Friday, December 27, 2013

The Console Living Room : Free Software : Download & Streaming : Internet Archive

983 itemsWelcome to The Console Living Room

The Internet Archive Console Living Roomharkens back to the revolution of the change in the hearth of the home, when the fireplace and later television were transformed by gaming consoles into a center of videogame entertainment. Connected via strange adapters and relying on the television's speaker to put out beeps and boops, these games were resplendent with simple graphics and simpler rules.


Thursday, December 26, 2013

BlackBerry Founder Walks Away From Possible Takeover Deal

BlackBerry Ltd. (BBRY) co-founder and former Chief Executive Officer Mike Lazaridis walked away from a possible takeover plan and reduced his stake in the struggling smartphone maker after it ended an attempt to sell itself.

Lazaridis now owns 26.3 million shares, or 4.99 percent of its outstanding shares, according to a regulatory filing yesterday. The former BlackBerry executive, who earlier this year had considered making a bid for the Waterloo, Ontario-based company, sold more than $26 million of stock this week, according to the filing. Together with co-founder Doug Fregin, he had controlled about 8 percent of the stock.

Following the collapse of a $4.7 billion buyout by Fairfax Financial Holdings Ltd. last month, BlackBerry ended its strategic review, opting instead to raise $1 billion in convertible debt and seek a new CEO. Former Sybase Inc. chief John Chen was named executive chairman and interim CEO. The $1 billion infusion helped stabilize the unprofitable company, giving Chen time to craft a turnaround plan.


Sunday, December 22, 2013

Atheists are good if they do good, Pope Francis says

He told the story of a Catholic who asked a priest if even atheists had been redeemed by Jesus.

"Even them, everyone," the pope answered, according to Vatican Radio. "We all have the duty to do good," he said.

"Just do good, and we'll find a meeting point," the pope said in a hypothetical conversation in which someone told a priest: "But I don't believe. I'm an atheist."


Saturday, December 21, 2013

Microsoft Security Essentials misses 39% of malware in Dennis test

While the other eight packages all achieved protection scores of 87% or higher - with five scoring 98% or 99% - Microsoft's free antivirus software protected against only 61% of the malware samples used in the test.

Microsoft conceded last year that its security software was intended to offer only "baseline" performance, saying it wanted to "give customers a good reason to pay for their [security] products" because that would create greater diversity in the market and make life harder for malware writers.

Nevertheless, the company insisted that Security Essentials provided "strong, comprehensive defence against malicious code and attacks".

Read more: Microsoft Security Essentials misses 39% of malware in Dennis test | Security | News | PC Pro


Wednesday, December 18, 2013

Why the Web Won't Be Nirvana - Newsweek circa 1995

Best part:

Then there's cyberbusiness. We're promised instant catalog shopping—just point and click for great deals. We'll order airline tickets over the network, make restaurant reservations and negotiate sales contracts. Stores will become obselete. So how come my local mall does more business in an afternoon than the entire Internet handles in a month? Even if there were a trustworthy way to send money over the Internet—which there isn't—the network is missing a most essential ingredient of capitalism: salespeople.


Monday, December 2, 2013

BlackBerry CEO's open letter to enterprise customers: 'We are very much alive'

"In short, reports of our death are greatly exaggerated." BlackBerry CEO.

Ouch! I'm pretty sure it is a bad sign when you have to tell your customers that you are still alive...

Wednesday, November 27, 2013

I wonder why Tesla gets pounded for a single fire when this is happening...

Ford said it is recalling nearly 140,000 2013 Escape SUVs with 1.6-liter engines in the United States — and 161,333 worldwide — because of fires caused by overheating of the engine cylinder head, which can crack and leak oil. Ford said it had received reports of 13 fires, including one in Canada, stemming from the engine issue.

Monday, November 18, 2013

The government needs to see Hadoop’s ROI

The healthcare use case: Improving the quality of life and the effectiveness of government spending

For the uninitiated, Hadoop is a solution for distributed parallel processing of huge amounts of data. You can see some examples of its uses in our Hadoop infographic.

IT can improve symptom analysis, time to market for drug development and safety, decreased hospitalization and sickness and a lower frequency of spreading diseases. How? Through Hadoop's uses in information exchange, service quality improvements, drug safety testing, symptom co-occurrence identification, drug development processes, illness detection and large-scale patient studies. There's one thing all these health-related topics (and just about everything else government agencies do) have in common —data, and lots of it.


Explaining Hadoop to Your CEO

 A seasoned CEO will look for a plausible path to significant value, along with the outlines of a plan for broad adoption if all goes well. The path to value should describe the initial questions that will be answered by the technology, the processes that will be improved, the decisions that will be made better with more information. The suspected business impact should be defined, but it should be clear to everyone that it is very likely that the unexpected impact may be even bigger. The amount of money to be spent should be presented with plan for the first few experiments that will be performed. With cloud computing infrastructure, none of this should mean a huge upfront cost.


Tuesday, October 29, 2013

Security hole found in Obamacare website

The Obamacare website has more than annoying bugs. A cybersecurity expert found a way to hack into users' accounts.

Until the Department of Health fixed the security hole last week, anyone could easily reset your password without your knowledge and potentially hijack your account.


Saturday, October 26, 2013

LMI Claims NASA Could Adopt Pentagon's Supply Chain Techniques | SYS-CON MEDIA

A new LMI study has found that NASA could implement techniques already in use by the Defense Department when designing rockets and spaceships.

The nonprofit research recommended the space agency use readiness-based sparing in supply chain management to support ground systems for launch missions, LMI said Thursday.

Research authors Julie Castilho, David Peterson, Tovey Bachman and Rob Kline presented an RBS structure using LMI's ASM Sparing Model, which is designed to provide NASA logisticians with a platform to quantify the trade space using advanced analytics.


Friday, October 18, 2013

LMI Researchers to NASA: Apply DoD's Cost-Effective Sparing Strategies to Next Generation of Critical Ground Systems

 As NASA develops the technologies and innovations to launch the next generation of rockets and spacecraft, the agency should leverage readiness-based sparing (RBS) techniques that are currently deployed successfully by the Department of Defense (DoD), according to LMI researchers investigating space exploration logistics. The findings are part of NASA-funded research presented at the American Institute of Aeronautics and Astronautics' SPACE 2013 conference in San Diego.

The research, authored by LMI logistics experts Julie Castilho,David Peterson, Ph.D., Tovey Bachman, Ph.D., and Rob Kline, explores the benefits of RBS as a way to extend systems-based sparing capabilities to NASA's critical launch-support ground systems in order to achieve the right balance of effectiveness and affordability.


Thursday, October 10, 2013

The Fiasco: Blame Bureaucracy - IT Clan Editor's Blog - Internet Evolution

The Fiasco: Blame Bureaucracy

The broken government procurement process shoulders the blame for the fiasco over the launch of, according to a blog for a company that designs government software.

The problem is that the federal procurement process gives work to a limited number of firms whose expertise is in navigating the procurement process, rather than doing the work, according to a blog post at The Department of Better Technology. is the linchpin of the Affordable Care Act, which mandates, among other things, that Americans have health insurance. States set up exchanges to sell affordable insurance to individuals who don't get it through other channels, such as employers. Some 36 states have elected not to set up their own exchanges, instead letting federal systems handle the work for them. is the front door to that federal system.

On launch day Oct. 1, was plagued by slowdowns and outages. Site visitors saw a lot of this -- it's's fail whale:

Although the problems have been mitigated, they're not completely solved.

Bureaucracy is to blame, says the Department of Better Technology: got this way not because of incompetence or sloppiness of an individual vendor, but because of a deeply engrained and malignant cancer that's eating away at the federal government's ability to provide effective online services. It's a cancer that's shut out the best and brightest minds from working on these problems, diminished competition for federal work, and landed us here — where you have half-billion dollar websites that don't work.

That cancer is called "procurement" and it's primarily a culture-driven cancer one that tries to mitigate so much risk that it all but ensures it. It's one that allowed for only a handful of companies like CGI Federal to not only build disasters like this, but to keep building more and more failures without any accountability to the ultimate client: us. Take a look at CGI's website, and the industries they serve: financial services, oil and gas, public utilities, insurance. Have you had a positive user experience in any of those industries?

The Department of Better Technology, which publishes the blog, makes government software, so of course it has a dog in this race. But, still, the blog makes good points. And the blog post is authored by Clay Johnson, who's had a substantial career in government, politics, and the Internet, including heading the digital presidential campaigns of Howard Dean (2004) and Barack Obama (2008). Johnson is CEO and founder of DBT, as well as a supporter of RFP-EZ, a federal project designed to make it easier for smaller companies to bid on federal IT projects.

Bureaucracy wasn't all there was to it. is also an incredibly complex problem. "Private companies sell things online all the time. Why is the government having such a hard time setting up an online health insurance marketplace?" writes The Washington Post.'s job was much harder than simple online commerce. "Much of the complexity comes from the fact that the exchanges are used to administer the complex system of subsidies the Affordable Care Act provides to low-income consumers. Figuring out whether a customer is eligible for a subsidy, and if so how much, requires data from a lot of federal and state agencies," the Post says. The site must also confirm that the applicant is an American citizen or documented immigrant, checking with the Social Security Administration and Department of Homeland Security. And so on. The Post reproduces a chart from Xerox that describes the problem: was just plain badly built, according to The Wall Street Journal. It was overwhelmed by traffic, failing to cache frequently used portions of the website. Identity authentication broke down. And the site is susceptible to security vulnerabilities.

The White House knew since February that the launch was shaky, according to But the White House was eager to get the site up and running fast. As Republicans combat the Affordable Care Act, proponents felt they needed to get the law implemented and get the American people using the system to make ObamaCare impossible to repeal. "The Obama administration was more afraid of delaying the launch of Obamacare, than they were of botching it," Forbes said.

This may prove to be a sound strategy. But the key is that the American people have to enjoy the benefits of the ACA. If the White House can't fix the law's Internet problem, there will be no benefits, only frustrations. And the ACA will go down.

Monday, October 7, 2013

Uh oh... NIST web sites are down. No FISMA guidance for you.

NIST Closed, NIST and Affiliated Web Sites Not Available

Due to a lapse in government funding, the National Institute of Standards and Technology (NIST) is closed and most NIST and affiliated web sites are unavailable until further notice. We sincerely regret the inconvenience.

The National Vulnerability Database and the NIST Internet Time Service web sites will continue to be available. A limited number of other web sites may also be available.

Notice will be posted here ( once operations resume. You may also get updates on NIST's operating status by calling (301) 975-8000.

Conferences and other events scheduled during the shutdown are postponed or cancelled. Even after NIST reopens, some NIST events may need to be rescheduled. Once access to NIST Web sites resumes, please see the Conferences and Events ( list for updated information on specific events.

Sunday, October 6, 2013

New Fitbit® Pink Flex™

Make fitness a lifestyle with Flex™.
This slim, stylish device is with you all the time. During the day, it tracks steps, distance, and calories burned. At night, it tracks your sleep quality and wakes you silently in the morning. Just check out the lights to see how you stack up against your personal goal. It's the motivation you need to get out and be more active.

Monday, September 23, 2013

Mobile Management, Security Still a Challenge for Businesses

The survey revealed a growing chasm between what mobile workers want and what IT departments can secure is causing friction for businesses.

Just 18 percent of organizations are confident that their mobile policies are compliant with corporate policy and government regulation, according to a report from mobile productivity solutions specialist Accellion, and AIIM, a global non-profit organization that provides independent research, education and certification programs to information professionals.

Just more than half (51 percent) of organizations surveyed said they have big doubts about their mobile content management processes, even though nearly two-thirds of respondents have or plan to allow official enterprise content management (ECM access) through mobile devices. Meanwhile, 70 percent of respondents expressed concern and another 20 percent were extremely concerned about mobile file sharing.

The survey indicated the growing chasm between what mobile workers want and what IT departments can secure is causing friction for organizations in all industries. Only 30 percent of organizations have an approved bring-your-own-device (BYOD) policy in place, yet 46 percent of respondents reported that information access via mobile is "essential" and another 24 percent cite it as "somewhat important."


Treasury makes business case for iPads

The business case for mobile devices has become compelling for Treasury CIO Peter Alexander, who is now eyeing off Samsung and Android devices thanks to developments in mobile device management.

Following a presentation he gave at a CommVault seminar in Canberra, Alexander told ITnews the return on investment on portable devices given to senior Treasury executives was high.

He estimated the full cost of a typical smartphone was $1100/year including all costs such as data and security oversight.

"That's way cheaper than a desktop," he said.

With iPads, he said, the cost is less than $800 a year because there are no phone calls involved. Discounts from carriers made it especially compelling especially when a staffer did half an hour's work on their own time out of work hours, he said.

"We have people that sit on their iPads in front of the TV every night doing hours of work." 


Sunday, September 22, 2013

Mobile can help drive more federal innovation

 In his July Management Agenda: Innovative Government speech, President Obama outlined his vision for a smarter, more innovative and more responsive government.

He challenged federal leaders across all agencies to harness the power of technology and replicate online efficiencies already available in the private sector, such as tracking a package from shipping to delivery point or filling in information once, on one form, which then populates across multiple forms.

For federal leaders who are ready to think big, I encourage starting small — as in the 3-by-5-inch smartphone device that 91 percent of American adults own.

A mobile-first approach is a must for eGovernment innovation. No longer "nice to have" or novelty items, mobile devices are well on their way to becoming the primary means of accessing the Internet.


Saturday, September 21, 2013

For BlackBerry, Consumers Aren't the Only Problem

 BlackBerry's last-ditch move to abandon its consumer business and focus on selling devices to companies is a risky bet that it can hang on to ground that is rapidly eroding.

Thursday, September 19, 2013

Free at Krispy Kreme Today!

Today only, participating Krispy Kremelocations offer an original glazed doughnut for free for those who talk like a pirate as part of Talk Like A Pirate Day. That's the best freebie we've seen from Krispy Kreme since June, when it offered a no-strings-attached freebie.Click here to find a store near you.

Not easily shamed when it comes to free food? Dress like a pirate and receive one dozen original glazed doughnuts for free.

Monday, September 16, 2013

Load Tester 5.4: Now on OSX! - Web Performance

This is too COOL!

Hi, I'm Michael Czeiszperger, the original author of the Load Tester 1.0 and 2.0. Although Load Tester originally ran on OSX, 10 years ago the future of that platform was very much up for grabs, and with 99% of our sales on Windows, the OSX version was dropped. Fast forward to 2013, and I decided that 10 years of running Load Tester on my OSX machine through an emulator was 10 years too many. It only took a couple of days to get it running again on OSX, but several months working in my spare time to squash all the bugs and automate stuff like SSL certificate installs.

Screen Shot 2013-09-09 at 2.51.57 PM

Wether you use Safari, Firefox, or Chrome on OSX we've got you covered. Load Tester automatically manages configuration of your browser for recording. It also can handle iOS testing through the standard Apple iOS emulator.

Thursday, September 12, 2013

Health care data hub gets authority to operate

A key piece of technology needed to enroll applicants in the insurance marketplaces created by the 2010 health care overhaul has received authorization to operate, setting the stage for the exchanges' Oct. 1 launch.

News of the authorization stunned many observers, given that a  report from the Health and Human Services Inspector General revealed that testing for the data hub hadfallen behind schedule, and that security authorization wasn't due to be completed until Sept. 30, one day before the hub is scheduled to go online.


Sunday, September 8, 2013

Employee Mobile Behaviors Pose Risk to Enterprise Data - New Fiberlink Survey Reveals

 In one example, among those employees that did use mobile devices for work (either corporate-issued or their own), this survey showed:
- 25 percent either opened or saved a work attachment file into a third party app, such as Evernote, Dropbox or QuickOffice.
- 20 percent admitted to having cut and pasted work related attachments or email from company email to their personal accounts.
- 18 percent claim that they have accessed websites that are blocked by a company IT policy.


Saturday, September 7, 2013

This is appalling. What NSA's influence on NIST standards means for feds

In short, NIST standards – at least in this instance – were weaker than they should have been because the NSA "became the sole editor" of the standards, according to Snowden-leaked documents, and no doubt a throng of coders and cryptographers are looking at exploiting those vulnerabilities right now.


Friday, September 6, 2013

Spooning By Bitbucket

 Choose your partner wisely...

NSA uses supercomputers to crack Web encryption and "insert vulnerabilities into commercial encryption systems"...

The spy agencies have focused on compromising encryption found in Secure Sockets Layer (SSL), virtual private networks (VPNs) and 4G smartphones and tablets. The NSA spent $255 million this year on the decryption program — code named Bullrunwhich aims to "covertly influence" software designs and "insert vulnerabilities into commercial encryption systems" that would be known only to the agency.

Bruce Schneier, a security technologist, examined the documents before they were published and authored an analysis for the Guardian. He told USA TODAY that they are the biggest revelations yet from the documents leaked by Snowden and said they show NSA has "subverted" much of the Internet and tech companies that form its backbone.

"They fundamentally undermine the social contract of the Internet — which is that you get what you think you get and it works,'' Schneier said. "An agency has subverted vast swaths of this to turn the Internet into a surveillance engine. Now the Internet doesn't do what people thought it did.''

"They've done it through secret agreements with companies, so essentially all the companies you deal with on the Internet have been lying to you. They have basically sucked the trust out of the Internet — the NSA and these companies. It's a public-private partnership to turn the internet into a surveillance engine.''

Thursday, September 5, 2013

The New iPhone Fingerprint Authentication System

So — can Apple's biometric authentication be hacked? Almost certainly; I'm sure that someone with a good enough copy of your fingerprint and some rudimentary materials engineering capability — or maybe just a good enough printer — can authenticate his way into your iPhone.  But, honestly, if some bad guy has your iPhone and your fingerprint, you've probably got bigger problems to worry about.

The final problem with biometric systems is the database.  If the system is centralized, there will be a large database of biometric information that's vulnerable to hacking.  Apple's system is almost certainly local — you authenticate yourself to the phone, not to any network — so there's no requirement for a centralized fingerprint database.

Fingerprint authentication is a good balance between convenience and security for a mobile device, and Apple is smart to add the technology to the iPhone.

Monday, September 2, 2013

Android accounts for 79% of phone malware

Some 79% of malicious attacks on mobiles in 2012 occurred on devices running Google's Android operating system, US authorities have said.

Public information website Public Intelligence published the Department of Homeland Security and the Federal Bureau of Investigation memo to US police and emergency medical personnel.

Nokia's Symbian system, on the Finnish company's basic-feature handsets, had had the second-most malware attacks.

Apple's iOS had had 0.7% of attacks.

Android is the world's most popular mobile operating system, and the memo blamed its high share of attacks on its "market share and open-source architecture".

Text trojans - malware that sends SMS messages to premium-rate numbers without the phone owners' knowledge - accounted for half of the Android attacks on old versions of the system.

The memo also cited fake sites that appeared to be like Google's Play marketplace and "rootkits" that allowed hackers to track a user's keystrokes and passwords.

It said 44% of Android users were still using older versions of the operating system - specifically 2.3.3 through 2.3.7, dubbed Gingerbread and released in 2011.

These have a "number of security vulnerabilities that were fixed in later versions", the memo added.

Sunday, September 1, 2013

Sysadmin security fail: NSA finds Snowden hijacked officials’ logins

Some or all of this trouble could have been avoided if the NSA had followed its own playbook a bit more closely and used administrative and security best practices that are common across government, the financial industry, and other networks where access control auditing and the non-repudiation of data are mandated by laws, regulations, and the nature of the business. Giving an administrator the ability to gain access to user credentials—and the log systems that monitor changes to those credentials—is a classic bad move in network security. As Oracle points out in its documentation for its Enterprise Manager administration tool, "Giving the same level of access to all systems to all administrators is dangerous." In most sensitive enterprise systems, administrators' access powers are limited to very specific roles to prevent giving them the power to compromise multiple systems, making it more difficult for an insider to attack systems and cover his or her tracks.

|| David K. Shepherd ||

Friday, August 23, 2013

Steve Ballmer to retire as Microsoft CEO

Microsoft has just announced that CEO Steve Ballmer will retire within the next 12 months. He will step down from his post as soon as the process of choosing his successor has been completed. Ballmer has written an open email to the Microsoft team explaining the decision and the strategy for "moving forward." He had this to say in the official Microsoft press release:

We have embarked on a new strategy with a new organization and we have an amazing Senior Leadership Team. My original thoughts on timing would have had my retirement happen in the middle of our company's transformation to a devices and services company. We need a CEO who will be here longer term for this new direction.


Thursday, August 22, 2013

Um, is this really news? - Microsoft Warns of Permanent Zero-Day Exploits for Windows XP

When Microsoft announced that it would discontinue support for Windows XP starting on April 8, 2014, many companies began the long process of transitioning to modern operating systems like Windows 7 or Windows 8. But there are others that won't – and the software giant is raising the spectre of a zero-day onslaught as a result.

Wednesday, August 21, 2013

VeriSign Embraces Open-Source FreeBSD for Diversity

 "It's important for us to maintain the reliability of all the services, so we don't rely uniquely on any particular implementation in the operating system space," Kaliski said. "Having both FreeBSD and Linux makes it possible to have that diversity."


New... Apple iPhone patent violated by Samsung, US trade court rules

Samsung violated two of Apple's iPhone patents and must end US import of some of its products, the top US trade court ruled Friday as the smartphone giants clashed once more in court.

In a mixed ruling the International Trade Commission (ITC) found that Samsung had unfairly used Apple technology in some of its devices. It issued cease and desist orders banning further imports of some Samsung products. But the ITC dismissed four other claims made by Apple.

The verdict came as Apple asked an appeal court to force Samsung to stop using iPhone features that a jury had declared to be in violation its patents.

In the latest salvoes in the long running battle between the world's top two smartphone manufacturers, Apple is seeking to overturn a court order that allows Samsung to continue to sell products that use the disputed patents.

Tuesday, August 20, 2013

WOW! Tesla Model S Achieves Best Safety Rating of Any Car Ever Tested

Sets New NHTSA Vehicle Safety Score Record

Palo Alto, CA — Independent testing by the National Highway Traffic Safety Administration (NHTSA) has awarded the Tesla Model S a 5-star safety rating, not just overall, but in every subcategory without exception. Approximately one percent of all cars tested by the federal government achieve 5 stars across the board. NHTSA does not publish a star rating above 5, however safety levels better than 5 stars are captured in the overall Vehicle Safety Score (VSS) provided to manufacturers, where the Model S achieved a new combined record of 5.4 stars.

Of all vehicles tested, including every major make and model approved for sale in the United States, the Model S set a new record for the lowest likelihood of injury to occupants. While the Model S is a sedan, it also exceeded the safety score of all SUVs and minivans. This score takes into account the probability of injury from front, side, rear and rollover accidents.


Is this the start of the BlackBerry Death Spiral?

Buyout could make BlackBerry viable in federal market

Once the reigning smartphone of choice for federal employees and corporate business leaders, a now struggling BlackBerry said it's looking into other options after its new smartphone models failed to spark renewed confidence from even its most loyal customers.

The company announced that it's hiring a special committee to consider possibilities for BlackBerry's future, which couldinclude a complete sale of the company or partnerships with private investors.

The possibilities for federal agencies like the Defense Department, which recentlygave the go- ahead to the new BlackBerry Q10 and Z10 models, are unclear.

Monday, August 19, 2013

BSD Conference and vBSDcon 2013 – Verisign

Please join us October 25-27, 2013 at the Hyatt in Dulles, Virginia for the first biennial vBSDcon event. This exciting weekend will bring together members of the BSD community for a series of roundtable discussions, educational sessions, best practice conversations, and exclusive networking opportunities. See below for details on this industry weekend not to be missed:


  • Friday, October 25: Evening Reception
  • Saturday, October 26: General Session, Birds of a Feather Sessions
  • Sunday, October 27: General Session, Breakout Sessions

Hackers break into Energy's computer networks, put employees at risk

More than 14,000 current and former Energy Department employees are at risk of identity theft. For a second time this year, DoE confirmed hackers broke into its unclassified computer network, which disclosed employees' personally identifiable information (PII).

"Individual notifications to affected current employees will begin no later than this Friday, Aug. 16, and will be completed by Aug. 30," stated an internal Energy Department email sent to employees earlier this week, which was obtained by Federal News Radio. "While a significant number of employees whose information may have been affected may no longer be employed by the department, it will be necessary to obtain current contact information in order to notify these personnel. The individual notification process for former employees will begin this week."

DoE told employees it is working with federal law enforcement agencies to find out more about the hacking incident, which happened at the end of July.

"No classified data was targeted or compromised," the email stated. "Once the full nature and extent of this incident is known, the department will implement a full remediation plan."


Friday, August 16, 2013

Red Hat Software Collections 1.0 Beta Now Available

This might help some of our issues...

The success of today's enterprise is dependent upon developers' ability to remain agile, flexible and ready to incorporate new technologies, even as they take on additional responsibilities as new roles like DevOps emerge and evolve. With Red Hat Software Collections, developers can build and deploy applications on Red Hat Enterprise Linux with the confidence that their efforts will be backed by long-term support. In addition, Red Hat plans a frequent release cadence for Red Hat Software Collections, providing developers with updated runtime components on which they can create new features and capabilities.

Red Hat Software Collections 1.0 Beta includes access to the latest stable versions of the following dynamic languages:

  • Ruby 1.9.3 with Rails 3.2.8, which delivers substantial performance improvements for web-based applications. This results in faster load times, improved unicode support and threading, and a large collection of ruby gems.
  • Python version 2.7, which includes new unit test features, faster I/O, and tools and back-ported features from Python 3 to make future migration easier.
  • Python version 3.3, which offers significant improvements in language consistency, Unicode performance, imports, and distribution of packages.
  • PHP version 5.4, which includes new language syntax, improved performance and reduced memory consumption, and a built-in web server in CLI mode to simplify development workflows and testing.
  • Perl version 5.16.3, which includes improved unicode support, performance enhancements, new debugging options, enhanced security, and a number of new and updated modules.
  • Technology Preview of node.js version 0.10, which delivers an easy to use module for handling streams, better error handling with domains, and performance improvements for web application development.

Red Hat Software Collections 1.0 Beta also includes access to the latest stable versions of the following runtime databases:

  • MariaDB version 5.5, which introduces an easy-to-adopt alternative for MySQL for Red Hat Enterprise Linux users. Binary compatibility allows MySQL users to drop-in MariaDB without converting data files.
  • MySQL version 5.5, which offers performance, scalability, and usability enhancements.
  • PostgreSQL version 9.2, which includes native JSON support, covering indexes, and significant improvements in replication, high availability and performance.

The Risk of Regulated Data on Mobile Devices

According to the findings of The Risk of Regulated Data on Mobile Devices study, many organizations are not taking the necessary steps to protect this type of data on mobile devices and in the cloud. In fact, 54 percent of respondents have had on average five data breach incidents involving the loss or theft of a mobile device containing regulated data. 

Thursday, August 15, 2013

The dangers of mobile technology for the NHS

Consider the human body for a moment. Every day, it comes into contact with millions of different types of bacteria, germs, viruses. Usually these are stopped by its outer perimeter – the skin – but imagine for a moment that the human body didn't have that external perimeter, and that external forces were able to enter it freely, at a whim. This is the reality of the risk facing the NHS. After all, it can hardly stop patients at the gates, so the solution to the problem of unsecured mobile devices needs to be much more intelligent. Just as perimeter security is a basic requirement in the modern business, the ability to properly manage mobile devices, for work or otherwise, should be fundamental to every IT strategy.


Wednesday, August 14, 2013

D'oh! Attackers exploit Android bugs to steal Bitcoins from "wallet" apps

The bugs lie in the way Android generates private keys used to authenticate the Bitcoin owners.

The bugs lie in the way Android generates private keys used to authenticate the Bitcoin owners.

Criminals have found a way to steal Bitcoins from users' "wallet" apps by exploiting major vulnerabilities in the Android mobile operating system.

According to an online community of Bitcoin users, who spoke out on a Bitcointalk.orgforum over the weekend, cyber thieves have made off with at least 55 Bitcoins, which amounts to about $5,800, given Bitcoin's current exchange value.

HIPAA Encryption Compliance Easier With AlertBoot Full Disk Encryption

I guess lots of folks are pushing up against the MU deadline on this one...


"The deadline to the Final Omnibus Rule is September 23, 2013," said Tim Maliyil, CEO and founder of AlertBoot. "Frankly, I'm a little surprised to find that HIPAA covered entities are contacting us so belatedly, especially as part of an evaluation group of competing solutions. With less than 50 days until the compliance date, most establishments with 100 computers or so might find themselves strapped for time in implementing traditional encryption solutions. Perhaps that's why we're seeing so much interest in AlertBoot, which has a track record of securing nearly 100 laptops in two weeks and over 1000 laptops in less than a month."

According to the US Department of Health and Human Services (HHS), "Protected health information (PHI) is rendered unusable, unreadable, or indecipherable to unauthorized individuals if"**: 

  •     An encryption algorithm meets 45 CFR 164.304 (the "definition of encryption");
  •     "Process or key that might enable decryption has not been breached "; and,
  •     "Decryption tools should be stored on a device or at a location separate from the data they are used to encrypt or decrypt"

Saturday, August 10, 2013

Dell: We May Never Build Another Data Center

Robin Johnson, Dell's CIO, and Dane Parker, its Global Facilities Lead, took part in the virtual conference (you can attend it online through WebEx) yesterday to talk about how the greenest data center is the one you never build.

Dell surveyed its customer base about demand for new hardware and data center floor space, and found that 65 percent of its customers were out of space and considering new facilities. Despite being in the same position as their customers, Dell held off, a move Johnson described as a cost-mitigation play, buying a year's worth of time to think the decision through while renting out a colocation facility.

"The thing that happened in that year is that, one, technology gets cheaper, smaller and more powerful year over year," Johnson said. "And the other key was virtualization, which I describe as carpooling."

By virtualizing their servers, Dell was able to go from an industry average 12-18 percent utilization for its servers to 42 percent utilization, a number that Parker says is still "going north." As a result, "we've doubled our workload at no extra power, and no extra servers," Johnson said.

|| David K. Shepherd ||

Do BYO data centers make sense anymore?


While Hamilton has a vested interest in people moving their compute loads to Amazon's infrastructure, his build big or don't build at all mantra resonates with several other IT experts. The consensus: It makes sense for most companies to trust their data center needs to the real experts in data centers — the companies that build and run data centers as a business. More companies will start moving more of their new compute loads — maybe not necessarily all the mission critical stuff — to the big cloud operators. That roster  includes the aforementioned players as well as Google, Microsoft, IBM, Hewlett-Packard, Oracle and others that are building out more of their own data center capacity for use by customers.

And for startup companies, the decision to not build is a no brainer. Connectivity to the cloud is the real issue for these companies. "If I was starting a greenfield company, the data center would be the size of my bathroom; there wouldn't necessarily even be a server, maybe a series of switches — all my backoffice apps, my sales force automation, my storage would be handled in the cloud," said David Nichols, CIO Services Leader for Ernst & Young, the global IT consultancy

Thursday, August 8, 2013

Hybrid hosting (video) — Internap

Hybrid hosting has been gaining a lot of momentum, and it's a valid concept that's here to stay. Hybrid hosting can refer to many different things, such as hybridizing private clouds and public clouds, or hybridizing different public clouds. We think the idea of hybridizing the old fashioned and the newfangled – or, colocation and cloud – is one of the more interesting approaches.

The benefit of doing this is quite extreme, because colocation and cloud are at opposite ends of the spectrum. With colocation, you have a complete CAPEX model with high degrees of control but very little agility. With cloud, you have a purely OPEX model but with high levels of agility and low levels of control. The ability to mix and match those two infrastructure types allows you to split your application up depending on what makes sense.

Tuesday, August 6, 2013

Metasploitable - Metasploit Unleashed


One of the problems you encounter when learning how to use an exploitation framework is trying to configure targets to scan and attack. Luckily, the Metasploit team is aware of this and released a vulnerable VMware virtual machine called 'Metasploitable'. 

Metasploitable is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques. 
The VM will run on any recent VMware products and other visualization technologies such as VirtualBox, VMFusion. You can download the image file of Metasploitable 2 from

Monday, August 5, 2013

Why MDM and ITSM need to play nice

Impact to ITSM Processes

For companies with process-based ITSM programs, every step of the lifecycle framework will need to be reassessed with MDM in mind. This includes rethinking service strategy, design, service transition, and operation.

Each ITSM process may need to be adapted to incorporate the unique requirements of MDM. This can include issues such as separate protocols for employee-owned devices, different services added to the service catalog, new update workflows, and mobile-based service offerings.

BYOD Security with ITSM

Many organizations implement BYOD policies because of security concerns with these devices. But the same organizations will often overlook the enhanced security capabilities that can be achieved using their existing ITSM infrastructure.

By developing systems and processes at the service level that mitigate risk, IT can become the champion of preferred devices. This can include adapting service strategies when on-boarding and off-boarding employees as well as decommissioning employee-owned devices.

Sunday, August 4, 2013

The rise and rise of BYOD

Bringing your own possessions into the workplace is one of those creature comforts you simply expect as an employee. A framed picture of your family, a coffee mug with a funny slogan on it, maybe some knick-knacks to brighten up your workspace.

Personal electronics such as smartphones and tablets, however, are a different story. The latest research from back-up and online storage vendor Acronis shows that while most organisations in Australia allow staff to bring their own devices into the workplace - a practice known as BYOD, or bring your own device - a third do not.

The report, which surveyed 4300 IT professionals in eight countries, including 390 in Australia, also found that most Australian companies do not have secure BYOD policies to protect corporate data.

"Generally, employees are expecting to be able to bring their own devices and be able to connect them to the network," Simon Howe, Asia-Pacific sales director of mobility solutions at Acronis says. "But one of the key findings from the research is that most organisations don't have any kind of policy in place around BYOD."

Friday, August 2, 2013

Really? This is just sad... | Former SAP Exec Gets Prison Time for Lego Price Switcharoo

Authorities say that Langenbach made more than $30,000 selling Legos on eBay, where he did business under the seller name "Tomsbrickyard." He would print up low-value Universal Product Code (UPC) tickets at home, and then slap them on more expensive items at the store so he could purchase them at a discount.

DC Area - BrickFair LEGO Convention, August 3 - 4, 2013

BrickFair VA 2013 1 day away
Aug 3rd & Aug 4th, 2013.
11:00am - 4:00pm

Join us at the Dulles Expo Center in ChantillyVA.

LEGO models, displays and winding trains sprawled out over100,000 square feet.

BrickFair brings together adult fans of LEGO from across the USA (and Canada, and a few other countries) to show off their projects, great and small, and to share their passion for LEGO - the most awesome toy - ever.

LEGO fan festivals like BrickFair are great fun for the whole family!

Join in a game or two - maybe win a LEGO set.

Vendors will be offering all things LEGO, including shirts, hats, minifigures, custom-molded weapons, unique models, keychains and... really... everything you neverimagined.


DTrace is a comprehensive dynamic tracingframework created by Sun Microsystems fortroubleshooting kernel and application problems on production systems in real time. Originally developed for Solaris, it has since been released under the free Common Development and Distribution License (CDDL) and has been ported to several other Unix-like systems.

DTrace can be used to get a global overview of a running system, such as the amount of memory, CPU time, filesystem and network resources used by the active processes. It can also provide much more fine-grained information, such as a log of the arguments with which a specific function is being called, or a list of the processes accessing a specific file.

|| David K. Shepherd ||

I do love this... The Netflix Tech Blog: Chaos Monkey Released Into The Wild

We have found that the best defense against major unexpected failures is to fail often. By frequently causing failures, we force our services to be built in a way that is more resilient. We are excited to make a long-awaited announcement today that will help others who embrace this approach.
We have written about our Simian Army in the past and we are now proud to announce that the source code for the founding member of the Simian Army, Chaos Monkey, is available to the community.
Do you think your applications can handle a troop of mischievous monkeys loose in your infrastructure? Now you can find out.