Worth Reading: NAT66

Network Address Translation (NAT) and Network Address Port Translation (NAPT) are technologies many people have a strong opinion about. —Marco Cilloni @APNIC

Weekends Reads 020218: GDPR, taxes, and security

The regulatory environment for brands and retailers that do business online is getting stricter thanks to regulatory changes in Europe with the General Data Protection Regulation (GDPR), as well as existing regulations in th ompanies that adapt quickly can turn these changes into a competitive advantage. —Christopher Rence @CircleID

Europe’s General Data Protection Regulation (GDPR) will come into effect in May 2018, and with it, a new set of tough penalties for companies that fail to adequately protect the personal data of European users. Amongst those affected are domain name registries and registrars, who are required by ICANN, the global domain name authority, to list the personal information of domain name registrants in publicly-accessible WHOIS directories. ICANN and European registrars have clashed over this long-standing contractual requirement, which does not comply [PDF] with European data protection law. —Jeremy Malcom @EFF

Security is always changing and failure always exists. This toxic scenario requires a fresh perspective on how we think about operational security. We must understand that we are often the primary cause of our own security flaws. The industry typically looks at cybersecurity and failure in isolation or as separate matters. We believe that our lack of insight and operational Continue reading

Live Training at Safari Books: How the Internet Really Works

I will be teaching my first live training course at Safari Books Online on the 9th of March, starting at noon ET: How the Internet Really Works. It’s hard to describe the level and background for this training, as it will be all over the place; this is a bit of an experiment in this realm. The course description is—

This live training will provide an overview of the systems, providers, and standards bodies important to the operation of the global Internet, including the Domain Name System (DNS), the routing and transport systems, standards bodies, and registrars. For DNS, the process of a query will be considered in some detail, who pays for each server used in the resolution process, and tools engineers can use to interact DNS. For routing and transport, the role of each kind of provider will be considered, along with how they make money to cover their costs, and how engineers can interact with the global routing table (the Default Free Zone, of DFZ). Finally, registrars and standards bodies will be considered, including their organizational structure, how they generate revenue, and how to find their standards.

You can find more information here.

Parrot Tire

Worth Reading: IPv6 Adoption Challenges

With the growing number of devices connected to the Internet—such as smart cars, smart homes and even smart cities—and with the pool of available IPv4 addresses quickly running out, space has become a more important issue than ever. —Marc Spindel @The Data Center Journal

Worth Reading: Networking with Intent

As servers and then storage appliances became increasingly virtualized and disaggregated over the past 15 years or so, the network stubbornly stuck with the appliance model, closed and proprietary. — Jeffrey Burt @The Next Platform

Rehashing Certifications

While at Cisco Live in Barcelona this week, I had a chat with someone—I don’t remember who—about certifications. The main point that came out of the conversation was this:

One of the big dangers with chasing a certification is you will end up chasing knowledge about using a particular vendor feature set, rather than chasing knowledge about a technology.

At some point I’m going to edit a post a video short on engineering versus meta-engineering (no, it won’t be next week), but the danger is real. For instance, in an article I’ve had in my bookmarks pile for a long while, the author says—

My boss advised me that getting my WPCE (WordPerfect Certified Resource) cert would accomplish two things: 1. It would establish my credibility as a trainer; and 2. If I didn’t know a feature before the test, I sure as heck would afterward.

I’m not going to name the author, because this is his description of thinking through a certification many years ago, rather than his current thinking on certifications—but the example is telling. I know a lot of folks studying for certifications. They mostly spend their time labbing up various protocols and… features. The temptation to Continue reading

Worth Reading: Addressing 2017

Let’s see what has changed in the past 12 months in addressing the Internet and look at how IP address allocation information can inform us of the changing nature of the network itself. —Geoff Huston @APNIC

Is Networking Becoming a Commodity?

Worth Reading: TCP Congestion Signatures

Congestion in the Internet is an age-old problem. With the rise of broadband networks, it had been implicitly accepted that congestion is most likely to occur in the ‘last mile’, that is, the broadband link between the ISP and the home customer. This is due to service plans or technical factors that limit the bandwidth in the last mile. —Srikanth Sundaresan @APNIC

Giving the Monkey a Smaller Club

Over at the ACM blog, there is a terrific article about software design that has direct application to network design and architecture.

The problem is that once you give a monkey a club, he is going to hit you with it if you try to take it away from him.

What do monkeys and clubs have to do with software or network design? The primary point of interaction is security. The club you intend to make your network operator’s life easier is also a club an attacker can use to break into your network, or damage its operation. Clubs are just that way. If you think of the collection of tools as not just tools, but also as an attack surface, you can immediately see the correlation between the available tools and the attack surface. One way to increase security is to reduce the attack surface, and one way to reduce the attack surface is tools, reduce the number of tools—or the club.

The best way to reduce the attack surface of a piece of software is to remove any unnecessary code.

Consider this: the components of any network are actually made up of code. So to translate this to Continue reading

Worth Reading: Ruru

With the increasing number of real-time applications (online games using virtual reality, multi-site financial transaction processing) and the radically new business models and use cases introduced by the 5G mobile architecture (robotics, tactile Internet) requiring interactive back-and-forth communication, user-perceived end-to-end latency is becoming an all-important factor for both users and network providers. —Richard Cziva @APNIC

Worth Reading: A constructive guide to upskilling

For years now, I’ve spent a lot of time trying to figure out the best way to go about investing in myself. —Diane Mawer @Web Designer Depot

Learning to Ask Questions

A lot of folks ask me about learning theory—they don’t have the time for it, or they don’t understand why they should. This video is in answer to that question.

Worth Reading: GDPR meets whois

Many ICANN stakeholders are concerned that access to the public WHOIS database could change [because of GDPR]. —Jerry Malcom @EFF

Weekend Reads 012618: Mostly Security and Legal Stuff

Before we begin, its worth mentioning that yes, yesssssssssssssssssssss, I did not have enough protection around my Gmail account. I’ve used Google Authenticator before, for my personal account and for various work emails, but I stopped using it at a certain point out of convenience. —Cody Brow @Medium

This report assesses the impact disclosure of data breaches has on the total returns and volatility of the affected companies’ stock, with a focus on the results relative to the performance of the firms’ peer industries, as represented through selected indices rather than the market as a whole. financial performance is considered over a range of dates from 3 days post-breach through 6 months post-breach, in order to provide a longer-term perspective on the impact of the breach announcement. —Russell Lange & Eric W. Burger @Journal of Information Privacy and Security

If it were not for the insatiable bandwidth needs of the twenty major hyperscalers and cloud builders, it is safe to say that the innovation necessary to get Ethernet switching and routing up to 200 Gb/sec or 400 Gb/sec might not have been done at the fast pace that the industry as been able to pull off. —Timothy Prickett Morgan @The Continue reading

Blue Ridge Mountains

Worth Reading: Quantum Computing and Cryptography

All encryption is based on substitution, from simple schemes we did as kids to complex non-repeating patterns based on a long numerical key. Modern encryption systems construct these keys using a combination of private and public keys with mathematical one-way functions. —Jonathan Homa @ECI

One Weird Trick

I’m often asked what the trick is to become a smarter person—there are many answers, of course, which I mention in this video. But there is “one weird trick” many people don’t think about, which I focus on here.

Worth Reading: Real Time Wide-Area TCP Latency Monitoring

With the increasing number of real-time applications and the radically new business models and use cases introduced by the 5G mobile architecture requiring interactive back-and-forth communication, user-perceived end-to-end latency is becoming an all-important factor for both users and network providers. —Richard Cziva @APNIC