Docker’s 2nd Birthday Wishes: Q&A with Solomon Hykes, Founder of Docker

Docker turns two this week. To celebrate the incredible contributions of our community in such a short period of time and to continue to support and grow it, we are kicking off our first ever open-source-a-thon. The goal is to … Continued

March Release Notes: Using Auvik just got a whole lot easier — and faster.

We listened to your feedback and redesigned the entire Auvik experience to make the product much simpler to navigate and much faster to

Featured Article: Bringing Data-Driven SDN to the Network Edge

What sort of performance data do you need to make SDN decisions at the network edge?

Telling OpenSSL About Your Root Certificates

OpenSSL Logo

OpenSSL doesn’t come with its own trusted root certificates; you have to tell it where to find them. This should be straightforward – and it is – but Apple have found a way to make it trickier.

Normal *nix Systems

On a normal unix system, openssl is pretty good at locating the root certificates, but it still doesn’t automatically reference them. For example running Ubuntu:

john@ubuntu:~$ openssl s_client -connect www.microsoft.com:443
CONNECTED(00000003)
depth=2 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network,
  OU = "(c) 2006 VeriSign, Inc. - For authorized use only", CN =
  VeriSign Class 3 Public Primary Certification Authority - G5
verify error:num=20:unable to get local issuer certificate
verify return:0
[...removed for brevity...]
    PSK identity hint: None
    SRP username: None
    Start Time: 1425842365
    Timeout   : 300 (sec)
    Verify return code: 20 (unable to get local issuer certificate)
---

Openssl is unable to validate the Verisign certificate. So where are the trusted root certificates stored? Actually, Openssl will tell us:

john@ubuntu:~$ openssl version -d
OPENSSLDIR: "/usr/lib/ssl"

Add that into the command as the -CApath parameter, and:

john@ubuntu:~$ openssl s_client -CApath /usr/lib/ssl -connect 
  www.microsoft.com:443
CONNECTED(00000003)
depth=3 C = US, O =  Continue reading

Musk needs to tap the brakes a bit

Oh, that Elon Musk. Always saying the most provocative things, such as yesterday when he addressed attendees at a Nvidea conference and suggested that driverless cars will someday bring about a ban on the human-driven kind.“It’s too dangerous,” he said. “You can’t have a person driving a two-ton death machine.” To read this article in full or to leave a comment, please click here

Choosing a Route: Order of Operations

In Cisco IOS packets are forwarded through the router (or Layer 3 switch) by Cisco Express Forwarding (CEF). A data structure called the CEF table contains a list of known IP prefixes and the outgoing interface that packets should be put on in order to get them onwards to their destination. That’s well and good. But how do the IP prefixes make it into the CEF table? To answer that question you have to work backwards and understand the order of operations that IOS goes through in order for a prefix to make it into the CEF table.

The answer to the question of what makes it into the CEF table confused me a bit, particularly when working with complex redistribution schemes. I would end up concentrating so much on admin distance (AD) that I would overlook the other, more important elements that went into determining what went into the CEF table. In order to improve my understanding I came up with this order of operations which helps me not only with redistribution, but in pretty much any situation where I’m trying to do traffic engineering.

You will not find this order of operations on cisco.com or in any Continue reading

Presentation: Automating Network Security

The fantastic Troopers 15 conference is in full swing… and I’m done with the presentations ;) The last talk I had during the conference focused on automating network security. The slides are already online; I’ll add the link to the recording when they upload the videos.

Watch the slides

UK government filing raises fears about misuse of hacking powers

A legal filing by the U.K. government has raised fears that the country’s intelligence service GCHQ is misusing its powers to hack telecommunications companies in other countries.The document was made public by Privacy International and the Chaos Computer Club, both claimants in a lawsuit filed last year against GCHQ over its spying practices. In the filing, which is part of the case, the U.K. government claims it has the right to break into computers anywhere in the world, even if they are not connected to a crime or a threat to national security, the groups said.To read this article in full or to leave a comment, please click here

Broadcom Expands High-End Switching Line

Broadcom's non-Trident switch chips add a few high-end options.

FCC’s net neutrality rules are complex, and that might be a good thing

Last week, the Federal Communications Commission released a 400-page document laying out the official orders for how it plans to regulate net neutrality under Title II common-carrier provisions. Not surprisingly, reactions to the document's specifics immediately separated out along ideological lines, with supporters of the doctrine praising the rules while opponents attacked them for leading to "years of litigation, serious collateral consequences for consumers, and ongoing market uncertainty."Stay flexible, my friendsTo read this article in full or to leave a comment, please click here

Microsoft’s deal with Xiaomi over Windows 10 raises eyebrows

Microsoft could be trying to chip away at Android’s dominance in its deal with Xiaomi to test the new Windows 10 operating system.The U.S. software giant announced Wednesday that select users of Xiaomi’s Android phones will be able to download a Windows 10 Technical Preview to their handsets, and offer feedback to Microsoft. The software giant is creating a custom Windows 10 build that can be loaded on the phones.Xiaomi has said it’s only an “experimental program” and not a commercial partnership.The program will target “power users” already adept at using their devices to install custom Android ROMs, also known as firmware. Following the announcement, Xiaomi’s online forum said it would release the Windows 10 pack soon.To read this article in full or to leave a comment, please click here

US gov’t wants HTTPS on its publicly-accessible sites within two years

Publicly accessible websites and services of U.S. government agencies will have to move to HTTPS encryption within two years to meet the government’s objective that these sites and Web services should be offered over a secure connection.The Hypertext Transfer Protocol Secure offers the strongest privacy protection available for public Web connections with today’s Internet technology, according to a draft proposal released Tuesday by the White House’s Office of Management and Budget.“The use of HTTPS reduces the risk of interception or modification of user interactions with government online services,” it added.To read this article in full or to leave a comment, please click here

Cisco Virtual Router Targets Service Providers This Time

The IOS XRv counters virtual routers from Ericsson and Juniper.

Xiaomi users to test Windows 10 ahead of summer launch

Windows 10 will arrive this summer, and Microsoft is tapping an unlikely partner to help test it: Chinese Android handset maker Xiaomi.To flesh out the upcoming OS, Microsoft is inviting a select group of Xiaomi users to download the Windows 10 Technical Preview to their phone, and offer feedback.It’s a surprising tie-up, given that Xiaomi has had huge success in using Android to sell its phones. Last year, it became China’s leading smartphone vendor, and the company has ambitions to expand globally.Whether this means Xiaomi will explore using Microsoft’s new OS is unclear. In an email, Xiaomi said the testing of Windows 10 was an “experimental program entirely led by Microsoft.” The program will only be confined to “power users” of its flagship phone, the Mi 4.To read this article in full or to leave a comment, please click here

Premera, Anthem data breaches linked by similar hacking tactics

Premera Blue Cross may have been attacked using the same methods employed against its fellow health insurer Anthem, suggesting that a single group may be behind both breaches.Customer data, including bank account and clinical data going back to 2002, may have been compromised in the attack, affecting 11 million people, Premera said Tuesday.It is the largest breach to affect the healthcare industry since Anthem disclosed last month that upwards of 78.4 million records were at risk after hackers accessed one of its databases.Several computer security companies have published data that points to a China-based group known as Deep Panda as a possible source for Anthem’s breach.To read this article in full or to leave a comment, please click here

Hundreds of Android and iOS apps are still vulnerable to FREAK attacks

Hundreds of Android and iOS apps are still vulnerable to a dangerous attack revealed two weeks ago that can compromise encrypted data, a security vendor said Tuesday.The apps have not yet been patched against the FREAK attack, short for Factoring attack on RSA-EXPORT Keys, which was revealed by researchers on March 3.The unpatched apps, which were not identified, are in categories including finance, communication, shopping, business and medicine, computer security company FireEye said in a blog post Tuesday.The findings highlight how even some of the most publicized and severe flaws can take quite a bit of time to get fixed. That poses risks for people using apps whose developers are not quick to patch them.To read this article in full or to leave a comment, please click here

Google Cloud and a Chromebook might be your next contact center

The next time you call customer service, you may get an answer from a Chromebook.The Chromebook won’t answer your questions, but the human who does may be talking through Google’s connected laptop with a headset. And they may be doing so from home.The days of vast in-house contact centers may be numbered now that pure software and VoIP (voice over Internet Protocol) can handle the same tasks dedicated systems used to do. One of the longtime vendors of call centers, Avaya, has started turning to cloud computing for some large enterprise deployments.Now, with an eye on smaller customers, the company is hosting its contact-center software on Google Cloud and letting companies send out Chromebooks to agents who will talk and text with customers.To read this article in full or to leave a comment, please click here

Google Cloud and a Chromebook might be your next contact center

DockerCon 2015 CFP Extended

Thank you to all who have submitted a session for DockerCon so far. We are very excited by the nearly 342 fantastic submissions we’ve received. After our initial call for papers closed on Monday, we received an overwhelming response and … Continued

Choosing a Route: Order of Operations

In Cisco IOS packets are forwarded through the router (or Layer 3 switch) by Cisco Express Forwarding (CEF). A data structure called the CEF table contains a list of known IP prefixes and the outgoing interface that packets should be put on in order to get them onwards to their destination. That's well and good. But how do the IP prefixes make it into the CEF table? To answer that question you have to work backwards and understand the order of operations that IOS goes through in order for a prefix to make it into the CEF table.

« Previous 1 … 3,434 3,435 3,436 3,437 3,438 … 3,696 Next »