0

Android stock browser vulnerable to URL spoofing

A vulnerability in Android’s default Web browser lets attackers spoof the URL shown in the address bar, allowing for more credible phishing attacks.Google released patches for the flaw in April, but many phones are likely still affected, because manufacturers and carriers typically are slow to develop and distribute Android patches.The vulnerability was discovered by a researcher named Rafay Baloch and was privately reported to Google with the help of security firm Rapid7.Baloch discovered the flaw on Android 5.0 Lollipop, which uses Chrome as its default browser, but then also confirmed it in the stock browser in older Android versions.To read this article in full or to leave a comment, please click here

0

New Innovators Showcase @ DockerCon 2015

At this year’s DockerCon conference in San Francisco, we will be featuring six startups using Docker in our pilot New Innovators Showcase. This pilot program gives these early-stage startups a space to exhibit their work. This year’s New Innovators Showcase … Continued

0

Industry’s First Benchmark Test for NFV Performance at Network Edge

In a new set of benchmark tests, key industry players prove NFV is a viable option for the network edge.

0

NFV Terminology and Architecture from ETSI

Well, if you thought SDN introduced a lot of terminology, you’ll love NFV! The good news is that ETSI, which defines NFV, does a great job documenting NFV, with extensive term and acronym lists to support other documents about the details of NFV architecture. Several of the ETSI NFV docs provide some great stepping-stones for understanding the basic concepts and terminology, which is where we’ll go in this post.

This is the last in a related series! The other posts:

• SDN Terms and Architecture from RFC 8426
• SDN Terms and Architecture from ITU Y.3300
• And this post! About ETSI NFV Terms and Architecture

A Brief Big Picture of NFV

One of the challenges with this blog is figuring out how much prior knowledge to assume. If you don’t know much at all about NFV, read this section for a quick intro. Otherwise, skip to the next heading.

Briefly…

Think of every networking device used in the IT world. Those include routers, switches, firewalls, intrusion detection systems, load balancers, and so on. Traditionally, those devices have indeed been devices – purpose built hardware, running some OS that performed the networking function.

While you’re thinking of the old way to network, Continue reading

0

LTE smartphones are becoming faster and cheaper

High-end smartphones offer high-speed wireless connections—but few mobile operators have made the infrastructure investments required to keep up with them. The arrival of cheaper phones with 300Mbps LTE capabilities may encourage that investment.LTE chips with real-world download speeds over 100Mbps have become a standard feature on high-end smartphones, while smartphones costing under US$100 now include LTE chips, albeit slower ones.Better cameras, screens and design have gotten most of the attention on this year’s crop of high-end smartphones, but support for the latest versions of LTE, a rarity a year ago, has become a standard feature. Download speeds on the HTC One M9 and the LG G4 top out at 450Mbps on paper, while the Samsung Galaxy S6 is theoretically capable of 300Mbps.To read this article in full or to leave a comment, please click here

0

First look: Windows Server 2016 goes on a cloud diet

Windows Server 2016 is both an evolution of the current Windows Server 2012 R2 release and a revolution in the making. If you plan to use Windows Server 2016 in the same way you’ve used Windows Server all along, you’ll be able to pick it up and work with it with very little learning curve. But if you are ready to abandon the old ways and embrace the new world of cloud servers, containers, and microservices, Windows Server 2016 has something new for you.To read this article in full or to leave a comment, please click here(Insider Story)

0

Experts bust Android security myths

Thanks to its inherent "openness," the open source Android OS is vulnerable to a variety of security risks, but how often do people you know actually fall victim to Android malware or other attacks?Is the Android security risk overstated? Is the Android risk really greater than the risks posed by its iOS and Windows Mobile counterparts? And what can users, and the enterprise IT departments that support them, do to better protect their Android devices? + ALSO: Researchers build security framework for Android +To read this article in full or to leave a comment, please click here

0

8 Android security tips for IT, corporate users

The security pros interviewed for our article, "Experts bust Android security myths," offered up the following eight Android security tips for IT administrators and users1) Don't root that Android device"To do significant damage in the mobile world, malware needs to act on devices that have been altered at an administrative level," according to Dionisio Zumerle, principal research analyst at Gartner. "The most obvious platform compromises of this nature are 'jailbreaking' on iOS or 'rooting' on Android devices ...To read this article in full or to leave a comment, please click here

0

Huawei launches its own OS for the Internet of Things

China's Huawei Technologies is targeting smart homes, cars, wearables and more with its own operating system, Liteos, intended for the international market.On Wednesday Huawei launched the OS to help third-party vendors break into the emerging Internet of Things space. The whole industry is eyeing opportunities to turn household objects and industrial equipment into connect devices, but the development costs still remain high, according to the Chinese company.INSIDER: 5 ways to prepare for Internet of Things security threats Huawei, however, claims its new "lightweight" OS can streamline the whole process. The Liteos software can be as small as 10 kilobytes in size, and is designed to run on minimal power, making it suitable for a wide range of hardware, including microcontrollers and ARM Cortex embedded processors.To read this article in full or to leave a comment, please click here

0

IT/IT: Data Can’t Lie?

A statistician is someone who can put their head in a hot oven, and their feet in a bucket of ice, and say, “on the average, I feel fine.”

Before we move completely into a world where people are counseled, “use the data, Luke,” disregarding their own beliefs and feelings, we need to have a little discussion. As an example of what we might get wrong, let’s take a look at some interesting problems in the polling from recent elections. According to one article (which happens to have all the numbers conveniently gathered in one place) —

• On May 7th, in an election in Britain, the pre-election polls showed conservatives would win around 280 seats. The exit polls during the election showed the conservatives would win around 316 seats. During the election, conservatives actually won 330 seats.
• In 1992, also in Britain, the pre-election polls showed the conservative and liberal parties in a dead heat. The conservatives actually won by 7.5 points.
• In the recent election in Israel, Likud was predicted, through polling, to win 22 seats. Likud actually won 30 seats.

These aren’t random events — they are repeated time and again in elections through the last Continue reading

0

Congratulations to Roy Lexmond on Passing CCDE Practical Exam !

I am very glad to announce that Roy Lexmond from my April CCDE training class passed his CCDE Practical exam yesterday in France. Below is his success story and here is his earlier feedback for the class. I should say that He really likes the design and open to learn new things and very clever.… Read More »

The post Congratulations to Roy Lexmond on Passing CCDE Practical Exam ! appeared first on Network Design and Architecture.

0

Alcatel-Lucent Launches the Network Services Platform for Carrier SDN

Alcatel-Lucent expands its carrier SDN portfolio with Network Services Platform.

0

The Ansible Basics: Why Automation Matters Today in IT

Your development team has completed weeks of work, delivering their masterpiece-an application-to IT for  deployment, but it doesn’t work.

See, the developers made use of a different port, that now needs to be opened on the firewall so end users can communicate with the software. IT changed the firewall rule, but didn’t tell development, so they never even knew it was an issue. Later, they create another application with the same issue, except this time, it will be deployed in a different environment.

No procedure or policy was created to capture all of the changes necessary to successfully deploy the app, so the same thing happens again. It’s a vicious cycle.

IT departments struggle to manage thousands of configurations and hundreds of applications with everyone working in silos. Teams  who develop the apps frequently are  not on the teams that use them.  Meanwhile, operations teams deploy apps they didn’t write and have to convey to the development team when changes need to be made in order for them to work in this new and foreign-to-development thing called "a production environment".

Sound familiar?

Today’s IT environments are extremely complex. In the past, applications and hardware were closely connected. Apps came from Continue reading

0

First software update for Apple Watch includes security fixes

You might not be used to the idea of a watch endangering your digital life, but you should: Apple’s first update for Watch OS includes 14 security patches, and they’re not trivial.Watch OS 1.0.1, released Tuesday, brings several performance improvements and support for additional languages, but it also fixes 13 vulnerabilities that could enable arbitrary code execution, information disclosure, denial of service, traffic hijacking, privilege escalation and other attacks, and also updates the list of root CA certificates trusted by default on the device.To read this article in full or to leave a comment, please click here

0

The Upload: Your tech news briefing for Wednesday, May 20

U.S. charges six from China with stealing wireless technologyThree men who studied at the University of California and then went on to work at U.S. tech companies are among six Chinese citizens charged with economic espionage by the Department of Justice on Tuesday. The technology that the men allegedly stole from companies that employed two of them, Avago Technologies and Skyworks Solutions, is used in wireless devices to filter out unwanted signals and has both commercial and military applications.To read this article in full or to leave a comment, please click here

0

Verizon (probably) dominates U.S. wireless service providers

The numbers filed with the SEC seem pretty inarguable. Verizon dominates the U.S. wireless carrier industry, both in terms of total subscribers and in a key metric called ARPU, or average revenue per user. AT&T is maintaining its position in second place, Sprint is headed south in a hurry, and T-Mobile is making some un-profits in its new role as the un-carrier, but showing signs of a recovery. But the picture of a leader, a runner-up and two also-rans is more complicated than it seems. A saturated market with fewer new customers to compete for means that the big four’s relative positions in terms of size are increasingly stratified. + ALSO ON NETWORK WORLD: Verizon's acquisition of AOL is a move to disrupt the TV market | Apple, Google urge Obama to reject encryption back doors +To read this article in full or to leave a comment, please click here

0

Verizon (probably) dominates U.S. wireless service providers

The numbers filed with the SEC seem pretty inarguable. Verizon dominates the U.S. wireless carrier industry, both in terms of total subscribers and in a key metric called ARPU, or average revenue per user. AT&T is maintaining its position in second place, Sprint is headed south in a hurry, and T-Mobile is making some un-profits in its new role as the un-carrier, but showing signs of a recovery.But the picture of a leader, a runner-up and two also-rans is more complicated than it seems. A saturated market with fewer new customers to compete for means that the big four’s relative positions in terms of size are increasingly stratified.+ ALSO ON NETWORK WORLD: Verizon's acquisition of AOL is a move to disrupt the TV market | Apple, Google urge Obama to reject encryption back doors +To read this article in full or to leave a comment, please click here

0

Netconf Python ncclient

In my earlier blogs, I had covered basics of Netconf and Yang and how to use Netconf to configure Cisco devices. Recently, I came across this Python ncclient library that simplifies the configuration/monitoring of Networking devices that supports Netconf. Using ncclient library, we can programmatically configure and monitor devices using Netconf. I also found out that … Continue reading Netconf Python ncclient →

0

NFV Terminology and Architecture from ETSI

Well, if you thought SDN introduced a lot of terminology, you’ll love NFV! The good news is that ETSI, which defines NFV, does a great job documenting NFV, with extensive term and acronym lists to support other documents about the details of NFV architecture. Several of the ETSI NFV docs provide some great stepping-stones for understanding the basic concepts and terminology, which is where we’ll go in this post.

This is the last in a related series! The other posts:

• SDN Terms and Architecture from RFC 8426
• SDN Terms and Architecture from ITU Y.3300
• And this post! About ETSI NFV Terms and Architecture

A Brief Big Picture of NFV

One of the challenges with this blog is figuring out how much prior knowledge to assume. If you don’t know much at all about NFV, read this section for a quick intro. Otherwise, skip to the next heading.

Briefly…

Think of every networking device used in the IT world. Those include routers, switches, firewalls, intrusion detection systems, load balancers, and so on. Traditionally, those devices have indeed been devices – purpose built hardware, running some OS that performed the networking function.

While you’re thinking of the old way to network, Continue reading

0

Do We Need NAC and 802.1x?

Another question I got in my Inbox:

What is your opinion on NAC and 802.1x for wired networks? Is there a better way to solve user access control at layer 2? Or is this a poor man's way to avoid network segmentation and internal network firewalls.

Unless you can trust all users (fat chance) or run a network with no access control (unlikely, unless you’re a coffee shop), you need to authenticate the users anyway.

Read more ...