Russ

Author Archives: Russ

Worth Reading: Connecting Nepal

In 1997, we finally got the Internet in Nepal. Unfortunately, it was only available in the capital, Kathmandu, which is very far from my village of Nangi. But almost immediately, I started thinking of ways we could get Nangi online. I was already familiar with the Internet from studying in the United States, and I had a lot of ideas about how being online could improve life in Nangi. —The Internet Society

The post Worth Reading: Connecting Nepal appeared first on rule 11 reader.

The 40 hour work week

Before 1900 the average American worker worked more than 60 hours a week. A standard schedule was ten-hour days, six days a week. The only structural limits to working were lighting and religion. You stopped working when it was too dark to see or to go to church. It was exhausting. It was often fatal. —Collaborative Fund

The 40 hour work week is foremost a result of the physical limits of the human body—but we often fail to take into account the mental limits, as well. Why was working for more than 40 hours a week on a railroad dangerous? It was not just because people were physically tired, but also because they were mentally tired. The resulting discussion among coders has been rampant and widespread (see, for instance, here).

First, the focus on time and the length of the work week may be a little misdirected. We are still a world focused on physical presence as a proxy for accomplishing work. I know a lot of companies prefer to have people in the office—ironically, this is a big deal with most of the companies in the world that aim to bring networks, and network based services, to the masses. Continue reading

Worth Reading: pbgpp

pbgpp allows network operators to apply a wide range of filters, either on network layer (src IP, dst IP), but foremost BGP fields — for example, prefix, communities, or next hop. Filters are applied in two steps, improving analysis performance. Before parsing the BGP-specific fields in the captured packet, lower-layer packet header field filters (IP or MAC source or destination) are applied. Thus, we do not parse all packets, but only the matching ones. BGP-specific filters are applied subsequently after parsing. —APNIC

The post Worth Reading: pbgpp appeared first on rule 11 reader.

Worth Reading: Good Samaritans with network visibility

In a big open office 30 feet from me, a team of US Veterans speak intently on the phone to businesses large and small, issuing urgent warnings of specific cyber security threats. They call to get stubborn, confused people to take down hidden ransomware distribution sites. They call with bad news that a specific computer at the business has malware that steals login credentials. They call with good news — you can beat the bad guys this time by not sending the money — minutes before an email arrives to the business with fraudulent wire transfer instructions. —CircleID

The post Worth Reading: Good Samaritans with network visibility appeared first on rule 11 reader.

OneLogin and Password Managers

An interesting incident this last week brings password managers back to the front of the pile—

OneLogin, an online service that lets users manage logins to sites and apps from a single platform, says it has suffered a security breach in which customer data was compromised, including the ability to decrypt encrypted data. —Krebs on Security

I used to use LastPass, but moved off of their product/service when LogMeIn bought them—my previous encounters with LogMeIn have all been negative, and I have no intention of using their service again in any form. During that move, I decided it was important to make another decision about the tradeoff between an online (cloud based) password manager, or one that keeps information in a local file. The key problem with cloud based services of this kind are they paint a huge target onto your passwords. The counter argument is that such cloud based services are more likely to protect your passwords than you are, because they focus their time and energy on doing so.

First lesson: moving to a cloud based application does not mean moving to a situation where the cloud provider actually knows what you are storing, nor how to access Continue reading

Open Networking for Large-Scale Networks

Shawn Zandi and I recently recorded a new webinar for Ivan over at ipspace.net around open source and disaggregated networking. If you have ever wanted to find out about these topics, this webinar is a great place to start in understanding what options are available, and how easy/hard it is to get this kind of thing running.

The webinar is available here.

The post Open Networking for Large-Scale Networks appeared first on rule 11 reader.

Worth Reading: WannaCry and Vulnerabilities

All software contains bugs or errors in the code. Some of these bugs have security implications, granting an attacker unauthorized access to or control of a computer. These vulnerabilities are rampant in the software we all use. A piece of software as large and complex as Microsoft Windows will contain hundreds of them, maybe more. These vulnerabilities have obvious criminal uses that can be neutralized if patched. Modern software is patched all the time — either on a fixed schedule, such as once a month with Microsoft, or whenever required, as with the Chrome browser. —Schneier on Security

The post Worth Reading: WannaCry and Vulnerabilities appeared first on rule 11 reader.

Ethereum: The “Next New Internet?”

According to this article, we now have a new Internet being developed: Ethereum (thanks to Chase Mitchell, one of my regular readers, for pointing this new development out). In fact, it’s called “web 3.0,” in a bid to become “The Next New Internet.” Given I tend to be a little concerned about the future of the Internet, I thought I’d look into this new one a bit to discover what it’s all about… Pardon the length of the ensuing investigation.

To begin to understand Ethereum, you have to understand block chainsbecause Ethereum is a type of block chain. To understand block chains, you must begin with the hash. A has is a simple concept that is actually quite difficult to implement in a useful way: a hash takes any a string of numbers of any size and returns a fixed length number, or hash, that (more or less) uniquely represents the original string. The simple to implement part is this—one rather naive hash is it simply add the numbers in a set of numbers until you reach a single digit, calling the result the hash. For instance…

23523
2 + 3 + 5 + 2 + 3 ==  Continue reading

Worth Reading: Tainted Leaks

This report describes an extensive Russia-linked phishing and disinformation campaign. It provides evidence of how documents stolen from a prominent journalist and critic of Russia was tampered with and then “leaked” to achieve specific propaganda aims. We name this technique “tainted leaks.” The report illustrates how the twin strategies of phishing and tainted leaks are sometimes used in combination to infiltrate civil society targets, and to seed mistrust and disinformation. It also illustrates how domestic considerations, specifically concerns about regime security, can motivate espionage operations, particularly those targeting civil society. —Citizen Lab

The post Worth Reading: Tainted Leaks appeared first on rule 11 reader.

Worth Reading: Bill would surveil Americans for life

The bill requires sharing of private student data among various federal agencies, including the U.S. Department of Education’s Office of Federal Student Aid, the Department of Treasury, the Department of Defense, the Department of Veterans Affairs, the Social Security Administration, and the Bureau of the Census (this is a non-exclusive list). So an individual’s personally identifiable student-loan data can be linked to his tax information and his military information and his Social Security records and everything the census knows about him, which if he filled out the long form is pretty much everything about his life. There are no limits on the purposes for which this data-matching can take place. The only limits will exist in bureaucrats’ imagination. —The Federalist

The post Worth Reading: Bill would surveil Americans for life appeared first on rule 11 reader.

Worth Reading: We are all groot

If you venture forth on becoming a programmer after reaching any kind of reasonable adulthood — i.e., gotten through college, survived the military, worked a “real” job or two — you’re used to feeling reasonably successful. Which is one of the perks of being a so-called grownup. Starting new at the very bottom of a new major life area with zero knowledge or experience is something we all did at some point — when you think about it, that is pretty much what childhood is all about. But your typical kid has lots of energy, no mortgage/rent or car payments to worry about, and — most importantly — is developmentally wired to learn a whole bunch of stuff all at once with their nice fresh, flexible brain. —Free Code Camp

The post Worth Reading: We are all groot appeared first on rule 11 reader.

Worth Reading: Nosy neighbors and cloud privacy

You get your run-of-the-mill noisy neighbours – the ones who occasionally have friends round and play music a little too loud until a little too late. And then in the UK at least you get what we used to call “Asbos,” named after the Anti-Social Behaviour Orders that were introduced to try and curb deliberate disturbances of the peace. The same thing happens on the public cloud. You have accidental interference from neighbouring processes, and then you have your cloud ASBOs – which make deliberate attacks on neighbouring processes. —the morning paper

The post Worth Reading: Nosy neighbors and cloud privacy appeared first on rule 11 reader.

Open19: A New Step for Data Centers

While most network engineers do not spend a lot of time thinking about environmentals, like power and cooling, physical space problems are actually one of the major hurdles to building truly large scale data centers. Consider this: a typical 1ru rack mount router weighs in at around 30 pounds, including the power supplies. Centralizing rack power, and removing the sheet metal, can probably reduce this by about 25% (if not more). By extension, centralizing power and removing the sheet metal from an entire data center’s worth of equipment could reduce the weight on the floor by about 10-15%—or rather, allow about 10-15% more equipment to be stacked into the same physical space. Cooling, cabling, and other considerations are similar—even paying for the sheet metal around each box to be formed and shipped adds costs.

What about blade mount systems? Most of these are designed for rather specialized environments, or they are designed for a single vendor’s blades. In the routing space, most of these solutions are actually chassis based systems, which are fraught with problems in large scale data center buildouts. The solution? Some form of open, foundation based standard that can be used by all vendors to build equipment Continue reading

1 87 88 89 90 91 162