Category Archives: Security

Panel Discussion of Abandonware (in an IoT Context)

Posted on by
Reply

During the past couple years, the good folks over at Gestalt IT have been working to find more ways to make sure that the Tech Field Day delegates feel that their time has been valued and put to good use. One of the ways they’ve been doing that is to use some of the down time to record podcasts.

At one of the Storage Field Days I attended, I was fortunate enough to get the opportunity to sit on a podcast panel to discuss “abandonware” — especially in the context of the Internet of Things (IoT).

What’s abandonware? It’s what happens when you have a networked device that still works, but is no longer supported by its manufacturer — or worse, whose manufacturer has gone out of business. Lack of support for the device means no more software updates, which means no security patches. Unpatched devices on your network leave your network vulnerable. Continue reading

More Heartbleed Protection: Update VMware Horizon View Client on Your Mobile Devices

Posted on by
Reply

The industry is still cleaning up following the news about the Heartbleed bug in OpenSSL. VMware has released updated versions of the Horizon View Client for both Android and iOS.

The easiest way to ensure you’re safe from the Heartbleed vulnerability is to check to see if there’s an update to the View Client available for your device, and if there is, install it. You can do this on Android by going to the Google Play Store and then selecting “My Apps”. On iOS, go to the App Store and select “Updates”.

If you want to be sure, here are instructions for confirming that you’re running a “Heartbleed-safe” version of the client. Continue reading

Update OpenSSL on Isilon InsightIQ – Avoid the Heartbleed Vulnerability

Posted on by
2

[Instructions found herein are based upon the work of multiple other folks in this thread in the Isilon Support Forum.]

By now, you’re likely aware of the “Heartbleed” security vulnerability in the OpenSSL cryptography library. If you have an Isilon cluster, you might be wondering if it’s affected. The good news is that all versions of OneFS are Heartbleed-free.

However, if you’re also running the InsightIQ monitoring software, it might be vulnerable, depending on the version. Here’s what you need to know to find out if your cluster is affected — and what to do about it if it is. Continue reading