Richard Chirgwin

Contact Mail Follow Twitter RSS feed
Steve Ballmer, image from imagemaker via Shutterstock

Cisco's made DNA Center open enough to out-run Amazon

As we reported yesterday, the idea that Amazon might make its own switches into some kind of a captive gateway between on-premises data centres and the AWS cloud sent shivers through investors in traditional networking vendors – and none so much as Cisco. Another way of looking at the same announcement is that AWS is entering …
ocean_648

Submarine cables at risk from sea water, boffins warn. Wait, what?

University of Wisconsin-Madison boffins have warned submarine cable owners that their landing stations and onshore cables are at risk from rising sea levels. “So what? Submarine cables are meant to get wet!” you might say – yes, but the onshore infrastructure isn't protected against a soaking like a cable designed to exist at …
radar

GitHub to Pythonistas: Let us save you from vulnerable code

GitHub's added Python to the list of programming languages it can auto-scan for known vulnerabilities. In March, the social code-host added Ruby and Javascript libraries to the dependency graph service it announced last year. Afraid of the dark, image via Shutterstock Your code is RUBBISH, says GitHub. Good thing we're here …

Intel buys eASIC because FPGAs aren't always the answer

Intel has acquired fabless designer eASIC, a specialist in the structured ASIC (Application-Specific Integrated Circuit) business. eASIC's technology gives Chipzilla an intermediate technology between ASICs and the FPGA (Field Programmable Gate Array) segment Intel entered in late 2015 when it acquired Altera. The …
Meltdown

Juniper makes a meal of Spectre/Meltdown

Roundup Juniper Networks has issued its semi-regular bug-dump, with sixteen advisories arriving late last week. There's a Spectre/Meltdown patch in there, but you need to go looking: it's in the Junos Space management platform, along with various other items. Junos Space also received one fix for BIND, and a merry collection of 17 …
gag

Tim? Larry? We need to talk about smartphones and privacy

Oracle’s busy backgrounding about Android privacy last year appears to have helped draw US lawmakers' attention to Google and Apple. Members of the US House Energy and Commerce Committee have jumped on a report by Quartz’s Keith Collins from November 2017 as the basis of letters to Apple CEO Tim Cook and Alphabet CEO Larry …

Weirdest. Acquisition. Ever. Broadcom buys CA Technologies

CA Technologies, long a byword for making acquisitions, has been acquired by Broadcom. The US$18.9 billion cash purchase of the software company is so distant from Broadcom’s chip business that it will probably not face the same regulatory problems that derailed Broadcom's takeover offer for Qualcomm. Announcing the deal, …

Oracle wants to improve Linux load balancing and failover

Oracle reckons Linux remote direct memory access (RDMA) implementations need features like high availability and load balancing, and hopes to sling code into the kernel to do exactly that. The problem, as Oracle Linux kernel developer Sudhakar Dindukurti explained in this post, is that performance and security considerations …
danger

Arch Linux PDF reader package poisoned

Arch Linux has pulled a user-provided AUR (Arch User Repository) package, because it contained malware. If you're an Arch Linux user who downloaded a PDF viewer named "acroread" in the short time it was compromised, you'll need to delete it. While the breach isn't regarded as serious, it sparked a debate about the security of …

BGP hijacker booted off the Internet's backbone

A year-long effort to stop an accused “bad actor” who hijacked border gateway protocol (BGP) routes has borne fruit, with giant Hurricane Electric and Portugal's IPTelecom joining in cutting off an organisation called Bitcanal. Dyn detailed the process, which is nearing completion a year after German Internet exchange DE-CIX …

China-based hackers take an interest in Cambodia's elections

A US-based security researcher has accused China of interfering in Cambodia's forthcoming national election. Security vendor FireEye says it has spotted a large-scale Chinese phishing, intrusion, remote access trojan (RAT), and data exfiltration operation targeting the poll. FireEye attributed the activity to a group dubbed “ …
black robed individuals in a circle... scary! Photo by shutterstock

Huawei won a contract in Oz. Of course there's a whispering campaign

Comment Huawei has won another sizeable contract, this time in Australia, and with it come the all-too-common accusations that the company is a national security risk. The contract in question is an LTE-based 1800MHz rail radio network worth AU$136m (£76.4m) for the State of Western Australia's Public Transport Authority (PTA). Huawei …
Image: Serazetdinov http://www.shutterstock.com/fr/pic-114819721/stock-vector-illustration-of-a-strong-blast-of-brain.html

BGP borked? Blame the net's big boppers

The Internet's fundamental routing infrastructure, the Border Gateway Protocol (BGP), is so fragile that errors in one to four per cent of ISP route filters can propagate bad routes. So says Czech DDOS-defender Qrator Labs, which carried out a project to try and help the Internet community quantify how much of the threat to …

Malware-slinging scum copied D-Link's code-signing certificates to dress up PC nasties

Security researchers have warned that someone's obtained copies of code-signing certificates from two Taiwanese companies – and is using them to sign malware. Abusing code-signing certificates in this way is an attempt to present software nasties as the legitimate product of the vendor whose key signed it. Security vendor …
Playground hero

Nissan 'fesses up to fudging emissions data

Nissan, last year accused by UK consumer magazine Which? of faking emissions data, has admitted its own “dieselgate”. The Which? investigation in March 2017 claimed Nissan's X-Trail 1.6 litre engine produced “13 times as much NOx as the Euro 6 limit”. The carmaker instituted an internal review, and in September 2017 found it …
Hacker with face obscured, wearing a hoodie,  works in front of a bank of monitors. photo by Shutterstock

Web biz DomainFactory confirms: We were hacked in January 2018

Updated German hosting company DomainFactory has taken down its forums after someone posted messages alleging to have compromised the company's computers. Acknowledging the attack, the GoDaddy-owned (via Host Europe, acquired in 2016) company has advised customers to change their passwords and detailed the extent of the data breach …

GitHub given Windows 9x's awesome and so very modern look

How many baby boomers does it take to set up GitHub? Just one – but you've got to make it look like a 1990s Windows build. That seems to be the reasoning behind "GitHub Windows Edition", billed as “a user style which transforms GitHub's pages into [a] GUI resembling Windows 9x” in a browser window. Vulture South can't decide …
No running sign

Fitness app Polar even better at revealing secrets than Strava

+Comment Online investigations outfit Bellingcat has found that fitness tracking kit-maker Polar reveals both the identity and daily activity of its users - including soldiers and spies. Many users of Polar's devices and app appear not to have paid attention to their privacy settings, as a result a Bellingcat writer found 6,460 …
Australia with ethernet cable

Australia defies trend for network sales slide, shovels cash at Cisco

The router market is stagnating worldwide, but nobody's told Australian buyers. Analyst firm IDC, which in June gave us the drear news that global router sales fell 1.4 per cent between Q1 2017 and Q1 2018, reckons Australian customers like their packet-processing big iron: its Asia-Pacific Quarterly Router Tracker released …
Fiber optic cable for fast internet - laying cable in residential area

CableLabs' many hands make light work – at four terabits per second

Boffins at CableLabs, the cable TV network operators' pet research house, have turned out two fresh photonic standards: the P2P Coherent Optics Architecture Specification; and the P2P Coherent Optics Physical Layer v1.0 Specification. Principal Architect Matt Schmitt blogged that the new efforts are all about bandwidth – in …
Semaphore hello

Big academic networks mind their MANRS to secure routes

Europe's GEANT and Australia's AARNET have joined The Internet Society's Mutually Agreed Norms for Routing Security (MANRS) initiative. First launched in 2014, MANRS targets two causes of frequent outages in the Internet's huge-but-fragile routing infrastructure: border gateway protocol (BGP) black holes from incorrect route …

Thunderbird gets its EFAIL patch

Thunderbird has pushed code with fixes for a dozen security vulnerabilities – including the EFAIL encryption mess that emerged in May. The EFAIL-specific fixes address two errors in Thunderbird's handling of encrypted messages: CVE-2018-12372, in which an attacker can build S/MIME and PGP decryption oracles in HTML messages; …
spy_eye_648

Chrome, Firefox pull very unstylish Stylish invasive browser plugin

Firefox and Chrome have removed a browser extension from their stores following revelations it was phoning home with users' web-surfing histories. The "Stylish" plug-in gained popularity because it let users configure sites' appearance, rather than accepting the designers' decisions. However – stop us if you've heard this one …
plasters cover arm. photo by shutterstock

Huawei enterprise comms kit has a TLS crypto bug

Huawei has rolled patches to various enterprise and broadcast products to fix a cryptography bug. In late 2017 (inferred from the bug's Common Vulnerabilities and Exposures entry, CVE-2017-17174, which was reserved in December), the company discovered some products had an insecure encryption algorithm. The flaw could allow a …
Intel's Diane Bryant

Ex-Intel exec Diane Bryant exits Google cloud

In 2017 Diane Bryant left her post as group president of Intel’s data center group after a 30-year Chipzilla career, then took up a gig as chief operating officer of Google's cloud business. Now, she's left Google after just seven months. Bryant left Intel's Data Center Group in May 2017. The company cited unspecified “ …

Biting the hand that feeds IT © 1998–2018