Former attorney general calls Snowden deal possible

The “possibility exists” for the U.S. Department of Justice to cut a deal that would allow surveillance leaker Edward Snowden to return to the U.S., a former attorney general said in a media interview.Snowden, who leaked information about the National Security Agency’s surveillance programs, “spurred a necessary debate” about the collection of U.S. telephone records, former Attorney General Eric Holder told Yahoo News.The DOJ, however, hasn’t changed its official position on Snowden, a spokesman said. The DOJ wants Snowden to return to the U.S. from Russia and face criminal charges, the spokesman said by email.To read this article in full or to leave a comment, please click here

Meraki Will Never Be A Large Enterprise Solution

Cisco-Cloud-Networking-Meraki

Thanks to a couple of recent conversations, I thought it was time to stir the wireless pot a little. First was my retweet of an excellent DNS workaround post from Justin Cohen (@CanTechIt). One of the responses I got from wireless luminary Andrew von Nagy (@RevolutionWifi):

This echoed some of the comments that I heard from Sam Clements (@Samuel_Clements) and Blake Krone (@BlakeKrone) during this video from Cisco Live Milan in January:

During that video, you can hear Sam and Blake asking for a few features that aren’t really supported on Meraki just yet. And it all comes down to a simple issue.

Should It Just Work?

Meraki has had a very simple guiding philosophy since the very beginning. Things should be easy to configure and work without hassle for their customers. It’s something we see over and over again in technology. From Apple to Microsoft, the focus has shifted away from complexity and toward simplicity. Gone are the field of radio buttons Continue reading

Researchers find previously unknown exploits among Hacking Team’s leaked files

Researchers sifting through 400GB of data recently leaked from Hacking Team, an Italian company that sells computer surveillance software to government agencies from around the world, have already found an exploit for an unpatched vulnerability in Flash Player.There are also reports of exploits for a vulnerability in Windows and one in SELinux, a Linux kernel security module that enforces access control policies. The flaws were supposedly used by the company’s customers to silently deploy its software on computers belonging to surveillance targets.Hacking Team was incorporated as HT in Milan and develops a computer surveillance program called Remote Control System (RCS), or Galileo. The system is sold to law enforcement and other government agencies from around the world, along with access to computer intrusion tools that are needed to deploy it.To read this article in full or to leave a comment, please click here

Why certifications make me grouchy

While I support certifications, they also make me grouchy. Sometimes they make me really, really, grouchy, in fact — probably more grouchy than I have a right to be. You’ve probably heard the complaints a number of times.

For instance, there’s the problem of paper tigers, people who gain the certification but don’t have any real experience with the technology, or don’t really understand the technology. Paper tigers are bad, of course, but they’re generally easy to detect through a rigorous interview. In fact, paper tigers exist without the certification; it’s entirely possible for a solid resume to lead to a candidate that doesn’t have the skills advertised. Degree’s don’t really prove much, either, and it takes four years to get one of those (in theory), so I don’t know how much whining about this problem — as real as it is — is going to help.

Tony Li had a counter to this — he used to sit with a candidate’s resume in hand asking questions, and lining through skills he didn’t think the candidate actually had. At the end of the interview, he would hand the resume back to the candidate and say, essentially, “there, I fixed it Continue reading

The Upload: Your tech news briefing for Tuesday, July 7

Privacy group files FTC complaint to push Google to extend right to be forgotten to USFirst they ignore you, then they laugh at you.... After a year of ridiculing a European court’s “right to be forgotten” ruling, it seems that some Americans at least are beginning to think it’s a good idea. The ruling required search engines to exclude certain pages containing personal information from their search results on request from the people concerned. Now Consumer Watchdog has asked the U.S. Federal Trade Commission to institute a similar right.To read this article in full or to leave a comment, please click here

How to find cellular access when traveling (without international roaming)

My wife, two kids, and I just took a three-day trip to Vancouver, British Columbia, from our home in Seattle. Joining us were three laptops, two iPod touches, three Kindles, and two iPhones. We remembered to bring clothes and sunscreen, too.Traveling to Canada is just like going to another country—they have different currency and units of measurement, they spell “center” as “centre,” and they have different telecommunications companies. The variety of potato chips almost makes up for it.MORE: 10 mobile startups to watch Before we left, I did my usual research into how we’d keep online. We knew the Airbnb rental to which we were going had Wi-Fi, and I assumed that the profusion of free Internet service I was used to in the States would be as abundant. We were staying near Stanley Park, and there are hundreds of shops, grocery stores, and restaurants within a few blocks.To read this article in full or to leave a comment, please click here

OpenSSL tells users to prepare for a high severity flaw

Server admins and developers beware: The OpenSSL Project plans to release security updates Thursday for its widely used cryptographic library that will fix a high severity vulnerability.OpenSSL implements multiple cryptographic protocols and algorithms including TLS (Transport Layer Security), which underpins encryption on the Web as part of protocols like HTTPS (HTTP Secure), IMAPS (Internet Message Access Protocol Secure) and SMTPS (Simple Mail Transfer Protocol Secure).The project didn’t say which part of the library is affected, but high severity flaws in OpenSSL are usually a big deal, especially if they impact TLS.To read this article in full or to leave a comment, please click here

Is Linux TCP/IP Stack Really That Slow?

Most people casually involved with virtual appliances and network function virtualization (NFV) believe that replacing Linux TCP/IP stack with user-mode packet forwarding (example: Intel’s DPDK) boosts performance from meager 1 Gbps to tens of gigabits (and thus makes hardware forwarding obsolete).

Having data points is always better than having opinions; today let’s look at Receiving 1 Mpps with Linux TCP/IP Stack blog post.

2015-07-18: The blog post was updated based on feedback by Kristian Larsson.

Read more ...

It is time to drop the CCIE written

Back in 1993 the CCIE Cisco Certification, the first Cisco certification, was created and tested. Yes, the CCIE certification came years before the CCNA certification (1998) and thus Cisco needed a way to weed out candidates who were not ready for the CCIE lab exam.  What they came up with was a Written pre-qualification exam to show that […]

The post It is time to drop the CCIE written appeared first on Fryguy's Blog.

FBI chief warns that terrorists hide behind encrypted communications

U.S. Federal Bureau of Investigation Director James Comey has asked for a “robust debate” on encryption of communications, saying that the technology could come in the way of his doing his job to keep people safe.The recruitment and tasking of Americans by the group known as the Islamic State, or ISIL, is increasingly taking place “through mobile messaging apps that are end-to-end encrypted, communications that may not be intercepted, despite judicial orders under the Fourth Amendment.”“There is simply no doubt that bad people can communicate with impunity in a world of universal strong encryption,” he added. The op-ed in the Lawfare blog comes ahead of testimonies by Comey before the Senate intelligence and judiciary committees on Wednesday.To read this article in full or to leave a comment, please click here

Worth Reading: Networking with Fish

It seems like just yesterday I was at CiscoLive in San Francisco asking people I had met on twitter about their experiences blogging as well as hosting a web page. Today? Last week marked the 1 year anniversary of “Networking With Fish”.

If anyone ever asks me why I write, or why I work so hard to draw other people into the larger networking world, I’ll point them to this post. One of the biggest goals of my life is to help people learn and grow. I’ll never become a millionaire in the process, but I’ll have a million friends, and that’s infinitely more important in the long run.

The post Worth Reading: Networking with Fish appeared first on 'net work.

The Internet is a cooperative system: CNAME to Dyn DNS outage of 6 July 2015

Today, shortly after 21:00 UTC, on our internal operations chat there was a scary message from one of our senior support staff: "getting DNS resolution errors on support.cloudflare.com", at the same time as automated monitoring indicated a problem. Shortly thereafter, we saw alarms and feedback from a variety of customers (but not everyone) reporting "1001 errors", which indicated a DNS resolution error on the CloudFlare backend. Needless to say, this got an immediate and overwhelming response from our operations and engineering teams, as we hadn't changed anything and had no other indications of anomaly.

In the course of debugging, we were able to identify common characteristics of affected sites—CNAME-based users of CloudFlare, rather than complete domain hosted entirely on CloudFlare, which, ironically, included our own support site, support.cloudflare.com. When users point (via CNAME) to a domain instead of providing us with an IP address, our network resolves that name —- and is obviously unable to connect if the DNS provider has issues. (Our status page https://www.cloudflarestatus.com/ is off-network and was unaffected). Then, we were investigating why only certain domains were having issues—was the issue with the upstream DNS? Testing whether their domains were resolvable Continue reading

Instagram bumps up photo resolution to 1080 pixels

Instagram is increasing the size of pictures users of its mobile app are allowed to post, finally opening the door of the photo sharing service to much more detailed images.The iOS and Android apps are gradually being updated to store and display photos that are 1080 pixels by 1080 pixels in size, an Instagram spokeswoman said Monday, adding that most users should already have this update. She declined to comment on when Instagram began rolling out the update and when it expects to finish.The spokeswoman also declined to comment if the resolution improvement will also be available in the version of the service accessed via desktop browsers.To read this article in full or to leave a comment, please click here

Microsoft’s new Tossup app tries to simplify getting friends together

Tossup, a new Microsoft app for Android and iOS, aims to make it easier for users to poll their friends and get together.Tossup lets people create quick polls and share them with their friends. The polls can be simple, consisting of a single yes or no question, or they can be more detailed, for example providing a list of local businesses to choose from for a meeting. After creating a poll, users are prompted to send it out to their friends as a link either via text message or email. After that, the people invited can answer the poll questions inside the app and add comments.To read this article in full or to leave a comment, please click here

1 3,417 3,418 3,419 3,420 3,421 3,851