Anti-privacy award for most monitoring across the web goes to U.S. wireless carriers

Wireless carriers worldwide are still tracking users via "supercookies" or "perma-cookies," yet Americans are tracked by U.S. wireless carriers more than any other carrier in any other country, according to a new report by the digital rights group Access. "Injecting tracking headers out of the control of users, without their informed consent, may abuse the privileged position that telcos occupy." Those tracking headers "leak private information about users and make them vulnerable to criminal attacks or even government surveillance."It came to light in 2014 that Verizon Wireless and AT&T were injecting special tracking headers, aka "supercookies," to secretly monitor users' web browsing habits. So Access setup the "Am I being tracked?" website for users to find out if their mobile carriers were tracking the websites they visited on their phone. More than 200,000 people from 164 different countries tried out the Amibeingtracked tool; 15.3% were being tracked by tracking headers deployed by their wireless carriers. Of those, the most monitoring occurred in the U.S.To read this article in full or to leave a comment, please click here

Build It Better: Five Tips to Develop a Killer DockerCon Europe 2015 Proposal

Have you finished your DockerCon Europe 2015 proposal yet? The September 1st, 2015 deadline will be here before you know it—here are five tips to take your DockerCon Europe 2015 proposal to the next level. 1) Know your … Continued

Assured Security Model for Data Center and Cloud

In the Assured Security Model, software-defined infrastructure is assisted by an analytics system with state awareness of dynamic data center components.

The post Assured Security Model for Data Center and Cloud appeared first on Packet Pushers.

Who's Hiring?

VoltDB's in-memory SQL database combines streaming analytics with transaction processing in a single, horizontal scale-out platform. Customers use VoltDB to build applications that process streaming data the instant it arrives to make immediate, per-event, context-aware decisions. If you want to join our ground-breaking engineering team and make a real impact, apply here.

At Scalyr, we're analyzing multi-gigabyte server logs in a fraction of a second. That requires serious innovation in every part of the technology stack, from frontend to backend. Help us push the envelope on low-latency browser applications, high-speed data processing, and reliable distributed systems. Help extract meaningful data from live servers and present it to users in meaningful ways. At Scalyr, you’ll learn new things, and invent a few of your own. Learn more and apply.

UI Engineer– AppDynamics, founded in 2008 and lead by proven innovators, is looking for a passionate UI Engineer to design, architect, and develop our their user interface using the latest web and mobile technologies. Make the impossible possible and the hard easy. Apply here.

Software Engineer - Infrastructure & Big Data – AppDynamics, leader in next generation solutions for managing modern, distributed, and Continue reading

CUCM Dirsync Troubleshooting

One of my customer told me that one of its end user was not appearing in its CUCM database. I think it is worth to make a blogpost about it. There are already plenty of resources on the subject (Example) but I will mainly focus on the troubleshooting section here. There are 2 ways to configure your […]

Another serious vulnerability found in Android’s media processing service

Pixabay Android The Android service that processes multimedia files has been the source of several vulnerabilities recently, including a new one that could give rogue applications access to sensitive permissions.The latest vulnerability in Android's mediaserver component was discovered by security researchers from antivirus firm Trend Micro and stems from a feature called AudioEffect.The implementation of this feature does not properly check some buffer sizes that are supplied by clients, like media player applications. Therefore it is possible to craft a rogue application without any special permissions that could exploit the flaw to trigger a heap overflow, the Trend Micro researchers said Monday in a blog post.To read this article in full or to leave a comment, please click here

AT&T Picks a Virtual Session Border Controller

Metaswitch vSBC gets the Domain 2.0 nod.

Come meet me at Cloud Partners

I’m moderating a panel called Cloud Builders at the upcoming Cloud Partners show in Boston! If you’re going to be there, look me up.

The post Come meet me at Cloud Partners appeared first on 'net work.

HL: Talk to the Dummy

The post HL: Talk to the Dummy appeared first on 'net work.

Car hacking news: Ransomware threat could reach auto dealerships

It would be a heck of time to be shopping for a new set of wheels. The theme of digitally beating up cars continued with two teams of security researchers at the 24th USENIX Security Symposium.After two years of having their research suppressed by Volkswagen and a UK court, Flavio Garcia, Roel Verdult, and Baris Ege were finally able to present their research (pdf) at USENIX. The researcher paper details "how the cryptography and authentication protocol used in the Megamos Crypto transponder can be targeted by malicious hackers looking to steal luxury vehicles."To read this article in full or to leave a comment, please click here

When a Port Channel Member Link Goes Down

Mohamed Anwar asked the following question on my post “4 Types of Port Channels and When They’re Used“.

“I need a clarification, where if a member link fails, what will happen to the traffic already sent over that link ? Is there any mechanism to notify the upper layer about the loss and ask it to resend ? How this link failure will be handled for data traffic and control traffic ?”
–Mohamed Anwar

I think his questions are really important because he hits on two really key aspects of a failure event: what happens in the data plane and what happens in the control plane.

A network designer needs to bear both of these aspects in mind as part of their design. Overlooking either aspect will almost always open the network up to additional risk.

I think it’s well understood that port channels add resiliency in the data plane (I cover some of that in the previous article). What may not be well understood is that port channels also contribute to a stable control plane! I’ll talk about that below. I’ll also address Mohamed’s question about what happens to traffic on the failed link.

Control Plane

The control Continue reading

Big Switch’s ‘Hyperscale For All’ Journey Continues with Big Cloud Fabric 3.0

As promised, Big Switch releases Big Cloud Fabric 3.0, among other enhancements.

Why Are These Slides Marked Confidential?

top-secret

Imagine you’re sitting in a presentation. You’re hearing some great information from the presenter and you can’t wait to share it with your colleagues or with the wider community. You are just about to say something when you look in the corner of the slide and you see…

Confidential Information

You pause for a moment and ask the presenter if this slide is a secret or if you should consider it under NDA. They respond that this slide can be shared with no restrictions and the information is publicly available. Which raises the question: Why is a public slide marked “confidential”?

I Fought The Law

The laws that govern confidential information are legion. Confidential information is a bit different than copyrighted information or intellectual property that has been patented. In most cases, confidential information is treated as a trade secret. Trade secrets can be harmful if they are divulged, since a trade secret can’t be patented.

A great example is the formula for Coca-Cola. If they tried to patent it they would have to write down all the ingredients. While that would protect the very specific formulation of their drink it would also allow their competitors to create something extremely Continue reading

NASCAR Team Overhauls Network With Juniper

Joe Gibbs Racing replaced its network at headquarters with Juniper MetaFabric architecture to boost network performance and provide room for growth.

IRS: Tax breach much worse than originally thought

The cyberattack on U.S. taxpayer data reported by the Internal Revenue Service earlier this year now appears to be much worse than originally thought, the agency announced Monday, with as many as 300,000 citizens now believed to be potential victims.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords Whereas in May the IRS reported that sensitive information of about roughly 100,000 taxpayers had been stolen by thieves through its "Get Transcript" online application, its latest estimates more than double that number. It's now believed that the thieves potentially gained access to more than 300,000 taxpayer accounts after attempting to breach more than 600,000.To read this article in full or to leave a comment, please click here

10 more security startups to watch

The emergence of cybersecurity startups has continued unabated as entrepreneurs vie for corporate customers seeking new technologies to battle ever increasing and innovative attackers. The expertise of these new companies range from various improvements to encryption products to analyzing the wealth of security-incident data gathered from networks to gear that detects the potentially malicious wireless activity of Internet of Things devices.MORE ON NETWORK WORLD: 10 young security companies to watch in 2015 Based on the continued interest in these startups from venture capital investors, these companies will continue to proliferate. Here are 10 more security startups we are watching and why.To read this article in full or to leave a comment, please click here