The Information Systems and Computer Applications examination covers material that is usually taught in an introductory college-level business information systems course.

Author Archive

iOS 7 Will Be Available For iPads And iPhones On September 18

Originally posted on TechCrunch:

At their event this morning in Cupertino, Apple’s Craig Federighi announced that iOS 7 will be available to everyone beginning on September 18th. iOS 7 was first announced back at WWDC in June, and has spent the last three months in a developer-only (wink, wink) Beta testing mode.

As expected, the update will be available for the iPhone 4 and later, the iPad 2 and later, the iPad mini, and the 5th gen iPod touch.

“Since we make updates easy, and available to as many customers as possible,” Apple CEO Tim Cook said. “iOS 7 will quickly become the world’s most popular mobile operating system.”

Those are some bold words, considering how dramatic a shift iOS 7 is away from the norm. If you’ve somehow missed it, iOS 7 is a pretty massive departure from iOS’ past iterations. Almost every core visual of the OS — from the icons, to…

View original 240 more words


Dell Reportedly Has The Votes To Close The $24.9B Michael Dell-Silver Lake Buyout Deal

Originally posted on TechCrunch:

The Dell deal is now all but done, according to Bloomberg who today reported that there are enough yes votes to ice the Michael Dell-Silver Lake proposal that will see the firm taken private for $24.9 billion.

This news comes on the heels of the withdrawal of the rival Icahn bid that would have seen a tender offer for the majority of Dell shares at a higher per-share price. However, that deal would have left Dell a public company, albeit one with an odd liquidity structure.

Michael Dell and Silver Lake are using a few billion Microsoft dollars — tapped from Redmond’s overseas cash hoard — to finance the shebang. Bloomberg notes that “[h]olders of two-thirds of the voting shares have indicated their support for the proposed transaction.” So, that’s that.

It has been a long, often comical road. First, Dell was said to be dramatically undervalued by its founder…

View original 128 more words


iPhone 5C Will Cost $99 For 16GB, $199 For 32GB On 2-Year Contract

Originally posted on TechCrunch:

Today at Apple’s iPhone event, Apple unveiled a cheaper iPhone, the iPhone 5C, as well as the iPhone 5S. While the devices in themselves are not really a surprise after countless of leaks, the price of the iPhone 5C was still an outstanding question. The 16GB iPhone 5C will be released for $99 with a two-year contract. A 32GB model will cost $199. The iPhone 5S will cost $199, $299 or $399 for 16GB, 32GB and 64GB.

The iPhone 5C will greatly help Apple in many markets. While most phones come with a 2-year contract in the U.S., it’s not the case in the rest of the world. A new cheaper iPhone was highly anticipated as it could become a best-selling device in Europe and Asia. In these countries, customers can opt for cheaper plans but have to purchase unsubsidized phones. While it’s a great deal over…

View original 111 more words


Comunicación entre clientes OpenVPN con tun (routing)

Comunicación entre clientes OpenVPN con tun (routing)

 
TwitterFacebookLinkedInBufferMail
Evernote
+Tag

En el caso que tengamos múltiples clientes conectados a un servidor con OpenVPN con TUN, deberemos configurar la rutas.

 

Los modos de funcionamiento de OpenVPN puede ser mediante TUN o TAP:

  • TAP: Modo de funcionamiento de capa 2, por lo tanto, los equipos se ven como si estubieran conectados al mismo segmento de red. Por lo tanto, ven el tráfico broadcast que se genere en el segmento como si estuvieran directamente conectados.
  • TUN: Modo de funcionamiento de capa 3, por lo tanto, deberemos configurar routing.

Usando TAP podemos comunicar clientes entre sí directamente.

En el caso de TUN, si intentamos hacer un ping entre dos equipos conectados al mismo servidor OpenVPN podemos recibir un ICMP de “Packet filtered“:

# ping 172.16.101.16
PING 172.16.101.16 (172.16.101.16) 56(84) bytes of data.
From 80.80.80.117 icmp_seq=1 Packet filtered
From 80.80.80.117 icmp_seq=2 Packet filtered

Esto se debe a las rutas que hace que el paquete a otro equipo conectado al servidor se vaya por la default gateway. En el siguiente ejemplo podemos ver que todo paquete que no vaya al servidor (172.16.101.1) ni sea de ninguna de las otras redes irá por el default gateway, que en este caso será hacia Internet:

# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
<strong>172.16.101.1    0.0.0.0         255.255.255.255 UH        0 0          0 tun0</strong>
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 eth1
192.168.254.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth1
0.0.0.0         192.168.254.1   0.0.0.0         UG        0 0          0 eth0

Por lo tanto, en todos los clientes (con la directiva client-config-dir) que queramos que se comuniquen entre sí deberemos añadir una ruta para la red que queramos configurar. En dicha configuración de cliente, forzamos una IP fija a cada cliente, que su gateway sea 172.16.101.1 y publicamos una ruta para que el segmento 172.16.101.0/24 vaya por dicho gateway:

# cat cliente.systemadmin.es
ifconfig-push 172.16.101.12 172.16.101.1
push "route  172.16.101.0 255.255.255.0 172.16.101.1"

Las rutas de los clientes quedarán como las siguientes:

# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
<strong>172.16.101.1    0.0.0.0         255.255.255.255 UH        0 0          0 tun0
172.16.101.0    172.16.101.1    255.255.255.0   UG        0 0          0 tun0</strong>
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 eth1
192.168.254.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth1
0.0.0.0         192.168.254.1   0.0.0.0         UG        0 0          0 eth0

Por lo tanto, ahora deberemos hacer que los paquetes que se entregan por la interfaz tun del servidor se entreguen al cliente destino. Por defecto tendremos el forwarding desactivado, por lo tanto deberemos activarlo mediante el fichero /etc/sysctl.conf modificando la directiva net.ipv4.ip_forward a 1. Aplicamos los cambios mediante sysctl -p

# sysctl -p
(...)
net.ipv4.ip_forward = 1

A continuación definiremos dos reglas de iptables:

  • Una regla que permita el forwarding en las interfaces tun:
    iptables -A FORWARD -i tun+ -j ACCEPT
    
  • Otra regla que lo deniegue en las interfaces eth:
    iptables -A FORWARD -i eth+ -j DROP
    

    En lugar de cambiar la política por defecto de FORWARD, añado el DROP para tener el contador de paquetes para dicha regla.

Si lanzamos un ping entre dos clientes conectados veremos como aumentan los contadores y ya se ven entre sí:

# iptables -L -nv
(...)
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    6   504 ACCEPT     all  --  tun+   *       0.0.0.0/0            0.0.0.0/0
    0     0 DROP       all  --  eth+   *       0.0.0.0/0            0.0.0.0/0

Tags:

Relacionados

Comunicación entre clientes OpenVPN con tun (routing) was first posted on September 10, 2013 at 12:22 pm.


Meet Human, A Beautiful Fitness Tracking App To Help You Effortlessly Stay Healthy

Originally posted on TechCrunch:

Human is a newcomer in the crowded fitness space, but its take is different. Instead of being a stat-heavy activity app like RunKeeper or a life tracker gadget like Withings, Fitbit or Jawbone, Human is a passive iOS app designed to help you stay healthy. The goal is to move for 30 minutes every day, and to keep up with this simple habit. The company calls it the ‘Daily 30′. As it is extremely simple, keeping up with Human is easier than with competitive fitness systems.

“The basic premise of the app is very simple. Human tracks all of your activity and we put the focus on how many minutes you moved today and how many minutes you need to move,” co-founder and CEO Renato Valdés Olmos told me in a phone interview. “Each day of the week that you reach your Daily 30, we send out a push notifications,”…

View original 388 more words


Aside

Security By Default by Yago Jesus  Hemos perdido la batalla de la privacidad

Delicious
 
TwitterFacebookLinkedInBufferMail
+Tag
Si me hubieran dicho hace 7 u 8 años que iba a pronunciar la frase que da título a este post, probablemente me habría negado a creerlo, en ese momento pensaba que existía un notable ‘poder’ técnico al alcance de la gente y que los gobiernos -aun bisoños en el arte de espiar las nuevas tecnologías- tenían más que perdida la batalla del control de Internet.
 
Ahora lo veo todo de una forma radicalmente opuesta. Opino que, de una forma sutil y elaborada, las piezas del tablero han cambiado hasta un punto en el que ya todo está perdido.
 
De entrada el comportamiento de los usuarios ha sido ‘re-educado’ de una forma en la que la gente asume y acepta que la privacidad es algo secundario, se ha conseguido que la gente piense de una forma eminentemente pragmática donde la funcionalidad vale el 90% y las migajas quedan para el resto de cuestiones como la privacidad, moralidad, etc
 
La segunda pata de este problema, los gobiernos, han dado toda una lección de adaptación al medio ante la que hay que quitarse el sombrero. PRISM es el ejemplo superlativo del concepto técnico, pero me llama la atención el concepto sociológico: ahora es muy fácil concentrar esfuerzos.
 
En un momento en el que la gente ha aceptado que la privacidad es algo totalmente secundario, cualquier gobierno puede, de una forma muy cómoda, concentrar esfuerzos en ese pequeño reducto de personas que sí se toman en serio la privacidad y arrinconarlos. Un ejemplo claro es TOR, dejándola ante la opinión pública como un reducto de gente ‘extraña’ y luego atacándola basándose en la linea argumental previamente definida.
 
La tercera pata son las corporaciones, ante este panorama donde el usuario es un dócil corderito ya totalmente domesticado que juzga con absoluta lenidad cualquier violación a su privacidad, se ha abierto la barra libre, y no me refiero a cosas como que Facebook tiene vínculos con la NSA o la CIA (qué, sinceramente, me da igual y no creo que ese sea el problema ya que Facebook deja muy a las claras cual es su juego), me refiero a cosas mucho más oscuras.
 
El otro día, vía el siempre genial Crg, llegué a esta web en la que demostraban como hacer seguimiento a un usuario sin hacer uso ni de javascript ni de cookies. De ahí llego a este otro artículo en el que un estudio demostró como un buen número de webs bastante importantes estaban haciendo uso de estas técnicas para monitorizar usuarios.
 
Igualmente en ZDNet se puede leer un artículo donde se critica la poca transparencia de Microsoft con el sistema de actualización de las CAs del que, por cierto, hablamos por aquí en el 2010
 
Y estos son solo dos ejemplos, pero hay muchos más
 
En definitiva, hemos perdido la batalla de la privacidad

Aside

Why Federate?

TwitterLinkedInFacebookBufferMail

+Tag

Part of my job these days is convincing people to get out of the password business and start “Federating”; that is to say, outsource the login mechanics to an “Identity Provider” (IDP) like Facebook or Google or Microsoft or Twitter (and there are lots more). I’ve given the sales pitch quite a few times now; here it is.

Scenario

You’re putting up a new app and need to sign in users, so you use whatever’s popular with the package you’re using: On Rails, typically Devise, on NodeJS Drywall or Passport, on PHP Usercake, and so on.

These things will take care of storing and checking usernames and passwords for you. But storing and checking passwords is a bad thing to do.

Why?

There are too many passwords. When someone rolls up to your app for the first time and you ask him or her to pick a password, here are some typical reactions:

  • She says “Oh, not another damn password” and closes the browser tab. Kiss a customer goodbye. This is a very common reaction and if you’re Mr Yet-another-password, it’s happening to you right now.

    Oh, and if she’s on a mobile device, the chances that she’ll be willing to put up with Password Pain are dramatically reduced.

  • He picks a short, simple, easy-to-remember password, thereby making life easier for the bad guys.
  • She uses a complex high-quality password, and doesn’t have to actually pick it because it’s the same one she uses on all the sites she visits, including dog-grooming tips and money management. Thereby making life easier for the bad guys.
  • He types some random gibberish into the password field and doesn’t bother to remember it; the site will keep the session active for a few days, and when it asks him to log in again, he’ll hit “Forgot password” and get a password-reset email. Beats trying to remember. (This is the best outcome so far).
  • She uses a password manager like 1Password or LastPass or KeePass. It works pretty well for her — well, maybe a little awkward on mobile devices. But she’s had no luck at all getting her nontechnical friends and family to use it.

Which is to say, by playing the yet-another-password game, you’re decreasing the security of the whole Internet. You’re peeing in the swimming pool. It’s bad for your business, and Google’s business, and for the people using the Internet. So stop doing it.

That should be enough.

Not Convinced?

You still think you might want to do the password thing… so, you better make sure people pick goodpasswords. For an example, type “password rules” into Google and up comes Intel Password Rules, from which I could quote but let’s just screenshot instead.Password Rules

When you impose something like this on human beings, you’re being mean to them. Which is not only evil, and bad for business, it just doesn’t work. So stop doing it.

Still Not Convinced?

Maybe these will help.IEEE password hackDropBox password hackLinkedIn password hackYahoo! password hack

Are you smarter than those guys; the BBC, DropBox, LinkedIn, and so on? Are you sure? This could be you, very easily. The bad guys are out there, and they are probing your defenses every day. So once again: Get out of the password business, start federating, and don’t let this be you.

It’s That Easy?

Um, well, no. There are issues around federation: business, technology, and policy. I’ll write some follow-ups about them. The cost and effort is non-zero. But it’s something you’re going to have to do anyhow, so you might as well get started.


Follow

Get every new post delivered to your Inbox.

Join 21,420 other followers