Weekend Reads 061518: A 51% attack materializes

In recent days the nightmare scenario for any cryptocurrency is playing out for Bitcoin Gold, as an attacker has taken control of its blockchain and proceeded to defraud cryptocurrency exchanges. All the Bitcoin Gold in circulation is valued at $786 million, according to data provider Coinmarketcap. Blockchains are designed to be decentralized but when an individual or group acting in concert controls the majority of a blockchain’s processing power, they can tamper with transactions and pave the way for fraud. This is known as a 51% attack.—Joon Ian Wong @Quartz

We have also discovered a new stage 3 module that injects malicious content into web traffic as it passes through a network device. At the time of our initial posting, we did not have all of the information regarding the suspected stage 3 modules. The new module allows the actor to deliver exploits to endpoints via a man-in-the-middle capability (e.g. they can intercept network traffic and inject malicious code into it without the user’s knowledge). With this new finding, we can confirm that the threat goes beyond what the actor could do on the network device itself, and extends the threat into the networks that a compromised network Continue reading

Seated at the Foot

Worth Reading: IPv6 Tables

iptables is a popular utility that allows system administrators to configure tables provided by the Linux kernel firewall and the chains and rules it stores. It is the most common and widely used Linux firewall for IPv4 traffic and it has a version called ip6tables, which is used for IPv6 traffic. Both versions need to be configured separately. —Imtiaz Rahman @APNIC

History of Networking: The History of Email (part 1)

In this episode of the History of Networking, we sit with Steve Crocker to discuss the history of email. This was a long session, so we split it up into two episodes; the next episode should be published next week.

Worth Reading: Advances in IPv6 Network Reconnaissance

During the recent TROOPERS18 conference in Heidelberg, Germany, and the subsequent x33fcon conference in Gdynia, Poland, I presented some findings from an IPv6 network reconnaissance project I’ve been working on, along with a number of tools that have been recently incorporated into the SI6 Networks’ IPv6 Toolkit that I maintain. —Fernando Gont @APNIC

Worth Reading: Defeating AMD’s SEV

German security researchers claim to have found a new practical attack against virtual machines (VMs) protected using AMD’s Secure Encrypted Virtualization (SEV) technology that could allow attackers to recover plaintext memory data from guest VMs. —Mohit Kumar @The Hacker News

On the ‘net: Clarifying Disaggregation

Software Defined Networks (SDNs), Network Function Virtualization (NFV), white box, and large-scale fabrics built out of small fixed configuration devices are all trends that seem to be “top of mind” right now in the network engineering world. While these four trends appear to be completely different ideas, they are closely related through a single concept: disaggregation. This article will consider the meaning of disaggregation, and then how this single concept applies to the four previously noted movements. @SearchSDN

Worth Reading: Work-life Balance

“This work-life harmony thing is what I try to teach young employees and actually senior executives at Amazon too. But especially the people coming in,” he said. “I get asked about work-life balance all the time. And my view is, that’s a debilitating phrase because it implies there’s a strict trade-off.” —Kari Paul @Marketwatch

Worth Reading: Kata Containers

Intel has been working on the Clear Containers Project for some time to address security concerns within containers through Intel Virtualization Technology (Intel VT). This essentially offers the capability to launch containers as lightweight virtual machines (VMs), providing an alternative runtime, which is interoperable with popular container environments such as Kubernetes and Docker. —Swapnil Kulkarni @opensourcefouru

Short Take: Practical Career Advice

One problem I’ve heard in the past is that much of the career advice given in the networking world is not practical. In this short take, I take this problem on, explaining why it might be more practical than it initially seems.

Worth Reading: The old switcharoo

The cost of servers keeps going up and up, thanks in large part to memory, flash, and GPU prices rising as too much demand chases too little supply and also due in part to the rising cost of processors. So the server market is booming. And guess who is actually paying for it? Network vendors, who are being ground down like sacks of wheat in the massive granite grist mill of intense competition. —Timothy Prickett Morgan @The Next Platform

Worth Reading: On the essence of foundations

One cannot employ the same “laser focus” building techniques in an unknown area as one would on a city lot. While the prospecting may not be obviously applicable to building the house, it’s essential in remote areas. Finding pitfalls and potential issues for a building site can save hundreds of thousands of dollars later. Finding mineral deposits can bring enormous unexpected wealth. @The Math Citadel

Worth Reading: A high profile outage riles traders

Our technology has become so advanced that markets are never hit by glitches, right? Not at all. The London Stock Exchange’s one-hour delay to its open on Thursday is only the latest high-profile malfunction to rile up traders. —Victor Reklaitis @Marketwatch

At Cisco Live!

The Network Collective crew—Jordan, Eyvonne, and I—will be at Cisco Live this week. You can normally find me hanging around the certifications or social media lounge, or just walking around the floor talking to folks. I’m presenting at the CCDE techtorial on Sunday.

Weekend Reads 060818

Migrating to IPv6 will make you ready for the next stage of the Internet. I was the principal network design engineer and member of the project team for deploying native IPv6 for all residential home users at Vodafone New Zealand two years ago. As an outcome of that project, IPv6 has been deployed for about 80% of residential home Internet users now. —Mansour Ganji @APNIC

After being embroiled into controversies over its data sharing practices, it turns out that Facebook had granted inappropriate access to its users’ data to more than 60 device makers, including Amazon, Apple, Microsoft, Blackberry, and Samsung. —Swati Khandelwal @The Hacker News

Over the past few years, researchers have started to choreograph vulnerability announcements to make a big press splash. Clever names — the e-mail vulnerability is called “Efail” — websites, and cute logos are now common. Key reporters are given advance information about the vulnerabilities. Sometimes advance teasers are released. Vendors are now part of this process, trying to announce their patches at the same time the vulnerabilities are announced. —Bruce Schneier

Yes, there are habits of highly effective cyber-criminals use to be successful! We can leverage the knowledge of these habits to better prepare, Continue reading

Ancient and Modern

Worth Reading: Distraction free reading

The problem with reading in a browser window is that it’s full of distractions. Elements like navigation tools, headers and footers, ads, link boxes, and more can slow your reading and cause frustration. —Scott Nesbitt @opensource.com

Worth Reading: The world’s first cyberattack

The world’s first national data network was constructed in France during the 1790s. It was a mechanical telegraph system, consisting of chains of towers, each of which had a system of movable wooden arms on top. —Tom Standage @1843

Worth Reading: A new report on defending against botnets

On May 11, 2017, the President issued Executive Order (EO) 13800, “Strengthening the Cybersecurity ofFederal Networks and Critical Infrastructure,” calling for “resilience against botnets and otherautomated, distributed threats.”1 The President directed the Secretary of Commerce and the Secretaryof Homeland Security to “lead an open and transparent process to identify and promote action byappropriate stakeholders” with the goal of “dramatically reducing threats perpetrated by automatedand distributed attacks (e.g., botnets).”

On the ‘web: Two Kinds of Design

Information technology design often follows a common sort of process. First you gather the business requirements. While you do your best to gather all the requirements, you know you will miss some, so you assume the project in hand will change over time. As such, you build some “slop” into the schedule and scaling numbers to account for possible changes, based on prior experience. @ECI