Facebook app leaks F8 news about Parse, Messenger, ‘teleportation station’

Facebook’s app for its F8 developer conference stole some of the show’s thunder by sending out, ahead of the event, a notification that revealed what products will most likely be discussed.“F8: Just revealed: Parse of IoT, Messenger as a Platform, and the Teleportation Station,” read the message, which several people posted to Twitter. The two-day conference starts Wednesday morning Pacific time.Parse is Facebook’s development platform for creating mobile apps. The message, if correct, implies that Facebook is entering the Internet of Things space, which aims to connect assorted devices to the Web.To read this article in full or to leave a comment, please click here

How financial service firms use big data to meet business goals

Most financial service firms, which includes banking and insurance companies, are engaged in a big data project to increase the pace of innovation and uncover game-changing business outcomes. The pressing challenge now is how to drive more continuous value and unearth opportunities more rapidly. 

No matter where you might be in your big data journey, the following three-step approach to integrating big data into an analytics strategy can lead to success: 

Step One: Outline business objectives and outcomes

To drive continuous and transformational improvements through big data-driven analytics projects, business units – IT, marketing, risk, compliance or finance, for example – should agree on and outline a mutually beneficial business objective. For instance, driving a better customer experience or improving customer value management. While developing the common objective, financial services firms should also determine the aligned and desired outcomes, such as decreasing fraud and offering more personalized services to customers in real-time.

To read this article in full or to leave a comment, please click here

Microsoft blacklists latest rogue SSL certificates, Mozilla mulls sanctions for issuer

Microsoft has blacklisted a subordinate CA certificate that was wrongfully used to issue SSL certificates for several Google websites. The action will prevent those certificates from being used in Google website spoofing attacks against Internet Explorer users.Microsoft’s move, taken on Tuesday, came after Google reported that the China Internet Network Information Center (CNNIC), a certificate authority (CA) trusted by most browsers and operating systems, issued an intermediate certificate to an Egyptian company called MCS Holdings. The company then used it to generate SSL certificates for Google-owned websites without authorization.To read this article in full or to leave a comment, please click here

Apple database acquisition could help improve performance of its services

Apple has reportedly acquired database company FoundationDB, a move that would allow the company to improve the underpinnings of its existing services and also lay the groundwork for an Internet of Things (IoT) expansion.Asked to confirm the deal, first reported by TechCrunch, Apple responded by saying that it from time to time buys smaller companies but doesn’t discuss its plans. On its part, FoundationDB said that it will no longer offer downloads of its database, and that “we have made the decision to evolve our company mission.”Apple could use FoundationDB’s technology to improve the performance of its own infrastructure. The reported acquisition comes just a couple of months after FoundationDB announced a major upgrade of its flagship NoSQL database. The database was redesigned to handle millions of random writes per second and make it a better fit for IoT systems.To read this article in full or to leave a comment, please click here

MX with enhanced SCB2 – cards not coming online

We just installed an MX in the lab for a customer type-approval test (TAT) and none of the cards came online. 

The output of “show chassis hardware” showed that there were FPCs installed, but not the MICs that were in them:

[email protected]> show chassis hardware
Hardware inventory:
Item             Version  Part number  Serial number     Description
Chassis                                JN1249BDBAFA      MX960
Midplane         REV 04   750-047849   ACRD2400          Enhanced MX960 Backplane
FPM Board        REV 03   710-014974   CADE9287          Front Panel Display
PDM              Rev 03   740-013110   QCS181650BM       Power Distribution Module
PEM 0            Rev 11   740-027760   QCS1806N0MP       PS 4.1kW; 200-240V AC in
PEM 1            Rev 11   740-027760   QCS1806N0SK       PS 4.1kW; 200-240V AC in
PEM 2            Rev 11   740-027760   QCS1806N07S       PS 4.1kW; 200-240V AC in
PEM 3            Rev 11   740-027760   QCS1812N02D       PS 4.1kW; 200-240V AC in
Routing Engine 0 REV 01   740-051822   9013061577        RE-S-1800x4
Routing Engine 1 REV 01   740-051822   9013056762        RE-S-1800x4
CB 0             REV 01   750-055976   CACX9090          Enhanced MX SCB 2
CB 1             REV 01   750-055976   CACZ4497          Enhanced MX SCB 2
CB 2             REV 01   750-055976   CADA1721          Enhanced MX SCB 2
FPC 0            REV 05   750-044444   CAAM5562          MPCE Type 2 3D P
  CPU
FPC 1            REV 35   750-028467   CAAP9738          MPC 3D 16x  Continue reading

Zero day, Web browser vulnerabilities spike in 2014

The number of zero-day and Web browser vulnerabilities shot up in 2014, but overall software vendors are patching faster.The data comes from Secunia, a Danish security vendor that releases an annual study of trends in software vulnerabilities, which are used by hackers to compromise computers.Zero-day vulnerabilities—which are software flaws actively being used by attackers when publicly disclosed—rose from 14 in 2013 to 25 last year. Those type of flaws are among the most dangerous and prized by attackers since patches aren’t available from vendors.Flaws in Web browser software increased to 1,035 in 2014, up from 728 the prior year, according to Secunia’s report.To read this article in full or to leave a comment, please click here

Availability Zones in Overlay Virtual Networks

Amazon Web Services was (AFAIK) one of the first products that introduced availability zones – islands of infrastructure that are isolated enough from each other to stop the propagation of failure or outage across their boundaries.

Not surprisingly, multiple availability zones shouldn’t rely on a central controller (as Amazon found out a few years back), and there are only few SDN controller vendors that are flexible enough to meet this requirement. For more details, watch the free Availability Zones video on my web site (part of Scaling Overlay Virtual Networking webinar).

Watch the video

The Upload: Your tech news briefing for Wednesday, March 25

Google wants to let you pay bills inside GmailGoogle has a project in the works to let Gmail users not only receive bills but pay them from within the mail service, re/code reports. The news site viewed details of the project, called Pony Express, and said it is scheduled to start in the fourth quarter.Microsoft packages Azure for Web and mobile developersMicrosoft brought out an integrated set of Azure-based services on Tuesday that are meant to ease the process of developing applications that run in the cloud. The new Azure App Service could help organizations build Web applications or mobile applications that connect to a variety of data sources that reside in the cloud or in internal IT systems.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Wednesday, March 25

Google wants to let you pay bills inside GmailGoogle has a project in the works to let Gmail users not only receive bills but pay them from within the mail service, re/code reports. The news site viewed details of the project, called Pony Express, and said it is scheduled to start in the fourth quarter.Microsoft packages Azure for Web and mobile developersMicrosoft brought out an integrated set of Azure-based services on Tuesday that are meant to ease the process of developing applications that run in the cloud. The new Azure App Service could help organizations build Web applications or mobile applications that connect to a variety of data sources that reside in the cloud or in internal IT systems.To read this article in full or to leave a comment, please click here

9 compelling reasons to keep your old PC instead of upgrading

The grass isn't always greenerFew can withstand the siren song of the latest and greatest gear, the deep allure of a new and shiny gadget—but that doesn’t mean that tossing your old computer in the trash and picking up a fresh PC is necessarily a smart idea.While gamers and hardcore video editors always stand to gain extra performance out of fresh firepower, more casual users might be better off saving their cash and sticking with the PC you already own. Here’s why.To read this article in full or to leave a comment, please click here

Review: 7 excellent mobile app builders

Over the last six months, I’ve been examining and testing a variety of mobile app builders and mobile back ends. In some cases, the app builders and back ends were part of a single product. In other cases, the app builders or back ends stood on their own.In this roundup, I’ll summarize seven products that are at least partially a mobile app builder. Some have IDEs that run locally on your computer; others give you a Web IDE that lives in the cloud. Some are aimed at enterprise development, others at individual developers or even students.To read this article in full or to leave a comment, please click here

Various SSL errors while using VMware Web Client or vClient

Many errors can occur while using a misconfigured client. Below you can find the errors I found. Opening console from Web Client   SSL verification failure for "vcenter1.example.com" due to a host thumbprint mismatch: stored thumbprint "8d:29:ae:69:87:e5:cc:a0:ff:01:51:25:84:8a:b4:d3:b5:a3:55:33" does not match certificate thumbprint "5B:E9:36:23:44:F0:4D:E5:6A:F3:7E:BC:4F:FE:9D:0D:93:64:03:E0". Opening console from vClient Unable to connect to the MKS: Login (username/password) incorrect. […]

Kubernetes – Notable changes since my first build

During my latest Kubernetes lab rebuild, I noticed some significant differences in the some functions of Kubernetes cluster.  I’ve done my best to go back and update the previous blog posts with notes and pointers to make this clear.  However – going forward please consider my GitHub Salt repo as the ‘source of truth’ for the Kubernetes configuration files and current build process.   I’ll be updating that regularly as I continue to optimize the Salt config and add onto the Kubernetes configuration.  A couple of big hitters I want to call out as differences between my initial build and this one…

cAdvisor is now part of kubelet
That’s right!  We no longer need to have a separate manifest and container for cAdvisor.  We can see that any host running the kubelet process is exposing port 4194…

image 
And sure enough…

image

kube-proxy and kubelet no longer use etcd
In my first build, both the kubelet and kube-proxy service relied on talking directly to etcd to interact with the cluster.  The associated configs looked like…

image 
The newest systemd service configuration looks like this…

image

So what’s happened here is the cluster communication has moved to Continue reading

x86 is a high-level language

Just so you know, x86 machine-code is now a "high-level" language. What instructions say, and what they do, are very different things.

I mention this because of those commenting on this post on OpenSSL's "constant-time" calculations, designed to avoid revealing secrets due to variations in compute time. The major comment is that it's hard to do this perfectly in C. My response is that it's hard to do this even in x86 machine code.

Consider registers, for example. Everyone knows that the 32-bit x86 was limited to 8 registers, while 64-bit expanded that to 16 registers. This isn't actually true. The latest Intel processors have 168 registers. The name of the register in x86 code is really just a variable name, similar to how variables work in high-level languages.

So many registers are needed because the processor has 300 instructions "in flight" at any point in time in various stages of execution. It rearranges these instructions, executing them out-of-order. Everyone knows that processors can execute things slightly out-of-order, but that's understated. Today's processors are massively out-of-order.

Consider the traditional branch pair of a CMP (compare) followed by a JMPcc (conditional jump). While this is defined as two separate instructions as Continue reading

How to update a GitHub pull request (PR)

So what happens when you submit a PR, but then you want to change it?  After reviewing my proposed changes from my last post, it was decided that I should take a different approach.  The changes I needed to make weren’t substantial, and were in the same spirit as the initial PR, so I decided that updating made more sense then starting over.  All you have to do is update the code and push another commit to the branch.  Let’s assume we’ve made the changes we want to our code again.  Let’s verify that Git sees these updates…

image 
Yep – Looks good so far.  Now we need to add these files to the commit just like last time…

git add .

image 
So now the files are ready to be committed, let’s go ahead and make a commit…

git commit -m "Updated the ENV variables and the way they are set"

image 
Perfect – So now let’s check and see if our remote (GitHub) is still defined…

image 
All looking good – So now all we need to do is push the commit…

git push -u origin fluentd-elasticsearch-kibanafix

image

Let’s go check out our PR Continue reading

Android flaw puts personal data at risk for millions

Nearly half of Android devices are vulnerable to an attack that could replace a legitimate app with malicious software that can collect sensitive data from a phone.Google, Samsung and Amazon have released patches for their devices, but 49.5 percent of Android users are still vulnerable, according to Palo Alto Networks, which discovered the problem. Google said it has not detected attempts to exploit the flaw.A malicious application installed using the vulnerability, called “Android Installer Hijacking,” would have full access to a device, including data such as usernames and passwords, wrote Zhi Xu, a senior staff engineer with Palo Alto.To read this article in full or to leave a comment, please click here

Stanford breakthrough could make better chips cheaper

Researchers at Stanford University have come up with a new way to make chips and solar panels using gallium arsenide, a semiconductor that beats silicon in several important areas but is typically too expensive for widespread use.For several decades, silicon has been the go-to semiconductor for electronics. It’s abundant and cheap, and manufacturing processes are well understood, but it’s not always the best choice.Electrons move faster through gallium arsenide than through silicon, which makes it better suited for chips handling data at very high speeds or high-frequency radio signals. Solar panels based on gallium arsenide are more efficient than silicon panels at converting light to electricity.To read this article in full or to leave a comment, please click here

Google said to prep billing payment service for Gmail

Google reportedly is creating a service to let people pay their bills from their Gmail accounts.The service, currently dubbed Pony Express, would ask users to provide personal information, including credit card and Social Security numbers, to a third-party company that would verify their identity, according to a Re/code report on Tuesday.Google also would work with vendors that distribute bills on behalf of service providers like insurance companies, telecom carriers and utilities, according to the article, which was based on a document seen by Re/code that describes the service.To read this article in full or to leave a comment, please click here

1 3,424 3,425 3,426 3,427 3,428 3,696