News Rundown

Cisco SecureX Reaches General Availability | Gestalt IT Rundown: June 17, 2020

Cisco announces that its SecureX platforms becomes generally available on June 30th, GitHub will change repository names from “master” to “main”, and Intel integrates CET into Tiger Lake CPUs. All this and the rest of the IT news of the week on the Gestalt IT Rundown, streaming live at 12:30pm ET every Wednesday.

This week on the Rundown:

Printers are Hard

Microsoft acknowledged several errors with printers caused by recent WIndows 10 updates. Windows 10 versions 1903, 1909, and 2004 were causing previously attached printers to error out when printing, and a seperate bug specific to version 1903 caused the computers USB port to disappear from the printer port list. Uninstalling the updates seems to solve the issues, and Microsoft says it is working to address the bugs.

OpenAI Launches API

OpenAI launched its API in beta, it’s first commerial offering, that can provide a a general-purpose “text in, text out” interface for English language tasks, capable of generating dialoges, summerizing a block of text, complete code based on function names, and translating natural language into Unix commands. Developers can show the API a few examples to improve output, provide a specific data set for training, or provide human labeling feedback. The API is availble “qualified customers” and is free for the first two months. OpenAI also pledged to cutoff API access for “obviously harmful use-cases, such as harassment, spam, radicalization, or astroturfing.”

Amazon Suspends Rekognition for Police

Amazon announced it’s putting a one-year moratorium on the use of its Rekognition facial recognition service by police. Amazon said it’s advocated for governments to introduce legislation about the ethical uses of facial recognition, and “We hope this one-year moratorium might give Congress enough time to implement appropriate rules”. Amazon declined to say how many police departments use Rekognition, and only lists the Washington County Sheriff Office in Oregon as a Rekognition customer on the AWS website.

High Scale Filestore

GCP acquired Elastifile last year, and we’re now seeing those assets integrated into their services. Google is rolling out a new storage tier called Filestore High Scale, which offers scalable capacity and performance, up to 16 GB/sec throughput and 480K IOPS, with concurrent access on up to tens of thousands of users. Google offering this as a fully managed service, and will provide integration into high-performance computing workload management scheduling systems.

UPnP Vulnerability

Turkish security researcher Yunus Çad?rc? recently outlined a flaw in the Universal Plug and Play network protocol called CallStranger. This allows a remote and unauthenticated user to interact with devices that are supposed to be accessible only inside local networks, potentially to orchestrate DDOS attacks. The attack exploits the protocols SUBSCRIBE function, which is used to send and confirm notifications to other connected devices on the network when specified events happen. CallStranger sends subscription requests that forge the URL that’s to receive the resulting “callback,” as the basis for a DDOS attack. Vulnerable devices include Windows 10, the Xbox One, routers from Asus, Huawei, DLink and Cisco, Samsung smart TVs and other devices, and requires them to be exposed to the internet. Cadirci notified the Open Connectivity Foundation who maintains the UPnP protocol and they have updated the underlying specification, but vendors will need to implement their own patches.

Box Relay Updates

Box announced details to its Relay workflow engine. Relay was launchin in 2019 as a way to standardize content review and approval workflows, by moving them out of email and closer to the storage. The update now makes it easier to set up these kind of workflows, with pre-built templates for 24 lines of business like sales, marketing, HR, legal, and finance. Box also integrated File Request into Relay, which can now trigger an automated handoff between sending and receiving files securely from third parties and Box Relay workflows. They don’t use the word no-code, but this feels very no-codish.

Intel CET Chips

Intel’s new Tiger Lake mobile CPUs will be the first to integrate the company’s Control-flow Enforcement Technology. The specification for CET was first published in 2016, and looks to put in controls on silicon to prevent malware. One feature to do this is shadow stack, which stores a copy of an apps order of operations in a secure part of the CPU, and compares this when the app is running, to see if malware has impacted this. The other is indirect branch tracking, which provides additional proections against apps CPU jump tables to read memory locations outside of what its using. Intel plans to include CET in all upcoming server and desktop chips as well. Intel has had no end of side-channel attack exploits the last few years, does this help turn the tide?

GitHub Moves to Main

Github CEO Nat Friedman announced that the code-hosting service would switch from using the word “master” to “main” to denote the main branch of a repository. The move comes as other projects also work to remove terms from code libraries with either ties to slavery or racially loaded terms. The Android Open Source Project (AOSP), the Go programming language, Grammarly, and the Curl download utility are among those who have all changed whitelist and blacklist usage to allowlist and blocklist, and LinkedIn Developer Gabriel Csapo said on Twitter he is working to update Microsoft’s internal software libraries to make similar changes. The Drupal CMS project was one of the earlier adopters of this language, having changed “master/slave” terminology with “primary/replica” in 2014.

T-Mobile’s No Good, Very Bad Day

On Monday T-Mobile had a major voice and data service outage in the US, which went from about 12pm ET until 1am, and was widespread enough other online services were being reported as being down because people couldn’t connect. At the time, Cloudflare CEO Matthew Prince attributed the outage to “changes to their network configurations” that created a “cascade of failures” across voice and data networks. Tmobile CEO Mike Sievert said the event was triggered by a “leased fiber circuit failure from a third party provider in the Southeast”. T-Mobile’s network redundancy didn’t help, resulting in an “IP traffic storm that spread from the Southeast to create significant capacity issues across the IMS (IP multimedia Subsystem) core network that supports VoLTE calls.” Tom were you impacted and how unprecedented is a 13 hour outage?

Apple to Announce ARM Macs at WWDC

Bloomberg’s Mark Gurman’s sources say Apple may announce it will replace Intel chips with its own main processors in Macs at WWDC, which starts June 22. The new ARM-based processors are based on the same technology used in Apple-designed iPhone and iPad chips, but Macs will still run the macOS operating system. Apple has changed chips twice before. In the early 1990s, it switched from Motorola processors to PowerPC, and at WWDC 2005, Apple announced it was switching from PowerPC to Intel. Tom, questions of software aside, Apple is a prominent consumer, creator, and developer platform. Would a switch to ARM move enough developers to move the needle, let’s say for businesses to adopt ARM.

Cisco SecureX Goes GA

Cisco announced that its SecureX security platform will be generally available on June 30th. Cisco first detailed SecureX back in March, and positions it as a way to unify security visibility from Cisco and third-party devices, ananlyzing data across endpoints, cloud, network, and applications. SecureX is now integraated across the company’s entire security portfolio. The company also announced it’s integrating its SD-WAN by Viptela into Cisco Umbrella to effectily block malicious destinations before making a network connection. DNA Center is getting endpoint identification at scale with support for logical grouping based on analytics, as well as the ability to analyze traffic flows between groups of endpoints to help design segmentation policies.

The Gestalt IT Rundown is a live weekly look at the IT news of the week. It broadcasts live on YouTube every Wednesday at 12:30pm ET. Be sure to subscribe to Gestalt IT on YouTube for the show each week.

About the author

Rich Stroffolino

Rich has been a tech enthusiast since he first used the speech simulator on a Magnavox Odyssey². Current areas of interest include ZFS, the false hopes of memristors, and the oral history of Transmeta.

Leave a Comment