« First...102030...2,3362,3372,3382,3392,340...2,3502,3602,370...Last »

EMC embarks on all-singing, all-dancing VNX jamboree

Posted on by

EMC World 2014 EMC has had a VNXgasm and announced future software for VNX, plus a buffed up VNXe box, a VSPEX addition, and the company is also making more encryption options available.

The VNX software is coming via Project Liberty and thus includes freedom from hardware lock-in presumably, and is virtualised storage software that is based on the VNX platform. EMC talks of a variety of deployment models, saying it could be used by test and developers to spin up virtual VNX arrays for virtual servers and ROBO locations, hybrid public/private cloudy deployments, and in software-defined data centres.

You get the feeling that EMC sees VNX primarily as a test-and-dev thing and not a serious software storage array like HP's StoreVirtual or VMware's VSAN or, indeed, its own ScaleIO. It will be an on-ramp to speed VNX-dependent app development.

The Liberty development has to embrace, we suppose, both the VNXe and the VNX software environments, which are different; VNXe's software being more integrated in the file and block area.

With VNX and VMAX now in the same engineering organisation inside EMC we might see even see a software VMAX.

There is a new VNXe entry-level system, the VNXe3200 and it's a souped up model that has been given Fibre Channel connectivity; welcome to the big guys storage networking club you little iSCSI and NAS squirt.

VNXe3200

Basically it's the addition of the same VNX technology enhancements from last September applied to a VNXe box.

It gets MCx multi-core controller processor optimisations, FAST Cache SSD caching and FAST VP auto-tiering, like the full-fledged VNX arrays. EMC might as well drop the 'e' from VNXe. (FAST Means Fully-Automated Storage Tiering.) Here's a table of config details:

The VNXe range used to have two members; VNXe3300 and a 3150. It now appears to have just the 3200.

Here is the original post:
EMC embarks on all-singing, all-dancing VNX jamboree

VeriFone and First Data Bring End-to-End Encryption and Tokenization to Gas Stations and …

Posted on by

Integration meets petroleum merchants need for enhanced data security

San Jose, Calif. VeriFone Systems, Inc. (NYSE: PAY) and First Data Corporation announced today the launch of the VeriFone edition of the First Data TransArmor solution for U.S. multi-lane and petroleum merchants. The TransArmor, VeriFone edition, is an end-to-end encryption and tokenization solution that is a result of a partnership between VeriFone and First Data to address retailers need for enhanced payment security.

The TransArmor, VeriFone edition, enables First Data customers using VeriFone's Secure PumpPay and MX series of EMV and NFC-enabled devices to take advantage of a complete security solution combining VeriFone's VeriShield encryption along with tokenization technology from RSA, the Security Division of EMC. Cardholder data benefits from increased protection 'in-flight' from the moment it enters the merchant environmentwhether indoors or at the pumpall the way to First Datas data center, utilizing VeriFone's hardware fortified and format preserving encryption technology.

"Data breaches are a widespread problem with over 1.1 billion records compromised in the last 10 years and the average organizational cost estimated at $5.4 million1," said Paul Kleinschnitz, senior vice president, Cyber Security Solutions, First Data. "This partnership with VeriFone on the TransArmor solution illustrates our commitment to collaborate with industry experts to bring best-in-class security solutions to new markets such as petro."

Two petroleum and convenience retailers, including Robinson Oil Corporation and a major U.S.-based brand of filling stations, will pilot the solution for end-to-end encryption and tokenization of cardholder data captured at the counter and at the pump, beginning in July 2014.

"Petroleum and convenience store retailers have been increasingly focused on bolstering payment security, especially in light of recent breaches in the headlines," said Tom Robinson, president of Robinson Oil Corporation, which will roll out the TransArmor, VeriFone edition across its 34 Rotten Robbie retail locations following the pilot. "As a result of First Data and VeriFones solution, we now have the means to enhance cardholder data protection long before the 2017 EMV deadlines take effect for transactions at gas pumps.

"Being the first to bring end-to-end encryption and tokenization to the petro space, especially in a way that enhances security at the pumpan unattended site vulnerable to the types of attacks seen in recent headlinesdemonstrates VeriFone and First Datas commitment to addressing security needs beyond encryption," said Dan Yienger, senior vice president and general manager of Petroleum for VeriFone. "This solution enhances our offerings to the retail petroleum industry while serving as a testament to our leadership in payment security innovation."

To secure data 'at rest,' the solution has been engineered with RSA tokenization technology that replaces card data with a token number that preserves the value of card data for merchant business operations but removes value for fraudsters. When implementing the TransArmor solution, merchants will meet or exceed existing industry guidelines and requirements for end-to-end encryption and tokenization of payment card data regardless of their unique environment.

1 Ponemon Institute, 2013 Cost of a Data Breach Study, May 2013; Verizon RISK Team, 2013 Data Breach Investigation Report, April 2013

About First Data (www.firstdata.com)

Read the original:
VeriFone and First Data Bring End-to-End Encryption and Tokenization to Gas Stations and ...

11 reasons encryption is (almost) dead

Posted on by

Everyone who has studied mathematics at the movie theater knows that encryption is pretty boss. Practically every spy in every spy movie looks at an encrypted file with fear and dread. Armies of ninjas can be fought. Bombs can be defused. Missiles can be diverted. But an encrypted file can only be cracked open with the proper key -- and that key is always in the hands of a dangerously attractive agent hidden in a sumptuous hideout on the other side of the world. (Never in Newark or New Haven -- who wants to film there?)

Alas, this theorem of encryption security may be accepted as proven by math geniuses at Hollywood U., but reality is a bit murkier. Encryption isn't always perfect, and even when the core algorithms are truly solid, many other links in the chain can go kablooie. There are hundreds of steps and millions of lines of code protecting our secrets. If any one of them fails, the data can be as easy to read as the face of a five-year-old playing Go Fish.

[ Verse yourself in the 7 sneak attacks used by today's most devious hackers, 14 dirty IT security consultant tricks, 9 popular IT security practices that don't work, and 10 crazy security tricks that do. | Build and deploy an effective line of defense against corporate intruders with InfoWorld's Encryption Deep Dive PDF expert guide. Download it today! | Learn how to protect your systems with Roger Grimes' Security Adviser blog. ]

InfoWorld - Everyone who has studied mathematics at the movie theater knows that encryption is pretty boss. Practically every spy in every spy movie looks at an encrypted file with fear and dread. Armies of ninjas can be fought. Bombs can be defused. Missiles can be diverted. But an encrypted file can only be cracked open with the proper key -- and that key is always in the hands of a dangerously attractive agent hidden in a sumptuous hideout on the other side of the world. (Never in Newark or New Haven -- who wants to film there?)

Alas, this theorem of encryption security may be accepted as proven by math geniuses at Hollywood U., but reality is a bit murkier. Encryption isn't always perfect, and even when the core algorithms are truly solid, many other links in the chain can go kablooie. There are hundreds of steps and millions of lines of code protecting our secrets. If any one of them fails, the data can be as easy to read as the face of a five-year-old playing Go Fish.

[ Verse yourself in the 7 sneak attacks used by today's most devious hackers, 14 dirty IT security consultant tricks, 9 popular IT security practices that don't work, and 10 crazy security tricks that do. | Build and deploy an effective line of defense against corporate intruders with InfoWorld's Encryption Deep Dive PDF expert guide. Download it today! | Learn how to protect your systems with Roger Grimes' Security Adviser blog. ]

Encryption is under assault more than ever -- and from more directions than previously thought. This doesn't mean you should forgo securing sensitive data, but forewarned is forearmed. It's impossible to secure the entire stack and chain. Here are 11 reasons encryption is no longer all it's cracked up to be.

Encryption's weak link No. 1: No proofs -- just an algorithm arms raceThe math at the heart of encryption looks impressive, with lots of superscripts and subscripts, but it doesn't come with any hard and fast proofs. One of the most famous algorithms, RSA, is said to be secure -- as long as it's hard to factor large numbers. That sounds impressive, but it simply shifts the responsibility. Is it truly that hard to factor large numbers? Well, there's no proof that it's hard, but no one knows how to do it right all of the time. If someone figures out a fast algorithm, RSA could be cracked open like an egg, but that hasn't happened yet ... we think.

Encryption's weak link No. 2: Disclosure is the only means of detecting a crackSuppose you figured out how to factor large numbers and crack RSA encryption. Would you tell the world? Perhaps. It would certainly make you famous. You might get appointed a professor at a fancy college. You might even land a cameo on "The Big Bang Theory."

But the encryption-cracking business can be shady. It isn't hard to imagine that it attracts a higher share of individuals or organizations that might want to keep their newfound power secret and use it to make money or extract valuable information.

Read the rest here:
11 reasons encryption is (almost) dead

What’s that PARASITE wriggling inside my browser?

Posted on by

The group that last year demonstrated open source software to simulate a nematode has gone on Kickstarter to try and accelerate its OpenWorm project.

As noted by The Register last May, the nematode is a good subject for simulation, being one of the world's least complex creatures. At that time, the project had got as far as showing five muscle groups of a C. elegans simulation moving in water.

Their aim is now much more ambitious: to build a complete, open source cloud-hosted WormSim for educators, scientists, supporters and anyone else who's interested.

The 36 contributors to the code, which is available under the MIT license, have so far got as far as simple crawling (the code is at github here).

That's a bit less than a complete worm simulation, but the researchers are trying to work from a bottom-up perspective. Rather than programming the known behaviours of a nematode into software, they're trying to create the creature on a cell-by-cell basis, in the hope that behaviours will emerge from the detail of the simulation.

With two weeks to go, the project has so far raised $US32k of its $US120,000 target. The OpenWorm site is here, and its Kickstarter page is here.

Continued here:
What's that PARASITE wriggling inside my browser?


« First...102030...2,3362,3372,3382,3392,340...2,3502,3602,370...Last »