SVP Technology at Fiserv; large scale system architecture/infrastructure, tech geek, reading, learning, hiking, GeoCaching, ham radio, married, kids
15870 stories
·
135 followers

Scapy Packet Manipulation Tool 2.6.1

1 Share
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
Read the whole story
JayM
1 day ago
reply
Atlanta, GA
Share this story
Delete

Joining ISE to Active Directory

1 Share

Most ISE deployments use a join to Active Directory to be able to query AD groups, perform user lookups, etc. In this post, I’ll join my ISE lab server to AD. First I’m going to create two OUs in my AD, one for users and one for computers. Why not use the default ones? They are containers, not OUs, which means you can’t apply GPOs to them. Additionally, it makes for cleaner separation from the built-in accounts and allows for applying policies that won’t affect them. I’m creating two OUs:

  • iselab users.
  • iselab computers.

This is done by going to Active Directory Users and Computers, then right clicking the AD domain and selecting New -> Organizational Unit:

Give the OU a name and then click OK:

Repeat for the computers OU. You should now be able to see the OUs:

I’m going to create a user named Bob that I’ll be using to test login later. Right click the users OU and then select New -> User:

Enter the name and logon name:

Click Next. Enter a password for the user. As this is a lab, I won’t require that the user changes the password and the password is set to not expire:

Click Next. Then click Finish. The user has been created:

Now we’re going to join ISE to AD. We’ll need two things:

  • AD domain name.
  • AD account with Domain Admin privileges.

The Domain Admin credentials are required to join the domain. Note that they are only used once and that the credentials aren’t stored anywhere in ISE.

In ISE go to Administration -> External Identity Sources -> Active Directory. The list is currently empty:

Click + Add and enter the Join Point Name and the AD domain:

Click Submit. A popup appears asking if all nodes should be joined to the domain:

Select Yes. Enter credentials of a Domain Admin to join:

Click OK. The process is completed:

The AD join has been added:

Going back to the AD console, there is now an account that has been created for ISE:

Finally, let’s import the OUs from AD that we created previously. Go to the Groups tab when your join point is selected:

Click + Add and then Select Groups from Directory:

Click Retrieve Groups…

Then select the groups you want and click OK:

Click Save.

That’s it! We’ve joined AD with ISE and will now be able to query it to for example verify if a user is part of an AD group when writing our authz rules.

Read the whole story
JayM
1 day ago
reply
Atlanta, GA
Share this story
Delete

AIs Discovering Vulnerabilities

1 Share

I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in the wild, and everything in between. The AIs aren’t very good at it yet, but they’re getting better.

Here’s some anecdotal data from this summer:

Since July 2024, ZeroPath is taking a novel approach combining deep program analysis with adversarial AI agents for validation. Our methodology has uncovered numerous critical vulnerabilities in production systems, including several that traditional Static Application Security Testing (SAST) tools were ill-equipped to find. This post provides a technical deep-dive into our research methodology and a living summary of the bugs found in popular open-source tools.

Expect lots of developments in this area over the next few years.

This is what I said in a recent interview:

Let’s stick with software. Imagine that we have an AI that finds software vulnerabilities. Yes, the attackers can use those AIs to break into systems. But the defenders can use the same AIs to find software vulnerabilities and then patch them. This capability, once it exists, will probably be built into the standard suite of software development tools. We can imagine a future where all the easily findable vulnerabilities (not all the vulnerabilities; there are lots of theoretical results about that) are removed in software before shipping.

When that day comes, all legacy code would be vulnerable. But all new code would be secure. And, eventually, those software vulnerabilities will be a thing of the past. In my head, some future programmer shakes their head and says, “Remember the early decades of this century when software was full of vulnerabilities? That’s before the AIs found them all. Wow, that was a crazy time.” We’re not there yet. We’re not even remotely there yet. But it’s a reasonable extrapolation.

Read the whole story
JayM
1 day ago
reply
Atlanta, GA
Share this story
Delete

Kindle Paperwhite Signature (2024) review: A luxurious reading experience

1 Share

Amazon completely revamped its Kindle family in October when it debuted the entirely new Colorsoft ereader along with updated generations of the other three existing models: the standard Kindle, the Paperwhite and the Scribe E Ink tablet. The new Paperwhite has a slightly larger screen, a bigger battery and a more powerful processor that Amazon combined with E Ink tech to make page turns faster. This Paperwhite again comes in a Signature Edition, which adds wireless charging, an auto-adjusting front light and extra storage — all for $200, which is $10 more than the previous Signature Edition.

The standard Kindle also got a $10 price bump, leaving the same $90 gap between Amazon’s cheapest model and the Signature Edition. I tested both to see whether the price difference between the two is worth it. The higher-end model is certainly posh, but the base model handles ereader basics well. Is the deluxe treatment that much better?

The company is calling the Paperwhite (Signature and standard) the “fastest Kindle ever” thanks to a new dual-core processor and an oxide thin-film transistor layer that enables quicker switching of the text and graphics on the page. That layer is also more transparent than the previous tech, so the on-page clarity has increased as well.

As for storage, the Paperwhite Signature gets 32GB, double that of the regular Paperwhite, which is the same treatment as the prior generations for both. They have a couple additional backlights this time: ten standard LEDs and nine warm ones for a total of 19.

The screen is a little larger at seven inches, up from 6.8, and sports the same 300 ppi resolution. Despite a larger battery capacity (with an estimated 12 weeks of live instead of just ten), the device is a fraction of a millimeter thinner than last time, and weighs just two-tenths of a gram more. It has the same IPX8 rating, meaning it can handle full submersion, and the back is made from a metallic plastic with a rubberized texture that’s easy to grip (so you’re less likely to accidentally dunk it in water). The bezels help with grip too, as they’re just wide enough to accommodate a thumb without triggering a page turn.

The hardware upgrades are subtle, but they add up to a downright elegant way to read books. Pulling up menus, opening new titles and turning pages are all speedier than any ereader I’ve tried. And ghosting is basically non-existent. The roomy screen displays text that’s crisper than a January morning and the auto-adjusting front lights are like a warm lantern lighting your way.

If I take any issue with the design of the Signature, it’s the placement of the power button at the bottom edge. One of the simple joys in this life (for me anyway) is eating while reading. That means I hold a book or ereader on the table in front of my plate as I shovel stir fry into my mouth. Often, resting the Signature on the bottom edge accidentally presses the power button, shutting off my read mid-forkful. Notably, this doesn't happen with the standard Kindle, even though the button is in the same place, simply because the smaller ereader isn’t heavy enough to trigger the button-press. The Signature also has a rubber grommet around the edge of the flush-front screen, which I don’t hate, but I do find myself distractedly fidgeting with it when I read.

A close up of the text on the Kindle Paperwhite Signature Edition
Photo by Amy Skorheim / Engadget

I sat the Paperwhite Signature next to other ereaders in my testing collection and compared the page-turn speeds, menu load times and scrolling refresh rates. Though the differences weren’t significant, the Signature was definitely faster. (But the Kobo Libra Colour is still the fastest at waking up after a sleep of longer than a few minutes.)

The Signature’s touch response is impeccable. I’ve accepted the fact that most ereader screens occasionally need an extra tap before they do what I want. Whether that’s turning a page or pulling up a menu, my first gesture sometimes goes unnoticed. Not here; the screen immediately responds to every swipe and tap I make. Unfortunately, sometimes that tap is unintentional, and other times the screen doesn’t respond the way I want — but it always responds.

That leads me to a couple of disappointments in the Paperwhite’s interface. Those misinterpreted taps were almost always page turns. The area that skips back in your reading is a narrow sliver on the left-hand side. Some people may plow forward in a book with no backwards glances, but I often find myself at the top of a new page with the realization that I’d been thinking about toast or Cristin Milioti for most of the last page and have no idea what’s going on. Then, when I tap to go back, I’m often taken forward, which confuses me more. To be fair, swipes are generally accurate — but I’m a tapper not a swiper.

This wouldn’t be a problem if the area for a back tap were wider — but you can’t adjust that. In fact, you can’t adjust the way your taps and swipes work at all. The middle of the top of the page accesses the header menu and a swipe down from the top brings up the quick settings panel. There’s no switching those gestures or the zones to suit your preference.

It’s unfortunate because that’s something both Kobo and Boox devices can do. Those readers also give you finer adjustments for the margins, line spacing, font weight and more. The options the Kindle does provide for the look of your text are honestly fine, though. And the Kindle gets points for letting you create and save themes made up of different combinations of fonts and layouts. Kobo doesn’t allow this and Boox can’t do it in its native reader app.

The Kindle Paperwhite Signature Edition is propped up on a bench near a backpack
Photo by Amy Skorheim / Engadget

Acquiring books you want to read is maybe one of the most important qualities in an ereader and Kindles have their strengths and weaknesses. These features aren’t unique to the Paperwhite, but it’s worth mentioning how Amazon’s book access compares to its competitors. The first thing to acknowledge is that the Amazon Kindle library is the largest, thanks to Amazon Exclusive books and self-published, Kindle Direct Publishing (KDP) titles. That said, if you mostly read titles from established publishers, you’ll find them on any reader.

Amazon’s devices are better for people who like to flit between reading and listening to a given book. Not only do you get a discount on an audiobook if you buy the ebook version, the Whispersync feature keeps track of where you are so you can swap between the formats and pick up the story at the right place. And if you’re active on Goodreads, a Kindle will also serve you better as the integration with (the Amazon-owned) site is baked-in.

What Kindles don’t support are ePubs with any digital rights management (DRM) other than its own. If you buy a book from a third party ebook store that uses Adobe DRM, you can’t read it on a Kindle — but you can on Kobo and Boox devices (with a few extra steps). Finally, you may want to consider how you’ll access books borrowed from your local library. Using either the Libby app on your phone or your local library’s website, you just need to choose the “send to Kindle” option for them to show up on your reader. It's worth noting that Kobo lets you search for and borrow library books from the device itself, and Boox devices let you do so from the Libby app directly.

The Kindle Paperwhite Signature Edition is propped up next to the regular kindle
Photo by Amy Skorheim / Engadget

The regular Paperwhite is $160 and the Signature Edition is $200. That’s a $40 increase that may make sense for some, but probably not for most people. The three add-ons (extra storage, wireless charging and auto-adjusting light) are handy, but won’t dramatically improve your reading experience. If you like having offline access to lots of audiobooks, the larger 32GB capacity might be worth it. But if you mostly read ebooks (and/or use your phone for audiobooks, which makes more sense to me), the 16GB-capacity should be more than enough for years of library expansion.

The auto-adjusting front light on the Signature Edition is responsive and calibrates the light to the environment pretty well. I still need to manually lower it in a fully dark room, so it’s not fully hands-off, plus it’s easy enough to adjust. The separate warm light (which you get with the regular Paperwhite) is the more critical feature anyway, as it makes reading into the wee hours of the night far more pleasant. The final Signature-only feature, wireless charging, is probably the least important — you only charge these things once every other month at the most. How you do so feels inconsequential.

So if you save $40 by not going with the Signature model, does it make sense to save even more by going with the $110 standard Kindle? That’s harder to answer. The base Kindle has the same 300 ppi resolution, the same storage capacity, the same font and layout options and access to the same audio- and ebooks as the standard Paperwhite. But the Kindle’s screen is smaller, the device is not waterproof, the battery lasts half as long and there’s no warm light. Touch responsiveness isn’t quite as good and page turns are slightly slower (though the difference on both counts is minor).

Honestly, the lack of a warm light on the base Kindle is the only major drawback. It’s far more enjoyable to read the softer yellowish screens of either Paperwhite than the harsher blue of the base model. But I found myself getting used to it fairly quickly, and I probably noticed the difference most when switching back and forth between the two — something most people won’t do.

The new Kindle rests on a backdrop of moss and stone
Photo by Amy Skorheim / Engadget

In short, the Kindle Paperwhite and the new Paperwhite Signature offer a more premium reading experience. The flush front screen and soft-touch back feel more upscale. The larger screen feels like the difference between reading a mass market paperback and a trade paperback, which isn’t to say the standard Kindle feels cramped, it’s just smaller. I see the Paperwhite (especially the Signature model) appealing to people who want the most elevated reading experience — the crispest text, the least lag, the swankiest feel. And the regular Kindle is perfect for those who just want the most direct line to reading nearly any book they want.

It comes down to whether you think a heightened experience will make you read more. If so, then it’s probably worth the price jump in the long run. But if you’re just looking for a no-frills way to read books, go for the base Kindle. Even though it’s less high-end, it feels more durable and more portable. The smaller size can fit in a back pocket and you may be more apt to toss it in a cluttered bag — all of which may very well mean you read more, and, really, that’s the whole point of any ereader.

This article originally appeared on Engadget at https://www.engadget.com/mobile/tablets/kindle-paperwhite-signature-2024-review-a-luxurious-reading-experience-163036611.html?src=rss



Read the whole story
JayM
1 day ago
reply
Atlanta, GA
Share this story
Delete

We're Leaving Kubernetes

1 Share
Comments
Read the whole story
JayM
1 day ago
reply
Atlanta, GA
Share this story
Delete

12 Must-Read Books Every Tech Leader Needs to Succeed as a Product Manager

1 Share
Many professionals transition to product management from various fields like DevOps, data science, and marketing. This role requires new skills in market research, stakeholder engagement, and change management. Recommended books cover responsibilities, strategy, and innovation, essential for success in product management, especially for those with a tech background.

Read the whole story
JayM
1 day ago
reply
Atlanta, GA
Share this story
Delete
Next Page of Stories