Nokia CEO Rajeev Suri Keeps 5G Pressure on Euro Operators
Suri also stated that in terms of costs, Nokia was “confident” in its ability to compete, and...
Ericsson Uses Intel 10nm Tech for 5G Base Station Products
The chip giant also announced its new FPGA acceleration card for telecommunications service...
The Week in Internet News: IoT Botnets Come for Video Conferencing Systems
Botnets attack: A handful of botnets using compromised Internet of Things devises are now targeting enterprise video conferencing systems, reports CSO Online. Three recently identified botnets are based on the Mirai botnet, which had its source code leaked back in 2016. The original Mirai is no longer active, but its source code has served as the base for at least 13 other botnets.
Pulling the plug: Internet shutdown are common, but ineffective, argues a journalist and researcher on The Conversation. Shutdowns “seem to animate dissent and encourage precisely the kind of responses considered subversive by many governments,” writes George Ogola. “Internet shutdowns don’t stop demonstrations. Nor do they hinder the production and circulation of rumours: they encourage them instead.”
The war on porn: Meanwhile, the government of Bangladesh has shutdown about 20,000 websites, including some popular social media sites, in the name of banishing pornography, the Guardian reports. Authorities believe some social media sites are contributing to the problem, apparently.
Digital colonies? The BBN Times has a provocative opinion piece suggesting that the Internet, and Internet Governance, is aiding in a process of “digital colonization.” The U.S. is sending its language, culture, and tech products Continue reading
Cloudflare Transparency Update: Joining Cloudflare’s Flock of (Warrant) Canaries
Today, Cloudflare is releasing its transparency report for the second half of 2018. We have been publishing biannual Transparency Reports since 2013.
We believe an essential part of earning the trust of our customers is being transparent about our features and services, what we do – and do not do – with our users’ data, and generally how we conduct ourselves in our engagement with third parties such as law enforcement authorities. We also think that an important part of being fully transparent is being rigorously consistent and anticipating future circumstances, so our users not only know how we have behaved in the past, but are able to anticipate with reasonable certainty how we will act in the future, even in difficult cases.
As part of that effort, we have set forth certain ‘warrant canaries’ – statements of things we have never done as a company. As described in greater detail below, the report published today adds three new ‘warrant canaries’, which is the first time we’ve added to that list since 2013. The transparency report is also distinguished because it adds new reporting on requests for user information from foreign law enforcement, and requests for user information that we Continue reading
To Code Or Not To Code: Expression & Symbiosis
There is still an ongoing debate over the need for network engineers to pick up some software skills. Everything network engineers touch in more recent times has some programmatic means of control and these interfaces can be used to scale out engineer workflows or for abstract systems to drive. The bottom up view is to write scripts or use tools like Terraform or Ansible to use them. In engineer driven workflows, I see regular usage of Salt Stack as an abstraction layer over the top of a target group of devices to do very human tasks with! The latter use case is interesting because it follows a very basic system rule of high gain from abstraction. In this instance, the programmatic interfaces are used to amplify human capabilities. If that’s the bottom up view, the top down view is to embrace the world of RPA (Robotic Process Automation). We’ve been calling this "big button" automation for years now and we can view this as human driven tasks, mechanised to run on a platform or framework. It’s a case of "Back to the Future" and it comes straight out the 1970s.
When a network engineer goes on a Python course to Continue reading
SAP Covers All Line-of-Business Apps in Leonardo IoT Shell
The moves further tightens integration across SAP's platforms, but analysts warn it could deter new...
Last Week on ipSpace.net (2019W8)
We started the Spring 2019 Building Network Automation Solutions course on Tuesday with building virtual labs presentation by one-and-only Matt Oswalt of the NRE Labs fame, and finished the AWS Networking Deep Dive saga on Thursday with an overview of AWS load balancing mechanisms, from elastic load balancing (CLB/NLB/ALB) to DNS-based load balancing, CloudFront and Global Accelerator… and figured out how Amazon reinvented VRFs and hub-and-spoke VPNs with Transit gateways.
The AWS Networking Deep Dive webinar is part of standard ipSpace.net subscription You can access Matt’s presentation and all other materials of the Building Network Automation Solutions online course with Expert Subscription (assuming you choose this course as part of your subscription).
RIRs enhance support for routing security
BGP hijacking and route leaks represent significant problems in the global Internet routing systems, along with source address spoofing. BGP hijacks are where allocated or unallocated address space is announced by entities who are not holders and are not authorized to use it.
The announcement of allocated address space often creates big news, such as when 53 route prefixes of Amazon were hijacked, but the announcement of unallocated address space (whether IPv4, IPv6 or AS numbers) which are also known as ‘bogons’ often does not generate much publicity as it does not cause immediate disruptions to service or business. With depletion of the IPv4 address space though, the announcement of bogons are on the rise with miscreants scraping the unallocated address space from all RIRs and abusing it.
Resource Public Key Infrastructure (RPKI) was therefore developed to try to solve these problems, and APNIC (the Routing Internet Registry for the Asia-Pacific region) recently announced it will honour the creation of AS0 ROA objects. They join ARIN, AfriNIC and the RIPE NCC in supporting AS0 ROA objects, with only LACNIC yet to implement this.
APNIC members can create AS0 ROAs for the prefixes they manage using the MyAPNIC platform.
So, Continue reading
Cloudflare’s RPKI Toolkit
A few months ago, we made a first then a second announcement about Cloudflare’s involvement in Resource Public Key Infrastructure (RPKI), and our desire to make BGP Internet routing more secure. Our mission is to build a safer Internet. We want to make it easier for network operators to deploy RPKI.
Today’s article is going to cover our experience and the tools we are using. As a brief reminder, RPKI is a framework that allows networks to deploy route filtering using cryptography-validated information. Picture TLS certificates for IP addresses and Autonomous System Numbers (ASNs)
What it means for you:
We validate our IP routes. This means, as a 1.1.1.1 DNS resolver user, you are less likely to be victim of cache poisoning. We signed our IP routes. This means a user browsing the websites on Cloudflare’s network are unlikely to experience route hijacks.
All our Points of Presence which have a router compatible with The Resource Public Key Infrastructure (RPKI) to Router Protocol (RTR protocol) are connected to our custom software called GoRTR and are now filtering invalid routes. The deployment amounts to around 70% of our network.
We received many questions regarding the amount of invalid Continue reading
AT&T Works With VMware to Combine SD-WAN, 5G Capabilities
The operator called this a “transformative combination,” claiming that it will bring control to...
Worth Reading: I Used To Think…
Ethan Banks joined the grumpy old networking engineer club - a must-read collection of lessons-learned and disappointments he encountered in his career (and I love to see how someone else says what I always wanted to say way more eloquently)
Weekly Top Posts: 2019-02-24
- SDxCentral Weekly Wrap: Google Pledges $13B for US Data Centers and Offices
- DigitalOcean Kicks Off Managed Database Service With PostgreSQL Support
- Metaswitch Senior VP of 5G Shubh Agarwal Discusses the Challenges Operators Face in Transitioning to 5G and the Technologies Key to Success
- DriveNets Pockets $110M to Pave Software Disaggregation Path
- Kaloom’s Cloud Edge Fabric Supports Network Slicing, 5G Apps
NDSS 2019 Highlights the Best in Security Research
Tomorrow, the 26th consecutive Network and Distributed System Security Symposium (NDSS) is set to kick off in San Diego, CA. NDSS is a premier academic research conference addressing a wide range of topics associated with improving network and system security. A key focus of the Internet Society has long been improving trust in the global open Internet and all of its connected devices and systems. In today’s world, we need new and innovative ideas and research on the security and privacy of our connected devices and the Internet that connects them together.
NDSS 2019 (24-27 February) will be the biggest NDSS symposium yet, featuring 89 peer-reviewed papers, 35 posters, 4 workshops, and a keynote. Record registration numbers are a key indicator that NDSS 2019 is featuring vital and timely topics. Below are some of the highlights expected in the coming week.
Workshops
This year’s program officially starts with four workshops on Sunday, 24 February. NDSS workshops are organized around a single topic and provide an opportunity for greater dialogue amongst researchers and practitioners in the area. Each of this year’s workshops have dynamic agendas.
The Workshop on Binary Analysis Research (BAR) is returning for its second year at NDSS after a Continue reading