Archive

Category Archives for "Russ White"

Weekend Reads 051923


When it comes to understanding what exactly confidential computing entails, it all begins with a trusted execution environment (TEE) that is rooted in hardware.


So, just for fun, we pulled out the trust Excel spreadsheet and tried to estimate what the feeds and speeds of the MI300 and the MI300A GPUs, the latter of which will be at the heart of the El Capitan system might be. Y


The popular PC storage manufacturer, Western Digital, has confirmed that it experienced a network security breach earlier this year, in which an unauthorized third party gained control of several of its systems.


How bad is the human security weakness problem? Verizon’s 2022 Data Breaches Investigations Report says 82 percent of data breaches have human involvement.


On 13 April 2023, through our recently launched Threat Intelligence Data Feeds (TIDF), we identified more than 1 million suspicious and malicious domains that figured in phishing, malware distribution, spam, and other cyber attacks, such as brute-force and distributed denial-of-service (DDoS) attacks.


Although honeypots are an effective solution for tracking attackers and preventing data theft, they have yet to be widely adopted due to their setup and maintenance difficulties.


If you want to get a sense of Continue reading

Hedge 178: Defined Trust Transport with Kathleen Nichols

The Internet of Things is still “out there”—operators and individuals are deploying millions of Internet connected devices every year. IoT, however, poses some serious security challenges. Devices can be taken over as botnets for DDoS attacks, attackers can take over appliances, etc. While previous security attempts have all focused on increasing password security and keeping things updated, Kathleen Nichols is working on a new solution—defined trust transport in limited domains.

Join us on for this episode of the Hedge with Kathleen to talk about the problems of trusted transport, the work she’s putting in to finding solutions, and potential use cases beyond IoT.

download

You can find Kathleen at Pollere, LLC, and her slides on DeftT here.

Weekend Reads 051223


Cybersecurity researchers have uncovered weaknesses in a software implementation of the Border Gateway Protocol (BGP) that could be weaponized to achieve a denial-of-service (DoS) condition on vulnerable BGP peers.


Enter OpenTelemetry, which provides a vendor-neutral standard for telemetry data, as well as the necessary tools to collect and export data from cloud-native applications.


DevEx drives business performance through increased efficiency, product quality, and employee retention.


Last January, thousands of users of two popular open source libraries, “faker” and “colors,” were shocked to see their applications breaking and showing gibberish data after being infected with a malicious package.


Netskope, a leader in Secure Access Service Edge (SASE), today unveiled new research confirming that attackers are finding new ways to evade detection and blend in with normal network traffic using HTTP and HTTPS to deliver malware.


In keeping with WhoisXML API’s mission to make the Internet a transparent and safe place for users, we expanded the list of IoCs in hopes of identifying social media pages that could already be serving or used to serve as fraud vehicles.


According to research carried out across a sample of over failed 17,000 hard drives, the failure occurred after only two years and 6 months. Continue reading

Upcoming Course: Data Center Fabrics

On the 19th and 22nd (Friday and Monday) I’m teaching the two-part series on Data Center Fabrics and Control Planes over at Safari Books Online. This is six hours total training covering everything from Clos fabrics to eVPN.

Register here.

If you register for the course you can access a recording at a later date. From Safari:

This class consists of two three-hour sessions. The first session will focus on the physical topology, including a short history of spine-and-leaf fabrics, the characteristics of fabrics (versus the broader characteristics of a network), and laying out a spine-and-leaf network to support fabric lifecycle and scaling the network out. The first session will also consider the positive and negative aspects of using single- and multi-forwarding engine (FE) devices to build a fabric, and various aspects of fabric resilience. The second session will begin with transport considerations and quality of experience. The session will then consider underlay control planes, including BGP and IS-IS, and the positive and negative aspects of each. Routing to the host and the interaction between the control plane and automation will be considered in this session, as well. EVPN as an overlay control plane will be considered next, and finally Continue reading

Weekend Reads 050523


The past decade has seen numerous reports of so-called cloud “repatriations”–the migration of applications back to on-premises venues following negative experiences with, or unsuccessful migrations to, the public cloud.


While agile software development is often associated with specific methodologies, such as Scrum, Kanban, and Extreme Programming it is not enough to just follow such a methodology.


The heady, exciting days of ChatGPT and other generative AI and large-language models (LLMs) is beginning to give way to the understanding that enterprises will need to get a tight grasp on how these models are being used in their operations or they will risk privacy, security, legal, and other problems down the road.


When deploying changes to an application, there are several strategies you can use.


The sad story of OAuth 2.0 and open standards.


Payment Card Industry Data Security Standard (PCI DSS) was developed and established to foster a safe cardholder data practice in the industry.


While the DNS (Web2) has been a reliable and trusted internet standard for decades, Web3 platforms (such as ENS, Handshake and Unstoppable) are a relatively new technology deployment that presents unique and different features.


In this blog post, we at the University Grenoble Alpes (France) Continue reading

Weekend Reads 042823


There has always been some concern about undersea fibers. Countries fear that sabotage of the fibers connected to their shores could result in being isolated from the Internet.


Do your employees use unauthorized SaaS apps? The average organization has over 100 SaaS apps, many unsanctioned by IT, posing a serious security risk.


A proposed permanent network of electromagnetic monitoring stations across the continental US, operating in tandem with a machine learning (ML) algorithm, could facilitate accurate predictions of geomagnetic disturbances (GMDs).


We may be seeing an equally dramatic transformation of chip design right now, this time with the use of AI to drive designs.


But for now it”s exciting to see what ChatGPT has already been able to do. At some level it”s a great example of the fundamental scientific fact that large numbers of simple computational elements can do remarkable and unexpected things.


He”s sharing the story of JSON, his discovery of JavaScript”s good parts, and his approach to finding a simple way to build software.


Back in January of this year, we studied the infrastructure of Ducktail, a malware that trailed its sights on Facebook business owners and advertisers.


The Philippines is an archipelago comprising three major island Continue reading

Hedge 176: OpenAI, ChatGPT, and the Cost of a Data Center

It’s time for the April Hedge roundtable! This month Eyvonne, Russ, and Tom are talking about OpenAI, the hype around AI, the “pause letter” and the lack of a real conversation, and the rising costs of building and operating a data center. As always, let us know if you have topics you’d like to hear us talk about, or guests you’d like to hear.

Thanks for listening!

download

Controversial Reads 042223


Tech companies are embedding these deeply flawed models into all sorts of products, from programs that generate code to virtual assistants that sift through our emails and calendars.


On the morning of October 14, 2020, I caught a firsthand glimpse of what it’s like for a traditional media outlet to go up against the vast agglomeration of economic and digital power known as Big Tech—and to do so without the benefit of what economist John Kenneth Galbraith defined as countervailing power.


Former Google CEO Eric Schmidt said that artificial intelligence could hurt American politics and needs to be reined in.


The National Assembly’s decision to greenlight the bill followed months of debate about one section in particular — Article 7 — which permits the use of AI-assisted video surveillance technology by law enforcement during and up to six months after the Games.


Calling a business, civic organization, or even school a family may be well-intended but comes with unintended consequences that do an injustice to the necessary commitments that should be made to our actual families.


If normal means mass layoffs, empty office buildings, confusing return-to-office policies, AI panic, and the whiplash-y feeling that just when employees were Continue reading

Weekend Reads 042123

A new report from analyst firm Omdia suggests operators’ best chance of growth in the consumer market comes from partnering with Big Tech.


In a 2023 survey of cybersecurity leaders, 51% said they believe an AI-based tool like ChatGPT will be used in a successful data breach within the next year.


When folks ask me for an estimate of the cost of building aerial fiber, I always say that the cost is dependent upon the amount of required make-ready needed. Make-ready is well-named – it’s any work that must be done on poles to be ready to string the new fiber.


On 10 February 2023, Reddit announced it suffered a security incident where a phishing campaign led an employee to a website that imitated the network’s intranet gateway.


This video looks at various Kubernetes vulnerabilities and their severity scores to help you understand how to evaluate CVEs so you can prioritize remediation. It also shows different options and sources of CVEs.


It is almost 25 years since the Internet was privatized by the U.S. government. ICANN was formed by Esther Dyson and Jon Postel as a California-based non-profit with the responsibility to administer the Internet.


The series glamourized Continue reading

Hedge 175: Mike B on Personal Superpowers

When the economy starts contracting, career advisors start talking about the importance of “soft skills.” What are “soft skills,” exactly—and why are they “soft?” Mike Bushong joins Tom Amman and Russ White to talk about why these skills are important, why they are not “soft,” and how we should talk about people skills instead. They are superpowers,” and there isn’t anything “soft” about them.

 
download

On the ‘net: The CCIE Shuffle Podcast

The Cisco Certified Design Expert (CCDE) exam was launched in 2007, but not many people know what the main objectives of the certification were at the time. Who better to enlighten us on some of the thought process and reasons behind the exam being created than one of the original development team? In this podcast, we are extremely humbled to be joined by networking industry legend, Russ White who spoke about his career, how he got into networking and some insights on the CCDE concept and how it came to fruition in the early 2000s!

On the ‘net: Privacy and IPv6 Renumbering

One of the biggest advantages of IPv6, from a network administration perspective, is the ease of renumbering. While IPv4 networks can be renumbered using DHCP, the process of changing the address of every device on a network is always fraught with unexpected challenges. People (like me) have a habit of manually assigning printers and network attached storage devices a fixed address so they will be easy to find and use.

Hedge 174: Javier Antich and Cloud AI

ChatGPT has broken through the hype barrier and brought AI hype to the larger world. But what does AI mean to network engineers? We’ve talked about AI driven network management for years, and commercial products abound, but what does it really mean to move from the automation driven configuration to AI driven decision-making? Javier Antich joins Tom Ammon and Russ White for this episode of the Hedge to talk about cloud AI for network engineers.

download

You can learn more about cloud AI in Javier’s new book.

Weekend Reads 041423


Four major US mobile operators have agreed to a series of undertakings designed to address concerns over airline safety and to allow them to use their C-band spectrum to its full extent.


The result of this effort, Intel Max Series GPU formerly known by the code name Ponte Vecchio, packs 100 billion transistors and 47 tiles onto five process nodes. Beyond that, they include two packaging innovations, EMIB 2.5D and Foveros 3D technology, and stack tiles atop one another for greater processor density.


According to various statistics, there are somewhere around 330 billion emails being sent every day, approximately 3.82 million per second. Who reads all these emails?


In the ongoing AI revolution, images and text are yesterday’s news, leaving audio as a new frontier to explore, and incredible progress has already been made. Here are six examples of AI audio generation that will leave you speechless.


The secret to unlocking the full potential of quantum networking may be hiding at the center of a diamond, according to Amazon Web Services. This week, AWS popped the question to De Beers subsidiary Element Six in the hope of finding it.


Year-over-year global VC funding dropped precipitously in Q1 Continue reading

Privacy And Networking Part 8: IPv6 Addresses And Privacy

One of the biggest advantages of IPv6 is the ease of renumbering thanks to SLAAC and DHCPv6. Easy renumbering of IPv6 addresses should, in theory, make some privacy protection methods easy to implement. Here's how it works, and and how it doesn't solve all privacy problems.

The post Privacy And Networking Part 8: IPv6 Addresses And Privacy appeared first on Packet Pushers.

Weekend Reads 040723


What it is about is how very few companies have access to the raw AI models that are transforming the world, the curated datasets that have been purged of bias (to one degree or another) that are fundamental to training AI systems using machine learning techniques, the model weights and checkpoints that are key to tuning a model, and the money to either build or rent the capacity to bring the neural network software and the data together to train an AI model.


Intel has announced a new processor with 144 cores designed for simple data-center tasks in a power-efficient manner.


Data center fires aren’t common, but they can be devastating. As use of lithium-ion batteries grows, enterprises need to be aware of the risks, Uptime Institute warns.


Russian intelligence services, together with a Moscow-based IT company, are planning worldwide hacking operations that will also enable attacks on critical infrastructure facilities.


Back in the old days, there was a CPU and chip designers crammed everything into that single CPU, which made sense for the greatest number of customers offset against the additional cost of adding extra functionality.


A picture is said to be worth a thousand words. A graph can Continue reading

Hedge 173: If Multicast is the answer, what was the question?

Multicast hasn’t ever really “gone viral” (In modern terms!) throughout the Internet—in fact, it’s not widely used even in networks supporting enterprises. why not? Join Dirk Trossen, Russ White, and Tom Ammon as we discuss the many facets of multicast, and what the future holds.

Dirk’s paper on multicast can be found here.

download

1 2 3 155