Telegram dimisses claim of a flaw in its secure messaging application

Telegram, a messaging application that markets itself as a secure communication tool, doesn’t handle encrypted conversations securely, according to the founder of a mobile security company.Zuk Avraham of Zimperium wrote in a blog post Monday that he found several weak points that allowed him to recover plain text messages.Avraham didn’t try to directly crack messages encrypted by Telegram, which is backed by Pavel Durov, founder of the popular Russian social networking site Vkontakte. Instead, Avraham focused on an alternative attack using a kernel exploit to gain root access on an Android device and then looking at how Telegram handled messages in memory.To read this article in full or to leave a comment, please click here

Samsung, SKT to demonstrate 7.5Gbps wireless data next week

Samsung Electronics and South Korean mobile operator SK Telecom plan to demonstrate next week research into future “5G” wireless and data transmission at 7.55Gbps.The two companies, which formed a research and development agreement on 5G wireless in October last year, will show off the technology at the Mobile World Congress expo in Barcelona. The annual event, the biggest in the wireless telecommunications industry, begins on Monday.The transmission will use millimeter wave frequencies, which are generally considered to be those over 6GHz. That’s higher than current mobile phone and Wi-Fi frequencies and something that brings advantages and disadvantages.To read this article in full or to leave a comment, please click here

Establishing the Big Data Connection

Establishing the Big Data Connection

Many network vendors will tell you that their network equipment is built for Big Data. However, once deployed, do you have enough Big Data context to effectively monitor, troubleshoot, triage and tune your network? In most cases the answer is no! When designing and deploying a network, administrators must consider whether this network will provide enough Big Data context?

Before we go any further let’s define BIG DATA context.

BIG DATA context is the ability to correlate Big Data events and protocols back to network events and protocols and to be able to classify BIG DATA network flows correctly. To establish the Big Data Connection, we’re going to discuss the requirements to ensure a network is in the class of networks that have Big Data context, how administrators can possibly achieve this, and the role network programmability and agility play in this discussion.

Now let us see how we can build BIG DATA context and act on it.

Building Big Data Context
Network monitoring, tracing, visibility and reporting with Big Data context is accomplished with network equipment that is able to export flow statistics, counters and flow DBs and leverage open systems to classify such Continue reading

YouTube Kids has ‘no minefields for parents,’ group says

Google says its new YouTube app for kids is its first product “built from the ground up with little ones in mind,” and it appears to have taken careful steps not to ignite a furor by sacrificing children’s’ privacy for its business interests.YouTube Kids was released Monday in the U.S. in the Google Play store and Apple’s App Store. It has privacy-preserving features but also displays ads, which Google says will be “family friendly.”Ads in nearly a dozen categories are prohibited including beauty and fitness, food and beverages, and politics, Google says. And it says the ads won’t collect data about those who view or engage with them, or track them elsewhere on the web.To read this article in full or to leave a comment, please click here

When Worlds Collide

Show 225 – SolarWinds on The Cost of Monitoring + NPM 11.5 – Sponsored

SolarWinds' Head Geek Leon Adato joins Packet Pushers co-hosts Ethan Banks and Greg Ferro for a discussion about the cost of (not) doing proper network monitoring. We also get an update on the new features found in the NPM 11.5 release including wireless heat maps, web-based alerting, auto-discovery of application types for DPI, automatic dependency mapping, integrated capacity planning, and duplex mismatch detection.

Author information

Ethan Banks

Co-host at Packet Pushers

Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 3M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction. @ecbanks

TwitterGoogle+LinkedIn

The post Show 225 – SolarWinds on The Cost of Monitoring + NPM 11.5 – Sponsored appeared first on Packet Pushers Podcast and was written by Ethan Banks.

IoT sensors can run at lower power with MIT chip design

As more sensors get added to the Internet of Things, power consumption can pose a problem, but researchers at the Massachusetts Institute of Technology have come up with a way to reduce the energy that such components require.The researchers have created a new circuit design that could lead to more power-efficient sensors, which are driving growth in the Internet of Things (IOT). About 1.2 billion IOT devices receive or transmit data wirelessly for alerts or analysis, and the number could grow to 5.4 billion by 2020, according to a study by Verizon.Many sensors remain idle most of the time and become active when they send or receive data. The researchers have designed a circuit for a transmitter that could reduce energy leakage by up to 100 times when a sensor is in that idle state. That could extend the battery life of sensors by many months.To read this article in full or to leave a comment, please click here

Using custom fields in phpipam

NSA director wants gov’t access to encrypted communications

It probably comes as no surprise that the director of the U.S. National Security Agency wants access to encrypted data on computers and other devices.The U.S. should be able to craft a policy that allows the NSA and law enforcement agencies to read encrypted data when they need to, NSA director Michael Rogers said during an appearance at a cybersecurity policy event Monday.Asked if the U.S. government should have backdoors to encrypted devices, Rogers said the U.S. government needs to develop a “framework.”“You don’t want the FBI and you don’t want the NSA unilaterally deciding, ‘So, what are we going to access and what are we not going to access?’” Rogers said during his appearance at the New America Foundation. “That shouldn’t be for us. I just believe that this is achievable. We’ll have to work our way through it.”To read this article in full or to leave a comment, please click here

FAQ: The FCC’s Net Neutrality vote, for the IT crowd

The FCC on Thursday, Feb. 26 is set to vote on new broadband regulations that would require ISPs to practice Network Neutrality.  Here's the lowdown on this hot political and technical topic:Before you start, you know that I know what Net Neutrality is already, right?Of course, you work in IT, so I expected that was the case. While others might not be aware that the term is thought to have been coined in 2003 by Columbia law professor Tim Wu – still one of the most vocal proponents of Net Neutrality – no such gap exists in your knowledge.And just as obviously, you’re aware that the basic principle of Net Neutrality is that Internet service providers should not be allowed to discriminate among the different types of traffic that they carry – that is to say, not slowing or blocking legal traffic, nor charging special fees for certain types of traffic.To read this article in full or to leave a comment, please click here

Hyper-convergence and Open Networking: A Match Made in Cloudy Heaven

A lot of the early hype around cloud computing focused on grand visions related to there being only 5 or 6 extremely large cloud providers across the globe. While public clouds continue to grow at a breakneck pace, private clouds are also starting to see immense traction, especially in key verticals like financials, SaaS providers, and telecom service providers.

Over time and through extensive trial and error, the marketplace is realizing that there are two key requirements for successfully implementing cloud computing:

• Simplicity: This primarily refers to breaking down silos that have plagued IT departments of all sizes, allowing for a unified framework across compute, storage and networking.
• Infrastructure automation: Ranging from automated provisioning to full lifecycle of infrastructure, implemented in a software defined manner. Often referred to as Infrastructure as Code, or Idempotent IT.

Simplicity and infrastructure automation have been extensively covered by leading IT analysts and, along with application-level paradigms like Hadoop, have often been referenced as the way to achieve the extraordinary scale and success of Web scale IT shops like Google, Facebook and Amazon.

But until now, having the entire set of components and knowing how to assemble and automate them effectively still required open Continue reading

Do the ChaCha: better mobile performance with cryptography

_{CC BY-ND 2.0 image image by Clinton Steeds}

CloudFlare is always trying to improve customer experience by adopting the latest and best web technologies so that our customers (and their visitors) have a fast and a secure web browsing experience.

More and more web sites are now using HTTPS by default. This sea change has been spearheaded by many groups including CloudFlare enabling free SSL for millions of sites with Universal SSL, Google moving towards marking plain HTTP as insecure in Chrome, and the Let’s Encrypt project’s plans to make certificates free in 2015.

Not only is the encrypted web more secure, it can also be faster than the unencrypted web if the latest HTTPS features are implemented. HTTPS sites are blazing fast on CloudFlare because we keep up with the latest performance-enhancing features:

• SPDY 3.1 is on by default for all customers. SPDY enables faster-than-HTTP download speeds by enabling multiplexing
• OCSP stapling: faster revocation checking.
• Optimized certificate bundles using CFSSL, our open source SSL bundler: an optimized certificate chain provides faster validation of certificates in the browser
• ECDSA certificates for all free customers with Universal SSL: smaller certificates with smaller keys result in faster Continue reading

AnsibleFest NYC 2015

We are in the planning stages of our next stop in the AnsibleFest 2015 tour. We had a our biggest turnout ever at AnsibleFest London and know that our New York event will be even bigger and better!

AnsibleFest NYC is currently scheduled for late May/early June in NYC.

Details are being finalized now and tickets will go on sale soon.

If you are interested in speaking please email [email protected]

If you are interested in sponsoring please email [email protected] 

Republican FCCers call for delay in net neutrality vote

The U.S. Federal Communications Commission should delay its vote on net neutrality rules for at least a month after releasing Chairman Tom Wheeler’s proposal for public comment, the commission’s two Republican members said Monday.Instead of voting on Wheeler’s net neutrality proposal on Thursday, as scheduled, the FCC should open his 332-page proposal to the public “and allow the American people a reasonable period of not less than 30 days to carefully study it,” Commissioners Ajit Pai and Mike O’Rielly wrote in a joint statement.Wheeler, part of the three-Democrat majority on the commission, immediately rejected the request, however. The FCC received more than 4 million public comments on net neutrality during the past year, and they “helped shape” his proposal,” he wrote on Twitter. “It’s time to act.”To read this article in full or to leave a comment, please click here

Network Automation with Cisco Nexus Switches & Ansible

Google will acquire mobile wallet technology from Softcard

The tap-and-pay mobile payments market in the U.S. is getting a little less confusing.On Monday, Google said it had reached a deal with three of the country’s major cellular carriers to acquire “technology and capabilities” from Softcard, a competing mobile wallet app developed jointly by the carriers. But the deal appears to be less about technology and more about branding.The biggest immediate change is that Verizon, AT&T and T-Mobile will begin preinstalling Google Wallet on new Android smartphones later this year—something that had been blocked before in preference for the Softcard app.At their heart, both apps are based on the same contactless payment technology as Apple Pay and a new generation of payment cards from banks and credit unions. They use NFC (near-field communication) to complete a transaction once a payment card or phone is brought within a few centimeters of a terminal.To read this article in full or to leave a comment, please click here

End of the road for RC4

Today, we completely disabled the RC4 encryption algorithm for all SSL/TLS connections to CloudFlare sites. It's no longer possible to connect to any site that uses CloudFlare using RC4.

Over a year ago, we disabled RC4 for connections for TLS 1.1 and above because there were more secure algorithms available. In May 2014, we deprecated RC4 by moving it to the lowest priority in our list of cipher suites. That forced any browser that had a good alternative to RC4 to use it. Those two changes meant that almost everyone who was using RC4 to connect to CloudFlare sites switched to a more secure protocol.

Back in May, we noted that some people still needed RC4, particularly people using old mobile phones and some Windows XP users. At the time, 4% of requests using RC4 came from a single phone type: the Nokia 6120.

At the time, we noted that roughly 0.000002% of requests to CloudFlare were using the RC4 protocol. In the last 9 months, that number is halved and so, although some people are still using RC4, we have decided to turn off the protocol. It's simply no longer secure.

The remaining users are almost Continue reading

Twitter speaks up for FCC net neutrality plan

With the Federal Communications Commission set to vote in three days on reclassifying broadband as public regulated utility, Twitter made its support for stronger net-neutrality rules official Monday.In a blog post laying out its case, Twitter struck the theme of free speech, but also said that an Internet that supports Web businesses without barriers imposed by ISPs is critical for the economic competitiveness of the U.S.“We need clear, enforceable, legally sustainable rules to ensure that the Internet remains open and continues to give everyone the power to create and share ideas and information instantly, without barriers. This is the heart of Twitter,” the post said. Net neutrality rules would prevent ISP from determining what content, services and applications get used and shared on the Web, it said.To read this article in full or to leave a comment, please click here

Twitter speaks up for FCC net neutrality plan

With the Federal Communications Commission set to vote in three days on reclassifying broadband as public regulated utility, Twitter made its support for stronger net-neutrality rules official Monday.In a blog post laying out its case, Twitter struck the theme of free speech, but also said that an Internet that supports Web businesses without barriers imposed by ISPs is critical for the economic competitiveness of the U.S.“We need clear, enforceable, legally sustainable rules to ensure that the Internet remains open and continues to give everyone the power to create and share ideas and information instantly, without barriers. This is the heart of Twitter,” the post said. Net neutrality rules would prevent ISP from determining what content, services and applications get used and shared on the Web, it said.To read this article in full or to leave a comment, please click here

‘Secure’ advertising tool PrivDog compromises HTTPS security

New cases of insecure HTTPS traffic interception are coming to light as researchers probe software programs for implementations that could enable malicious attacks. The latest software to open a man-in-the-middle hole on users’ PCs is a new version of PrivDog, an advertising product with ties to security vendor Comodo.Over the weekend, a user reported on Hacker News that his system failed an online test designed to detect a man-in-the-middle vulnerability introduced by Superfish, a program preloaded on some Lenovo consumer laptops.To read this article in full or to leave a comment, please click here