Worth Reading: Ambry Open Source Object Store

Today, we are announcing that Ambry is now available as an open source project under the Apache 2.0 license. Ambry is optimized to store and serve media. Media content has become critical for any website to increase user engagement, virality and monetization. Media pipelines will need to be supported by more companies, especially with the advancement of video and virtual reality. -LinkedIn Engineering Blog

The post Worth Reading: Ambry Open Source Object Store appeared first on 'net work.

Worth Reading: Moore’s law is dead

But in a few years technology companies may have to work harder to bring us advanced new use cases for computers. The continual cramming of more silicon transistors onto chips, known as Moore’s Law, has been the feedstock of exuberant innovation in computing. But it looks to be slowing to a halt. —Technology Review

The post Worth Reading: Moore’s law is dead appeared first on 'net work.

Worth Reading: the “buy now” button

Enter the “Buy Now” button. A team of researchers from UC Berkeley and Case Western have published a study showing that customers think they are getting traditional ownership rights when they buy digital media online, even when a vendor’s site includes legal terms (often buried in click-wrap agreements) purporting to limit those rights. —deeplinks

The post Worth Reading: the “buy now” button appeared first on 'net work.

Worth Reading: IPv6 at LinkedIn

One of the advantages of end-to-end control with a mobile product is the ability to do effective measurements at scale. I wanted to share our RUM-based measuring techniques and also encourage other folks in the content/application space to do so. As a summary, we are seeing 10% adoption of IPv6 from our member base which is very much in line with what Google is reporting as well. —APNIC

The post Worth Reading: IPv6 at LinkedIn appeared first on 'net work.

Beach Bench

The post Beach Bench appeared first on 'net work.

Worth Reading: The death of TRILL

Transparent Interconnection of Lots of Links (TRILL) was proposed as a solution to the complexity of spanning tree. Radia Perlman realized that her bridging loop solution wouldn’t scale in modern networks. So she worked with the IEEE to solve the problem with TRILL. We also received Shortest Path Bridging (SPB) along the way as an alternative solution to the layer 2 issues with spanning tree. The motive was sound, but the industry has rejected the premise entirely. —Networking Nerd

The post Worth Reading: The death of TRILL appeared first on 'net work.

Worth Reading: The API fight everyone loses

Attorneys for the Oracle and Google companies presented opening statements this week in a high-stakes copyright case about the use of application-programming interfaces, or APIs. As Oracle eagerly noted, there are potentially billions of dollars on the line; accordingly, each side has brought “world-class attorneys,” as Judge William Alsup noted to the jury. And while each company would prefer to spend their money elsewhere, these are businesses that can afford to spend years and untold resources in the courtroom. -via deeplinks

The post Worth Reading: The API fight everyone loses appeared first on 'net work.

Universal Scaling and Complexity

The universal scaling law is a model designed to help engineers understand transaction based systems, particularly databases and applications. What could a transaction based system have to do with network design? After all, networks aren’t really transaction based, are they? Or maybe they are…

Let’s ignore the data flowing through the network for a moment (though the universal scaling law might provide an interesting way to look at packets or flows per second as transactions), and focus just on the control plane. When we look at the control plane, we find a routing protocol or a centralized controller that accepts information about changes in the network topology (and other data points), and builds a model of the network topology which can be used to forward traffic. Questions we can ask about the state being handled by the control plane include things like: How many changes are there? What is the rate at which this information arrives? How many changes might be present in the system at any given time? How many devices participate in the control plane?

If these all sound like questions about state, one of the three “legs” of the complexity model (state, optimization, surface), that’s because they Continue reading

Worth Reading: RDAP

RDAP was given official standards status last year by the Internet Engineering Task Force (IETF) and was quickly adopted by all the RIRs. But the IETF didn’t just design RDAP for IP network registrations and ASNs. RDAP was also designed to model the data in Domain Name Registries (DNRs) and has extension mechanisms for other registry types. Extensions have already been defined for ENUM registries (which are DNRs for telephone numbers), and work is beginning on using it for routing registries as well. -via APNIC

The post Worth Reading: RDAP appeared first on 'net work.

Worth Reading: Lego Robots versus Gesture Security

A DARPA-funded report titled “Robotic Robbery on the Touch Screen” published recently in the journal ACM Transactions on Information and System Security looks at gestural authentication through the eyes of a more sophisticated hacker. It presents two Lego-driven robotic attacks on a touch-based authentication system—one is based on gestural statistics collected over time from a large population of users and the other is based on stealing gestural data directly from a user. Both were pretty effective. -via Motherboard

The post Worth Reading: Lego Robots versus Gesture Security appeared first on 'net work.

Thinking about side channel attacks

When Cyrus wanted to capture Babylon, he attacked the river that flows through the city, drying it out and then sending his army under the walls through the river entrance and exit points. In a similar way, the ventilator is a movie favorite, used in both Lord of the Rings and Star Wars, probably along with a thousand other movies and stories throughout time. What do rivers and ventilators have to do with network security?

Side channel attacks. Now I don’t know if the attacks described in these papers, or Cyrus’ attack through the Euphrates, are considered side channel, or just lateral, but either way: the most vulnerable point in your network is just where you assume you can’t be attacked, or that point where you haven’t thought through security. Two things I read this week reminded me of the importance of system level thinking when it comes to security.

The first explores the Network Time Protocol (NTP), beginning with the general security of the protocol. Security in a time protocol is particularly difficult, as the entire point of encryption is to use algorithms that take a lot of time for an attacker to calculate—and there’s probably some relationship between Continue reading

Worth Reading: Docker Launches Vulnerability Scanner

The Docker Cloud hosted container service now offers the ability to scan containers for known security vulnerabilities. The technology behind the security service, called Docker Security Scanning, will also be a core component of the Docker Datacenter, Docker’s software for running a container management service in house. -via The New Stack

The post Worth Reading: Docker Launches Vulnerability Scanner appeared first on 'net work.

Worth Reading: Six Tips for Securing BGP

There are different initiatives working on the problem of authenticating incoming BGP routes. The key technology is to use certificates, but doing so leads to a lot of implications, such as more route churn, larger BGP tables, and the need to learn how to exchange certificates and handle unsigned routes. Considering the difficulties we have today to get ISPs to implement even basic protection mechanisms, I don’t expect authentication of BGP routes to reach widespread usage for a long time. So what are some of the things we can do today to improve BGP security? Here are six tips. -via Network Computing

The post Worth Reading: Six Tips for Securing BGP appeared first on 'net work.

Why you need to learn to code

We’ve all heard it by now: you’d better learn to code, or your network engineering career is going to die a quick (and potentially painful) death. Maybe you could still act as a briefcase carrier, and call yourself a consultant, but without coding skills, you’re open ended job is going to become a dead end, and you’ll be a has been. While just about everyone has weighed in on this topic recently, I don’t know if anyone has, IMHO, really dug down to the bottom of the question. Permit me to give it a try (and feel free to disagree in the comments).

To get to the point, allow me to summarize both sides of the argument (hopefully without building and straw men along the way). On one side are folks who say that the Command Line Interface (CLI) is dead, and that we must learn to automate everything. Part of the argument here seems to be that without automation, we won’t be able to keep the operational costs (OPEX) down; as networks are primarily a cost center (rather than a strategic asset), driving costs down is one of the most important tasks a network engineer can take on. That, Continue reading

Worth Reading: Social Media and Monetization

Social media developed by entrepreneurs, backed by venture capital, will eventually have to find some revenue. And there are only three choices: they sell information about their users and content creators, even if that’s just access to the attention of the users via advertisements; they sell services to their users and content creators; they sell the content their creators gave to them, or at least take a huge cut of any such sales. That’s it. -via Easily Distracted

The post Worth Reading: Social Media and Monetization appeared first on 'net work.

Worth Reading: Consumer Watchdog Took Millions From Google

An influential tech industry watchdog group that has received millions of dollars from Google has been silent on the internet giant’s recent fight to circumvent Federal Communications Commission restrictions on data collection. The Center for Democracy and Technology, a consumer watchdog group with outsized influence in Washington, took in $2.5 million from Google between 2010 and 2014, according to tax records. The donations amounted to more than double the amount contributed by any other company during the same period. -via Free Beacon

The post Worth Reading: Consumer Watchdog Took Millions From Google appeared first on 'net work.

Securing BGP: A Case Study

What would it take to secure BGP? Let’s begin where any engineering problem should begin: what problem are we trying to solve? This series of posts walks through a wide range of technical and business problems to create a solid set of requirements against which to measure proposed solutions for securing BGP in the global Internet, and then works through several proposed solutions to see how they stack up.

Post 1: An introduction to the problem space
Post 2: What can I prove in a routing system?
Post 3: What I can prove in a routing system?
Post 4: Centralized or decentralized?
Post 5: Centralized or decentralized?
Post 6: Business issues with centralization
Post 7: Technical issues with centralization
Post 8: A full requirements list
Post 9: BGPSEC (S-BGP) compared to the requirements
Post 10: RPKI compared to the requirements

I will continue updating this post as I work through the remaining segments of this series.

The post Securing BGP: A Case Study appeared first on 'net work.

Worth Reading: Breaches at eMail Providers

Hundreds of millions of hacked user names and passwords for email accounts and other websites are being traded in Russia’s criminal underworld, a security expert told Reuters. The discovery of 272.3 million stolen accounts included a majority of users of Mail.ru (MAILRq.L), Russia’s most popular email service, and smaller fractions of Google (GOOGL.O), Yahoo (YHOO.O) and Microsoft (MSFT.O) email users, said Alex Holden, founder and chief information security officer of Hold Security. -via Reuters

The post Worth Reading: Breaches at eMail Providers appeared first on 'net work.

Worth Reading: Feinstein-Burr, Encryption, and “The Rule of Law”

There’s a lot to say about the substance of the misguided anti-encryption legislation sponsored by Sens. Dianne Feinstein and Richard Burr, which was recently released as a “discussion draft” after a nearly-identical version leaked earlier this month. I hope to do just that in subsequent posts. But it’s also worth spending a little time on the proposal’s lengthy preamble, which echoes the rhetorical tropes frequently deployed by advocates for mandating government access to secure communications and stored data. -via Just Security

The post Worth Reading: Feinstein-Burr, Encryption, and “The Rule of Law” appeared first on 'net work.

Buenos Aires Garden

The post Buenos Aires Garden appeared first on 'net work.