Weekend Reads ‭188A6‬

The security skills gap is real, and it is a problem. But what if you could replace the most basic security jobs with an AI? According to Gunter Ollmann @CircleID, this is possible today. The next question you might want to ask is this: if AI’s replace all the entry level positions, then how are we going to train up senior level engineers? Remember that every hiring manager wants someone with ten years of experience on a product that has only been out for two years…

US customers pay some of the highest prices for broadband in the developed world, and broadband availability is sketchy at best for millions of Americans. But instead of tackling that problem head on, the FCC is increasingly looking the other way, relying on ISP data that paints an inaccurately rosy picture of Americans’ internet access. And as long as regulators are relying on a false picture of US broadband access, actually solving the problem may be impossible. —Karl Bode @The Verge

American businesses are in for a rude awakening. Sweeping new privacy regulations, such as the EU’s landmark GDPR law and California’s Consumer Privacy Act, along with the ongoing SEC probe of Facebook’s data Continue reading

Worth Reading: Outing your Outages

How are you supposed to handle outages? What happens when everything around you goes upside down in an instant? How much communication is “too much”? Or “not enough”? And is all of this written down now instead of being figured out when the world is on fire? —Tom @Networking Nerd

Worth Reading: How Edge Computing will Impact the Enterprise

Data published at the start of 2018 reveals a prediction that spending in the edge computing sector will grow by a compound annual growth rate of more than 30 percent through 2022. That means regardless of IT professionals’ focus and the companies they work for now, their jobs paths will inevitably feature more edge computing-related elements soon. —Kayla Matthews @Information Week

Worth Reading: WPA3 brings new authentication to wireless

WPA3 is the latest version of Wi-Fi Protected Access, a suite of protocols and technologies that provide authentication and encryption for Wi-Fi networks. WPA3, which was first announced earlier this year, is now available for inclusion in products. It brings two deployment models, personal and enterprise, along with a related security set called Easy Connect. —Curtis Franklin Jr. @Dark Reading

History of Networking: BGP Route Servers and the IXP

Worth Reading: Beyond Cookbook Mathematics

Most of you who are reading this have likely taken a calculus course or two, and probably some basic linear algebra/matrix theory (especially if you’re in computer science). You’ve been exposed to limits, differentiation, continuity, determinants, and linear maps. —Rachel Traylor @The Math Citadel

Worth Reading: Microservices and Networking

With the rise of so-called mode two applications, we see significantly different approaches to software architectures. Gartner defines mode two applications as exploratory, non-linear focused on agility and speed. In order to achieve this level of agility, the underlying architecture needs to be dramatically different. —Jeroen van Rotterdam @The New Stack

Short Take: BGP Peering Updates

Worth Reading: Measuring the KSK Roll

When viewed as a network infrastructure, looks can be very deceiving when looking at the DNS. It appears to be a simple collection of resolvers and servers. Clients pass their DNS name resolution queries to resolvers, who then identify and ask an appropriate authoritative name server to resolve the DNS name, and the result is passed back to the client. —Goeff Huston @potaroo

Worth Reading: The KSK Rollover

In a little over two weeks, precisely in 17 days (on 11 October 2018 at 16:00 UTC), ICANN will roll the Domain Name System Security Extensions (DNSSEC) root Key Signing Key (KSK). —Adiel A. Akplogan @CircleID

IPv6 Security Considerations

When rolling out a new protocol such as IPv6, it is useful to consider the changes to security posture, particularly the network’s attack surface. While protocol security discussions are widely available, there is often not “one place” where you can go to get information about potential attacks, references to research about those attacks, potential counters, and operational challenges. In the case of IPv6, however, there is “one place” you can find all this information: draft-ietf-opsec-v6. This document is designed to provide information to operators about IPv6 security based on solid operational experience—and it is a must read if you have either deployed IPv6 or are thinking about deploying IPv6.

The draft is broken up into four broad sections; the first is the longest, addressing generic security considerations. The first consideration is whether operators should use Provider Independent (PI) or Provider Assigned (PA) address space. One of the dangers with a large address space is the sheer size of the potential routing table in the Default Free Zone (DFZ). If every network operator opted for an IPv6 /32, the potential size of the DFZ routing table is 2.4 billion routing entries. If you thought converging on about 800,000 routes is Continue reading

Worth Reading: The Ecology of Web Browsing Engines

Early in my career when I worked at agencies and later at Microsoft on Edge, I heard the same lament over and over: “Argh, why doesn’t Edge just run on Blink? Then I would have access to ALL THE APIs I want to use and would only have to test in one browser!” Let me be clear: an Internet that runs only on Chrome’s engine, Blink, and its offspring, is not the paradise we like to imagine it to be. —Rachel Nabors @css-tricks

Bird

Weekend Reads 092818

Windows and Linux users need to beware, as an all-in-one, destructive malware strain has been discovered in the wild that features multiple malware capabilities including ransomware, cryptocurrency miner, botnet, and self-propagating worm targeting Linux and Windows systems. —Swati Khandelwal @The Hacker News

According to IDC Research’s recent US DDoS Prevention Survey, more than 50% of IT security decision makers said that their organization had been the victim of a distributed denial-of-service (DDoS) attack as many as 10 times in the past year. For those who experienced an attack, more than 40% lasted longer than 10 hours. This statistic correlates with our ATLAS findings, which show there were 7.5 million DDoS attacks in 2017 — a rate, says Cisco, that is increasing at roughly the same rate as Internet traffic. —Carlos Morales @Dark Reading

As the topic of hacking back continues to resurface among elected officials, those of us in the cybersecurity community are scratching our heads over why this concept refuses to die. After digging deeper, one can see that there are many misperceptions regarding what the terms “hacking back” and “active cyber defense” (ACD) actually mean. General frustration and misinformation are driving the interest, but the mixing of Continue reading

Worth Reading: Why you shouldn’t join a startup

According to a statistic published in a Harvard Business School study by Shikhar Ghosh, 75% of venture-backed (yes, venture-backed) startups fail. In a study by Statistic Brain, Startup Business Failure Rate by Industry, 50 percent of all U.S. companies fail after 5 years, and over 70 percent fail after 10 years. This is if you are lucky enough to get some venture funding. —Sean Choi @Free Code Camp

Worth Reading: Persistent DNS connections

For decades, the Domain Name System (DNS) has been based on a connectionless semantic: a client sends its query as a single User Datagram Protocol (UDP), and it receives a single UDP datagram with the response. This very simple communication model, along with efficient caching and clear administrative boundaries, is what allowed the DNS to scale and successfully adapt to an ever-increasing demand. —Baptiste Jonglez @APNIC

Worth Reading: Are carriers still missing the IoT point?

Sprint is yet another operator to announce an IoT platform, but we still don’t have a real handle on what a really useful IoT platform would look like. So far, perhaps not surprisingly, what’s coming out focuses on what the operator does in the RAN to support IoT sensors. Is that all there is, or even the best overall place to focus? I don’t think so. —Tom Nolle @CIMI

Worth Reading: How to get things done

Have you ever come into work, sat down at your computer to begin a project, opened your editor, and then just stared at the screen? This happens to me all the time, so I understand your struggle. —Kate Matsudaira @ACM Queue

Worth Reading: The Microserver, Redux

If there is one rule of computing, is that it gets increasingly more expensive and more difficult to scale up performance within a single device or a single server node. And if there is another rule, it is that companies would rather throw hardware at a problem than rewrite their software. —Timothy Prickett Morgan @The Next Platform

Network Collective: Do You Really Need Good Engineers?