Russ

Author Archives: Russ

Worth Reading: Updating Surveillance Laws

For decades, Americans have forfeited their privacy rights for a false sense of safety. Broad, sweeping surveillance laws––such as, but certainly not limited to Section 702 of the FISA Amendments Act––have given the federal government carte blanche in the realm of surveillance. Thankfully, a recently introduced bipartisan Senate bill would restore some vital protections to Americans’ privacy. —Dan King @The Federalist

The post Worth Reading: Updating Surveillance Laws appeared first on rule 11 reader.

Worth Reading: Multiple perspectives on technical problems and solutions

So what was this architecture review meeting all about? It was pretty simple, really. It was just a presentation by the engineer(s) looking for feedback on a solution they came up with, and Kellan and I would ask questions. The meeting was open to anyone in the company who wanted to attend. The hope was that many engineers would attend, actually. The intent here was to help the engineers describe their problem as thoroughly as they can, and by asking questions, we could help draw out any tacit assumptions they made in thinking through the problem. In a nutshell: it was a critical-thinking exercise, and we wanted engineers to want to do this, because it was ideally about providing feedback. —John Allspaw @Kitchen Soap

The post Worth Reading: Multiple perspectives on technical problems and solutions appeared first on rule 11 reader.

Worth Reading: Multitasking without Thrashing

Human context switching is more complicated than computer context switching. Whereas the computer context switch replaces a fixed number of bytes in a few CPU registers, the human has to recall what was “on the mind” at the time of the switch and, if the human was interrupted with no opportunity to choose a “clean break,” the human has to reconstruct lost short term memory. —Peter J. Denning @Communications of the ACM

The post Worth Reading: Multitasking without Thrashing appeared first on rule 11 reader.

Worth Reading: The calculus of service availability

The vast majority of software services and systems should aim for almost-perfect reliability rather than perfect reliability—that is, 99.999% or 99.99% rather than 100%—because users cannot tell the difference between a service being 100% available and less than “perfectly” available. There are many other systems in the path between user and service (laptop, home WiFi, ISP, the power grid . . .), and those systems collectively are far less than 100% available. Thus, the marginal difference between 99.99% and 100% gets lost in the noise of other unavailability, and the user receives no benefit from the enormous effort required to add that last fractional percent of availability. Notable exceptions to this rule include antilock brake control systems and pacemakers! —Ben Treynor, Mike Dahlin, Vivek Rau, Betsy Beyer @The Communications of the ACM

The post Worth Reading: The calculus of service availability appeared first on rule 11 reader.

Worth Reading: IoT needs a paradigm shift

Building IoT ventures from scratch by prototyping hardware devices and their backend systems as well as working for a large company that tries to sell IoT devices itself, we learned a lot about the pitfalls and problems concerning security in the IoT. Nearly every connected device out there proved to be vulnerable to attacks. Researchers showed that it’s possible to remotely take control over autonomous vehicles, implanted medical devices were manipulated, voting machines compromised and of course all sorts of other “smart” devices, like door locks, light bulbs, thermostats and the like. In Austria a hotel got threatened by hackers that their guests will be locked out of their rooms, if the hotel doesn’t pay ransom in bitcoins. —Martin Unger @CircleID

The post Worth Reading: IoT needs a paradigm shift appeared first on rule 11 reader.

Worth Reading: ROI is not a cybersecurity concept

In the cybersecurity community, much time is spent trying to speak the language of business, in order to communicate to business leaders our problems. One way we do this is trying to adapt the concept of “return on investment” or “ROI” to explain why they need to spend more money. Stop doing this. It’s nonsense. ROI is a concept pushed by vendors in order to justify why you should pay money for their snake oil security products. Don’t play the vendor’s game. —Robert Graham @Errata Security

The post Worth Reading: ROI is not a cybersecurity concept appeared first on rule 11 reader.

BGP Persistent Oscillation

After Daniel Walton visited the History of Networking at the Network Collective, I went back and poked at BGP permanent route oscillations just to refresh my memory. Since I spent the time, I thought it was worth a post, with some observations. When working with networking problems, it is always wise to begin with a network, so…

For those who are interested, I’m pretty much following RFC3345 in this explanation.

There are two BGP route reflectors here, in two different clusters, labeled A and D. The metric for each link is listed on the links between the RR clients, B, C, and E, and the RRs; the cost of the link between the RRs is 1. A single route, 2001:db8:3e8:100::/64 is being advertised in with an AS path of the same length from three different eBGP peering points, each with a different MED. E is receiving the route with a MED of 0, C with a MED of 1, and B with a MED of 10.

Starting with A, walk through one cycle of the persistent oscillation. At A there are two routes—

edge MED IGP Cost
C    1   4
B    10  5 (BEST)

When A runs the bestpath calculation, Continue reading

Worth Reading: Is it time to build an anti-DDoS alliance?

A functional “anti-DOS alliance” is only feasible if SP”s are ready to commit to specific frugal investments. These ‘ prudent commitments’ will not require millions of dollars in anti-DOS technology. The commitments will require a change of the SP’s attitude and approach to DOS. It moved from a model that “I’m island on my own” mentality to a model where the SP see their business, network, and services as part of a global interconnection system. This interconnected system requires security collaboration to push back against the DOS Storm that threatens their business. We can break this “change of attitude into three actionable changes which will Clear the Path for an SP anti-DOS alliance. —Barry Greene @Senki

The post Worth Reading: Is it time to build an anti-DDoS alliance? appeared first on rule 11 reader.

Worth Reading: Dealing with IPv6 fragmentation in the DNS

It appears that rather than effecting a slight improvement from IPv4, the manner of fragmentation handling in IPv6 appears to be significantly worse than IPv4. Little wonder that there have been calls from time to time to completely dispense with packet fragmentation in IPv6, as the current situation with IPv6 appears to be worse than either no fragmentation or the IPv4-style of fragmentation. —Geoff Huston @ APNIC

The post Worth Reading: Dealing with IPv6 fragmentation in the DNS appeared first on rule 11 reader.

Worth Reading: The rise of info-monopolies

Salil Mehta is a statistician and well-known public intellectual. See his impressive bio. He has been cited in major publications, such as the NYT. But Google closed his email and website (Statistical Ideas) down without notice or explanation. When he submitted an inquiry he got this. “After review, your account is not eligible to be reinstated due to a violation of our Google Terms of Service. We recommend viewing our Google Terms of Service …” —Fabius Maximus

The post Worth Reading: The rise of info-monopolies appeared first on rule 11 reader.

Worth Reading: Hardware and the future of databases

I foresee databases running on two-level stores and three-level stores, but I doubt they will be able to manage four-level stores because it is just too complicated to do the software. But there will be storage hierarchies and exactly what pieces will be in the storage hierarchy is yet to be determined. Main memory will be at the top and disk will be at the bottom, we know that, and there will be stuff in between for general purpose systems. For OLTP systems, there are going to be in main memory, end of story, and companies like VoltDB and MemSQL are main memory SQL engines that are blindingly fast. —Timothy Prickett Morgan @ The Next Platform

The post Worth Reading: Hardware and the future of databases appeared first on rule 11 reader.

Worth Reading: Open core, open perimeter

Today, software development is built around APIs. Instead of embedding a vendor’s product into their application, developers can call an API to consume services from a vendor. The developers don’t need to know what’s responding to their calls on the backend; they simply need to know what the vendor’s API expects from their code and what they can expect to receive back from the API. It is, in many senses, wonderfully non-intimate. —Brian Reale @ Opensource

The post Worth Reading: Open core, open perimeter appeared first on rule 11 reader.

Worth Reading: Detecting network outages with RIPE ATLAS

As much as we dislike it, large-scale Internet outages do happen, sometimes as a result of technical problems or sometimes even politically motivated. We’d like to be notified when these outages occur, ideally in real-time, as they can explain connectivity issues or other Internet phenomena (for instance, events seen at a NOC). They can also potentially be seen as metrics for the health of the Internet. —Anant Shah @ APNIC

The post Worth Reading: Detecting network outages with RIPE ATLAS appeared first on rule 11 reader.

Worth Reading: IPv6, large packets, and DNS

It appears that rather than effecting a slight improvement from IPv4, the manner of fragmentation handling in IPv6 appears to be significantly worse than IPv4. Little wonder that there have been calls from time to time to completely dispense with packet fragmentation in IPv6, as the current situation with IPv6 appears to be worse than either no fragmentation or the IPv4-style of fragmentation. —Geoff Huston @ potaroo

The post Worth Reading: IPv6, large packets, and DNS appeared first on rule 11 reader.

Worth Reading: Testing in Production

There are lots of things you already test in prod—because there’s no other way you can test them. Sure, you can spin up clones of various system components or entire systems, and capture real traffic to replay offline (the gold standard of systems testing). But many systems are too big, complex, and cost-prohibitive to clone. —Cahrity @ Opensource

The post Worth Reading: Testing in Production appeared first on rule 11 reader.

Worth Reading: The changing UX of European Banking

How you see and interact with your online bank accounts is about to change. That’s because Europe is forcing change into the financial market.
Digital transformation is a thing this decade. “Digital disruption,” startups who want to be “the Uber of X” in their industry, and going “mobile first” are not new trends. But the banking industry has been slow to move with the times. —Michael Gardner @ Free Code Camp

The post Worth Reading: The changing UX of European Banking appeared first on rule 11 reader.

Worth Reading: Transitioning to a single root

APNIC is in the process of transitioning from the current Resource Public Key Infrastructure (RPKI) trust anchor arrangement to a new configuration which has been agreed among the RIRs, and announced by the NRO. In this new configuration, each RIR will publish an “all resources” global trust anchor, under which its own regional resources (IP addresses and ASNs) will be certified. —Tom Harrison @ APNIC

The post Worth Reading: Transitioning to a single root appeared first on rule 11 reader.

1 79 80 81 82 83 162