Security

Netgear and ZyXEL Confirm NetUSB Flaw, Are Working On Fixes 34

Posted by samzenpus
from the protect-ya-neck dept.
itwbennett writes: In follow-up to a story that appeared on Slashdot yesterday about a critical vulnerability in the NetUSB service, networking device manufacturers ZyXEL Communications and Netgear have confirmed that some of their routers are affected and said they are working on fixes. ZyXEL will begin issuing firmware updates in June, while Netgear plans to start releasing patches in the third quarter of the year.
China

Huawei's LiteOS Internet of Things Operating System Is a Minuscule 10KB 170

Posted by samzenpus
from the in-the-future dept.
Mark Wilson writes: Chinese firm Huawei today announces its IoT OS at an event in Beijing. The company predicts that within a decade there will be 100 billion connected devices and it is keen for its ultra-lightweight operating system to be at the heart of the infrastructure. Based on Linux, LiteOS weighs in at a mere 10KB — smaller than a Word document — but manages to pack in support for zero configuration, auto-discovery, and auto-networking. The operating system will be open for developers to tinker with, and is destined for use in smart homes, wearables, and connected vehicles. LiteOS will run on Huawei's newly announced Agile Network 3.0 Architecture and the company hopes that by promoting a standard infrastructure, it will be able to push the development of internet and IoT applications
Networking

Ask Slashdot: Best Way To Solve a Unique Networking Issue? 384

Posted by timothy
from the that-seems-like-a-decent-way dept.
New submitter petro-tech writes: I work as a service technician, maintaining and repairing gas pumps and POS equipment. In my day to day activities, one that consumes a ton of time and is relatively regular is the process of upgrading the software on pumps. This is done by connecting to the pump via direct ethernet from my laptop, then running a manufacturer-provided program that connects to the device and pushes the new software. Some sites have 8+ pumps with 2 devices in each, and at 20-30 minutes apiece this can be quite time consuming. Unfortunately the devices are not actually on a network, and as such cannot be updated remotely, also since they are not on a network, they are all configured with the same IP address. Additionally the software doesn't allow you to specify the adapter to use. I would like to be able to get to a site, connect a cable to each pump, and load them all at the same time. The only way I can figure to accomplish this with the software we've been provided is to do this: Get a 16-port powered USB hub, with a usb-ethernet adaptor in each port; Set up 16 VM's with extremely stripped down XP running on each, with only one USB-ethernet adaptor assigned to each VM; Set XP to boot the application for loading software as its shell; and load each device that way at the same time. Is there a better way to accomplish this?
Networking

Critical Vulnerability In NetUSB Driver Exposes Millions of Routers To Hacking 70

Posted by Soulskill
from the it's-not-even-another-day-yet dept.
itwbennett writes: NetUSB, a service that lets devices connected over USB to a computer be shared with other machines on a local network or the Internet, is implemented in Linux-based embedded systems, such as routers, as a kernel driver. Once enabled, it opens a server that listens on TCP port 20005 for connecting clients. Security researchers from a company called Sec Consult found that if a connecting computer has a name longer than 64 characters, a stack buffer overflow is triggered in the NetUSB service. The advisory notice has a list of affected routers.
Networking

Microwave Comms Betwen Population Centers Could Be Key To Easing Internet Bottlenecks 221

Posted by timothy
from the you'll-get-cancer-and-be-well-done dept.
itwbennett writes: Researchers from the University of Illinois at Urbana-Champaign and Duke University recently looked at the main causes of Internet latency and what it would take to achieve speed-of-light performance. The first part of the paper, titled Towards a Speed of Light Internet, is devoted to finding out where the slowdowns are coming from. They found that the bulk of the delay comes from the latency of the underlying infrastructure, which works in a multiplicative way by affecting each step in the request. The second part of the paper proposes what turns out to be a relatively cheap and potentially doable solution to bring Internet speeds close to the speed of light for the vast majority of us. The authors propose creating a network that would connect major population centers using microwave networks.
Businesses

Cisco Names Veteran Robbins To Succeed Chambers as CEO 32

Posted by samzenpus
from the new-guy-in-charge dept.
bledri writes: After 20 years as Cisco's CEO, John Chambers will step down this summer. The search for a replacement took a committee 16 months, and they selected Chuck Robbins, who was previously responsible for the company's global sales and partner team. From the article: "Wall Street analysts said a change was expected and could signal a refocusing of Cisco, which acquired dozens of companies under Chambers but has failed to make great headway outside its core networking business."
Patents

Patent Issued Covering Phone Notifications of Delivery Time and Invoice Quantity 60

Posted by Soulskill
from the i-should-patent-the-rubber-stamp dept.
eldavojohn writes: The staggering ingenuity of the U.S. Patent system has again been showcased by the EFF's analysis of recent patents. This week's patent and follow-up patent cover the futuristic innovative idea that when you order something, you can update your order and add additional amounts to your order while it's being processed. But wait, it gets even more innovative! You may one day be able to even to notify when you would like it delivered — on your phone! I know, you're busy wiping all that brain matter off your screen as your head seems to have exploded. Well, it turns out that inventor and patent holder Scott Horstemeyer (aka Eclipse IP, LLC of Delray Beach, FL) found no shortage of targets to go after with his new patents. It appears Tiger Fitness (and every other online retailer) was sending notices to customers about shipments. Did I mention Horstemeyer is a lawyer too? But not just a regular lawyer, a "SUPER lawyer" from the same firm that patented social networking in 2007, sued Uber for using location finding technologies in 2013 and sued Overstock.com as well as a small time shoe seller for using shipping notifications in 2014. A related article at Vox makes this case: "The primary problem with the patent system is, well, the patent system. The system makes it too easy to get broad, vague patents, and the litigation process is tilted too far toward plaintiffs. But because so many big companies make so much money off of this system, few in Congress are willing to consider broader reforms."
Facebook

Nepal Earthquake: Facebook To Google, How Tech Is Helping Survivors Reach Out 39

Posted by samzenpus
from the safe-status-update dept.
An anonymous reader writes: In the aftermath of the earthquake that struck Nepal, many social media sites and mobile applications have come up with features that could help locate friends and loved ones. From the Times of India: "Social networking website Facebook, and Google's Person Finder have helped locate the whereabouts of those stranded in quake-hit areas. For instance, members of one Himmatramka family residing in Birgunj in Nepal marked themselves safe on Facebook. 'Our relatives back in India were worried about our safety. So, we marked ourselves safe to inform them,' said Nitesh Himmatramka.
Cellphones

Patents Show Google Fi Was Envisioned Before the iPhone Was Released 31

Posted by timothy
from the I-could-show-you-my-notes-from-7th-grade dept.
smaxp writes: Contrary to reports, Google didn't become a mobile carrier with the introduction of Google Fi. Google Fi was launched to prove that a network-of-networks serves smartphone users better than a single mobile carrier's network. Patents related to Google Fi, filed in early 2007, explain Google's vision – smartphones negotiate for and connect to the fastest network available. The patent and Google Fi share a common notion that the smartphone should connect to the fastest network available, not a single carrier's network that may not provide the best performance. It breaks the exclusive relationship between a smartphone and a single carrier. Meanwhile, a story at BostInno points out that Google's not the only one with a network-hopping hybrid approach to phone calls.
China

Github DDoS Attack As Seen By Google 52

Posted by Soulskill
from the i-can-see-my-house-from-here dept.
New submitter opensec writes: Last month GitHub was hit by a massive DDoS attack originating from China. On this occasion the public discovered that the NSA was not the only one with a QUANTUM-like capability. China has its own "Great Cannon" that can inject malicious JavaScript inside HTTP traffic. That weapon was used in the GitHub attack. People using Baidu services were unwitting participants in the denial of service, their bandwidth used to flood the website. But such a massive subversion of the Internet could not evade Google's watchful eye. Niels Provos, engineer at Google, tells us how it happened. Showing that such attacks cannot be made covertly, Provos hopes that the public shaming will act as a deterrent.
Bug

Networking Library Bug Breaks HTTPS In ~1,500 iOS Apps 73

Posted by Soulskill
from the snake-in-the-walled-garden dept.
mrflash818 writes: A new report from analytics service SourceDNA found that roughly 1,500 iOS apps (with about 2 million total installs) contain a vulnerability that cripples HTTPS and makes man-in-the-middle attacks against those apps easy to pull off. "The weakness is the result of a bug in an older version of the AFNetworking, an open-source code library that allows developers to drop networking capabilities into their apps. Although AFNetworking maintainers fixed the flaw three weeks ago with the release of version 2.5.2, at least 1,500 iOS apps remain vulnerable because they still use version 2.5.1. That version became available in January and introduced the HTTPS-crippling flaw."
Networking

Optical Tech Can Boost Wi-Fi Systems' Capacity With LEDs 96

Posted by timothy
from the you'll-need-a-new-card dept.
chasm22 writes: Researchers at Oregon State University have invented a new technology that can increase the bandwidth of WiFi systems by 10 times, using LED lights to transmit information. The system can potentially send data at up to 100 megabits per second. Although some current WiFi systems have similar bandwidth, it has to be divided by the number of devices, so each user might be receiving just 5 to 10 megabits per second, whereas the hybrid system could deliver 50-100 megabits to each user.
Networking

The Logistics of an eSports Tournament 48

Posted by timothy
from the who-ordered-450-large-pepperoni-pizzas? dept.
An anonymous reader writes: Wargaming's hugely popular World of Tanks game sees its biggest tournament of the year, The Grand Finals, taking place this weekend. In an interview published today, the developer's eSports director, Mohamed Fadl, reveals just what goes into preparing a tournament for both thousands of spectators at the venue, and millions more streaming online.

"The infrastructure behind such an event is the most challenging task," he reveals. "Ten highly qualified IT managers, 28 on-air casters and around 50 additional TV staff will be doing their best...A TV level production setup, 170 computers, a total of 1.3GB/s bandwidth and 16 cameras plus 14 player cameras." And all for just 12 teams playing one strategy game.
The Internet

Why the Journey To IPv6 Is Still the Road Less Traveled 390

Posted by samzenpus
from the that-has-made-all-the-difference dept.
alphadogg writes The writing's on the wall about the short supply of IPv4 addresses, and IPv6 has been around since 1999. Then why does the new protocol still make up just a fraction of the Internet? Though IPv6 is finished technology that works, rolling it out may be either a simple process or a complicated and risky one, depending on what role you play on the Internet. And the rewards for doing so aren't always obvious. For one thing, making your site or service available via IPv6 only helps the relatively small number of users who are already set up with the protocol, creating a nagging chicken-and-egg problem.
Iphone

Chess Grandmaster Used iPhone To Cheat During Tournament 237

Posted by Soulskill
from the there's-an-app-for-that dept.
SternisheFan sends this quote from the Washington Post: Gaioz Nigalidze's rise through the ranks of professional chess began in 2007, the year the first iPhone was released. In hindsight, the timing might not be coincidental. On Saturday, Nigalidze, the 25-year-old reigning Georgian champion, was competing in the 17th annual Dubai Open Chess Tournament when his opponent spotted something strange. "Nigalidze would promptly reply to my moves and then literally run to the toilet," Armenian grandmaster Tigran Petrosian said. "I noticed that he would always visit the same toilet partition, which was strange, since two other partitions weren't occupied." Petrosian complained to the officials. After Nigalidze left the bathroom once more, officials inspected the interior and say they found an iPhone wrapped in toilet paper and hidden behind the toilet. "When confronted, Nigalidze denied he owned the device," according to the tournament's Web site. "But officials opened the smart device and found it was logged into a social networking site under Nigalidze's account. They also found his game being analyzed in one of the chess applications." Nigalidze was expelled from the tournament, which is still ongoing and features more than 70 grandmasters from 43 countries competing for a first-place prize of $12,000. The Georgian's career is now under a microscope. His two national titles are under suspicion.
Books

Book Review: Networking For System Administrators 33

Posted by samzenpus
from the read-all-about-it dept.
Saint Aardvark writes Michael W. Lucas has been writing technical books for a long time, drawing on his experience as both a system and a network administrator. He has mastered the art of making it both easy and enjoyable to inhale large amounts of information; that's my way of saying he writes books well and he's a funny guy. Networking for System Administrators, available both in DRM-free ebook and dead tree formats, is his latest book, and it's no exception to this trend. Keep reading for the rest of Saint Aardvark's review.
Network

Nokia Networks Demonstrates 5G Mobile Speeds Running At 10Gbps Via 73GHz 55

Posted by timothy
from the that-is-one-packed-headline dept.
Mark.JUK writes The Brooklyn 5G Summit appears to have provided a platform for Nokia Networks to demo a prototype of their future 5G (5th Generation) mobile network technology, which they claim can already deliver data speeds of 10 Gigabits per second using millimeter Wave (mmW) frequency bands of 73GHz. The demo also made use of 2×2 Multiple-Input and Multiple-Output (MIMO) links via single carrier Null Cyclic Prefix modulation and frame size of 100 micro seconds, although crucially no information about the distance of this demo transmission has been released and at 73GHz you'd need quite a dense network in order to overcome the problems of high frequency signal coverage and penetration.
The Internet

ICANN Asks FTC To Rule On .sucks gTLD Rollout 108

Posted by Soulskill
from the what-could-possibly-go-wrong dept.
DW100 writes: "ICANN, the body in charge of overseeing the management and rollout of new top level domains, has asked the FTC to investigate whether the registry running .sucks is acting illegally . ICANN's in-house legal team raised concerns that the registry was selling the domains to brand owners in a 'predatory' manner. "The issues relate to concerns brands wishing to buy the .sucks domain, which went on sale on 30 March for a three-month ‘clearing house' period, will have to pay $2,500 to register it for their brand. This is far in excess of the price that will be offered to the general public and the price of other top-level domains."
The Internet

Bell Labs Fighting To Get More Bandwidth Out of Copper 106

Posted by samzenpus
from the I'm-giving-it-all-she's-got-captain dept.
jfruh writes You might think that DSL lost the race to cable and fiber Internet years ago, but Alcatel-Lucent's Bell Labs is working on a host of projects to extract more and faster bandwidth out of existing technologies. The company's G.fast technology aims to get hundreds of megabits a second over telephone lines. Other projects are aiming to boost speeds over fiber and cell networks as well.
Google

Google Let Root Certificate For Gmail Expire 104

Posted by Soulskill
from the happens-to-the-best-of-us dept.
Gr8Apes writes: The certificate for Google's intermediate certificate authority expired Saturday. The certificate was used to issue Gmail's certificate for SMTP, and the expiration at 11:55am EDT caused many e-mail clients to stop receiving Gmail messages. While the problem affected most Gmail users using PC and mobile mail clients, Web access to Gmail was unaffected. I guess Google Calendar failed to notify someone.