Cloud

Should Your Company Switch To Microservices? (cio.com) 56

Walmart Canada claims that it was microservices that allowed them to replace hardware with virtual servers, reducing costs by somewhere between 20 and 50 percent. Now Slashdot reader snydeq shares an article by a senior systems automation engineer arguing that a microservices approach "offers increased modularity, making applications easier to develop, test, deploy, and, more importantly, change and maintain."

The article touts things like cost savings and flexibility for multiple device types, suggesting microservices offer increased resilience and improved scalabiity (not to mention easier debugging and a faster time to market with an incremental development model). But it also warns that organizations need the resources to deploy the new microservices quicky (and the necessary server) -- along with the ability to test and monitor them for database errors, network latency, caching issues and ongoing availability. "You must embrace devops culture," argues the article, adding that "designing for failure is essential... In a traditional setting, developers are focused on features and functionalities, and the operations team is on the hook for production challenges. In devops, everyone is responsible for service provisioning -- and failure."

The original submission ends with a question for Slashdot reader. "What cautions do you have to offer for folks considering tapping microservices for their next application?"
Space

FCC Grants OneWeb Approval To Launch Over 700 Satellites For 'Space Internet' (theverge.com) 81

OneWeb has been granted approval from the FCC to launch a network of internet-beaming satellites into orbit. FCC chairman Ajit Pai said in a statement: "Humans have long sought inspiration from the stars, from the ancient Egyptians orienting the pyramids toward certain stars to the Greeks using constellations to write their mythology. In modern times, we've done the same, with over 1,000 active satellites currently in orbit. Today, the FCC harnesses that inspiration as we seek to make the promise of high-speed internet access a reality for more Americans, partly through the skies..." The Verge reports: OneWeb plans to launch a constellation of 720 low-Earth orbit satellites using non-geostationary satellite orbit (NGSO) technology in order to provide global, high-speed broadband. The company's goal has far-reaching implications, and would provide internet to rural and hard-to-reach areas that currently have little access to internet connectivity. Additionally, OneWeb has a targets of "connecting every unconnected school" by 2022, and "bridging the digital divide" by 2027. According to OneWeb, the company plans to launch an initial 10 production satellites in early 2018, which, pending tests, will then be followed by a full launch as early as 2019.
Network

WikiLeaks Doc Dump Reveals CIA Tools For Hacking Air-Gapped PCs (bleepingcomputer.com) 71

An anonymous reader writes: "WikiLeaks dumped today the manuals of several hacking utilities part of Brutal Kangaroo, a CIA malware toolkit for hacking into air-gapped (offline) networks using tainted USB thumb drives," reports Bleeping Computer. The CIA uses these tools as part of a very complex attack process, that allows CIA operatives to infect offline, air-gapped networks. The first stage of these attacks start with the infection of a "primary host," an internet-connected computer at a targeted company. Malware on this primary host automatically infects all USB thumb drives inserted into the machine. If this thumb drive is connected to computers on an air-gapped network, a second malware is planted on these devices. This malware is so advanced, that it can even create a network of hacked air-gapped PCs that talk to each other and exchange commands. To infect the air-gapped computers, the CIA malware uses LNK (shortcut) files placed on the USB thumb drive. Once the user opens and views the content of the thumb drive in Windows Explorer, his air-gapped PC is infected without any other interaction.
Network

Lawsuit Accuses Comcast of Cutting Competitor's Wires To Put It Out of Business (arstechnica.com) 140

An anonymous reader quotes a report from Ars Technica: A tiny Internet service provider has sued Comcast, alleging that the cable giant and its hired contractors cut the smaller company's wires in order to take over its customer base. Telecom Cable LLC had "229 satisfied customers" in Weston Lakes and Corrigan, Texas when Comcast and its contractors sabotaged its network, the lawsuit filed last week in Harris County District Court said. Comcast had tried to buy Telecom Cable's Weston Lakes operations in 2013 "but refused to pay what they were worth," the complaint says. Starting in June 2015, Comcast and two contractors it hired "systematically destroyed Telecom's business by cutting its lines and running off its customers," the lawsuit says. Comcast destroyed or damaged the lines serving all Telecom Cable customers in Weston Lakes and never repaired them, the lawsuit claims. Telecom Cable owner Anthony Luna estimated the value of his business at about $1.8 million, which he is seeking to recover. He is also seeking other damages from Comcast and its contractors, including exemplary damages that under state statute could "amount to a maximum of twice the amount of economic damages, plus up to $750,000 of non-economic damages," the complaint says. CourtHouse News Service has a story about the lawsuit, and it posted a copy of the complaint.
Firefox

Chrome and Firefox Headless Modes May Spur New Adware & Clickfraud Tactics (bleepingcomputer.com) 80

From a report: During the past month, both Google and Mozilla developers have added support in their respective browsers for "headless mode," a mechanism that allows browsers to run silently in the OS background and with no visible GUI. [...] While this feature sounds very useful for developers and very uninteresting for day-to-day users, it is excellent news for malware authors, and especially for the ones dabbling with adware. In the future, adware or clickfraud bots could boot-up Chrome or Firefox in headless mode (no visible GUI), load pages, and click on ads without the user's knowledge. The adware won't need to include or download any extra tools and could use locally installed software to perform most of its malicious actions. In the past, there have been quite a few adware families that used headless browsers to perform clickfraud. Martijn Grooten, an editor at Virus Bulletin, also pointed Bleeping Computer to a report where miscreants had abused PhantomJS, a headless browser, to post forum spam. The addition of headless mode in Chrome and Firefox will most likely provide adware devs with a new method of performing surreptitious ad clicks.
Network

Ask Slashdot: Best Way To Isolate a Network And Allow Data Transfer? 226

Futurepower(R) writes: What is the best way to isolate a network from the internet and prevent intrusion of malware, while allowing carefully examined data transfer from internet-facing computers? An example of complete network isolation could be that each user would have two computers with a KVM switch and a monitor and keyboard, or two monitors and two keyboards. An internet-facing computer could run a very secure version of Linux. Any data to be transferred to that user's computer on the network would perhaps go through several Raspberry Pi computers running Linux; the computers could each use a different method of checking for malware. Windows computers on the isolated network could be updated using Autopatcher, so that there would never be a direct connection with the internet. Why not use virtualization? Virtualization does not provide enough separation; there is the possibility of vulnerabilities. Do you have any ideas about improving the example above?
Security

How Hollywood Got Hacked: Studio at Center of Netflix Leak Breaks Silence (variety.com) 79

Earlier this year, hackers obtained and leaked the episodes of TV show Orange Is the New Black. In a candid interview, Larson Studios' chief engineer David Dondorf explained how the audio post-production business allowed the hacker group to gain access to the Netflix original content. Dandorf says the company hired private data security experts to find how it was breached. The investigation found that the hacker group had been searching the internet for PCs running older versions of Windows and stumbled across an old computer at Larson Studios still running Windows 7. From the report: Larson's employees just didn't know all that much about it. Having a computer running an ancient version of Windows on the network was clearly a terrible lack of oversight, as was not properly separating internal servers from the internet. "A lot of what went on was ignorance," admitted Rick Larson. "We are a small company. Did we even know what the content security departments were at our clients? Absolutely not. I couldn't have told you who to call. I can now." It's a fascinating story about how the hacker group first made contact and tried to threaten Larson Studios' president and his wife, and how they responded. Worth a read.
Security

Honda Shuts Down Factory After Finding NSA-derived Wcry In Its Networks (arstechnica.com) 62

A Honda factory near Tokyo was shuttered for over 24 hours this week after its computers became infected with WannaCry, the same ransomware virus responsible for crippling systems in dozens of countries last month, the car manufacturer said Wednesday. From a report: The automaker shut down its Sayama plant northwest of Tokyo on Monday after finding that WCry had affected networks across Japan, North America, Europe, China, and other regions, Reuters reported Wednesday. Discovery of the infection came on Sunday, more than five weeks after the onset of the NSA-derived ransomware worm, which struck an estimated 727,000 computers in 90 countries. [...] Honda officials didn't explain why engineers found WCry in their networks 37 days after the kill switch was activated. One possibility is that engineers had mistakenly blocked access to the kill-switch domain. That would have caused the WCry exploit to proceed as normal, as it did in the 12 or so hours before the domain was registered. Another possibility is that the WCry traces in Honda's networks were old and dormant, and the shutdown of the Sayama plant was only a precautionary measure. In any event, the discovery strongly suggests that as of Monday, computers inside the Honda network had yet to install a highly critical patch that Microsoft released in March.
Bitcoin

NYTimes: Move Over, Bitcoin. Ether Is the Digital Currency of the Moment. (nytimes.com) 117

An anonymous reader shares a report: The price of Bitcoin has hit record highs in recent months, more than doubling in price since the start of the year. Despite these gains, Bitcoin is on the verge of losing its position as the dominant virtual currency. The value of Ether, the digital money that lives on an upstart network known as Ethereum, has risen an eye-popping 4,500 percent since the beginning of the year (alternative source). With the recent price increases, the outstanding units of the Ether currency were worth around $34 billion as of Monday -- or 82 percent as much as all the Bitcoin in existence. At the beginning of the year, Ether was only about 5 percent as valuable as Bitcoin. The sudden rise of Ethereum highlights how volatile the bewildering world of virtual currency remains, where lines of computer code can be spun into billions of dollars in a matter of months. [...] The two-year old system has picked up backing from both tech geeks and big corporate names like JPMorgan Chase and Microsoft, which are excited about Ethereum's goal of providing not only a digital currency but also a new type of global computing network, which generally requires Ether to use. In a recent survey of 1,100 virtual currency users, 94 percent were positive about the state of Ethereum, while only 49 percent were positive about Bitcoin, the industry publication CoinDesk said this month.
Encryption

Equipment Already In Space Can Be Adapted For Extremely Secure Data Encryption (helpnetsecurity.com) 20

Orome1 quotes a report from Help Net Security: In a new study, researchers from the Max Planck Institute in Erlangen, demonstrate ground-based measurements of quantum states sent by a laser aboard a satellite 38,000 kilometers above Earth. This is the first time that quantum states have been measured so carefully from so far away. A satellite-based quantum-based encryption network would provide an extremely secure way to encrypt data sent over long distances. Developing such a system in just five years is an extremely fast timeline since most satellites require around 10 years of development. For the experiments, the researchers worked closely with satellite telecommunications company Tesat-Spacecom GmbH and the German Space Administration. The German Space Administration previously contracted with Tesat-Spacecom on behalf of the German Ministry of Economics and Energy to develop an optical communications technology for satellites. This technology is now being used commercially in space by laser communication terminals onboard Copernicus -- the European Union's Earth Observation Program -- and by SpaceDataHighway, the European data relay satellite system. It turned out that this satellite optical communications technology works much like the quantum key distribution method developed at the Max Planck Institute. Thus, the researchers decided to see if it was possible to measure quantum states encoded in a laser beam sent from one of the satellites already in space. In 2015 and the beginning of 2016, the team made these measurements from a ground-based station at the Teide Observatory in Tenerife, Spain. They created quantum states in a range where the satellite normally does not operate and were able to make quantum-limited measurements from the ground. The findings have been published in the journal Optica.
Businesses

Dropbox Is Rolling Out a Private Network to Speed Up File Access (fortune.com) 40

Dropbox, the file storage company that last year moved 90 percent of its data out of Amazon Web Services cloud and into its own data centers, is at it again. From a report on Fortune: The San Francisco company is building its own international private network to make sure users abroad can access their files -- most of which reside in those aforementioned Dropbox U.S. data centers -- faster. "What people don't realize about the internet is that it is very 'bursty' and can hit bottlenecks," Akhil Gupta, vice president of engineering at Dropbox tells Fortune. That is why the company is ripping out third-party load balancers and replacing them with its own software running on standard Linux hardware. Insulating itself from the balky internet is also the reason Dropbox is contracting to use its own dedicated fiber cable to carry that traffic. "We want to make user experience as real time as possible since 70 percent of our users are outside the U.S. and most of the data lives in North America," says Dan Williams, Dropbox's head of production engineering. Dropbox still partners with Amazon for customers in some countries, like Germany, which require user data to stay in the country of origin.
Television

'Star Trek: Discovery' Gets September Premiere Date On CBS & CBS All Access, Season 1 Split In Two (deadline.com) 242

Nellie Andreeva, writing for Deadline: Star Trek: Discovery will debut Sunday, September 24, with a special broadcast premiere on the CBS TV network airing 8:30-9:30 PM. The first as well as the second episode of the sci-fi series will be available on-demand on CBS All Access immediately following the broadcast premiere, with subsequent new episodes released on All Access each Sunday. Originally slated for a January 2017 premiere, Star Trek: Discovery's debut was first pushed to May and then to fall 2017. At CBS' upfront presentation, the company announced that Star Trek: Discovery's first-season order had been increased from 13 to 15 episodes. The expanded season now will be split into two. The first eight episodes will run Sundays from September 24 through November 5. The season then will resume with the second chapter in January 2018. The break also will allow the show more time for postproduction on latter episodes.
Encryption

Microsoft, Accenture Team Up On Blockchain-based Digital ID Network (reuters.com) 53

Accenture and Microsoft are teaming up to build a digital ID network using blockchain technology, as part of a United Nations-supported project to provide legal identification to 1.1 billion people worldwide with no official documents. From a report: The companies unveiled a prototype of the network on Monday at the UN headquarters in New York during the second summit of ID2020, a public-private consortium promoting the UN 2030 Sustainable Development Goal of providing legal identity for everyone on the planet. The project aims to help individuals such as refugees prove who they are in order to gain access to basic services such as education and healthcare. Blockchain, first developed as a public ledger of all transactions in the digital currency bitcoin, is increasingly being used to securely track data in other fields.
United States

Louisville's Fiber Internet Expansion Opposed By Koch Brothers Group (usatoday.com) 230

Slashdot reader simkel shared an article from the Courier-Journal: A group affiliated with the Koch brothers' powerful political network is leading an online campaign against Mayor Greg Fischer's $5.4 million proposal to expand Louisville's ultra-fast internet access... Critics argue that building roughly 96 miles of fiber optic cabling is an unnecessary taxpayer giveaway to internet service providers, such as Google Fiber, which recently announced plans to begin building its high-speed network in the city. "Fundamentally, we don't believe that taxpayers should be funding broadband or internet systems," said David Williams, president of the taxpayers alliance, which is part of industrialists Charles and David Koch's political donor network... The group says $5.4 million is a misuse of taxpayer funds when the city has other needs, such as infrastructure and public safety.
To shore up public support, the mayor has begun arguing that high-speed connectivity would make it cheaper to install crime-monitoring cameras in violent neighborhoods.
The Military

Pentagon Cyberweapons 'Disappointing' Against ISIS (nytimes.com) 118

An anonymous reader quotes the New York Times: It has been more than a year since the Pentagon announced that it was opening a new line of combat against the Islamic State, directing Cyber Command, then six years old, to mount computer-network attacks... "In general, there was some sense of disappointment in the overall ability for cyberoperations to land a major blow against ISIS," or the Islamic State, said Joshua Geltzer, who was the senior director for counterterrorism at the National Security Council until March. "This is just much harder in practice than people think..."

Even one of the rare successes against the Islamic State belongs at least in part to Israel, which was America's partner in the attacks against Iran's nuclear facilities. Top Israeli cyberoperators penetrated a small cell of extremist bombmakers in Syria months ago, the officials said. That was how the United States learned that the terrorist group was working to make explosives that fooled airport X-ray machines and other screening by looking exactly like batteries for laptop computers... The information helped prompt a ban in March on large electronic devices in carry-on luggage on flights from 10 airports in eight Muslim-majority countries to the United States and Britain.

Citing military officials, the Times also reports that "locking Islamic State propaganda specialists out of their accounts -- or using the coordinates of their phones and computers to target them for a drone attack -- is now standard operating procedure."
Medicine

Research Suggests Effects of Shift Work or Jet Lag On Our Body Clocks Can Be Reduced By Simply Changing Meal Times (qz.com) 51

Jonathan Johnston reports via Quartz: Around one in five people in Western countries could be putting their health at risk simply by going to work. This is because working shifts outside of the rest of the population's normal hours has been linked to obesity, diabetes, heart disease, cancer and even declines in brain function. Scientists think this is because our bodies are programmed to run on cycles known as circadian rhythms, and changes in our routine caused by shift work or traveling long distances disrupts those rhythms. But our new research suggests that the effects of shift work or jet lag on our body clocks could be reduced simply by changing the times at which people eat. The key to this theory is the idea that each person doesn't just have a single body clock but rather a complex network of billions of cellular clocks found throughout the body. In humans and other mammals, there is a master clock within a region of the brain called the suprachiasmatic nuclei (SCN) and many peripheral clocks found elsewhere. For our research, we wanted to see how one aspect of this approach -- changing meal times -- affected circadian rhythms. We found that delaying meals by a certain amount caused a similar shift in some peripheral clocks, without changing the master clock. This is important because research in animals suggests peripheral clocks take longer to adjust to a new routine.
Businesses

Former CenturyLink Employee Accuses Company of Running a Wells Fargo-Like Scheme (bloomberg.com) 61

A former CenturyLink employee has filed a lawsuit this week claiming she was fired for "blowing the whistle on the telecommunications company's high-pressure sales culture that left customers paying millions of dollars for accounts they didn't request," reports Bloomberg. From the report: The plaintiff, Heidi Heiser, worked from her home for CenturyLink as a customer service and sales agent from August 2015 to October 2016. The suit claims she was fired days after notifying Chief Executive Officer Glen Post of the alleged scheme during a companywide question-and-answer session held on an internal message board. The complaint alleges CenturyLink "allowed persons who had a personal incentive to add services or lines to customer accounts to falsely indicate on the CenturyLink system the approval by a customer of new lines or services." This would sometimes result in charges that hadn't been authorized by customers, according to the complaint. Heiser's complaint alleges that she became increasingly concerned about what she observed at CenturyLink after news of Wells Fargo & Co.'s regulatory troubles broke in September. In that case, Wells Fargo employees opened deposit and credit card accounts without customers' consent to earn incentives and meet sales goals. Without admitting wrongdoing, Wells Fargo ended up firing more than 5,000 employees and agreeing to pay $185 million in fines, in addition to compensating customers for fees related to the unauthorized accounts. The complaint likens what Heiser said CenturyLink sales agents did to the Wells Fargo scandal and estimated the alleged unauthorized fees amounted to "many millions" of dollars. She says her concerns were bolstered by posts she had read on review websites.
Australia

Movie Piracy Cost Australian Network 'Hundreds of Millions of Dollars' (theaustralian.com.au) 119

Film television piracy and illegal downloads are partly to blame for Australian broadcaster Ten Network's woes, according to Village Roadshow co-chief executive Graham Burke. From a report: He said piracy had cost Ten "hundreds of millions of dollars" in potential advertising revenue because of lower ratings resulting from pirated versions of films supplied by 21st Century Fox under an onerous output deal with the Hollywood studio. He said copies of Fox's Leonardo DiCaprio movie The Revenant and The Peanuts Movie were stolen last year and shared illegally via a piracy website. "Piracy is a much bigger channel and an illicit economy than the three main commercial networks combined. It is ripping off viewers from legitimate, taxpaying enterprises," Mr Burke said. "The product that Ten is buying from 21st Century Fox and is now arriving have been pirated out of sight."
Patents

Amazon Granted a Patent That Prevents In-Store Shoppers From Online Price Checking (theverge.com) 465

An anonymous reader quotes a report from The Verge: Amazon's long been a go-to for people to online price compare while shopping at brick-and-mortars. Now, a new patent granted to the company could prevent people from doing just that inside Amazon's own stores. The patent, titled "Physical Store Online Shopping Control," details a mechanism where a retailer can intercept network requests like URLs and search terms that happen on its in-store Wi-Fi, then act upon them in various ways. The document details in great length how a retailer like Amazon would use this information to its benefit. If, for example, the retailer sees you're trying to access a competitor's website to price check an item, it could compare the requested content to what's offered in-store and then send price comparison information or a coupon to your browser instead. Or it could suggest a complementary item, or even block content outright. Amazon's patent also lets the retailer know your physical whereabouts, saying, "the location may be triangulated utilizing information received from a multitude of wireless access points." The retailer can then use this information to try and upsell you on items in your immediate area or direct a sales representative to your location.
Communications

CIA Created 'CherryBlossom' Toolkit For Hacking Hundreds of Routers Models (bleepingcomputer.com) 107

An anonymous reader writes: After a two-week hiatus, WikiLeaks dumped new files as part of the Vault 7 series -- documents about a CIA tool named CherryBlossom, a multi-purpose framework developed for hacking hundreds of home router models. The tool is by far one of the most sophisticated CIA malware frameworks in the CIA's possession. The purpose of CherryBlossom is to allow operatives to interact and control SOHO routers on the victim's network. The tool can sniff, log, and redirect the user's Internet traffic, open a VPN to the victim's local network, execute actions based on predefined rules, alert operators when the victim becomes active, and more. A 24-page document included with the CherryBlossom docs lists over 200 router models from 21 vendors that the CIA could hack. The biggest names on this list are Apple, D-Link, Belkin, Aironet (Cisco), Linksys, and Motorola.

Slashdot Top Deals