Articles about Server

Woman with mask - Shutterstock

Microsoft's DRM can expose Windows-on-Tor users' IP address

Windows users running the Tor browser can be tricked into uncloaking themselves, with a pretty straightforward trick based on Microsoft's DRM system. The discovery was made by Hacker House, which says it's been researching social engineering attacks made using DRM-protected content. What the UK-based security outfit found is …
Earthworm

Slammer worm slithers back online to attack ancient SQL servers

One of the world's most famous net menaces, SQL Slammer, has resumed attacking servers some 13 years after it set records by infecting 75,000 servers in 10 minutes, researchers say. The in-memory worm exploits an ancient flaw in Microsoft SQL server and Desktop Engine triggering denial of service, and at the time of its …
Darren Pauli, 05 Feb 2017

Chrome 56 quietly added Bluetooth snitch API

+Comment When Google popped out Chrome 56 at the end of January it was keen to remind us it's making the web safer by flagging non-HTTPS sites. But Google made little effort to publicise another feature that's decidedly less friendly to privacy, because it lets websites connect to Bluetooth devices and harvest information from them …
Image composite: Microsoft and StudioLondon http://www.shutterstock.com/gallery-893620p1.html

New SMB bug: How to crash Windows system with a 'link of death'

US CERT on Thursday issued a security advisory warning that all currently supported versions of Windows are vulnerable to a memory corruption bug that can be exploited to crash computers from afar. "Windows fails to properly handle a specially-crafted server response that contains too many bytes following the structure defined …
Thomas Claburn, 04 Feb 2017
Indian mobile use

USA! USa! Udia! India! India! Apple nudges iPhone production base

Apple has agreed to open a new iPhone assembly factory in India. Officials in the nation say Apple will spin up factories in the Karnataka province. "We have an understanding with Apple and we expect them to start manufacturing in Karnataka by the end of April," information technology and biotechnology minister Priyank Kharge …
Shaun Nichols, 03 Feb 2017

Would you like to know why I get a lot of action at night?

Something for the Weekend, Sir? I've been up all night, doing the business like hammer and tongs, going at it again and again. I can be relentless when I'm on the job – a man of action and drama. Of course, there are things I'd rather be doing than trying to get all my work prepared the night before I set off on a business trip. For example, going to bed …
Alistair Dabbs, 03 Feb 2017
PWX_image

Fused box: Look who's containerizing storage, security and apps

Comment Containerized apps will gravitate to using containerized system services such as storage and security. In the DevOps world, containerized apps run inside hosts, and system services such as security and storage are containerized as well. Outside that ideal world, these services are often linked to containers by some interface …
Chris Mellor, 03 Feb 2017
Mr T

VMware reveals a semi-secret cut of NSX aimed at DevOps types

VMware has revealed a new cut of its NSX network virtualization product, called “NSX-T”. The Register's virtualization desk understands the “T” stands for “transformers”, to denote the fact that this cut of the product signals VMware plans to brings NSX's powers to containers and microservices, the ideas fuelling …
Simon Sharwood, 03 Feb 2017
Scooter, photo Christian Mueller Shutterstock.com

Survey: Teamwork promises faster delivery of database change

Promo By working closely together, development and operations teams are improving the speed and quality of application development. But what about the database? How many DevOps teams have extended a DevOps approach to their database development? Redgate surveyed more than 1,000 SQL Server database professionals across a range of …
Nicole Segre, 02 Feb 2017
Secret service

Wanna protect your data center? Take tips from the US Secret Service

Usenix Enigma 2017 Data center managers should take some tips from the US Secret Service when protecting vital servers from hackers, says someone who has been through a White House lockdown. In a presentation at Enigma 2017, Nathaniel Gleicher – a former director for cybersecurity policy at the National Security Council and now head of …
Iain Thomson, 02 Feb 2017

GitLab.com luckily found lost data on a staging server

GitLab.com, the wannabe GitHub alternative that yesterday went down hard and reported data loss, has confirmed that some data is gone but that its services are now operational again. The incident did not result in Git repos disappearing. Which may be why the company's PR reps characterised the lost data as “peripheral metadata …
Simon Sharwood, 02 Feb 2017

Fresh and fast little flashers from NetApp

NetApp has launched two new all-flash FAS arrays, won a top 3 SPC-1 storage benchmark result, and announced a new flash capacity guarantee programme. The all-flash FAS (AFF) A200 and A700s join the existing A300 and A700, which came into view in September. Place the A200 under the A300 on your mental NetApp AFF positioning map …
Chris Mellor, 01 Feb 2017
Intel Skylake die

Supermicro sockets it to Skylake rivals

Comment Supermicro will have more Skylake CPU server motherboard products out faster than competitors because its engineering smarts better equip it for Skylake fastening complexities. Skylake is Intel's sixth-generation Core processor, built on a 14nm process, and succeeds the Broadwell micro-architecture. Intel says it will be …
Chris Mellor, 01 Feb 2017

Cisco rounds out Tetration analytics with security enforcement

Cisco's Tetration telemetry analytics has had six months since launch to bed down so Switchzilla has decided it's time for a refresh. As part of that process, the company is trying to build a third-party developer ecosystem around the product. However, more importantly for users, it has taken the original discovery and …
A large hand flicks an icon of a little red man. Image via shutterstock (Lasse Kristensen)

Dear Microsoft – a sysadmin's wishlist

Sysadmin Blog I yell at Microsoft a lot. It's cathartic. Microsoft make several decent pieces of software and quite a few great cloud services, but for every awesome thing they create it seems they ruin something else. Over the past year I've developed a wishlist of changes. Dear Microsoft... Azure Stack I like Azure Stack. A lot. What I …
Trevor Pott, 01 Feb 2017
Oracle acrobatics in the cloud

Oracle to driver developers: 'Come play with our interface'

Oracle has taken DPI, the data access layer in its node-oracledb driver, refactored it, and used it to give C/C++ developers an API to its Oracle Call Interface. Called ODPI-C, the library, on GitHub, is designed to let those developers write for the Oracle Call Interface (OCI) in the languages with whichi they are most …

GitLab.com melts down after wrong directory deleted, backups fail

Source-code hub GitLab.com is in meltdown after experiencing data loss as a result of what it has suddenly discovered are ineffectual backups. On Tuesday evening, Pacific Time, the startup issued a sobering series of tweets we've listed below. Behind the scenes, a tired sysadmin, working late at night in the Netherlands, had …
Simon Sharwood, 01 Feb 2017
Migrating birds in the cloud

Big Switch emits next iteration of its fabric

Big Switch Networks has peeled back the veil over its Big Cloud Fabric 4.0, revealing broader VMware support, multi-container networking, and scale-up to 128 leaf switches. Support for VMware comes via plug-ins for vSAN, vCloud NFV (network function virtualization), and a vRealise Log Insight Content Pack. Product management …
Cthulu emerges from a printer. Image created by illustrator Andy Davies. Copyright: The Register

We don't want to alarm you, but PostScript makes your printer an attack vector

Take your printers off the Internet: a bunch of researchers from a German university have found a cross-site printing bug in the ancient PostScript language. If PostScript is the printer driver, the printer is vulnerable to what they call Cross-Site Printing attacks, documented in detail at Hacking Printers here. The bugs …
Dead Cockroach - shutterstock

OpenSSL pushes trio of DoS-busting patches

OpenSSL's released patches for a trio of denial-of-service bugs. The first (CVE-2017-3731), turned up by Google's Robert Święcki, only affects SSL/TLS servers running on 32-bit hosts. Depending on the cipher the host is using, a truncated packet crashes the system by triggering an out-of-bounds read. It's version-specific: …
Microsoft CEO Satya Nadella

See you around, Larry: AWS is our new Oracle, says Microsoft's Nadella

Analysis Amazon's cloud service AWS has replaced Oracle and VMware as Microsoft's chief rivals, the Windows giant's CEO Satya Nadella has said. In a conference call with analysts to discuss its Q2 2017 financials, Microsoft executives said their margins were fat enough to fend off AWS and other cloud competitors. Nadella said: "Even …
Ziya_Aral

Smiley techie Datacore chairman Ziya Aral: RIP

Obit Datacore co-founder and chairman Ziya Aral has passed away, aged just 64. He co-founded DataCore with CEO George Teixeira in February 1998 after a 20 year career in the software industry, including serving as chief technology officer / vice president of engineering at Encore Computer Corporation. He also designed the first …
Chris Mellor, 30 Jan 2017

Big Blue's BigInsights has big-ish bugs

IBM has patched twin cross-site scripting (XSS) vulnerabilities in its Hadoop-probing InfoSphere BigInsights platform. The patches released last week shutter the bugs (CVE-2016-2924, CVE-2016-2992) that could compromise users of the big data analytics software. Fortinet researcher Honggang Ren quietly reported the flaws to …
Team Register, 30 Jan 2017
ARPANet 1977

PDP-10 enthusiasts resurrect ancient MIT operating system

Among the more interesting denizens of GitHub are the many projects devoted to rediscovering and preserving the history of computing – such as a system called the Incompatible Timesharing System for the legendary Digital PDP-10. If Wikipedia is correct, ITS (its name a play on an earlier MIT project, the Compatible Time …
Spy hides in dustbin, lifts lid to take photograph

VPN on Android means 'Voyeuristic Peeper Network' in many cases

A worrying number of VPN apps for Android mobile devices are rife with malware, spying, and code injection, say researchers. A study [PDF] from CSIRO Data61 in Australia, the University of New South Wales in Australia and the University of California at Berkeley found that Android apps advertising themselves as VPN clients …
Shaun Nichols, 28 Jan 2017
Sheriff Woody

Texas cops lose evidence going back eight years in ransomware attack

Updated Cockrell Hill, Texas has a population of just over 4,000 souls and a police force that managed to lose eight years of evidence when a departmental server was compromised by ransomware. In a public statement, the department said the malware had been introduced to the department's systems through email. Specifically, it arrived …

Uber pays hacker US$9,000 for partner firm's bug

Russian penetration tester Vladimir Ivanov has reported a bug in anti-ransomware backup service Code42 that could have seen attackers pilfer data from the likes of Uber, Lockheed Martin, and Adobe. Ivanov, of SCADA hack house Positive Technologies, reported the since-patched XML external entity vulnerability to Uber, which …
Darren Pauli, 27 Jan 2017
Homer Simpson virtual machine superhero

VMware cracks the $7bn annual revenue mark after 'balanced' Q4

Business textbook writers might do well to consider VMware's last year, as the company announced revenue and earnings that exceeded expectations, plus strong growth for new products, just a year after making a major change of strategy. That change came with the company's FY 2015 results, when the company announced it was …
Simon Sharwood, 27 Jan 2017

IBM's SoftLayer is having a meltdown – and customers aren't happy

Updated An extended outage over at IBM's Bluemix SoftLayer portal has customers fuming – and they say there is no way for them to tell Big Blue about it. A Reg reader whose biz runs more than three dozen servers within the SoftLayer cloud told us the platform has been out all day and the management portal website has been inaccessible …
Shaun Nichols, 26 Jan 2017
Twitter Trump photo via Shutterstock

President Trump tweets from insecure Android, security boffins roll eyes

President Donald Trump is still using a conventional Android phone to post on Twitter since moving into the White House. The New York Times reports that the USA's newly installed president is using his old phone mainly to post to Twitter rather than make calls. Security experts nonetheless warn that Trump's use of a personal …
John Leyden, 26 Jan 2017

Trump lieutenants 'use private email' for govt work... but who'd make a big deal out of that?

Senior members of the Trump administration have been accused of blatant hypocrisy after it was revealed they are continuing to use personal email accounts. Key advisors to the president, Kellyanne Conway and son-in-law Jared Kushner, as well as press secretary Sean Spicer and chief strategist Steve Bannon, all have accounts on …
Kieren McCarthy, 25 Jan 2017

Linux nasty kicks weak, hacked gadgets when they're already down

Several thousand Linux devices have been infected with a new Linux-based trojan, Russian security software firm Doctor Web warns. The Linux-Proxy-10 Trojan infects network devices running Linux, turning them into a platform for cybercrime that allows crooks to remain anonymous online. Black hats run freeware code called the …
John Leyden, 25 Jan 2017

HPE buying SimpliVity is like a 'unicorn barbecue' – HCI boss man

Interview El Reg talked with Scale Computing co-founder and CEO Jeff Ready and asked him about the HPE SimpliVity acquisition and what it means for HPE, for the hyper-converged infrastructure (HCI) market, and for Scale. See if you agree with his thinking that Scale is better positioned than HPE in the HCI market. El Reg: How did the …
Chris Mellor, 25 Jan 2017
Close up of elephant family, including cute calf. Photo by Shutterstock

Cutting Hewlett-Packard Labs down to size

Comment When Martin Fink resigned from his positions at HPE in August 2016, the announcement said: "Martin Fink, our chief technology officer and head of Hewlett-Packard Labs, will be retiring from HPE at the end of the year, after more than 30 years with the company." He was retiring, we were told, but he was just 51. In Fink's time …
Chris Mellor, 25 Jan 2017
text in a terminal

Googlers reveal code they use for mass Windows deployments

With close to 60,000 employees, Google/Alphabet has an awful lot of desktops, laptops, notebooks, tablets and phones to support, and it's taken the covers off one of the tools that helps it do that. Glazier, which landed at GitHub yesterday, helps its sysadmins automate Microsoft Windows installations. As the documentation …
Microsoft store opening

US govt can't stop Microsoft taking its Irish email seizure fight to the Supreme Court

The US government has lost a legal appeal to have a critical case against Microsoft reheard, paving the way for a Supreme Court challenge. In an even split of 4-4 judges, the Second Circuit Court of Appeals, based in New York, denied [PDF] the request for a full rehearing of the case in which Microsoft has refused to hand over …
Kieren McCarthy, 24 Jan 2017

We're not quitting the UK: Microsoft quashes Brexit fake news

Microsoft has committed itself to the UK after comments by a manager were ripped out of context. In a Channel 9 webinar last week explaining Brexit to Microsoft customers not familiar with the details, Owen Larter, government affairs manager at Microsoft UK, expressed optimism for post-Brexit UK's digital economy. Asked …
Andrew Orlowski, 24 Jan 2017
Verizon corporate building

Verizon waves its IoT credentials, boasts of adopting US-centric one

American telco Verizon reckons it's got a shot at being the next big Internet of Things player and might be eyeing up the NHS, the company's pet evangelist told IoT Tech Expo in London this morning. "We are already deploying Cat M1 LTE," David Vasquez announced. Explaining how Verizon's preferred alternative to Sigfox, LoRa …
Gareth Corfield, 24 Jan 2017
Penguin sushi with carrot. Photo by shutterstock

Penguins force-fed root: Cruel security flaw found in systemd v228

Some Linux distros will need to be updated following the discovery of an easily exploitable flaw in a core system management component. The CVE-2016-10156 security hole in systemd v228 opens the door to privilege escalation attacks, creating a means for hackers to root systems locally if not across the internet. The …
John Leyden, 24 Jan 2017

Furby Rickroll demo: What fresh hell is this?

Here's your future botnet, world: connected kids toys that will Rickroll their owners while hosing big servers and guessing the nuclear codes. Hacker Jake Davis, once known as "Topiary" of LulzSec, plucked out the work of Florian Euchner, who pulled apart the Bluetooth variant that toy-maker Hasbro uses to update its "Furby" …
Software patch

Microsoft fixes remote desktop app Mac hole

Microsoft has patched a code execution hole in its Mac remote desktop client that grants read and write to home directories if users do no more than click a link, says Italian security researcher Filippo Cavallarin. The hole was patched 17 January. Cavallarin says the flaw allowed remote attackers to execute arbitrary code on …
Darren Pauli, 24 Jan 2017
Sunset

Solaris 11.next plan brings continuous delivery of OS upgrades

Oracle has released a little more detail about the future of its Solaris operating system, after last week suddenly revealing a planned version 12 would be canned. In a new post, the company says “Oracle Solaris is moving to a continuous delivery model using more frequent updates to deliver the latest features faster, while …
Simon Sharwood, 24 Jan 2017
Borg and Picard

Resistence is futile: HPE must face Oracle over Solaris IP

Hewlett-Packard Enterprise and Oracle are heading back to court – this time over an alleged violation of IP rights on Solaris. A US judge has thrown out a motion by HPE to have Oracle's Solaris violation claim against it dismissed. Oracle had accused HPE, case 3:16-cv-01393-JST, of improperly partnering with Terix Computer to …
Gavin Clarke, 23 Jan 2017
Penguin, photo via Shutterstock

Microsoft's Linux love-in continues with SUSE support in SQL Server

Microsoft has previewed its support for SUSE Linux Enterprise in its next version of SQL Server, and announced an early adopter programme. Released as part of Redmond's rapid preview model, the next version of SQL Server (v.Next) community technology preview (CTP) v1.2 is now available on both Windows and Linux, arriving with …

Protected US military server poked via army recruitment website

Beads of sweat must have surely run down the face of one hacker who, while trying to score a bug bounty, inadvertently infiltrated an "internal US Department of Defence website that requires special credentials to access." The unnamed hacker used exploited a pair of vulnerabilities to gain access to the US Army network via an …
Darren Pauli, 23 Jan 2017

Go dark with the flow: Lavabit lives again

It's taken longer than first expected, but the first fruits of Lavabit founder Ladar Levison's Dark Mail Technical Alliance have landed with the relaunch of the encrypted mail service he closed in 2013. After shuttering Lavabit, Levison joined hands with Silent Circle to form the DMTA and promised Lavabit would flow again in …

Seven pet h8s: Verity is sorely vexed

Stob Peter Wayner, a tech columnist, claims to have identified the seven most vexing problems in programming. According to his subheadings, these are: multithreading, closures, "too big data", np-completeness, security, encryption and identity management. Such lists are constructed to be disputed. Game on. To start with, Mr Wayner' …
Verity Stob, 20 Jan 2017
Bitcoin, photo via Shutterstock

SporeStack: Disposable, anonymous servers, via Bitcoin and Python

Hardware infrastructure, once the foundation of computing giants like IBM, has become an abstract commodity thanks to cloud computing, virtualization, and containerization. Through large service providers like Amazon Web Services, Microsoft Azure, and Google Cloud Platform, or smaller ones like DigitalOcean, Linode, and Vultr …
Thomas Claburn, 19 Jan 2017
Penguins pool photo via Shutterstock

Wintel part deux? Microsoft Azure first for Intel Clear Linux

An alliance that dominated the PC industry is entering the world of fluffy white stuff and open source: Microsoft Azure is the first public cloud to include an Intel initiated and container-oriented Clear Linux OS. The Wintel union loosened with the rise of Linux - runing on x86 - and the fall of the PC as peoples' primary …
Gavin Clarke, 19 Jan 2017
Stormtrooper heart photo via shutterstock

Seduced by the Docker side: Microsoft's support could be first shot fired in the Container Wars

Docker was arguably a dumb thing for you to do with your time last year. Developers loved it but enterprises weren’t so sure. That was then, but now Microsoft – mighty in enterprise tech and filled with deep and abiding love for open source – is perhaps Docker's best friend. Not only is Microsoft getting behind Docker-style …
Matt Asay, 19 Jan 2017