‘Someone had an issue with this rack’

Yes, indeed, someone had an issue with this rack. That assessment and the picture come from a reader of the Reddit section devoted to networking.Here’s the full picture, followed by commentary from network professionals. Reddit/Juvey88 via Imgur Reactions:To read this article in full or to leave a comment, please click here

How We Chose MongoDB for Ansible Tower System Tracking Feature

System Tracking

This is not a generic “Postgres vs. MongoDB” performance post. This post details the process of comparing Postgres vs. MongoDB with a particular use case in mind, System Tracking.

Desirable Databases Features

Postgres is a candidate database since it is already in use by Tower. MongoDB is the other database considered for an in depth analysis for many reasons including: (1) document store of the JSON structure, (2) arbitrary structure query support, (3) and the ability to run on a single machine and later scale.

Comparing the two databases begins with identifying our System Tracking requirements. What is System Tracking?

For Tower, System Tracking is time based snapshots of machine facts. Facts are key value pairs of system state. The inspiration comes from the open source Ansible. Ansible facts will be supported in System Tracking along with 3 other fact types: packages (i.e. rpm or apt-get), services (i.e. mongodb, apache2), and files (i.e. /var/log/message). We support these 3 facts as fact modules. We also want to allow for customer built modules. Facts generated by the 4 core modules plus user created modules would be stored in Tower’s System Tracking database; allowing customers to take advantage Continue reading

Worth Reading: Commoditization of the Black Market

Internet crime has become increasingly dependent on the underground economy: a loose federation of specialists selling capabilities, services, and resources explicitly tailored to the abuse ecosystem. Through these emerging markets,modern criminal entrepreneurs piece together dozens of àla carte components into entirely new criminal endeavors.

A paper of interest.

LinkedInTwitterGoogle+FacebookPinterest

The post Worth Reading: Commoditization of the Black Market appeared first on 'net work.

Dated

"

The more up-to-date a book is, the sooner it will be dated.

" C.S. Lewis, Letters to Malcom —

LinkedInTwitterGoogle+FacebookPinterest

The post Dated appeared first on 'net work.

Symantec: Well-heeled hacking group Black Vine behind Anthem breach

A group has been singled out as the attacker behind the recently disclosed hack against Anthem, believed to be the largest waged against a health care company.It was Black Vine that broke into the health insurer's systems and stole more than 80 million patients records, Symantec said Tuesday in a report.For Black Vine, it was the latest in a long line of hacks that began in 2012. Black Vine has gone after other businesses that deal with sensitive and critical data, including organizations in the aerospace, technology and finance industries, according to Symantec. The majority of the attacks (82 percent) were waged against U.S. businesses.To read this article in full or to leave a comment, please click here

Houston, we have a bug: 9 famous software glitches in space

Image by NASA Goddard Space Flight Center CC BY 2.0There’s never a good time to run into software bugs, but some times are worse than others - like during a mission to space. Spacecraft of all shapes and sizes rely heavily on software to complete their objectives. But those missions can be quickly ended by the simplest of human errors when writing code. The omission of an overbar here or overflow error checking code there can mean the difference between success or failure, not to mention the loss of hundreds of millions of dollars, years of work and, on manned missions, human life. Use the arrows above to read about 9 examples that show that, despite the care with which these systems are built, bugs have occurred in spacecraft software since we started to fling rockets into space - and will, no doubt, continue to crop up.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Thursday, July 30

Obama wants to boost U.S. supercomputing powerWith China currently sitting at the top of the supercomputing heap—its Tianhe-2 computer has been considered the world’s most powerful for the last two years—U.S. President Barack Obama is looking to step up American efforts via the new National Strategic Computing Initiative. Set up by an executive order signed Wednesday, NSCI will coordinate government agencies, academia and the private sector with the objective of delivering a system with about 100 times the performance of current 10 petaflop systems.To read this article in full or to leave a comment, please click here

A quick review of the BIND9 code

BIND9 is the oldest and most popular DNS server. Today, they announced a DoS vulnerability was announced that would crash the server with a simply crafted query.  I could use my "masscan" tool to blanket the Internet with those packets and crash all publicly facing BIND9 DNS servers in about an hour. A single vuln doesn't mean much, but if you look at the recent BIND9 vulns, you see a pattern forming. BIND9 has lots of problems -- problems that critical infrastructure software should not have.


Its biggest problem is that it has too many feature. It attempts to implement every possible DNS feature known to man, few of which are needed on publicly facing servers. Today's bug was in the rarely used "TKEY" feature, for example. DNS servers exposed to the public should have the minimum number of features -- the server priding itself on having the maximum number of features is automatically disqualified.

Another problem is that DNS itself has some outdated design issues. The control-plane and data-plane need to be separate. This bug is in the control-plane code, but it's exploited from the data-plane. (Data-plane is queries from the Internet looking up names, control-plane is zones updates, Continue reading

OPM, Anthem hackers reportedly also breached United Airlines

The cyberespionage group that stole the personal records of millions of Americans from U.S. health insurer Anthem and the U.S. Office of Personnel Management (OPM) has also reportedly breached United Airlines.The data stolen from United includes flight manifests, which contain information on passengers, their travel origins and destinations, Bloomberg reported Wednesday citing unnamed people familiar with the investigation.The breach may have been discovered with the help of investigators in the OPM case who built a list of other potential victims after analyzing the domain names, phishing emails and attack infrastructure used by the group, the media organization reported.To read this article in full or to leave a comment, please click here

Risky Business #376 — Sniper rifles, bank safes and Android all pwned

This week we're checking in with Josh Drake of Zimperium. With exploitation of Stagefright via Josh's sweet, sweet exploit you'd think the mother of all worms is coming. Well, probably not. Later versions of Android are tricky to exploit, and the diversity of hardware in earlier versions means coming up with one exploit to rule them all isn't really feasible. We'll drill down into that with Josh in a little while.

read more

Obama rolls out initiative to boost US supercomputer capability

US President Barack Obama has signed an executive order setting up the National Strategic Computing Initiative that will adopt a coordinated strategy involving multiple government agencies, academia and the private sector for the development of high-performance computing systems.Adopting a “whole-of-government” approach, involving all departments and agencies with expertise and interests in HPC, one of the objectives of the NSCI will be to speed up the delivery of “a capable exascale computing system that integrates hardware and software capability to deliver approximately 100 times the performance of current 10 petaflop systems across a range of applications representing government needs.”To read this article in full or to leave a comment, please click here

The StageFright Vulnerability: Maybe the greatest Android vulnerability (so far)

Here’s a nightmare scenario: A simple smartphone exploit that doesn’t require the user to do anything other than receive a text message. If such a thing worries you (and, if you’re an IT manager, in a shop that allows BYOD, it should) then there’s bad news for you: Such an exploit exists for, it estimated, roughly 95% of Android smartphones which runs roughly 82% of the world’s estimated 1.91 billion smartphones.To read this article in full or to leave a comment, please click here

Samsung plots Galaxy S6 price cut, new phones to help business

Lackluster demand for its flagship Galaxy S6 smartphone and higher marketing costs led Samsung Electronics to another quarter of falling sales and profits in the April to June period.Net profit at the company was 5.75 trillion won (US$49 billion), down 8 percent on the same period a year earlier, while sales fell 7 percent to 48.5 trillion won, it said Wednesday. Both figures are in line with expectations published by Samsung earlier this month.In the key smartphone market, an area led by Samsung until recently, the popularity of Apple’s iPhone 6 and 6 Plus handsets and the rise of lower-cost phones from Chinese vendors squeezed Samsung at both the high and low end of the market.To read this article in full or to leave a comment, please click here

Facebook revenue surges 39 percent but costs also soar

Facebook has posted strong sales results for the second quarter, showing continued success in its advertising business, though its costs also rose sharply.Total revenue for the quarter ended June 30 was US$4.04 billion, Facebook reported Wednesday, up 39 percent from the same period last year and just over analysts’ estimates of $3.99 billion, as polled by Thomson Reuters.But the company made less money than it did a year earlier, with net income falling by nearly 10 percent to $719 million. Earnings per share declined from $0.30 to $0.25.To read this article in full or to leave a comment, please click here

1 3,333 3,334 3,335 3,336 3,337 3,796