3 reasons to be wary of the Internet of Things

According to a 2014 HP report, titled “Internet of Things Research Study,” 70 percent of the most commonly used Internet of Things (IoT) devices contain vulnerabilities involving password security, permissions and encryption. “While the Internet of Things will connect and unify countless objects and systems, it also presents a significant challenge in fending off the adversary given the expanded attack surface,” said Mike Armistead, vice president and general manager, Fortify, Enterprise Security Products, HP, in response to the report.To read this article in full or to leave a comment, please click here

Now that’s rich: Why the gold Apple Watch costs $10K

As College Humor videos go, this is one of the more SFW ones I've seen (just a couple of naughty words).  Anyway, Apple once again begs for parody videos to emerge with the official, official, official introduction this week of its Apple Watches. Here's why the gold watch costs $10K, according to the humor site. An earlier Apple Watch parody video, too.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Smartphone video traffic will explode, report says

While many of us have taken to the concept of video over mobile networks on smartphones, you could argue that it's been more of a "yeah, really cool, I like that idea" flirtation, rather than a "Hey, when's trash day?" and "Anyone know how to get a 55-inch TV in a garbage can?" kind of amour.Just how many people are happy with stuttering, low-definition images on a pokey smartphone screen, one could ask? I for one am not watching a smartphone screen on an expensive, spotty mobile network in lieu of Wi-Fi media delivery via a big screen when I can help it.And has there been any indication that the non-tech segment of the population thinks differently? Is it not all the same inquisitive dabbling?To read this article in full or to leave a comment, please click here

IPv4 QoS Markings Calculator

This is a quick calculator I came up that I could use in the CCIE lab to translate between various IPv4 header QoS markings. As long as I could remember how to draw out the calculator, all I had to do was some basic math and I could translate between markings quite easily.

This post does not explain what the header fields are, why there’s so many or what the significance of one QoS value is over another. I’m making an assumption that the reader is already familiar with QoS concepts.

Here’s the calculator:

x x x x x x x x
128 64 32 16 8 4 2 1 ToS
32 16 8 4 2 1 - - DSCP
4 2 1 2 1 - - - DSCP AF values (AFxy)
4 2 1 - - - - - IP Precedence
Enter 0 or 1 in each position

Each column represents one bit from the Type of Service (ToS) field in the IPv4 header. The right-most column describes what each row is for. The very last row is meant to be filled in by us; it’s the input into the calculator.

As an example, let’s say we Continue reading

Conventional IT security is failing: Continuous monitoring and mitigation can help

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

All you have to do is read the headlines to know conventional IT security is failing. The number of security incidents among enterprises jumped 25% between 2011 and 2013, according to the 2014 PricewaterhouseCoopers “Global State of Information Security Survey.” And in the past 12 months, 96% of enterprises felt the sting of a cyberattack, according to the 2014 IDG Connect Cyber Defense Maturity Report.

The question is no longer if or when you will experience a significant security incident, but how well your processes and controls address detection, analysis and response. Without a real-time, independent and comprehensive view of endpoint status, organizations have an incomplete understanding of their IT risk, and it shows.

To read this article in full or to leave a comment, please click here

Windows PCs remained vulnerable to Stuxnet-like LNK attacks after 2010 patch

If you patched your Windows computers in 2010 against the LNK exploit used by Stuxnet and thought you were safe, researchers from Hewlett-Packard have some bad news for you: Microsoft’s fix was flawed.In January, researcher Michael Heerklotz reported privately to HP’s Zero Day Initiative (ZDI) that the LNK patch released by Microsoft over four years ago can be bypassed.This means that over the past four years attackers could have reverse-engineered Microsoft’s fix to create new LNK exploits that could infect Windows computers when USB storage devices got plugged into them. However, there’s no information yet to suggest this has happened.To read this article in full or to leave a comment, please click here

Consumer Identity Management systems step up where traditional ID systems fall down

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Companies that sell products and services to consumers are collecting and storing massive volumes of customer data from not just POS, order management, customer service and e-commerce systems, but also mobile apps, social media feeds, online campaign forms and Web applications such as lead enrichment databases. As a result, new types of identity management systems have emerged to address the broader scale and risk of Web-based business processes and to give customers more control regarding how corporations use their data.

To read this article in full or to leave a comment, please click here

Apple stores redefining mall economics

If you’ve visited an Apple store at your local mall the chances are good that you’ve visited a crowded Apple store at your local mall.And, not surprisingly, those crowds don’t necessarily get right back into their cars after buying their iWhatevers. They do more shopping. In fact, an Apple store alone can boost overall mall sales by 10%, says one research firm, and Apple is using that clout to its advantage.From a Wall Street Journal report: In the past, malls typically operated according to a straightforward bargain. Department stores that anchored the ends of the malls either owned their own stores or paid almost nothing aside from fees to maintain common spaces in exchange for drawing much of the traffic, while specialty retailers in the smaller spaces between the anchors typically paid the bulk of a mall’s rent.To read this article in full or to leave a comment, please click here

Baidu ends support for Android platform

Baidu’s efforts to bring its own customized Android ROM to Chinese smartphones appears to be fizzling out as the company shifts resources away from the project.On Wednesday, the team behind the Baidu Cloud OS, a suite of tools and interfaces designed for Android phones and incorporated into the company’s Android ROM, announced it was saying goodbye to the platform.“Because of a company business adjustment, we have no choice but to painfully decide to suspend updates and support to the Baidu Cloud OS,” the team said in an official forum posting.While the rest of Baidu’s consumer cloud business will still be in operation, the Cloud OS and ROM design unit has been folded into a new company, the team added in another posting. It did not offer details about the new company.To read this article in full or to leave a comment, please click here

Disabling Vodafone autoprovisioning on Snom 821

I bought a nearly new Snom IP phone on eBay, but it was getting autoprovisioned as a Vodafone device.   I wanted to use it as a SIP phone on another provider’s network, so needed to get rid of this.

I’ll try to write down the steps I followed, but I tried quite a few things so there may be inaccuracies.

Basically this phone tries three ways to autoprovision itself:

1. Redirection – it goes to a host run by Snom, is redirected to a Vodafone host and autoprovisions from there.

2. PnP – I think this is where it multicasts for a configuration server.

3. DHCP – where it receives details of the configuraiton server from DHCP options it receives with its IP address.

Redirection is the first one it tries by default, so you need to stop this happening. Snom say on their forums that they can’t do this for Vodafone devices, which must be a legal thing between them and Vodafone, because they are able to do it for Snom phones that are auto-provisioned on other providers.  In the latter case a simple request on the forums with the phone’s MAC address appears to be sufficient.

Continue reading

Second generation Moto G with LTE goes on sale in Europe

Motorola Mobility will start shipping the second generation Moto G with LTE in Europe later this month, while smartphone buyers in the U.S. will have to wait.The price will be €199 (US$210) in countries such as Germany and France and £159.00 in the U.K. with tax. It will start shipping the week of March 16, according to Motorola. The company didn’t provide any details on a possible U.S. launch, only saying that it wasn’t included in the launch.The exclusion of LTE when Motorola announced the second generation Moto G back in September was surprising, since there already was a 4G version of the original model. But the company is now starting to rectify that by expanding availability outside Brazil, where the 4G phone went on sale earlier this year.To read this article in full or to leave a comment, please click here

MDM features and functions compared

Mobile device management tools are transforming into enterprise mobility management (EMM), which includes app and data security, among many other things. And while all the major offerings in this arena cover the basics when it comes to hardware management, there are differences when it comes to some of the extended features you may require.To read this article in full or to leave a comment, please click here(Insider Story)

The Upload: Your tech news briefing for Wednesday, March 11

Four out of five retailers don’t meet payment card security standardsIt’s no surprise that so many data breaches involve the disclosure of credit card numbers: 80 percent of retailers failed to meet the Payment Card Industry Data Security Standard (PCI DSS) in a Verizon survey of 5,000 businesses worldwide, Reuters reports. In all the data breaches that Verizon studied, the company involved was not compliant at the time of the incident.The inventor of credit default swaps is new CEO of bitcoin trading companyTo read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Wednesday, March 11

Four out of five retailers don’t meet payment card security standardsIt’s no surprise that so many data breaches involve the disclosure of credit card numbers: 80 percent of retailers failed to meet the Payment Card Industry Data Security Standard (PCI DSS) in a Verizon survey of 5,000 businesses worldwide, Reuters reports. In all the data breaches that Verizon studied, the company involved was not compliant at the time of the incident.The inventor of credit default swaps is new CEO of bitcoin trading companyTo read this article in full or to leave a comment, please click here

Sony pulls the plug on PlayStation Mobile platform

PlayStation Mobile, Sony’s attempt to recreate PlayStation experiences on Android smartphones, tablets and the PS Vita, will close in July.The platform will stop distributing content on July 15 and in-app purchases and downloads of previously purchased software will stop on Sept. 10, Sony Computer Entertainment (SCE) said Wednesday. An associated application, PlayStation Mobile for Android, will be unavailable after Sept. 10.The development is another blow to Sony’s struggling mobile business, which hasn’t been able to outperform like the company’s hit PlayStation 4 gaming console. The PS4 had sold over 20.2 million units worldwide through the end of February and is slated to begin sales in China on March 20, following a delay of more than two months.To read this article in full or to leave a comment, please click here

Opening up at OCP Summit

Lots of networking activity at this week’s Open Compute Project Summit as vendors develop specifications designed to further abstract the dependencies of hardware and software.Dell submitted to OCP a Switch Abstraction Interface (SAI) designed to enable a common language between vendor network operating systems and switch silicon. The submission is currently under review and Dell expects acceptance.SAI is an API to express switch abstractions. With it, third-party developers can build applications to help customers tailor their network equipment to meet certain infrastructure requirements, Dell says.To read this article in full or to leave a comment, please click here

Facebook’s ‘Wedge’ network switch will soon be on sale to all

A network switch that Facebook designed for its own data centers will soon be on sale from Taiwanese manufacturer Accton Technologies, the latest sign of progress from the community hardware effort known as the Open Compute Project.Facebook set up the OCP about four years ago as a way for data center operators to collaborate on new hardware designs that they can then ask low-cost manufacturers to produce. Part of the goal is to get cheaper, more standardized hardware than what’s normally supplied by top-tier vendors like Cisco, Hewlett-Packard, and Dell.Facebook is already using the top-of-rack switch, known as Wedge, in its own data centers, and it will be available to others in the first half from Accton and its OEM partners, said Jay Parikh, head of Facebook’s infrastructure division. Cumulus Networks and Big Switch Networks will provide software for it, and Facebook has put some of its own network software on Github for companies that want to “roll their own.”To read this article in full or to leave a comment, please click here

1 3,529 3,530 3,531 3,532 3,533 3,780