0

8 Android security tips for IT, corporate users

The security pros interviewed for our article, "Experts bust Android security myths," offered up the following eight Android security tips for IT administrators and users1) Don't root that Android device"To do significant damage in the mobile world, malware needs to act on devices that have been altered at an administrative level," according to Dionisio Zumerle, principal research analyst at Gartner. "The most obvious platform compromises of this nature are 'jailbreaking' on iOS or 'rooting' on Android devices ...To read this article in full or to leave a comment, please click here

0

Huawei launches its own OS for the Internet of Things

China's Huawei Technologies is targeting smart homes, cars, wearables and more with its own operating system, Liteos, intended for the international market.On Wednesday Huawei launched the OS to help third-party vendors break into the emerging Internet of Things space. The whole industry is eyeing opportunities to turn household objects and industrial equipment into connect devices, but the development costs still remain high, according to the Chinese company.INSIDER: 5 ways to prepare for Internet of Things security threats Huawei, however, claims its new "lightweight" OS can streamline the whole process. The Liteos software can be as small as 10 kilobytes in size, and is designed to run on minimal power, making it suitable for a wide range of hardware, including microcontrollers and ARM Cortex embedded processors.To read this article in full or to leave a comment, please click here

0

IT/IT: Data Can’t Lie?

A statistician is someone who can put their head in a hot oven, and their feet in a bucket of ice, and say, “on the average, I feel fine.”

Before we move completely into a world where people are counseled, “use the data, Luke,” disregarding their own beliefs and feelings, we need to have a little discussion. As an example of what we might get wrong, let’s take a look at some interesting problems in the polling from recent elections. According to one article (which happens to have all the numbers conveniently gathered in one place) —

• On May 7th, in an election in Britain, the pre-election polls showed conservatives would win around 280 seats. The exit polls during the election showed the conservatives would win around 316 seats. During the election, conservatives actually won 330 seats.
• In 1992, also in Britain, the pre-election polls showed the conservative and liberal parties in a dead heat. The conservatives actually won by 7.5 points.
• In the recent election in Israel, Likud was predicted, through polling, to win 22 seats. Likud actually won 30 seats.

These aren’t random events — they are repeated time and again in elections through the last Continue reading

0

Congratulations to Roy Lexmond on Passing CCDE Practical Exam !

I am very glad to announce that Roy Lexmond from my April CCDE training class passed his CCDE Practical exam yesterday in France. Below is his success story and here is his earlier feedback for the class. I should say that He really likes the design and open to learn new things and very clever.… Read More »

The post Congratulations to Roy Lexmond on Passing CCDE Practical Exam ! appeared first on Network Design and Architecture.

0

Alcatel-Lucent Launches the Network Services Platform for Carrier SDN

Alcatel-Lucent expands its carrier SDN portfolio with Network Services Platform.

0

The Ansible Basics: Why Automation Matters Today in IT

Your development team has completed weeks of work, delivering their masterpiece-an application-to IT for  deployment, but it doesn’t work.

See, the developers made use of a different port, that now needs to be opened on the firewall so end users can communicate with the software. IT changed the firewall rule, but didn’t tell development, so they never even knew it was an issue. Later, they create another application with the same issue, except this time, it will be deployed in a different environment.

No procedure or policy was created to capture all of the changes necessary to successfully deploy the app, so the same thing happens again. It’s a vicious cycle.

IT departments struggle to manage thousands of configurations and hundreds of applications with everyone working in silos. Teams  who develop the apps frequently are  not on the teams that use them.  Meanwhile, operations teams deploy apps they didn’t write and have to convey to the development team when changes need to be made in order for them to work in this new and foreign-to-development thing called "a production environment".

Sound familiar?

Today’s IT environments are extremely complex. In the past, applications and hardware were closely connected. Apps came from Continue reading

0

First software update for Apple Watch includes security fixes

You might not be used to the idea of a watch endangering your digital life, but you should: Apple’s first update for Watch OS includes 14 security patches, and they’re not trivial.Watch OS 1.0.1, released Tuesday, brings several performance improvements and support for additional languages, but it also fixes 13 vulnerabilities that could enable arbitrary code execution, information disclosure, denial of service, traffic hijacking, privilege escalation and other attacks, and also updates the list of root CA certificates trusted by default on the device.To read this article in full or to leave a comment, please click here

0

The Upload: Your tech news briefing for Wednesday, May 20

U.S. charges six from China with stealing wireless technologyThree men who studied at the University of California and then went on to work at U.S. tech companies are among six Chinese citizens charged with economic espionage by the Department of Justice on Tuesday. The technology that the men allegedly stole from companies that employed two of them, Avago Technologies and Skyworks Solutions, is used in wireless devices to filter out unwanted signals and has both commercial and military applications.To read this article in full or to leave a comment, please click here

0

Verizon (probably) dominates U.S. wireless service providers

The numbers filed with the SEC seem pretty inarguable. Verizon dominates the U.S. wireless carrier industry, both in terms of total subscribers and in a key metric called ARPU, or average revenue per user. AT&T is maintaining its position in second place, Sprint is headed south in a hurry, and T-Mobile is making some un-profits in its new role as the un-carrier, but showing signs of a recovery. But the picture of a leader, a runner-up and two also-rans is more complicated than it seems. A saturated market with fewer new customers to compete for means that the big four’s relative positions in terms of size are increasingly stratified. + ALSO ON NETWORK WORLD: Verizon's acquisition of AOL is a move to disrupt the TV market | Apple, Google urge Obama to reject encryption back doors +To read this article in full or to leave a comment, please click here

0

Verizon (probably) dominates U.S. wireless service providers

The numbers filed with the SEC seem pretty inarguable. Verizon dominates the U.S. wireless carrier industry, both in terms of total subscribers and in a key metric called ARPU, or average revenue per user. AT&T is maintaining its position in second place, Sprint is headed south in a hurry, and T-Mobile is making some un-profits in its new role as the un-carrier, but showing signs of a recovery.But the picture of a leader, a runner-up and two also-rans is more complicated than it seems. A saturated market with fewer new customers to compete for means that the big four’s relative positions in terms of size are increasingly stratified.+ ALSO ON NETWORK WORLD: Verizon's acquisition of AOL is a move to disrupt the TV market | Apple, Google urge Obama to reject encryption back doors +To read this article in full or to leave a comment, please click here

0

Netconf Python ncclient

In my earlier blogs, I had covered basics of Netconf and Yang and how to use Netconf to configure Cisco devices. Recently, I came across this Python ncclient library that simplifies the configuration/monitoring of Networking devices that supports Netconf. Using ncclient library, we can programmatically configure and monitor devices using Netconf. I also found out that … Continue reading Netconf Python ncclient →

0

NFV Terminology and Architecture from ETSI

Well, if you thought SDN introduced a lot of terminology, you’ll love NFV! The good news is that ETSI, which defines NFV, does a great job documenting NFV, with extensive term and acronym lists to support other documents about the details of NFV architecture. Several of the ETSI NFV docs provide some great stepping-stones for understanding the basic concepts and terminology, which is where we’ll go in this post.

This is the last in a related series! The other posts:

• SDN Terms and Architecture from RFC 8426
• SDN Terms and Architecture from ITU Y.3300
• And this post! About ETSI NFV Terms and Architecture

A Brief Big Picture of NFV

One of the challenges with this blog is figuring out how much prior knowledge to assume. If you don’t know much at all about NFV, read this section for a quick intro. Otherwise, skip to the next heading.

Briefly…

Think of every networking device used in the IT world. Those include routers, switches, firewalls, intrusion detection systems, load balancers, and so on. Traditionally, those devices have indeed been devices – purpose built hardware, running some OS that performed the networking function.

While you’re thinking of the old way to network, Continue reading

0

Do We Need NAC and 802.1x?

Another question I got in my Inbox:

What is your opinion on NAC and 802.1x for wired networks? Is there a better way to solve user access control at layer 2? Or is this a poor man's way to avoid network segmentation and internal network firewalls.

Unless you can trust all users (fat chance) or run a network with no access control (unlikely, unless you’re a coffee shop), you need to authenticate the users anyway.

Read more ...

0

Tech companies ask Senate to pass NSA reform bill

Reform Government Surveillance, an organization that represents large technology companies like Google, Apple and Microsoft, on Tuesday pressed the U.S. Senate not to delay reform of National Security Agency surveillance by extending expiring provisions of the Patriot Act.The House of Representatives voted 338-88 last week to approve the USA Freedom Act that would, among other things, stop the controversial bulk collection of phone records of Americans by the NSA, including by placing restrictions on the search terms used to retrieve the records.To read this article in full or to leave a comment, please click here

0

GNS3 Weekly Development Report: May 18th

Three week ago we launched our first weekly development report in an effort to provide the community with increased transparency on what

0

St. Louis Federal Reserve forces password change after DNS attack

A branch of the U.S.’s central bank is forcing a password reset after a cyberattack briefly redirected visitors to parts of its website to bogus Web pages.The Federal Reserve of St. Louis found on April 24 that DNS (domain name system) settings had been changed to redirect people to fake Web pages. The bank didn’t name its DNS provider. Those who visited those pages may have been exposed to malware or had their login credentials stolen.“If you attempted to log into your user account on that date, it is possible that this malicious group may have accessed your user name and password,” an advisory said.To read this article in full or to leave a comment, please click here

0

New encryption flaw, LogJam, puts Web surfers at risk

Computer security experts said they’ve found a new encryption flaw closely related to one found earlier this year that puts Web surfers’ data at risk.The flaw, called LogJam, can allow an attacker to significantly weaken the encrypted connection between a user and a Web or email server, said Matthew D. Green, an assistant research professor in the department of computer science at Johns Hopkins University.About 7 percent of websites on the Internet are vulnerable to LogJam along with many email servers. A website has been set up with more information.Green was part of a team including experts from the University of Michigan and the French research institute Inria who found LogJam a few months ago.To read this article in full or to leave a comment, please click here

0

OpenStack Magnum Targets Containers-as-a-Service

Docker and its ilk could be getting more OpenStack support soon — but it took a few OpenStack Summits to make it happen.

0

Dropbox unleashes ‘universal app’ for Windows phones and tablets

Early this year, Dropbox released its cloud storage service on Windows phones and tablets, and on Tuesday the company followed up with a universal app that fleshes out the features for both types of devices.The update automatically adapts to the user’s screen size and delivers a number of new features, including the ability for Windows Phone users to upload videos directly from their devices.In the interests of multitasking, Windows Phone users can also now upload multiple files at once. And they can download files straight to their device or SD card, making it available for offline access; there’s a way to mark files as favorites for offline use as well.To read this article in full or to leave a comment, please click here

0

CSC to split in two, spin off US public sector work

IT services vendor Computer Sciences Corp. plans to separate its $4.1 billion U.S. public sector business to form a new company, it said Tuesday.The move is the latest step in a restructuring that began three years ago and will see CSC’s mission divided between U.S. government clients and all others.The U.S. public sector business, expected to be operational by October, will target federal, state and defense customers and employ 14,000 people. That business generated $4.1 billion in revenue last year.CSC’s remaining 51,000 employees will focus on commercial customers, and public sector organizations outside the U.S. That business recorded revenue of $8.1 billion last year.To read this article in full or to leave a comment, please click here