Monthly Archives: January 2015

AVG

Will 2015 be the biggest yet for Cybersecurity?

President Obama’s recently announced comprehensive new cybersecurity proposal for the U.S., highlighted in his State of the Union address (you can see a full transcript of this address here), puts the issue of cybersecurity where it should be: front and center.

The high-profile cyber-attacks and hacks of the past year have drawn a mainstream spotlight to cybersecurity. As the President emphasized in his address: “No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets, or invade the privacy of American families, especially our kids.”

What are my thoughts? I think this is a real, actionable step in the right direction to increase the war on cyber-attacks and protect consumers and businesses.

The new Presidential cybersecurity proposal, officially announced  on December 19 at  the National Cybersecurity and Communications Integration Center, aims to move to quicker and more active security breach and threat reporting.

Image courtesy of The Guardian

According to the White House announcement, the proposal would create a more proactive environment for companies and organizations in the private sector to share security breaches with the government. The proposal, for example, would criminalize the sale of stolen financial data, and mandate that companies notify consumers about data breaches, as well as protect companies from liability.

As stated by the White House, “Specifically, the proposal encourages the private sector to share appropriate cyber threat information with the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC), which will then share it in as close to real-time as practicable with relevant federal agencies and with private sector-developed and operated Information.”

Information sharing provides a way to get a real-time response to these breaches. But it’s the old left-hand, right-hand problem.  Information sharing would speed up an organized response to a data breach or cyber-threat and allow a concerted response. But there remain legitimate concerns in many camps about the information shared.

This proposal seems to be well crafted in that it recognizes a general apprehension of handing over information to the government, a genuine concern (even an obsession) for many. The plan seeks to mollify privacy concerns by requiring participating companies to comply with a set of restrictions, such as removing “unnecessary personal information” and to protect personal information that has been shared.

A national standard in the United States for reporting breaches has been a long time coming. If you’re a company that has been hacked, your obligations are different in different states. If your information has been hacked, a company’s obligation to report it to you currently depends on the regulations of the state you reside in, which simply doesn’t make sense. If you’ve been hacked by someone from Russia, for example, does it matter whether you live in Connecticut or Texas? The problem is a global one, but a national plan is a great move.

The new cybersecurity proposal has critics and supporters lining up in debate.  And the prospect is real that this cybersecurity plan like previous proposals could become stalled in Congress.

“cybersecurity needs to be proactive in preventing and detecting cyber crime”.

We all need to focus on the idea that cybersecurity is not just reactive, but needs to be proactive – in preventing and detecting cyber crime. The President’s proposal is a step along that path.

I’m looking forward to a next step and results of the newly announced Summit on Cybersecurity and Consumer Protection at Stanford on February 13, 2015 which will convene a wide variety of groups for industry, private and public – to help shape public and private sector efforts to protect consumers and companies from growing network threats.

The good news is that momentum for cybersecurity is building. If we can get business, government, and the security industry in this country working from the same digital page, the benefits could be tremendous.

It’s a critical and very exciting time to be in digital security.

CentOS

CEEA-2015:X002 Xen and LibVirt Xen4CentOSEnhancement Update

CentOS Errata and Enhancement Advisory 2015:X002 (Xen4CentOS)

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
-----------------------------
x86_64
-----------------------------

cdfc144852265d5b5d5ad929bc5b31159a6ca859715ba795134e2b85fe7e3399  libvirt-1.2.10-3.el6.x86_64.rpm
5c9b50eae196a3beb710b1aa37ef212d1fb19062a3e0a0a0b1448c3e38695898  libvirt-client-1.2.10-3.el6.x86_64.rpm
f75375eca3a0088aa9a537dda0cdebc047bb74fc24364b0f75a3f3315ea5fee1  libvirt-daemon-1.2.10-3.el6.x86_64.rpm
04a7c8d378aaa85aa0962afa24193df37bc884a4f0f812c82f196d9657f6faea  libvirt-daemon-config-network-1.2.10-3.el6.x86_64.rpm
f6b969d3c89e4f7d10b18464f5a5b7d8b4627bba8194426a4f528d572ef9b378  libvirt-daemon-config-nwfilter-1.2.10-3.el6.x86_64.rpm
89a220c0964427ec8e914d7fe01c799e1223c1a0ccbf6e9c9a8b722dbfb2e6c2  libvirt-daemon-driver-interface-1.2.10-3.el6.x86_64.rpm
d52b96cd2cbb807e93a74970d4309f2ff0b8a5c5030918cfa74b070152b561ef  libvirt-daemon-driver-libxl-1.2.10-3.el6.x86_64.rpm
14e49bd64281368826a4d7bff9dcebe63f7693fd6b50e681febf515b09ae098b  libvirt-daemon-driver-lxc-1.2.10-3.el6.x86_64.rpm
48dbc513689a93689eb89ea514ee7fee560d66a6f8d49e61424fcfa155105308  libvirt-daemon-driver-network-1.2.10-3.el6.x86_64.rpm
dfa11209f31bedf18938d85eb12456d82d46af84070fe4f47e5521a3f4fcbfea  libvirt-daemon-driver-nodedev-1.2.10-3.el6.x86_64.rpm
46e6872c93140df1aa662470b4e72fe49b960412b059c32b5d2128ce6f61a10e  libvirt-daemon-driver-nwfilter-1.2.10-3.el6.x86_64.rpm
23233e23f9e41d47a7f7489647e308394f94018b4789a225a6df6b49291ecbf0  libvirt-daemon-driver-qemu-1.2.10-3.el6.x86_64.rpm
9ab5624fcfed9a1401b46b458bb23aded8bc603e2ba10e267a12eec64c7ec683  libvirt-daemon-driver-secret-1.2.10-3.el6.x86_64.rpm
464f904baea4beec68fe90708c2895e697f215551d423a5dc9950c6f2df672b4  libvirt-daemon-driver-storage-1.2.10-3.el6.x86_64.rpm
1f6242a8ca12578bb7c0046e604e87caa13a3b2bfcae0e2a75d8d7d957d77837  libvirt-daemon-driver-xen-1.2.10-3.el6.x86_64.rpm
9dcf36b9708b145df230de9e4967a880620d5fbb91c874c34b0a06110b2fcb0f  libvirt-daemon-kvm-1.2.10-3.el6.x86_64.rpm
521e8fd3fe56d00c3ed9b4b83fbf8d145fd0cb40ed57ca163cf4dad065d0c83e  libvirt-daemon-lxc-1.2.10-3.el6.x86_64.rpm
604a476a2cb73578411d1780e915ec12ef5421c4ddd1c6501af8baedddb11b05  libvirt-daemon-xen-1.2.10-3.el6.x86_64.rpm
ada1948fb39ff73b9462b3b4a88d83650768811da6cf041dfc82c8cb4440ca3c  libvirt-devel-1.2.10-3.el6.x86_64.rpm
12b7d939d5bbb902d19c9f10ab1d0e09b7d6f2569d6c08d361faa7a078537580  libvirt-docs-1.2.10-3.el6.x86_64.rpm
9b5966f617704138b57c0158ffc24bd722e3c45fc163c4b57fbb78a6a46bab3f  libvirt-lock-sanlock-1.2.10-3.el6.x86_64.rpm
cf3c8b24dd749d3a58502153e68908ee7d7f6c935a24a42c1939d776a394ad34  libvirt-login-shell-1.2.10-3.el6.x86_64.rpm
4a6fefb92c51a8c808519c14c0f05bf4bba5d15cc6c80a9189233cea429f81f3  libvirt-python-1.2.10-2.el6.x86_64.rpm
cfb51d27393b89ce9ea778c90fc78387e1bbd66ee526900f4d1d30b0ce2939f2  xen-4.4.1-5.el6.x86_64.rpm
8112529df37665282b18ac255024a5298b4a0d2c3b43047feb2411d04bb8493b  xen-devel-4.4.1-5.el6.x86_64.rpm
eceef9fe592a624c58321095223f1694aaeafc5188d7af2a63545169ce4c2935  xen-doc-4.4.1-5.el6.x86_64.rpm
2604e220fb3bd9dade6f032eb3688770dec07969b4000dbeda0d950fb94f647d  xen-hypervisor-4.4.1-5.el6.x86_64.rpm
8645ef7f6d40c2f1374d4749dafa30e636db78650e262b9f3c7208748234be47  xen-libs-4.4.1-5.el6.x86_64.rpm
d7e292c6593100328b324451bcb71ffd5aca25748826af1e67bca0950d611674  xen-licenses-4.4.1-5.el6.x86_64.rpm
81b62af7f92f6df99e85678ba7b5856006673f04b27c9d3cc9e437f702879f39  xen-ocaml-4.4.1-5.el6.x86_64.rpm
2b6fe42c4e34cc6b41a7e7ee3c7409db10a606ff4cf90dfbf6f4dcccd6adf2de  xen-ocaml-devel-4.4.1-5.el6.x86_64.rpm
2a85526a06d64cd6d23b292a132f49c48bd4d446854c9834ecd816da6978da69  xen-runtime-4.4.1-5.el6.x86_64.rpm

-----------------------------
Source
-----------------------------

02d6120f7bbeb61b52b1529bec526c078a2c5d13560337098f12d3755f28d926  libvirt-1.2.10-3.el6.src.rpm
550fcd79d3d32752847cc8901155b8870816b4f6bd0fee304503024962679962  libvirt-python-1.2.10-2.el6.src.rpm
17fd39507d1bbac73b0e1c60f56faf775f7cf64ba71fa1a8748159529e42fe52  xen-4.4.1-5.el6.src.rpm

=====================================================

NOTE:  This is an upgrade of libvirt to version 1.2.10 and xen to 4.4.1

By default version 4.4 of Xen uses libxl by default, not xm.  You must convert
your xm DomU virtual machines to xl or you must turn on xend manually to use your
older DomU virtual machines.

Please review this before upgrading and decide how to proceed:

http://wiki.centos.org/HowTos/Xen/Xen4QuickStart/MigratingToXl

=====================================================

These new RPMs have been produced by the new CentOS Virtualization SIG:

http://wiki.centos.org/SpecialInterestGroup/Virtualization/

Utilizing the new CentOS Community Build System (CBS):
http://cbs.centos.org

Special thanks to the SIG for their hard work in building and testing this
release, especially Lars Kurth, George Dunlap and Pasi Kärkkäinen.

--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net