Author Archives: Russ
Author Archives: Russ
It’s not like they’re asking for a back door for every device.
If the world goes dark through encryption, we’ll be back to the wild west!
After all, if it were your daughter who had been killed in a terrorist attack, you’d want the government to get to that information, too.
While sitting on a panel this last week, I heard all three reactions to the Apple versus FBI case. But none of these reactions ring true to me.
Let’s take the first one: no, they’re not asking for a back door for every device. Under the time tested balance between privacy and government power, the specific point is that people have a reasonable expectation of privacy until they come under suspicion of wrongdoing. However, it’s very difficult to trust that, in the current environment, that such power, once granted, won’t be broadened to every case, all the time. The division between privacy and justice before the law was supposed to be at the point of suspicion. That wall, however, has already been breached, so the argument now moves to “what information should the government be able to trawl through in order to find crimes?” They are asking for Continue reading
The post Worth Reading: Utilization at ‘net interconnects appeared first on 'net work.
In a comment from last week’s post on the design mindset, which focuses on asking what through observation, Alan asked why I don’t focus on business drivers, or intent, first. This is a great question. Let me give you three answers before we actually move on to asking why?
Why can yuor barin raed tihs? Because your mind has a natural ability to recognize patterns and “unscramble” them. In reality, what you’re doing is seeing something that looks similar to what you’ve seen before, inferring that’s what is meant now, and putting the two together in a way you can understand. It’s pattern recognition at it’s finest—you’re already a master at this, even if you think you’re not. This is an important skill for assessing the world and reacting in (near) real time; if we didn’t have this skill, we wouldn’t be able to tolerate the information inflow we actually receive on a daily basis.
The danger is, of course, that you’re going to see a pattern you think you recognize and skip to the next thing to look at without realizing that you’ve mismatched the pattern. These pattern mismatches can be dangerous in the real world—like the time I Continue reading
The post Worth Reading: Improving Communication appeared first on 'net work.
BGP provides reachability for the global ‘net, as well as being used in many private networks. As a system, BGP (ultimately) isn’t very secure. But how do we go about securing BGP? This series investigates the questions, constraints, and solutions any proposal to secure BGP must deal with as a case study of asking the right questions, and working at the intersection of business and technology.
As a short review, we started off with three questions, described in the first post, each of which we’ve been considering in some detail:
Here I’m going to discuss the problem of a centralized versus distributed database to carry the Continue reading
The post Worth Reading: On collaborative blocking and filtering appeared first on 'net work.
The post Worth Reading: SSL, TLS, and difficult privacy appeared first on 'net work.
I have one remaining copy of my latest book from the initial ten Addison-Wesley sent me on publication… What I’ve decided to do is sign it and give it away to one of my readers. What’s the catch? There are actually two.
First, you have to go to the contact form and leave me feedback with three design concepts (or other interesting things) you’d like to see me write about on this blog. I won’t do “how to configure” type articles, as I think there’s enough of that around on the ‘web. It’s useful stuff, but it’s not my “thing.”
Second, I can’t ship this thing out of the US.
I’ll ship the book, after I’ve signed it, to the person with the three best questions.
The post Giveaway: Navigating Network Complexity appeared first on 'net work.
This week I was peacefully reading the March 9th issue of ACM Queue when I received a bit of a surprise. It seems someone actually buys the “blame the victim” game, arguing that governments are going to break all encryption if we don’t give them what they want.
These ideas are all based on the same principle: If we cannot break the crypto for a specific criminal on demand, we will preemptively break it for everybody. And whatever you may feel about politicians, they do have the legitimacy and power to do so. They have the constitutions, legislative powers, courts of law, and police forces to make this happen. The IT and networking communities overlooked a wise saying from soldiers and police officers: “Make sure the other side has an easier way out than destroying you.” But we didn’t, and they are.
If you don’t get the point, it’s simple: the only way to really have secure communications is to give the government the keys. Once again, my inner philosopher threw up (as I recently said on a Network Break podcast). The reason I find the line of argument above so horrifying is simple: it’s just true enough to Continue reading
The post Worth Reading: What your ISP probably knows about you appeared first on 'net work.
The post Worth Reading: Data is a toxic asset appeared first on 'net work.
How does a network designer, well, actually design something? What process do you use as a designer to get from initial contact with a problem to building a new design to deploying a solution? What is the design mindset? I’ve been asking myself just this question these last few months, going through old documentation to see if I can find a pattern in my own thinking that I could outline in a way that’s more definite than just “follow my example.” What I discovered is my old friends the OODA loop and the complexity model are often in operation.
So, forthwith, a way to grab hold of a designer mindset, played out in an unknown number of posts.
Begin with observe. Observation is the step we often skip, because we’ve either worked on the network for so long “we don’t need to,” or we’re “so experienced we know what to look for.” This is dangerous. Let me give you an example.
A long time ago, in a small shire on the borders of reality (it seems now), I worked on a piece of equipment we called the funnyman. Specifically, this was the FNM-1, which was used to detect runway Continue reading
The post Worth Listening: Aligning IT and the Business appeared first on 'net work.
The post Worth Reading: Entropy, vacuums, and visibility appeared first on 'net work.
When I was in the US Air Force, as part of the 438th Communications Group, we had a Group Readiness Center that contained a large board with the airfield equipment status, a safe with various drawers with different classification levels, a couple of encrypted communication systems, and… a couple of strange looking Z200 computers. The screen on these computers were covered with a fine mesh, and the power cables ran through a special cleaning box. What was the point of all this fanciness?
TEMPEST. The ability to gather information about what’s on a computer’s screen by examining the signals transmitted (unintentionally) from the monitor screen, power cable, and other electronics. This might seem odd, but essentially any wire is an antenna that can (and will) carry information from a computer; at some range, these signals can be detected and deciphered in a way that allows you to determine what the computer is processing. Screens are more fruitful, as the older style Cathode Ray Tube (CRT) displays essentially shoot a stream of electrons onto a piece of glass, some of which must leak, and hence can be picked up and decoded to see what’s on the screen from quite a distance Continue reading
The post Worth Reading: Classifying data structures security appeared first on 'net work.