Worth Reading: The Spin Bit

The spin bit and VEC were designed to be a minimal-risk, maximum-utility signal fit for a single purpose: on-path measurement of end-to-end RTT, to generate RTT samples for a variety of passive latency measurement tasks. —Brian Trammell @APNIC

History of Networking: BGP Security

Worth Reading: Pay attention to performance

In some recent design situations, I’ve spent some time looking at routers and firewalls, looking for some fairly hefty performance characteristics. That’s where it became quite clear (if it wasn’t clear enough already), that router and firewall performance costs a lot more, compared to switches. As covered in the previous blog. —Pete Welcher @Netcraftsmen

Worth Reading: The Internet is going the wrong way

Facebook is taking the place of blogs, but doesn’t permit linking, styles. Posts can’t have titles or include podcasts. As a result these essential features are falling into disuse. We’re returning to AOL. Linking, especially is essential. @Scripting News

Research: Bridging the Air Gap

Way back in the old days, the unit I worked at in the US Air Force had a room with a lot of equipment used for processing classified information. Among this equipment was a Zenith Z-250 with an odd sort of keyboard and a very low resolution screen. A fine metal mesh embedded in a semi-clear substrate was glued to the surface of the monitor. This was our TEMPEST rated computer, on which we could type up classified memos, read classified email, and the like. We normally connected it to the STU-3 through a modem (remember those) to send and receive various kinds of classified information.

Elovici, Mordechai Guri, Yuval. “Bridgeware: The Air-Gap Malware.” Accessed May 13, 2018. https://cacm.acm.org/magazines/2018/4/226377-bridgeware/abstract.

The idea of TEMPEST begins way back in 1985, when a Dutch researcher demonstrated “reading” the screen of a computer using some relatively cheap, and easy to assemble, equipment, from several feet away. The paper I’m looking at today provides a good overview of the many ways which have been discovered since this initial demonstration to transfer data from one computer to another across what should be an “air gap.” For instance, the TEMPEST rated computer described Continue reading

Worth Reading: Back to Basics?

We, as the stewards of networking, need to help this process along. We need to spend more time talking about design and theory. We need to dissect protocols and help people understand how to use the tools they have rather than hoping someone will build the best mousetrap ever to solve each piece of a complicated puzzle. We need to teach people to be thinkers and problem solvers. And, yes, that does mean a bit less complaining about things like vendor code quality and VAR behavior. —Tom @The Networking Nerd

Weekend Reads: 051118: New spectre-class vulnerabilities, scraping data, and no middle ground on encryption

A team of security researchers has reportedly discovered a total of eight new “Spectre-class” vulnerabilities in Intel CPUs, which also affect at least a small number of ARM processors and may impact AMD processor architecture as well. Dubbed Spectre-Next Generation, or Spectre-NG, the partial details of the vulnerabilities were first leaked to journalists at German computer magazine Heise, which claims that Intel has classified four of the new vulnerabilities as “high risk” and remaining four as “medium.” —Mohit Kumar @Hacker News

As cities get smarter, their appetite and access to information is also increasing. The rise of data-generating technologies has given government agencies unprecedented opportunities to harness useful, real-time information about citizens. But governments often lack dedicated expertise and resources to collect, analyze, and ultimately turn such data into actionable information, and so have turned to private-sector companies and academic researchers to get at this information. —Joseph Jerome @CDT

Despite this renewed rhetoric, most experts continue to agree that exceptional access, no matter how you implement it, weakens security. The terminology might have changed, but the essential question has not: should technology companies be forced to develop a system that inherently harms their users? The answer hasn’t changed either: Continue reading

You can Fly!

Worth Reading: Why DDoS Won’t Die

Most every organization has been affected by a distributed denial-of-service (DDoS) attack in some way: whether they were hit directly in a traffic-flooding attack, or if they suffered the fallout from one of their partners or suppliers getting victimized. —Kelly Jackson Higgins @Dark Reading

On the ‘net: Is Networking a Commodity?

It seems, based on this, that all businesses care about, in terms of the network, is the ability to move packets. To use a comparison that is often made: It might be “nice” to drive a “nicer car,” but in the end, a car is a car is a car. All that matters in cars is that they get you from point A to point B, wherever those points might be. If all the data a business cares about can be packed up into packets, and all that matters is getting them from point A to point B—wherever those two places might be, then the kind of equipment you use to move packets does not matter. @ECI

Worth Reading: Silver linings and clouds

Clearly, your management has never heard the phrase, “You get what you pay for.” Or perhaps they heard it and didn’t realize it applied to them. The savings in cloud computing comes at the expense of a loss of control over your systems, which is summed up best in the popular nerd sticker that says, “The Cloud is Just Other People’s Computers.” —Kode Vicious @ACM

Worth Reading: Cisco to MicroTik

One of the hardest things to do quickly in network engineering, is learn a new syntax for a NOS. Especially if you have a tight deadline and need to stand up equipment you’ve never worked with before. The command structure for RouterOS can be cumbersome if you are used to the Cisco CLI. —Kevin Myers @Stubarea51

RIPE NCC: The Future of BGP Security

I was recently invited to a webinar for the RIPE NCC about the future of BGP security. The entire series is well worth watching; I was in the final session, which was a panel discussion on where we are now, and where we might go to make BGP security better.

Worth Reading: Is user interface design getting worse?

Few interface designers are indifferent to the needs of the user, but I can’t imagine that there are many for whom that is the first consideration. —Alan Jacobs @The New Atlantis

Worth Reading: Data center interconnect and performance

What factors influence the performance of a high-speed, high-latency data center interconnect? Redundant data centers are common, providing organizations with business continuity. But how far apart is too far for good, reliable application performance? —Terry Slattery @Netcraftsmen

Why is the Feasibility Condition Less Than?

A reader recently emailed me with this question: Why isn’t the condition for a Feasible Successor set to less than (<), rather than less than of equal (<=), in EIGRP? It certainly seems, as noted in the email, that this rules out a lot of possible possible loop free alternate paths. The network below will be used to illustrate.

First, assume all links are cost of 1 except D->C, which is cost of 2. Here D will choose B as the Successor, and the FC will be set to 2. The RD of C will be 1, so C will be an FS. Now consider two failures. The first failure is D->B. D will immediately reroute to the FS, which is C, without changing the FC. This works, because C’s cost to 100::/64 via D is 4, much higher than it’s cost to 100::64 along C->A. Now consider what happens if A->100::/64 fails. If the timing of the query “works right,” C and B will be notified first, then finally D. Even if D is somehow notified before C, and D switches to C as its FS, the traffic is dropped, rather than looped—so all is happy.

Now change the situation a little. Assume the A->C link is cost Continue reading

Worth Reading: The development of the domain name market

If we traveled back in time, we would discover that unauthorized squatting on someone else’s property is an ancient tort, but in cyberspace, it dates from the mid-1990s. Its emergence brought together governments and intellectual property stakeholders to demand a rights protection mechanism devised to deal with this new form of squatting. —Gerald M. Levine @CircleID

Weekend Reads 05042018: It’s time to opt in to security

Start with your business goals and decide which metrics are required to accurately measure the state of these goals. For example, say an ISP wishes to ensure that their subscribers get the best performance possible during peak usage time — this can be monitored by measuring the oversubscription ratio and uplink utilization of the terminating device. The required metrics to do this are the number of connected sessions, ifHCInOctets, ifHCOutOctets, ifHCSpeed of the uplink from the terminating device. —Tim Raphael @APNIC

What is the best threat management system for a business network? It’s a difficult question to answer because threat management isn’t about finding a single solution to every problem; it’s about layering multiple solutions in a way that offers the best protection against a variety of threats. —Diana Shtil @Dark Reading

Tomorrow, the House Judiciary Committee will host what’s likely to be a wide-ranging discussion of how social media companies moderate content, in its hearing on Filtering Practices of Social Media Platforms. While the hearing is sure to include some spectacle and grandstanding, make no mistake: This is a deeply serious issue that deserves thoughtful consideration by policymakers, companies, and users alike. Here are a few key themes we Continue reading

Trinkets

Worth Reading: Focus on stability or speed

Is your organization more like a sailboat or a speedboat? Your answer reveals the assumptions you make about dealing with change. —MaryJo Burchard @opensoure.com