Archive

Category Archives for "Russ White"

Worth Reading: IoT devices will never be secure

The biggest problem with IoT security is that most devices are going to be relatively simple and inexpensive connected things. The bandwidth consumption of these devices should be kept to the minimum to save bandwidth. Yet at the same time, security is supposed to be a continuous process. This involves a party that is responsible for keeping an eye on the various security vulnerabilities that emerge from time to time, and another one to make sure that suitable patches are being prepared and applied on timely basis. —CircleID

The post Worth Reading: IoT devices will never be secure appeared first on rule 11 reader.

Troubleshooting: Half Split

The best models will support the second crucial skill required for troubleshooting: seeing the system as a set of problems to be solved. The problem/solution mindset is so critical in really understanding how networks really work, and hence how to troubleshoot them, that Ethan Banks and I are writing an entire book around this concept. The essential points are these—

  • Understand the set of problems being solved
  • Understand a wide theoretical set of solutions for this problem, including how each solution interacts with other problems and solutions, potential side effects of using each solution, and where the common faults lie in each solution
  • Understand this implementation

    • of this solution

Having this kind of information in your head will help you pull in detail where needed to fill in the models of each system; just as you cannot keep all four of the primary systems in your head at once, you also cannot effectively troubleshoot without a reservoir of more detailed knowledge about each system, or the ready ability to absorb more information about each system as needed. Having a problem/solution mindset also helps keep you focused in troubleshooting.
So you have built models of each system, and you have learned Continue reading

Worth Reading: A simple start to project management

Being able to track your work efficiently is a very useful skill. For years I completed my work but rarely tracked my work in a project management professional (PMP) sort of way. Sure, I’ve done the weekly reports, sticky notes, Outlook tasks, and Outlook calendar block scheduling, which are all useful. However, simple project management skills help create a consistent and straightforward approach to managing time, resources, and tasks. —Life of a Network Admin

The post Worth Reading: A simple start to project management appeared first on rule 11 reader.

Worth Reading: Enabling DNSSEC Validation

In July 2010, we saw an important Internet milestone: the Domain Name System (DNS) root zone was signed with DNSSEC, the DNS security extensions. DNS was designed without much thought given to security, but DNSSEC adds much-needed authentication and data integrity features. With DNSSEC, information in the DNS, including the root zone, can be cryptographically signed. DNS clients can validate the resulting signatures to have more trust that the data coming out of DNS is the same as what the owner put in and signed, and that the data hasn’t been modified in transit. —APNIC

The post Worth Reading: Enabling DNSSEC Validation appeared first on rule 11 reader.

Worth Reading: Improving peering relationships in Japan

Route servers are used by many Internet Exchange Points (IXPs) — including our own at Japan Internet Exchange (JPIX) — to facilitate multilateral peering among various members. To better understand the peering characteristics of our members, we recently studied the routing table of our route servers operating at JPIX Tokyo and JPIX Osaka. —APNIC

The post Worth Reading: Improving peering relationships in Japan appeared first on rule 11 reader.

Worth Reading: Partner or die

If your job is process oriented, for example, calculating make-goods for improperly filled orders, your whole department will be automated soon. Don’t let the pink slip surprise you. If you analyze numbers in Excel, craft a narrative about them, and move them around spreadsheets, your employable days are numbered. Any white-collar job you can learn to do in a few days is threatened – even if it takes a lifetime to master. (Poker takes minutes to learn and a lifetime to master. So professional pokers players are at risk. Please read “Can Alexa Lie?” for details.) —Shelly Palmer

The post Worth Reading: Partner or die appeared first on rule 11 reader.

Worth Reading: Lessons from Facebook’s split network backbone

Distributed applications, whether they are containerized or not, have a lot of benefits when it comes to modularity and scale. But in a world of feature creep on all applications, whether they are internally facing ones running a business or hyperscale consumer applications like Google’s search engine or Facebook’s social media network, these distributed applications put a huge strain on the network. This, more than any other factor, is why network costs are rising faster than any other aspect of the datacenter. —The Next Platform

The post Worth Reading: Lessons from Facebook’s split network backbone appeared first on rule 11 reader.

Worth Reading: Digital advertising takes a hit

But how effectively does that information work to meet advertiser goals? As advertisers including P&G, which spends billions of dollars each year on all its advertising for brands including Crest, Old Spice, and Gillette, have tried to assess the effectiveness of their increasing digital ad budgets, they’ve discovered that hyper-targeting consumers doesn’t always work. —Technology Review

The post Worth Reading: Digital advertising takes a hit appeared first on rule 11 reader.

Worth Reading: Value constrains us

I only take part in a few services, and I’m not consistently active on any of them. Despite however many followers I might have on a given platform, the world doesn’t care what I have to say on those services so much that my contributions especially matter. Therefore, stepping back isn’t harming anyone, nor is it disappointing someone that I’m not saying something or participating in every conversation that I might. No one notices. —Ethan Banks

The post Worth Reading: Value constrains us appeared first on rule 11 reader.

Reaction: Offensive Destruction of Attack Assets

It is certainly true that DDoS and hacking are on the rise; there have been a number of critical hacks in the last few years, including apparent attempts to alter the outcome of elections. The reaction has been a rising tide of fear, and an ever increasing desire to “do something.” The something that seems to be emerging is, however, not necessarily the best possible “something.” Specifically, governments are now talking about attempting to “wipe out” the equipment used in attacks—

Berlin was studying what legal changes were needed to allow authorities to purge stolen data from third-party servers, and to potentially destroy servers used to carry out cyber attacks. “We believe it is necessary that we are in a position to be able to wipe out these servers if the providers and the owners of the servers are not ready to ensure that they are not used to carry out attacks,” Maassen said. —Reuters

“Wiping out” (destroying?) a server because the owner cannot ensure the server will be used in a way the government agrees with—sounds like a good idea, right? And how do we make certain such laws are not extended to destroy the servers Continue reading

Worth Reading: Mind the gap

The sheer number of IT departments that are not acknowledging the numerous security gaps for cyber-attackers to exploit is astonishing. The problem is that many of those within the industry believe they have their security posture under control but they haven’t looked at the wider picture. The number of threats is increasing every day and as new technologies and opportunities emerge, companies need new security infrastructure to cope with the modifications of the threat landscape. Currently, C-level executives struggle to keep up with the necessity to approve budget requirements to bring their enterprise security up to the next level of protection. If companies are not up to date with the latest trends, businesses are being left more vulnerable to data breached as a consequence. —Cloud Security Alliance

The post Worth Reading: Mind the gap appeared first on rule 11 reader.

Worth Reading: Cherry picker

For big data analytics jobs, especially recurring jobs, finding a good cloud configuration (number and type of machines, CPU, memory ,disk and network options) can make a big different to overall cost and runtimes. Likewise, a poor choice can seriously degrade performance and/or increase costs. … How do you find the good configurations though? Just on instance types, Amazon EC2 and Microsoft Azure each offer over 40 (GCP offered 18 at the time of writing, plus the ability to customise VM memory and cores). And that’s before we’ve started to experiment with cluster size… An exhaustive search of the space is clearly way too expensive, especially as each data point requires a run of the job. —The Morning Paper

The post Worth Reading: Cherry picker appeared first on rule 11 reader.

Troubleshooting: Models

How well can you know each of these four systems? Can you actually know them in fine detail, down to the last packet transmitted and the last bit in each packet? Can you know the flow of every packet through the network, and every piece of information any particular application pushes into a packet, or the complete set of ever changing business requirements?

Obviously the answer to these questions is no. As these four components of the network combine, they create a system that suffers from combinatorial explosion. There are far too many combinations, and far too many possible states, for any one person to actually know all of them.

How can you reduce the amount of information to some amount a reasonable human can keep in their minds? The answer—as it is with most problems related to having too much information—is abstraction. In turn, what does abstraction really mean? It really means you build a model of the system, interacting with the system through the model, rather than trying to keep all the information about every subsystem, and how the subsystems interact, in your head. So for each subsystem of the entire system, you have a model you are Continue reading

Worth Reading: Who really has fast lanes?

Internet Association members sometimes say that they could actually afford to pay more for fast lanes but they are worried about the little guys, the startup, who may not be able to pay more and whose websites, therefore, won’t be as zippy as they need to be. They’re worried about innovation. They’re worried about you. In fact, however, the web giants like Google and Amazon have private networks which connect to the Internet in many locations. They have data caches (think of them as content warehouses) around the world. Their websites DO pop up faster than yours because their bits travel mostly on their private networks and avoid Internet backbone and interchange congestion. In other words, they have private fast lanes. You can’t achieve this speed for your website unless you A) build a private network of your own (unlikely); B) host your website on Amazon or Google in which case they MAY share some of their private access network. —CircleID

The post Worth Reading: Who really has fast lanes? appeared first on rule 11 reader.

Worth Reading: Be careful what you wish for

After a few minutes of hyperventilating into an empty Dunkin Donuts bag, though, I calmed down enough to appreciate that the guy is trying to provide exactly what I’ve been complaining about the lack of for quite some time now: some kind of logical progression, a path to follow to go from Point BootCamp to Point GotAJob. It’s a helpful roadmap that lays clearly lays out the (many, oh so many) technologies we should be aware of as we work toward professional web dev status. —The New Stack

The post Worth Reading: Be careful what you wish for appeared first on rule 11 reader.

1 88 89 90 91 92 160