Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Submission + - Rootkits: The next big security challenge

storagedude writes: Rootkits are becoming a critical security challenge, writes Henry Newman at Enterprise Storage Forum. The solution: a secure supply chain for firmware, and users need to be alert for any changes or insider threats.

'The only way I can see this working — and there is still risk — is if you have multiple employees inspecting the firmware to ensure it is indeed the manufacturer’s firmware. I would have at least two or more people get the firmware and validate the SHA256 hashes,' Newman writes.

Submission + - Object storage and POSIX should merge (enterprisestorageforum.com)

storagedude writes: Object storage’s low cost and ease of use have made it all the rage, but a few additional features would make it a worthier competitor to POSIX-based file systems, writes Jeff Layton at Enterprise Storage Forum. Byte-level access, easier application portability and a few commands like open, close, read, write and lseek could make object storage a force to be reckoned with.

‘Having an object storage system that allows byte-range access is very appealing,’ writes Layton. ‘It means that rewriting applications to access object storage is now an infinitely easier task. It can also mean that the amount of data touched when reading just a few bytes of a file is greatly reduced (by several orders of magnitude). Conceptually, the idea has great appeal. Because I'm not a file system developer I can't work out the details, but the end result could be something amazing.’

Submission + - Tech Vendors Say They Can Stop Hackers (esecurityplanet.com)

storagedude writes: A group of eleven tech vendors say they've developed a data infrastructure that can stop hackers in their tracks.

At the heart of the Multilevel Secure System (MLS) is a modified version of SELinux, with role-based access control with a policy for each role, so no one can get to the system root and the root can’t see user data. Policies are based on roles such as security admin, audit admin and sysadmin, and each file is tagged with a security level so some users can see it while others can’t.

Lockheed Martin, Seagate and Red Hat are among the vendors who developed the system, which was unveiled at last week's Geospatial Intelligence (GEOINT) conference in DC.

Submission + - Is The Era of Cheap Disk Storage Over? (infostor.com)

storagedude writes: Big Data, the Internet of Things and manufacturing and areal density limitations could combine to reverse the long-running trend of falling data storage prices, according to an article on InfoStor. With neither flash nor tape offering a viable alternative to bulk disk storage, users may have to turn to technologies such as deduplication, thin provisioning, RAID 1 and heat-assisted magnetic recording (HAMR) to meet demand.

Submission + - Is LTO tape on its way out? (enterprisestorageforum.com)

storagedude writes: With LTO media sales down by 50% in the last six years, is the end near for tape? With such a large installed base, it may not be imminent, but the time is coming when vendors will find it increaingly difficult to justify continued investment in tape technology, writes Henry Newman at Enterprise Storage Forum.

“If multiple vendors invest in a technology, it has a good chance of winning over the long haul,” writes Newman, a long-time proponent of tape technology. “If multiple vendors have a technology they’re not investing in, it will eventually lose over time. Of course, over time market requirements can change. It is these interactions that I fear that are playing out in the tape market.”

Submission + - No Easy Fix for Point-of-Sale Security (esecurityplanet.com)

poseur writes: Just about every retailer has experienced a data breach due to insecure point-of-sale systems. Why is PoS security so hard? Experts say it's a moving target. The good news, experts say, is that payment solutions like Apple Pay could render PoS systems largely obsolete.

Submission + - If your cloud vendor goes out of business, are you ready?

storagedude writes: With Amazon Web Services losing $2 billion a year, it’s not inconceivable that the cloud industry could go the way of storage service providers (remember them?). So any plan for cloud services must include a way to retrieve your data quickly in case your cloud service provider goes belly up without much notice (think Nirvanix). In an article at Enterprise Storage Forum, Henry Newman notes that recovering your data from the cloud quickly is a lot harder than you might think. Even if you have a dedicated OC-192 channel, it would take 11 days to move a petabyte of data – and that’s with no contention or other latency. One possible solution: a failover agreement with a second cloud provider – and make sure it’s legally binding.

Submission + - Blogger starts Whitehouse.gov petition to fight data breaches

storagedude writes: A blogger is calling for an end to liability limits for companies that expose users' personal and financial information, saying that 'Only when the cost of losing data exceeds the cost of protecting data will anything likely change.'

Writing on InfoStor, Henry Newman said the security problem ‘is one hundred percent solvable with the right amount of motivation and the right amount of resources.’
His petition requests that if organizations with more than 1,000 employees fail to protect data, 'the organization becomes responsible for that loss with no exclusions and no liability limits.'

Submission + - Data archiving standards need to be future-proofed (enterprisestorageforum.com)

storagedude writes: Imagine in the not-too-distant future, your entire genome is on archival storage and accessed by your doctors for critical medical decisions. You'd want that data to be safe from hackers and data corruption, wouldn't you? Oh, and it would need to be error-free and accessible for about a hundred years too. The problem is, we currently don't have the data integrity, security and format migration standards to ensure that, according to Henry Newman at Enterprise Storage Forum. Newman calls for standards groups to add new features like collision-proof hash to archive interfaces and software.

'It will not be long until your genome is tracked from birth to death. I am sure we do not want to have genome objects hacked or changed via silent corruption, yet this data will need to be kept maybe a hundred or more years through a huge number of technology changes. The big problem with archiving data today is not really the media, though that too is a problem. The big problem is the software that is needed and the standards that do not yet exist to manage and control long-term data,' writes Newman.

Submission + - Google Introduce HTML 5.1 Tag to Chrome (datamation.com)

darthcamaro writes: Forget about HTML5, that's already passe — Google is already moving on to HTML5.1 support for the upcoming Chrome 38 release. Currently only a beta, one of the biggest things that web developers will notice is the use of the new "picture" tag which is a container for multiple image sizes/formats. Bottom line is it's a new way to think about the "IMG" tag that has existed since the first HTML spec.

Submission + - When Customer Dissatisfaction Is a Tech Business Model (datamation.com)

jammag writes: A new trend has emerged where tech companies have realized that abusing users pays big. Examples include the highly publicized Comcast harassing service call, Facebook "experiments," Twitter timeline tinkering, rude Korean telecoms — tech is an area where the term "customer service" has an Orwellian slant. Isn't it time customer starting fleeing abusive tech outfits?

Submission + - Linux Needs Resource Management for Complex Workloads (enterprisestorageforum.com)

storagedude writes: Resource management and allocation for complex workloads has been a need for some time in open systems, but no one has ever followed through on making open systems look and behave like an IBM mainframe, writes Henry Newman at Enterprise Storage Forum. Throwing more hardware at the problem is a costly solution that won’t work forever, notes Newman.

He writes: 'With next-generation technology like non-volatile memories and PCIe SSDs, there are going to be more resources in addition to the CPU that need to be scheduled to make sure everything fits in memory and does not overflow. I think the time has come for Linux – and likely other operating systems – to develop a more robust framework that can address the needs of future hardware and meet the requirements for scheduling resources. This framework is not going to be easy to develop, but it is needed by everything from databases and MapReduce to simple web queries.’

Submission + - Does Heartbleed Disprove 'Open Source is Safer'? (datamation.com)

jammag writes: "Almost as devastating is the blow Heartbleed has dealt to the image of free and open source software (FOSS). In the self-mythology of FOSS, bugs like Heartbleed aren't supposed to happen when the source code is freely available and being worked with daily. As Eric Raymond famously said, 'given enough eyeballs, all bugs are shallow'...Tired of FOSS's continual claims of superior security, some Windows and OS X users welcome the idea that Heartbleed has punctured FOSS pretensions. But is that what has happened?"

Submission + - Hard Drive Relaibility Study Flawed (enterprisestorageforum.com) 1

storagedude writes: A recent study of hard drive reliability by Backblaze was deeply flawed, according to Henry Newman, a longtime HPC storage consultant. Writing in Enterprise Storage Forum, Newman notes that the tested Seagate drives that had a high failure rate were either very old or had known issues. The study also failed to address manufacturer's specifications, drive burn-in and data reliability, among other issues.

'The oldest drive in the list is the Seagate Barracuda 1.5 TB drive from 2006. A drive that is almost 8 years old! Since it is well known in study after study that disk drives last about 5 years and no other drive is that old, I find it pretty disingenuous to leave out that information. Add to this that the Seagate 1.5 TB has a well-known problem that Seagate publicly admitted to, it is no surprise that these old drives are failing.'

Slashdot Top Deals

Technological progress has merely provided us with more efficient means for going backwards. -- Aldous Huxley