Skip to main content

Home/ Open Web/ Group items tagged Cisco

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Gary Edwards

No Jitter | Post | Cisco Or Microsoft? Who Wins the Line-of-Business War? - 0 views

www.nojitter.com/...ho-wins-the-lineofbusiness-war

Cloud-Productivity-Platform

shared by Gary Edwards on 23 Jul 13 - No Cached
  • The multitude of services gives Microsoft an early edge when it comes to cloud, but the channel-enablement model for Cisco can create much greater scale than a direct to line-of-business model. The key is ensuring its resellers are fully trained in selling to line-of-business, which isn't a simple undertaking. Bottom line: With regard to cloud, Microsoft has a faster route to market, but Cisco's should give it an advantage over time.
  • Putting cloud aside, Cisco and Microsoft have markedly different approaches in selling to lines of business. For Microsoft, the key lies in its developer community. Developers build applications that business people use and buy. Many of these applications use Microsoft as an underlying technology without the purchaser really even being aware of that fact. Microsoft gets pulled through with really no involvement from Microsoft, providing a low- to no-cost sales model for the company. The only down side is that the application brand often overshadows the underlying brand.
  • Microsoft has made a living off selling products, many of them sub-par, into business because of its developer relationships. Does anyone really think Microsoft gained monopoly-like share with desktop operating systems because of quality of product and ease of use? Hardly. Windows became the de facto standard for developers because of the quality of the developer program. Microsoft does a good job of meeting the needs of its large software vendors, but does an even better job of making sure those millions of small ISVs have access to Microsoft platforms and developer support.
  • ...6 more annotations...
  • Cisco has been trying to build its own "Cisco Developer Network" (CDN) for the better part of a decade. The company kicked off this initiative way back in the early 2000s when it bought a company called Metreos that had some interesting VoIP applications and a slick developer interface. Back then, the program was known as CTDP, Cisco Technology Developer Program, and was run by VoIP people, not individuals that understand software and how to build a developer environment. Since then the program has undergone a number of facelifts and Cisco appears to have some real software people running the group, so there is some potential.
  • With regards to UC, as this market transitions away from products to platforms, services will play a significant role. Cisco's services plays a role similar to IBM services. IBM's consulting group works with its top tier customers to understand how to solve business problems through compute-centric solutions. Cisco services works with its customers to create solutions through networking- and communications-related products. As more and more organizations look to leverage UC strategically, I would expect Cisco services to target its top-tier customers. The key for Cisco then is to take these solutions and push them down through its channel for scale and market share gains.
  • So developer-led or services-led?
  • Microsoft should get an early advantage, as many in-house developers will look to Lync; but the services strategy by Cisco should create longer, more sustainable value, as it has for IBM.
  • The key for Microsoft is being able to adapt its developer environment faster as market trends change. Obviously, compute is moving away from the traditional desktop to mobile clients and the cloud, and there are far more single-use, purpose-built applications being built in the consumer world. I think Microsoft's Developer Network is oriented towards more old-school developers.
  • The key for Cisco is having the patience to work with its lead customers and find those unique, game-changing applications and use cases that it can then push down into the channel. It's the right strategy for Cisco, but it might take a bit more time to bear some fruit.
  • Gary Edwards on 23 Jul 13
     
    excerpt: "Developer-led or services-led? Microsoft should get an early advantage, but the services strategy by Cisco should create longer, more sustainable value, Last month I wrote a blog outlining how the line-of-business manager holds the key to winning the Cisco versus Microsoft war. A number of you commented that this was obvious and both companies are already doing it. I'll agree that this is something both companies are trying to do, but neither is doing a great job. Microsoft is a company with high appeal to IT pros and Cisco to network managers, with high brand familiarity to line of business managers but low appeal beyond this."
Gary Edwards

WebEx augurs ill for Cisco's cloud ambitions | Phil Wainwright - 0 views

blogs.zdnet.com/SAAS

cisco google-wave cisco-ucs webex

shared by Gary Edwards on 02 Jul 09 - Cached
  • Gary Edwards on 02 Jul 09
     
    Ouch! Phil lands on Cisco like a ton of bricks. He hears them Talk the talk but doubts Cisco can walk the walk. This is a very detailed analysis and indictment. Sounds to me that Cisco will sooner rather than later be out there shopping for Collaborative Web systems. Excerpt: Color me skeptical, but I feel the detail behind yesterday and today's Cisco Live event hasn't matched the aspirations set out in executive keynotes. I like the vision set out by CEO John Chambers of providing a technology infrastructure that (as Oliver Marks puts it) does a better job of connecting people. I'm highly supportive when CTO Padmasree Warrior looks ahead to a future fabric of 'intercloud' interoperability standards - ending lock-in by individual cloud providers - and talks about 'federation' between cloud and on-premise. But when I look at the map of where Cisco claims to play in the cloud, I'm struck by how feeble its tenure is at each level, from the underlying foundation all the way up to both Paas and SaaS, where WebEx is its undernourished poster child, as I'll discuss below.
Gary Edwards

Cisco: Google Wave Completes Us | Michael Hickens - 0 views

industry.bnet.com/...cisco-google-wave-completes-us

cisco office-in-the-cloud office20 feng-office wave webkit michael-hickens MSOffice-productivity

shared by Gary Edwards on 01 Jul 09 - Cached
  • Gary Edwards on 01 Jul 09
     
    Über technologist Michael Hickens writes about the recent Cisco announcement that they intend on competing with Google, Zoho and MOSS in the cloud collaboration space. I left a lengthy comment on this page, trying to come to grips with the meaning of this challenge. I titled my comment, "Cisco Office? Maybe they should consider Feng Office-in-the-Cloud". Good luck Conrado. Go get them. Interestingly, Jason Harrop and i met Ms. Alex Hadden-Boyd, director of marketing for the collaboration software group at Cisco. She was kind enough to refer me directly to David Knight, the technology director of Cisco's WebEX Conferencing initiative. Alex is quoted in a CNet article at: http://news.cnet.com/8301-1001_3-10276549-92.html Cisco is striving to redefine itself as a vendor connecting inner and outer clouds, thus reasserting its relevance in the context of a fluid Web-driven IT world increasingly dominated by the likes of Google, Salesforce, Oracle and IBM. It also hopes to parlay its legacy of infrastructure expertise into a reassuring presence, particularly for veteran IT administrators struggling to balance their in-house infrastructures against the cost-savings and potential efficiencies of cloud computing.
Gary Edwards

Cisco "Thinking About" Going Up Against Microsoft Office and Google Apps - 0 views

www.businessinsider.com/-office-and-google-apps-2009-6

msoffice compatibility cisco wave-maker

shared by Gary Edwards on 30 Jun 09 - Cached
  • Gary Edwards on 30 Jun 09
     
    Knock me over with a feather. Now comes news that Cisco wants to challenge Microsoft Office and Google Apps. Paul Smalera of Business Insider questions the wisdom of this initiative, insisting that Cisco must know it can't beat either MSOffice or Google Apps. Maybe Cisco is fishing for help? Where is that wave-maker application Jason and Florian are said to be working on? :) Excerpt: Cisco VP Doug Dennerline told reporters, the company is "thinking about" adding document drafting and sharing to WebEx, which already features instant messaging, online meeting and email services.
Paul Merrell

In Letter to Obama, Cisco CEO Complains About NSA Allegations | Re/code - 1 views

recode.net/...omplains-about-nsa-allegations

surveillance state NSA Cisco Obama Greenwald-book

shared by Paul Merrell on 20 May 14 - No Cached
  • Warning of an erosion of confidence in the products of the U.S. technology industry, John Chambers, the CEO of networking giant Cisco Systems, has asked President Obama to intervene to curtail the surveillance activities of the National Security Agency. In a letter dated May 15 (obtained by Re/code and reprinted in full below), Chambers asked Obama to create “new standards of conduct” regarding how the NSA carries out its spying operations around the world. The letter was first reported by The Financial Times. The letter follows new revelations, including photos, published in a book based on documents leaked by former NSA contractor Edward Snowden alleging that the NSA intercepted equipment from Cisco and other manufacturers and loaded them with surveillance software. The photos, which have not been independently verified, appear to show NSA technicians working with Cisco equipment. Cisco is not said to have cooperated in the NSA’s efforts.
Paul Merrell

Cisco Visual Networking Index: Forecast and Methodology, 2012-2017  [Visual N... - 0 views

www.cisco.com/...ing_Solutions_White_Paper.html

internet internet-traffic Visual-Networking-Index

shared by Paul Merrell on 22 Sep 13 - Cached
  • This forecast is part of the Cisco® Visual Networking Index (VNI), an ongoing initiative to track and forecast the impact of visual networking applications. This document presents the details of the Cisco VNI global IP traffic forecast and the methodology behind it.
Gary Edwards

Peter O'Kelly's Reality Check: The Mobile Tsunami is Near: Blame Netflix and ... - 1 views

pbokelly.blogspot.com/...ami-is-near-blame-netflix.html

mobility cisco-world-report

shared by Gary Edwards on 03 Feb 11 - No Cached
  • Gary Edwards on 03 Feb 11
     
    Think mobile data demand is big today, with 94 million smartphone shipped this year and 5 billion mobile subscribers? Well, Cisco ( s csco) says it's going to get a lot bigger by 2015, with worldwide mobile data traffic set to increase 26-fold between 2010 and 2015, reaching 6.3 exabytes per month. That's 75 exabytes annually by 2015 [MIGHT WANT TO THROW IN AND/OR LINK TO A DEFINITION OF EXABYTE]. Last year, I called it the mobilpocalypse, but this year, I'm going to say it's a looming tsunami, driven by everyone's favorite bandwidth hog, web video, and the proliferation of mobile devices. In short, we can blame this wave on Netflix on the iPad.
Gary Edwards

The Man Who Makes the Future: Wired Icon Marc Andreessen | Epicenter | Wired.com - 1 views

www.wired.com/...1

Marc-Andreessen

shared by Gary Edwards on 28 Apr 12 - No Cached
  • Gary Edwards on 28 Apr 12
     
    Must read interview. Marc Andreessen explains his five big ideas, taking us from the beginning of the Web, into the Cloud and beyond. Great stuff! ... (1) 1992 - Everyone Will Have the Web ... (2) 1995 - The Browser will the Operating System ... (3) 1999 - Web business will live in the Cloud ... (4) 2004 - Everything will be Social ... (5) 2009 - Software will Eat the World excerpt: Technology is like water; it wants to find its level. So if you hook up your computer to a billion other computers, it just makes sense that a tremendous share of the resources you want to use-not only text or media but processing power too-will be located remotely. People tend to think of the web as a way to get information or perhaps as a place to carry out ecommerce. But really, the web is about accessing applications. Think of each website as an application, and every single click, every single interaction with that site, is an opportunity to be on the very latest version of that application. Once you start thinking in terms of networks, it just doesn't make much sense to prefer local apps, with downloadable, installable code that needs to be constantly updated.

    "We could have built a social element into Mosaic. But back then the Internet was all about anonymity."
    Anderson: Assuming you have enough bandwidth.

    Andreessen: That's the very big if in this equation. If you have infinite network bandwidth, if you have an infinitely fast network, then this is what the technology wants. But we're not yet in a world of infinite speed, so that's why we have mobile apps and PC and Mac software on laptops and phones. That's why there are still Xbox games on discs. That's why everything isn't in the cloud. But eventually the technology wants it all to be up there.

    Anderson: Back in 1995, Netscape began pursuing this vision by enabling the browser to do more.

    Andreessen: We knew that you would need some pro
Gary Edwards

Microsoft Reinvents its Cloud Strategy - 0 views

feedproxy.google.com/...tQENq58YfPo

Cloud-Computing Cloud-Productivity-Platform Visual-Productivity Visual-Web Visual-Document

shared by Gary Edwards on 23 Mar 12 - No Cached
  • Gary Edwards on 23 Mar 12
     
    Microsoft announces a new plan, "Microsoft Dynamics", to accelerate the transition to replace their traditional / conventional software systems with cloud-ready infrastructure. Dynamics also serves as a migration guide, providing "seamless integration" of services from old IT to new Cloud. Competitors mentioned include SalesForce.com, SAP and Oracle. Lots of focus on integrating CRM into the full line of business applications. This is somewhat similar to the Visual Productivity challenge of integrating gMail into a working productivity system based on the Google Apps platform. Embedding the full range of Visual Web Communications into productivity apps and services is the key at all levels. One thing to consider in this article is that the only Cloud - Productivity - Business systems contenders are SalesForce, Oracle, SAP and Microsoft. Google Apps isn't mentioned. Nor is Amazon, RackSpace or VMware. Apple, Cisco, HP and Facebook are also left out.
Gary Edwards

IBM, Cisco, Red Hat, SAP Join Forces at OASIS To Combat Amazon's Cloud Success - 1 views

www.businessinsider.com/t-amazons-cloud-success-2012-1

ge ODF OASIS TOSCO Cloud-Computing Cloud-Productivity-Platform Microsoft-Cloud

shared by Gary Edwards on 18 Jan 12 - No Cached
  • Gary Edwards on 18 Jan 12
     
    Good article but leaves out any mention of WebKit and incredible impact that open source project has had on HTML5 and the future of the Web.  I left a lengthy comment explaining this.  Also referenced ODF, OASIS and Corporate support of standards and OSS projects.
Paul Merrell

We're Halfway to Encrypting the Entire Web | Electronic Frontier Foundation - 0 views

www.eff.org/...-halfway-encrypting-entire-web

Internet encryption https adoption

shared by Paul Merrell on 25 Feb 17 - No Cached
  • The movement to encrypt the web has reached a milestone. As of earlier this month, approximately half of Internet traffic is now protected by HTTPS. In other words, we are halfway to a web safer from the eavesdropping, content hijacking, cookie stealing, and censorship that HTTPS can protect against. Mozilla recently reported that the average volume of encrypted web traffic on Firefox now surpasses the average unencrypted volume
  • Google Chrome’s figures on HTTPS usage are consistent with that finding, showing that over 50% of of all pages loaded are protected by HTTPS across different operating systems.
  • This milestone is a combination of HTTPS implementation victories: from tech giants and large content providers, from small websites, and from users themselves.
  • ...4 more annotations...
  • Starting in 2010, EFF members have pushed tech companies to follow crypto best practices. We applauded when Facebook and Twitter implemented HTTPS by default, and when Wikipedia and several other popular sites later followed suit. Google has also put pressure on the tech community by using HTTPS as a signal in search ranking algorithms and, starting this year, showing security warnings in Chrome when users load HTTP sites that request passwords or credit card numbers. EFF’s Encrypt the Web Report also played a big role in tracking and encouraging specific practices. Recently other organizations have followed suit with more sophisticated tracking projects. For example, Secure the News and Pulse track HTTPS progress among news media sites and U.S. government sites, respectively.
  • But securing large, popular websites is only one part of a much bigger battle. Encrypting the entire web requires HTTPS implementation to be accessible to independent, smaller websites. Let’s Encrypt and Certbot have changed the game here, making what was once an expensive, technically demanding process into an easy and affordable task for webmasters across a range of resource and skill levels. Let’s Encrypt is a Certificate Authority (CA) run by the Internet Security Research Group (ISRG) and founded by EFF, Mozilla, and the University of Michigan, with Cisco and Akamai as founding sponsors. As a CA, Let’s Encrypt issues and maintains digital certificates that help web users and their browsers know they’re actually talking to the site they intended to. CAs are crucial to secure, HTTPS-encrypted communication, as these certificates verify the association between an HTTPS site and a cryptographic public key. Through EFF’s Certbot tool, webmasters can get a free certificate from Let’s Encrypt and automatically configure their server to use it. Since we announced that Let’s Encrypt was the web’s largest certificate authority last October, it has exploded from 12 million certs to over 28 million. Most of Let’s Encrypt’s growth has come from giving previously unencrypted sites their first-ever certificates. A large share of these leaps in HTTPS adoption are also thanks to major hosting companies and platforms--like WordPress.com, Squarespace, and dozens of others--integrating Let’s Encrypt and providing HTTPS to their users and customers.
  • Unfortunately, you can only use HTTPS on websites that support it--and about half of all web traffic is still with sites that don’t. However, when sites partially support HTTPS, users can step in with the HTTPS Everywhere browser extension. A collaboration between EFF and the Tor Project, HTTPS Everywhere makes your browser use HTTPS wherever possible. Some websites offer inconsistent support for HTTPS, use unencrypted HTTP as a default, or link from secure HTTPS pages to unencrypted HTTP pages. HTTPS Everywhere fixes these problems by rewriting requests to these sites to HTTPS, automatically activating encryption and HTTPS protection that might otherwise slip through the cracks.
  • Our goal is a universally encrypted web that makes a tool like HTTPS Everywhere redundant. Until then, we have more work to do. Protect your own browsing and websites with HTTPS Everywhere and Certbot, and spread the word to your friends, family, and colleagues to do the same. Together, we can encrypt the entire web.
  • Paul Merrell on 25 Feb 17
     
    HTTPS connections don't work for you if you don't use them. If you're not using HTTPS Everywhere in your browser, you should be; it's your privacy that is at stake. And every encrypted communication you make adds to the backlog of encrypted data that NSA and other internet voyeurs must process as encrypted traffic; because cracking encrypted messages is computer resource intensive, the voyeurs do not have the resources to crack more than a tiny fraction. HTTPS is a free extension for Firefox, Chrome, and Opera. You can get it here. https://www.eff.org/HTTPS-everywhere
Paul Merrell

Testosterone Pit - Home - The Other Reason Why IBM Throws A Billion At Linux ... - 0 views

www.testosteronepit.com/...billion-at-linux-with-nsa.html

surveillance state NSA Linux Linux-backdoor Solaris FreeBSD Darwin

shared by Paul Merrell on 18 Oct 13 - No Cached
  • IBM announced today that it would throw another billion at Linux, the open-source operating system, to run its Power System servers. The first time it had thrown a billion at Linux was in 2001, when Linux was a crazy, untested, even ludicrous proposition for the corporate world. So the moolah back then didn’t go to Linux itself, which was free, but to related technologies across hardware, software, and service, including things like sales and advertising – and into IBM’s partnership with Red Hat which was developing its enterprise operating system, Red Hat Enterprise Linux. “It helped start a flurry of innovation that has never slowed,” said Jim Zemlin, executive director of the Linux Foundation. IBM claims that the investment would “help clients capitalize on big data and cloud computing with modern systems built to handle the new wave of applications coming to the data center in the post-PC era.” Some of the moolah will be plowed into the Power Systems Linux Center in Montpellier, France, which opened today. IBM’s first Power Systems Linux Center opened in Beijing in May. IBM may be trying to make hay of the ongoing revelations that have shown that the NSA and other intelligence organizations in the US and elsewhere have roped in American tech companies of all stripes with huge contracts to perfect a seamless spy network. They even include physical aspects of surveillance, such as license plate scanners and cameras, which are everywhere [read.... Surveillance Society: If You Drive, You Get Tracked].
  • Then another boon for IBM. Experts at the German Federal Office for Security in Information Technology (BIS) determined that Windows 8 is dangerous for data security. It allows Microsoft to control the computer remotely through a “special surveillance chip,” the wonderfully named Trusted Platform Module (TPM), and a backdoor in the software – with keys likely accessible to the NSA and possibly other third parties, such as the Chinese. Risks: “Loss of control over the operating system and the hardware” [read.... LEAKED: German Government Warns Key Entities Not To Use Windows 8 – Links The NSA.
  • It would be an enormous competitive advantage for an IBM salesperson to walk into a government or corporate IT department and sell Big Data servers that don’t run on Windows, but on Linux. With the Windows 8 debacle now in public view, IBM salespeople don’t even have to mention it. In the hope of stemming the pernicious revenue decline their employer has been suffering from, they can politely and professionally hype the security benefits of IBM’s systems and mention in passing the comforting fact that some of it would be developed in the Power Systems Linux Centers in Montpellier and Beijing. Alas, Linux too is tarnished. The backdoors are there, though the code can be inspected, unlike Windows code. And then there is Security-Enhanced Linux (SELinux), which was integrated into the Linux kernel in 2003. It provides a mechanism for supporting “access control” (a backdoor) and “security policies.” Who developed SELinux? Um, the NSA – which helpfully discloses some details on its own website (emphasis mine): The results of several previous research projects in this area have yielded a strong, flexible mandatory access control architecture called Flask. A reference implementation of this architecture was first integrated into a security-enhanced Linux® prototype system in order to demonstrate the value of flexible mandatory access controls and how such controls could be added to an operating system. The architecture has been subsequently mainstreamed into Linux and ported to several other systems, including the Solaris™ operating system, the FreeBSD® operating system, and the Darwin kernel, spawning a wide range of related work.
  • ...1 more annotation...
  • Among a slew of American companies who contributed to the NSA’s “mainstreaming” efforts: Red Hat. And IBM? Like just about all of our American tech heroes, it looks at the NSA and other agencies in the Intelligence Community as “the Customer” with deep pockets, ever increasing budgets, and a thirst for technology and data. Which brings us back to Windows 8 and TPM. A decade ago, a group was established to develop and promote Trusted Computing that governs how operating systems and the “special surveillance chip” TPM work together. And it too has been cooperating with the NSA. The founding members of this Trusted Computing Group, as it’s called facetiously: AMD, Cisco, Hewlett-Packard, Intel, Microsoft, and Wave Systems. Oh, I almost forgot ... and IBM. And so IBM might not escape, despite its protestations and slick sales presentations, the suspicion by foreign companies and governments alike that its Linux servers too have been compromised – like the cloud products of other American tech companies. And now, they’re going to pay a steep price for their cooperation with the NSA. Read...  NSA Pricked The “Cloud” Bubble For US Tech Companies
Paul Merrell

Internet Giants Erect Barriers to Spy Agencies - NYTimes.com - 0 views

www.nytimes.com/...-barriers-to-spy-agencies.html

surveillance-state NSA-reform DIY-reform internet-hardening digital-privacy

shared by Paul Merrell on 08 Jun 14 - No Cached
  • As fast as it can, Google is sealing up cracks in its systems that Edward J. Snowden revealed the N.S.A. had brilliantly exploited. It is encrypting more data as it moves among its servers and helping customers encode their own emails. Facebook, Microsoft and Yahoo are taking similar steps.
  • After years of cooperating with the government, the immediate goal now is to thwart Washington — as well as Beijing and Moscow. The strategy is also intended to preserve business overseas in places like Brazil and Germany that have threatened to entrust data only to local providers. Google, for example, is laying its own fiber optic cable under the world’s oceans, a project that began as an effort to cut costs and extend its influence, but now has an added purpose: to assure that the company will have more control over the movement of its customer data.
  • A year after Mr. Snowden’s revelations, the era of quiet cooperation is over. Telecommunications companies say they are denying requests to volunteer data not covered by existing law. A.T.&T., Verizon and others say that compared with a year ago, they are far more reluctant to cooperate with the United States government in “gray areas” where there is no explicit requirement for a legal warrant.
  • ...8 more annotations...
  • Eric Grosse, Google’s security chief, suggested in an interview that the N.S.A.'s own behavior invited the new arms race.“I am willing to help on the purely defensive side of things,” he said, referring to Washington’s efforts to enlist Silicon Valley in cybersecurity efforts. “But signals intercept is totally off the table,” he said, referring to national intelligence gathering.“No hard feelings, but my job is to make their job hard,” he added.
  • In Washington, officials acknowledge that covert programs are now far harder to execute because American technology companies, fearful of losing international business, are hardening their networks and saying no to requests for the kind of help they once quietly provided.Continue reading the main story Robert S. Litt, the general counsel of the Office of the Director of National Intelligence, which oversees all 17 American spy agencies, said on Wednesday that it was “an unquestionable loss for our nation that companies are losing the willingness to cooperate legally and voluntarily” with American spy agencies.
  • Many point to an episode in 2012, when Russian security researchers uncovered a state espionage tool, Flame, on Iranian computers. Flame, like the Stuxnet worm, is believed to have been produced at least in part by American intelligence agencies. It was created by exploiting a previously unknown flaw in Microsoft’s operating systems. Companies argue that others could have later taken advantage of this defect.Worried that such an episode undercuts confidence in its wares, Microsoft is now fully encrypting all its products, including Hotmail and Outlook.com, by the end of this year with 2,048-bit encryption, a stronger protection that would take a government far longer to crack. The software is protected by encryption both when it is in data centers and when data is being sent over the Internet, said Bradford L. Smith, the company’s general counsel.
  • Mr. Smith also said the company was setting up “transparency centers” abroad so that technical experts of foreign governments could come in and inspect Microsoft’s proprietary source code. That will allow foreign governments to check to make sure there are no “back doors” that would permit snooping by United States intelligence agencies. The first such center is being set up in Brussels.Microsoft has also pushed back harder in court. In a Seattle case, the government issued a “national security letter” to compel Microsoft to turn over data about a customer, along with a gag order to prevent Microsoft from telling the customer it had been compelled to provide its communications to government officials. Microsoft challenged the gag order as violating the First Amendment. The government backed down.
  • Hardware firms like Cisco, which makes routers and switches, have found their products a frequent subject of Mr. Snowden’s disclosures, and their business has declined steadily in places like Asia, Brazil and Europe over the last year. The company is still struggling to convince foreign customers that their networks are safe from hackers — and free of “back doors” installed by the N.S.A. The frustration, companies here say, is that it is nearly impossible to prove that their systems are N.S.A.-proof.
  • In one slide from the disclosures, N.S.A. analysts pointed to a sweet spot inside Google’s data centers, where they could catch traffic in unencrypted form. Next to a quickly drawn smiley face, an N.S.A. analyst, referring to an acronym for a common layer of protection, had noted, “SSL added and removed here!”
  • Facebook and Yahoo have also been encrypting traffic among their internal servers. And Facebook, Google and Microsoft have been moving to more strongly encrypt consumer traffic with so-called Perfect Forward Secrecy, specifically devised to make it more labor intensive for the N.S.A. or anyone to read stored encrypted communications.One of the biggest indirect consequences from the Snowden revelations, technology executives say, has been the surge in demands from foreign governments that saw what kind of access to user information the N.S.A. received — voluntarily or surreptitiously. Now they want the same.
  • The latest move in the war between intelligence agencies and technology companies arrived this week, in the form of a new Google encryption tool. The company released a user-friendly, email encryption method to replace the clunky and often mistake-prone encryption schemes the N.S.A. has readily exploited.But the best part of the tool was buried in Google’s code, which included a jab at the N.S.A.'s smiley-face slide. The code included the phrase: “ssl-added-and-removed-here-; - )”
Paul Merrell

​EU admonishes US for overseas data requests - RT News - 0 views

rt.com/...0-eu-us-overseas-data-requests

surveillance state U.S. E.U. litigation

shared by Paul Merrell on 02 Jul 14 - No Cached
  • The EU has slammed the US for its demand that Microsoft surrender overseas data – emails held on Irish servers – saying that the move could contravene international law. The US attempt to make Microsoft provide the emails prompted Viviane Reding, vice-president of the European Commission, to offer support to Microsoft and openly criticize the loss of personal information it could potentially involve. “The commission’s concern is that the extraterritorial application of foreign laws [and orders to companies based thereon] may be in breach of international law,” Reding wrote last week in a letter responding to questions from Dutch MEP Sophia in't Veld, reported the Financial Times on Monday. The move would “hurt the competitiveness of US cloud providers in general,” Microsoft said, adding that: “Microsoft and US technology companies have faced growing mistrust and concern about their ability to protect the privacy of personal information located outside the US.”
  • Reding added that the US “may impede the attainment of the protection of individuals guaranteed” under EU law. Her statement further echoes arguments laid out by Apple, Cisco, AT&T, and Verizon, which supported Microsoft against the US warrant. At the beginning of June, Microsoft compared the warrant to an authorization for federal agents ‘to break down the doors’ of its Dublin facility. Reding said the US should have leaned away from coercion and instead depended on mutual legal assistance treaties that facilitate law enforcement agency cooperation.
  • “Companies bound by EU data protection law who receive such a court order are caught in the middle of such situations where there is, as you say in your letter, a conflict of laws,” Reding wrote.
Paul Merrell

How to Encrypt the Entire Web for Free - The Intercept - 0 views

firstlook.org/...-plans-encrypt-entire-web-free

surveillance state encryption https let's-encrypt nsa-reform

shared by Paul Merrell on 25 Nov 14 - No Cached
  • If we’ve learned one thing from the Snowden revelations, it’s that what can be spied on will be spied on. Since the advent of what used to be known as the World Wide Web, it has been a relatively simple matter for network attackers—whether it’s the NSA, Chinese intelligence, your employer, your university, abusive partners, or teenage hackers on the same public WiFi as you—to spy on almost everything you do online. HTTPS, the technology that encrypts traffic between browsers and websites, fixes this problem—anyone listening in on that stream of data between you and, say, your Gmail window or bank’s web site would get nothing but useless random characters—but is woefully under-used. The ambitious new non-profit Let’s Encrypt aims to make the process of deploying HTTPS not only fast, simple, and free, but completely automatic. If it succeeds, the project will render vast regions of the internet invisible to prying eyes.
  • The benefits of using HTTPS are obvious when you think about protecting secret information you send over the internet, like passwords and credit card numbers. It also helps protect information like what you search for in Google, what articles you read, what prescription medicine you take, and messages you send to colleagues, friends, and family from being monitored by hackers or authorities. But there are less obvious benefits as well. Websites that don’t use HTTPS are vulnerable to “session hijacking,” where attackers can take over your account even if they don’t know your password. When you download software without encryption, sophisticated attackers can secretly replace the download with malware that hacks your computer as soon as you try installing it.
  • Encryption also prevents attackers from tampering with or impersonating legitimate websites. For example, the Chinese government censors specific pages on Wikipedia, the FBI impersonated The Seattle Times to get a suspect to click on a malicious link, and Verizon and AT&T injected tracking tokens into mobile traffic without user consent. HTTPS goes a long way in preventing these sorts of attacks. And of course there’s the NSA, which relies on the limited adoption of HTTPS to continue to spy on the entire internet with impunity. If companies want to do one thing to meaningfully protect their customers from surveillance, it should be enabling encryption on their websites by default.
  • ...2 more annotations...
  • Let’s Encrypt, which was announced this week but won’t be ready to use until the second quarter of 2015, describes itself as “a free, automated, and open certificate authority (CA), run for the public’s benefit.” It’s the product of years of work from engineers at Mozilla, Cisco, Akamai, Electronic Frontier Foundation, IdenTrust, and researchers at the University of Michigan. (Disclosure: I used to work for the Electronic Frontier Foundation, and I was aware of Let’s Encrypt while it was being developed.) If Let’s Encrypt works as advertised, deploying HTTPS correctly and using all of the best practices will be one of the simplest parts of running a website. All it will take is running a command. Currently, HTTPS requires jumping through a variety of complicated hoops that certificate authorities insist on in order prove ownership of domain names. Let’s Encrypt automates this task in seconds, without requiring any human intervention, and at no cost.
  • The transition to a fully encrypted web won’t be immediate. After Let’s Encrypt is available to the public in 2015, each website will have to actually use it to switch over. And major web hosting companies also need to hop on board for their customers to be able to take advantage of it. If hosting companies start work now to integrate Let’s Encrypt into their services, they could offer HTTPS hosting by default at no extra cost to all their customers by the time it launches.
  • Paul Merrell on 25 Nov 14
     
    Don't miss the video. And if you have a web site, urge your host service to begin preparing for Let's Encrypt. (See video on why it's good for them.)
1 - 15 of 15
Showing 20 items per page