Flaw in Realtek SDK for wireless chipsets exposes routers to hacking

The software that controls wireless networking chipsets made by Realtek Semiconductor contains a critical vulnerability that could allow attackers to compromise home routers.The flaw exists in a firmware component called miniigd that’s present in router models based on Realtek chipsets. The component is part of the software development kit (SDK) for RTL81xxx chipsets that Realtek provides to router manufacturers.The vulnerability was discovered by Ricky Lawshae, a researcher with Hewlett-Packard’s TippingPoint Digital Vaccine Labs (DVLabs) which runs the well-known Zero-Day Initiative (ZDI) bug bounty program.“An attacker could leverage this vulnerability to execute code with root privileges,” the ZDI team said in an advisory published Friday. Exploitation does not require authentication, it said.To read this article in full or to leave a comment, please click here

Ham radio attempts to fill communication gaps in Nepal rescue effort

Amateur radio has stepped in to fill communication gaps in Nepal, which is struggling with power outages and a flaky Internet after a devastating earthquake on Saturday killed over 5,000 people.The hobbyist radio operators, also known as ham radio operators or hams, are working round-the-clock to help people get in touch with relatives, pass on information and alert about developing crises ever since the 7.8 magnitude earthquake hit about 80 kilometers from Nepal’s capital city of Kathmandu.Ham radio sends voice or morse code messages across radio frequencies and has often helped in emergencies. It can work off solar power or low-voltage batteries, which means that the radios can continue to work even after smartphones and laptops are discharged, said Jayu Bhide, National Coordinator for Disaster Communication at the Amateur Radio Society of India, on Wednesday.To read this article in full or to leave a comment, please click here

Pebble seeks to tap the Chinese market

Pebble hopes to replicate in China the success it has had in the U.S., by working to build a fanbase for its smartwatches.Three years ago, Pebble’s first product launched on Kickstarter as a crowdfunded project that initially raised over US$10 million from thousands of backers.“We have always had a tight relationship with the people using the product, and our intention is to continue that in China,” said Eric Migicovsky, Pebble’s CEO in an interview on Wednesday.The Silicon Valley startup is still in the early stages of tapping the country’s market, and only a month ago it upgraded its software to support Chinese language characters. It also began offering its smartwatches as a crowdfunding campaign on local e-commerce site JD.com that managed to rake in almost 300,000 yuan ($49,000) from 1,400 supporters earlier in April.To read this article in full or to leave a comment, please click here

Samsung regains number one position in smartphone market

Samsung Electronics regained the number one position in the smartphone market in the first quarter, but its market share dropped to 24 percent from 31 percent a year earlier, according to a research firm.The South Korean company and its arch rival Apple were tied with shipments of 74.5 million smartphones each in the fourth quarter of 2014, according to Strategy Analytics.The researcher said Tuesday that Samsung had shipped 83.2 million smartphones in the first quarter in comparison to 61.2 million phones from Apple.To read this article in full or to leave a comment, please click here

Samsung profits drop as it faces the iPhone 6

Samsung Electronics registered its sixth straight quarterly decline in profits in the first three months of this year as competition bit into its key smartphone and display businesses.The company said net profit during the January to March quarter fell 39 percent on the same period last year to 4.6 trillion won (US$4.3 billion). Revenue was 47 trillion won, down 12 percent, in line with guidance issued earlier in April.Samsung is under fierce pressure in the smartphone sector, where low-cost Chinese rivals are eroding sales at the low-end while Apple is winning customers at the high end.The company doesn’t disclose precise smartphone sales figures, but it said it sold 99 million phones of all types during the quarter. Of those, the share of smartphones was in the “mid 80s percent,” it said in a conference call with investors.To read this article in full or to leave a comment, please click here

Samsung profits drop as it faces the iPhone 6

Samsung Electronics registered its sixth straight quarterly decline in profits in the first three months of this year as competition bit into its key smartphone and display businesses.The company said net profit during the January to March quarter fell 39 percent on the same period last year to 4.6 trillion won (US$4.3 billion). Revenue was 47 trillion won, down 12 percent, in line with guidance issued earlier in April.Samsung is under fierce pressure in the smartphone sector, where low-cost Chinese rivals are eroding sales at the low-end while Apple is winning customers at the high end.The company doesn’t disclose precise smartphone sales figures, but it said it sold 99 million phones of all types during the quarter. Of those, the share of smartphones was in the “mid 80s percent,” it said in a conference call with investors.To read this article in full or to leave a comment, please click here

HDS big-data tools should help IT, mobile health workers

Hitachi Data Systems is aiming its big-data expertise at health care and enterprise IT departments with specialized products for combining types of information.The company has been expanding beyond its traditional storage business through development and acquisitions in big data in recent years. It bought Avrio and Pantascene last year for public safety video and sensor systems, and this year it has announced acquisitions of SAP services specialist Oxya and business analytics vendor Pentaho.To read this article in full or to leave a comment, please click here

Twitter eyeing Apple to help distribute its tweets

Soon, when you do a search on your iPhone for someone’s contact info, a recent tweet from them might also pop up.Twitter is working with Apple to incorporate Twitter content and accounts into Apple’s Spotlight search feature, Twitter CEO Dick Costolo said during the company’s quarterly earnings call on Tuesday. Spotlight search is a feature in Apple’s iOS mobile system, and OS X on Macs, that generates results from content stored on the devices and from other content such as Safari Web results and mail from Apple’s Mail app.Tweets might be next on the list.Costolo did not provide any other details on the status of the talks, beyond saying that such an integration would be geared toward making it easier and quicker to find content on Twitter.To read this article in full or to leave a comment, please click here

Romania, Panama cutting back on spam

Romania and Panama, two of the world’s notable sources of spam, now have fewer computers producing it, according to security vendor Cloudmark.The U.S. remains first in having the most systems blocked by IP address for sending junk mail, though by the percentage of its total IP addresses, it ranks fairly low.Cloudmark, which specializes in providing antispam products to ISPs, said it is blocking 13 percent fewer IP addresses worldwide for sending spam, with notable improvements in a few small countries, according to its first quarterly report for this year. The report covered IPv4 addresses, which are used for the vast majority of Internet traffic.To read this article in full or to leave a comment, please click here

Bill to rein in NSA phone data collection reintroduced

A bipartisan group of U.S. lawmakers has reintroduced legislation aimed at ending the National Security Agency’s bulk collection of telephone records across the country.Four senior members of the House of Representatives Judiciary Committee planned to reintroduce the USA Freedom Act late Tuesday. The House passed a watered-down version of similar legislation in last May, but the Senate failed to act on it before November’s elections.To read this article in full or to leave a comment, please click here

Bill to rein in NSA phone data collection reintroduced

A bipartisan group of U.S. lawmakers has reintroduced legislation aimed at ending the National Security Agency’s bulk collection of telephone records across the country.Four senior members of the House of Representatives Judiciary Committee planned to reintroduce the USA Freedom Act late Tuesday. The House passed a watered-down version of similar legislation in last May, but the Senate failed to act on it before November’s elections.To read this article in full or to leave a comment, please click here

CloudFlare’s New Dashboard

When we started CloudFlare, we thought we were building a service to make websites faster and more secure, and we wanted to make the service as easy and accessible as possible. As a result, we built the CloudFlare interface to put basic functions front and center and designed it to look more like a consumer app than the UI for the powerful network it controlled.

Over time, we realized there was a lot more to CloudFlare. In 2011, we added the concept of Apps, and a myriad of additional performance and security features from Rocket Loader to Railgun were added too. All these additional settings got buried under a lowly gear menu next to each site in a customer's account.

alt

While still easier to navigate than the average enterprise app, using our UI could be a frustrating experience. For instance, imagine you wanted to turn on Rocket Loader for multiple sites. You'd have to go to My Websites, click the gear menu next to one of your domains, navigate to CloudFlare Settings, select the Performance Settings tab, scroll to Rocket Loader, then toggle it on. Then you had to go back to My Websites and repeat the process again for Continue reading

Twitter blames weak sales on lackluster ads, drops forecast

Twitter failed to meet revenue estimates for the first quarter, and is lowering its expectations for the rest of the year, due to weaker than expected performance of some of its ads products, the company said Tuesday.Total sales for the period that ended March 31 were $436 million, Twitter reported, up 74 percent from the previous year. Analysts, however, were expecting sales of roughly $457 million, according to estimates compiled by Thomson Financial Network.The company’s stock plummeted by nearly 20 percent toward the end of trading on Tuesday, to around $42. Twitter typically publishes financial data after markets close, but they appeared online, apparently in error, during the trading session.To read this article in full or to leave a comment, please click here

Twitter blames weak sales on lackluster ads, drops forecast

Twitter failed to meet revenue estimates for the first quarter, and is lowering its expectations for the rest of the year, due to weaker than expected performance of some of its ads products, the company said Tuesday.Total sales for the period that ended March 31 were $436 million, Twitter reported, up 74 percent from the previous year. Analysts, however, were expecting sales of roughly $457 million, according to estimates compiled by Thomson Financial Network.The company’s stock plummeted by nearly 20 percent toward the end of trading on Tuesday, to around $42. Twitter typically publishes financial data after markets close, but they appeared online, apparently in error, during the trading session.To read this article in full or to leave a comment, please click here

DMVPN for IPv6

As you probably already know, every DMVPN network consists of multiple GRE tunnels that are established dynamically. At the beginning, every Spoke in the Cloud is supposed to build a direct tunnel to the Hub. Then, once the Control Plane converges, the Spokes can possibly build tunnels with other DMVPN device(s), of course assuming that our DMVPN deployment (aka “Phase”) allows for that. 

In most cases DMVPN tunnels will be deployed over an IPv4 backbone, interconnecting different sites running IPv4. But since GRE is a multi-protocol tunneling mechanism, we can use it to carry different protocol traffic, like for example IPv6. Frankly, in the newer versions of IOS code you could even change the underlying transport from IPv4 to IPv6. This basically means that you can use an IPv4 OR IPv6 network to tunnel IPv4 OR IPv6 traffic.

In this particular article I am going to discuss a scenario in which the Transport/NBMA network (“Underlay”) uses IPv4 addresses, but the goal will be to use the DMVPN to interconnect sites enabled only for IPv6.

As you can see from the topology below, our private sites are configured with prefixes starting with 2192:1:X::/64, and the VPN (“Overlay”) subnet used is Continue reading

The LG G4 smartphone wins on flexibility, loses on design

LG Electronics’ G4 is a high-end smartphone with a removable battery and a microSD card slot, but its design falls short when compared with other expensive devices.Last year, LG had a hit with the G3, thanks to its high-resolution screen and aggressive pricing, but the company may have trouble replicating that success with the G4, announced on Tuesday.The phone has a 5.5-inch, 1440 by 2560 pixel screen and a Qualcomm Snapdragon 808 processor, which isn’t as powerful as the Snapdragon 810. LG thinks the Snapdragon 808 offers a better balance between performance and power efficiency. The G4 feels fast enough, so the company might be on to something, and the screen looks impressive.To read this article in full or to leave a comment, please click here

Musing: Generalist to Specialist and Back Again

Recently I’ve been musing on IT Generalists vs Specialists. We used to have more generalist roles, covering all parts of the stack. ITIL then pushed us towards greater specialisation. I believe that we’ve gone back to valuing the Generalist, as the person who can glue components together. Will the pendulum swing again?

Generalists: Soup-to-Nuts

When I started working in IT, our roles were more generalist in nature. We did everything. To set up a new app, we racked the servers and switches, installed the OS, configured the network, installed the DB & application, and made it all work.

We weren’t specialists in any one area, but we knew how everything fitted together. So if something broke, we could probably figure it out. If we had to investigate a problem, we could follow it through all layers of the stack. When we found the problem, we had license to fix it.

ITIL takes over: Specialisation

Sometime around the early-mid 2000s the “ITIL Consultants” moved in. Their talk of structure, processes and SLAs seduced senior management. We couldn’t just have people who Got Shit Done. No, everyone needed to be placed in a box, with formal definitions around what they could & Continue reading

1 3,448 3,449 3,450 3,451 3,452 3,773