Russ

Author Archives: Russ

Castle versus Cannon: It’s time to rethink security

P1120249In case you’re confused about the modern state of security, let me give you a short lesson.

Your network is pictured to the left. When I first started working on networks in the USAF we were just starting to build well designed DMZs, sort of a gate system for the modern network. “Firewalls” (a term I’m coming to dislike immensely), guard routers, VPN concentrators, and other systems were designed to keep your network from being “penetrated.” Standing at the front gate you’ll find a few folks wearing armor and carrying swords, responsible for letting only the right people inside the walls — policies, and perhaps even an IDS or two.

The world lived with castles for a long time — thousands of years, to be precise. In fact, the pride of the Roman Legion really wasn’t the short sword and battle formation, it was their ability to work in concrete. Certainly they had swords, but they could also build roads and walls, as evidenced by the Roman style fortifications dotting the entire world.

But we don’t live inside concrete walls any longer. Instead, our armies today move on small and large vehicles, defending territory through measure and countermeasure. They gather Continue reading

QOTW: Ignorance

Contrary to folk wisdom, ignorance is usually not blissful. Generally, it produces the very opposite of bliss. Just ask the frightened hiker lost in some remote mountain blizzard who never paid attention to his Boy Scout instruction; or ask the new employee who never did her math homework, frantically trying to figure out the correct change for customers; or, worse yet, ask the frustrated and annoyed patrons waiting in the ever-increasing line as this new employee bumbles one purchase after another.
Phillip Dow, Virtuous Minds

LinkedInTwitterGoogle+FacebookPinterest

The post QOTW: Ignorance appeared first on 'net work.

Worth Reading: The Cryptech Project

The Snowden and subsequent revelations have called into question the integrity of some of the implementations of basic cryptographic functions and of the cryptographic devices used to secure applications and communications on the Internet. There are serious questions about algorithms and about implementations of those algorithms in software and particularly in hardware. … To fill this need the CrypTech project is developing an open-source hardware cryptographic engine design that meets the needs of high assurance Internet infrastructure systems that use cryptography. via the cryptech project

The post Worth Reading: The Cryptech Project appeared first on 'net work.

Worth Reading: The ‘net is the real world

How much time have I wasted decrying the many hours a day a billion people waste on Facebook? How could I have been so wrong? How could I have not seen it? Facebook (FB) is the real world now. Our wives are all beautiful, our husbands brilliant, our children talented, our pets hilarious, and our home lives one impeccably framed picture after another. via fox business

The post Worth Reading: The ‘net is the real world appeared first on 'net work.

Reaction: Thoughts on Certifications

Should you stack up certifications, or should you learn something new? To put the question a different way: should Ethan get his CCDE? This week a couple of posts filtered through to my RSS feed that seem worth responding to on the certification front. Let’s begin with the second question first. This week, Ethan posted:

I’ve already achieved what I personally wanted to with the CCIE program. There is no doubt the certification changed my life, but I’m heading places now that the CCIE can’t take me. The CCDE program is still interesting to me, but I find the focus on service provider and very large enterprise technologies a disadvantage for me. Lots of work to get through the study, and I lack sufficient motivation to make a go of it right now. I still believe it’s a great program. Maybe I’ll get back to it someday.

I think the first part of Ethan’s argument is valid and correct: there comes a point you’ve wrung the value out of a certification (or certification path), and it’s time to move on. But how can you judge when that time has come? My thinking is based around this chart, taken from one Continue reading

Worth Reading: Better than Reno

Critically, today’s Internet assumes that most of the network’s resources are devoted to passing TCP traffic, and it also assumes that the flow control algorithms used by these TCP sessions all behave in approximately similar ways. If the switching and transmission resources of the network are seen as a common resource, then the assumption about the uniform behaviour of TCP sessions implies that these end-to-end transport sessions will behave similarly under contention. via circle id

The post Worth Reading: Better than Reno appeared first on 'net work.

Worth Reading: Alphabet and Anti-trust

What we have learned in the last two months is that Google is much more worried than it says about the risks it faces from a variety of real structural changes it may have to make in its core business overseas in the months and years ahead — where the vast majority of Google’s users are, and from where over 50% of its revenues come. Google apparently foresees a coming brand winter of antitrust/privacy structural enforcement actions hanging over Google around the world. via somewhat reasonable

The post Worth Reading: Alphabet and Anti-trust appeared first on 'net work.

1 143 144 145 146 147 162