Russ

Author Archives: Russ

Weekend Reads 083118

Portland, Maine—The Electronic Frontier Foundation (EFF) and the ACLU are urging the state’s highest courts in Massachusetts and Maine to rule that law enforcement agents need a warrant to access real-time location information from cell phones, a clear application of a landmark U.S. Supreme Court ruling from June. @EFF

Survey data from Qualia suggests that as DevOps becomes mainstream, both organizational resources and budget allocation tied to measurable business outcomes will be attached to this method of rapid application development. DevOps enables a faster iterative process that drives innovation while doing more with less and increasing efficiency. —Thomas MacIsaac @Data Center Journal

Cobalt Group (aka TEMP.Metastrike), active since at least late 2016, have been suspected in attacks across dozens of countries. The group primarily targets financial organizations, often with the use of ATM malware. Researchers also believe they are responsible for a series of attacks on the SWIFT banking system which costs millions in damages to the impacted entities. @Netscout

At the end of our last post we had just emerged from the Fireswamp only to be captured by the six-fingered man. No, no, that’s not right. We had just caught up to the present, in which the Continue reading

Worth Reading: The BGP hackathon report

The research and operations communities have developed a set of tools and data sources for understanding and experimenting with BGP, and on February 2016 we organized the first BGP Hackathon, themed around live measurement and monitoring of Internet routing. The Hackathon included students, researchers, operators, providers, policymakers, and funding agencies, working together on projects to measure, visualize, and improve routing or the tools we use to study routing. @ACM SIGCOMM

CLKscrew: Another side channel you didn’t know about

Network engineers focus on protocols and software, but somehow all of this work must connect to the hardware on which packets are switched, and data is processed. A big part of the physical side of what networks “do” is power—how it is used, and how it is managed. The availability of power is one of the points driving centralization; power is not universally available at a single price. If cloud is cheaper, it’s probably not because of the infrastructure, but rather because of the power and real estate costs.

A second factor in processing is the amount of heat produced in processing. Data center designers expend a lot of energy in dealing with heat problems. Heat production is directly related to power usage; each increase in power consumption for processing shows up as heat somewhere—heat which must be removed from the equipment and the environment.

It is important, therefore, to optimize power usage. To do this, many processors today have power management interfaces allowing software to control the speed at which a processor runs. For instance, Kevin Myers (who blogs here) posted a recent experiment with pings running while a laptop is plugged in and on battery—

Reply from 2607:f498:4109::867:5309:  Continue reading

Reaction: Centralization Wins

Warning: in this post, I am going to cross a little into philosophy, governance, and other odd subjects. Here there be dragons. Let me begin by setting the stage:

Decentralized systems will continue to lose to centralized systems until there’s a driver requiring decentralization to deliver a clearly superior consumer experience. Unfortunately, that may not happen for quite some time. —Todd Hoff @High Scalability

And the very helpful diagram which accompanies the quote—

The point Todd Hoff, the author makes, is that five years ago he believed the decentralized model would win, in terms of the way the Internet is structured. However, today he doesn’t believe this; centralization is winning. Two points worth considering before jumping into a more general discussion.

First, the decentralized model is almost always the most efficient in almost every respect. It is the model with the lowest signal-to-noise ratio, and the model with the highest gain. The simplest way to explain this is to note the primary costs in a network is the cost of connectivity, and the primary gain is the amount of support connections provide. The distributed model offers the best balance of these two.

Second, what we are generally talking about here Continue reading

Worth Reading: Chasing Shannon’s Limit

In the 1850s, the first submarine cables carrying telegraphic traffic were laid, initially across the English Channel connecting the United Kingdom to the rest of Western Europe. Later, in the 1860s, cables were laid across the Atlantic Ocean connecting North America to Europe reducing communications time from ten days — the time it took a ship to sail across — to minutes, via telegraphic messaging. —Anup Changaroth @APNIC

Weekend Reads 082418

During the 27th Usenix Security Symposium held in Baltimore, MD last week, a group of researchers from China revealed results obtained from a large-scale analysis DNS interceptions. @CircleID

The increasingly distributed nature of computing and the rapid growth in the number of the small connected devices that make up the Internet of Things (IoT) are combining with trends like the rise of silicon-level vulnerabilities highlighted by Spectre, Meltdown, and more recent variants to create an expanding and fluid security landscape that’s difficult for enterprises to navigate. —Jeffrey Burt @The Next Platform

Many online accounts allow you to supplement your password with a second form of identification, which can prevent some prevalent attacks. The second factors you can use to identify yourself include authenticator apps on your phone, which generate codes that change every 30 seconds, and security keys, small pieces of hardware similar in size and shape to USB drives. —Stuart Schechter @Medium

If this is a three-way tension, then it’s clear that we are not equals at the table here. It seems that as users we continually get short-changed when it comes to access to tools and technologies that can allow us to preserve our personal safety and security. Continue reading

Research: Facebook’s Edge Fabric

The Internet has changed dramatically over the last ten years; more than 70% of the traffic over the Internet is now served by ten Autonomous Systems (AS’), causing the physical topology of the Internet to be reshaped into more of a hub-and-spoke design, rather than the more familiar scale-free design (I discussed this in a post over at CircleID in the recent past, and others have discussed this as well). While this reshaping might be seen as a success in delivering video content to most Internet users by shortening the delivery route between the server and the user, the authors of the paper in review today argue this is not enough.

Brandon Schlinker, Hyojeong Kim, Timothy Cui, Ethan Katz-Bassett, Harsha V. Madhyastha, Italo Cunha, James Quinn, Saif Hasan, Petr Lapukhov, and Hongyi Zeng. 2017. Engineering Egress with Edge Fabric: Steering Oceans of Content to the World. In Proceedings of the Conference of the ACM Special Interest Group on Data Communication (SIGCOMM ’17). ACM, New York, NY, USA, 418-431. DOI: https://doi.org/10.1145/3098822.3098853

Why is this not enough? The authors point to two problems in the routing protocol tying the Internet together: BGP. First, they state that BGP is not Continue reading

1 46 47 48 49 50 162