Deterrence will keep a lid on cyberwar, former spy chief says

Major sponsors of cyberwarfare forces are reaching a state of deterrence resembling the mutually assured destruction in nuclear weapons standoffs, former U.S. national intelligence director Dennis Blair said Tuesday.All nation states would suffer if countries engaged in cyberattacks against civilians, and world leaders including those in China and Russia are reluctant to unleash such forces, Blair, a retired U.S. Navy admiral who oversaw U.S. intelligence from 2009 to 2010, told a news conference in Tokyo.Military and civilian systems are often intertwined, Blair said, pointing to GPS as an example of a military technology that is now used in widespread civilian applications from navigation to financial transactions.To read this article in full or to leave a comment, please click here

Indian net neutrality backers get boost from Flipkart retreat on free app access

Indian online retailer Flipkart has abandoned a plan to give customers of mobile operator Bharti Airtel free access to its mobile app after criticism that the move posed a threat to net neutrality.Earlier this month, Airtel launched a marketing platform, Airtel Zero, that allows app developers to pay for their customers to access their services without data charges. The move was, however, criticized by activists as a threat to net neutrality in the country, putting Internet startups and smaller players that can’t afford the fees at a disadvantage.Flipkart’s CEO Sachin Bansal said on Twitter recently that the so-called zero-rating deals reduced data costs for users.To read this article in full or to leave a comment, please click here

Sharp develops 4K smartphone display, undecided on manufacturing plan

Sharp has developed a 5.5-inch display with 3860 x 2160 pixel resolution, which is equivalent to “ultra high definition,” also known as 4K.The prototype LCD display, which could be used in smartphones in the future, has a pixel density of 806 pixels per inch (ppi) and was shown off last week at the China Information Technology Expo in Shenzhen, China. It was part of a larger, 12.5-inch IGZO panel.Sharp hasn’t decided on a schedule for mass production yet. “Currently there are no driver ICs for small 4K panels, so the panel is not ready for mass production at this point,” Sharp spokeswoman Miyuki Nakayama said via email.The company wants to develop and mass-produce 4K screens for clients’ phones but it’s too early to say whether they will be used in Sharp’s own Aquos line of smartphones, she added.To read this article in full or to leave a comment, please click here

RadioShack presses ahead plan for sale of customer data

RadioShack will press on with its plan to sell its customer data, despite opposition from a number of U.S. states.The company has asked a bankruptcy court for approval for a second auction of its assets, which includes the consumer data.The state of Texas, which is leading the action by the states, has opposed the sale of personally identifiable information (PII), citing the online and in-store privacy policies of the bankrupt consumer electronics retailer.The state claimed that it found from a RadioShack deposition that PII of 117 million customers could be involved. But it learned later from testimony in court that the number of customer files offered for sale might be reduced to around 67 million.To read this article in full or to leave a comment, please click here

RadioShack presses ahead plan for sale of customer data

RadioShack will press on with its plan to sell its customer data, despite opposition from a number of U.S. states.The company has asked a bankruptcy court for approval for a second auction of its assets, which includes the consumer data.The state of Texas, which is leading the action by the states, has opposed the sale of personally identifiable information (PII), citing the online and in-store privacy policies of the bankrupt consumer electronics retailer.The state claimed that it found from a RadioShack deposition that PII of 117 million customers could be involved. But it learned later from testimony in court that the number of customer files offered for sale might be reduced to around 67 million.To read this article in full or to leave a comment, please click here

Windows vulnerability can compromise credentials

A vulnerability found in the late 1990s in Microsoft Windows can still be used to steal login credentials, according to a security advisory released Monday.A researcher with security vendor Cylance, Brian Wallace, found a new way to exploit a flaw originally found in 1997. Wallace wrote on Monday the flaw affects any PC, tablet or server running Windows and could compromise as many as 31 software programs.He wrote the flaw was not resolved long ago, but that “we hope that our research will compel Microsoft to reconsider the vulnerabilities.”The vulnerability, called Redirect to SMB, can be exploited if an attacker can intercept communications with a Web server using a man-in-the-middle attack.To read this article in full or to leave a comment, please click here

Windows vulnerability can compromise credentials

A vulnerability found in the late 1990s in Microsoft Windows can still be used to steal login credentials, according to a security advisory released Monday.A researcher with security vendor Cylance, Brian Wallace, found a new way to exploit a flaw originally found in 1997. Wallace wrote on Monday the flaw affects any PC, tablet or server running Windows and could compromise as many as 31 software programs.He wrote the flaw was not resolved long ago, but that “we hope that our research will compel Microsoft to reconsider the vulnerabilities.”The vulnerability, called Redirect to SMB, can be exploited if an attacker can intercept communications with a Web server using a man-in-the-middle attack.To read this article in full or to leave a comment, please click here

Saltstack – Using Pillars and starting to template

In our last post about SaltStack, we introduced the concept of grains.  Grains are bits of information that the Salt minion can pull off the system it’s running on.  SaltStack also has the concept of pillars.  Pillars are sets of data that we can push to the minions and then consume in state or managed files.  When you couple this with the ability to template with Jinja, it becomes VERY powerful.  Let’s take a quick look at how we can start using pillars and templates. 

Prep the Salt Master
The first thing we need to do is to tell Salt that we want to use Pillars.  To do this, we just tell the Salt master where the pillar state files are.  Let’s edit the salt master config file…

vi /etc/salt/master

Now find the ‘Pillar Settings’ section and uncomment the line I have highlighted in red below…

image 
Then restart the salt-master service…

systemctl restart salt-master

So we just told Salt that it should use the ‘/srv/pillar/’ directory for pillar info so we need to now go and create it…

mkdir /srv/pillar/

Now we’re all set.  Pillar information is exported to the Continue reading

The Verizon SuperCookie Won’t Go Away

Update 4/21/2015:
It's been pointed out to me that Relevant Mobile Advertising (RMA - the thing responsible for the SuperCookie) and Customer Proprietary Network Information (CPNI) are not the same thing. That may be, but the link in the opt out instructions on Verizon's RMA info page goes to the CPNI settings below. If there's an RMA opt-out lever available to me somewhere on verizonwireless.com, I sure can't find it. I spoke with a new Verizon phone rep today. She claims to have sorted things out. My HTTP traffic still has the extra header attached. We'll see if that changes in the next few days...
Verizon Wireless made the news a few months ago when somebody noticed that they were adding extra HTTP headers which uniquely identified subscribers to every web request which traversed their network.

There was something of an uproar about it. I checked at least one of my phones, and was disappointed to find the tracking header attached to my traffic.

Then, less than two weeks ago, Verizon announced that customers would be allowed to opt out of having their web requests marked in this way. Many news outlets covered the announcement, Twitter rejoiced, and I Continue reading

Fun With Route-Maps And BGP

I’ve always been a little bit hazy on the circumstances under which a BGP neighbour needs to be cleared. This extremely informative page from Cisco casts a bit of light on the situation. Especially, the section on when to clear a BGP neighbourship.

The official line is any in/outbound policy update will require the BGP session to be cleared to take effect. Obviously, this depends on the direction the policy is applied when you clear the neighbourship in/outbound.

So my question is whether a new route-map constitutes a policy update. Now this may sound like a stupid question (remember the title of the blog please dear reader). But someone legitimately asked me if applying a new policy constituted an update. So let’s find out.

This is my topology:

Test Topology
Test Topology

This is what I’m doing:
– Loopback0 (10.1.1.1/32) is advertised into OSPF on R1 along with the 1.1.1.0/30 network.
– The 1.1.1.0/30 network is advertised into OSPF on R2.
– BGP is used to advertise the 3.3.3.0/24 network using a peer-group TEST.
– R1 and R2 have an iBGP peering in AS 65000 using the physical addresses of Continue reading

New CCIE SPv4, CCIE RSv5 & Multicast Classes This Week

This week I will be running the following free online classes:

*Free for AAP Members

INE will also be offering the following free upcoming online classes:

  • CCNA R&S Overview and Preparation – Tues April 21st @ 09:00 PDT (16:00 UTC)
  • CCNP R&S Overview and Preparation – Thurs April 23rd @ 09:00 PDT (16:00 UTC)
  • CCNP R&S TSHOOT Overview and Preparation – Thurs April 30th @ 09:00 PDT (16:00 UTC)

More information on these classes can be found here.




CCIE Service Provider v4 Kickoff

This class marks the kickoff of INE’s CCIE SPv4 product line for the New CCIE Service Provider Version 4 Blueprint, which goes live May 22nd 2015!  In this class we’ll cover the v3 to v4 changes, including exam format changes and topic adds and removes, recommended readings and resources, INE’s new CCIE SPv4 hardware specification and CCIE SPv4 Workbook, and the schedule for INE’s upcoming CCIE Service Continue reading

New bill would invalidate FCC’s net neutrality rules

A group of Republican lawmakers has introduced a bill that would invalidate the U.S. Federal Communications Commission’s recently passed net neutrality rules.The legislation, introduced by Representative Doug Collins, a Georgia Republican, is called a resolution of disapproval, a move that allows Congress to review new federal regulations from government agencies, using an expedited legislative process.The resolution is the quickest way to stop what Collins called heavy-handed regulations that will hamper broadband deployment and could increase taxes and fees, he said in a statement. “We’ll all be paying more for less,” he added.To read this article in full or to leave a comment, please click here

Turing manuscript sells for $1 million

A 56-page notebook manuscript by Alan Turing, the English mathematician considered to be the father of modern computer science, was sold at auction Monday for US$1.025 million. The manuscript is almost certainly the most extensive by Turing, in his own hand, in existence, experts at Bonhams auction house said. Turing apparently wrote in the notebook in 1942 when he was working in Bletchley Park, England, trying to break German military code. The bidding took place at Bonhams on Madison Avenue in New York, with about 50 bidders present in the auction room and lines open for bids coming in by phone and Internet. The winning bid was from a private collector who did not wish to be identified.To read this article in full or to leave a comment, please click here

Microsoft brings DelBene back for strategy and planning

Kurt DelBene, who left his role as president of Microsoft’s Office Division back in 2013, is returning to Microsoft as executive vice president of corporate strategy and planning, and will report to CEO Satya Nadella.Following his departure from Microsoft, DelBene was tapped by President Obama to take charge of the troubled rollout of the HealthCare.gov website at the Department of Health and Human Services.To read this article in full or to leave a comment, please click here

New cyberthreat information sharing bill may be more friendly to privacy

A new bill designed to encourage businesses and government agencies to share information about cyberthreats with each other may go farther toward protecting the privacy of Internet users than other recent legislation in the U.S. Congress.The National Cybersecurity Protection Advancement NCPA Act, introduced Monday in the House of Representatives by two Texas Republicans, appears to do a “much better job” at protecting privacy than two bills that have passed through the House and Senate Intelligence Committees, said Robyn Greene, policy counsel at the New America Foundation’s Open Technology Institute.To read this article in full or to leave a comment, please click here

7 ways to save money with hybrid cloud backup

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Disasters that affect data aren’t necessarily the type that Hollywood glorifies in blockbusters. The scenarios that could bring your business to a standstill might be caused by cyberattack, human error, blizzard or hurricane, or any number of other common occurrences. When these events happen – and they will happen to every business at least once – they are far more destructive when there is no plan in place for maintaining uptime and productivity.

In many cases today, comprehensive plans rely on hybrid cloud backup. What was once a costly, time-consuming process to back up data to tape has morphed into a reliable practice that can both safeguard your data and restore your business in minutes instead of taking days or weeks. And today’s proliferation of specialized business continuity approaches empowers organizations to save their entire systems soup-to-nuts, down to individual device settings and snapshots. Here’s how hybrid cloud backup can save your data, your reputation and your money:

To read this article in full or to leave a comment, please click here

IDG Contributor Network: Open source a driver for merchant chips

Incumbent networking gear makers have often designed their own chips. It's what has created differentiation between products.That custom networking chip design, in some cases, was also behind growth in the technology bubble of the '90s. Some companies were considered better than others because of their silicon design.However, a new breed of manufacturers aren't doing this custom work. Those suppliers, like up-and-coming player Arista, are simply using off-the-shelf silicon.Their ASIC, or Application-Specific Integrated Circuits, are still designed for networking, but they are generic. They're called "merchant" chips, or merchant silicon. They're in switches, along with the included software to run them.To read this article in full or to leave a comment, please click here

Which is more secure, Android or iOS? The answer isn’t that simple

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

We love to ask the question, “Which is more secure: iOS or Android?” But if you really want to drive secure mobile productivity you’re going to have to start looking at the bigger picture.

The longstanding Android vs. iOS debate is understandable because these mobile OSes power the majority of devices employees bring to work today. But two trends in the mobile world are uprooting the traditional arguing points -- and changing the mobile security landscape overall. They highlight our need for an actionable, multi-layer security approach, not just putting your hope in the OSes of two major mobile players.

To read this article in full or to leave a comment, please click here