Worth Reading: Application Changes Driving the Cloud?

Maybe you believe in edge computing, or in IoT or AI, or maybe carrier cloud, or all of the above. The main thing is you believe the future requirements for applications and hosting will be different, and so the data centers and servers of the future will be different. The obvious question is what these differences will be, and how might they impact vendors and even software. —Tom Nolle @CIMI

Worth Reading: Apple Pushes Subscriptions

Apple is pushing suppliers/developers to move to subscription models instead of pay up front. Only 15% of purchases are paid leaving the remainder to be in-app purchases or subscriptions. —Greg Ferro @Packet Pushers

Network Collective: Breaking Things

Worth Reading: Passive observations of a large DNS service

Due to the centralization that is caused by public DNS services, large content delivery networks (CDNs), such as Akamai, are no longer able to rely on the source IP of DNS queries to pinpoint their customers. Therefore, they are also no longer able to provide geobased redirection appropriate for that IP. —Wouter de Vries @APNIC

Worth Reading: Waht to consider when Leasing Dark Fiber

Leasing, “lighting” and operating a dark-fiber network is a major undertaking that requires a well-trained technical staff. The next few paragraphs review important factors, especially fiber-optic attributes, to keep in mind when planning to lease dark fiber. —Jabulani Dhliwayo @Data Center Journal

Reaction: Centralization Wins

Warning: in this post, I am going to cross a little into philosophy, governance, and other odd subjects. Here there be dragons. Let me begin by setting the stage:

Decentralized systems will continue to lose to centralized systems until there’s a driver requiring decentralization to deliver a clearly superior consumer experience. Unfortunately, that may not happen for quite some time. —Todd Hoff @High Scalability

And the very helpful diagram which accompanies the quote—

The point Todd Hoff, the author makes, is that five years ago he believed the decentralized model would win, in terms of the way the Internet is structured. However, today he doesn’t believe this; centralization is winning. Two points worth considering before jumping into a more general discussion.

First, the decentralized model is almost always the most efficient in almost every respect. It is the model with the lowest signal-to-noise ratio, and the model with the highest gain. The simplest way to explain this is to note the primary costs in a network is the cost of connectivity, and the primary gain is the amount of support connections provide. The distributed model offers the best balance of these two.

Second, what we are generally talking about here Continue reading

Worth Reading: Chasing Shannon’s Limit

In the 1850s, the first submarine cables carrying telegraphic traffic were laid, initially across the English Channel connecting the United Kingdom to the rest of Western Europe. Later, in the 1860s, cables were laid across the Atlantic Ocean connecting North America to Europe reducing communications time from ten days — the time it took a ship to sail across — to minutes, via telegraphic messaging. —Anup Changaroth @APNIC

Inner Belfry

Weekend Reads 082418

During the 27th Usenix Security Symposium held in Baltimore, MD last week, a group of researchers from China revealed results obtained from a large-scale analysis DNS interceptions. @CircleID

The increasingly distributed nature of computing and the rapid growth in the number of the small connected devices that make up the Internet of Things (IoT) are combining with trends like the rise of silicon-level vulnerabilities highlighted by Spectre, Meltdown, and more recent variants to create an expanding and fluid security landscape that’s difficult for enterprises to navigate. —Jeffrey Burt @The Next Platform

Many online accounts allow you to supplement your password with a second form of identification, which can prevent some prevalent attacks. The second factors you can use to identify yourself include authenticator apps on your phone, which generate codes that change every 30 seconds, and security keys, small pieces of hardware similar in size and shape to USB drives. —Stuart Schechter @Medium

If this is a three-way tension, then it’s clear that we are not equals at the table here. It seems that as users we continually get short-changed when it comes to access to tools and technologies that can allow us to preserve our personal safety and security. Continue reading

Worth Reading: Threat Deception and Insiders

Illusive Networks CEO Ofer Israeli reveals how distributed deception technology can be as effective against insider threats as it is against outsiders, since it thwarts the lateral movement common to both. —Ofer Israeli @Dark Reading

Research: Facebook’s Edge Fabric

The Internet has changed dramatically over the last ten years; more than 70% of the traffic over the Internet is now served by ten Autonomous Systems (AS’), causing the physical topology of the Internet to be reshaped into more of a hub-and-spoke design, rather than the more familiar scale-free design (I discussed this in a post over at CircleID in the recent past, and others have discussed this as well). While this reshaping might be seen as a success in delivering video content to most Internet users by shortening the delivery route between the server and the user, the authors of the paper in review today argue this is not enough.

Brandon Schlinker, Hyojeong Kim, Timothy Cui, Ethan Katz-Bassett, Harsha V. Madhyastha, Italo Cunha, James Quinn, Saif Hasan, Petr Lapukhov, and Hongyi Zeng. 2017. Engineering Egress with Edge Fabric: Steering Oceans of Content to the World. In Proceedings of the Conference of the ACM Special Interest Group on Data Communication (SIGCOMM ’17). ACM, New York, NY, USA, 418-431. DOI: https://doi.org/10.1145/3098822.3098853

Why is this not enough? The authors point to two problems in the routing protocol tying the Internet together: BGP. First, they state that BGP is not Continue reading

Worth Reading: Active Third-Party Content

It isn’t just seedy websites putting browsers at risk anymore: A new report out today shows how the state of the Web today has been rocked by the increasingly toxic combination of dynamic content and the use of third-party data sources to serve up that active content. —Ericka Chickowski @Dark Reading

Worth Reading: Hanging up on Mobile in the Name of Security

An entrepreneur and virtual currency investor is suing AT&T for $224 million, claiming the wireless provider was negligent when it failed to prevent thieves from hijacking his mobile account and stealing millions of dollars in cryptocurrencies. @Krebs on Security

Worth Reading: Sunrise DNS over TLS

Currently, DoT and DNSSEC are complementary: they serve two different purposes (privacy and origin authenticity respectively), and thereby overcome each other’s limitations and weaknesses. This said, DoT could realistically become a viable replacement for DNSSEC. —Willem Toorop @APNIC

Worth Reading: Practice Hours

Often times musicians have “sacred” practice hours. They don’t do it for an artist, band, or for anyone other than themselves. It’s their time to sit down and focus on a technique, song that they want to learn, or whatever their heart desires. —Stephanie Winn Provence @Free Code Camp

History of Networking: Ross Callon on MPLS

Worth Reading: Active-Active Data Centers

Any enterprise running a high-availability application must answer the following fundamental question: How do we create a resilient application architecture when the underlying communications infrastructure may be unreliable? —Terry Slattery @Netcraftsmen

Worth Reading: Modern Babel in Network Coding

Automation is great. I happen to love coding and have been working with various API’s, getting some small but real problems solved. One of the factors I’m acutely aware of is right-sizing what I tackle. —Pete Welcher @Netcraftsmen

Reaction: Nerd Knobs and Open Source in Network Software

This is an interesting take on where we are in the data networking world—

Tech is commoditizing, meaning that vendors in the space are losing feature differentiation. That happens for a number of reasons, the most obvious of which is that you run out of useful features. Other reasons include the difficulty in making less-obvious features matter to buyers, lack of insight by vendors into what’s useful to start off with, and difficulty in getting media access for any story that’s not a promise of total revolution. Whatever the reason, or combination of reasons, it’s getting harder for network vendors to promote features they offer as the reasons to buy their stuff. What’s left, obviously, is price. —Tom Nolle @CIMI

There are things here I agree with, and things I don’t agree with.

Tech is commoditizing. I’ve talked about this before; I think networking is commoditizing at the device level, and the days of appliance based networking are behind us. But are networks themselves a commodity? Not any more than any other system.

We are running out of useful features, so vendors are losing feature differentiation. This one is going to take a little longer… When I first started in Continue reading

Worth Reading: GitOps

You’ve written a new web application and would like it to be added to your organization’s web load balancer. The load balancer is complex; its configuration is maintained by highly trained experts on the network operations team. You file a ticket with the team, wait, wait, wait, have a discussion with the experts, wait, wait, wait, and finally your request is completed. Your application is now available, assuming they got it right on the first try. —Thomas A. Limoncelli @ACM