The Upload: Your tech news briefing for Thursday, April 2

Obama authorizes sanctions against hackersThe White House has added another weapon to the U.S. government’s arsenal in its fight against hackers, with an executive order signed by President Obama authorizing sanctions against hackers who harm critical infrastructure, or expose personal information and trade secrets. The order allows the government to block a person or organization’s access to U.S. financial institutions and any property they have in the country.Facebook Riffs on Snapchat with video appTo read this article in full or to leave a comment, please click here

Smart home hacking is easier than you think

Last March, a very satisfied user of the Honeywell Wi-Fi Thermostat left a product review on Amazon.com that shed some light on an unexpected benefit of the smart home – revenge.The reviewer wrote that his wife had left him, and then moved her new lover into the home they once shared, which now featured the Honeywell Wi-Fi thermostat. The jilted ex-husband could still control the thermostat through the mobile app installed on his smartphone, so he used it to make the new couple's lives a little less happily ever after:To read this article in full or to leave a comment, please click here

Chinese Internet authority clashes with Google over digital certificates

A Chinese Internet administrator blasted Google on Thursday, after the U.S. search giant decided to stop recognizing digital certificates issued by the group following a security lapse.“The decision that Google has made is unacceptable and unintelligible,” China’s Internet Network Information Center (CNNIC) said in an online posting.Google’s decision means that its Chrome browser could end up clashing with sites served by the Chinese Internet agency.On Wednesday, Google explained the move in an update to an earlier blog posting. The company is still concerned by the way CNNIC issued a certificate to an IT company based in Egypt that misused it in a botched security test.To read this article in full or to leave a comment, please click here

Chinese Internet authority clashes with Google over digital certificates

A Chinese Internet administrator blasted Google on Thursday, after the U.S. search giant decided to stop recognizing digital certificates issued by the group following a security lapse.“The decision that Google has made is unacceptable and unintelligible,” China’s Internet Network Information Center (CNNIC) said in an online posting.Google’s decision means that its Chrome browser could end up clashing with sites served by the Chinese Internet agency.On Wednesday, Google explained the move in an update to an earlier blog posting. The company is still concerned by the way CNNIC issued a certificate to an IT company based in Egypt that misused it in a botched security test.To read this article in full or to leave a comment, please click here

The day the first iPad arrived

April 3, 2010Image by REUTERS/Robert GalbraithTablets had always flopped so there was no shortage of naysayers pooh-poohing Apple’s new iPad when the first model was delivered to homes and made available in stores on April 3, 2010. While sales growth has slowed recently, the naysayers could not possibly have been more wrong. Here are some images from the iPad’s debut day.To read this article in full or to leave a comment, please click here

Texas wants RadioShack to specify what customer information would be for sale

The dispute between U.S. states and RadioShack over the sale of customer information continues, with the state of Texas requesting a bankruptcy court to ask RadioShack to specify in any motion for sale what information would be included and the number of people likely to be affected.Texas Attorney General Ken Paxton is concerned that although the personally identifiable information (PII) was not sold in a recently concluded auction, in argument and testimony during the sale hearing, RadioShack “has indicated that PII remains available for sale and will likely be sold in the future, attendant to the sale of trademarks and/or intellectual property,” according to a filing Wednesday.To read this article in full or to leave a comment, please click here

Texas wants RadioShack to specify what customer information would be for sale

The dispute between U.S. states and RadioShack over the sale of customer information continues, with the state of Texas requesting a bankruptcy court to ask RadioShack to specify in any motion for sale what information would be included and the number of people likely to be affected.Texas Attorney General Ken Paxton is concerned that although the personally identifiable information (PII) was not sold in a recently concluded auction, in argument and testimony during the sale hearing, RadioShack “has indicated that PII remains available for sale and will likely be sold in the future, attendant to the sale of trademarks and/or intellectual property,” according to a filing Wednesday.To read this article in full or to leave a comment, please click here

Ruckus first to roll out enterprise 802.11ac Wave 2 AP

Ruckus became the first enterprise wireless equipment vendor to roll out an 802.11ac Wave 2 access point today, with the release of the ZoneFlex R710.The R710 features the multi-user MIMO capability characteristic of Wave 2 devices, using what Ruckus calls Beamflex technology – built around antenna polarization – to focus signals directionally, making more efficient use of available bandwidth. The company says the R710 can handle 800Mbps of throughput via the older 2.4GHz frequencies, and 1733Mbps via 5GHz.Analyst and Network World contributor Zeus Kerravala said that the R710 is, in a very real sense, far ahead of its time."There aren't any wave 2 [client] devices expected for at least 18 months," he said. "So they are way early."To read this article in full or to leave a comment, please click here

Salesforce acquires mobile authentication firm Toopher

Salesforce.com has acquired Toopher, the developer of a mobile two-factor authentication app that uses location-awareness.Toopher in Austin, Texas, said on its website that it will no longer sell its current products, but is “thrilled to join Salesforce, where we’ll work on delivering the Toopher vision on a much larger scale as part of the world’s #1 Cloud Platform.”It did not disclose the financial terms of the acquisition.Salesforce spokeswoman Karly Bolton confirmed the purchase but did not provide further details. Toopher’s website is now inaccessible, except for the notice announcing the acquisition.To read this article in full or to leave a comment, please click here

Salesforce acquires mobile authentication firm Toopher

Salesforce.com has acquired Toopher, the developer of a mobile two-factor authentication app that uses location-awareness.Toopher in Austin, Texas, said on its website that it will no longer sell its current products, but is “thrilled to join Salesforce, where we’ll work on delivering the Toopher vision on a much larger scale as part of the world’s #1 Cloud Platform.”It did not disclose the financial terms of the acquisition.Salesforce spokeswoman Karly Bolton confirmed the purchase but did not provide further details. Toopher’s website is now inaccessible, except for the notice announcing the acquisition.To read this article in full or to leave a comment, please click here

Salesforce acquires mobile authentication firm Toopher

Salesforce.com has acquired Toopher, the developer of a mobile two-factor authentication app that uses location-awareness.Toopher in Austin, Texas, said on its website that it will no longer sell its current products, but is “thrilled to join Salesforce, where we’ll work on delivering the Toopher vision on a much larger scale as part of the world’s #1 Cloud Platform.”It did not disclose the financial terms of the acquisition.Salesforce spokeswoman Karly Bolton confirmed the purchase but did not provide further details. Toopher’s website is now inaccessible, except for the notice announcing the acquisition.To read this article in full or to leave a comment, please click here

Big Tap sFlow: Enabling Pervasive Flow-level Visibility


Today's Big Switch Networks webinar, Big Tap sFlow: Enabling Pervasive Flow-level Visibility, describes how Big Switch uses software defined networking (SDN) to control commodity switches and deliver network visibility. The webinar presents a live demonstration showing how real-time sFlow analytics is used to automatically drive SDN actions to provide a "smarter way to find a needle in a haystack."

The video presentation covers the following topics:

  • 0:00 Introduction to Big Tap
  • 7:00 sFlow generation and use cases
  • 12:30 Demonstration of real-time tap triggering based on sFlow

The webinar describes how the network wide monitoring provided by industry standard sFlow instrumentation complements the Big Tap SDN controller's ability to capture and direct packet selected packet streams to visibility tools.

The above slide from the webinar draws an analogy for the role that sFlow plays in targeting the capture network to that of a finderscope, the small, wide-angle telescope used to provide an overview of the sky and guide the telescope to its target. Support for the sFlow measurement standard is built into commodity switch hardware and is enabled on all ports in the capture network to provide a wide angle view of all traffic in the data center. Once Continue reading

Wider use of HTTPS could have prevented attack against GitHub

The unique attack method used to disrupt the code-sharing site GitHub over the last week could have been prevented if more websites enabled encryption, the Electronic Frontier Foundation (EFF) said Wednesday.The attack against GitHub was enabled by someone tampering with regular website traffic to unrelated Chinese websites, all of which used a JavaScript analytics and advertising related tool from Baidu.Somewhere on China’s network perimeter, that analytics code was swapped out for code that transparently sent data traffic to GitHub, at times crippling parts of the popular website, particularly two projects that specialize in anti-censorship tools. It was also particularly insidious since the users whose traffic was modified didn’t know they had been roped into the attack.To read this article in full or to leave a comment, please click here

Logging in Kubernetes with Fluentd and Elasticsearch

image In previous posts, we talked about running skyDNS and Heapster on your Kubernetes cluster.  In this post, I want to talk about the last of the cluster ‘addons’ available today in the Kubernetes repository.  This add on is a combination of Fluentd, Elasticsearch, and Kibana that makes a pretty powerful logging aggregation system on top of your Kubernetes cluster.   One of the major struggles with any large deployment is logging. Having a central place to aggregate logs makes troubleshooting and analysis considerably easier to do.   That being said, let’s jump right into the configuration.

Note: I have an open PR on this addon to make it a little more flexible from a configuration perspective.  Namely, I want to be able to specify the port and protocol used by the API server to access the backend service when using the API server as a service proxy.  That being said, some of my pod/controller definitions will be different from what you see on GitHub.  I’ll point out the differences below when we come across them.

The first step is to have the Kubernetes nodes collect the logs.  This is done with a local Fluentd Continue reading

Pin-pointing China’s attack against GitHub

For the past week, the website "GitHub" has been under attack by China. In this post, I pin-point where the attack is coming from by doing an http-traceroute.

GitHub is a key infrastructure website for the Internet, being the largest host of open-source projects, most famously Linux. (I host my code there). It's also a popular blogging platform.

Among the zillions of projects are https://github.com/greatfire and https://github.com/cn-nytimes. These are mirrors (copies) of the websites http://greatfire.com and http://cn.nytimes.com. GreatFire provides tools for circumventing China's Internet censorship, the NYTimes contains news stories China wants censored.

China blocks the offending websites, but it cannot easily block the GitHub mirrors. It's choices are either to block or allow everything on GitHub. Since GitHub is key infrastructure for open-source, blocking GitHub is not really a viable option.

Therefore, China chose another option, to flood those specific GitHub URLs with traffic in order to pressure GitHub into removing those pages. This is a stupid policy decision, of course, since Americans are quite touchy on the subject and are unlikely to comply with such pressure. It's likely GitHub itself can resolve the issue, as there are a zillion ways to respond. If Continue reading

Is an SDN Switch A New Form of a Firewall?

Many people anticipated that enterprise organizations would adopt Software Defined Network (SDN) technologies later than service providers or multi-tenant data centers and cloud service providers.  We are now seeing more use of Network Functions Virtualization (NFV) within enterprises and some enterprises are starting SDN pilot projects.  As enterprises consider how to utilize SDN technologies in their data center environments, they start to consider what new security capabilities SDN can provide.  SDN switches can drop packets for flows that are not permitted by the controller.  This article explores if SDN switches can behave like a traditional firewall.To read this article in full or to leave a comment, please click here

Techie April Fools’ Day – in pictures

The corporate world is serious businessThe annual scramble for momentary flashes of attention in the public eye has become an undignified, childish reversion to the mean, and a symptom of the terrible harm the Internet has done to the business world and to the media. It is with regret that we begrudgingly direct still more of your dwindling attention span to the following unedifying “pranks,” of which we hereby express our disapproval, our tongues far from our cheeks.To read this article in full or to leave a comment, please click here

Health care industry receives first mobile apps from Apple, IBM

An enterprise mobility partnership between Apple and IBM has yielded more iPhone and iPad apps, including the first ones for the health care industry and industrial production management.Under an agreement announced last July, the two companies develop enterprises mobile apps together, and IBM sells and supports Apple hardware. The first 10 mobile apps debuted in late December and a second batch was released in March. The apps released this week bring the total offered to 22.The four new health care apps are for nurses who work in hospitals and provide home care. Hospital RN replaces a nurse’s pager and phone with an iPhone, and allows them to access a patient’s records. The app uses iBeacon technology to identify patients and displays notifications including status updates on hospital equipment that is offline, backups at the lab and patient requests.To read this article in full or to leave a comment, please click here

1 3,478 3,479 3,480 3,481 3,482 3,762