Read more of this story at Slashdot.
Wireless Internet
In today’s world, people are constantly on the move—commuting, traveling frequently, attending classes, and working out in the field serving custome
rs and the community. Wireless communications has helped sever the tether, enabling people to access the public Internet and private intranets via the growing number of Wi-Fi HotSpots and wireless municipal networks. The wireless network supports full mobility where people enjoy continuous communications as they roam from place to place.
Wi-Fi mobility adds high-speed roaming to public Internet access services in public transportation systems, such as commuter trains, subways and buses. It also provides public safety officials and public works crews with powerful mobile multimedia communications while they protect and serve the community - while being out in the community.
Accessing a Mesh on the Move Wi-Fi mobility involves the ability to connect seamlessly to the nearest HotSpot while traveling through a HotZone, which is essentially a network of multiple HotSpots that extends throughout an area, such as a railway, a major thoroughfare or harbor, or an entire metropolitan area.
The potential to roam among Wi-Fi HotSpots became possible only after largescale Wi-Fi HotZones were made practical and affordable with the advent of wireless mesh networking. The wireless mesh is a self-forming, self-healing network that installs quickly and easily, and requires minimal ongoing management. The mesh topology utilizes multiple wireless paths, which allow the network to overcome obstacles, expand readily into new territory and deliver mission-critical reliability
Hosting/Co-Location
More content coming soon...
Find our more about...
Tech News: Slashdot
Find more, slashdot.org
An anonymous reader sends in an IBM DeveloperWorks article detailing the changes coming in PHP V6 — from namespaces, to Web 2.0 built-ins, to a few features that are being removed.
Consul writes "What is the oldest piece of code that is still in use today, that has not actually been retyped or reimplemented in some way? By 'piece of code,' I'm of course referring to a complete algorithm, and not just a single line." The question would have a different answer if emulation, in multiple layers, is allowed.
Read more of this story at Slashdot.
An anonymous reader brings us IBM Developerworks' recent analysis of how the NSA built SELinux to withstand attacks. The article shows us some of the relevant kernel architecture and compares SELinux to a few other approaches. We've discussed SELinux in the past. Quoting: "If you have a program that responds to socket requests but doesn't need to access the file system, then that program should be able to listen on a given socket but not have access to the file system. That way, if the program is exploited in some way, its access is explicitly minimized. This type of control is called mandatory access control (MAC). Another approach to controlling access is role-based access control (RBAC). In RBAC, permissions are provided based on roles that are granted by the security system. The concept of a role differs from that of a traditional group in that a group represents one or more users. A role can represent multiple users, but it also represents the permissions that a set of users can perform. SELinux adds both MAC and RBAC to the GNU/Linux operating system."
Read more of this story at Slashdot.
sproketboy writes with news that a developer named Marc Balmer has recently fixed a bug in a bit of BSD code which is roughly 25 years old. In addition to the OSnews summary, you can read Balmer's comments and a technical description of the bug. "This code will not work as expected when seeking to the second entry of a block where the first has been deleted: seekdir() calls readdir() which happily skips the first entry (it has inode set to zero), and advance to the second entry. When the user now calls readdir() to read the directory entry to which he just seekdir()ed, he does not get the second entry but the third. Much to my surprise I not only found this problem in all other BSDs or BSD derived systems like Mac OS X, but also in very old BSD versions. I first checked 4.4BSD Lite 2, and Otto confirmed it is also in 4.2BSD. The bug has been around for roughly 25 years or more."
Read more of this story at Slashdot.
Wired is running a story about a recent security exercise in which the NSA attacked networks set up by various US military academies. The Army's network scored the highest, put together using Linux and FreeBSD by cadets at West Point. Quoting: "Even with a solid network design and passable software choices, there was an element of intuitiveness required to defend against the NSA, especially once it became clear the agency was using minor, and perhaps somewhat obvious, attacks to screen for sneakier, more serious ones. 'One of the challenges was when they see a scan, deciding if this is it, or if it's a cover,' says [instructor Eric] Dean. Spotting 'cover' attacks meant thinking like the NSA -- something Dean says the cadets did quite well. 'I was surprised at their creativity.' Legal limitations were a surprising obstacle to a realistic exercise. Ideally, the teams would be allowed to attack other schools' networks while also defending their own. But only the NSA, with its arsenal of waivers, loopholes, special authorizations (and heaven knows what else) is allowed to take down a U.S. network."
Read more of this story at Slashdot.
or_is_it writes "The company I work for has been growing dramatically and I've been charged with the task of being the gatekeeper for our GFI Spam filters. This involves manually inspecting the subject line/to/from for all caught messages in each filter rule folder. For a company of about 50 people, in one day the number of spam messages can exceed 2,000. Neglect it for a day and you end up with quite a task on your hands. I've made the rules lax enough so important messages can go through, along with a few stray spams, for which I get bitched at. Tighten the rules up and then maybe an important time-sensitive email never gets to its intended recipient, and I get bitched at. Manually reading through all those subject lines is supposed to prevent that, but I'm only human and genuine messages can easily get overlooked. How do larger organizations deal with the spam issue? I can't imagine having one centralized person manually inspecting everyone's junk-mail header is the optimal solution. Purchasing a different commercial mail filter product is a possibility, but I'd like to hear some anecdotal evidence before jumping ship."
Read more of this story at Slashdot.
sveard writes of a little problem Google is having that has Gmail acting like an open relay. Compounding the issue is the fact that services such as Hotmail and Yahoo trust Gmail as a source of mail. "A recently-discovered flaw in Gmail is capable of turning Google's e-mail service into a highly effective spam machine. According to the Information Security Research Team (INSERT), Gmail is susceptible to a man-in-the-middle attack that allows a spammer to send thousands of bulk e-mails through Google's SMTP service without fear of detection. This attack bypasses both Google's identity fraud protection mechanisms and the current 500-address limit on bulk e-mail."
Read more of this story at Slashdot.
There are new developments in the case of the counterfeit Cisco routers, which we have been discussing for some time. The NYTimes updates the story after an FBI PowerPoint presentation made its way onto the Web. It seems that experts at Cisco have examined some of the counterfeit routers in detail and proclaimed that they contain no back doors. Others don't believe we can be so sure. "Last month, [DARPA] began distributing chips with hidden Trojan horse circuitry to military contractors who are participating in the agency's Trusted Integrated Circuits program. The goal is to test forensic techniques for finding hidden electronic trap doors, which can be maddeningly elusive... The threat was demonstrated in April when a team of computer scientists from the University of Illinois presented a paper at a technical conference in San Francisco detailing how they had modified a Sun Microsystems SPARC microprocessor... The researchers were able to create a stealth system that would allow them to automatically log in to a computer and steal passwords."
Read more of this story at Slashdot.
ozmanjusri writes "According to Information Week, within hours of its wide availability Windows XP SP3 had drawn hundreds of complaints from users who claim the update is wreaking havoc on their computers. One user said in a Microsoft newsgroup: 'I downloaded and installed [the SP3] package for IT Professionals and Developers on one of my computers. Now I can't get the computer to boot. I don't think Microsoft should have made this a critical update.' Other sites including IT Wire are also reporting problems, which include include random reboots or the inability to boot at all." Note that XP3 won't install on systems running beta IE8; and after a successful SP3 install users will no longer be able to downgrade from IE7 to IE6.
Read more of this story at Slashdot.
jcatcw points out a blog entry by Scott McPherson, CIO for the Florida House of Representatives. McPherson condemns the state of data sharing and data mining in law enforcement, saying that the US causes itself a great deal of trouble by focusing more on "antiterror armor and nuke-sniffing devices" than a useful information distribution network. He discusses a few such projects, and how they could have directly affected the events of 9/11. Quoting: "One of those ingenious things that actually worked, Seisint founder Hank Asher's brilliant MATRIX system, remains mired in controversy and politics. Hank showed me MATRIX just a few short weeks after the 9/11 attacks. Using law enforcement data and commercial data, all of the commercial data available in the public domain, Asher's query produced [hijacker Mohamed] Atta's photo -- and about 80 others, many of them fellow 9/11 hijackers, many of them associates of the 9/11 hijackers. It was simple data mining and algorithms, and none of the information was obtained illegally."
Read more of this story at Slashdot.
Esther Schindler writes "CSO has an annotated, zoomable map of real botnet topologies showing the interconnections between the compromised computers and the command-and-control systems that direct them. The map is based on work by security researcher David Voreland; it has interactive controls so you can zoom in and explore botnets' inner workings. Hackers use botnets for spamming, DDoS attacks and identity theft. One recent example is the Storm botnet, which may have comprised 1 million or more zombie systems at its peak. As with any networking challenge, there are good (resilient) designs and some not-so-good ones. In some cases the topology may be indicative of a particular botnet's purpose, or of a herder on the run."
Read more of this story at Slashdot.
An anonymous reader writes "Wired.com is reporting that the Firefox browser has been unknowingly distributing a trojan with the Firefox Vietnamese language pack. Over 16,000 downloads of the pack occurred since being infected. This highlights a risk on relying on user-submitted Firefox extensions, or a lack of peer-review of the extensions, many of which receive frequent upgrades."
Read more of this story at Slashdot.
SecureThroughObscure writes "ZDNet Zero-Day security blogger Nate McFeters got an exclusive look at the Microsoft Blue Hat conference. This is an invite-only conference that few media get to attend, but apparently McFeters was brought in with co-worker Rob Carter to talk about some vulnerabilities they had discovered with a few product security teams in attendence, and was also asked to do a guest blog posting about the conference at the Microsoft Blue Hat blog. McFeters also included several pictures of the conference and after conference events."
Read more of this story at Slashdot.
Stony Stevenson writes "It has surfaced that the US State Department can't account for up to about 1,000 laptops, perhaps as many as 400 of which belonged to the department's Anti-Terrorism Assistance Program. Internal auditors found that the department lost track of $30 million worth of computer equipment, 'the vast majority of which... perhaps as much as 99 percent,' were laptops, according to one official. Another official calculated that the average State Department laptop costs US$3,000 and figured that meant as many as 1,000 laptops might be astray — not 10,000 laptops as the US$30 million figure suggests. They're obviously not very good at maths."
Read more of this story at Slashdot.
perlow writes "Using the free System Rescue CD you can perform bare-metal backups and restores of many types of computer systems. In this article, ZDNet columnist Jason Perlow explains the multi-step procedure in detail on an LVM-based system."
Read more of this story at Slashdot.