Russ

Author Archives: Russ

Why no YANG??

I was at Cisco Live in Berlin last week, and I came away with a question: why no YANG?

 

Here is a YANG model represented in YIN—this one describes an interface in Quagga, and is easy to read:

YANG can be expressed in many ways, such as YIN, or in a model format (which is still easy to read), or in json format. This is an example of HTML, taken from the Vimeo site:

The YIN representation of YANG is XML, and XML is also a superset of HTML.

The post Why no YANG?? appeared first on 'net work.

Worth Reading: How to bury a breach notification

Amid the hustle and bustle of the RSA Security Conference in San Francisco last week, researchers at RSA released a startling report that received very little press coverage relative to its overall importance. The report detailed a malware campaign that piggybacked on a popular piece of software used by system administrators at some of the nation’s largest companies. Incredibly, the report did not name the affected software, and the vendor in question has apparently chosen to bury its breach disclosure. This post is an attempt to remedy that. —Krebs on Security

The post Worth Reading: How to bury a breach notification appeared first on 'net work.

Worth Reading: Making it easy to share annotations on the ‘web

The W3C has announced the publication of three new standards aimed to enable an ecosystem of interoperable products that let the world comment on, describe, tag, and link any resource on the Web. Many websites already allow comments, but current annotation systems rely on unique, usually proprietary technologies chosen and provided by publishers. Notes cannot be shared easily across the Web and comments about a Web page can only be saved and viewed via a single website. Readers cannot select their own tools, choose their own service providers or bring their own communities. The adoption of the Web Annotation standards will spell the end of the phrase “Don’t read the comments!”, returning power to the readers decide where and how they provide and consume such feedback. —W3C

The post Worth Reading: Making it easy to share annotations on the ‘web appeared first on 'net work.

Into the Gray Zone: Considering Active Defense

Most engineers focus on purely technical mechanisms for defending against various kinds of cyber attacks, including “the old magic bullet,” the firewall. The game of cannons and walls is over, however, and the cannons have won; those who depend on walls are in for a shocking future. What is the proper response, then? What defenses are there The reality is that just like in physical warfare, the defenses will take some time to develop and articulate.

One very promising line of thinking is that of active defense. While the concept is often attributed to some recent action, active defense has been one form of warfare for many centuries; there are instances of what might be called active defense outlined in the Bible and in Greek histories. But it is only recently, in light of the many wars around Israel, that defense in depth has taken on its modern shape in active defense. What about active defense is so interesting from a network security perspective? It is primarily this: in active defense, the defender seeks to tire an attacker out by remaining mobile, misdirecting the attacker, and using every opportunity to learn about the attacker’s techniques, aims, and resources to reflect Continue reading

Worth Reading: Commercial incentives behind IPv6 deployment

The Best Practice Forum (BPF) on IPv6 at the Internet Governance Forum (IGF) explored what economic and commercial incentives drive providers, companies and organizations to deploy IPv6 on their networks and for their services. The BPF collected case studies, held open discussions online and at the 2016 IGF meeting, and produced a comprehensive output report. This article gives a high-level overview. —CircleID

The post Worth Reading: Commercial incentives behind IPv6 deployment appeared first on 'net work.

Worth Reading: SHA-1 collision found

Cryptographic hash functions like SHA-1 are a cryptographer’s swiss army knife. You’ll find that hashes play a role in browser security, managing code repositories, or even just detecting duplicate files in storage. Hash functions compress large amounts of data into a small message digest. As a cryptographic requirement for wide-spread use, finding two messages that lead to the same digest should be computationally infeasible. Over time however, this requirement can fail due to attacks on the mathematical underpinnings of hash functions or to increases in computational power. —Google Security Blog

The post Worth Reading: SHA-1 collision found appeared first on 'net work.

The Perfect and the Good

Perfect and good: one is just an extension of the other, right?

When I was 16 (a long, long, long time ago), I was destined to be a great graphis—a designer and/or illustrator of some note. Things didn’t turn out that way, of course, but the why is a tale for another day. At any rate, in art class that year, I took an old four foot spool end, stretched canvas across it, and painted a piece in acrylic. The painting was a beach sunset, the sun’s oblong shape offsetting the round of the overall painting, with deep reds and yellows in streaks above the beach, which was dark. I painted the image as if the viewer were standing just on the break at the top of the beach, so there was a bit of sea grass scattered around to offset the darkness of the beach.

And, along one side, a rose.

I really don’t know why I included the rose; I think I just wanted to paint one for some reason, and it seemed like a good idea to combine the ideas (the sunset on the beach and the rose). I entered this large painting in a local Continue reading

Worth Reading: A fistful of bitcoins

The point forcefully made in ‘A Fistful of Bitcoins’ remains true today – Bitcoin offers little in the way of anonymity. In fact, we get better and better at techniques for de-anonymising block chain transactions over time. See for example ‘Data-driven de-anonymization in Bitcoin.’ The Mt Gox and Silk Road communities discussed in today’s paper both spectacularly disappeared though. Mt Gox ceased trading in February 2014, after losing about $350M ($473M?) worth of Bitcoin (‘Mt Gox: The History of a Failed Bitcoin Exchange‘). —The Morning Paper

The post Worth Reading: A fistful of bitcoins appeared first on 'net work.

Worth Reading: Bare metal cloud

When you think of the public cloud, the tendency is to focus on the big ones, like Amazon Web Services, Microsoft Azure, or Google Cloud Platform. They’re massive, dominating the public cloud skyline with huge datacenters filled with thousands of highly virtualized servers, not to mention virtualized storage and networking. Capacity is divvied up among corporate customers that are increasingly looking to run and store their workloads on someone else’s infrastructure, hardware that they don’t have to set up, deploy, manage or maintain themselves. —The Next Platform

The post Worth Reading: Bare metal cloud appeared first on 'net work.

Worth Reading: Making connections in disparate data

Enterprises are awash in data, and the number of sources of that data is only increasing. For some of the larger companies, data sources can rise into the thousands – from databases, files and tables to ERP and CRM programs – and the data itself can come in different formats, making it difficult to bring together and integrate into a unified pool. This can create a variety of challenges for businesses in everything from securing the data they have to analyzing it. —The Next Platform

The post Worth Reading: Making connections in disparate data appeared first on 'net work.

Worth Reading: Security in a box

Security in-a-box was created by a diverse team of experts who understand not only the conditions under which advocates work, but also the resource restrictions they face. Although the toolkit was designed primarily to address the growing needs of advocates in the global South – particularly human rights defenders – the software guides and security strategies in this toolkit are relevant to everyone; specifically people working with sensitive information. This may include vulnerable minorities, independent journalists or whistleblowers, as well as advocates working on a range of issues, from environmental justice to anti-corruption. —Security in a Box

The post Worth Reading: Security in a box appeared first on 'net work.

Worth Reading: AI and being left out

It is often argued that technological progress always leads to massive shifts in employment but that at the end of the day the economy grows as new jobs are created. However, that’s a far too facile way of looking at the impact of AI and automation on jobs today. Joel Mokyr, a leading economic historian at Northwestern University, has spent his career studying how people and societies have experienced the radical transitions spurred by advances in technology, such as the Industrial Revolution that began in the late 18th century. The current disruptions are faster and “more intensive,” Mokyr says. “It is nothing like what we have seen in the past, and the issue is whether the system can adapt as it did in the past.” —Technology Review

The post Worth Reading: AI and being left out appeared first on 'net work.

Worth Reading: What Cisco reveals about the enterprise market

Cisco is now sitting on a staggering $71.85 billion in cash, a lot of it overseas and inaccessible for doing acquisitions or anything until it is repatriated to the United States, where it is headquartered. Cisco could borrow money to build its appliances, offsetting its cash hoard without actually drawing it down and incurring taxes, and then simply offer every switch, router, and server with a monthly rental price. It would have to wait three to four years until most of the base converts from purchases to rentals. If Cisco set the rental rate fairly, then it could get off the product sales mouse wheel completely, and if Cisco made more malleable switches, with a mix of FPGAs and maybe ASICs like Cavium’s XPliant or Barefoot Networks’ Tofino chips, it could extend the life of these rented machines quite far and not incur hardware upgrade cycle costs like it is now. —The Next Platform

The post Worth Reading: What Cisco reveals about the enterprise market appeared first on 'net work.

On the ‘net: Net Neutrality Explained


Net Neutrality seems like a simple, easy to understand concept—but it seems the deeper you dig into the concept, this appearance of simplicity is actually just a light coat of surfacing on a very complex set of problems. The best place to begin is with the basic premise of net neutrality: providers who are transporting data should treat every packet the same, regardless of the source, the destination, or the service. —Tech Target

The post On the ‘net: Net Neutrality Explained appeared first on 'net work.

Worth Reading: Overcoming data center cabling challenges

Now, many users have started employing high-density 40GbE switch line cards to break out as part of 10GbE applications. For example, a high-density 10GbE SFP+ line card has 48x10GbE ports, whereas a high-density 40GbE QSFP+ board may have 36x40GbE ports. As such, a 40GbE line card can be used to obtain 4×36 = 144x10GbE ports in the same cabling space and power-consumption conditions, thus reducing the cost and power consumption of the single-port 10GbE. —Data Center Journal

The post Worth Reading: Overcoming data center cabling challenges appeared first on 'net work.

Worth Reading: A digital Geneva treaty

In a blog post published today on Microsoft’s website, company President and Chief Legal Officer, Brad Smith, has raised concerns over escalating cyberattcks over the past year and the need for a Digital Geneva Convention. He wrote: “Just as the Fourth Geneva Convention has long protected civilians in times of war, we now need a Digital Geneva Convention that will commit governments to protecting civilians from nation-state attacks in times of peace. —CircleID

The post Worth Reading: A digital Geneva treaty appeared first on 'net work.

TCP, Congestion Control, and Buffer Bloat

Cardwell, Neal, Yuchung Cheng, C. Stephen Gunn, Soheil Hassas Yeganeh, and Van Jacobson. “BBR: Congestion-Based Congestion Control.” Queue 14, no. 5 (October 2016): 50:20–50:53. doi:10.1145/3012426.3022184.

Article available here
Slides available here

In the “old days,” packet loss was a major problems; so much so that just about every routing protocol has a number of different mechanisms to ensure the reliable delivery of packets. For instance, in IS-IS, we have—

  1. Local reliability between peers using CSNPs and PSNPs
  2. On some links, a periodic check using CSNPs to ensure no packets were dropped
  3. Acknowledgements for packets on transmission
  4. Periodic timeouts and retransmissions of LSPs

It’s not that early protocol designers were dumb, it’s that packet loss was really this much of a problem. Congestion in the more recent sense was not even something you would not have even thought of; memory was expensive, so buffers were necessarily small, and hence a packet would obviously be dropped before it was buffered for any amount of time. TCP’s retransmission mechanism, the parameters around the window size, and the slow start mechanism, were designed to react to packet drops. Further, it might be obvious to think that any particular stream might provide Continue reading

Worth Reading: The Root of the DNS

The namespace of the DNS is a hierarchically structured label space. Each label can have an arbitrary number of immediately descendant labels, and only one immediate parent label. Domain names are expressed as an ordered sequence of labels in left-to-right order starting at the terminal label and then each successive parent label until the root label is reached. When expressing a domain name the ascii period character denotes a label delimiter. Fully qualified domain names (FQDNs) are names that express a label sequence from the terminal label through to the apex (or “root”) label. —Potaroo

The post Worth Reading: The Root of the DNS appeared first on 'net work.

Worth Reading: ARM gains a foothold in China

China represents a huge opportunity for chip designer ARM as it looks to extend its low-power system-on-a-chip (SoC) architecture beyond the mobile and embedded devices spaces and into new areas, such as the datacenter and emerging markets like autonomous vehicles, drones and the Internet of Things. China is a massive, fast-growing market with tech companies – including such giants as Baidu, Alibaba, and Tencent – looking to leverage such technologies as artificial intelligence to help expand their businesses deeper into the global market and turning to vendors like ARM that can help them fuel that growth. —The Next Platform

The post Worth Reading: ARM gains a foothold in China appeared first on 'net work.

1 95 96 97 98 99 159