Russ

Author Archives: Russ

Worth Reading: Assessing Cloud Vendors

When it comes to evaluating new vendors, it can be challenging to know how best to communicate the requirements of your vendor assessment process and ultimately select the right partner to help your business move forward — while at the same time avoiding the risk of a third-party security incident. After all, 63 percent of data breaches are linked to third parties in some way. In fact, we all recently learned about how an Equifax vendor was serving up malicious code on their website in a newly discovered security incident. —Nick Sorenson @ the Cloud Security Alliance

‘Net Neutrality Reader

There is a lot of talk about the “end of ‘net neutrality” because of the recent announcements made by the United State Federal Communications Commission (FCC). With so much out there, it is often important to sit down and read a few pieces together to gain a better sense of different sides of the issue, rather than reading one or two articles and considering yourself “well informed.” This post provides a starting point for those interested in pursuing the issue a little more deeply.

The latest episodes in this unfortunate techno-religious proclivity are now emerging. One involves an especially egregious hyperbolic excess of the Internet Wars known as Net Neutrality. The winning internet protocol religious faction, having infused the Washington political system with their Templar Knights in 2009, baked their commandments into the embarrassing December 2010 Report & Order of the FCC as “preserving the free and open internet.” “Today the Commission takes an important step to preserve the Internet as an open platform for innovation, investment, job creation, economic growth, competition, and free expression.” Nevermind that they never actually defined “the Internet.” They simply believed that whatever it was, the FCC as a federal government Continue reading

Holiday Weekend Reads (22nov17)

The coming holiday is cutting my publishing schedule short, but I didn’t want to leave too many interesting stories on the cutting room floor. Hence the weekend read comes early this week, and contains a lot more stuff to keep you busy for those couple of extra days. For the long weekend, I have five on security and one on culture. Enjoy!

This first read is about the US government’s collection and maintenance of security vulnerabilities. This is always a tricky topic; if a government knows about security vulnerabilities, there is at least some chance some “bad actor” will, as well. While the government might want to hoard such knowledge, in order to be more effective at breaking into systems, there is at least some possibility that refusing to release information about the vulnerabilities could lead to them not being fixed, and therefore to various systems being comrpomised, resulting in damage to real lives. The US government appears to be rethinking their use and disclosure of vulnerabilities

There can be no doubt that America faces significant risk to our national security and public safety from cyber threats. During the past 25 years, we have moved much of what we value Continue reading

Worth Reading: A Request for Clarity

The other day I was researching a product for a blog I was writing. After twenty or so minutes on the Web page, I still had no clear idea what the product did or how it worked. Like a fortune teller reading entrails, it was up to me to make sense out of a bloody mess of the marketing grizzle strewn among the bones of “intent” “automation” and “machine learning.” And then I realized that was the point. If, like a fortune, a vendor’s language is broad enough and vague enough, it can. — Drew Conry-Murray @ Packet Pushers

On the ‘net: Three for the week

Because this is a short week, I’m going to combine three places I showed up on other sites recently.

The lessons of trying to prevent failures, rather than live with them, is something I saw this in my time in electronics, as well. World events conspired, at one point, to cause us to push our airfield equipment into operation 24 hours a day, 7 days a week, for a period of about 2 years. For the first 6 months or so, the shop was a very lazy place; we almost took to not coming in to work. We painted a lot of walls, kept the floor really shiny, reorganized all the tools (many times!), and even raised a few shops and sheds at various people’s houses. After this initial stretch, however, the problems started. Every failure turned into a cascading failure, taking many hours to troubleshoot and repair, and many replaced parts along the way. —ECI

I was also featured on the IT Origins series over at Gestalt IT.

A while back yet, but Shawn Zandi and I I also talked to Greg Ferro over at Packet Pushers about white box switching.

Worth Reading: Amazon is the new Microsoft

Microsoft in the Bill Gates era was truly full of itself, pushing competitors around, crushing enemies and occasionally breaking the law as a bevy of anti-trust settlements show. Microsoft was the second most valuable company on Earth after ExxonMobil and seemed to feel it could get away with anything. … Today in the public cloud space Amazon is behaving much like Microsoft did in the 90s. They are hugely dominant with more than 70 percent of the cloud market and growing. According to Gartner Amazon Web Services (AWS) will soon have 80 percent of the public cloud market. — Robert Cringely

Worth Reading: Intel moves into 5G

The Intel XMM 8000-series of 5G-capable modems will bring the next generation of wireless connectivity to PCs, smartphones and infrastructure devices with a target consumer-product launch in mid-2019. Intel INTC, -2.23% also updated plans for a new 4G LTE modem that will offer speeds as high as 1.6 gigabits per second, a substantial upgrade from current connectivity options on smartphones (peaking at 1.0 gigabits per second), again with a 2019 target release. — Ryan Shrout @ Market Watch

Thoughts on Open/R

Since Facebook has released their Open/R routing platform, there has been a lot of chatter around whether or not it will be a commercial success, whether or not every hyperscaler should use the protocol, whether or not this obsoletes everything in routing before this day in history, etc., etc. I will begin with a single point.

If you haven’t found the tradeoffs, you haven’t looked hard enough.

Design is about tradeoffs. Protocol design is no different than any other design. Hence, we should expect that Open/R makes some tradeoffs. I know this might be surprising to some folks, particularly in the crowd that thinks every new routing system is going to be a silver bullet that solved every problem from the past, that the routing singularity has now occurred, etc. I’ve been in the world of routing since the early 1990’s, perhaps a bit before, and there is one thing I know for certain: if you understand the basics, you would understand there is no routing singularity, and there never will be—at least not until someone produces a quantum wave routing protocol.

Ther reality is you always face one of two choices in routing: build a protocol specifically tuned Continue reading

Worth Reading: Infiniband Quantum Leap

InfiniBand and Ethernet are in a game of tug of war and are pushing the bandwidth and price/performance envelopes constantly. But the one thing they cannot do is get too far out ahead of the PCI-Express bus through which network interface cards hook into processors. The 100 Gb/sec links commonly used in Ethernet and InfiniBand server adapters run up against bandwidth ceilings with two ports running on PCI-Express 3.0 slots, and it is safe to say that 200 Gb/sec speeds will really need PCI-Express 4.0 slots to have two ports share a slot. — Timothy Prickett Morgan @ The Next Platform

Worth Reading: Docker Networking

There’s been a lot of talk about container networking in the industry lately (heck, we can’t even stop talking about it). And it’s for a good reason. Containers offer a fantastic way to develop and manage microservices and distributed applications easily and efficiently. In fact, that’s one of the reasons we launched Host Pack — to make container networking even simpler. Between Host Pack and NetQ, you can get fabric-wide connectivity and visibility from server to switch. — Diane Patton @ Cumulus

Weekend Reading: 2017-11-17

There’s an “automation meteor” headed right at us, according to financial adviser and Reformed Broker blogger Josh Brown, who used this troubling “chart o’ the day” from Wharton to show just “how quickly things have changed” over the past decade. And how they’re going to keep on changing. — Sean Langlios @ MarketWatch

Andrew Ng, formerly the head of AI for Chinese search giant Baidu and, before that, creator of Google’s deep-learning Brain project, knows as well as anyone that artificial intelligence is coming for plenty of jobs. And many of us don’t even know it. — Racel Metz @ MIT Technology Review

Cloudflare provides security and domain name services for millions of the most prominent sites on the web. The company has built a solid reputation for its secure encryption and one of the key factors in its system is a wall of 100 lava lamps in the lobby of its San Francisco headquarters. — Rhett Jones @ gizmodo

Worth Reading: Court Overreach with SOPA

Nearly six years ago, Internet user communities rose up and said no to the disastrous SOPA copyright bill. This bill proposed creating a new, quick court order process to compel various Internet services—free speech’s weak links—to help make websites disappear. Today, despite the failure of SOPA, a federal court in Virginia issued just such an order, potentially reaching many different kinds of Internet services. — Mitch Stoltz @ Deep Links

Worth Reading: Anonymous Speech Takes a Hit

First Amendment protections for anonymous speech online were dealt a serious blow earlier today when the United States Court of Appeals for the Ninth Circuit issued its opinion in United States v. Glassdoor. In its opinion, the Court ruled in favor of the US government’s efforts to compel Glassdoor to unmask anonymous reviews of employers by employees posted on the site. The ripple effects of this case for online speakers could be severe, and with the case having been placed under seal from day one, it’s not surprising that the decision reflects a clear lack of understanding of its potential impact from the Court. — Lisa A Hayes @ Center for Democracy and Technology

Worth Reading: Continuous Infrastructure

Continuous delivery (CD) and continuous integration (CI) are two well-known aspects of DevOps. But the CI in vogue today is missing a critical “I:” infrastructure. There was a time when “infrastructure” meant headless black boxes, enormous server rooms, and towering racks—not to mention procurement processes that stretched for months and load estimates that erred on the side of surplus. Then came the virtual machine revolution, which made the infrastructure, well, virtual—and the world has never been the same. We no longer need to manage brick-and-mortar boxes. We can create and destroy, start and stop, upgrade and downgrade machines with just a few clicks. — Girish Managoli @ opensource.com

Worth Reading: Route Leaks

Route leaks are a fact of life on the Internet. According to one ISP’s observations, on any given day of the week, between 10-20% of announcements are actually leaks. Type 6 route leaks can be alleviated in part by technical and/or operational measures. For internal prefixes never meant to be routed on the Internet, one suggestion is to use origin validation to filter leaks, but this requires adoption of RPKI and only deals with two specific types of leak.– Brenden Kuerbis @ CircleID

1 73 74 75 76 77 162