'The only way I can see this working — and there is still risk — is if you have multiple employees inspecting the firmware to ensure it is indeed the manufacturer’s firmware. I would have at least two or more people get the firmware and validate the SHA256 hashes,' Newman writes.
‘Having an object storage system that allows byte-range access is very appealing,’ writes Layton. ‘It means that rewriting applications to access object storage is now an infinitely easier task. It can also mean that the amount of data touched when reading just a few bytes of a file is greatly reduced (by several orders of magnitude). Conceptually, the idea has great appeal. Because I'm not a file system developer I can't work out the details, but the end result could be something amazing.’
At the heart of the Multilevel Secure System (MLS) is a modified version of SELinux, with role-based access control with a policy for each role, so no one can get to the system root and the root can’t see user data. Policies are based on roles such as security admin, audit admin and sysadmin, and each file is tagged with a security level so some users can see it while others can’t.
Lockheed Martin, Seagate and Red Hat are among the vendors who developed the system, which was unveiled at last week's Geospatial Intelligence (GEOINT) conference in DC.
storagedude writes: Big Data, the Internet of Things and manufacturing and areal density limitations could combine to reverse the long-running trend of falling data storage prices, according to an article on InfoStor. With neither flash nor tape offering a viable alternative to bulk disk storage, users may have to turn to technologies such as deduplication, thin provisioning, RAID 1 and heat-assisted magnetic recording (HAMR) to meet demand.
“If multiple vendors invest in a technology, it has a good chance of winning over the long haul,” writes Newman, a long-time proponent of tape technology. “If multiple vendors have a technology they’re not investing in, it will eventually lose over time. Of course, over time market requirements can change. It is these interactions that I fear that are playing out in the tape market.”
darthcamaro writes: A year ago, there were only 22 Top Level Domain Names, with.com and.net being the most commonly deployed. Now there are hundreds of new names and according to VeriSign (the people that manage.com and.net), it's leading to confusion.
Are you confused by new.xyz /.guru.anything domains?
poseur writes: Just about every retailer has experienced a data breach due to insecure point-of-sale systems. Why is PoS security so hard? Experts say it's a moving target. The good news, experts say, is that payment solutions like Apple Pay could render PoS systems largely obsolete.
storagedude writes: With Amazon Web Services losing $2 billion a year, it’s not inconceivable that the cloud industry could go the way of storage service providers (remember them?). So any plan for cloud services must include a way to retrieve your data quickly in case your cloud service provider goes belly up without much notice (think Nirvanix). In an article at Enterprise Storage Forum, Henry Newman notes that recovering your data from the cloud quickly is a lot harder than you might think. Even if you have a dedicated OC-192 channel, it would take 11 days to move a petabyte of data – and that’s with no contention or other latency. One possible solution: a failover agreement with a second cloud provider – and make sure it’s legally binding.
Writing on InfoStor, Henry Newman said the security problem ‘is one hundred percent solvable with the right amount of motivation and the right amount of resources.’ His petition requests that if organizations with more than 1,000 employees fail to protect data, 'the organization becomes responsible for that loss with no exclusions and no liability limits.'
storagedude writes: Imagine in the not-too-distant future, your entire genome is on archival storage and accessed by your doctors for critical medical decisions. You'd want that data to be safe from hackers and data corruption, wouldn't you? Oh, and it would need to be error-free and accessible for about a hundred years too. The problem is, we currently don't have the data integrity, security and format migration standards to ensure that, according to Henry Newman at Enterprise Storage Forum. Newman calls for standards groups to add new features like collision-proof hash to archive interfaces and software.
'It will not be long until your genome is tracked from birth to death. I am sure we do not want to have genome objects hacked or changed via silent corruption, yet this data will need to be kept maybe a hundred or more years through a huge number of technology changes. The big problem with archiving data today is not really the media, though that too is a problem. The big problem is the software that is needed and the standards that do not yet exist to manage and control long-term data,' writes Newman.
darthcamaro writes: Forget about HTML5, that's already passe — Google is already moving on to HTML5.1 support for the upcoming Chrome 38 release. Currently only a beta, one of the biggest things that web developers will notice is the use of the new "picture" tag which is a container for multiple image sizes/formats. Bottom line is it's a new way to think about the "IMG" tag that has existed since the first HTML spec.
jammag writes: A new trend has emerged where tech companies have realized that abusing users pays big. Examples include the highly publicized Comcast harassing service call, Facebook "experiments," Twitter timeline tinkering, rude Korean telecoms — tech is an area where the term "customer service" has an Orwellian slant. Isn't it time customer starting fleeing abusive tech outfits?
He writes: 'With next-generation technology like non-volatile memories and PCIe SSDs, there are going to be more resources in addition to the CPU that need to be scheduled to make sure everything fits in memory and does not overflow. I think the time has come for Linux – and likely other operating systems – to develop a more robust framework that can address the needs of future hardware and meet the requirements for scheduling resources. This framework is not going to be easy to develop, but it is needed by everything from databases and MapReduce to simple web queries.’
jammag writes: "Almost as devastating is the blow Heartbleed has dealt to the image of free and open source software (FOSS). In the self-mythology of FOSS, bugs like Heartbleed aren't supposed to happen when the source code is freely available and being worked with daily. As Eric Raymond famously said, 'given enough eyeballs, all bugs are shallow'...Tired of FOSS's continual claims of superior security, some Windows and OS X users welcome the idea that Heartbleed has punctured FOSS pretensions. But is that what has happened?"
'The oldest drive in the list is the Seagate Barracuda 1.5 TB drive from 2006. A drive that is almost 8 years old! Since it is well known in study after study that disk drives last about 5 years and no other drive is that old, I find it pretty disingenuous to leave out that information. Add to this that the Seagate 1.5 TB has a well-known problem that Seagate publicly admitted to, it is no surprise that these old drives are failing.'