Credit card terminals have used same password since 1990s, claim researchers

While retailers battle breaches that have resulted in tens of millions of credit card numbers stolen, word comes from the RSA Conference in San Francisco that a major vendor of payment terminals has been shipping devices for over two decades with the same default password.The vendor wasn’t named by the researchers, David Byrne and Charles Henderson, but they did disclose the password: 166816.A Google search reveals that’s the default password for several models of credit card terminal sold by Verifone, a Silicon Valley-based vendor that says it connects 27 million payment devices and has operations in 150 countries.Verifone didn’t immediately comment on the claim.To read this article in full or to leave a comment, please click here

DOD wants to rebuild trust with the technology industry

The U.S. Department of Defense must rebuild trust with Silicon Valley because it needs new technology partners to fight against cyberattacks, Secretary of Defense Ashton Carter said Thursday.The DOD is looking to build its defensive cybersecurity capabilities with help from technology vendors, but the military also will deploy offensive measures when its warranted, Carter said in a speech at Stanford University.The department sees its cybersecurity role as largely focused on defense, but “adversaries should know that our preference for deterrence and our defensive posture don’t diminish our willingness to use cyber options if necessary,” he said.To read this article in full or to leave a comment, please click here

Enterprise software vendors ready Apple Watch apps

Enterprise software vendors are betting the Apple Watch will find a use in the business world and this week announced apps for the smartwatch, which will become available to consumers on Friday.While many of the initial Apple Watch business apps carry out the same functions of their iPhone counterparts, companies emphasized that glancing at your wrist to obtain information is easier than reaching for a smartphone.Blue Jean Networks created an app that reminds people about upcoming meetings and shows them their meeting schedule. The app, which works in conjunction with the company’s cloud-based video conferencing service, also has features that are designed specifically for the watch, like a function that counts down the time until a person’s next meeting and the ability to access a meeting by pressing the watch’s face. Like all Apple Watch apps, Blue Jeans’ app, which was announced today, must be paired with an iPhone to work.To read this article in full or to leave a comment, please click here

Cisco VIRL NXOSv NXAPI Update

Cisco officially announced the April release of VIRL the announcement and upgrade instructions can be found here. Some of the highlights from the upgrade are: ISOv is now up to version 15.2(2)T ...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

Comcast said to abandon Time Warner merger plan

Comcast has abandoned plans to merge with Time Warner Cable, according to a Bloomberg News report on Thursday.The report quoted “people with knowledge of the matter” and said a formal announcement could be made as soon as Friday.The decision, which was not immediately confirmed by the companies, came a day after the Federal Communications Commission referred the proposed deal to a hearing in front of a judge—a move that had been viewed as a “death sentence” for the plan because of the time and effort it would have taken.The U.S. Department of Justice was also reported to be leaning towards blocking the merger on antitrust grounds should it have received FCC clearance.To read this article in full or to leave a comment, please click here

Comcast abandons $45B Time Warner merger plan

Comcast has abandoned plans to merge with Time Warner Cable.Comcast Chairman and CEO Brian Roberts said in a statement: "Today, we move on. Of course, we would have liked to bring our great products to new cities, but we structured this deal so that if the government didn’t agree, we could walk away.Comcast NBCUniversal is a unique company with strong momentum. Throughout this entire process, our employees have kept their eye on the ball and we have had fantastic operating results. I want to thank them and the employees of Time Warner Cable for their tireless efforts.I couldn’t be more proud of this company and I am truly excited for what’s next."To read this article in full or to leave a comment, please click here

Open Networking: Worth the Learning Curve

When’s the last time you had the opportunity to learn about a new area of technology? Not just the latest API but something big. With the emergence of open networking, now may be the time to do just that.

Open networking is becoming more wide spread in data centers, partly because of CapEx savings and customer choice from disaggregation of hardware and software. From an operational standpoint, the efficiencies of automating and managing switches like servers may be even more compelling. Those efficiencies – and resulting OpEx savings – are from using a real Linux OS for the network.

As a Linux operating system running network switches, Cumulus Linux presents a learning opportunity for two specific groups of users: network administrators who are new to Linux, and Linux administrators who are new to networking. Open networking represents a radical improvement in network management, but as with most major changes, there’s a learning curve.

Learning a new language (but still saying the same things).

Leaving IOS, NX-OS, or JunOS for Cumulus Linux means rediscovering how to perform tasks that network administrators have been doing the same way for years. This often means tweaking existing knowledge to understand where familiar commands Continue reading

FTC complains retail tracking firm didn’t notify customers

A company that tracked retail store customers through their smartphones without notifying them and without giving them a chance to turn off the tracking has settled a U.S. Federal Trade Commission complaint that it didn’t live up to its privacy promises.Retail tracking firm Nomi Technologies stated in its privacy policy from late 2012 that it would provide a customer opt-out mechanism at stores using its tracking services, thus implying that it would notify customers of the tracking efforts, the FTC said. But the company did not give customers an opt-out option and did not notify customers they were being tracked, the agency said Thursday.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Winds of change blowing in the WAN

In the past few years, enterprise computing has experienced major upheavals brought about by cloud apps, Wi-Fi, mobility, and BYOD. The enterprise WAN, meanwhile, has not evolved much since it was transformed into an MPLS Layer 3 VPN infrastructure more than a decade ago. Things are about change. Based on my experience with customer deployments, more than 50% of enterprise traffic from branches is currently Internet-bound. This is due to outsourcing of utility applications, including email, search, voice, video and collaboration, not to mention cloud application use. Despite this trend, enterprises have resisted using the public Internet to provide remote offices with direct access to cloud applications. This is primarily due to compliance issues, especially in the financial and healthcare industries. Doing so would require extensive security policies at each location and would introduce a management nightmare. The alternative, backhauling traffic to the corporate DMZ, is not feasible. To read this article in full or to leave a comment, please click here

IDG Contributor Network: Winds of change blowing in the WAN

In the past few years, enterprise computing has experienced major upheavals brought about by cloud apps, Wi-Fi, mobility, and BYOD. The enterprise WAN, meanwhile, has not evolved much since it was transformed into an MPLS Layer 3 VPN infrastructure more than a decade ago. Things are about change. Based on my experience with customer deployments, more than 50% of enterprise traffic from branches is currently Internet-bound. This is due to outsourcing of utility applications, including email, search, voice, video and collaboration, not to mention cloud application use. Despite this trend, enterprises have resisted using the public Internet to provide remote offices with direct access to cloud applications. This is primarily due to compliance issues, especially in the financial and healthcare industries. Doing so would require extensive security policies at each location and would introduce a management nightmare. The alternative, backhauling traffic to the corporate DMZ, is not feasible. To read this article in full or to leave a comment, please click here

House passes second cyberthreat information-sharing bill

For the second time in two days, the U.S. House of Representatives has voted to pass a bill that would give legal protections to companies that share cyberattack information.The House on Thursday voted 355 to 63 to pass the National Cybersecurity Protection Advancement Act (NCPA), which would protect companies from customer lawsuits after they voluntarily share cyberthreat information with each other and with government agencies.The NCPA is similar in several ways to the Protecting Cyber Networks Act (PCNA), which passed the chamber on Wednesday, despite concerns from some lawmakers that it would allow some customer information to wind up in the hands of surveillance agency the U.S. National Security Agency.To read this article in full or to leave a comment, please click here

Salesforce for HR puts the focus on mobile and social capabilities

If there are any overriding trends at work in the enterprise-software market today, consumerization and mobile would have to be among the biggest. Vendors large and small have been racing to add such features to their products, and Thursday brought a fresh example: Salesforce for HR, a new tool that aims to give employees a personalized experience via mobile and social capabilities.Built on a foundation of cloud, social, mobile and data-science technologies, Salesforce for HR taps Salesforce’s Customer Success Platform and is designed to complement existing HR-focused systems with a number of tools designed to help companies and employees connect.To read this article in full or to leave a comment, please click here

Pretty much all of the Apple Watches are coming to work

Almost all current or perspective users of smartwatches and other wearable technologies want to use them for work, according to a Harris Poll survey commissioned by MDM vendor MobileIron.The survey, which covered 3,500 workers who use mobile devices for work in the U.S., western Europe and Japan, found that 94% of those who either owned or were planning to own a wearable would want to use them for work tasks.+ ALSO ON NETWORK WORLD: Review: Docker Swarm soars, and the sky's the limit  | Insider threats force balance between security and access +To read this article in full or to leave a comment, please click here

Dell takes on Cisco and Juniper with 100G data center switch

Dell this week extended its arsenal of data center Ethernet switches, highlighted by a 100G device with ports dividable into 25G and 50G channels.Twenty-five gigabit and 50G Ethernet are becoming popular options for data centers looking to fill the bandwidth gap between 10G and 40G for server-to-top-of-rack switch connectivity. Products supporting 25/50G are intended to scale network bandwidth to cloud server and storage endpoints, where workloads are expected to surpass the capacity of 10/40G Ethernet links deployed today.To read this article in full or to leave a comment, please click here

Dell takes on Cisco and Juniper with 100G data center switch

Dell this week extended its arsenal of data center Ethernet switches, highlighted by a 100G device with ports dividable into 25G and 50G channels.Twenty-five gigabit and 50G Ethernet are becoming popular options for data centers looking to fill the bandwidth gap between 10G and 40G for server-to-top-of-rack switch connectivity. Products supporting 25/50G are intended to scale network bandwidth to cloud server and storage endpoints, where workloads are expected to surpass the capacity of 10/40G Ethernet links deployed today.To read this article in full or to leave a comment, please click here

Ubuntu, cloud-init, and OpenStack Heat

In this post I’d like to share a couple of things I recently learned about the interaction between cloud-init and OpenStack Orchestration (aka “Heat”). This may be stuff that you already know, but in the interest of helping others who may not know I’m posting it here.

One issue that I’d been repeatedly running into was an apparent “failure” on the part of Heat to properly apply cloud-init configurations to deployed Ubuntu instances. So, using a Heat template with an OS::Nova::Server resource defined like this would result in an instance that apparently wasn’t reachable via SSH (I’d get back Permission denied (publickey)):

resources:
  instance0:
    type: OS::Nova::Server
    properties:
      name: cloud-init-test-01
      image: { get_param: image_id }
      flavor: m1.xsmall
      networks:
        - port: { get_resource: instance0_port0 }
      key_name: lab

Deploying an instance manually from the same image worked perfectly. So what was the deal?

The first thing I learned was that, in some circumstances (more on this in a moment) defaults to injecting SSH keys (like the key named lab specified in the template) to a user account named “ec2-user”. Ah! I’d been using the default “ubuntu” account specified in Continue reading

1 3,527 3,528 3,529 3,530 3,531 3,845