Russ

Author Archives: Russ

Hedge 225: The CCNA

The CCNA has a long history as an important certification for network engineers. While the CCST has been created by Cisco “below” the CCNA, or as a different starting point, many network engineers begin their career with the CCNA. Join Jason Gooley, Wendell Odom, Tom, and Russ as we discuss the most recent updates to the CCNA, the way updates to the program are changing, and Jason’s and Wendell’s updated book on the CCNA.

download

Weekend Reads 050424


Quantum sensing is poised to revolutionize virtually every aspect of our world. Quantum sensing’s distinctive ability to detect magnetic signatures is already aiding in navigation for countless fuel tankers worldwide, providing otherwise unachievable medical scans, and keeping all of our computer clocks in sync.


Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit edge-case vulnerabilities.


A growing number of data center operators and equipment vendors are anticipating the proliferation of direct liquid cooling systems (DLC) over the next few years. As far as projections go, Uptime Institute’s surveys agree: the industry consensus for the mainstream adoption of liquid-cooled IT converges on the latter half of the 2020s.


The recent discovery of a backdoor in XZ Utils (CVE-2024-3094), a data compression utility used by a wide array of various open-source, Linux-based computer applications, underscores the importance of open-source software security.


The IETF has had a long tradition of doing its technical work through a consensus process, taking into account the different views among IETF participants and coming to (at least rough) consensus on technical matters.


This is where Two-Factor Authentication (2FA) steps in as a powerful tool to bolster security. Let’s delve into Continue reading

History of Networking: Updated Links

Someone told me some (or many?) of the links are broken to the History of Networking recordings. I went through the S3 bucket and renamed all the files so there are no spaces (because S3 buckets don’t always work right with spaces), and then checked them all to make certain they work. Along the way I found three or four episodes that were recorded and not on the HoN page, so I added them.

Check out the corrected listing here.

I think I have one more recording that was never edited and published; I will probably put it in the Hedge stream in the next month or two just so it’s out there.

Weekend Reads 042624


The Stanford Institute for Human-Centered Artificial Intelligence (HAI) has issued its seventh annual AI Index Report, which reports a thriving industry facing growing costs, regulations, and public concern.


At a time when no one expected progress on the U.S. federal privacy front, a new discussion draft for a comprehensive consumer privacy bill has emerged with bipartisan and bicameral support.


There is a new way for folks to track and spy on you. A recent article in the MIT Technology Review described how WiFi tracking has become a usable technology.


How would AI help produce victims? ‘Deep fake’ video technology. We previously saw, in ‘Human Impersonation AI Must be Outlawed,’ how extortion videos could target millions of individuals worldwide simultaneously every day.


A few weeks ago, I got a bit miffed reading yet another article that was too dismissive about memory safety, basically being mostly dismissive about the need for change.


Combined heat and power using waste heat recovery is a natural for AI/data centers deserves more consideration. We hope that we have lit that spark.


Larry Sanger remembers the promise of the web. He co-founded Wikipedia in 2001, with the hope that it could sustain a “free and open” Continue reading

Weekend Reads 041924


Huawei has released details of how it manages its own cloud with a dynamic traffic allocation system optimized by machine learning and developed in response to surging demand for its services during the COVID-19 pandemic.


A jury has ordered Amazon Web Services to pay $525 million for infringing distributed data storage patents in a case brought by a technology outfit called Kove IO.


The BBC has just shared another video from its archives, this one showing a report about computer addicts from way back in 1983, when computers were just starting to find their way into the workplace and home.


Microsoft is currently testing a new way to showcase ads on the Windows 11 Start Menu, and it’s meant to encourage users to download more applications.


Google announced on Wednesday it will invest $1 billion in two submarine cables to create new routes between the US and Japan.


While writing about Git, I’ve noticed that a lot of folks struggle with Git’s error messages. I’ve had many years to get used to these error messages so it took me a really long time to understand why folks were confused.


If the prognosticators at IDC are correct, four years from now Continue reading

New Course: Coding Skills for Network Engineers

This Friday, Marlon Bailey and I will be teaching a new four-hour class on coding skills for network engineers over on Safari Books Online through Pearson. From the course description:

Network engineers are increasingly expected to know how to perform basic coding, like building scripts to gather information and build or maintain an automation system. In larger organizations with full-time coders, network engineers are expected to effectively work with coders, on their own turf, to build and maintain network automation systems. All of these tasks require a basic knowledge of the structure and terminology of programming. There are a lot of courses that show you how to build your first program, or how to perform basic tasks using common programming languages—this course is different. This course will help you build a “mental map” of the software development space, gathering ideas and patterns learned across years into a simple-to-understand format. In this course you will learn data structures, program flow control, and—most importantly—how to structure software for efficiency and maintainability over the long haul.

For anyone who doesn’t know Marlon, you can find his LinkedIn profile here.

Register for the class here.

Weekend Reads 041224


Future AMD processors could feature domain-specific accelerators – even some created by third parties, according to senior execs at the chip shop.


We tolerate such things even though we understand these practices usually harm those who willingly engage in them. Consider it one price we pay for relative freedom. But what should we do when these practices destroy the lives of innocent bystanders?


Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else.


The first thing to note about the rumored “Stargate” system that Microsoft is planning to build to support the computational needs of its large language model partner, OpenAI, is that the people doing the talking – reportedly OpenAI chief executive officer Sam Altman – are talking about a datacenter, not a supercomputer


Now we’re going to go much deeper into the layers that relate to the PHY, which is PCS, PMA, and Autonegotiation. First though, let’s review the objectives of 1000BASE-T.


macOS has been gaining the unwanted attention of more and more backdoor operators since late 2023. In February 2024, Bitdefender uncovered RustDoor, which was written in Rust Continue reading

Architecture and Process

Driving through some rural areas east of where I live, I noticed a lot of collections of buildings strung together being used as homes. The process seems to start when someone takes a travel trailer, places it on blocks (a foundation of sorts) and builds a spacious deck just outside the door. Over time, the deck is covered, then screened, then walled, becoming a room.

Once the deck becomes a room, a new deck is built, and the process begins anew. At some point, the occupants decide they need a place to store some sort of equipment, so they build a shed. Later, the shed is connected to the deck, the whole thing becomes an extension of the living space, and a new shed is built.

These … interesting … places to live are homes to the people who live in them. They are often, I assume, even happy homes.

But they are not houses in the proper sense of the word. There is no unifying theme, no thought of how traffic should flow and how people should live. They are a lot like the paths crisscrossing a campus—built where the grass died.

Our networks are like these homes—they are Continue reading

Hedge 221: Energy Aware Protocols

A lot of people are spending time thinking about how to make transport and control plane protocols more energy efficient. Is this effort worth it? What amount of power are we really like to save, and what downside potential is there in changing protocols to save energy? George Michaelson joins us from Australia to discuss energy awareness in protocols.

 

 

download

Hedge 220: The Cost of the Cloud

Cloud services are all the rage right now, but are they worth it? There are many aspects to the question, and the answer is almost always going to be “it depends.” Do you really need to spin up capacity more quickly than you can buy hardware and get it running? Do you really need to be able to spin capacity down without leaving any hardware behind? Is cloud really the best use of your team’s time and talent?

David Heinemeier Hansson joins Tom and Russ to talk about the economics and uses of cloud, and why his company has moved away from public cloud services.

download

On the ‘net: Networking Models

I’m writing a series on network models over at Packet Pushers; links to the first three are below.

Looking back at my career in network engineering, beyond some basic concepts and naming conventions, I cannot remember using the OSI model once. I have used the concept of layering, but never the OSI model specifically.

First, models are not sacrosanct. A model is just a tool. If the model you are using is not working for you, feel free to modify it. I find simpler yet extensible models far more effective than complex models for channeling my thoughts. In the past I have tried building huge models that “put everything in one place,” but they do not work for me.

How does a host differ from a middlebox? Hosts are designed to run applications that create and consume packets rather than quickly forwarding traffic through the network. The primary difference is that the source and destination are not two different ports on the same device but rather a virtual interface representing an application and a physical interface.

Weekend Reads 032224


Highway 9 Networks recently emerged from stealth mode with $25 million in seed funding and a vision to provide enterprise companies with SaaS-based private mobile networks that would eliminate gaps in coverage by incorporating cellular technology.


Hackers’ advantage: One of the biggest security weaknesses in U.S. digital networks and infrastructure is out-of-date, no-longer-supported technology.


Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an unnamed “large company” to connect to their infrastructure.


There are some weighty ironies here. The AI “safety” experts had raised alarm about “implicit bias” in AI, only for Google to release an almost parodically racist chatbot.


Yet another DNS vulnerability has been exposed. The language of the press release revealing the vulnerability is certainly dramatic, with “devasting consequences” and the threat to “completely disable large parts of the worldwide Internet.”


It’s a good rule of nostril that if your litigation department is a source of revenue, your business model stinks.


In his January 12 SpaceX update, Elon Musk said the biggest goal for Starlink from a technical standpoint is to get the mean latency below 20 ms.


In a recent press release, John Deere Continue reading

Hedge 218: Longer than /24’s

Most providers will only accept a /24 or shorter IPv4 route because routers have always had limited amounts of forwarding table space. In fact, many hardware and software IPv4 forwarding implementations are optimized for a /24 or shorter prefix length. Justin Wilson joins Tom Ammon and Russ White to discuss why the DFZ might need to be expanded to longer prefix lengths, and the tradeoffs involved in doing so.

 


 
download

AI Assistants

I have written elsewhere about the danger of AI assistants leading to mediocrity. Humans tend to rely on authority figures rather strongly (see Obedience to Authority by Stanley Milgram as one example), and we often treat “the computer” as an authority figure.

The problem is, of course, Large Language Models—and AI of all kinds—are mostly pattern-matching machines or Chinese Rooms. A pattern-matching machine can be pretty effective at many interesting things, but it will always be, in essence, a summary of “what a lot of people think.” If you choose the right people to summarize, you might get close to the truth. Finding the right people to summarize, however, is beyond the powers of a pattern-matching machine.

Just because many “experts” say the same thing does not mean the thing is true, valid, or useful.

AI assistants can make people more productive, at least in terms of sheer output. Someone using an AI assistant will write more words per minute than someone who is not. Someone using an AI assistant will write more code daily than someone who is not.

But is it just more, or is it better?

Measuring the mediocratic effect of using AI systems, even as Continue reading

Weekend Reads 031524


Of all the problems with electric cars, perhaps the least expected was the revelation that some home charging points provide a potential point of weakness for malign foreign powers to interfere with our National Grid.


More than 8,000 domains and 13,000 subdomains belonging to legitimate brands and institutions have been hijacked as part of a sophisticated distribution architecture for spam proliferation and click monetization.


MWC Qualcomm is going big on AI at MWC, where it’s showing off a 7 billion parameter large language model running on an Android phone, along with an online hub to help mobile devs blend models into their apps, and AI infused into its latest 5G modem and Wi-Fi 7 silicon.


In the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would cover a $700 million claim filed after the devastating NotPetya cyberattack in 2017.


Law enforcement agencies shut down xDedic, a cybercrime-as-a-service (CaaS) marketplace specifically providing web servers to cybercriminals, back in 2019.


Use of the Rust programming language has been on the rise but is only expected to continue to gather steam as more security-focused organizations call for Rust developers Continue reading

1 4 5 6 7 8 164