Worth Reading: A deep dive into STARTTLS everywhere

Unlike PGP and S/MIME, STARTTLS provides hop-to-hop encryption (TLS for email), not end-to-end. Without requiring configuration on the end-user’s part, a mailserver with STARTTLS support can protect email from passive network eavesdroppers. —Syndey Li @EFF

Worth Reading: How the Hippies Destroyed the Internet

Today’s Internet, with its techno-utopian culture,a connects with the 1960s counterculture movement. —Moshe Y. Vardi @CACM

Community Roundtable: MPLS Part 2

In this community roundtable over at the Network Collective, Jordan, Eyvonne, Nick, and I discuss some interesting use cases for MPLS. This is part of our ongoing series about protocols.

Remember to check out Network Collective memberships!

Worth Reading: Hyperledger

…there are a number of challenges to the widespread use of permissioned distributed ledger technologies (DLT). Key among them are problems associated with the lack of standards, the regulatory challenges and the lack of knowledge about DLT. @OpenSource

Weekend Reads 062918

The Internet and related digital systems that the United States did so much to create have effectuated and symbolized US military, economic, and cultural power for decades. The question raised by this essay is whether these systems, like the Roman Empire’s roads, will come to be seen as a platform that accelerated US decline. @The Hoover Institute

Article 13 reverses one of the key legal doctrines that allowed the Internet to thrive: the idea that computer networks are not “publishers” and are therefore not liable for the actions or statements of their users. This means that you can sue an individual user for libel or copyright infringement, but not the e-mail service or bulletin board or social media platform on which he did it. This immunity made it possible for computer networks to open a floodgate of content produced by independent individuals, without requiring service providers to serve as editors or moderators. —Robert Tracinski @The Federalist

The U.S. Supreme Court today ruled that the government needs to obtain a court-ordered warrant to gather location data on mobile device users. The decision is a major development for privacy rights, but experts say it may have limited bearing on the selling Continue reading

Looking Up

Worth Reading: The value of IT Analytics

Information technology operations analytics (ITOA) has emerged as a valuable practice that enables tech managers to increase efficiency. It uses data-science principles to perform pattern discovery, correlation, anomaly detection and root-cause analysis against data collected from underlying infrastructure and applications. —David Ishmael @The Data Center Journal

Worth Reading: A successor to OpenFlow?

Using OpenFlow, SDN was supposed to deliver a programmable interface to the network, thereby enabling real-time network control and innovation. In reality, it achieved only a fraction of what was promised. —Hayim Porat @ECI

Worth Reading: The power of hyperscale

The growth of cloud-IT adoption continues unabated. Today’s landscape of cloud providers is dominated by a small handful of companies based in the U.S. and China that deploy company-owned hyperscale data centers. For the foreseeable future, these few will account for much of the growth in the cloud-IT market as many businesses decide to give up owning their own data centers and move their applications to cloud platforms. —Marc Cram @The Data Center Journal

Chatting with Rachel Traylor about Math at CHINOG

Chatting with Eman Conde at CHINOG about Certifications

Worth Reading: A closer look at the IP Header

The IP identification field of the IP header (IP-ID) was introduced with RFC 791 in the early ’80s, to assist network-layer fragmentation and reassembly processes. —Flavia Salutari @APNIC

Worth Reading: Vulnerabilities are Guaranteed

The long years of experience have taught me through experience, hardware & software vulnerabilities are guaranteed. It is not a matter of “if” but when. —Barry Green

On the ‘web: Considerations in Network Complexity

One of my articles was published in the most recent Internet Protocol Journal:

Computer networks are complex—and getting more complex by the day. At one time, knowing the Internet Protocol (IP) was enough; today there are underlays, overlays, virtualized services, service chains, and a host of other technologies engineers need to plan around and for. With complexity on the rise, maybe it’s time to ask some fundamental questions, such as—what does complexity mean? Can complexity be solved? How can engineers manage complexity? @The Internet Protocol Journal

If you don’t subscribe to or read IPJ, you should—it’s a great source of information written by industry leaders and thinkers.

Worth Reading: Another 10 years later

The evolutionary path of any technology can often take strange and unanticipated turns and twists. At some points simplicity and minimalism can be replaced by complexity and ornamentation, while at other times a dramatic cut-through exposes the core concepts of the technology and removes layers of superfluous additions. —Geoff Huston

Worth Reading: Arista runs Barefoot

Hull says that the Broadcom chips have roughly the same level of programmability as the XPliant chips, although the manner in which it is implemented in a combination of microcode and firmware is different. —Timothy Prickett Morgan @The Next Platform

History of Networking: Email part 2

This is the second part of our chat with Dave Crocker about the fascinating history of email.

Remember to come by the Network Collective home page to find all the great video content we have been working on, and check out our membership options for even more content and to become a part of our awesome community of network engineers.

Worth Reading: SDN is dead

Feathers have been ruffled on several occasions over the last few years by someone publicly claiming that, “SDN is Dead!” This has inevitably been protested by leading communications service providers, rebutting that this cannot be true, because they are indeed deploying SDN solutions. —Jonathan Homa @ECI

Weekend Reads 062218: Bitcoin and Security Flaws

But, as with all new technology, security risks can be found beneath the hype. Indeed, threat actors are finding new targets amid the rise of blockchain as they serve up social-engineering attacks, malware, and exploits to businesses and consumers, according to a recently published report by McAfee’s Advanced Threat Research Team. —Kelly Sheridan @Dark Reading

After last Thursday’s regulatory news that bitcoin and ether were not considered securities, which was widely considered a win for crypto enthusiasts, digital currencies had failed to hold on to gains, a sign the bear market is firmly intact. However, investors were hoping Monday’s move above the post-SEC-statement high will be the start of a more fruitful period for digital currency owners. —Aaron Hankin @MarketWatch

Dubbed Lazy FP State Restore, the vulnerability (CVE-2018-3665) within Intel Core and Xeon processors has just been confirmed by Intel, and vendors are now rushing to roll out security updates in order to fix the flaw and keep their customers protected. The company has not yet released technical details about the vulnerability, but since the vulnerability resides in the CPU, the flaw affects all devices running Intel Core-based microprocessors regardless of the installed operating systems, except some modern versions of Continue reading

Road by the Mountain