As an example of transformative change that is now underway, Joshipura pointed to the telecom industry. “For the past 137 years, we saw proprietary solutions,” he said. “But in the past several years, disaggregation has arrived, where hardware is separated from software. If you are a hardware engineer you build things like software developers do, with APIs and reusable modules. In the telecom industry, all of this is helping to scale networking deployments in brand new, automated ways.”
Telstra will offer enterprise-grade managed security services from SOCs in Melbourne and Sydney
The telco’s director of security solutions, Neil Campbell, said the new SOCs and Telstra’s new platform are part of “reimagining” how managed security services are delivered, particularly in the context of the vast quantities of data enterprises find themselves grappling with thanks to developments such as the Internet of Things.
Using open source offers “the ability to be master of your own destiny when it comes to features and timelines,” he added, allowing the telco to be flexible in order to meet its clients’ requirements as well as adapt to an evolving market.
Another reason for using open source is that “by contributing to the open source community we put the tools in the hands of users who might otherwise not be able to afford an enterprise-grade SIEM platform or for their own reasons would never outsource and are looking for some flexibility in-house,” Campbell said.
We have found that the damage that could be caused by law enforcement exceptional access requirements would be even greater today than it would have been 20 years ago. In the wake of the growing economic and social cost of the fundamental insecurity of today’s Internet environment, any proposals that alter the security dynamics online should be approached with caution. Exceptional access would force Internet system developers to reverse “forward secrecy” design practices that seek to minimize the impact on user privacy when systems are breached. The complexity of today’s Internet environment, with millions of apps and globally connected services, means that new law enforcement requirements are likely to introduce unanticipated, hard to detect security flaws. Beyond these and other technical vulnerabilities, the prospect of globally deployed exceptional access systems raises difficult problems about how such an environment would be governed and how to ensure that such systems would respect human rights and the rule of law.
CERN has recently published a paper which outlines the establishment of the European Open Science Cloud that will enable digital science by introducing IT as a Service to the public research sector in Europe.
The success of new energy projects relies on one crucial skill: the ability to derive insights from massive amounts of rapidly changing data. That’s why utilities and energy companies are adopting analytics to meet the rising demand for renewable energy from more sophisticated customers.
The Union of South American Nations, Unasur will celebrate this Friday its eighth anniversary with the official opening of the South American Defense School (Esude) created to instruct on defense and security issues, both at civil and military level, following ‘the principles of a regional strategic vision’.
Today’s tale of apocalyptic internet near-misses comes from software developer Kamil Hismatullin, who discovered a security flaw in YouTube that allowed him to delete any video he wanted—or all of them, if he so desired. Fortunately, he did not so desire (although he apparently had some thoughts about doing a number on Justin Bieber’s channel), and instead he reported the bug to Google and collected a $5000 reward.
My team and I at QCRI have just completed a detailed analysis of the 13,200+ tweets posted from one hour before the attacks began until two hours into the attack. The purpose of this study, which will be launched at CrisisMappers 2013 in Nairobi tomorrow, is to make sense of the Big (Crisis) Data generated during the first hours of the siege. A summary of our results are displayed below. The full results of our analysis and discussion of findings are available as a GoogleDoc and also PDF. The purpose of this public GoogleDoc is to solicit comments on our methodology so as to inform the next phase of our research. Indeed, our aim is to categorize and study the entire Westgate dataset in the coming months (730,000+ tweets). In the meantime, sincere appreciation go to my outstanding QCRI Research Assistants, Ms. Brittany Card and Ms. Justine MacKinnon for their hard work on the coding and analysis of the 13,200+ tweets. Our study builds on this preliminary review.
The following 7 figures summarize the main findings of our study. These are discussed in more detail in the GoogleDoc/PDF.
Figure 1: Who Authored the Most Tweets?
Figure 2: Frequency of Tweets by Eyewitnesses Over Time?
If an Android device (phone or tablet) has ever logged on to a particular Wi-Fi network, then Google probably knows the Wi-Fi password. Considering how many Android devices there are, it is likely that Google can access most Wi-Fi passwords worldwide.
Recently IDC reported that 187 million Android phones were shipped in the second quarter of this year. That multiplies out to 748 million phones in 2013, a figure that does not include Android tablets.
Many (probably most) of these Android phones and tablets are phoning home to Google, backing up Wi-Fi passwords along with other assorted settings. And, although they have never said so directly, it is obvious that Google can read the passwords.
IBM is a respected technology company and it appears that hardly anything can bad can be said about them. There comes a time when every company must admit they have a fault in their product and IBM must step up to the plate this time. The news comes to us from Secunia, a Web site that monitors technology security, in the warning, “Security Advisory SA54460-IBM Content Analytics With Enterprise Search Multiple Vulnerabilities.”The warning is labeled as moderately critical and should worry organizations that use the software to manage their data. The bug messes with cross site scripting, manipulates data, exposes sensitive information, and a DoS.
Here is the official description:
“IBM has acknowledged a weakness and multiple vulnerabilities in IBM Content Analytics with Enterprise Search, which can be exploited by malicious people to disclose certain sensitive information, conduct cross-site scripting attacks, manipulate certain data, and cause a DoS (Denial of Service).”
Ouch! IBM must not be happy about this, but at least they discovered the problem and Content Analytics users can expect a patch at some point. Hate to bring up Microsoft at this venture, but whenever a big company has a problem I can’t help but think about how Microsoft never has a product launch without some issues. IBM is reliable and hopefully they will not go down the same path as Windows 8.