News about Oracle's Solaris and Sun Hardware
System News
Apr 8th, 2013 — Apr 14th, 2013 Generate the Custom HTML Email for this Issue
System News System News for Sun Users
Volume 182, Issue 2 << Previous Issue | Next Issue >>
Sections in this issue:
click to jump to section

April 2013 Oracle Database Insider Available for Download
Includes Call for OpenWorld 2013 Proposals
The April 2013 issue of Database Insider Edition is now available. This issue features news stories on Oracle Database Appliance X3-2; a catalog of Oracle events for developers; and an appraisal of Oracle Audit Vault and Database Firewall. A featured video considers database management systems: build or buy; proposals are solicited for Oracle OpenWorld 2013; and a collection of webcasts and podcasts flesh out the edition.
SPARC T5 Systems Net Oracle TimesTen Benchmark World Record
Delivers 2.2X Higher Throughput than Intel Xeon E7-4870 Processor
The SPARC T5 processor delivered significantly faster performance than systems based on other processors in benchmarking tests of Oracle TimesTen In-Memory Database. On the TimesTen Performance Throughput Benchmark (TPTBM) read-only workload, the SPARC T5 processor achieved 2.2 times higher throughput than the Intel Xeon E7-4870 processor and 3.8x more throughput than a SPARC T5-2 Server, producing a world record 59.9 million read transactions per second. On the Mobile Call Processing test, the SPARC T5 processor achieved 2.4 times more throughput than the Intel Xeon E7-4870 processor. The SPARC T5-2 server delivers 2.4x the performance of the SPARC T4-2 server in the same space.
Sun Ray Software 5.4: New for Trusted Extensions
Offers Full Support for Oracle Solaris 11.1
In an post Glenn Faden reports that Oracle has announced the availability of Sun Ray Software 5.4, which fully supports Oracle Solaris 11.1 including the Trusted Extensions features. The Oracle Data Sheet for the Sun Ray Software has a summary of the supported platforms on page 3, he writes, and there's a well-documented section in the Administration Guide entitled Configuring Oracle Solaris 11 Trusted Extensions. All the multilevel desktop features are supported including per-workspace authentication and device allocation for Pulse Audio.
Articles on the Release of Oracle VDI 3.5
Online Anthology for German and English Readers
Matthias Muller-Prove has compiled a list of articles on the Oracle Virtual Desktop Infrastructure 3.5 release. Here are just some:

  • New Oracle VDI and Oracle Sun Ray Software releases by Wim Coekaerts
  • What's New in Oracle VDI 3.5? by Andy Hall
  • Brand new VDI and Sun Ray Software releases! by Chris Kawalek
  • Oracle Desktop Virtualisation Information and Documentation Links by Daniel Cifuentes
  • Umfangreiches neues Oracle VDI 3.5 und Sun Ray 5.4 Release von Rolf-Per Thulin
  • Oracle Virtual Desktop Infrastructure und Sun Ray Software mit Plugin für Enterprise Manager 12c von der DOAG
IT - Storage
OnApp Scale Out SAN For The Cloud
Storage Switzerland, April 11th, 2013
"Scale It As They Come

Building a cloud infrastructure capable of meeting the varied performance, availability and resiliency demands of a vast customer base is daunting for even the most seasoned data center professionals. And yet, this is precisely what cloud and managed service providers (MSPs) need to be able to do in order to attract the widest array of clients possible. Traditional data center technologies like storage area networks (SANs) are not particularly well suited for meeting the elastic scaling needs of cloud environments, nor are they cost effective enough to warrant a big up front investment..."

Power Failure and Flash Storage
Storage Switzerland, April 10th, 2013
"There has been a lot of discussion lately about the issue of power failures in flash based solid state storage systems. In various tests run by industry associations* flash based solid state disk (SSD) devices, when subjected to a sudden power-loss, have been found to lose data, corrupt data or even fail altogether. While some of the tests go to extremes (most data centers won't experience 150 power failures in succession, as is cited), there is a reason to be concerned. Consequently, IT planners need to make sure that the flash based system they select can survive and protect data after an unexpected power loss..."
Don't Confuse Big Data with Storage
Information Week, April 8th, 2013
"A large part of big data management is knowing what data to analyze, what to back up and what to dump, says disaster recovery expert...

How much big data should your organization save? And how much should you back up?

Big data plays an important role in today's business world, but it's not up there with mission-critical applications that are essential to an organization's day-to-day operations. That's according to Michael de la Torre, VP of product management for SunGard Availability Services, an IT services company that provides, among other things, disaster recovery services..."

More Than 100 Books Published on Storage, April 8th, 2013
"If you want to publish a best seller, avoid the subject of storage. No chance to win the National Book Critics Circle, the National Book or the Newbery and Caldecott awards. It didn't stop many authors to write their book. The problem here is that the technology is evolving so fast that you have to publish updates frequently - and some authors did it -. Since many years, we think about writing our own book on storage. But we will begin it when we shall have nothing else to do. Which means probably never..."
    The Impossible Enterprise Data Security Challenge
    InfoWorld, April 8th, 2013
    "In my post last week, I described some of the basic challenges in ensuring that data you delete actually stays deleted. In the context of personal computers and removable drives, these concepts can be confusing for users but are usually fairly well understood by IT pros. But IT pros are often confused when deleting data in the context of storage virtualization in their data centers.

    Virtualizing storage has been enormously popular for several years. It's no wonder, either: By abstracting the underlying storage medium from how it's presented to storage users, you can pull off really cool tricks. Thin provisioning, snapshots, SSD wear-leveling, and automated storage tiering are all possible thanks to storage virtualization..."

    5 Roles of the Data Steward
    Information Management, April 8th, 2013
    "Establishing governance and definitions of data involves a few integral pillars. But what are the best ways to structure those data stewardship roles for your business?

    Here are the five, must-do jobs of today's data stewards, according to the report 'Building Data Stewardship is a New Customer Intelligence Imperative' by Forrester Research Analyst Fatemeh Khatibloo..."

    • Lead Governance Practices
    • Map Business Data Needs
    • Define Data Vendor Requirements
    • Keep on Top of Legislation
    • Become an Advocate for Future Data Initiatives

    Read on for details.

    Java Technology
    Java Spotlight Episode 127: Laurent Doguin on Nuxeo @nuxeo
    Open Source Enterprise Content Management Platform
    Log on to Java Spotlight Episode 127 to hear Host Roger Brinkley discuss Nuxeo with Laurent Dogiun. Nuxeo is a software company providing a full Enterprise Content Management (ECM) Platform, open source, for any kind of content-driven application. Nuxeo is the leader in Open Source ECM with its Nuxeo Platform, which helps companies improve business processes efficiency, collaboration and adherence to regulatory compliance. Laurent Dogiun works at Nuxeo as developer and community liaison.
    IT - Technology
    20 People Who Changed Tech: Marconi and Tesla
    Information Week, April 8th, 2013
    "You gotta like Marconi, but you gotta love Tesla.

    Guglielmo Marconi is usually credited with inventing the radio and pioneering long distance radio transmission, but Nikola Tesla's work on both was more seminal and farther reaching. For their contributions to wireless telegraphy, Marconi and Karl Ferdinand Braun, another early innovator, won the Nobel Prize in physics in 1909. But because Tesla and Thomas Edison were involved in a pitched battle on the AC/DC front, the Nobel Committee was probably looking for a set of compromise candidates. How pitched was that battle? Edison electrocuted an elephant to demonstrate the "danger" of Tesla's alternating current. An elephant? Weren't there any lawyers around?..."

      Baseball Meets Internet of Things: Bye, Bad Umpires?
      Information Week, April 8th, 2013
      "To baseball aficionados, it's a frustratingly familiar chain of events: the pitcher winds up and hurls his best curveball; the batter holds back as the ball abruptly drifts; the umpire, unaware of the ball's last-second shift, calls a strike; and millions of fans scream at their TVs for the blown call. But the Institute of Electrical and Electronics Engineers (IEEE), the world's largest technical professional association, plans to make poor baseball officiating a thing of the past..."
        Upgrade Paths to Solaris 11 for Solaris 10 Customers
        Collection of Video Interviews with Solaris Engineering Team Members
        There is a collection of six brief videos by various hands that consider Solaris innovations from the engineering point of view. Speakers include Bart Smaalders of Core Solaris Engineering on why engineering did not provide a direct upgrade path to Oracle Solaris 11; Markus Flierl of Solaris engineering on innovations in Solaris for Oracle database and middleware; Liane Praza of Solaris engineering on Manageability and Analytics throughout the "stack"; Don Kretsch of the Solaris Studio team on SPARC T5 optimizations; Larry Wake of Solaris Product Marketing on continued business value of SysAdmin skills; and Mike Palmeter of Solaris Product Management on OS relevance.
        Need More Physical Disk Space
        Jeremy Smyth Has Some Suggestions

        Ever find yourself with a large table (or two) in a database on a partition that's running out of space? And did you ever wonder how it might safely be moved to another drive? Jeremy Smyth's post on addresses that issue with some helpful suggestions. He first explains how MySQL stores data and then explores the options available, such as moving the whole data directory; moving just one database; or moving a single table. Smyth concludes his post with the caution that modern UNIX-like operating systems often have mandatory access control systems such as AppArmor, SELinux, or Extended Policy, so be sure to do your homework before moving files around.

        Migrating to Oracle Linux: How to Identify Applications To Move
        Rick Ramsey Posts a Guide to YAST

        If you are wondering which applications can accompany you on your migration to Oracle Linux, you will find the post Rick Ramsey wrote, which provides guidance on just that issue, a useful piece of information. Ramsey introduces Yet Another Setup Tool (YAST) and discusses the functions it can perform. Among them are these:

        • List all the installed packages
        • Save the output in a file
        • Sort the packages
        • Find out if a particular component is installed
        • Find out what dependencies a package has

        Ramsey also includes a link to The Linux Migration Guide, usable with both rpm and YAST.

        IT - Cloud
        Cloud Tools Abound. Is Enterprise IT Ready?
        NetworkWorld, April 8th, 2013
        "The sky is the limit for both the number and the types of tools that will eventually help enterprise IT fully embrace the cloud, say industry analysts and cloud integration experts.

        There are currently tools available that can assist IT departments with VM configuration management, help migrate in-house business applications to the cloud, enable full orchestration of cloud services and provide monitoring across multiple clouds. There are also tools that implement management policies in the cloud, set governance parameters and handle encryption management for data flowing around up there..."

        There's more to Cloud Computing Than Just Hosting
        The Register, April 8th, 2013
        "There's a trick we use at Freeform Dynamics when trying to figure out the true significance, if any, of the latest Big Thing being promoted by IT vendors and pundits. We ask ourselves what will be left when the marketers get bored with the current buzz words and move on to the next Big Thing, as they inevitably will.

        As an example, consider Web 2.0. It is a term most of us quickly became sick of because it was so often used as a label to push product. When we teased it apart, though, it was clear that two underlying developments were important: the internet becoming a more interactive place; and web interfaces becoming a lot richer..."

          7 Misconceptions About Cloud Computing That Could Be Holding Your Business Back
          Business 2 Community, April 8th, 2013
          "Whilst commonly painted in the press as an unreliable and risky approach to storing your data, cloud computing is actually an excellent way to create a more agile technological infrastructure for your company and cut costs by reducing capital. The article below hopes to debunk some of the misconceptions surrounding cloud computing which might stand between your company and the successful (and profitable) fulfilment of its objectives for mobility, longevity and efficiency..."

          • It's a fad
          • It's not as secure as conventional data servers
          • It's costly
          • It's complicated
          • It's meant for big companies
          • Changes are always technical rather than strategic
          • If the net goes down, the cloud becomes useless

          Read on for details.

          The State of Cloud Encryption: From Fiction to Actionable Reality
          NetworkWorld, April 8th, 2013
          "The risks of data privacy, residency, security and regulatory compliance remain significant barriers to cloud adoption for many enterprises. While encryption seems like an obvious solution, historically the technology produced usability issues for cloud applications. To complicate matters, putting encryption into the hands of cloud service providers still left the enterprise open to risks such as insider fraud, hacking and disclosure demands from law enforcement.

          Fortunately, technical advances have led to a new category of cloud encryption. When deployed, users access cloud services from Salesforce, Microsoft, Google, etc. through gateways that encrypt data before it goes to the cloud, while it is at rest, and decrypt it on the way back. This ensures information moving to and from and while resident in the cloud is fully protected from any type of exposure..."

          Top 10 Cloud Tools
          NetworkWorld, April 8th, 2013
          "Cloud vendors are delivering boatloads of new tools to help enterprise IT build, buy, manage, monitor, tweak and track cloud services. These tools are designed to help IT execs free up their budgets and their staff so both can be used towards more strategic, line of business projects..."

          • cloudability
          • Cloudyn: S3 Life-Cycle Tracker, EC2 Reservation Detector, RDS Reservation Detector
          • Dell Boomi: AtomSphere
          • Enstratius
          • Informatica: Informatica Cloud Spring 2013
          • MuleSoft: CloudHub
          • Opscode: Chef
          • Puppet Labs: Puppet
          • RightScale: RightScale Cloud Management
          • ServiceMesh: Agility Platform

          Read on for details.

          5 Ways to Avoid Costly Cloud Surprises
          Information Week, April 8th, 2013
          "Use of infrastructure as service is growing, but do users know what they're doing in the cloud? Two critical analyses would suggest that they don't.

          Cloudyn is one of several usage assessment and optimization firms that have been started to serve cloud customers. These new companies often make a basic online service available for free, upping the ante with monthly charges once users discover how much they can learn from the monitoring and diagnostic services..."

          • Determine Your Usage.
          • Check Usage.
          • Seek Out Price Breaks.
          • Go On A "Diet."
          • Tag Your Resources.

          Read on for details.

          Navy CIO: Use the Cloud, but Be Careful
          NetworkWorld, April 8th, 2013
          "The U.S. Navy's CIO has directed that Naval information systems be migrated to commercial cloud service providers, but only for information that has already been approved for public release.

          The public cloud should not be used for classified or mission-critical information or applications, he says..."

          IT - CxO
          Hire Slowly and Hire Well
          ComputerWorld, April 8th, 2013
          "While the economy as a whole remains slow-moving, 2013 is actually shaping up to be a year of growth, innovation and opportunity in the tech sector. That means that IT workers have good reason to be optimistic about their job prospects, and the 2013 Computerworld Salary Survey supports that: The percentage of respondents who said that the job market is poor or offers few opportunities decreased from 36% last year to 27% this year.

          Organizations will be looking to not only fill new IT roles, but also backfill roles that have experienced turnover..."

          IT Needs To Think Like Sales
          Information Week, April 8th, 2013
          "CIOs don't have sales quotas, but they may want to think more like salespeople. Not that they need to always be closing, a la Blake (Alec Baldwin) in Glengarry Glen Ross. But it may make sense to always be challenging.

          That was the premise of a webinar on what IT can learn from sales, hosted by officials at the research and consulting firm Corporate Executive Board..."

            Nine Ways to Correct an Employee Performance Issue
            CIO Insight, April 8th, 2013
            "It's a tough—but necessary—conversation: Too often, CIOs resign themselves to personnel shortcomings while never directly confronting the under-performing employees. Yes, they realize it's a major problem when a systems administrator constantly shows up late, looking as if he never showered or changed clothes from the previous day. Of course, they know that the stakeholders are getting irritated with a series of blown deadlines..."

            • Tap Into Your Inner Gumshoe
            • Organize It
            • Discover Your Motivation
            • Discretion Advised
            • Put Them in Your Shoes
            • Suggestion Box
            • Upon Further Review
            • Closing Remarks
            • A Working Doc

            Read on for details.

              Ten Quotes That Will Inspire Your Inner Leader
              Baseline April 8th, 2013
              "Lots of leadership experts talk a big game, yet many of the motivational quotes that are getting a lot of the social media attention fail to deliver. But wouldn't you jump at a chance to take in short nuggets of wisdom from proven achievers like Bill Gates, Charles Darwin and Albert Einstein ... or the Navy Seals? If so, consider the following quotes as 10 mini-lessons that cover a spectrum of leadership qualities that can benefit anyone from rank-and-file tech workers to managers to senior executives..."
                The CIO: Facilitator of Engaging Employee Experiences
                ZDNet, April 8th, 2013
                "The CIOs role in the workforce experience is often overlooked but, more and more, technology plays a central role in your employee's experience...

                Employee engagement is a hot topic in many C-Suites today. There's a growing body of research that says engaged employees are productive employees, contributing positively to the bottom-line. Forrester's own workforce research shows those who feel supported by managers, respected for their efforts, and encouraged to be creative are more inclined to recommend the company as a workplace or a vendor. So, we see a debate within the upper echelons of organizations on how best to create engaging workforce experiences which give an employee's contributions meaning..."

                  The Emerging Technology Juggernaut
                  Information Management, April 8th, 2013
                  "I heard a great analogy from a client recently; buying new technology is like buying a new car - there are a lot of different strategies. Some people want a new car every couple of years and pay a premium to have it, some choose to lease so they get a new car every few years at a lower payment but they don’t own. Others buy new but plan to drive the wheels off their purchase. The problem is that IT wants to buy a nice reliable sedan and drive it for 200K miles, while some business units want to lease a SUV and others want a Ferrari. It’s an issue of misalignment, but in so many cases IT is not synching up with the business desire to innovate and differentiate with new technology..."
                    Ten Key Steps to Success in Data Loss Prevention
                    Dark Reading, April 811th, 2013
                    "DLP could protect your enterprise from data leaks, but implementation is no cakewalk. Here are some tips to make it easier.."

                    "For many organizations, integrating data loss prevention capabilities into the data center is no longer optional. In an environment where a breach or lack of compliance can cost millions of dollars, not having DLP is like driving down the highway blindfolded..."

                      Does Your Company Have A Policy Against Cyberbullying?
             April 8th, 2013
                      "Only 37% of participants in a recent global survey said their employer has a comprehensive policy that covers cyberbullying, and 25% said the topic is not covered within their employer’s existing policies.

                      Meanwhile, 53% of participants in AVG Technologies’ “Digital Work Life” study indicated that privacy in the workplace has been eroded due to social media, prompting 24% of those participants to avoid posting on social media networks that have caused them concerns about privacy. An additional 23% report limiting their posts, and 53% are more careful when selecting what to post on such sites..."

                        IT - PM
                        Ten Predictions for Project Management in 2013
                        Baseline April 8th, 2013
                        "Project management offices (PMOs) have emerged as popular designations within organizations to address expensive project failures caused by scope creep, missed deadlines, inflated budget costs and other factors. However, many PMOs struggle due to a lack of training and other resources, and the execs in the C-suite are increasing the pressure to prove measurable, business-impacting results. In revealing the following top 10 trends in project management, ESI International provides insight on these and other critical issues for project management teams..."

                        • Hard Skills Will Trump Soft Skills
                        • Agile Implementation Falls Short
                        • Increasing Opportunities
                        • An In-House Talent Challenge
                        • Metrics Will Matter
                        • Feds Will Step Up Their Game
                        • Focus on Vendor Issues
                        • Pink Slips Are Coming
                        • Portfolio Management's Key Role
                        • Agile Expectations Must Align With Reality

                        Read on for details.

                        Why Tech Projects Fail: 5 Unspoken Reasons
                        Information Week, April 8th, 2013
                        "Depending on which consultancy you ask and what they're ultimately trying to sell you, the failure rate for technology projects is anywhere from 37% to 75%. I especially like the 37% -- not 35, but 37 -- because those extra 2 percentage points give the kind of false precision that suggests authenticity.

                        If managing technology pays your mortgage, you usually explain away those failures by pointing to your gray world: gray requirements, gray resources, gray planning, gray risks. The only vibrant color in your life is the brilliant hue of overly optimistic project scheduling..."

                        • Technology ROI numbers are mostly fiction
                        • ROI rarely drives the technology investment decision
                        • There's rarely any long-term accountability in technology
                        • Detailed plans are the enemy
                        • Bringing in the big outside guns only ensures that someone will get shot

                        Read on for details.

                          IT - Networks
                          How to Hack Your Own Wi-Fi Network
                          NetworkWorld, April 8th, 2013
                          "Attempting to 'hack' into your own wireless network can help you spot potential Wi-Fi security vulnerabilities and figure out ways to protect against them.

                          Here are some Wi-Fi hacking techniques and the tools — nearly all free — you can use for penetration testing. These tools will help you uncover rogue access points, weak Wi-Fi passwords, and spot other weaknesses and security holes before someone else does..."

                          Knocking Down the Myths of Why Enterprises Need MPLS
                          NetworkWorld, April 8th, 2013
                          "What was very true just a few years ago – enterprises needing MPLS to have a reliable, high-performance WAN – is no longer, thanks to the NEW architecture...

                          If you're responsible for a serious enterprise WAN, do you need MPLS?

                          Until recently, the answer to this question for almost all larger enterprises, many mid-sized and some smaller ones as well, was a resounding yes.

                          Thanks to the Next-generation Enterprise WAN (NEW) architecture, the answer going forward is: probably not..."

                          The SDN Incubator
                          NetworkWorld, April 8th, 2013
                          "A speaker at a recent Network World event asked the crowd of 450 IT practitioners if they were familiar with software-defined networking (SDN) and only about 10% raised their hands.

                          But while it may be early days in terms of user plans, the vendor community is starting to crawl with interesting companies leveraging SDN concepts and technology. Here are a few that I've talked to recently that are trying to change networking as we know it:..."

                            IT - Operations
                            3D Printers: Not For the Average Consumer
                            NetworkWorld, April 8th, 2013
                            "Consumers getting excited about the idea of at-home 3D printers may not want to get their hopes up anytime soon, Gartner research director Pete Basiliere says.

                            Basiliere, the author of a recent Gartner report predicting enterprise-class 3D printers to drop below the $2,000 price mark by 2016, says consumers may be disillusioned about the potential for in-home 3D printing technology. Recent coverage of extravagant and sometimes controversial 3D printing projects has many thinking the devices will soon be as common in homes as traditional 2D paper printers were 10 years ago, Basiliere says..."

                            Configure, Install & Test New Data Center Servers
                  , April 8th, 2013
                            "Upgrading servers is no small feat. Beyond the scads of configuration considerations that come into play, there’s also a bevy of installation and testing details to tend to. In short, bringing new servers into production is far more complex than simply swapping out the old for the new. The following provides tips and advice regarding the configuration, installation, and testing processes; who should be involved; precautions to take; and more..."
                              Modular Data Centers: Weighing the Pros and Cons
                              Federal Computer Week, April 8th, 2013
                              "Caught in a perfect storm of cloud-first and data center consolidation initiatives colliding with budgetary restrictions, federal CIOs might be wondering how they will keep their IT infrastructures humming in the years ahead.

                              After all, demands for new services are not waning even as the overall number of data centers is declining. Cloud computing and shared services can help, but most agencies still need some physical capacity to support servers and storage systems — as long as they can do so economically..."

                              Where to Place Your Cooling Units
                              Cabling Installation & Maintenance, April 8th, 2013
                              "There is an awful lot of heat to remove from the racks in your data center. And with every technology refresh, there is ever-more heat. Per-rack dissipation has gone from 1 to 4 or 5 kW, with some facilities at 12 to 15 kW and 60 kW possible. But you need to juggle space, cooling efficiency and a load of other factors. So where should you put your chillers--within row, within rack, at the top, bottom or side?..."
                                Most IT Admins Suffer From Work-Related Stress
                                CIO Insight, April 8th, 2013
                                "Does it seem like your IT administrators are on edge all the time these days? You're not imagining things. Most IT admins say they're feeling overwhelmed by stress, and are paying the price in their professional and personal lives—even at the risk of their health, according to a recent survey from GFI Software. This could result in staffing concerns for you: More than one-half of IT admins are considering leaving their job due to workplace stress..."

                                • Just Overloaded
                                • On the Clock
                                • U.S. Cities With the Highest Percentage of Stressed-Out IT Admins
                                • Social Disengagement
                                • Parental Obligations
                                • Fit to Perform?
                                • Spilled Drinks
                                • No Shame

                                Read on for details.

                                IT - Security
                                8 Egregious Examples of Insider Threats
                                Dark Reading, April 8th, 2013
                                "Unlike large customer information data breach cases that are publicly announced due to disclosure laws, many of the most intriguing insider theft, sabotage, and fraud cases never see the light of public scrutiny because companies would rather not air their dirty laundry if they don't have to. But these cases can offer valuable lessons on how insiders can be a threat in future situations. That is why the folks at the CERT Insider Theft Center work with private sector firms and law enforcement authorities to discretely study insider cases for the benefit of the industry. Since 2001, CERT has studied more than 800 cases.

                                Here are illustrative examples of the kind of damage these insiders can do to an organization..."

                                • Traffic Mayhem
                                • Business Partner Break-In
                                • Dropbox Destruction
                                • Terrorist Watch List Treachery
                                • Hedge Fund VM Hijinx
                                • Programmer's Sabotage Side Business
                                • Manufacturing Malware Insertion

                                Read on for details.

                                Building Security Threat Intelligence Networks: 10 Best Practices
                                eWeek, April 8th, 2013
                                "IT security providers have spent more than a decade debating the need for greater sharing of security data as the most effective way to raise the cost of entry and lower the return on investment for criminals and spies alike. The issue is far from settled, however, and an implementation worthy of the promise has yet to be created. There has been a start on this effort, however. In February 2012, AlienVault launched Open Threat Exchange, a system for sharing threat intelligence among users of the company’s Open Source Security Information Management (OSSIM) platform..."

                                • Information Should Be Shared in Increments
                                • IT Must Adapt to Support More Complex Levels of Sharing
                                • Adoption of Tokenization
                                • More Advanced Big Data Research
                                • Signals Intelligence Is an Important Resource
                                • Engage Your Legal Counsel in the Process
                                • Use Threat-Based, Not Risk-Based, Workflows
                                • Sharing Elicits Valuable Intelligence
                                • All Data Holds Value
                                • Always Keep Moving Forward

                                Read on for details.

                                Five Most Common Security Attacks on Two-Factor Authentication
                                IT Business Edge, April 8th, 2013
                                "Following some high-profile password hacks, companies like Apple, Twitter and Evernote have moved to shore up their systems with two-factor authentication. Said to be a great missing security link in many password-driven systems, two-factor authentication technologies that are most widely used today are actually fraught with many of the same risks as password-driven systems.

                                If you’re considering two-factor authentication, you should consider some of the most common attacks, identified by Jim Fenton, CSO at digital identity provider OneID, on two-factor authentication. Of course, there are many more than five attacks in the world, but these should give a starting point for evaluating others. These examples illustrate the importance of thinking broadly about how two-factor authentication can be defeated..."

                                • Key logging and redirection
                                • Network-based man-in-the-middle (MITM)
                                • Man-in-the-browser attacks
                                • Account recovery
                                • Third Parties

                                Read on for details.

                                Four Ways to Strengthen SMB Password Security
                                Dark Reading, April 8th, 2013
                                "Ensuring that employees are abiding by good password policies is difficult, but there are simple ways to protect a business from workers who might choose 'password123'...

                                Passwords are the weak link for companies of all sizes, but many small and midsize businesses (SMBs) rely on their workers to make the right choice in selecting strong passwords. Unfortunately, when left to their own devices, most employees do not get it right..."

                                  How South Korea Traced Hacker to Pyongyang
                                  Information Week, April 8th, 2013
                                  "A hacker's technical blunder allowed South Korean investigators to trace back recent attacks against the country's banks and broadcasters to an IP address located in North Korea's capital, Pyongyang.

                                  While the identity of the hacker isn't known, on February 20, the attacker inadvertently exposed his or her IP address (175.45.178.xx) for a few minutes, apparently after experiencing technical difficulties, reported South Korea's Yonhap News Agency..."

                                    Is The Next Big Cyber Threat Lurking In Government Systems?
                                    GCN, April 8th, 2013
                                    "The evolution of IT can take place at revolutionary speed, and when systems don’t keep up with the pace of change they can become vulnerable to serious risks, says retired Lt. Gen. William T. Lord, former Air Force CIO.

                                    'I think that the next Achilles’ heel is legacy software, Lord said..."

                                    Security and Vulnerability Assessment: 4 Common Mistakes
                                    CSO Online, April 8th, 2013
                                    "If you're running a robust security program, you're regularly conducting security and vulnerability assessments of your both your network and physical environments. But in the quest to uncover security gaps and vulnerabilities, slip-ups are often made, too, that make these efforts less effective at having a positive impact.

                                    At this month's CSO40 Security Confab and Awards event in Atlanta, attendees heard from two expert security veterans about best practices for vulnerability assessment..."

                                    Taking Steps to Stop Software Sabotage
                                    Dark Reading, April 8th, 2013
                                    "When most security pros think about application security, the first goal that usually comes to mind is finding and remediating flaws in development and production. But what if the bugs put in place are no accident? What if they're planted there on purpose by someone in the organization who knows where to hide them?

                                    Software sabotage is a real threat -- one with demonstrable criminal case studies accelerating over the past decade..."

                                    IT - Careers
                                    10 Essential Geek Skills
                                    IT World, April 8th, 2013
                                    "Geek is a label people wear proudly, and if you're on this website, chances are you're a geek yourself. Either that, or you made a serious typo while searching for porn.

                                    However you got here, it's time to evaluate your personal level of geekdom. Geek skills are life skills, after all -- and it's your responsibility to maintain your virtual toolbox..."

                                    • Pick a lock
                                    • Be a human compass
                                    • Beat a lie detector
                                    • Install a new hard drive
                                    • Securely wipe your data
                                    • Break out of handcuffs
                                    • Get around Web content restrictions
                                    • Root an Android phone
                                    • Get around your computer using nothing but a keyboard
                                    • Set up a home entertainment system

                                    Read on for details.

                                      10 Tips for Making Self-Evaluations Meaningful
                                      CIO, April 8th, 2013
                                      "Whether you're a manager or employee, reviews aren't a particularly popular subject and with them comes the often-despised self-evaluation. You may ask yourself: "How can I shine the best spotlight on my performance without coming off like a braggart?" And you also may justifiably wonder, "What is it used for." Never fear: We've talked with experts and done the research to take the mystery out of this oft-misused piece of HR paperwork..."

                                      • Talk About your Career Map
                                      • Keep an Open Dialogue
                                      • Ask How the Self-Evaluations Are Used
                                      • Ask Yourself the Hard Questions
                                      • Stay Positive
                                      • How to Handle Your Shortcomings
                                      • Ask for Training
                                      • Document Your Achievements
                                      • Differing Points of View
                                      • Ask for Guidance, Direction and Mentoring

                                      Read on for details.

                                      Best Tech Careers for Introverted IT Pros
                                      Network World, April 8th, 2013
                                      "Being an introvert isn't easy in the constantly evolving and networked world of technology. The banter that comes so easy to some is a mystery to the shy. Those who are able to 'fake it' spend a great deal of time recharging their batteries after social interactions. That said, don't let the fact that you’re an introvert stop you from achieving your career goals. Here are some tech jobs that are a natural fit..."

                                      • Computer Systems Analysts
                                      • Database Administrators
                                      • Information Security Analysts
                                      • Web Developers
                                      • Computer Network Architects
                                      • Network and Computer Systems Administrators
                                      • Software Developers
                                      • Computer and Information Research Scientists
                                      • Computer Programmers
                                      • Computer Hardware Engineers

                                      Read on for details.

                                      Is There Any Real Measurement in Monitoring?
                                      Dark Reading, April 8th, 2013
                                      "There's less useful measurement in monitoring than you think. You might say, "What are you talking about? There’s plenty! There are events per second, transactions per second, [mega|giga|tera|peta|exa]bytes of data, millions of malware samples, millions of botnet victims, number of false positives …"

                                      But that's not all that goes into marketing these days. Tell me, just how big do you have to get before you get to call yourself "Big Data"? What’s the number, and can we tell everyone who doesn't meet that number, "Thanks for playing"? Or is the race just about "Whatever number they have, ours is bigger" ad infinitum (and ad nauseam)? Maybe everyone should just claim to be storing LOTTABYTES and be done with it..."

                                      Ten Sci-Fi Quotes for 'Techies' to Live By
                                      Baseline April 8th, 2013
                                      "In a recent Baseline slideshow, we played a little game of "What if ...?" and imagined how some famous science fiction characters would function if they were your co-workers. (The verdict: It wouldn't be as weird as you might expect.) Because the sci-fi genre inspires endless fascination among technology professionals—it's OK to admit this addiction ... you're among friends—we're following up here with these 10 great "sci-fi quotes to live by," taken from movies, television shows and legendary authors..."
                                      Big Data Appliance X3-2 Starter Rack, Big Data Appliance X3-2 In-Rack Expansion
                                      Along with Big Data Appliance Infrastructure as a Service
                                      The Oracle Big Data Appliance X3-2 Starter Rack and Oracle Big Data Appliance X3-2 In-Rack Expansion enable customers to jumpstart their first Big Data projects with an optimally sized appliance that scales as their data footprint grows. The new configurations include Oracle Big Data Appliance X3-2 Starter Rack, containing six Oracle Sun servers within a full-sized rack with redundant Infiniband switches and power distribution units. Oracle Big Data Appliance X3-2 In-Rack Expansion includes a pack of six additional servers to expand the above configuration to 12 nodes and then to a full rack of 18 nodes.
                                      SPARC M5-32 Server Is Perfect for very Large Business-critical Workloads and Server Consolidation.
                                      Features up to 32 SPARC M5 Processors and 32 TB of System Memory
                                      Oracle bills its SPARC M5-32 Server as a massively scalable SMP data center server that is designed for very large business-critical workloads and server consolidation. Exceptional scalability and performance derive from up to 32 SPARC M5 processors and 32 TB of system memory with 6-core, 8 threads per core, SPARC M5 processor with extra large 48 MB shared L3 cache. Built-in capabilities include Oracle’s Dynamic Domains feature, Oracle VM Server for SPARC, and Oracle Solaris Zones. The server runs Oracle Solaris 11 and Oracle Solaris 10 (guest domains) with guaranteed binary compatibility and support for legacy applications.
                                      IT - Virtualization
                                      Making Storage the VDI Solution, Not the Problem
                                      Storage Switzerland, April 9th, 2013
                                      "Virtual Desktop Infrastructure (VDI) has found a niche in call-center types of environments where very large numbers of workers run essentially the same desktops. But in the broader market VDI hasn't seen the same success, a fact typically blamed on the high cost of supplying storage performance that's adequate to deliver a satisfactory user experience..."
                                      Is a Fully Virtualized Infrastructure a Good Idea for Your Business?
                                      SearchServerVirtualization, April 8th, 2012
                                      "When it comes to server virtualization, there seems to be an endless debate over whether it is better to virtualize all of an organization's servers or to leave some running on physical hardware. While there is no definitive answer, there are a number of points to consider when determining whether a fully virtualized infrastructure is a good idea for you..."
                                      IT - Compliance
                                      10 Key Compliance Pitfalls -- And How to Avoid Them
                                      Dark Reading, April 811th, 2013
                                      "Today, it's the rare business that doesn't have some regulation on its radar, whether it's because the business processes credit cards, handles personal client information, is publicly traded, handles medical information, operates on behalf of a national or regional government, or any other number of considerations.

                                      In fact, not only do most organizations have to comply with some regulatory mandate or another, most of them need to comply with multiple regulations. InformationWeek's 2012 Regulatory Compliance Survey found that 71% of the organizations surveyed had more than one compliance requirement that they must adhere to..."

                                      • Striving Toward the Bottom
                                      • Having Only a 'Little Knowledge'
                                      • Over- or Under-Scoping
                                      • Fielding an Eternal Stopgap
                                      • Ignoring Remediation Issues
                                      • Checking the Box but Ignoring the Risk
                                      • Ignoring ‘Dark IT’
                                      • Over-Trusting
                                      • Misinformation and Lack of Transparency
                                      • Viewing Compliance as a Project

                                      Read on for details.

                                        IT - Backup
                                        Cancer, Big Data and Storage
                                        Enterprise Storage Forum, April 8th, 2013
                                        "A few weeks ago, I was traveling and for some reason The Wall Street Journal was delivered to my hotel room door. When thumbing through it, an article on Big data and Cancer (subscription required) caught my eye. I also found another article on the topic at SmartPlanet, which does not require a subscription.

                                        I was very intrigued with the concept. The SmartPlanet article links to the original research, which says, “Patients are increasingly presenting with 'rare cancers,' more narrowly defined by their molecular characteristics, sometimes making the best course of treatment unclear. Today more than ever, oncologists need real-time decision support to help them provide the most effective treatments tailored to their patients' unique biology and tumors."

                                        IT - Big Data
                                        Big Data In The Enterprise: 7 Shocking Truths
                                        CRN, April 5th, 2013
                                        "There's no arguing that big data has become the talk of the tech world in 2013. But Cisco wanted to put some numbers around just how widespread -- and perhaps how legitimate -- all this big data buzz really is. To that end, the networking giant compiled a report, "The Potential and Challenge of Big Data."

                                        Released in late March, the report reveals some pretty staggering statistics related to the proliferation of unstructured data and how it's shaking up today's IT landscape..."

                                        • Big Data Is A Strategic Priority For The Majority
                                        • Businesses Struggle To Define Big Data Strategies
                                        • Big Data Leads To Big IT Challenges
                                        • Big Data Does A Number On Networks
                                        • The Cloud And Big Data Go Hand In Hand
                                        • Business Intelligence Isn't Always Intelligent
                                        • The Internet Of Things Is Here

                                        Read on for details.

                                        Big Data Projects Require Big Changes in Hardware and Software
                                        Search DataCenter, April 8th, 2013
                                        "IT pros called in on big data projects are finding that the typical approach doesn’t play nice on enterprise-grade virtualized infrastructure.

                                        Brace yourself for big data. If it hasn’t already hit your data center, it will soon, putting new demands on IT infrastructure and operatio

                                        Big Data: What's Your Plan?
                                        McKinsey & Company, April 8th, 2013
                                        "The payoff from joining the big-data and advanced-analytics management revolution is no longer in doubt. The tally of successful case studies continues to build, reinforcing broader research suggesting that when companies inject data and analytics deep into their operations, they can deliver productivity and profit gains that are 5 to 6 percent higher than those of the competition. The promised land of new data-driven businesses, greater transparency into how operations actually work, better predictions, and faster testing is alluring indeed..."
                                        Military Intelligence Tries To Tame Data 'Monster'
                                        Information Week, April 8th, 2013
                                        "University workshop featuring experts in ontology, the study of the nature of existence, will try to answer how the military can extract useful information out of huge unorganized collection of intelligence data...

                                        Military intelligence involves the collection of a wide variety of data, the management of which poses challenges to government agencies responsible for curating, storing, analyzing and sharing this often-sensitive information..."

                                        IT - BYOD
                                        BYOD Emerges as 'New Normal' for Mobile Generation
                                        CIO Insight, April 8th, 2013
                                        "CIOs and their IT teams are spending less time managing company-distributed hardware and more time attempting to navigate the ever-rising surge of Bring Your Own Device (BYOD) popularity, according to a new international survey from iPass. Very few workers feel that personal mobile products should not be used on the job, findings show. And they're generally getting their wish, as the vast majority of professionals are now allowed to use their smartphones for work..."

                                        • Generation BYOD
                                        • Personal Freedom
                                        • Well Connected
                                        • Out of Range
                                        • Places Where Wi-Fi Access Expectations Have Not Been Met
                                        • Smartphone Usage
                                        • No Charge, Please
                                        • Holding Back

                                        Read on for details.

                                        Conduct A Successful BYOD Rollout
                              , April 8th, 2013
                                        "By now, most enterprises have come to terms with the fact their employees want to use their personal-owned devices for work-related tasks. Many enterprises have also realized there are numerous benefits to allowing this but also numerous issues they must address, including concerns related to security and the organization’s data. Thus, it’s vital for enterprises to incorporate and put in place a BYOD policy so everyone is on the same page. Here is some advice to help successfully roll out a BYOD program..."
                                        The Security Guide to BYOD
                                        ComputerWorld, April 8th, 2013
                                        "It used to be so simple. A new employee joined your organisation and you gave them a laptop, which was entirely under your control.

                                        You could lock down the operating system to prevent the installation of potentially insecure or unapproved applications, and you could ensure the device was suitably up to date with your security solutions.

                                        Weren't they the good old days?..."

                                        Top Ten Articles for last few Issues
                                        Vol 182 Issue 1; Vol 181 Issues 1, 2, 3 and 4; Vol 180 Issues 2, 3 and 4
                                        We track how frequently each article is viewed on the web site to determine which the readers consider the most important. For last week, the top 10 articles were:

                                        • IBM Misses the Point on Superior Performance of Oracle's SPARC T5-based Servers
                                        • ZFS on Linux: Its Day Has Come
                                        • SPARC T5-8 Server Delivers World Record TPC-C Single System Performance Results
                                        • Ethernet Switches: An Introduction to Network Design with Switches
                                        • ZFS Intent Log: An Overview by Andrew Galloway
                                        • Solaris 10 1/13 Patchset Released and Latest Solaris 10 Kernel PatchIDs
                                        • LibreOffice 4.0.2 Release Fixes Bugs, Glitches
                                        • SPARC T5-1B Server Module Outperformance SPARC T4 Processor-based Server
                                        • Superior Performance of Sun ZFS Storage Appliances on SPARC T5 and M5 Servers
                                        • SPARC T5-2 Scores Oracle FLEXCUBE Universal Banking Benchmark World Record Performance

                                        The longer version of this article has list of top ten articles for the last 8 weeks.

                                          IT - Encryption
                                          Father of SSH Working On New Version of Crypto Standard
                                          NetworkWorld, April 8th, 2013
                                          "The Secure Shell (SSH) cryptographic network protocol that's supported in software for server authentication and machine-to-machine communications is headed for a significant update.

                                          "There will be a new version of SSH," says Tatu Ylonen, CEO of SSH Communications Security, pointing to the IETF draft document that's recently been made available for public review. Co-authored with others, including NIST computer scientist Murugiah Souppaya, this third version of SSH has a focus on key management and could be set by early next year..."

                                          IT - Server
                                          So You Want To Be A Unix Sysadmin?
                                          ITWorld, April 8th, 2013
                                          "After several decades of administering Unix systems, I know more than I'd like to admit about 'the good, the bad, and the challenging' of Unix systems administration. I've worked in companies with as few as four employees and others with tens of thousands.

                                          I've spent weeks doing routine, repetitive work and weeks grappling with such incredibly complex assignments that I've wondered if my brain was about to explode. I've had years in which I actually looked forward to Monday mornings and those in which I just couldn't wait for Fridays..."

                                          LibreOffice Upgrades Continue at a Regular Pace
                                          Version 3.6.6 Is now Available
                                          The Document Foundation (TDF) has announced the release of LibreOffice 3.6.6, for Windows, MacOS and Linux, targeted to enterprises and individual end users who prefer stability to more advanced features. This new release is suited to the increasing number of organizations migrating to LibreOffice, which is steadily growing worldwide. LibreOffice 3.6.6 is available for immediate download as are its extensions.
                                          NetBeans Is a Vital Tool in Development of NASA's Deep Space Flight Dynamics Support System
                                          Geertjan Wielenga on the Role of NetBeans
                                          The Deep Space Flight Dynamics Support System (DSFDSS) is a proposed prototype for auxiliary ground system support on NASA's Lagrange point missions. Geertjan Wielenga blogs on the development of DSFDSS, which relies heavily on NetBeans. The role of NetBeans in all of this, he continues, is that it allowed for a rapid prototype to be bootstrapped on an otherwise thin mission budget. The wizard framework makes daily operational procedures simple and greatly reduces risk of failure. The docking system makes drag and drop actions simple, allowing for highly interactive analyst workflow. The simplicity of JavaFX interop facilitated adding non-traditional web-based visualizations seamlessly.
                                          Trending in
                                          Vol 234, Issue 2
                                          Trending IT Articles