The Week in Internet News: Governments Shut Down Internet for School Testing

Couldn’t you just take their phones away? The government of Algeria told telecom carriers to shut down Internet service for several hours a day during high school testing season, according to several news reports. The government is trying to prevent the repeat of a situation in 2016, when exam questions were leaked online, reports Al Jazeera. The government of Iraq has taken similar action, the news agency says. It’s unclear how a short shutdown each day will prevent leaks.

Why IoT security is terrible: The headline is certainly catchy, but the IEEE Spectrum suggests that the Internet of things has some special security challenges including nation state hackers that are targeting the systems (although that’s true of other IT systems as well). Another of the six reasons: Many IoT systems, like your connected refrigerator, don’t have dedicated IT security workers looking out for them.

Score one for encryption: Using the encrypted WhatsApp, Syrian school girls banned from attending school in Islamic State-controlled territory, are taking pictures of school work and sharing it with each other, notes NakedSecurity, referencing a report on the BBC. “Education is everything, and it’s our weapon,” one of the girls says.

Not so fast, WhatsApp: Continue reading

The silver lining in the Intel CEO drama

I assume that by now you’ve heard the news that Intel CEO Brian Krzanich has stepped down for reportedly violating the company's strict policy against having relationships with employees. As CFO Bob Swan takes the reigns, the question of who will replace Krzanich is front and center.Several analysts I’ve spoken to even before this happened said they think Intel needs to look to the outside for its next CEO. In its 50-year history, the company has had only six CEOs, all of them insiders. Intel has a reputation as a tough place to work; nobody treads water at Intel. In the volatile Silicon Valley, I found Intel was a place where people either came and went fast or hung around forever. If you are cut out for its culture, expect to be promoted up the food chain rather quickly.To read this article in full, please click here

The silver lining in the Intel CEO drama

I assume that by now you’ve heard the news that Intel CEO Brian Krzanich has stepped down for reportedly violating the company's strict policy against having relationships with employees. As CFO Bob Swan takes the reigns, the question of who will replace Krzanich is front and center.Several analysts I’ve spoken to even before this happened said they think Intel needs to look to the outside for its next CEO. In its 50-year history, the company has had only six CEOs, all of them insiders. Intel has a reputation as a tough place to work; nobody treads water at Intel. In the volatile Silicon Valley, I found Intel was a place where people either came and went fast or hung around forever. If you are cut out for its culture, expect to be promoted up the food chain rather quickly.To read this article in full, please click here

8 Hot IT Infrastructure Job Roles

IBM ends China’s 5-year reign atop supercomputer rankings

There’s a shake-up – and a scandal – in the Top500 ranking of the world’s most powerful supercomputers.The U.S. has retaken first place in the Top500 list after five years of dominance by China. Computers built by IBM for the U.S. Department of Energy have pushed the previous two record-holders, both Chinese, into second and fourth place.[ Now see who's developing quantum computers.] But the previous fourth placeholder, Japan’s Gyoukou, is nowhere to be found, after one of its creators was arrested on suspicion of fraud.To read this article in full, please click here

IBM ends China’s 5-year reign atop supercomputer rankings

There’s a shake-up – and a scandal – in the Top500 ranking of the world’s most powerful supercomputers.The U.S. has retaken first place in the Top500 list after five years of dominance by China. Computers built by IBM for the U.S. Department of Energy have pushed the previous two record-holders, both Chinese, into second and fourth place.[ Now see who's developing quantum computers.] But the previous fourth placeholder, Japan’s Gyoukou, is nowhere to be found, after one of its creators was arrested on suspicion of fraud.To read this article in full, please click here

Routing Security & IPv6 at NANOG 73 in Denver

We’ll be at NANOG 73 in Denver, CO, USA this week talking about routing security, MANRS, and IPv6.

The North American Network Operators Group (NANOG) is the professional association for Internet engineering, architecture and operations. Its core focus is on continuous improvement of the data transmission technologies, practices, and facilities that make the Internet function. NANOG meetings are among the largest in the region, bringing together top technologists on a wide range of topics.

Routing Security

On Tuesday, 26 June, at 1:30PM, Andrei Robachevsky will give a talk called, “Routing Is At Risk. Let’s Secure It Together.”

From the session abstract:

“Stolen cryptocurrency, hijacked traffic blocking access to whole countries, derailing vital Web resources for thousands of people. Routing used to fly under the radar. As long as incidents weren’t too bad, no one asked too many questions, and routing security never made it to the top of the to-do list. But these days, routing incidents are regularly making the news, executives are getting nervous, and engineers are under pressure to make sure their network isn’t next. The problem is, you cannot secure your own network entirely by yourself. But you can help secure the global routing system Continue reading

Network Notes: RIP

Routing information protocol (RIP) is a interior distance vector routing protocol originally defined in RFC1058. RIP has had a number of improvements over the years with version 2 being defined RFC2453 and RIPng adding IPv6 support in RFC2080. Transport RIPv1 and RIPv2...continue reading

Routing Loop, Failure by Design

I have spent some time studying the CCDE materials. One broken design example that has come up involves route reflector clients that don’t align with the physical topology. This article examines that example and some solutions to the problem.

To illustrate this example we have built the topology below. I used loopback addresses 1.1.1.1 through 6.6.6.6 (based on csr1000v-x). The router on the top is a eBGP neighbor with csr1000v-1 and csr1000v-2. The four routers forming a square in the center have an initial configuration of OSFP and BGP (iBGP as shown). Both Route Reflectors are peered with both clients.

Route Reflector Initial Configuration

//csr1000v-2 shown, csr1000v-3 similar

router ospf 1
router-id 2.2.2.2
passive-interface GigabitEthernet2
network 2.2.2.2 0.0.0.0 area 0
network 10.0.0.0 0.255.255.255 area 0

router bgp 64513
bgp router-id 2.2.2.2
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 64513
neighbor 3.3.3.3 update-source Loopback0
neighbor 4.4.4.4 remote-as 64513
neighbor 4.4.4.4 update-source Loopback0
neighbor 4.4.4.4 route-reflector-client
neighbor 5.5.5.5 remote-as 64513
 Continue reading

Routing Loop, Failure by Design

I have spent some time studying the CCDE materials. One broken design example that has come up involves route reflector clients that don’t align with the physical topology. This article examines that example and some solutions to the problem.

To illustrate this example we have built the topology below. I used loopback addresses 1.1.1.1 through 6.6.6.6 (based on csr1000v-x). The router on the top is a eBGP neighbor with csr1000v-1 and csr1000v-2. The four routers forming a square in the center have an initial configuration of OSFP and BGP (iBGP as shown). Both Route Reflectors are peered with both clients.

Route Reflector Initial Configuration

//csr1000v-2 shown, csr1000v-3 similar

router ospf 1
router-id 2.2.2.2
passive-interface GigabitEthernet2
network 2.2.2.2 0.0.0.0 area 0
network 10.0.0.0 0.255.255.255 area 0

router bgp 64513
bgp router-id 2.2.2.2
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 64513
neighbor 3.3.3.3 update-source Loopback0
neighbor 4.4.4.4 remote-as 64513
neighbor 4.4.4.4 update-source Loopback0
neighbor 4.4.4.4 route-reflector-client
neighbor 5.5.5.5 remote-as 64513
 Continue reading

Routing Loop, Failure by Design

I have spent some time studying the CCDE materials. One broken design example that has come up involves route reflector clients that don’t align with the physical topology. This article examines that example and some solutions to the problem.

To illustrate this example we have built the topology below. I used loopback addresses 1.1.1.1 through 6.6.6.6 (based on csr1000v-x). The router on the top is a eBGP neighbor with csr1000v-1 and csr1000v-2. The four routers forming a square in the center have an initial configuration of OSFP and BGP (iBGP as shown). Both Route Reflectors are peered with both clients.

Route Reflector Initial Configuration

//csr1000v-2 shown, csr1000v-3 similar

router ospf 1
router-id 2.2.2.2
passive-interface GigabitEthernet2
network 2.2.2.2 0.0.0.0 area 0
network 10.0.0.0 0.255.255.255 area 0

router bgp 64513
bgp router-id 2.2.2.2
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 64513
neighbor 3.3.3.3 update-source Loopback0
neighbor 4.4.4.4 remote-as 64513
neighbor 4.4.4.4 update-source Loopback0
neighbor 4.4.4.4 route-reflector-client
neighbor 5.5.5.5 remote-as 64513
 Continue reading

GitLab Pushes Kubernetes-Based Update for Auto DevOps

Developer concern over Microsoft's $7.5 billion acquisition of GitHub could provide a long-term opportunity in the open source Git repository community.

BrandPost: Growing Reliance On Multi-Cloud Boosts Need For Smart Data

As the cloud computing market has soared, businesses have begun incorporating a mix of cloud services to meet their Digital Transformation (DX) objectives. Multi-cloud and hybrid cloud environments are fast becoming the option of choice. In fact, according to a recent Information Age article, 451 Research determined that the future of IT is multi-cloud and hybrid with 69 percent of survey respondents planning to incorporate some form of multi-cloud environment by 2019.To read this article in full, please click here

Watch Live On Monday, 25 June – DNSSEC Workshop at ICANN 62 in Panama

With the DNSSEC Root Key Rollover coming up on October 11, how prepared are we as an industry? What kind of data can we collect in preparation? What is the cost benefit (or not) of implementing DANE? What can we learn from an existing rollover of a cryptographic algorithm?

All those questions and more will be discussed at the DNSSEC Workshop at the ICANN 62 meeting in Panama City, Panama, on Monday, June 25, 2018. The session will begin at 9:00 and conclude at 12:15 EST (UTC-5). [Note: this is one hour different than current US Eastern Daylight Time – Panama does not change to daylight savings time – and so this will begin at 10:00 EDT (UTC-4).]

The agenda includes:

• DNSSEC Workshop Introduction, Program, Deployment Around the World – Counts, Counts, Counts
• Panel: DNSSEC Activities and Post Key Signing Key Rollover Preparation
• DANE: Status, Cost Benefits, Impact from KSK Rollover
• An Algorithm Rollover  (case study from CZ.NIC)
• Panel: KSK Rollover Data Collection and Analysis
• DNSSEC – How Can I Help?
• The Great DNSSEC/DNS Quiz

It should be an outstanding session!  For those onsite, the workshop will be in Salon 4, the ccNSO room.

• WATCH LIVE: https://participate. Continue reading

Weekend Reads 062218: Bitcoin and Security Flaws

But, as with all new technology, security risks can be found beneath the hype. Indeed, threat actors are finding new targets amid the rise of blockchain as they serve up social-engineering attacks, malware, and exploits to businesses and consumers, according to a recently published report by McAfee’s Advanced Threat Research Team. —Kelly Sheridan @Dark Reading

After last Thursday’s regulatory news that bitcoin and ether were not considered securities, which was widely considered a win for crypto enthusiasts, digital currencies had failed to hold on to gains, a sign the bear market is firmly intact. However, investors were hoping Monday’s move above the post-SEC-statement high will be the start of a more fruitful period for digital currency owners. —Aaron Hankin @MarketWatch

Dubbed Lazy FP State Restore, the vulnerability (CVE-2018-3665) within Intel Core and Xeon processors has just been confirmed by Intel, and vendors are now rushing to roll out security updates in order to fix the flaw and keep their customers protected. The company has not yet released technical details about the vulnerability, but since the vulnerability resides in the CPU, the flaw affects all devices running Intel Core-based microprocessors regardless of the installed operating systems, except some modern versions of Continue reading

Nutanix Gives International Speedway Corporation Instant Octane Boost

International Speedway Corporation needed its applications to run as fast as the race cars on its tracks.

Sprint Spent $1B on Massive MIMO for Its 5G Network in Q2

T-Mobile’s acquisition of Sprint will mean a larger 5G footprint and a higher capacity network, says Sprint’s CTO.   

Red Hat Stock Stung by Foreign Currency Exchange, Billing Concerns

The company's stock plunged as much as 13 percent early Friday having just hit a new 52-week high last week.

Road by the Mountain

SDxCentral’s Weekly Roundup — June 22, 2018

ZTE stock sinks after U.S. Senate bill; T-Mobile and Sprint advance their proposed merger; and VMware works with the U.S. government and public sector.