Russ

Author Archives: Russ

Weekend Reads 041224


Future AMD processors could feature domain-specific accelerators – even some created by third parties, according to senior execs at the chip shop.


We tolerate such things even though we understand these practices usually harm those who willingly engage in them. Consider it one price we pay for relative freedom. But what should we do when these practices destroy the lives of innocent bystanders?


Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else.


The first thing to note about the rumored “Stargate” system that Microsoft is planning to build to support the computational needs of its large language model partner, OpenAI, is that the people doing the talking – reportedly OpenAI chief executive officer Sam Altman – are talking about a datacenter, not a supercomputer


Now we’re going to go much deeper into the layers that relate to the PHY, which is PCS, PMA, and Autonegotiation. First though, let’s review the objectives of 1000BASE-T.


macOS has been gaining the unwanted attention of more and more backdoor operators since late 2023. In February 2024, Bitdefender uncovered RustDoor, which was written in Rust Continue reading

Architecture and Process

Driving through some rural areas east of where I live, I noticed a lot of collections of buildings strung together being used as homes. The process seems to start when someone takes a travel trailer, places it on blocks (a foundation of sorts) and builds a spacious deck just outside the door. Over time, the deck is covered, then screened, then walled, becoming a room.

Once the deck becomes a room, a new deck is built, and the process begins anew. At some point, the occupants decide they need a place to store some sort of equipment, so they build a shed. Later, the shed is connected to the deck, the whole thing becomes an extension of the living space, and a new shed is built.

These … interesting … places to live are homes to the people who live in them. They are often, I assume, even happy homes.

But they are not houses in the proper sense of the word. There is no unifying theme, no thought of how traffic should flow and how people should live. They are a lot like the paths crisscrossing a campus—built where the grass died.

Our networks are like these homes—they are Continue reading

Hedge 221: Energy Aware Protocols

A lot of people are spending time thinking about how to make transport and control plane protocols more energy efficient. Is this effort worth it? What amount of power are we really like to save, and what downside potential is there in changing protocols to save energy? George Michaelson joins us from Australia to discuss energy awareness in protocols.

 

 

download

Hedge 220: The Cost of the Cloud

Cloud services are all the rage right now, but are they worth it? There are many aspects to the question, and the answer is almost always going to be “it depends.” Do you really need to spin up capacity more quickly than you can buy hardware and get it running? Do you really need to be able to spin capacity down without leaving any hardware behind? Is cloud really the best use of your team’s time and talent?

David Heinemeier Hansson joins Tom and Russ to talk about the economics and uses of cloud, and why his company has moved away from public cloud services.

download

On the ‘net: Networking Models

I’m writing a series on network models over at Packet Pushers; links to the first three are below.

Looking back at my career in network engineering, beyond some basic concepts and naming conventions, I cannot remember using the OSI model once. I have used the concept of layering, but never the OSI model specifically.

First, models are not sacrosanct. A model is just a tool. If the model you are using is not working for you, feel free to modify it. I find simpler yet extensible models far more effective than complex models for channeling my thoughts. In the past I have tried building huge models that “put everything in one place,” but they do not work for me.

How does a host differ from a middlebox? Hosts are designed to run applications that create and consume packets rather than quickly forwarding traffic through the network. The primary difference is that the source and destination are not two different ports on the same device but rather a virtual interface representing an application and a physical interface.

Weekend Reads 032224


Highway 9 Networks recently emerged from stealth mode with $25 million in seed funding and a vision to provide enterprise companies with SaaS-based private mobile networks that would eliminate gaps in coverage by incorporating cellular technology.


Hackers’ advantage: One of the biggest security weaknesses in U.S. digital networks and infrastructure is out-of-date, no-longer-supported technology.


Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an unnamed “large company” to connect to their infrastructure.


There are some weighty ironies here. The AI “safety” experts had raised alarm about “implicit bias” in AI, only for Google to release an almost parodically racist chatbot.


Yet another DNS vulnerability has been exposed. The language of the press release revealing the vulnerability is certainly dramatic, with “devasting consequences” and the threat to “completely disable large parts of the worldwide Internet.”


It’s a good rule of nostril that if your litigation department is a source of revenue, your business model stinks.


In his January 12 SpaceX update, Elon Musk said the biggest goal for Starlink from a technical standpoint is to get the mean latency below 20 ms.


In a recent press release, John Deere Continue reading

Hedge 218: Longer than /24’s

Most providers will only accept a /24 or shorter IPv4 route because routers have always had limited amounts of forwarding table space. In fact, many hardware and software IPv4 forwarding implementations are optimized for a /24 or shorter prefix length. Justin Wilson joins Tom Ammon and Russ White to discuss why the DFZ might need to be expanded to longer prefix lengths, and the tradeoffs involved in doing so.

 


 
download

AI Assistants

I have written elsewhere about the danger of AI assistants leading to mediocrity. Humans tend to rely on authority figures rather strongly (see Obedience to Authority by Stanley Milgram as one example), and we often treat “the computer” as an authority figure.

The problem is, of course, Large Language Models—and AI of all kinds—are mostly pattern-matching machines or Chinese Rooms. A pattern-matching machine can be pretty effective at many interesting things, but it will always be, in essence, a summary of “what a lot of people think.” If you choose the right people to summarize, you might get close to the truth. Finding the right people to summarize, however, is beyond the powers of a pattern-matching machine.

Just because many “experts” say the same thing does not mean the thing is true, valid, or useful.

AI assistants can make people more productive, at least in terms of sheer output. Someone using an AI assistant will write more words per minute than someone who is not. Someone using an AI assistant will write more code daily than someone who is not.

But is it just more, or is it better?

Measuring the mediocratic effect of using AI systems, even as Continue reading

Weekend Reads 031524


Of all the problems with electric cars, perhaps the least expected was the revelation that some home charging points provide a potential point of weakness for malign foreign powers to interfere with our National Grid.


More than 8,000 domains and 13,000 subdomains belonging to legitimate brands and institutions have been hijacked as part of a sophisticated distribution architecture for spam proliferation and click monetization.


MWC Qualcomm is going big on AI at MWC, where it’s showing off a 7 billion parameter large language model running on an Android phone, along with an online hub to help mobile devs blend models into their apps, and AI infused into its latest 5G modem and Wi-Fi 7 silicon.


In the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would cover a $700 million claim filed after the devastating NotPetya cyberattack in 2017.


Law enforcement agencies shut down xDedic, a cybercrime-as-a-service (CaaS) marketplace specifically providing web servers to cybercriminals, back in 2019.


Use of the Rust programming language has been on the rise but is only expected to continue to gather steam as more security-focused organizations call for Rust developers Continue reading

Hedge 216: Automation Success Stories

One thing we often hear about automation is that its hard because there are so many different interfaces. On this episode of the Hedge, Daniel Teycheney joins Ethan Banks and Russ White to discuss how they started from a simple idea and ended up building an automation system that does cross vendor boundaries within a larger discussion about automation and APIs.

download

Weekend Reads 040124


Exclusive Dell’s “return to office” mandate has left employees confused about which offices they can use and the future of their jobs – and concerned the initiative is a stealth layoff program that will disproportionately harm women at the IT giant.


FDC Pat Gelsinger wants to make Intel the world’s second largest chip manufacturer by 2030, and that means serving businesses the x86 giant has traditionally seen as competitors.


Intel revealed a new road map at its Intel Foundry Services (IFS) Direct event that will take the company into 2027. Itメs an extension of the road map Intel laid out nearly three years ago, shortly after Intelメs CEO Pat Gelsinger took the reins of the company.


It is not known who pilfered the information nor their motives, but this leak provides a first-of-its-kind look at the internal operations of a state-affiliated hacking contractor.


Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the threat of a practical quantum computer.


Juniper Networks, currently in the process of being acquired by HPE, has been accused of violating US securities laws in a shareholder Continue reading

Hedge 215: Old Engineering Quotes

Reading people from the past can sometimes show us where today’s blind spots are–but sometimes we can just find the blind spots of the people who lived then. In this episode of the Hedge, Tom, Eyvonne, and Russ finish going through a selection of quotes from an engineering book published in 1911. This time, we find there are some things to agree with, but also some to disagree with.

Weekend Reads 022334


The European Court of Human Rights (ECHR) has ruled that laws requiring crippled encryption and extensive data retention violate the European Convention on Human Rights – a decision that may derail European data surveillance legislation known as Chat Control.


The Electric Power Research Institute (EPRI) says that “better than 80% of all electronic system failures that are attributed to power anomalies are actually the result of electrical wiring or grounding errors or are generated by other loads within the customer’s facility.”


With research making considerable progress in designing quantum computers, it is time to consider the scenario that usable quantum computing will become a reality in the future. In this post, we discuss the testbed that we are setting up to empirically evaluate the impact of quantum-safe cryptography algorithms on DNSSEC.


Late last year, Congress extended Section 702 of the Foreign Intelligence Surveillance Act (FISA) and, in doing so, secured the nation’s warrantless surveillance powers until April 2024. With that month fast approaching, House Republicans have unveiled a new package to reauthorize those same powers, within limits.


Google has announced that it’s open-sourcing Magika, an artificial intelligence (AI)-powered tool to identify file types, to help defenders accurately detect binary Continue reading

Hedge 214: Hardware Offloading

Network operators increasingly rely on generic hosts, rather than specialized routers (appliances) to forward traffic. Much of the performance on hosts relies on offloading packets switching and processing to specialized hardware on the network interface card. In this episode of the Hedge, Krzysztof Wróbel and Maciej Rabęda join Russ and Tom to talk about hardware offloading.

download

You can find out more about hardware offloading here.

Weekend Reads 021624


This year, I’ve had the opportunity to work alongside some of the highest- performing individuals in our profession. I’ve taken that opportunity to observe their work, look for patterns, and to try to identify the attributes that contribute to their success, not only as technologists but as humans.


OpenAI CEO Sam Altman’s dream of establishing a network of chip factories to fuel the growth of AI may be much, much wilder than feared.


Advanced persistent threat (APT) groups are more dangerous than your run-of-the-mill cybercriminals. They, after all, trail their sights not only on financial gain but loftier targets such as wreaking havoc on entire nations.


In this episode of PING, APNIC’s Chief Scientist Geoff Huston discusses the role of the Domain Name System (DNS) in directing where your applications connect to, and where content comes from.


As you awoke one morning from uneasy dreams you found yourself transformed in your bed into a software engineer. A calamity that I find all too familiar.


Whether you want to land a new job or make your contributions count, effective communication goes a long way.


At the beginning of the year, I wrote a bit about the resolution to “stay human” in Continue reading

Hedge 213: Batfish with Ratul Mahajan

Network configuration analysis has always been the domain of commercial-grade software. Batfish changes all that with an open source, community-supported tool that can find errors and guarantees the correctness of planned or current network configurations. Ratul Mahajan joins Tom Ammon and Russ White to talk about this new tool, its capabilities, and the importance of network configuration analysis.
 

 
download
 
You can find out more about Batfish at the project home page, and in this paper by Ratul.

Weekend Reads 020924


Artificial intelligence and the chips that fuel its evolution have given rise to a new arms race between the US and China.


Alongside concerning recent security news, there has been a media-wide rise of references to ‘credential stuffing’. This is a term that doesn’t convey very much, but as it’s the accepted term inside the infosec community, it’s probably here to stay.


In October, the Consumer Financial Protection Bureau (CFPB) proposed a set of rules that if implemented would transform how financial institutions handle personal data about their customers.


In a far cry from the early 2000s, most U.S. adults today say they use the internet (95%), have a smartphone (90%) or subscribe to high-speed internet at home (80%), according to a Pew Research Center survey conducted May 19 to Sept. 5, 2023.


Cloudflare was a victim of the wide-ranging Okta supply-chain campaign last fall, with a data breach impacting its Atlassian Bitbucket, Confluence, and Jira platforms beginning on Thanksgiving Day.


Honeypots are usually used as an intrusion detection tool. Many security researchers, including Computer Security Incident Response Teams (CSIRTS), deploy honeypots, to learn about tools, tactics, and the attacker’s infrastructure.


AWS could rake in between $400 million and Continue reading

Hedge 212: Shift Left? w/Chris Romeo

How many times have you heard you should “shift left” in the last few years? What does “shift left” even mean? Even if it had meaning once, does it still have any meaning today? Should we abandon the concept, or just the term? Listen in as Chris Romeo joins Tom Ammon and Russ White to talk about the origin, meaning, and modern uselessness of the term “shift left.”
 

 
download

1 4 5 6 7 8 163