Apache Cordova fixes flaw that could cause apps to crash

A fix has been released for a vulnerability in a widely used piece of code in Android devices, which could cause apps to crash or display unwanted dialog boxes.The flaw lies in Apache Cordova, which is a set of APIs (application programming interfaces) that let developers access functions such as a camera or accelerometer using JavaScript, according to its website.Trend Micro, which found the problem, wrote that 5.6 percent of apps in Google’s Play store use Cordova and are vulnerable. iOS is not affected.Apps using Cordova that “don’t have explicit values set in Config.xml can have undefined configuration variables set by Intent,” according to a description of the flaw on the Cordova website.To read this article in full or to leave a comment, please click here

Wi-Fi access point scans can betray a person’s location

Many Android applications collect information on Wi-Fi access points, which researchers contend can be used to figure out where a person is more than 90 percent of the time.The privacy implications of Wi-Fi access point scanning is often overlooked but presents a risk if the information is abused, according to the study, written by the Technical University of Denmark, the Massachusetts Institute of Technology and the University of Copenhagen.Wi-Fi information isn’t considered location data, and Android applications such as Candy Crush Saga, Pandora and Angry Birds routinely collect it.“This makes it possible for third party developers to collect high-resolution mobility data under the radar, circumventing the policy and the privacy model of the Android ecosystem,” wrote Sune Lehmann, an associate professor at DTU Informatics at the Technical University of Denmark, in a blog post.To read this article in full or to leave a comment, please click here

Lenovo’s new Windows 10 tablet to arrive in August

Lenovo will be one of the first to offer a Windows 10 tablet, with a new ThinkPad device that’s slated to arrive in August.The next generation ThinkPad 10 will be loaded with Microsoft’s upcoming OS, and is aimed at business users. It will have a starting price at $499.The ThinkPad 10 is available with a choice of quad-core Intel Atom processors, the X5 Z8500 or the X7 Z8700, which are part of Intel’s “Cherry Trail” line of processors.Other options include either 2GB or 4GB of RAM, and 64GB or 128GB of internal storage. Apart from the faster processors and a new USB 3.0 port, the ThinkPad 10 is otherwise similar to the previous generation. It still contains a micro-SD card slot, and there is optional support for a fingerprint reader and smart card reader. The 10.1-inch screen has a resolution of 1920 pixels by 1200, and battery life is up to 10 hours.To read this article in full or to leave a comment, please click here

After medical marijuana, Sidecar eyes alcohol and pharmaceuticals

Earlier this month, Sidecar expanded its mobile ride hailing service to deliver medical marijuana in San Francisco. It’s not the only substance the startup wants to bring to your door.Sidecar is in talks with potential partners to deliver alcohol and pharmaceutical drugs to its users, said CEO Sunil Paul. And in case you’re craving them badly, it will get them to you in an hour. It’s not yet delivering those items but plans to by the end of the year, Paul said in an interview Wednesday.Sidecar’s ride hailing service works similarly to that of Uber and Lyft, with a few differences. The app lets riders choose from a list of drivers who are able to set their own fares. And the company claims to be more transparent than rivals when surge pricing is in effect, specifying the exact fare up front. Still, Sidecar hasn’t proved as popular as Uber and Lyft and is active in far fewer cities.To read this article in full or to leave a comment, please click here

Open Source Routing: A Comparison

I have been getting more interested in open-source networking software, and I figured it was time to write a post comparing some of the more popular open source projects in this space.

Not only do we have several options (which hasn’t always been the case) for running routing protocols in FOSS, but we also have a variety of use cases that are increasing in popularity (using BGP for SDN-type purposes, not just to do internet peering). So isn’t an idea limited to enthusiasts who like to spin their own router - this kind of software has very interesting large-scale applications as well.

This won’t be a comprehensive list, just the top three that I’ve been looking into. I also won’t be going into too much detail on how to set all this software up - I’m saving that for a follow-up post.

Quagga

Quagga is at the top of this list primarily because from my perspective, it is the most well-known. It is best to think of Quagga as a collection of smaller daemons, each with a specific task. This task may be to run a routing protocol like OSPF or BGP, or it may be something else.

In this Continue reading

Open Source Routing: A Comparison

I have been getting more interested in open-source networking software, and I figured it was time to write a post comparing some of the more popular open source projects in this space.

Not only do we have several options (which hasn’t always been the case) for running routing protocols in FOSS, but we also have a variety of use cases that are increasing in popularity (using BGP for SDN-type purposes, not just to do internet peering). So isn’t an idea limited to enthusiasts who like to spin their own router - this kind of software has very interesting large-scale applications as well.

This won’t be a comprehensive list, just the top three that I’ve been looking into. I also won’t be going into too much detail on how to set all this software up - I’m saving that for a follow-up post.

Quagga

Quagga is at the top of this list primarily because from my perspective, it is the most well-known. It is best to think of Quagga as a collection of smaller daemons, each with a specific task. This task may be to run a routing protocol like OSPF or BGP, or it may be something else.

In this Continue reading

Programming an ACI Fabric

By now, you’ve probably heard of Cisco’s Software Defined Networking (SDN) solution that is centered around ACI, or the Application Centric Infrastructure. Like most SDN platforms, a key component is the controller otherwise known as the Application Policy Infrastructure Controller (APIC) in the case of ACI. The APIC provides a single pane of glass that centralizes policy, configuration, and monitoring of the complete fabric. It also more importantly exposes the complete system via an object oriented REST API, which is what we’ll look at in this post.

By itself, ACI reduces the number of touch points in the network. This is no different than any other controller-based network that exists today and is a great step in the right direction. We can then honestly say SDN simplifies operations.

The issue is if you don’t have something else driving ACI, or any other SDN solution for that matter, it could take a large number clicks within the UI to configure a new tenant, application, or whatever is being configured. This is error prone as we all know it’s pretty easy to fat finger something! Because of this, it still makes total sense to automate network fabrics even if it’s not for Continue reading

Microsoft app store gets a spring clean before Windows 10 launch

Microsoft is cleaning house in the Windows Store, enacting policies that could see some apps removed as it tries to reduce clutter and ensure fair pricing ahead of the Windows 10 launch later this year.The new policies, designed to make it easier for users to find quality apps, will also clamp down on developers who abuse keywords to game the Store’s search results.First off, Microsoft wants to ensure users can distinguish between different apps, which means developers will need to use icons that accurately reflect what a program does, and that aren’t too similar to other app icons in the store. The same rules will apply to application titles, and to application functionality.To read this article in full or to leave a comment, please click here

FCC ruling could bolster robocall battle

The Federal Communications Commission could soon clear a path to help in the ongoing battle to fight unwanted and in many cases illegal robocalls and text messages.FCC Chairman Tom Wheeler is proposing a number of changes that the FCC says would “close loopholes and strengthen consumer protections already on the books,” such as the widely used Do-Not-Call Registry. The FCC proposals were in response to industry players who sought clarity on how the Commission enforces the Telephone Consumer Protection Act (TCPA)."The FCC wants to make it clear: Telephone companies can – and in fact should – offer consumers robocall-blocking tools," FCC Chairman Tom Wheeler said in a blog post. In the past some carriers we concerned that blocking automated calls could be construed as violations of the TCPA that requires them to ensure that all calls placed over their networks reach their intended recipients.To read this article in full or to leave a comment, please click here

Judge classifies as class action an email scanning lawsuit against Yahoo

A lawsuit that alleges Yahoo’s email scanning practices are illegal can proceed as a class action complaint, a development that will shine the spotlight on the Yahoo Mail use of messages’ content for advertising purposes.Plaintiffs allege that emails sent to Yahoo Mail users by people who do not have Yahoo Mail accounts are scanned by Yahoo in violation of federal and California wiretapping laws.In a decision Tuesday evening, Judge Lucy Koh said all U.S. residents who are not Yahoo Mail subscribers but who have sent emails to or received emails from a Yahoo Mail subscriber between Oct. 2, 2011, and now may sue the company.California residents who are not Yahoo Mail subscribers but who have sent emails to or received emails from a Yahoo Mail subscriber between Oct. 2, 2012, and now may sue the company, according to the judge’s filing in the U.S. district court in the northern district of California.To read this article in full or to leave a comment, please click here

Citizens of Tech 005 – Saga of Lucimia Special, Part 1

Eric Sutphen (@zutfen) and Jeff Pugliese (@tpyowritr) interview game developers Tim Anderson and Giovanni Martello from Saga of Lucimia.

Author information

Ethan Banks

Co-host at Packet Pushers

Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 3M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction. @ecbanks
TwitterGoogle+LinkedIn

The post Citizens of Tech 005 – Saga of Lucimia Special, Part 1 appeared first on Packet Pushers Podcast and was written by Ethan Banks.

How to prevent the new Messages bug from crashing your iPhone

A bug in iOS 8 turns a string of Unicode characters into a phone-crashing catastrophe.If you receive a message with the characters, either as an iMessage or an SMS text from contacts on other platforms, your iPhone will crash—but only if you open it. If you receive a notification with the message on your lock screen, your phone will either reboot or lock you out of Messages altogether.MORE: iPhone 7 Rumor RollupThe bug doesn’t actually generate the message—some prankster with your phone number has to actually send the code to you. Let’s hope your friends aren’t jerks. If one of your contacts does send you a malicious message, its effects can be reversed with a follow-up message—or you can send yourself the fix from your Mac by replying to the original string in Messages on OS X, according to The Verge. (The bug only affects iPhones, iPads, and Apple Watches.)To read this article in full or to leave a comment, please click here

Chip maker Avago may be close to buying Broadcom

Avago Technologies is in advanced talks to acquire Broadcom in a potential deal that could mark the latest consolidation in the global semiconductor industry, according to a report in the Wall Street Journal.The terms being discussed aren’t clear and the deal could still fall through, according to the report, which did not name its sources.Broadcom makes chips for a wide range of communications products, including wired and wireless networks, connected home and car equipment and the Internet of Things. Avago’s silicon goes into industrial and enterprise storage gear as well as wireline and wireless networks. Avago, founded in 1961, is based in San Jose, California, and Singapore. Broadcom is in Irvine, California, and started in 1991.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Successful 400 Gbps trials open the door for faster fiber

We've been hearing about speed trials over fiber for years. In 2009, researchers in Denmark were the first to beat the one-terabit mark. For comparison, today's commercial fiber usually runs at 100 gigabits per second.This year's real-world tests, by switch-maker Alcatel-Lucent over existing long-distance fiber, have obtained 400 gigabits per second, or 50 gigabytes in one second.That's especially good because it's real-world and four times better than the current, normally available pipes.Bits are used to measure rate of transfer, and bytes to measure capacity, by the way.To read this article in full or to leave a comment, please click here

Candidate Sanders has a funny 404 page

Vermont Sen. Bernie Sanders, newly announced Democratic candidate for president, has always seemed a grumpy sort when being interviewed on television. And that makes his campaign site’s 404 page video all the funnier. Just scoot down to the bottom of the page. Priceless. To read this article in full or to leave a comment, please click here

An insider’s guide to the private IPv4 market

We’ve been hearing about the impending depletion of IPv4 addresses for years, but that day is finally upon us -- the free supply of IPv4 numbers in North America will be completely gone within a month or two.However, as the world slowly transitions to IPv6, there’s no cause for alarm. A significant quantity of unused, previously allocated IPv4 numbers are readily available for re-distribution to IP network operators that need them. And an active private market for IPv4 addresses has emerged to allow companies with these excess IPv4 numbers to sell them to those in need.+ ALSO ON NETWORK WORLD Infographic: IPv4 vs IPv6 +To read this article in full or to leave a comment, please click here

1 3,384 3,385 3,386 3,387 3,388 3,756