Contrary to popular rumors, Red Hat’s recent webcast was not to announce an imminent acquisition. Red Hat instead laid out an ambitious cloud strategy, going as far as claiming that only Microsoft and Red Hat are positioned to deliver an end-to-end cloud stack. However, the most important announcement from Red Hat may well be overshadowed...
This past week, Google and Verizon introduced a joint legislative proposal. Shortly thereafter, blogs and forums filled with buzz and chatter over this two-page document. Many of those blogs and posts were targeted at Google, claiming that they are proposing things in violation of net neutrality. What exactly is net neutrality, and why is Google and Verizon’s proposal taking so much heat?
The average company would probably prefer not to equip all of its employees with cell phones. Landlines can represent a nuisance, too, since long distance calls cost a fair amount. Fortunately, VoIP tech can act as a solution, so long as a company’s network can handle it.
Read More…
Back in June, the IEEE finally approved the 802.3ba standard. The standard began to be investigated back in mid-2006, and has finally culminated in the new 802.3 standard. This is the first time two connection speeds have been specified in one standard. The previously fastest IEEE standard was 802.3av for 10 Gb/s.
HP has introduced new high-performance security solutions aimed at preventing network breaches in a converged infrastructure by offering comprehensive data protection across both physical and virtual environments.
Read More…
Today I was working on a Flex application which uses a lot of Remoting calls to a bunch of ColdFusion CFC methods. I wondered what the most efficient way of securing these methods would be since they are effectively wide open to the world as they all (have to) specify access=”remote”. This means that anyone with a web browser can invoke the methods and they will even return nice error messages when certain parameters are missing.
One way of restricting access would be to run all Remoting calls through an intermediate page or CFC which handles authentication and access control and which in turn invokes the (now private) CFC methods. I found this a bit cumbersome and I also knew that there was a better way – I remembered the setCredentials method back from the AS2 days. You can see this described in greater detail by Brandon Purcell in his MAX session Securing Applications from 2003(!), but unfortunately it is not directly usabel in today’s Flex world.
Cloud computing has become the standard form of deploying large-scale web applications. Recently, I was asked about a servicing a start-up web service that projects itself having the type of user base and bandwidth that only a Cloud could properly serve. The issue at hand is scalability: should the site start with a minimal Cloud configuration so that it is easily scalable as growth occurs, or should it stick with/start with a virtual dedicated or regular dedicated server and move to the cloud when needed?
Read More…
Software crackers who make money breaking other people’s software don’t usually get rich from their skills. With the release of iDefense Labs report on Emerging Economic Models for Vulnerability Research, this may be changing.
Read More…
When recommending penetration testing for a corporate network the first question is usually, ”Why would we need penetration testing?”
The first answer is, if you don’t they will. Everyday malicious and sometimes just overly curious people use their computers to run automated testing scripts that look for system vulnerabilities to record and potentially later exploit. Sometimes the people running the scripts just want to find problems and notify the administrators that they need to be fixed. However, not all administrators are so lucky. If businesses do not take a proactive stance and run penetration tests on their own network to find and fix problems, it is likely that they will be the recipient of an attack that could have been prevented.
The fact that Sony will stop selling floppy disks in Japan has generated a lot of headlines recently, and it’s easy to realize after seeing them that storage solutions have become quite cheap. They’ve become more complicated, too, however, and so a guide titled “Hot To Get The Most Out Of Your NAS” may prove useful.