and Android, lets users see what songs have been identified by artists using the app. Because not even musicians know every song that’s playing.To read this article in full or to leave a comment, please click here

FTC settles with developers of sneaky cryptocurrency mining app

The developers of a mobile app called Prized that secretly mined cryptocurrencies on people’s mobile phones have settled with the U.S. Federal Trade Commission after being accused of deceptive trade practices.Equiliv Investments and Ryan Ramminger, both of Ohio, settled for US$50,000, of which $44,800 will be suspended upon payment of $5,200 to New Jersey regulators, the agency said in a news release Monday. The suit was filed in U.S. District Court for the District of New Jersey last Wednesday.To read this article in full or to leave a comment, please click here

US personnel agency takes system offline after hack

Problems for the U.S. Office of Personnel Management aren’t letting up. The government agency said Monday it had suspended a system used for background checks after a security flaw was discovered in the Web-based app.The agency said there’s no evidence the system was hacked. It discovered the vulnerability during an ongoing review of its IT systems, it said, which is being carried out in the wake of at least two serious security breaches.Still, it’s a big inconvenience. The system, called E-QIP, is used by multiple agencies to carry out background checks on potential new hires, and it will be offline for four to six weeks, the OPM said.“The actions OPM has taken are not the direct result of malicious activity on this network, and there is no evidence that the vulnerability in question has been exploited,” the agency said, calling the decision to take E-QIP offline a proactive measure to ensure ‘the ongoing security of its network.”To read this article in full or to leave a comment, please click here