According to CIA: Hackers have already attacked the electric grid

If someone hacked into the Smart Grid, experts say it could cause a blackout that stretches across the country

In the past week, there's been a good deal of publicity about security holes in the Smart Grid, making it a potential hacker's playground, as well as an entry point into enterprise networks. Here's more fuel for the fire: A year ago, the CIA claimed that hackers had invaded the networks of power utilities outside the U.S., causing power outages in several cities, and issuing extortion demands. 

Is it really so smart to forge ahead with the high technology, digitally based electricity distribution and transmission system known as the "Smart Grid"? Tests have shown that a hacker can break into the system, and cybersecurity experts said a massive blackout could result.

CIA said that hackers had already hacked into the networks of power companies overseas. The site SecurityFocus reported:

The cases involved unknown attackers compromising a utilities company's network and then demanding ransom from the firm. In at least one case, the attack cause a power outage that affected multiple cities, the CIA analyst said.

The attacks were launched via the Internet. Here's the full statement that the CIA official gave, according to the SANS Institute:

"We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."

The entire Smart Grid will be based on Internet technology, which means that it will be potentially more vulnerable that the existing grid to hackers. 

According to CIA: Hackers have already attacked the electric grid

If someone hacked into the Smart Grid, experts say it could cause a blackout that stretches across the country

In the past week, there's been a good deal of publicity about security holes in the Smart Grid, making it a potential hacker's playground, as well as an entry point into enterprise networks. Here's more fuel for the fire: A year ago, the CIA claimed that hackers had invaded the networks of power utilities outside the U.S., causing power outages in several cities, and issuing extortion demands. 

Is it really so smart to forge ahead with the high technology, digitally based electricity distribution and transmission system known as the "Smart Grid"? Tests have shown that a hacker can break into the system, and cybersecurity experts said a massive blackout could result.

CIA said that hackers had already hacked into the networks of power companies overseas. The site SecurityFocus reported:

The cases involved unknown attackers compromising a utilities company's network and then demanding ransom from the firm. In at least one case, the attack cause a power outage that affected multiple cities, the CIA analyst said.

The attacks were launched via the Internet. Here's the full statement that the CIA official gave, according to the SANS Institute:

"We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."

The entire Smart Grid will be based on Internet technology, which means that it will be potentially more vulnerable that the existing grid to hackers. 

According to CIA: Hackers have already attacked the electric grid

If someone hacked into the Smart Grid, experts say it could cause a blackout that stretches across the country

In the past week, there's been a good deal of publicity about security holes in the Smart Grid, making it a potential hacker's playground, as well as an entry point into enterprise networks. Here's more fuel for the fire: A year ago, the CIA claimed that hackers had invaded the networks of power utilities outside the U.S., causing power outages in several cities, and issuing extortion demands. 

Is it really so smart to forge ahead with the high technology, digitally based electricity distribution and transmission system known as the "Smart Grid"? Tests have shown that a hacker can break into the system, and cybersecurity experts said a massive blackout could result.

CIA said that hackers had already hacked into the networks of power companies overseas. The site SecurityFocus reported:

The cases involved unknown attackers compromising a utilities company's network and then demanding ransom from the firm. In at least one case, the attack cause a power outage that affected multiple cities, the CIA analyst said.

The attacks were launched via the Internet. Here's the full statement that the CIA official gave, according to the SANS Institute:

"We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."

The entire Smart Grid will be based on Internet technology, which means that it will be potentially more vulnerable that the existing grid to hackers. 

OpenSUSE project moves to fixed cycle for future releases

The openSUSE community has published the roadmap for the 11.2 release and unveiled the schedule for the next several releases, all the way out to 2011. The distro will be shifting towards a fixed time-based eight-month release cycle.

Ubuntu and Fedora have both converged on six-month release cycles that are loosely pinned to the GNOME development schedule. The openSUSE developers have rejected this approach and selected an eight-month cycle instead because they don't believe that six months provides an adequate time window for building a quality distribution.

The new schedule was proposed in a message posted to the openSUSE mailing list by release manager Stephan Kulow. In the e-mail, he lists the months when releases are expected to arrive and also provides some insight into the feature plan for 11.2, the next major release.

...

OpenSUSE 11.2, which is codenamed Fichte, is planned for November 2009. It will include GNOME 2.28, KDE 4.3, a Web-based management interface for the YaST configuration system, improved support for Netbook hardware, and could potentially use Ext4 as the default filesystem. Subsequent releases will take place in July 2010, March 2011, and November 2011. Previous releases have generally been made at intervals of roughly 8 to 10 months, but a fixed cycle has never previously been enforced.

A strong commitment to a predetermined consistent release schedule makes it much easier for third-party developers and end-users to properly plan for releases. It also diminishes the risk of never-ending Duke Nukem Forever development cycles. The downside is that the pressure to ship on time can degrade release quality and also cause a distro to miss critical versions of important software components that are released too late for inclusion. The key is to be able to work within a schedule but make allowances for deviations where it is necessary and warranted.

The new openSUSE release strategy appears more structured than the previous approach, but still not as uncompromising as Ubuntu's rigid schedule commitment.

 

Source: arstechnica.com

OpenSUSE project moves to fixed cycle for future releases

The openSUSE community has published the roadmap for the 11.2 release and unveiled the schedule for the next several releases, all the way out to 2011. The distro will be shifting towards a fixed time-based eight-month release cycle.

Ubuntu and Fedora have both converged on six-month release cycles that are loosely pinned to the GNOME development schedule. The openSUSE developers have rejected this approach and selected an eight-month cycle instead because they don't believe that six months provides an adequate time window for building a quality distribution.

The new schedule was proposed in a message posted to the openSUSE mailing list by release manager Stephan Kulow. In the e-mail, he lists the months when releases are expected to arrive and also provides some insight into the feature plan for 11.2, the next major release.

...

OpenSUSE 11.2, which is codenamed Fichte, is planned for November 2009. It will include GNOME 2.28, KDE 4.3, a Web-based management interface for the YaST configuration system, improved support for Netbook hardware, and could potentially use Ext4 as the default filesystem. Subsequent releases will take place in July 2010, March 2011, and November 2011. Previous releases have generally been made at intervals of roughly 8 to 10 months, but a fixed cycle has never previously been enforced.

A strong commitment to a predetermined consistent release schedule makes it much easier for third-party developers and end-users to properly plan for releases. It also diminishes the risk of never-ending Duke Nukem Forever development cycles. The downside is that the pressure to ship on time can degrade release quality and also cause a distro to miss critical versions of important software components that are released too late for inclusion. The key is to be able to work within a schedule but make allowances for deviations where it is necessary and warranted.

The new openSUSE release strategy appears more structured than the previous approach, but still not as uncompromising as Ubuntu's rigid schedule commitment.

 

Source: arstechnica.com

OpenSUSE project moves to fixed cycle for future releases

The openSUSE community has published the roadmap for the 11.2 release and unveiled the schedule for the next several releases, all the way out to 2011. The distro will be shifting towards a fixed time-based eight-month release cycle.

Ubuntu and Fedora have both converged on six-month release cycles that are loosely pinned to the GNOME development schedule. The openSUSE developers have rejected this approach and selected an eight-month cycle instead because they don't believe that six months provides an adequate time window for building a quality distribution.

The new schedule was proposed in a message posted to the openSUSE mailing list by release manager Stephan Kulow. In the e-mail, he lists the months when releases are expected to arrive and also provides some insight into the feature plan for 11.2, the next major release.

...

OpenSUSE 11.2, which is codenamed Fichte, is planned for November 2009. It will include GNOME 2.28, KDE 4.3, a Web-based management interface for the YaST configuration system, improved support for Netbook hardware, and could potentially use Ext4 as the default filesystem. Subsequent releases will take place in July 2010, March 2011, and November 2011. Previous releases have generally been made at intervals of roughly 8 to 10 months, but a fixed cycle has never previously been enforced.

A strong commitment to a predetermined consistent release schedule makes it much easier for third-party developers and end-users to properly plan for releases. It also diminishes the risk of never-ending Duke Nukem Forever development cycles. The downside is that the pressure to ship on time can degrade release quality and also cause a distro to miss critical versions of important software components that are released too late for inclusion. The key is to be able to work within a schedule but make allowances for deviations where it is necessary and warranted.

The new openSUSE release strategy appears more structured than the previous approach, but still not as uncompromising as Ubuntu's rigid schedule commitment.

 

Source: arstechnica.com

How to Expand Google’s Universal Search

Back in 2007 Google rolled out a revolutionary feature -Universal Search - that blended listings in its search interface from general “plain” search and video, news, images, local and book search.

To explain it clearer, Google tries to guess what other type of information the surfer would also like see based on his or her search query. For example, for “Britney Spears” you’ll see images and videos blended within the search interface and for “downtown Los Angeles” you’ll get local search results (i.e. maps.google.com).

The idea of pulling more data by one-click searching can be expanded. You do not have to limit yourself to the Google search engine only. This time I am listing a few cool FireFox addons that show you more relevant information based on your search query and provides you with more opportunities to browse through.

Add Multiple Search Engines to Google Search Interface

WebMynd offers to search a wealth of search platforms simultaneously with your Google search, by default: Twitter Search, Amazon, YouTube; but you can also add numerous other search options (e.g. Flickr, Wikipedia, Digg, LinkedIn, CNN, etc). The search results will appear right on Google’s results page in the right sidebar:

Additional great features of the page:

• send Tweets directly from your search results asking your friends advice related to your search;
• user-friendly interface: add/hide engines with one click, drag-and-drop ordering of pages.

Source: makeuseof.com

How to Expand Google’s Universal Search

Back in 2007 Google rolled out a revolutionary feature -Universal Search - that blended listings in its search interface from general “plain” search and video, news, images, local and book search.

To explain it clearer, Google tries to guess what other type of information the surfer would also like see based on his or her search query. For example, for “Britney Spears” you’ll see images and videos blended within the search interface and for “downtown Los Angeles” you’ll get local search results (i.e. maps.google.com).

The idea of pulling more data by one-click searching can be expanded. You do not have to limit yourself to the Google search engine only. This time I am listing a few cool FireFox addons that show you more relevant information based on your search query and provides you with more opportunities to browse through.

Add Multiple Search Engines to Google Search Interface

WebMynd offers to search a wealth of search platforms simultaneously with your Google search, by default: Twitter Search, Amazon, YouTube; but you can also add numerous other search options (e.g. Flickr, Wikipedia, Digg, LinkedIn, CNN, etc). The search results will appear right on Google’s results page in the right sidebar:

Additional great features of the page:

• send Tweets directly from your search results asking your friends advice related to your search;
• user-friendly interface: add/hide engines with one click, drag-and-drop ordering of pages.

Source: makeuseof.com

How to Expand Google’s Universal Search

Back in 2007 Google rolled out a revolutionary feature -Universal Search - that blended listings in its search interface from general “plain” search and video, news, images, local and book search.

To explain it clearer, Google tries to guess what other type of information the surfer would also like see based on his or her search query. For example, for “Britney Spears” you’ll see images and videos blended within the search interface and for “downtown Los Angeles” you’ll get local search results (i.e. maps.google.com).

The idea of pulling more data by one-click searching can be expanded. You do not have to limit yourself to the Google search engine only. This time I am listing a few cool FireFox addons that show you more relevant information based on your search query and provides you with more opportunities to browse through.

Add Multiple Search Engines to Google Search Interface

WebMynd offers to search a wealth of search platforms simultaneously with your Google search, by default: Twitter Search, Amazon, YouTube; but you can also add numerous other search options (e.g. Flickr, Wikipedia, Digg, LinkedIn, CNN, etc). The search results will appear right on Google’s results page in the right sidebar:

Additional great features of the page:

• send Tweets directly from your search results asking your friends advice related to your search;
• user-friendly interface: add/hide engines with one click, drag-and-drop ordering of pages.

Source: makeuseof.com

Turn to Splunk for Log Indexing Management

What is SPLUNK actually ?

I have been introduced by Kenneth and Jerry from Systex Group about SPLUNK. I never heard about Splunk before. After the presentation, I found that Splunk is a search indexing software that indexes any fast moving IT data as it happens, making it possible to actually see inside the data center at runtime. From your Web browser, we can possibly navigate logs, configuration files, message queues, JMX notifications, SNMP and database transactions from any system, application or device. System administrators, developers and support staff everywhere can now diagnose and resolve problems faster resulting in shorter mean time to repair (MTTR), better service availability and reduced cost of incident response. 

From my point of view.. I've seen that Splunk can help IT Department instantly figure out what's happening anywhere in their infrastructure by making use of all the data being logged within the data center. Very useful product for Network Operation Center (NOC) and Service Desk.

We been informed that, since Splunk first launched its product in July 2006, more than 250,000 users and over 800 enterprise customers have selected Splunk as their IT search platform to improve the availability of the IT infrastructure, meet security and compliance needs and cut the operations costs. In additions, more than 50 OEM (including CISCO), system integrators, VAR and MSSP worldwide have also partnered with Splunk and fueled their offerings with Splunk.

Splunk claimed that, they use powerful algorithms to automatically organize any type of IT data into events. It then classifies these events and discovers relationships between events of different kinds. Events are indexed by time, terms and relationships. For me... this product is really.. really interesting and impressive.

What Can Splunk Do For Us?

Splunk can help us to get to the root of the problem.

• System administrators can find the root cause of problems quickly and locate latent systems issues before they cause downtime.
  
• Developers can debug interactions among multiple tiers and components in the code-test cycle, the migration from development to production or during production escalations.
  
• Service desk and support teams can investigate reported incidents and alerts right away without having to reproduce the problem or call in senior analysts or developers.
  

Turn to Splunk for Log Indexing Management

What is SPLUNK actually ?

I have been introduced by Kenneth and Jerry from Systex Group about SPLUNK. I never heard about Splunk before. After the presentation, I found that Splunk is a search indexing software that indexes any fast moving IT data as it happens, making it possible to actually see inside the data center at runtime. From your Web browser, we can possibly navigate logs, configuration files, message queues, JMX notifications, SNMP and database transactions from any system, application or device. System administrators, developers and support staff everywhere can now diagnose and resolve problems faster resulting in shorter mean time to repair (MTTR), better service availability and reduced cost of incident response. 

From my point of view.. I've seen that Splunk can help IT Department instantly figure out what's happening anywhere in their infrastructure by making use of all the data being logged within the data center. Very useful product for Network Operation Center (NOC) and Service Desk.

We been informed that, since Splunk first launched its product in July 2006, more than 250,000 users and over 800 enterprise customers have selected Splunk as their IT search platform to improve the availability of the IT infrastructure, meet security and compliance needs and cut the operations costs. In additions, more than 50 OEM (including CISCO), system integrators, VAR and MSSP worldwide have also partnered with Splunk and fueled their offerings with Splunk.

Splunk claimed that, they use powerful algorithms to automatically organize any type of IT data into events. It then classifies these events and discovers relationships between events of different kinds. Events are indexed by time, terms and relationships. For me... this product is really.. really interesting and impressive.

What Can Splunk Do For Us?

Splunk can help us to get to the root of the problem.

• System administrators can find the root cause of problems quickly and locate latent systems issues before they cause downtime.
  
• Developers can debug interactions among multiple tiers and components in the code-test cycle, the migration from development to production or during production escalations.
  
• Service desk and support teams can investigate reported incidents and alerts right away without having to reproduce the problem or call in senior analysts or developers.
  

Turn to Splunk for Log Indexing Management

What is SPLUNK actually ?

I have been introduced by Kenneth and Jerry from Systex Group about SPLUNK. I never heard about Splunk before. After the presentation, I found that Splunk is a search indexing software that indexes any fast moving IT data as it happens, making it possible to actually see inside the data center at runtime. From your Web browser, we can possibly navigate logs, configuration files, message queues, JMX notifications, SNMP and database transactions from any system, application or device. System administrators, developers and support staff everywhere can now diagnose and resolve problems faster resulting in shorter mean time to repair (MTTR), better service availability and reduced cost of incident response. 

From my point of view.. I've seen that Splunk can help IT Department instantly figure out what's happening anywhere in their infrastructure by making use of all the data being logged within the data center. Very useful product for Network Operation Center (NOC) and Service Desk.

We been informed that, since Splunk first launched its product in July 2006, more than 250,000 users and over 800 enterprise customers have selected Splunk as their IT search platform to improve the availability of the IT infrastructure, meet security and compliance needs and cut the operations costs. In additions, more than 50 OEM (including CISCO), system integrators, VAR and MSSP worldwide have also partnered with Splunk and fueled their offerings with Splunk.

Splunk claimed that, they use powerful algorithms to automatically organize any type of IT data into events. It then classifies these events and discovers relationships between events of different kinds. Events are indexed by time, terms and relationships. For me... this product is really.. really interesting and impressive.

What Can Splunk Do For Us?

Splunk can help us to get to the root of the problem.

• System administrators can find the root cause of problems quickly and locate latent systems issues before they cause downtime.
  
• Developers can debug interactions among multiple tiers and components in the code-test cycle, the migration from development to production or during production escalations.
  
• Service desk and support teams can investigate reported incidents and alerts right away without having to reproduce the problem or call in senior analysts or developers.