Polls

Is there an unsecured wireless network near you?
 
Cisco issues blizzard of end-of-life notices for Nexus 3K and 7K switches
Tuesday, 09 March 2021 13:01

HTTP/2 200 date: Wed, 10 Mar 2021 01:00:21 GMT content-type: text/html; charset=UTF-8 link: ; rel=preload; as=script;,/1b387ba30041f22d29b5521abbd2ecfcece4e626/javascript/_.js>; rel=preload; as=script;,/default/9277d5e4a37a3331652249e94986076b1fc57573/scaffolding.css>; rel=preload; as=style;,/default/9277d5e4a37a3331652249e94986076b1fc57573/design.css>; rel=preload; as=style;,/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/arimo-700.latin.woff2>; rel=preload; as=font; crossorigin;,/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/arimo-400.latin.woff2>; rel=preload; as=font; crossorigin; cache-control: max-age=0 expires: Wed, 10 Mar 2021 01:00:21 GMT vary: Accept-Encoding x-reg-bofh: pfy01us x-clacks-overhead: GNU Terry Pratchett, Lester Haines cf-cache-status: DYNAMIC cf-request-id: 08bb3f3aa800003776251da000000001 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server: cloudflare cf-ray: 62d89b0aaa633776-MEL Cisco issues blizzard of end-of-life notices for Nexus 3K and 7K switches • The Register

Service options decline starting next year... so there may be a Nexus 9K switch in your future


Cisco has in recent days issued a blizzard of end-of-life and end-of-sale announcement for switches in its Nexus 3000 and Nexus 7000 ranges.

By The Register’s count, the networking giant has announced that the 18 devices, listed below, across the ranges will soon be sent to the knacker's yard.

The initial batch of notices advised users that the listed devices would not be sold after late August 2021, with shipments to end in November of the same year and support services dwindling as of August 2022. November 2025 was set as the last date on which a service contract could be renewed.

However, Chipzilla has since updated a handful of the notices and extended some of the deadlines mentioned above by as much as 18 months. You can find the 3K notices here and the 7K notices here. The last day of hardware support will be sometime in 2026 or 2027, depending on the model.

Cisco constantly retires products, though The Register has not seen quite so many end-of-life announcements land in such a short period of time. We asked Chipzilla what’s up.

Cisco issues blizzard of end-of-life notices for Nexus 3K and 7K switches

A switch with just 49 ns latency? What strange magic is this?

READ MORE

A spokesperson told us that it’s business as usual.

“Many of the models referenced in the announcements were introduced over 10 years ago and were replaced by newer models in the Nexus 9000 series switches,” we were told. Newer models from the 9K range are offered “as migration options for the Nexus 3000 and Nexus 7000 products included in the EoL announcements.”

The spokesperson also pointed out that the Nexus 3K series continues to evolve, with new 3500-series devices infused with tech drawn from Australian company Exablaze that aimed its wares at high-frequency traders and other latency-intolerant users.

“We continue to invest in the portfolio,” Cisco said.

Switches are almost commodities these days and, in many applications, can happily chug along for years without much need for intervention or network redesign. It's entirely possible that users could keep the 3K and 7K devices Cisco is killing off in production until Chipzilla stops providing security updates. Cisco would rather you don’t adopt that mindset and instead take up its intent-based networking push that is more-fully-supported in its more recent products.

Here's the list of recently retired 3K and 7K products... ®

  • N3K-C3172PQ
  • N3K-C3172PQ-XL
  • N3K-C3172TQ
  • N3K C3172TQ-XL
  • N3K-C31128PQ
  • N3K-C3132C-Z
  • N3K-C3264C-E
  • N7K-M348XP-25L
  • N7K-M324FQ-25L
  • N7K-F348XP-25
  • N7K-F312FQ-25
  • N7K-F306CK-25
  • N7K-F248XT-25E
  • N7K-SUP2
  • N7K-SUP2E
  • N7K-C7010-FAB-2
  • N7K-C7004
  • N7K-C7009

SolarWinds just keeps getting worse: New strain of backdoor malware found in probe Plus: McAfee's in serious trouble over claimed cryptocurrency scam

In brief Another form of malware has been spotted on servers backdoored in the SolarWinds' Orion fiasco.

The strain, identified as SUNSHUTTLE by FireEye, is a second-stage backdoor written in Go which uses HTTPS to communicate with a command-and-control server for data exfiltration, adding new code as needed. Someone based in the US, perhaps at an infected organization, uploaded the malware to a public malware repository in August last year for analysis, well before the cyber-spying campaign became public.

Brandon Wales, acting director of the US Cybersecurity and Infrastructure Agency, warned it could take 18 months to clean up this mess, and that's looking increasingly likely.

Continue reading
Intel CPU interconnects can be exploited by malware to leak encryption keys and other info, academic study finds Side-channel ring race 'hard to mitigate with existing defenses'

Chip-busting boffins in America have devised yet another way to filch sensitive data by exploiting Intel's processor design choices.

Doctoral student Riccardo Paccagnella, master's student Licheng Luo, and assistant professor Christopher Fletcher, all from the University of Illinois at Urbana-Champaign, delved into the way CPU ring interconnects work, and found they can be abused for side-channel attacks. The upshot is that one application can infer another application's private memory and snoop on the user's key presses.

"It is the first attack to exploit contention on the cross-core interconnect of Intel CPUs," Paccagnella told The Register. "The attack does not rely on sharing memory, cache sets, core-private resources or any specific uncore structures. As a consequence, it is hard to mitigate with existing side channel defenses."

Continue reading
Remember that day in 2020 when you were asked to get the business working from home – by tomorrow? IT pros from orgs large and small tell The Reg the tech delivered, mostly, tho couriers, home Wi-Fi suddenly became their problem

Covid Logfile Brianna Haley was given one day to be ready to roll out Zoom for 13,000 users at over 1,000 sites.

Haley* is a project analyst for a large healthcare provider that, as COVID-19 marched across the world in March 2020, realised imminent lockdowns meant it would soon be unable to consult with patients.

And no consultations meant no revenue.

Continue reading
Just when you thought it was safe to enjoy a beer: Beware the downloaded patch applied in haste Let us tell you a tale of the Mailman's Apprentice

Who, Me? The weekend is over and Monday is here. Celebrate your IT prowess with another there-but-for-the-grace confession from the Who, Me? archives.

Our tale, from a reader the Regomiser has elected to dub "Simon", takes us back to the early part of this century and to an anonymous antipodean institution of learning.

Simon was working at the local Student Union (or "guild" as the locals called it), which was having problems with uppity education staff censoring the emissions of students. Simon was therefore commissioned to set up a fully independent newsletter.

Continue reading
The torture garden of Microsoft Exchange: Grant us the serenity to accept what they cannot EOL Time to fix those legacy evils, though.... right?

Column It is the monster which corrupts all it touches. It is an energy-sucking vampire that thrives on the pain it promotes. It cannot be killed, but grows afresh as each manifestation outdoes the last in awfulness and horror. It is Microsoft Exchange and its drooling minion, Outlook.

Let us start with the most numerous of its victims, the end users. Chances are, you are one. You may be numbed by lifelong exposure, your pain receptors and critical faculties burned out though years of corrosion. You might be like me, an habitual avoider whose work requirements periodically force its tentacles back in through the orifices.

I have recently started to use it through its web interface, where it doesn’t update the unread flags, hides attachments, multiplies browser instances, leaves temp files all over my download directory, tangles threads, botches searchers and so on.

Continue reading
US National Security Council urges review of Exchange Servers in wake of Hafnium attack Don't just patch, check for p0wnage, says top natsec team

The Biden administration has urged users of Microsoft's Exchange mail and messaging server to ensure they have not fallen victim to the recently-detected "Hafnium" attack on Exchange Server that Microsoft says originated in China.

Microsoft revealed the attack last week and released Exchange security updates.

The Biden administration’s Cybersecurity and Infrastructure Security Agency (CISA) followed up with a March 5 general advisory encouraging upgrades to on-premises Exchange environments. Another advisory on 6 March upped the ante as follows:

Continue reading
Delayed, overbudget and broken. Of course Microsoft's finest would be found in NASA's Orion In Space No One Can Hear You Scream (as Windows crashes again)

BORK!BORK!BORK! Getting astronauts to the Moon or Mars is the least of NASA's problems. Persuading Microsoft Windows not to fall over along the way is apparently a far greater challenge.

Spotted by Register reader Scott during a visit to the otherwise excellent Space Center Houston, there is something all too real lurking within the mock-up of the Orion capsule in which NASA hopes to send its astronauts for jaunts beyond low Earth orbit.

Clutched in the hand of a mannequin posed in the capsule's hatch is a reminder of both how old space tech tends to be and a warning for space-farers intending to take Microsoft's finest out for a spin.

Continue reading
Name True, iCloud access false: Exceptional problem locks online storage account, stumps Apple customer service You're naming yourself wrong?

An iCloud customer says she spent more than six hours on the phone to Apple after being locked out of the service because her name is apparently incompatible with the application code.

"Actor, author, artist" Rachel True posted on Twitter about an error with the iCloud application, an unhandled exception with "Type error: cannot set value `true` to property `lastName`."

It seems that her name was interpreted as a Boolean value instead of a string, a common programming problem especially in dynamic languages which are more flexible about variable types.

Continue reading
NASA shows Mars that humans can drive a remote control space tank at .01 km/h Perseverance takes first drive around landing spot named in honor of seminal sci-fi author Octavia E. Butler

NASA’s Perseverance rover trekked across Mars for the first time last Thursday, March 4, 2021.

The vehicle went four whole meters forward, turned 150 degrees to the left, then moved another two-and-a-half meters. The entire drive covered a whopping 6.5 m (21.3 feet) across Martian terrain. The journey took about 33 minutes.

The Register ran that through a calculator and deduces the nuclear powered laser-equipped space tank, aka Perseverance, sped along at the astounding velocity of .01km/h, quite a comedown from the 19,310 km/h at which it entered the red planet’s atmosphere.

Continue reading
University of the Highlands and Islands shuts down campuses as it deals with 'ongoing cyber incident' Ten letters, starts with R, ends with E, three syllables

The University of the Highlands and Islands (UHI) in Scotland is fending off "an ongoing cyber incident" that has shut down its campuses.

In a message to students and staff yesterday afternoon, the institution, which spans 13 locations across the northernmost part of the UK, warned that "most services" – including its Brightspace virtual learning environment – were affected.

"We are currently working to isolate and minimise impact from this incident with assistance from external partners. We do not believe personal data has been affected," said the university, adding: "The source of the incident is not yet known."

Continue reading

HTTP/2 200 date: Wed, 10 Mar 2021 01:00:21 GMT content-type: text/html; charset=UTF-8 link: ; rel=preload; as=script;,/1b387ba30041f22d29b5521abbd2ecfcece4e626/javascript/_.js>; rel=preload; as=script;,/default/9277d5e4a37a3331652249e94986076b1fc57573/scaffolding.css>; rel=preload; as=style;,/default/9277d5e4a37a3331652249e94986076b1fc57573/design.css>; rel=preload; as=style;,/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/arimo-700.latin.woff2>; rel=preload; as=font; crossorigin;,/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/arimo-400.latin.woff2>; rel=preload; as=font; crossorigin; cache-control: max-age=0 expires: Wed, 10 Mar 2021 01:00:21 GMT vary: Accept-Encoding x-reg-bofh: pfy01us x-clacks-overhead: GNU Terry Pratchett, Lester Haines cf-cache-status: DYNAMIC cf-request-id: 08bb3f3aa800003776251da000000001 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server: cloudflare cf-ray: 62d89b0aaa633776-MEL Cisco issues blizzard of end-of-life notices for Nexus 3K and 7K switches • The Register

Service options decline starting next year... so there may be a Nexus 9K switch in your future


Cisco has in recent days issued a blizzard of end-of-life and end-of-sale announcement for switches in its Nexus 3000 and Nexus 7000 ranges.

By The Register’s count, the networking giant has announced that the 18 devices, listed below, across the ranges will soon be sent to the knacker's yard.

The initial batch of notices advised users that the listed devices would not be sold after late August 2021, with shipments to end in November of the same year and support services dwindling as of August 2022. November 2025 was set as the last date on which a service contract could be renewed.

However, Chipzilla has since updated a handful of the notices and extended some of the deadlines mentioned above by as much as 18 months. You can find the 3K notices here and the 7K notices here. The last day of hardware support will be sometime in 2026 or 2027, depending on the model.

Cisco constantly retires products, though The Register has not seen quite so many end-of-life announcements land in such a short period of time. We asked Chipzilla what’s up.

A switch with just 49 ns latency? What strange magic is this?

READ MORE

A spokesperson told us that it’s business as usual.

“Many of the models referenced in the announcements were introduced over 10 years ago and were replaced by newer models in the Nexus 9000 series switches,” we were told. Newer models from the 9K range are offered “as migration options for the Nexus 3000 and Nexus 7000 products included in the EoL announcements.”

The spokesperson also pointed out that the Nexus 3K series continues to evolve, with new 3500-series devices infused with tech drawn from Australian company Exablaze that aimed its wares at high-frequency traders and other latency-intolerant users.

“We continue to invest in the portfolio,” Cisco said.

Switches are almost commodities these days and, in many applications, can happily chug along for years without much need for intervention or network redesign. It's entirely possible that users could keep the 3K and 7K devices Cisco is killing off in production until Chipzilla stops providing security updates. Cisco would rather you don’t adopt that mindset and instead take up its intent-based networking push that is more-fully-supported in its more recent products.

Here's the list of recently retired 3K and 7K products... ®

  • N3K-C3172PQ
  • N3K-C3172PQ-XL
  • N3K-C3172TQ
  • N3K C3172TQ-XL
  • N3K-C31128PQ
  • N3K-C3132C-Z
  • N3K-C3264C-E
  • N7K-M348XP-25L
  • N7K-M324FQ-25L
  • N7K-F348XP-25
  • N7K-F312FQ-25
  • N7K-F306CK-25
  • N7K-F248XT-25E
  • N7K-SUP2
  • N7K-SUP2E
  • N7K-C7010-FAB-2
  • N7K-C7004
  • N7K-C7009

SolarWinds just keeps getting worse: New strain of backdoor malware found in probe Plus: McAfee's in serious trouble over claimed cryptocurrency scam

In brief Another form of malware has been spotted on servers backdoored in the SolarWinds' Orion fiasco.

The strain, identified as SUNSHUTTLE by FireEye, is a second-stage backdoor written in Go which uses HTTPS to communicate with a command-and-control server for data exfiltration, adding new code as needed. Someone based in the US, perhaps at an infected organization, uploaded the malware to a public malware repository in August last year for analysis, well before the cyber-spying campaign became public.

Brandon Wales, acting director of the US Cybersecurity and Infrastructure Agency, warned it could take 18 months to clean up this mess, and that's looking increasingly likely.

Continue reading
Intel CPU interconnects can be exploited by malware to leak encryption keys and other info, academic study finds Side-channel ring race 'hard to mitigate with existing defenses'

Chip-busting boffins in America have devised yet another way to filch sensitive data by exploiting Intel's processor design choices.

Doctoral student Riccardo Paccagnella, master's student Licheng Luo, and assistant professor Christopher Fletcher, all from the University of Illinois at Urbana-Champaign, delved into the way CPU ring interconnects work, and found they can be abused for side-channel attacks. The upshot is that one application can infer another application's private memory and snoop on the user's key presses.

"It is the first attack to exploit contention on the cross-core interconnect of Intel CPUs," Paccagnella told The Register. "The attack does not rely on sharing memory, cache sets, core-private resources or any specific uncore structures. As a consequence, it is hard to mitigate with existing side channel defenses."

Continue reading
Remember that day in 2020 when you were asked to get the business working from home – by tomorrow? IT pros from orgs large and small tell The Reg the tech delivered, mostly, tho couriers, home Wi-Fi suddenly became their problem

Covid Logfile Brianna Haley was given one day to be ready to roll out Zoom for 13,000 users at over 1,000 sites.

Haley* is a project analyst for a large healthcare provider that, as COVID-19 marched across the world in March 2020, realised imminent lockdowns meant it would soon be unable to consult with patients.

And no consultations meant no revenue.

Continue reading
Just when you thought it was safe to enjoy a beer: Beware the downloaded patch applied in haste Let us tell you a tale of the Mailman's Apprentice

Who, Me? The weekend is over and Monday is here. Celebrate your IT prowess with another there-but-for-the-grace confession from the Who, Me? archives.

Our tale, from a reader the Regomiser has elected to dub "Simon", takes us back to the early part of this century and to an anonymous antipodean institution of learning.

Simon was working at the local Student Union (or "guild" as the locals called it), which was having problems with uppity education staff censoring the emissions of students. Simon was therefore commissioned to set up a fully independent newsletter.

Continue reading
The torture garden of Microsoft Exchange: Grant us the serenity to accept what they cannot EOL Time to fix those legacy evils, though.... right?

Column It is the monster which corrupts all it touches. It is an energy-sucking vampire that thrives on the pain it promotes. It cannot be killed, but grows afresh as each manifestation outdoes the last in awfulness and horror. It is Microsoft Exchange and its drooling minion, Outlook.

Let us start with the most numerous of its victims, the end users. Chances are, you are one. You may be numbed by lifelong exposure, your pain receptors and critical faculties burned out though years of corrosion. You might be like me, an habitual avoider whose work requirements periodically force its tentacles back in through the orifices.

I have recently started to use it through its web interface, where it doesn’t update the unread flags, hides attachments, multiplies browser instances, leaves temp files all over my download directory, tangles threads, botches searchers and so on.

Continue reading
US National Security Council urges review of Exchange Servers in wake of Hafnium attack Don't just patch, check for p0wnage, says top natsec team

The Biden administration has urged users of Microsoft's Exchange mail and messaging server to ensure they have not fallen victim to the recently-detected "Hafnium" attack on Exchange Server that Microsoft says originated in China.

Microsoft revealed the attack last week and released Exchange security updates.

The Biden administration’s Cybersecurity and Infrastructure Security Agency (CISA) followed up with a March 5 general advisory encouraging upgrades to on-premises Exchange environments. Another advisory on 6 March upped the ante as follows:

Continue reading
Delayed, overbudget and broken. Of course Microsoft's finest would be found in NASA's Orion In Space No One Can Hear You Scream (as Windows crashes again)

BORK!BORK!BORK! Getting astronauts to the Moon or Mars is the least of NASA's problems. Persuading Microsoft Windows not to fall over along the way is apparently a far greater challenge.

Spotted by Register reader Scott during a visit to the otherwise excellent Space Center Houston, there is something all too real lurking within the mock-up of the Orion capsule in which NASA hopes to send its astronauts for jaunts beyond low Earth orbit.

Clutched in the hand of a mannequin posed in the capsule's hatch is a reminder of both how old space tech tends to be and a warning for space-farers intending to take Microsoft's finest out for a spin.

Continue reading
Name True, iCloud access false: Exceptional problem locks online storage account, stumps Apple customer service You're naming yourself wrong?

An iCloud customer says she spent more than six hours on the phone to Apple after being locked out of the service because her name is apparently incompatible with the application code.

"Actor, author, artist" Rachel True posted on Twitter about an error with the iCloud application, an unhandled exception with "Type error: cannot set value `true` to property `lastName`."

It seems that her name was interpreted as a Boolean value instead of a string, a common programming problem especially in dynamic languages which are more flexible about variable types.

Continue reading
NASA shows Mars that humans can drive a remote control space tank at .01 km/h Perseverance takes first drive around landing spot named in honor of seminal sci-fi author Octavia E. Butler

NASA’s Perseverance rover trekked across Mars for the first time last Thursday, March 4, 2021.

The vehicle went four whole meters forward, turned 150 degrees to the left, then moved another two-and-a-half meters. The entire drive covered a whopping 6.5 m (21.3 feet) across Martian terrain. The journey took about 33 minutes.

The Register ran that through a calculator and deduces the nuclear powered laser-equipped space tank, aka Perseverance, sped along at the astounding velocity of .01km/h, quite a comedown from the 19,310 km/h at which it entered the red planet’s atmosphere.

Continue reading
University of the Highlands and Islands shuts down campuses as it deals with 'ongoing cyber incident' Ten letters, starts with R, ends with E, three syllables

The University of the Highlands and Islands (UHI) in Scotland is fending off "an ongoing cyber incident" that has shut down its campuses.

In a message to students and staff yesterday afternoon, the institution, which spans 13 locations across the northernmost part of the UK, warned that "most services" – including its Brightspace virtual learning environment – were affected.

"We are currently working to isolate and minimise impact from this incident with assistance from external partners. We do not believe personal data has been affected," said the university, adding: "The source of the incident is not yet known."

Continue reading

Source: https://bit.ly/3l1Ol2N