The Humble API

Network Engineering and coding, like many other things in the information technology world, share overlapping concepts—even if we don’t often recognize the overlap because we are too busy making up new names to describe the same thing. For this week’s video, I turn my attention to the Application Programming Interface, or the API.

Worth Reading: Workshop on Internet Economics

Merry Christmas 2017

I won’t be publishing anything here from the 25th through the 29th, so the next post here will be next year, in 2018.

Weekend Reads 122217

Because this is the last “weekend reads” of the year, I’m supersizing it, and including a few articles at the end on culture I found interesting. The majority of the other stories relate to security, as always.

San Diego, Calif., Dec. 12, 2017 — Computer scientists have built and successfully tested a tool designed to detect when websites are hacked by monitoring the activity of email accounts associated with them. The researchers were surprised to find that almost 1 percent of the websites they tested had suffered a data breach during their 18-month study period, regardless of how big the companies’ reach and audience are. “No one is above this—companies or nation states— it’s going to happen; it’s just a question of when,” said Alex C. Snoeren, the paper’s senior author and a professor of computer science at the Jacobs School of Engineering at the University of California San Diego. —UC San Diego

GPS has become such an ingrained part of our culture that many of us don’t even think about it anymore. If you want to go check out a new restaurant but don’t know where it is, search for it in Google Maps. Want to map your Continue reading

Worth Reading: The Russian Alternate Internet

Actually practical and not necessarily a problem. The Security Council of the Russian Federation, headed by Vladimir Putin, has ordered the “government to develop an independent internet infrastructure for BRICS nations, which would continue to work in the event of global internet malfunctions.” (RT, the Russian government-funded news service.) RT believes “this system would be used by countries of the BRICS bloc — Brazil, Russia, India, China and South Africa.” —Dave Burstein @ CircleID

Worth Reading: Opening the Gate to Quantum

In a major step toward making a quantum computer using everyday materials, a team led by researchers at Princeton University has constructed a key piece of silicon hardware capable of controlling quantum behavior between two electrons with extremely high precision. The study was published Dec. 7 in the journal Science. —Catherine Zandonella @ Princeton

On the ‘net: BGP Peering at the Network Collective

In this Community Roundtable episode, returning guests Russ White and Nick Russo start our three part deep dive into the Border Gateway Protocol, or BGP, with a look at terminology, how peer relationships form, the differences between internal and external BGP, and scaling techniques.

Worth Reading: Asynchronous Decision Making

Asynchronous decision-making is a strategy that enables geographically and culturally distributed software teams to make decisions more efficiently. In this article, I’ll discuss some of the principles and tools that make this approach possible. Synchronous decision-making, in which participants interact with each other in real time, can be expensive for people who work on a Maker’s Schedule, and they are often impractical for remote teams. We’ve all seen how such meetings can devolve into inefficient time wasters that we all dread and avoid. —Bertrand Delacretaz @ Open Source

Worth Reading: Google and Latency

If you want to build infrastructure that scales larger than a single image of a server and an operating system, you have no choice but to network together multiple machines. And so, the network becomes a kind of hyper backplane between compute elements and, in many cases, also a kind of virtual peripheral bus for things like disk and flash storage. From the outside, a warehouse-scale computer, as Google has been calling them for nearly a decade, is meant to look and behave like one machine even if it most certainly is not. —Timothy Prickett Morgan @ The Next Platform

On the ‘net: Just Two Switches?

Deploying two switches provided by a vendor seems, on the surface, to be a very simple solution. The vendor’s solution is going to provide a strong suite of vertically integrated solutions, such as layer 2 overlays and link aggregation. There will only be two devices to manage, as well, which (probably) means less chance for having more than one version of code, one set of CLI commands to master. In fact, there is likely a vendor based solution at this scale that can be reduced to a “GUI and a wizard”—a simple to automate, vendor driven architecture that will reduce costs by removing the need for engineers, which can be replaced with a few administrators and the occasional visit from a consultant or vendor representative. —Search Networking

Worth Reading: Excel == Project Failure

Excel is comfortable. It’s our go-to software for scheduling employee time, resources for a project, lists and any other data we think needs “organization.” Chances are you already have a subscription to MS Office, you’re (at least somewhat) familiar with the interface and your customization is virtually endless. You may even have templates from past projects, so starting something new is as simple as hitting “Save As” and deleting old data. Reliable and familiar? Yes. But is it the best solution? —William Cornfield @ The Data Center Journal

Worth Reading: Big Software Failure

Why would anyone undertake a multi-year software project today? Or upgrade an in-house-hosted legacy application? Or build—or use—anything that behaved like a monolithic software application? Big software project failure data is legendary.11 There are myriad horror stories with titles like “9 VERY Scary ERP and ERP System Implementation Statistics.”12 The Standish Group actually labels their annual technology project analyses as “Chaos Reports.”14 They reported that 66% of all technology projects completely or partially failed in 2015. —Stephen J. Andriole @ The ACM

Worth Reading: Chaos Engineering

Chaos engineering is, therefore, embracing the potential for failure and looking at it as an opportunity to become a more flexible, adaptable team with more flexible, adaptable architecture. And by accepting that you’ll have failure, you can control the failure and get to know your system — and by extension the team building it — better. —Jennifer Riggins @ The New Stack

Worth Reading: The Largest Deal in Tech history

Private equity firm Silver Lake Partners has an appetite for tech, and securing funding for Dell to take itself private and then go out and buy EMC and VMware is now going to take a backseat in terms of deal size – and in potential ripple effects in the datacenter – now that chip giant Broadcom is making an unsolicited bid, backed by Silver Lake, to take over often-times chip rival Qualcomm. —Timothy Prickett Morgan @ The Next Platform

Do We Really Need a New BGP?

From time to time, I run across (yet another) article about why BGP is so bad, and how it needs to be replaced. This one, for instance, is a recent example.

It seems the easiest way to solvet this problem is finding new people—ones who don’t make mistakes—to work on BGP configuration, building IRR databases, and deciding what should be included in BGP? Ivan points out how hopeless of a situation this is going to be, however. As Ivan says, you cannot solve people problems with technology. You can hint in the right direction, and you can try to make things a little more sane, and a little less complex, but people cannot be fixed with technology. Given we cannot fix the people problem, would replacing BGP itself really help? Is there anything we could do to make things better?

To understand the answer to these questions, it is important to tear down a major misconception about BGP. The misconception?

BGP is a routing protocol.

BGP was not designed to be a routing protocol. It was designed to provide a loop free path through a series of independently operated networks, each with its own policy and business goals. In the Continue reading

Falco joins SONiC

One of the key components of our vision for LinkedIn’s global infrastructure is to ultimately build a programmable data center fabric on top of an open network operating system. While scaling our data centers out, we want to control the complexity of the data center fabric by moving toward an automated, self-defined, and purpose-built, application-centric network that operates on its own. —LinkedIn Engineering Blog

Worth Reading: MEC the Future

If there’s anything our industry is good at, it’s creating ever new hype cycles and continuing to fall into the same traps of overestimating what they can do for mankind as a whole, or at least for network operators. And now comes MEC… Multi-access Edge Computing, formerly known as Mobile Edge Computing, and it’s all the rave. To be honest, it’s been around for a while. Up till now it was mostly tied to mobile, in general and 5G specifically, but according to some people it has such potential that it was worth being renamed (keeping the same acronym) and rolled into the topologies of networks of all kinds. So why the hype, and is it real this time? —Andreas Hegers @ ECI

Weekend Reads 121517

Crooks who make and deploy ATM skimmers are constantly engaged in a cat-and-mouse game with financial institutions, which deploy a variety of technological measures designed to defeat skimming devices. The latest innovation aimed at tipping the scales in favor of skimmer thieves is a small, battery powered device that provides crooks a digital readout indicating whether an ATM likely includes digital anti-skimming technology. —Krebs on Security

Not long ago, phishing attacks were fairly easy for the average Internet user to spot: Full of grammatical and spelling errors, and linking to phony bank or email logins at unencrypted (http:// vs. https://) Web pages. Increasingly, however, phishers are upping their game, polishing their copy and hosting scam pages over https:// connections — complete with the green lock icon in the browser address bar to make the fake sites appear more legitimate. —Krebs on Security

As the European Union General Data Protection Regulations (GDPR) looms, a privacy stripping email setting continues in widespread use around the world. It threatens sensitive communications that containing personally-identifiable information, intellectual property, financial information, and your most intimate photos. —Free Code Camp

This week, the Supreme Court will hear a case with profound implications on your security and Continue reading

Hummingbird

Worth Reading: Deployment Strategies

Let’s talk about deployments. This topic used to be considered an uninteresting implementation detail, but is now becoming a fundamental element for modern systems. I feel like everyone understand its importance, and is working to build solutions around it, but we are missing some structure and definition. People use different terms for same meanings, or same terms for different meanings. This leads to other people reinventing the wheel trying to solve their problems. We need a common understanding of this topic in order to build better tools, make better decisions, and simplify communication with each other. —Itay Shakury