End of the road for RC4

Today, we completely disabled the RC4 encryption algorithm for all SSL/TLS connections to CloudFlare sites. It's no longer possible to connect to any site that uses CloudFlare using RC4.

Over a year ago, we disabled RC4 for connections for TLS 1.1 and above because there were more secure algorithms available. In May 2014, we deprecated RC4 by moving it to the lowest priority in our list of cipher suites. That forced any browser that had a good alternative to RC4 to use it. Those two changes meant that almost everyone who was using RC4 to connect to CloudFlare sites switched to a more secure protocol.

Back in May, we noted that some people still needed RC4, particularly people using old mobile phones and some Windows XP users. At the time, 4% of requests using RC4 came from a single phone type: the Nokia 6120.

At the time, we noted that roughly 0.000002% of requests to CloudFlare were using the RC4 protocol. In the last 9 months, that number is halved and so, although some people are still using RC4, we have decided to turn off the protocol. It's simply no longer secure.

The remaining users are almost Continue reading

Twitter speaks up for FCC net neutrality plan

With the Federal Communications Commission set to vote in three days on reclassifying broadband as public regulated utility, Twitter made its support for stronger net-neutrality rules official Monday.In a blog post laying out its case, Twitter struck the theme of free speech, but also said that an Internet that supports Web businesses without barriers imposed by ISPs is critical for the economic competitiveness of the U.S.“We need clear, enforceable, legally sustainable rules to ensure that the Internet remains open and continues to give everyone the power to create and share ideas and information instantly, without barriers. This is the heart of Twitter,” the post said. Net neutrality rules would prevent ISP from determining what content, services and applications get used and shared on the Web, it said.To read this article in full or to leave a comment, please click here

Twitter speaks up for FCC net neutrality plan

With the Federal Communications Commission set to vote in three days on reclassifying broadband as public regulated utility, Twitter made its support for stronger net-neutrality rules official Monday.In a blog post laying out its case, Twitter struck the theme of free speech, but also said that an Internet that supports Web businesses without barriers imposed by ISPs is critical for the economic competitiveness of the U.S.“We need clear, enforceable, legally sustainable rules to ensure that the Internet remains open and continues to give everyone the power to create and share ideas and information instantly, without barriers. This is the heart of Twitter,” the post said. Net neutrality rules would prevent ISP from determining what content, services and applications get used and shared on the Web, it said.To read this article in full or to leave a comment, please click here

‘Secure’ advertising tool PrivDog compromises HTTPS security

New cases of insecure HTTPS traffic interception are coming to light as researchers probe software programs for implementations that could enable malicious attacks. The latest software to open a man-in-the-middle hole on users’ PCs is a new version of PrivDog, an advertising product with ties to security vendor Comodo.Over the weekend, a user reported on Hacker News that his system failed an online test designed to detect a man-in-the-middle vulnerability introduced by Superfish, a program preloaded on some Lenovo consumer laptops.To read this article in full or to leave a comment, please click here

How Target can beat Amazon’s free shipping

Some headlines practically require a click, such as this one from Mashable: “Target undercuts Amazon on free shipping.” How do you undercut free? Is Target going to pay me for the privilege of shipping a package to my house? No, silly, you do it like this: The retail chain announced Monday that customers can qualify for free shipping on all orders of $25 or more placed through Target's website "with virtually no exclusions," down from a $50 minimum previously.To read this article in full or to leave a comment, please click here

HP deal marks milestone for open source networking hardware

If you still harbored any doubts that the web is now driving the future of IT, last week's announcement that HP will offer disaggregated products for web-scale data centers via deals with Cumulus and Accton should be enough to convince you.See also: HP latest to unbundle switch hardware, software The deal itself is hardly monumental. HP inked a pair of "partnerships that will produce a branded white box switch capable of running multiple network operating systems." And it comes on the heels of HP's deal with Foxconn last year to build inexpensive cloud computing servers.To read this article in full or to leave a comment, please click here

IDG Contributor Network: What Wi-Fi looks like

Hackaday member CNLohr has created some stunning images of a Wi-Fi network using a remarkably simple technique. He documented his experiments on his Hackaday project page.He achieved the results by capturing wireless signal strength using a Wi-Fi chipset hooked up to a single multi-color LED. The LED rapidly changes color depending on signal strength. He then captures long-exposure photographs of the LED, as his buddy, holding the piece of kit, moves around a space. The result is a multi-colored graphic with variations representing signal strength.Pinging the chipsetTo read this article in full or to leave a comment, please click here

Apple plans two European data centers running on renewable energy

Apple plans to open two European data centers running on renewable energy in 2017, following similar moves by Google and Facebook in the region.The new data centers will host a number of Apple services for European customers, including the iTunes Store, App Store, iMessage text messaging service, Apple Maps and Siri, its voice-controlled personal assistant. By hosting the data within the European Union, Apple could avoid the need to export EU users’ data to the U.S. or other data protection regimes, a sensitive issue as EU legislators discuss renewing the bloc’s data protection regime.Apple plans to spend a total of €1.7 billion (US$1.9 billion) on the two data centers, which will each cover around 166,000 square meters.To read this article in full or to leave a comment, please click here

This man pressed Print. What happened next left me speechless.

HP_X551dw

Although I attended HP Discover in Barcelona as a guest of the folks at HP Networking (via their Independent Bloggers program), I didn’t restrict myself to looking at etherstuff; HP makes way too broad a portfolio of products to get away with that. I ended up looking at printers, and I found something that pretty much blew me away.

Before I forget, please accept my apologies for the clickbait headline. I’ve always wanted to do one of those; but unlike so many others I’ve seen, I hope that this article won’t disappoint. You’ll see “the man” in the headline in a video later.

A Sign of the Times

It was hard to miss at HP Discover that HP believes in eating their own dog food. The signage at the event – many large, inspiring, multicultural images reminding us that HP’s mission is to provide “solutions for the New Style of IT” – was all printed on HP printers. The signs looked pretty amazing, I have to say:

HP Poster

Not only were they printed using HP products, but the poster tells you which printer was used, you know, in case you wanted to buy one for your spare bedroom or something:

HP Poster Printer

Given the price Continue reading

New teaser images and video help confirm details of Samsung’s Galaxy S6

With less than a week left until the event at which Samsung Electronics is expected to launch the Galaxy S6, two new images and a video of the company’s next high-end smartphone seem to confirm its name and the presence of a curved screen.The images, posted by Samsung and network operator T-Mobile U.S., show the smartphone from the side. The T-Mobile image has the tagline “six appeal” and shows the side of the device lit up, all but confirming the name and the expected launch of a device with a curved screen that wraps around one or both edges. Samsung first used such a curved screen on the Galaxy Note Edge, which it announced last year.The T-Mobile image along with another image Samsung has posted on Twitter also tease an improved design, which the Galaxy S6 needs if Samsung wants the smartphone to be a bigger hit its predecessor.To read this article in full or to leave a comment, please click here

Startup Flex Logix aims to score big in a niche chip market

In Silicon Valley, where software startups are the rage, it’s unusual to see a new hardware company set up shop. But venture capital-backed chip design company Flex Logix has some big ideas about how to speed up a whole range of software applications and hardware.Flex Logix is establishing a business around FPGAs (field-programmable gate arrays), which are reconfigurable chips that can help hardware run specific applications faster. A notable FPGA user is Microsoft, which has implemented the chips in data centers to quickly deliver more relevant Bing search results.PCs and servers today run on general-purpose processors like CPUs, but FPGAs are different, with functionality defined mainly through software on the chip. Flex Logix claims it has designed a new type of FPGA, which it hopes will be used in networking, telecommunications, servers, military equipment and other hardware.To read this article in full or to leave a comment, please click here

LG takes aim at Motorola’s Moto G with new Magna smartphone

LG Electronics has announced four new smartphones, including the Magna. The device has a spec that gives Motorola Mobility’s Moto G a run for its money, assuming LG doesn’t screw up the pricing too much.Motorola has had the market for unlocked smartphones costing US$200 or less largely to itself in the U.S. and Europe, helping it regain its footing with the Moto G and the Moto E. But it seems the now Lenovo-owned company will face some tougher competition this year from products like the LG Magna.The Lollipop-based smartphone has a 5-inch, 720 x 1280-pixel screen and an unspecified 1.2GHz or 1.3GHz quad-core processor. The Magna also has an 8-megapixel front camera and a 5-megapixel camera on the back. There’s 1GB of RAM and 8GB of integrated storage backed up by a microSD card slot.To read this article in full or to leave a comment, please click here

Carrier Supporting Carrier – CSC

CSC Carrier Supporting Carrier is a hierarchical MPLS VPN architecture between the Service Providers. Service is an MPLS VPN service mostly but doesn’t have to be as you will see throughout the post. Customer carrier ( Provider ) receives an MPLS VPN service from the Core/Backbone carrier. Although CSC architecture is not common in real… Read More »

The post Carrier Supporting Carrier – CSC appeared first on Network Design and Architecture.

When backup Is a disaster

Shortly after Branndon Kelley joined American Municipal Power (AMP) as CIO, the company's financial system went down.It took four days to restore the system and Kelley, who had previously consulted with state governments on business continuity issues, immediately started exploring AMP's backup and recovery strategy.He quickly discovered that there was none. No coherent plan. "We had a whole bag of tricks," Kelley says, including more than 10 different backup systems and processes. There were outdated off-the-shelf packages and hand-coded scripts--none of them documented or interconnected. There were backups of backups, and fewer than half of the backups succeeded on the first try.To read this article in full or to leave a comment, please click here

Getting Inside the Loop

Metadata doesn’t just apply to data science or protocols — it applies to engineering life. Think about the concept of epistomology — the study of how we know what we know — or the concept of hermeneutics — the study of how we understand communication — and you can quickly see that stepping outside what we are doing to examine how we are doing it is a common human experience (see Lewis’ Meditation in a Tool Shed as another instance).

But how does this apply to the engineering life? It’s called process — now, before you click off the page, scurrying away in shock, process isn’t a bad thing. In fact, process can be a good set of “guard rails” in the way we live our lives, something to remind us not to run off the road (like positive thinking signs), or even physically/mentally “bump” us in the right direction.

This week I’d like to kick off a short series on one process I learned in the US Air Force, and have used in many ways over the years — the OODA Loop. Originally developed by USAF Colonel John Boyd, and designed to help pilots deal with Continue reading

10 products you could only find at RadioShack

Remembering the ShackRadioShack announced recently that after 94 years the company would be going into bankruptcy, selling off a number of stores and shutting some others down. As a techy who was born in the 60s, RadioShack was a huge part of my life. I remember hitting the RadioShack every time I visited the Duncan Mall just to see what was new. For you younger people out there, understand that at one point, there were no other options for many of the products you could find at RadioShack. No Best Buy, no Amazon.com or Tiger Direct. Here are 10 of the products that I could only get from RadioShack.To read this article in full or to leave a comment, please click here

SSL Week Means Less Weak SSL

CloudFlare SSL Week

I'm excited to announce that today kicks off SSL Week at CloudFlare. Over the course of this week, we'll make a series of announcements on what we're doing to improve encryption on the Internet.

Inherently, for encryption to be the most effective, it has to meet three criteria: 1) it needs to be easy and inexpensive to use; 2) it needs to be fast so it doesn't tax performance; and 3) it needs to be up to date and ahead of the latest vulnerabilities.

Easy, Fast & Secure

Throughout CloudFlare's history, these priorities have guided our approach to encryption. Last September, we announced Universal SSL and brought world class encryption to every CloudFlare customer, even those on our Free service plan. While that effort doubled the size of the encrypted web, our work is far from done. This week we're announcing a series of initiatives that further our efforts to ensure we provide the easiest, fastest, and most secure encryption.

While Universal SSL made it easy to ensure that the connection from a device to CloudFlare was secure, this week we're going to begin the process of making it easy (and free) to ensure the connection from CloudFlare back to Continue reading

New products of the week 02.23.15

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Absolute Computrace with Device Freeze Offline PolicyKey features: Absolute Computrace with Device Freeze Offline Policy allows IT to set an automated freeze command for any device that remains offline for a specific period of time. More info.To read this article in full or to leave a comment, please click here

New tools can detect hidden malware

New tools can detect hidden malwareImage by ShutterstockWe tested new security appliances from Damballa, Lancope and LightCyber that are designed to detect the latest cyber-attacks by monitoring network traffic and identifying when a piece of malware is communicating back to its command and control center. (Read the full review here.)To read this article in full or to leave a comment, please click here

1 3,607 3,608 3,609 3,610 3,611 3,832