Monthly Archives: maart 2015

Why Improving Mobile App Security Is So Hard

30 maart 2015
By

While demand for mobile applications is growing at astronomical rates, so too are the security vulnerabilities that affect those apps. Although the vast majority considers the risk significant, just a small percentage of mobile application development budgets is being allocated to securing those applications, according to a survey of 640 IT professionals conducted by the Ponemon Institute on behalf of IBM. Worse yet, only 29 percent of those polled said they have the resources they need to address the issue, and only 14 percent gave high ratings to their capabilities in this area. “For a variety of reasons, companies find it difficult to improve the security of their mobile applications,” the study stated. The report recommends frequent testing of mobile apps, ensuring the “rush to release” does not have a negative impact on coding practices, conducting training and education programs for development teams, increasing budgets for mobile app security, and implementing policies and procedures to control employees’ risky behavior. For solution providers across the channel, testing and securing mobile applications represents a major opportunity.

Bron: Linux and Unix Nieuws Lees het complete artikel hier: http://www.channelinsider.com/mobile-devices/why-improving-mobile-app-security-is-so-hard.html/

Unit4 maakt zich op voor de wereldtop

27 maart 2015
By

Pareltjes

Unit4 maakt zich op om wereldwijd uit te groeien tot een topspeler op de erp-markt. De leverancier van software voor enterprise resource planning (erp) richt zich daarbij met name op het middensegment. Met de in 2014 aan boord gestapte kapitaalkrachtige eigenaar, investeerder Advent, en nieuw buitenlands management krijgt de internationale strategie, die sinds eind jaren ’90 is ingezet, een extra impuls. Niet slecht voor een bedrijf uit Sliedrecht dat in 1980 met lokaal oliegeld is opgericht.


Voor Unit4 wordt de kiem eind jaren zeventig gelegd bij de toenmalige hardwaredienstverlener MAI. Het Amerikaanse bedrijf levert geïntegreerde systemen aan het midden- en kleinbedrijf (mkb) in het minicomputertijdperk. MAI verkoopt Basis/Four-computers, waarop programma’s geschreven in Business Basic draaien. In die tijd besluit het bedrijf, dat met softwarehuizen samenwerkt, ook eigen softwareproducten te gaan ontwikkelen. Het plan behelst het leveren van een complete ‘small business’ computer inclusief administratieve software, waarmee bedrijven hun financiën, voorraad, verkoop en administratie konden ondersteunen.

Dit concept is in de Verenigde Staten redelijk succesvol en dat wil MAI uitrollen naar andere landen. ‘Wat de Amerikanen even waren vergeten, was dat men in Europa niet overal Engels spreekt, dus de software, handleidingen en verkooptrainingen moesten worden vertaald. Dat vonden ze in Amerika maar lastig, en van een concept als btw hadden ze helaas ook nooit gehoord. Dus die software, zo bleek na het installeren, werkte niet’, vertelt mede-oprichter en oud-topman Chris Ouwinga (inmiddels voorzitter van de toezichthoudende raad van Unit4).

Het lokale Nederlandse management van MAI besluit vervolgens dit Amerikaanse pakket niet aan te passen, maar een nieuw Nederlands softwarepakket te bouwen met dezelfde functies. Ouwinga, die na een elektrotechnische opleiding bij het bedrijf aan de hardwarekant is binnengekomen, vindt dat een interessante ontwikkeling en stapt over naar de Rotterdamse vestiging om

Bron: Computable Lees het complete artikel hier: http://www.computable.nl/artikel/magazine/5245287/5215853/unit4-maakt-zich-op-voor-de-wereldtop.html

De geslonken toekomst van de Itanium

26 maart 2015
By

Intel had ooit grootse plannen om met zijn 64-bit Itanium-processor de servermarkt af te snoepen van traditionele Unix-leveranciers met elk hun eigen risc-processorplatform. Anno 2015 is de realiteit heel anders.


Intel is al vele jaren groot op de servermarkt. Het dankt die positie echter niet aan zijn oorspronkelijke plannen om de serverwereld te veroveren. De 32-bit Xeon-processors zijn geleidelijk steeds krachtiger geworden en hebben daarbij ook 64-bit eigenschappen gekregen. Intel is zo goed meegegaan in de omslag die de servermarkt heeft meegemaakt: van scale-up naar scale-out. De grote, krachtige servers van weleer zijn grotendeels vervangen door hele legers aan relatief zwakkere servers die in clusters of load-balancing opstellingen het zware rekenwerk verrichten. Cloud computing versterkt deze trend.

‘Nog in gesprek’

Kostbare servers met krachtige risc-processors zijn hierdoor in het nauw gedreven. Ironisch genoeg geldt de Xeon-concurrentie ook voor Intels ‘volbloed’ 64-bit chip. De Itanium-processor die voor dit jaar op de planning staat, lijkt zelfs in limbo te verkeren. Officieel is Intel nog altijd toegewijd aan de productlijn van Itanium-processors. Dit omvat ook het uitbrengen van de volgende generatie (codenaam Kittson) die al sinds 2013 op stapel staat om dit jaar uit te komen.

Wanneer Kittson komt en in welke vorm is echter nog de vraag. De technische eigenschappen van Kittson zijn begin 2013 plots gewijzigd, maar er leek toen nog wel sprake van een lancering in 2014. Later is er officieel gesproken van 2015 als releasejaar voor Kittson. Nu, in het eerste kwartaal van 2015, is er niets nieuws bekend over de volgende Itanium-generatie. ‘We zijn met HP en onze andere oem-partners  nog in gesprek over de timing of feature-set van Kittson’, antwoordt de processorreus op vragen van Computable.

Niet meegaan in nm-vooruitgang

Wanneer de Bron: Computable Lees het complete artikel hier: http://www.computable.nl/artikel/technologie/infrastructuur/5246057/2379248/de-geslonken-toekomst-van-de-itanium.html

SUSE TechExchange

25 maart 2015
By


SUSE TechExchange

In dit middag vullend programma zal SUSE vanuit een technisch perspectief Live Kernel Patching en High Availability behandelen om geplande en ongeplande downtime van IT systemen te kunnen voorkomen.

De TechExchanges van SUSE zijn technische evenement voor klanten en partners die meer willen weten over SUSE haar oplossingen.
In oktober 2014 heeft SUSE de nieuwe release van SUSE Linux Enterprise (SLE) uitgebracht. Omdat er zo veel nieuws te melden is, heeft SUSE er voor gekozen dit over twee TechExchanges te verdelen. De eerste heeft plaatsgevonden in januari en behandelde het opstarten van een systeem en de full-system rollback. De tweede TechExchange gaat over kGraft en de High Availability Extension en biedt voor het eerst ruimte aan het ‘SUSE Open Podium’.

Seminar
, georganiseerd door SUSE

Terug

Bron: Computable Lees het complete artikel hier: http://www.computable.nl/content/agenda/5238353/1589222/suse-techexchange.html

Everything is insecure and will be forever says Cisco CTO

23 maart 2015
By

While in Melbourne enduring the antipodean version of Cisco Live!, The Register’s networking desk met veep and CTO Bret Hartman. Here’s what he told us about network security, a field he feels is basically doomed. Forever.

The Register: The last twelve months tells us we have insecure devices connected through gateways, sending information back to insecure companies … and we want to expand all of this with the internet of everything. Are we crazy?

Hartman: Part of my job is to think about just that question … it’s my job to try to anticipate technology directions, where we should be investing, what customers need.

To your point it’s an awesome time to be a security professional. Guaranteed job security. My son wants to be in software, I tell him to get in security, like all kids he wants to write games.

There’s a fundamental issue … we as human beings get excited about technologies because they enable all these new and exciting things – wearables, connected homes, all information available, all the time, everywhere. We take that for granted.

As a security person, I recognise that there’s a lot of risks. And the risks and the challenges just keep getting bigger.

I’ve been in this line of work for 30 plus years … people ask me, is it ever going to get any better? I don’t really think so.

From the standpoint of the threats to the connectivity – it’s not a solvable problem. So the question is “what can we do … to at least have those risks so we can all live our lives as private citizens?”

Given the basic premise that this is a fundamentally intractable problem, and it always has been.

It’s all about how do you manage risk so we can get on with our lives.

Hartman: That’s inevitable because of complexity.

Bron: The Register Lees het complete artikel hier: http://go.theregister.com/i/cfa/http://www.theregister.co.uk/2015/03/22/interview_ciscos_bret_hartman/

Centric IT Career Event

21 maart 2015
By


Centric IT Career Event

Sta je aan het begin van je IT-carrière en heb je een relevante HBO opleiding afgerond? Of ben jij een specialist, consultant of architect en ben jij toe aan een volgende stap?

Maak dan kennis met Centric! Kom op zaterdag 28 februari naar de Havixhorst in Schiphorst. Jouw kans om te kijken of Centric bij je past. Zet de volgende stap in je carrière bij een van de meest toonaangevende IT-dienstverleners van de Benelux.
Centric levert totaaloplossingen op het gebied van infrastructuren en maatwerk- en standaardsoftware. Door de groei van onze activiteiten zijn wij binnen de regio Noord- Oost-Nederland op zoek naar enthousiaste collega’s voor het vakgebied IT-infrastructuren beheer.
Interesse?
Ga voor meer informatie over het evenement naar www.werkenbijcentric.eu, evenementen en meld je direct aan!

Themadag
, georganiseerd door Centric Netherlands B.V.

Terug

Bron: Computable Lees het complete artikel hier: http://www.computable.nl/content/agenda/5231529/1589222/centric-it-career-event.html

Docker: Networking’s new twist on micro services

20 maart 2015
By

We know that data centres operate with a high proportion of abstraction technologies. This should come as no surprise – the cloud services they house are in and of themselves physically “abstracted” (or, perhaps, even “conceptualised”) chunks of computing and storage power.

We also know that Docker, as an open-source application container project, hinges around its ability to abstract (and automate) the operating system level virtualisation on Linux.

As Linuxcontainers.org underlines: “[Containers] offer an environment as close to possible as the one you’d get from a virtual machine, but without the overhead that comes with running a separate kernel and simulating all the hardware.”

So how does Docker now form the next fold in the space-time continuum of data centre abstraction?

Much of the Docker focus now centres on configuration, orchestration and the deployment mechanics for distributed data centre applications.

In other words, networking, if you prefer.

For both user customers and partner vendors alike, the “so-what” factor comes down to how we fit existing operating system and application parameters into the Docker world so that they are both secure and deliberately tuned to Docker’s radio frequency and beat.

Docker-specific operating systems have started to emerge. CoreOS as a fork of Chrome OS is pre-configured with popular tools for running Linux containers. But CoreOS is not alone.

Just this March we have welcomed Red Hat Enterprise Linux 7 Atomic Host, an operating system optimised for running next-generation applications with Linux containers – umm, we think they kind of mean Docker.

Red Hat says: “As monolithic stacks give way to applications comprised of microservices, a container-based architecture can help enterprises to more fully realise the benefits of this more nimble, composable approach.”

In other words, data centre-networking maintenance is really important.

Docker’s gastro-intestinal mechanics

Docker itself hasn’t been quiet on its own internal gastro-intestinal status. Why would it? The project has so far

Bron: The Register Lees het complete artikel hier: http://go.theregister.com/i/cfa/http://www.theregister.co.uk/2015/03/20/docker_one_and_all/

Kaspersky Lab Revamps Its Channel Partner Program

20 maart 2015
By

Kaspersky Lab North America’s new program is aimed at enabling partners to achieve up to 50 percent margins and receive additional incentives.

With Kaspersky Lab North America celebrating its tenth year of doing business on the continent it would seem like there is no better time to revamp the channel programs of the security software provider.

Kaspersky Lab North America is now giving partners the ability to achieve up to 50 percent margins and will be rewarded with additional incentives beyond that via a new Partner Loyalty Program that rewards the owners of value-added resellers (VARs) and managed service provider (MSP) partners for all sales on an ongoing basis.

“We want to reward both the salespeople and the owners of the solution providers for working with us,” said Jon Whitlock, senior director of channel marketing for Kaspersky Lab North America. “We also want to make it easier for both us and our partners to see how we’re doing together.

To that end, Kaspersky Lab North America will be working more closely with platinum and gold level partners to set and achieve business goals, Whitlock said.

The Kaspersky Lab North America channel program is also being aligned globally around the same tiered model, and the company has committed to providing partners with content and turnkey marketing campaigns that can be co-branded in a way that drives leads directly back to the solution provider versus the Kaspersky Lab North America marketing organization.

As attacks that are specifically focused on endpoints have increased in the last few years, Whitlock said commercial organizations are being a lot more demanding about the quality of the anti-malware software they put on those devices. Going forward, Whitlock noted that the explosion of mobile computing devices is not only increasing that demand, the rise of the Internet of things (IoT) will also increase the

Bron: Linux and Unix Nieuws Lees het complete artikel hier: http://www.channelinsider.com/tech-companies/kaspersky-lab-revamps-its-channel-partner-program.html/

Microsoft open sources MSBuild, aims for cross-platform dev tools

19 maart 2015
By

Microsoft’s build engine, MSBuild, has been published as open source on GitHub and will be ported to Linux and the Mac.

A build engine is used by developers to compile libraries and applications from source code. Using MSBuild, developers can define the build process in XML files, including pre-processing, compilation and post-processing.

Large applications have complex build processes, so easily managed automation is essential. Visual Studio uses MSBuild, though developers may not be aware of it unless they need to customise what the IDE does on their behalf.

The thinking behind making MSBuild open source is that it can be ported to other platforms. Announcing the move, Microsoft’s Rich Lander said:

“We will be adding Linux and Mac support soon (perhaps with your help!) so you can use MSBuild to build the open source .NET projects on your preferred platform. We’ll initially start with Mono and look to port the code to run on .NET Core.”

.NET Core is the new open-source version of Microsoft’s .NET Framework, while Mono is the old open-source implementation led by Miguel de Icaza.

One of the issues with cross-platform .NET is that Visual Studio only runs on Windows, and with many developers using Macs or perhaps Linux as their primary development platform, this is a barrier to adoption.

“I think that we need MSBuild. You will need MSBuild to maintain, develop and extend software on Unix and participate in the larger ecosystem. While Mono has an implementation, it is a trivial one, and it is lacking too many features,” said de Icaza in a forum post last year. “While I am not a fan of MSBuild or XML file formats, the reality is that MSBuild is as encroached in the .NET ecosystem as the ‘.dll’ extension is.”

Now de Icaza has his wish, though some .NET Core developers

Bron: The Register Lees het complete artikel hier: http://go.theregister.com/i/cfa/http://www.theregister.co.uk/2015/03/19/microsoft_open_sources_msbuild_aims_for_crossplatform_dev_tools/

Web geeks grant immortality to Sir Terry Pratchett – using smuggled web code

19 maart 2015
By

The death of Sir Terry Pratchett last week left many fans bereft, but some canny geeks have devised a system to ensure his name lives on in everyday web traffic.

In Pratchett’s 2004 book Going Postal, the deceased inventor of the “clacks,” a form of communications system for sending data over large distances, is immortalized by staff who add his name to all ingoing and outgoing messages. “A man is not dead while his name is still spoken,” as one character puts it.

After a discussion on 4chan-for-beginners Reddit, Pratchett fans devised a similar tribute: injecting X-Clacks-Overhead: GNU Terry Pratchett into server-sent HTTP headers. This can be accomplished with almost every web server by tweaking configuration files to reference the late author in all outgoing traffic. Plugins to inject the custom header into outgoing HTTP requests are also available for the big four browsers.

The GNU part comes from the Pratchett universe. In clacks code, G is an instruction to send a message, N instructs the clack operator not to log it, and U instructs the recipient to turn it round at the end of the line and send it back.

The code was also a joke from the very tech-friendly Pratchett – a man who was once asked why he had six computer monitors on his desk and replied that it was because he hadn’t figured out how to add more. The operating system GNU (standing for GNU’s Not Unix) was initiated by free software advocate Richard Stallman; many of Stallman’s GNU tools are available today via GNU/Linux distributions.

As people enable the X-Clacks-Overhead, Sir Terry’s name will spread far and wide over the internet, assuring his name will be repeated every day. Of course, with over 70 books written there are more traditional methods of keeping his name

Bron: The Register Lees het complete artikel hier: http://go.theregister.com/i/cfa/http://www.theregister.co.uk/2015/03/18/sir_terry_pratchett_http_header/