Project Calico: Is It Any Good?

At least a dozen engineers sent me emails or tweets mentioning Project Calico in the last few weeks – obviously the project is getting some real traction, so it was high time to look at what it’s all about.

TL&DR: Project Calico is yet another virtual networking implementation that’s a perfect fit for a particular use case, but falters when encountering the morass of edge cases.

Read more ...

OPM hit by class-action suit over breach of federal employee data

A federal employees union has filed a lawsuit against the U.S. Office of Personnel Management, its leadership and a contractor, alleging that their negligence led to a data breach that compromised the personal information of millions of current, former and prospective government employees and contractors.Since at least 2007, the OPM has been warned by its Office of Inspector General of significant deficiencies in its cybersecurity protocol, according to the proposed class-action suit filed Monday by the American Federation of Government Employees in the U.S. District Court for the District of Columbia.However, OPM failed to take measures to correct these issues, despite handling massive amounts of federal applicants’ private, sensitive and confidential information, it added. The data handled by the OPM included a 127-page form, called Standard Form 86, which requires applicants for security clearances to answer questions on their financial histories and investment records, children’s and relatives’ names, foreign trips and contacts with foreign nationals, past residences, and names of neighbors and close friends, according to the filing.To read this article in full or to leave a comment, please click here

Which songs stumped Shakira? Shazam will now show you

Shazam is releasing a new version of its music recognition app that lets users connect with artists they like and see what songs they’ve searched for using its service.Shazam lets people identify songs, TV shows and movies by capturing a brief snippet onto their phone, which gets matched against Shazam’s database. The new version due out Tuesday, for iOS and Android, lets users see what songs have been identified by artists using the app. Because not even musicians know every song that’s playing.To read this article in full or to leave a comment, please click here

FTC settles with developers of sneaky cryptocurrency mining app

The developers of a mobile app called Prized that secretly mined cryptocurrencies on people’s mobile phones have settled with the U.S. Federal Trade Commission after being accused of deceptive trade practices.Equiliv Investments and Ryan Ramminger, both of Ohio, settled for US$50,000, of which $44,800 will be suspended upon payment of $5,200 to New Jersey regulators, the agency said in a news release Monday. The suit was filed in U.S. District Court for the District of New Jersey last Wednesday.To read this article in full or to leave a comment, please click here

US personnel agency takes system offline after hack

Problems for the U.S. Office of Personnel Management aren’t letting up. The government agency said Monday it had suspended a system used for background checks after a security flaw was discovered in the Web-based app.The agency said there’s no evidence the system was hacked. It discovered the vulnerability during an ongoing review of its IT systems, it said, which is being carried out in the wake of at least two serious security breaches.Still, it’s a big inconvenience. The system, called E-QIP, is used by multiple agencies to carry out background checks on potential new hires, and it will be offline for four to six weeks, the OPM said.“The actions OPM has taken are not the direct result of malicious activity on this network, and there is no evidence that the vulnerability in question has been exploited,” the agency said, calling the decision to take E-QIP offline a proactive measure to ensure ‘the ongoing security of its network.”To read this article in full or to leave a comment, please click here

Microsoft hands some of the reins for its display ad business to AOL

Microsoft will be handing over its display advertising business to AOL in nine markets as part of a new partnership between the two companies that was announced Monday.Under the deal, AOL will use Bing to power search through its website, and will operate display advertising, including mobile and video ads, for Microsoft’s portfolio in Brazil, Canada, France, Germany, Italy, Japan, Spain, U.K. and the U.S. That means AOL will be powering all the display ads that run in those countries, including on MSN, Xbox, Outlook.com and Skype.To read this article in full or to leave a comment, please click here

Microsoft parental control update lets kids browse more than they should

A new version of Microsoft’s parental control product is ready for the Windows 10 launch, but users are complaining about a serious bug as well as features they don’t like.The free service, known previously as Family Safety, has been rebranded as Microsoft Family and redesigned. The changes are supposed to help families more easily control their kids’ activities on Windows and Windows Phone devices. However, parents are complaining on Microsoft’s support forum about a bug that loosens browsing restrictions.The bug affects accounts that should have their browsing limited to a handpicked “whitelist” of websites. Instead, children can browse beyond the walled garden their parents set up. Unsurprisingly, parents are upset, and they can’t return to the previous version.To read this article in full or to leave a comment, please click here

Uber grabs mapping tech, employees from Microsoft

Uber is adding to its mapping smarts by acquiring technology used by Microsoft’s Bing Maps, and has hired roughly 100 Microsoft employees who work on image collection and data analysis.Microsoft decided it will no longer collect the imagery and data for Bing Maps itself, and will instead rely on partners. Bing Maps will continue to provide driving directions and information about traffic and road conditions.The employees joining Uber constitute “a small number” of Microsoft’s larger maps team, the companies said.For Microsoft, the acquisition fits with its decision a year ago to focus on productivity services, which are at the core of its strategy, a spokeswoman said on Monday.To read this article in full or to leave a comment, please click here

MIT tests ‘software transplants’ to fix buggy code

Like visiting a junk yard to find cheap parts for an aging vehicle, researchers from the Massachusetts Institute of Technology have come up with a way to fix buggy software by inserting working code from another program.Using a system they call CodePhage, the researchers were able to fix flaws in seven common open-source programs by using, in each case, functionality taken from between two and four “donor” programs.Fixing such errors can help make code more secure, since malicious hackers often exploit flaws to gain entry to a system. CodePhage can recognize and fix common programming errors such as out of bounds access, integer overflows, and divide-by-zero errors.To read this article in full or to leave a comment, please click here

Fiber broadband can drive up your home’s value

The availability of really fast broadband in your neighborhood could increase your home’s value by more than 3 percent.High-speed fiber broadband service, with 1 Gbps download speeds, can add more than $5,400 to the value of an average U.S. home, according to a study commissioned by the Fiber to the Home Council Americas (FTTH), an advocacy group made up of fiber equipment vendors and broadband providers.That $5,400 figure is approximately equal to adding a new fireplace, half of a new bathroom or a quarter of a swimming pool, according to the study, conducted by researchers at the University of Colorado at Boulder and Carnegie Mellon University.To read this article in full or to leave a comment, please click here

PayPal tweaks terms in wake of ‘robocall’ controversy

PayPal is fine-tuning its policies after a recently announced plan to make unsolicited prerecorded calls and texts to users drew questions and concerns from customers, regulators and consumer advocates.Earlier this month, PayPal generated controversy when it proposed amendments to its terms that would allow it make unsolicited calls for marketing and other purposes. The Federal Communications Commission told PayPal that the proposed terms, which would go into effect July 1, might violate federal laws because unsolicited robocalls are only legal if a company has obtained written or oral consent from consumers.To read this article in full or to leave a comment, please click here

LTE-U is coming to take your Wi-Fi away, consumer advocates warn

A carrier technology that uses Wi-Fi frequencies to provide LTE connectivity could let the big wireless providers mess with your home connection and push you on to their networks, according to comments filed today with the FCC by several watchdog groups.The technology is called either LTE – Unlicensed or Licensed Assisted Access (LTE-U or LAA), and it essentially works by using 4G/LTE radios to send and receive data via the same 5GHz frequencies as Wi-Fi. This lets carriers offload traffic from their congested licensed networks to consumer Wi-Fi, easing the load.+ ALSO ON NETWORK WORLD: 9 creative ways to destroy sensitive data + The programmer's guide to breaking into management +To read this article in full or to leave a comment, please click here

FTC shuts down “card member services” robocallers

A massive robocall campaign designed to trick people into paying for worthless credit card interest rate reduction programs has been shut down by a Federal Court at the behest of the Federal Trade Commission and the Florida Attorney General. The court order stops the illegal calls, many of which targeted seniors and claimed to be from “credit card services” and “card member services.” The defendants charged consumers up to $4,999 for their non-existent services, the FTC stated. +More on Network World: FBI: Social media, virtual currency hit big time scam, fraud club+To read this article in full or to leave a comment, please click here

What to do with tomorrow’s leap second

We are being granted a leap second tomorrow so the question arises: What am I – or any of us, for that matter -- to do with the extra time? Among the necessarily brief possibilities that have occurred to me so far: Consider buying an Apple Watch. Slice as seen on TV (above). Work on that novel. Say leap second one time fast. Hold my breath. Drink responsibly. Make sweet, sweet love. Or, care about what Antonin Scalia thinks. As you might expect, I’m open to suggestions.To read this article in full or to leave a comment, please click here

Service Provider IPv6 Deployment

These are my study notes regarding IPv6 deployment in SP networks in preparation for the CCDE exam.

Drivers for implementing IPv6

  • External drivers
    • SP customers that need access to IPv6 resources
    • SP customers that need to interconnect their IPv6 sites
    • SP customers that need to interface with their own customers over iPv6
  • Internal drivers
    • Handle problems that may be hard to fix with IPv4 such as large number of devices (cell phones, IP cameras, sensors etc)
    • Public IPv4 address exhaustion
    • Private IPv4 address exhaustion
  • Strategic drivers
    • Long term expansion plans and service offerings
    • Preparing for new services and gaining competitive advantage

Infrastructure

  • SP Core Infrastructure
    • Native IPv4 core
    • L2TPv3 for VPNs
    • MPLS core
    • MPLS VPNs

My reflection is that most cores would be MPLS enabled, however there are projects such as Terastream in Deutsche Telekom where the entire core is IPv6 enabled and L2TPv3 is used in place of MPLS.

  • IPv6 in Native IPv4 Environments
    • Tunnel v6 in v4
    • Native v6 with dedicated resources
    • Dual stack

The easiest way to get going with v6 was to tunnel it over v4. The next logical step was to enable v6 but on separate interfaces to not disturb the “real” traffic and to be Continue reading

IDG Contributor Network: Next-generation 5G speeds will be 10 to 20 Gbps

The International Telecommunication Union (ITU) has defined 5G network speeds as being 20 Gigabits per second (Gbps), according to an article in the Korea Times.However, an ITU spokesperson says it will be more like 10 Gbps with peak speeds at 20 Gbps, according to a separate Fierce Wireless report.The ITU, a United Nations organization, has also come up with a name for the 5G standard – "IMT-2020."The ITU allocates global radio spectrum and is also responsible for coordinating mobile radio strategy and regulations.To read this article in full or to leave a comment, please click here

Cybercriminals adopt recently patched zero-day exploit in a flash

Just four days after Adobe Systems patched a vulnerability in Flash Player, the exploit was adopted by cybercriminals for use in large-scale attacks. This highlights the increasingly small time frame users have to deploy patches.On Saturday, a malware researcher known online as Kafeine spotted a drive-by download attack done with the Magnitude exploit kit that was exploiting a Flash Player vulnerability patched Tuesday.The flaw, tracked as CVE-2015-3113 in the Common Vulnerabilities and Exposures database, had zero-day status—that is, it was previously unpatched—when Adobe released a patch for it. It had already been exploited by a China-based cyberespionage group for several weeks in targeted attacks against organizations from the aerospace, defense, construction, engineering, technology, telecommunications and transportation industries.To read this article in full or to leave a comment, please click here

1 3,415 3,416 3,417 3,418 3,419 3,840