Wednesday, November 26, 2014

Happy Thanksgiving!

Thank you for all you do to improve ICT education and workforce development!

Enjoy the holidays!

Tuesday, November 25, 2014

California Research & Education Network Gets 100-Gigabit Upgrade

Officials with participating institutions said the new network backbone will help the state bring additional capacity needed to expand the network to public libraries and other organizations.

BY NEWS STAFF / NOVEMBER 24, 20140  Government Technology


A broadband network used by California’s research universities and schools has been upgraded to 100 gigabits per second (Gbps), officials announced this week.

The California Research & Education Network (CalREN) has almost 10,000 connection sites among K-12, community colleges, the California State University, University of California campuses and private universities such as Caltech and Stanford.

The Corporation for Education Network Initiatives in California (CENIC) manages and operates CalREN.

Officials with the participating institutions said the new 100-Gbps network backbone will help California remain on the leading edge and bring additional capacity needed to expand the network to public libraries and other organizations.

“Frontier research is being driven today by Big Data, growing in scale at an enormous rate,” said Larry Smarr, founding director of the California Institute for Telecommunications and Information Technology, a UC San Diego/UC Irvine partnership. “CENIC’s backbone upgrade to 100 Gbps is coming just in time to keep California in a leadership position.”

Traffic on the 3,800-mile fiber network continues to grow, said CENIC President and CEO Louis Fox.

“This makes ongoing network upgrades like this absolutely critical to the continued health of California’s spirit of innovation,” Fox said.

The network is CENIC’s main focus but it also offers other technology services. Last month the corporation announced the availability of cloud infrastructure services to CENIC members through agreements with CenturyLink, FireHost and Verizon.

This staff report was originally published by TechWire.

Monday, November 24, 2014

RHT: 10 Tips on Networking Events for Introverts

by Monica Nakamine
November 24, 2014  Robert Half Techology

Introversion is different than shyness. You could be one or the other, or both.
Networking events. These are two words that might give some introverted IT professionals the shivers. But they don’t have to be so scary if you approach it with a strategy in mind.
As a former PR professional, networking events were always a necessary part of my job. But I’m not a natural-born schmoozer. In fact, it was always very nerve-racking for me. I’d either get tongue-tied or I’d have to keep repeating myself in order to be heard. Being the quiet introvert that I am, I usually wanted to head for the hills the minute I was faced with a loud crowd of people who already seemed to know each other. Who am I to interrupt?

Now, a little wiser and more mature, I have a different perspective. Oh, I’m still an introvert and not quite in my element at networking events or even in big groups, but I don’t feel quite so ill at ease. Based on my own collective experiences, observations and trial-and-errors, I’ve come to realize that networking isn’t the big scary monster that I imagined it to be.

By organizing your thoughts and developing a plan of action, you’ll feel a bit more confident going into a networking event and you’ll have idea of what you should be getting out of it. Here are a few tips:

1.  Have a goal and set some objectives.
Before you arrive at your networking event, decide what you want to get out of it. Then, figure out how you’re going to achieve it. For people who are list-makers, this is a great way to ensure that your time at the event is well-spent.

2.  Memorize and practice your elevator pitch.

You never know when a networking opportunity will present itself – in an actual elevator, at a party, on the golf course. So, be prepared.

3.  Put your game face on.
When you know you have a networking event to go to. Psych yourself up for it. Get mentally prepared and, when the time comes, focus.

4.  Keep some mints with you.

Unless you just brushed your teeth, pop some mints in your mouth before engaging in conversation. Oftentimes, people are unaware of how their breath smells. So, better to be safe than sorry.

5.  Introduce yourself or make an observation.
Don’t know what to talk about with the person standing next to you? A simple, “Hi, my name is…” would suffice. Or, make an observation that you both can relate to: “This guacamole dip is amazing!”

6.  Pay attention to name tags.
Sometimes name tags include the name of your employer and/or your title, which might be a good conversation-starter. I was at an event that asked participants to include the first concert we’d ever been to. That was definitely a conversation-starter!

7.  Practice makes perfect.
Interacting with people in a fluid, natural way requires practice. Take every opportunity to do this. It doesn’t even need to be a formal networking event. Volunteer to man your company’s tradeshow booth. Lead team meetings.

8.  When in doubt, think “who cares?”
Blunt as it is, this is my own personal mantra that nudges me toward taking action when I feel shy or embarrassed. For instance, I need to ask that woman for her business card before I leave the event. If I’m apologetic and polite, she probably won’t care that I had to interrupt her conversation to get it.

9.  Put yourself in other people’s shoes.
Guess what. You’re not the only introvert in the crowd. And everyone is there for similar reasons. When you step out of your comfort zone, you might be pleasantly surprised that people are very responsive. But when they’re not, you’ll know when it’s time to move on.

10.  Ask questions and listen to answers.
Communication is a two-way street. Don’t hog the conversation by talking about yourself the entire time. When you’re trying to build a professional relationship, ask questions to determine if this person can help you or if you can help him.

These tips are meant to help you get through the door and, once you’re in, what you need to do to make the most of it. What other tips would you add to the list? What has worked for you?

— Monica Nakamine

Monica Nakamine is the Online Content Marketing Manager for Robert Half Technology and The Creative Group. After earning a master’s degree in journalism, she realized that marketing is more her thing and continued to apply her writing skills to a variety of industries – from higher education to high-tech. Beyond work, she’s a devoted dog-owner, aunt and Game of Thrones fan. Follow her on Twitter @latoboston.

Four-year-old comment security bug affects 86 percent of WordPress sites

Bug allows script attack that could be used to hijack sites or attack visitors.

A Finnish IT company has uncovered a bug in WordPress 3 sites that could be used to launch a wide variety of malicious script-based attacks on site visitors’ browsers. Based on current WordPress usage statistics, the vulnerability could affect up to 86 percent of existing WordPress-powered sites.
The vulnerability, discovered by Jouko Pynnonen of Klikki Oy, allows an attacker to craft a comment on a blog post that includes malicious JavaScript code. On sites that allow comments without authentication—the default setting for WordPress—this could allow anyone to post malicious scripts within comments that could target site visitors or administrators. A proof of concept attack developed by Klikky Oy was able to hijack a WordPress site administrator’s session and create a new WordPress administrative account with a known password, change the current administrative password, and launch malicious PHP code on the server. That means an attacker could essentially lock the existing site administrator out and hijack the WordPress installation for malicious purposes.
“For instance, our [proof of concept] exploits first clean up traces of the injected script from the database,” the Klikki Oy team wrote in a blog post on the vulnerability, “then perform other administrative tasks such as changing the current user's password, adding a new administrator account, or using the plugin editor to write attacker-supplied PHP code on the server (this impact applies to any WordPress XSS if triggered by an administrator). These operations happen in the background without the user seeing anything out of the ordinary. If the attacker writes new PHP code on the server via the plugin editor, another AJAX request can be used to execute it instantaneously, whereby the attacker gains operating system level access on the server.”
The current version of WordPress (version 4.0), which was released in September, is not vulnerable to the attack. However, WordPress issued a security update to version 4.0 last week to address unrelated cross-site scripting issues.

BBC: Regin, new computer spyware, discovered by Symantec

23 November 2014 Last updated at 13:32 ET  BBC

>Vikram Thakur, Symantec: "We don't believe it is being used... for mass surveillance"

A leading computer security company says it has discovered one of the most sophisticated pieces of malicious software ever seen.

Symantec says the bug, named Regin, was probably created by a government and has been used for six years against a range of targets around the world.

Once installed on a computer, it can do things like capture screenshots, steal passwords or recover deleted files.

Experts say computers in Russia, Saudi Arabia and Ireland have been hit most.

It has been used to spy on government organisations, businesses and private individuals, they say.

Researchers say the sophistication of the software indicates that it is a cyber-espionage tool developed by a nation state.

They also said it likely took months, if not years, to develop and its creators have gone to great lengths to cover its tracks.

Sian John, a security strategist at Symantec, said: "It looks like it comes from a Western organisation. It's the level of skill and expertise, the length of time over which it was developed."

Symantec has drawn parallels with Stuxnet, a computer worm thought to have been developed by the US and Israel to target Iran's nuclear program.

That was designed to damage equipment, whereas Regin's purpose appears to be to collect information.