Russ

Author Archives: Russ

Weekend Reads 111524


Techno-futurists love to dream up visions of the future. Invariably, these are worlds where everything is under control—where every problem has a solution, and the future unfolds exactly as planned. We do seem to be moving toward some sort of centralized loss of agency.


The representational structures of the Internet governance institutions are highly varied (indicating once again that there is no “multistakeholder model”), but they all have one thing in common: decision-making power is vested in non-state actors.


The rapid expansion of AI and generative AI (GenAI) workloads could see 40% of data centers constrained by power shortages by 2027, according to Gartner.


Chiplets and 3D devices, long discussed in the future tense, are a growing sector of the market. Moore’s Law? It’s still alive, but manufacturers and designers are following it by different means than simply shrinking transistors.


Monitoring traffic at Internet Exchange Points (IXPs) is a long-standing operational practice. It is essential for several reasons related to the entire Internet infrastructure’s stability, security, and efficiency.


If you want to sell a lot of hardware to support AI workloads, then the best way to do that is to convince every country on Earth that AI is so important Continue reading

Weekend Reads 110924


Toward the end of August 2024, a customized malware dubbed “Voldemort” based on strings found in its code was used in a cyber espionage campaign targeting various countries.


Until 2019, it was a Google partner running full Android. Then it forked its own version of Android, called it HarmonyOS, stopped including Google proprietary apps, and set up its own Android app store.


As previously discussed in this post, Xiong’an New Area (Xiong’an), a pilot city established in 2017 about 100 kilometres west of Beijing, aims to be a model for future digital cities, built with IPv6-only infrastructure from the start.


A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) models, some of which could lead to remote code execution and information theft.


Today, we’re excited to announce the launch of Kentik’s Cloud Latency Map, a public service that uses Kentik Synthetics to continuously measure latency between the regions of the biggest cloud providers.


Data can undergo a similar transformation—two pieces of data, linked, such that changing one has an impact on the other. Think of this as “spooky data at a distance.”


In this work, we aim to Continue reading

Weekend Reads 110124


Do you want to analyse decrypted TLS traffic in Wireshark or let an Intrusion Detection System (IDS), like Suricata, Snort or Zeek, inspect the application layer data of potentially malicious TLS encrypted traffic?


Thousands of machines running Linux have been infected by a malware strain that’s notable for its stealth, the number of misconfigurations it can exploit, and the breadth of malicious activities it can perform, researchers reported Thursday.


More evidence has emerged that AI-driven demand for energy to power datacenters is prolonging the life of coal-fired plants in the US.


The Regional Internet Registries (RIRs) together ensure the stability of the Internet Numbers Registry System. In order to strengthen their accountability, efforts are under way to revise the criteria for the accreditation of RIRs, and the obligations they must continuously meet.


What happens on the network if you’re joining a Microsoft Active Directory domain? Which protocols are used? As I suspected, it’s a bit more complex than just seeing a single known protocol like HTTPS.


The demand for optical interconnects is so high, given the immense bandwidth bottlenecks for accelerator-to-accelerator and accelerator to memory needs, that raising venture funding is not a problem.


The basic approach to resolving the Continue reading

Weekend Reads 101324


A study by the US General Services Administration (GSA) has revealed that five remote identity verification (RiDV) technologies are unreliable, inconsistent, and marred by bias across different demographic groups.


This time, he included a PoC that caused the ChatGPT app for macOS to send a verbatim copy of all user input and ChatGPT output to a server of his choice.


In the quest to revolutionize medicine, our bodies are becoming living laboratories. By 2030, itメs estimated that bioprinting could address up to 20% of the organ transplant waiting list globally.


Consider this: For every 1,000 human users in your organization, you likely have 10,000 non-human connections or credentials. Some estimates suggest the ratio could be as high as 45-to-1.


The U.S. Department of Justice (DOJ) is considering recommending a federal judge to force Google to sell parts of its business in a bid to eliminate its alleged monopoly on online search, according to a court filing Tuesday.


A US jury has found that employment practices at Cognizant constitute discriminatory conduct toward non-Indian workers in a case that originated in 2013 and claimed the tech giant favored H-1B visa holders from India over local workers.


Consumers are victims of online Continue reading

Weekend Reads 100624


Thanks to the popularity and widespread success of ChatGPT, most IT users are familiar with the concept of a large language model (LLM). But how does an LLM apply to network operations?


If you don’t know what you’re operating on, or what the expected output range might be, then maybe you ought not to be operating on that data in the first place. But now these languages have gotten into the wild and we’ll never be able to hunt them down and kill them soon enough for my liking, or for the greater good.


We then analyze ten data sets spanning industry and academic sources, across four years (2019-2023), to find and explain discrepancies based on data sources, vantage points, methods, and parameters.


Phishing attacks, which trick users into sharing private data, have been a major security threat for years. According to a 2023 FBI report, it is the top digital crime type.


A test account that’s shared among many can be used by anyone who happens to have the password. This leaves a trail of poorly managed or unmanaged accounts that only increases your attack surface.


As radio host Mark Davis put it recently, “ultimately everything AI does is Continue reading

Weekend Reads 092824


Instead, Broadcom is now experimenting with co-packaging the optics directly into the GPUs themselves.


With K-12 schools back in session across the nation, millions of students are adjusting to a new learning environment — a cellphone-free classroom or, in some cases, a phone-free school day.


Being at the core of the Internet places the DNS under a lot of pressure. New forms of DNS abuse emerge each year, disputes over domain names persist, and all the while, the Internet just keeps getting bigger.


The censorship war has hit a flashpoint. Late last month, Brazil banned Elon Musk’s social media site, X, after Musk refused a government order to suppress seven dissident accounts.


This raises a question. If someone is situated in South America and wants to access youtu.be, is their performance going to be impacted (assuming he has to do the entire recursive lookup with no cache)?


ODA focuses on identifying macroscopic Internet outages, such as outages that affect a significant portion of the population within either a geographic region or an Autonomous System (AS).


For practitioners, this study provides a rich set of criteria that can be used for evaluating their projects, as well as strong evidence of Continue reading

Hedge 243: The Open Radio Area Network (RAN)

The cellular network world is similar enough to the IP networking world to feel familiar, but different enough to require learning new terms and ideas. Tom Nadeau joins Tom Ammon and Russ White to discuss one element of this networking world, the RAN network, and the current move towards open source and white box disaggregated solutions.

download

Weekend Reads 090724


A federal judge struck down a Biden administration rule on Tuesday that banned employers from using noncompete agreements, which would have affected the contracts of millions of Americans.


The Open Compute Project, the org best known for offering designs for hyperscale hardware, has rounded up AWS, Google, Meta, and Microsoft to help it test concrete.


Recent trends show that ransomware attacks continue to grow more advanced and persistent.


When you are designing applications that run across the scale of an entire datacenter and that are comprised of hundreds to thousands of microservices running on countless individual servers and that have to be called within a matter of microseconds to give the illusion of a monolithic application, building fully connected, high bi-section bandwidth Clos networks is a must


The National Institute of Standards and Technology (NIST) just released three finalized standards for post-quantum cryptography (PQC) covering public key encapsulation and two forms of digital signatures. In progress since 2016, this achievement represents a major milestone towards standards development that will keep information on the Internet secure and confidential for many years to come.


Linearity is one of the greatest success stories in mathematics. According to Encyclopedia Britannica, “Unlike other parts of Continue reading

Weekend Reads 083024


Microsoft on Thursday disclosed four medium-severity security flaws in the open-source OpenVPN software that could be chained to achieve remote code execution (RCE) and local privilege escalation (LPE).


Cybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited, could result in serious consequences.


As many as 10 security flaws have been uncovered in Google’s Quick Share data transfer utility for Android and Windows that could be assembled to trigger remote code execution (RCE) chain on systems that have the software installed.


SiFive has announced the launch of its latest core for datacenters, the P870-D, and claims it has a leg up on Arm’s Neoverse N2 in density for AI.


Unstoppable Domains (UD), a provider of Web3 domain names and digital identities, has been officially accredited by the Internet Corporation for Assigned Names and Numbers (ICANN).


CENTR, the association overseeing European country code top-level domain (ccTLD) registries, has announced the public release of its Domain Crawler Project code.


Remote SIM provisioning (RSP) for consumer devices is the protocol specified by the GSM Association for downloading SIM profiles into a secure element in a mobile device. The process is commonly known as eSIM, and it Continue reading

August Rule 11 Academy Update

I’ve been working on new material over at Rule 11 Academy. This month’s posts are:

  • BGP Route Reflector Lab
  • The Clos Fabric (history)
  • The Default Free Zone
  • Network Addresses
  • BGP Policy Entrance Selection (2)
  • Interview Rubric Sample
  • BGP Policy Entrance Select (1)
  • Interviewing Background

    • This brings us up to a total of 39 lessons. Each lesson should be about 15 minutes, so about 10 hours of material so far. The trial membership will take you through the end of the year. After the first of the year, the trial membership will last 2 months.

1 2 3 162