62890425
submission
alphadogg writes:
Public certificate authorities (CAs) are warning that as of Nov. 1 they will reject requests for internal SSL server certificates that don’t conform to new internal domain naming and IP address conventions designed to safeguard networks. The concern is that SSL server digital certificates issued by CAs at present for internal corporate e-mail servers, Web servers and databases are not unique and can potentially be used in man-in-the-middle attacks involving the setup of rogue servers inside the targeted network, say representatives for the Certification Authority/Browser Forum (CA/B Forum), the industry group that sets security and operational guidelines for digital certificates. Members include the overwhelming bulk of public CAs around the globe, plus browser makers such as Microsoft and Apple. The problem today is that network managers often give their servers names like “Server1” and allocate internal IP addresses so that SSL certificates issued for them through the public CAs are not necessarily globally unique, notes Trend Micro's Chris Bailey.
62862819
submission
alphadogg writes:
ix years ago the Social Security Administration embarked on an aggressive plan to replace outdated computer systems overwhelmed by a growing flood of disability claims. Nearly $300 million later, the new system is nowhere near ready and agency officials are struggling to salvage a project racked by delays and mismanagement, according to an internal report commissioned by the agency. In 2008, Social Security said the project was about two to three years from completion. Five years later, it was still two to three years from being done, according to the report by McKinsey and Co., a management consulting firm. Today, with the project still in the testing phase, the agency can't say when it will be completed or how much it will cost.
62745781
submission
alphadogg writes:
In its quest to help enterprises seek out and neutralize all threats to their Wi-Fi networks, AirMagnet is now looking to the skies. In a free software update to its AirMagnet Enterprise product last week, the Wi-Fi security division of Fluke Networks added code specifically crafted to detect the Parrot AR Drone, a popular unmanned aerial vehicle that costs a few hundred dollars and can be controlled using a smartphone or tablet. Drones themselves don’t pose any special threat to Wi-Fi networks, and AirMagnet isn’t issuing air pistols to its customers to shoot them down. The reason the craft are dangerous is that they can be modified to act as rogue access points and sent into range of a victim’s wireless network, potentially breaking into a network to steal data.
62745071
submission
alphadogg writes:
A presentation on a low-budget method to unmask users of a popular online privacy tool, TOR, will no longer go ahead at the Black Hat security conference early next month. The talk was nixed by the legal counsel with Carnegie Mellon’s Software Engineering Institute after a finding that materials from researcher Alexander Volynkin were not approved for public release, according to a notice on the conference’s website. https://www.blackhat.com/lates... Volynkin, a research scientist with the university’s Computer Emergency Response Team (CERT) was due to give a talk entitled “You Don’t Have to be the NSA to Break Tor: Deanonymizing Users on a Budget” at the conference, which take places Aug. 6-7 in Last Vegas.
62702369
submission
alphadogg writes:
Cybercriminals are spreading a new file-encrypting ransomware program that’s more powerful and resilient than Cryptolocker, a threat recently shut down by the U.S. Department of Justice. The new ransomware threat is called CTB-Locker (Curve-Tor-Bitcoin Locker), but Microsoft anti-malware products detect it as Critroni.A. Its creator has been advertising the program to other cybercriminals on Russian-language forums since the middle of June and it seems that he’s been trying to fix most of Cryptolocker’s faults. Critroni uses a file encryption algorithm based on elliptic curve cryptography, which its creator claims is significantly faster than encryption schemes used by other ransomware threats. This also makes decrypting the affected files impossible without paying the ransom, if there are no implementation flaws.
62501171
submission
alphadogg writes:
A group of MIT researchers say they’ve invented a new technology that should all but eliminate queue length in data center networking. The technology will be fully described in a paper presented at the annual conference of the ACM Special Interest Group on Data Communication. According to MIT, the paper will detail a system – dubbed Fastpass – that uses a centralized arbiter to analyze network traffic holistically and make routing decisions based on that analysis, in contrast to the more decentralized protocols common today. Experimentation done in Facebook data centers shows that a Fastpass arbiter with just eight cores can be used to manage a network transmitting 2.2 terabits of data per second, according to the researchers.
61983855
submission
alphadogg writes:
Georgia Tech researchers are seeking the assistance of website operators to help better understand which sites are being censored and then figure out how to get around such restricted access by examining the data collected. The open source Encore [Enabling Lightweight Measurements of Censorship with Cross-Origin Requests] tool http://encore.noise.gatech.edu... involves website operators installing a single line of code onto their sites, and that in turn will allow the researchers to determine whether visitors to these sites are blocked from visiting other sites around the world known to be censored. The researchers are hoping to enlist a mix of small and big websites, and currently it is running on about 10 of them. End users won’t even know the baseline data measurement is taking place, which of course when you’re talking about censorship and privacy, can be a sticky subject. Facebook learned that recently http://www.networkworld.com/ar... when disclosures erupted regarding its controversial secret study of users’ moods. The Georgia Tech researchers in an FAQ say their tool can indicate to users that their browsers are conducting measurements, and that users can opt out.
61341019
submission
alphadogg writes:
A Chinese electronics vendor accused of selling signal jammers to U.S. consumers could end up leading the market in one dubious measure: the largest fine ever imposed by the Federal Communications Commission. The agency wants to fine CTS Technology US$34,912,500 for allegedly marketing 285 models of jammers over more than two years. CTS boldly—and falsely—claimed that some of its jammers were approved by the FCC, according to the agency’s enforcement action released Thursday. Conveniently, CTS’ product detail pages also include a button to “report suspicious activity.”
The proposed fine, which would be bigger than any the FCC has levied for anti-competitive behavior, not airing children’s shows, or a wardrobe malfunction, comes from adding up the maximum fines for each model of jammer the company allegedly sold in the U.S. The agency also ordered CTS, based in Shenzhen, China, to stop marketing illegal jammers to U.S. consumers and identify the buyer of each jammer it sold in the U.S.
61266089
submission
alphadogg writes:
In the hunt for more spectrum to speed up mobile networks, Vodafone and Huawei Technologies have successfully tested a technology that lets LTE and GSM share the same frequencies. The speed of future mobile networks will depend on the amount of spectrum mobile operators can get their hands on. The more they get, the wider the roads they can build. One thing they can do to get more space is to reuse frequencies that are currently used for older technologies such as GSM and 3G. But that isn’t as easy as sounds, as operators still have a lot of voice and messaging traffic in those older networks. However, using a technology called GL DSS (GSM-LTE Dynamic Spectrum Sharing) Vodafone and Huawei have shown a way to allow GSM and LTE to coexist.
61164223
submission
alphadogg writes:
Microsoft has been forced to start using its global stock of IPv4 addresses to keep its Azure cloud service afloat in the U.S., highlighting the growing importance of making the shift to IP version 6. The newer version of the Internet Protocol adds an almost inexhaustible number of addresses thanks to a 128-bit long address field, compared to the 32 bits used by version 4. The IPv4 address space has been fully assigned in the U.S., meaning there are no additional addresses available, Microsoft said in a blog post earlier this week. http://blog.azure.com/2014/06/... This requires the company to use the IPv4 address space available to it globally for new services, it said.
61091055
submission
alphadogg writes:
China makes headlines every other week for its censorship of the Internet, but few people outside the country know what it's like to live with those access controls, or how to get around them. This IDG News Service writer has lived in China for close to six years and censorship has been a near constant, lurking in the background ready to "harmonize" the Web and throw a wrench in his online viewing. It's been especially evident this month. Google's services, which don't follow the strict censorship rules, are currently blocked. How long that will last is unknown, but it coincides with the 25th anniversary of the Tiananmen Square protests earlier this month — an event the Chinese government wants no one to remember.
59850393
submission
alphadogg writes:
Cisco Systems' point man on the Internet of Things (IoT) has resigned just as industries start to explore how millions of sensors and devices can be connected over networks. Cisco confirmed on Thursday that Guido Jouret, who was vice president and general manager of the company's Internet of Things Group, has left to "pursue a new opportunity." Rob Soderbery, senior vice president of Cisco's Enterprise Networking Group, which oversees the IoT division, will now oversee it directly, Cisco said. Cisco recently announced it was earmarking an additional $150 million over the next few years to invest in startups, including in the IoT space. http://www.networkworld.com/ne...
59794617
submission
alphadogg writes:
IDG News Service goes inside United Airlines' network operations center on the 27th floor of the Willis (formerly Sears) Tower in downtown Chicago, where the company oversees some 1,800 daily flights.
The NOC is in charge of everything from figuring out how planes should be loaded to distribute weight correctly to assigning which aircraft will fly which route. The space is massive, with about 375 workstations that are staffed across three shifts, 365 days a year, as there is a United flight in the air at all times. The users rely on virtualized applications mostly housed in one of two big offsite data centers.
59784133
submission
alphadogg writes:
WITI (Women in Technology International) has named five new inductees for its Hall of Fame, http://www.witi.com/center/wit... including executives with IBM, AT&T and EMC, a well-known serial entrepreneur and a force in the move to code for public good. WITI, which is celebrating its 25th anniversary this year, will honor inductees at a ceremony on June 2 in Santa Clara. This year's inductees are: This year’s inductees are: EMC's Orna Berry, Code for America's Jennifer Pahlka, ClearStreet's Kim Polese, AT&T's Kris Rinne and IBM's Lauren States.
59537071
submission
alphadogg writes:
Some drivers would love to have a cellphone-free bubble around their cars, but when a Florida man allegedly created one every day on his commute, it didn't necessarily make the highway a safer place.
Jason R. Humphreys of Seffner, Fla., operated a cellphone jammer in his Toyota Highlander sport-utility vehicle during his daily commute for as long as two years before the FCC and the local sheriff tracked him down, the FCC said this week. Now he's facing $48,000 in fines, with 30 days to pay or file a response. Humphreys told the FCC he used the jammer to keep people from talking on their cellphones while driving. Talking on a cellphone while driving is legal in Florida, even without a hands-free kit, though texting while driving is banned. Using a cellphone jammer is illegal for everyone but federal law enforcement, regardless of intent, according to the FCC. Not only do jammers prevent consumers from making emergency calls, but they can disrupt critical communications by safety agencies, the FCC said.
