Like Google in Vietnam, Lenovo tripped up by a DNS attack

The redirection of both Lenovo’s website and Google’s main search page for Vietnam this week highlights weaknesses with the Internet’s addressing system.On Wednesday, visitors to lenovo.com were greeted with what appeared to be webcam images of a bored young man sitting in a bedroom, and the song “Breaking Free” from an old Disney movie. On Monday, Google’s site for Vietnam also briefly redirected people to another website.Both Google and Lenovo were victims of “domain hijacking,” a type of attack against the Domain Name System (DNS), which translates domain names into IP addresses that can be called into a browser.To read this article in full or to leave a comment, please click here

Enforce Web Policy with HTTP Strict Transport Security (HSTS)

HTTP Strict Transport Security (HSTS, RFC 6797) is a web security policy technology designed to help secure HTTPS web servers against downgrade attacks. HSTS is a powerful technology which is not yet widely adopted. CloudFlare aims to change this.

Downgrade attacks (also known as SSL stripping attacks) are a serious threat to web applications. This type of attack is a form of man-in-the-middle attack in which an attacker can redirect web browsers from a correctly configured HTTPS web server to an attacker controlled server. Once the attacker has successfully redirected a user, user data, including cookies, can be compromised. Unfortunately, this attack is outside the realm of pure SSL to prevent. This is why HSTS was created.

These attacks are very real: many major websites have been attacked through SSL stripping. They are a particularly powerful attack against otherwise well secured sites, as they bypass the protections of SSL.

HSTS headers consists of an HTTP header with several parameters -- including a configurable duration for client web browsers to cache and continue to enforce policy even if the site itself changes. Through CloudFlare, it is easy to configure on a per-domain basis with standard settings.

HSTS causes compliant browsers Continue reading

Zuckerberg to hold public Facebook Q&A in Barcelona

Facebook CEO Mark Zuckerberg is likely to reveal more of the company’s plans to bring underserved parts of the world online when he holds Facebook’s fourth public Q&A next Wednesday in Barcelona.The event will be held 6 p.m. Barcelona time (that’s 9 a.m. Pacific time in the U.S.), during the Mobile World Congress tech trade show in the same city. Zuckerberg is set to share updates about Facebook’s Internet.org project for connecting more of the world during an appearance at the show on Monday. He may expand on those comments in Wednesday’s Q&A.In addition to fielding questions from a live audience, Zuckerberg will answer some of the most popular questions posted online. Questions can be submitted online in the lead-up to the event, which will be streamed live.To read this article in full or to leave a comment, please click here

Initial Post with GitHub and Jekyll

Programmatic Access to CLI Devices with TextFSM

One of the harder things to do when it comes to network automation is work with the majority of the install base that exists out there. This is true even if we focus purely on data extraction, i.e. issuing show commands and getting the results in an automated fashion. The reason for this is that most devices do not support returning structured data in formats such as JSON or XML, and this often times makes automation a non-starter for network engineers.

Traditionally, SSH is used to connect to a network device, issue a command, and dump plain text results back to the user. This leaves the user with the task of parsing through raw text and probably working with a library built for working with regular expressions, e.g. re for Python. If you make it this far, you become an expert in using expressions like this: ([A-Z])w+. And that’s not even a hard one! Regex party, anyone? I’ll pass.

TextFSM to the Rescue

What if there was a way to simplify the process of getting structured data out of the raw text a network device responds with? As luck would have it, there is definitely a better way. Continue reading

Hyperglance: Visualising ALL of your IT infrastructure

In this modern world where the whole IT industry is pondering what the next steps, trends and operational requirements will be, one thing is sure, we’re in an era of collaboration and integration.
We’ve been through learning curves around converged network fabrics, traditional silo based approaches encroaching on each other and managerial headaches of rapidly deploying new enterprise and webscale applications. Cloud is now a domestic term and the IT industry seeks new cooler ways of delivering technology. Container popularity is rapidly rising and the ‘Internet of Things (IoT)’ is now becoming a real world thing as opposed to a ‘it will happen folks!’ statement.
Winding back to the opening statements, with a system comprised of physical tin, hypervisors, container providers, microservices, machine-to-machine communication, mobile end points, block and blob storage, even if this sat with one vendor it’s a complex set of mush. Throw in ten different vendors, a mashup of APIs and operational territory problems, we have a real problem.

I’m a human – not a machine!

All the recent Hollywood blockbusters focus on human efforts to generate realistic and complex AI (artificial intelligence), but how about humans trying to manage already complex systems? Every vendor and Continue reading

Lenovo website hacked in wake of Superfish debacle

Lenovo’s website appeared to have been hacked Wednesday, possibly in retaliation for a piece of adware it installed on PCs that was found to have opened up a security hole.Early Wednesday afternoon Pacific time, some visitors to lenovo.com were greeted what looked like webcam images of a bored teenager sitting in a bedroom, and the song “Breaking Free” from an old Disney movie.The source code for the webpage includes the line: “The new and improved rebranded Lenovo website featuring Ryan King and Rory Andrew Godfrey,” who have reportedly been connected to the hacker group Lizard Squad.Lenovo didn’t immediately respond to a request for comment.To read this article in full or to leave a comment, please click here

Report: HP to buy Aruba for wireless tech

REUTERS/Stephen Lam HP's Meg Whitman HP is in talks to purchase Aruba Networks, with an eye toward acquiring that company’s wireless networking infrastructure technology, according to a report published today by Bloomberg News.Citing anonymous sources, Bloomberg said the deal could be announced as early as next week, though neither HP nor Aruba would comment on the record. The news agency said that analysts’ estimates suggested that Aruba’s sales are growing fast – with the company poised to break the $1 billion-a-year barrier by 2017.To read this article in full or to leave a comment, please click here

Google pushes Android devices into the enterprise

Google is working to push more Android-based devices into the enterprise.The company today announced a new program called Android for Work, which is designed to encourage and enable businesses to bring more devices onboard by adding security and more manageability to the Android platform."For many, these phones have become essential tools to help us complete important work tasks like checking email, editing documents, reviewing sales pipelines and approving deals," wrote Rajen Sheth, Google's director of product management for Android and Chrome for Work, in a blog post . "But for the majority of workers, smartphones and tablets are underutilized in the workplace. Their business and innovation potential remain largely untapped."To read this article in full or to leave a comment, please click here

Share your Expertise – Become an INE Instructor!

Do you think you have what it takes to become a featured instructor at INE? We are looking for talented individuals to propose and execute new courses across multiple domains including: networking, programming, systems administration, and security. If you’re an expert in any of these domains, or related topics, then it’s time to share your knowledge with the world! Speak a language other than English? That’s great! We’re open to ideas for courses in different languages.

Click here for more information and to submit an application.

Not interested in becoming an instructor but have some ideas for content you’d like to see us cover? Drop us a line at [email protected].

DARPA wants advanced sensors to watch over growing hot spot: The Artic

The Artic Circle pretty much has been a damn cold, desolate place but no so anymore what with the military’s increased attention and commercial growing prospects.Those are the main reasons the Defense Advanced Research Projects Agency cites for wanting to build an advanced generation of sensors capable of transmitting data on air, surface and/or undersea activities above the Arctic Circle for at least 30 days.+More on Network World: World’s coolest gas stations+To read this article in full or to leave a comment, please click here

Ex-Facebook engineer launches startup to tackle server management

One of the founders of Facebook’s Open Compute Project has launched a new company that aims to cut the cost of running data centers using “community-based analytics.”Coolan announced a beta version of its first product on Wednesday, a service that collects and aggregates data about its customers’ server environments and uses it to predict failures, prevent outages and allow companies to benchmark themselves against peers.The company was cofounded by Amir Michael, a former Facebook engineer who led development of the Open Compute Project’s first server designs. That group aims to give customers more control over how their equipment gets designed and built, and Coolan aims to have a similar empowering effect.To read this article in full or to leave a comment, please click here

Apple ordered to pay Texas company $532.9 million after losing patent case

Apple has been ordered to pay US$532.9 million after a U.S. jury found that its iTunes software infringed three patents owned by Smartflash, a Texas-based technology licensing company.That figure is less than the $852 million that Smartflash was seeking, but is still a blow to Apple. Smartflash said it was entitled to a percentage of sales from Apple devices like Mac computers, iPhones and iPads that were used to access iTunes.Apple tried to have the case thrown out, saying that it never used Smartflash's technology. Apple also argued the patents in question are invalid because previous patented innovations from other companies covered the same technology.To read this article in full or to leave a comment, please click here

Broadband advocates urge Republicans to overturn FCC on net neutrality

The U.S. Congress should pass net neutrality legislation that overturns proposed rules at the Federal Communications Commission so that the protections survive over the long term, some opponents of the FCC approach said.With the FCC scheduled to vote on new net neutrality rules in less than 24 hours, broadband advocates at a House of Representatives hearing Wednesday told Republican lawmakers they should move forward with plans to pass their own rules.FCC rules without congressional action on net neutrality could open up the regulations to a court challenge or repeal by a future FCC, said Rick Boucher, a former Democratic congressman who is now honorary chairman of the Internet Innovation Alliance, a broadband advocacy group. Long-lasting net neutrality rules are needed, he told members of the House Energy and Commerce Committee.To read this article in full or to leave a comment, please click here

Europol and security vendors disrupt massive Ramnit botnet

European law enforcement agencies seized command-and-control servers used by Ramnit, a malware program that steals online banking credentials, FTP passwords, session cookies and personal files from victims.Ramnit started out in 2010 as a computer worm capable of infecting EXE, DLL, HTM, and HTML files. However, over time it evolved into an information-stealing Trojan that’s distributed in a variety of ways.Ramnit is capable of hijacking online banking sessions, stealing session cookies which can then be used to access accounts on various sites, copying sensitive files from hard drives, giving attackers remote access to infected computers and more.To read this article in full or to leave a comment, please click here

IDG Contributor Network: New, faster wireless network to be built

As recently as a week ago, in a February 17th, 2015, Financial Times newspaper article, investor analysts were speculating as to just what U.S. satellite TV company Dish was going to do with its massive hoard of unused, cached mobile-suitable spectrum that it's been accumulating over the years.Well, we might have just learned the answer. Artemis Networks, a wireless startup, has reached a deal to lease some of that spectrum, for a while, in San Francisco. It wants to use it to experiment with its unusual pCell technology.To read this article in full or to leave a comment, please click here

IDG Contributor Network: New, faster wireless network to be built

As recently as a week ago, in a February 17th, 2015, Financial Times newspaper article, investor analysts were speculating as to just what U.S. satellite TV company Dish was going to do with its massive hoard of unused, cached mobile-suitable spectrum that it's been accumulating over the years.Well, we might have just learned the answer. Artemis Networks, a wireless startup, has reached a deal to lease some of that spectrum, for a while, in San Francisco. It wants to use it to experiment with its unusual pCell technology.To read this article in full or to leave a comment, please click here

Facebook fixed 61 high-severity flaws last year through its bug bounty program

As a result of reports received through its bug bounty program Facebook confirmed and fixed 61 high-severity vulnerabilities last year, almost 50 percent more than in 2013.Since 2011, the company has been paying monetary rewards to researchers who report flaws that could compromise the integrity or privacy of user data or could enable access to systems within its infrastructure.While the minimum reward is US$500, there is no upper limit. The company decides how much to pay depending on a bug’s severity and sophistication. The program doesn’t cover only the facebook.com site and related services, but also other products that Facebook created or acquired, like Instagram, Parse, Onavo, Oculus, Moves and osquery.To read this article in full or to leave a comment, please click here

MIT researchers building chips to prevent leaky Internet of Things

MIT researchers this week are demonstrating a design for new radio chips that could be used to efficiently power the Internet of Things.The researchers, led by MIT Professor in Electrical Engineering Anantha Chandrakasan, are presenting their work at the IEEE International Solid-State Circuits Conference in San Francisco, where the show theme is "Silicon Systems -- Small Chips for Big Data." The MIT paper is titled "A +10dBm 2.4GHz Transmitter with sub-400pW Leakage and 43.7% System Efficiency."MORE: Internet of Things to bring new economic boomTo read this article in full or to leave a comment, please click here

OpenStack Board Member Rob Hirschfeld on the impact of DevOps, SDN, Docker & more

I recently had the great pleasure to sit down with community-elected OpenStack board member and Crowbar co-creator, Rob Hirschfeld. Rob shared awesome nuggets of wisdom on data center and cloud operations. You can view the video and the full transcript below: Art Fewell: Welcome to Open Networking TV. This is the Catch Up, I’m your host Art Fewell. Today we will be catching up with the OpenStack guru, Rob Hirschfeld.To read this article in full or to leave a comment, please click here