Worth Reading: QoS Marking is an Application Problem

I was so delighted to hear someone finally realized how to handle QoS properly: the responsibility lies with the applications on the host; the network should just provide what it was asked to do, not try to reverse-engineer application intent based on TCP/UDP port numbers or haruspicy. —IPSpace

The post Worth Reading: QoS Marking is an Application Problem appeared first on 'net work.

Distributed Denial of Service Open Threat Signaling (DOTS)

When the inevitable 2AM call happens—”our network is under attack”—what do you do? After running through the OODA loop (1, 2, 3, 4), used communities to distribute the attack as much as possible, mitigated the attack where possible, and now you realist there little you can do locally. What now? You need to wander out on the ‘net and try to figure out how to stop this thing. You could try to use flowspec, but many providers do not like to support flowspec, because it directly impacts the forwarding performance of their edge boxes. Further, flowspec, used in this situation, doesn’t really work to walk the attack back to its source; the provider’s network is still impact by the DDoS attack.

This is where DOTS comes in. There are four components of DOTS, as shown below (taken directly from the relevant draft)—

The best place to start is with the attack target—that’s you, at 6AM, after trying to chase this thing down for a few hours, panicked because the office is about to open, and your network is still down. Within your network there would also be a DOTS client; this would be a small piece of software running Continue reading

Worth Reading: A Guide to Private VPN Services

Many readers are understandably concerned about recent moves by the U.S. Congress that would roll back privacy rules barring broadband Internet service providers (ISPs) from sharing or selling customer browsing history, among other personal data. Some are concerned enough by this development that they’re looking at obfuscating all of their online browsing by paying for a subscription to a virtual private networking (VPN) service. This piece is intended to serve as a guidepost for those contemplating such a move. —Krebs on Security

The post Worth Reading: A Guide to Private VPN Services appeared first on 'net work.

Worth Reading: Is Enterprise Networking Lost in the Cloud?

In the end, only a combination of private, public and hybrid networking can deliver the levels of reliability, security, scalability and flexibility that today’s enterprises require. Traditional private WANs are simply too slow, inflexible and expensive for the multitude of cloud-based applications. Typically, the data center becomes the central gateway for security, Internet breakout and data exchange. —Data Center Journal

The post Worth Reading: Is Enterprise Networking Lost in the Cloud? appeared first on 'net work.

Garden Gate

The post Garden Gate appeared first on 'net work.

Worth Reading: The Story of an RFC about Alternative Networks

During IETF 89 in March 2014, the first meeting of the Global Access to the Internet for All (GAIA) Working Group drew members from academia, industry, and the breadth of nongovernmental organisations interested in providing universal Internet access for a wider community—all of whom were eager to help in bridging the digital divide. The outcomes of that first meeting can be summarized by three types of challenges: geographic, motivated by the need to connect rural and remote areas; technological, given the need for a common set of technologies that enable a better utilization of scarce resources; and socioeconomic, based on the need to study affordability models for disconnected people. —The IETF Journal

The post Worth Reading: The Story of an RFC about Alternative Networks appeared first on 'net work.

Worth Reading: It’s Personal

Meeting people we’ve talked about, directly or not, brings a poignant perspective to creating content for a wide audience. It’s personal. Somebody made a decision to create the product that way. Some group of humans worked on that standard. Real people decided on that process. Is it appropriate to cast those people in a negative light and share that opinion with an audience? Sometimes…yes, at times even crucially necessary, if unfortunate. Sometimes…maybe not. Sometimes it’s okay to shut up. To show restraint. To chain the snark monster. —Ethan Banks

The post Worth Reading: It’s Personal appeared first on 'net work.

Worth Reading: Is Adobe plotting the end of web designers?

Adobe is one of the most well-known software companies whose tools are used by numerous web designers. Many reading this article likely use or have used Adobe at some point in their careers. That’s why it’s not without irony that Adobe is now dabbling in a hush-hush project that seeks to automate many of the tasks that designers regularly do as part of their jobs. —Web Designer Depot

The post Worth Reading: Is Adobe plotting the end of web designers? appeared first on 'net work.

Worth Reading: How Many Books?

Ever wonder how many books you’ll have read by the time you die? We may never know the answer to that question, but we might be able to guess how many we have remaining. A recent article in Quartz highlights just that in two fascinating graphs. Based on the number of books the average American reads every year (12), the charts show estimates of the number of books men and women can expect to have left in their reading careers. —Intellectual Takeout

The post Worth Reading: How Many Books? appeared first on 'net work.

Worth Reading: Pervasive, Dynamic Authentication Of Things

Authentication of physical items is an age-old problem. Common approaches include the use of bar codes, QR codes, holograms, and RFID tags. Traditional RFID tags and bar codes use a public identifier as a means of authenticating. A public identifier, however, is static: it is the same each time when queried and can be easily copied by an adversary. Holograms can also be viewed as public identifiers: a knowledgable verifier knows all the attributes to inspect visually. It is difficult to make hologram-based authentication pervasive; a casual verifier does not know all the attributes to look for. Further, to achieve pervasive authentication, it is useful for the authentication modality to be easy to integrate with modern electronic devices (for example, mobile smartphones) and to be easy for non-experts to use. —ACM

The post Worth Reading: Pervasive, Dynamic Authentication Of Things appeared first on 'net work.

Worth Reading: Odds are in Favor of Quantum Encryption

No kinds of organizations have tighter security than the average casino. After all, the house always wins, and it wants to keep those winnings. A recent Wired article, however, explains how a team of Russian hackers managed to beat a lot of casinos worldwide. They did so by exploiting inherent flaws in the pseudo-random number generators (PRNG) that are integral parts of randomizing every spin of a slot machine. Even if you don’t care about wealthy casino bosses losing money, you still need to be concerned about the drawbacks to using PRNGs because slots aren’t the only things that are vulnerable. Most of the world’s encryption is also based on pseudo-random numbers. —Cloud Security Alliance

The post Worth Reading: Odds are in Favor of Quantum Encryption appeared first on 'net work.

Reaction: The Future is…

This week, I ran across two posts that follow down a path I’ve gone down before—but it is well worth bringing this point up again. Once more into the breach. Tom, over at the Networking Nerd, has this to say on the topic of the future of network engineering—

The syntaxes that power these new APIs aren’t the copyrighted CLIs that networking professionals spend their waking hours memorizing in excruciating detail. JUNOS and Cisco’s “standard” CLI are as much relics of the past as CatOS. At least, that’s the refrain that comes from both sides of the discussion. The traditional networking professionals hold tight to the access methods they have experience with and can tune like a fine instrument. More progressive networkers argue that standardizing around programming languages is the way to go. Why learn a propriety access method when Python can do it for you?

The point Tom makes is this: programming is not the future of network engineering. But, but… there is so much pressure, and so many people saying “if you do not know how to program, you are going to be out of a job in five years.” I think there are negative and positive Continue reading

Worth Reading: Frequently Asked Questions on Undersea Cable

I’ve been involved with TeleGeography’s research on submarine cables since 2000. Over the years I’ve fielded numerous questions about the submarine cable industry from journalists, investors, family and friends. It seems as good a time as any to provide a compilation of answers to some of the most commonly asked questions. —APNIC

The post Worth Reading: Frequently Asked Questions on Undersea Cable appeared first on 'net work.

Worth Reading: The Future of Networking (In One Slide)

The telecoms industry is, I believe, overdue for a ‘lean’ revolution. This will change its working model from ‘purpose-for-fitness’ to ‘fitness-for-purpose’. For networks, that means switching from ‘build then reason about performance’ to ‘reason about performance and then build’. The benefit of this business transformation is a radical lowering cost risk and cost, predictable experiences, and the ability to rapidly adapt to changing patterns of demand. —Circle ID

The post Worth Reading: The Future of Networking (In One Slide) appeared first on 'net work.

Don’t Leave Features Lying Around

Many years ago, when multicast was still a “thing” everyone expected to spread throughout the Internet itself, a lot of work went into specifying not only IP multicast control planes, but also IP multicast control planes for interdomain use (between autonomous systems). BGP was modified to support IP multicast, for instance, in order to connect IP multicast groups from sender to receiver across the entire ‘net. One of these various efforts was a protocol called the Distance Vector Multicast Routing Protocol, or DVMRP. The general idea behind DVMRP was to extend many of the already well-known mechanisms for signaling IP multicast with interdomain counterparts. Specifically, this meant extending IGMP to operate across provider networks, rather than within a single network.

As you can imagine, one problem with any sort of interdomain effort is troubleshooting—how will an operator be able to troubleshoot problems with interdomain IGMP messages sources from outside their network? There is no way to log into another provider’s network (some silliness around competition, I would imagine), so something else was needed. Hence the idea of being able to query a router for information about its connected interfaces, multicast neighbors, and other information, was written up in draft-ietf-idmr-dvmrp-v3-11 (which Continue reading

Worth Reading: Memory and Logic in a Post Moore’s Law World

A key for computing architectures going forward is the development of efficient ways of integrating memory and logic functions in a single device, and much of the focus of research here is in the area of magnetism. Magnetism is at the heart of such storage devices as hard-disk drives and STT-MRAM, and as magnets continue to shrink, they need less power to switch polarization. With the recent development by researchers into new energy-efficient switching mechanisms, scientists are now looking into how the new physics of nanomagnetism can be used in digital device logic. —The Next Platform

The post Worth Reading: Memory and Logic in a Post Moore’s Law World appeared first on 'net work.

Worth Reading: Browser Watch

Welcome to another edition of Browser Watch, the regular feature that runs down the latest news and developments among all the most popular and up-and-coming browsers available. Whether you’re a designer, developer or both, you’ll always be kept up to date on everything that’s going in the browser world. —Web Designer Depot

The post Worth Reading: Browser Watch appeared first on 'net work.

Costa Rican Mountains

The post Costa Rican Mountains appeared first on 'net work.

Worth Reading: IoT Under Siege

Dahua, the world’s second-largest maker of “Internet of Things” devices like security cameras and digital video recorders (DVRs), has shipped a software update that closes a gaping security hole in a broad swath of its products. The vulnerability allows anyone to bypass the login process for these devices and gain remote, direct control over vulnerable systems. Adding urgency to the situation, there is now code available online that allows anyone to exploit this bug and commandeer a large number of IoT devices. —Krebs on Security

The post Worth Reading: IoT Under Siege appeared first on 'net work.

Worth Reading: Rescuing Network Time Protocol

The Network Time Protocol (NTP) is an Internet Engineering Task Force (IETF) protocol. It is responsible for syncing time between servers, using a variety of reference clocks as a guide. To the average user, this function may seem inconsequential, but knowing the time to one-thousandth of a second or less is essential for countless computer functions. Exactly when an electronic stock trade was made, for example, can mean a difference of millions of dollars. Similarly, in the 2003 blackout in the northeastern United States and Canada, in the nine seconds before the blackout, ten thousand events were recorded, but, because they were not accurately time-stamped, it proved impossible to document exactly what happened and learn much from what happened. As the Network Time Foundation site observes, “Knowing the time isn’t important. Until it is.” —The New Stack

The post Worth Reading: Rescuing Network Time Protocol appeared first on 'net work.