Archive

Category Archives for "Networking"

Are Chatbots a Security Risk?

Chatbots – ingenious little bits of programming that have been making it possible for companies to automate the handling of queries, sales, and basic customer support. These bots are deployed through a number of different messaging platforms like Facebook Messenger, WhatsApp, etc.

And they have proven very popular. But, how secure is the tech? Lately, especially, there have been a lot of concerns raised. Say, for example, that I head out and use the Nordstrom app. I find the perfect pair of discounted sport shoes and want to buy them.

How safe am I entering my credit card details over the system? Or, more importantly, can chatbots be hacked?

Let's take a step back here for a second. Certainly, a chatbot is essentially just a program, and so, it makes sense that it could be hacked. But the danger is not likely to be any more than your local bank being hacked.

The same HTTPS protocols and metadata techniques used to provide security for the bank's site and messaging services can also secure the information transmitted via chatbots. The tech underlying the chatbot is similar, in fact, to your standard app, so it is not new.

The main difference here, Continue reading

Are Chatbots a Security Risk?

Chatbots – ingenious little bits of programming that have been making it possible for companies to automate the handling of queries, sales, and basic customer support. These bots are deployed through a number of different messaging platforms like Facebook Messenger, WhatsApp, etc.

And they have proven very popular. But, how secure is the tech? Lately, especially, there have been a lot of concerns raised. Say, for example, that I head out and use the Nordstrom app. I find the  perfect pair of discounted sport shoes and want to buy them.

How safe am I entering my credit card details over the system? Or, more importantly, can chatbots be hacked?

Let's take a step back here for a second. Certainly, a chatbot is essentially just a program, and so, it makes sense that it could be hacked. But the danger is not likely to be any more than your local bank being hacked.

The same HTTPS protocols and metadata techniques used to provide security for the bank's site and messaging services can also secure the information transmitted via chatbots. The tech underlying the chatbot is similar, in fact, to your standard app, so it is not new.

The main difference here, Continue reading

Azure accelerated networking: SmartNICs in the public cloud

Azure accelerated networking: SmartNICs in the public cloud Firestone et al., NSDI’18

We’re still on the ‘beyond CPUs’ theme today, with a great paper from Microsoft detailing their use of FPGAs to accelerate networking in Azure. Microsoft have been doing this since 2015, and hence this paper also serves as a wonderful experience report documenting the thought processes that led to an FPGA-based design, and lessons learned transitioning an all-software team to include hardware components.

There’s another reminder here too of the scale at which cloud vendors operate, which makes doing a project like this viable. The bulk purchase of FPGAs keeps their cost low, and the scale of the project makes the development investment worthwhile.

One question we are often asked is if FPGAs are ready to serve as SmartNICs more broadly outside Microsoft… We’ve observed that necessary tooling, basic IP blocks, and general support have dramatically improved over the last few years. But this would still be a daunting task for a new team… The scale of Azure is large enough to justify the massive development efforts — we achieved a level of performance and efficiency simply not possible with CPUs, and programmability far beyond an ASIC, Continue reading

Announcing Cumulus Linux 3.6 and…early access to Voyager!

The reign of proprietary networking in optical and data center interconnect falls

In furthering our mission to bring S.O.U.L. to networking through Simple, Open, Untethered, Linux-based networking solutions, and just on the heels of our Cumulus NetQ 1.3 announcement around simplifying container networking and operations, today we continue the mission to advance web-scale networking in the digital age with our release of Cumulus Linux 3.6. Our focus has been to help organizations move towards a modern world of simplification, flexibility and scale — where complex applications reside on standardized infrastructure that is automated, repeatable and scalable. We see a world of agility built upon cloud principles; of converged administrative teams where sysadmins can manage the network and network admins can manage systems.

What’s new in Cumulus Linux 3.6

In this release of Cumulus Linux 3.6, we are not only driving network efficiency and simplicity, but also expanding our solution set to include data center interconnect (DCI) use cases. Additionally, to help organizations adopt these web-scale principles in networking, we are enhancing our portfolio by adding popular networking capabilities to the open Linux platform. These include:

Voyager code is available for early access

From Continue reading

CONSENT: Privacy Is Key to Reinforcing Trust

To address mounting US user concerns, Senators Ed Markey (D-MA) and Richard Blumenthal (D-CT) have introduced the Consumer Online Notification for Stopping Edge-provider Network Transgressions (CONSENT) Act. (They have also introduced legislation to increase transparency and consumer privacy protection, though the text is not yet public.) While the Internet Society is weary of a reactionary regulatory trend and would rather see proactive anticipatory movement towards stronger privacy protections, we are supportive of legislation, like the CLOUD Act, that puts more control over how data is used in consumers’ hands, and moves towards a more user-centric Internet.

Currently, US users often have to go through an extensive and complicated process to opt out of data usage practices. Some may not even be aware that those options exist. Opt-out processes make data collection the “default” setting and weaken consumers’ ability to really consent to data handling practices.

The CONSENT Act, however, would require “edge-providers” (defined by the Act as persons that provide a service over the Internet) to notify users when they subscribe, establish an account, purchase, or begin receiving service if their data will be collected. This would make significant gains for user trust, as it would increase transparency at Continue reading

Rackspace offers on-premises ‘cloud’ and a bare-metal cloud offering

Rackspace’s latest project is called Private Cloud Everywhere and is a collaboration with VMware to offer what it calls Private Cloud as a Service (PCaaS), making on-demand provisioning of virtualized servers available at most colocation facilities and data centers.PCaaS basically means provisioning data center hardware the same way you would on Amazon Web Services, Microsoft Azure or Google Cloud, but instead of using the cloud providers, you use your own hardware, use Rackspace data centers, or set it up in a third-party colocation facility.Because customers have the option of deploying a private cloud wherever they want physically, it can help with data sovereignty requirements, such as rules in Europe that restrict data inside national borders.To read this article in full, please click here

Rackspace offers on-premises ‘cloud’ and a bare-metal cloud offering

Rackspace’s latest project is called Private Cloud Everywhere and is a collaboration with VMware to offer what it calls Private Cloud as a Service (PCaaS), making on-demand provisioning of virtualized servers available at most colocation facilities and data centers.PCaaS basically means provisioning data center hardware the same way you would on Amazon Web Services, Microsoft Azure or Google Cloud, but instead of using the cloud providers, you use your own hardware, use Rackspace data centers, or set it up in a third-party colocation facility.Because customers have the option of deploying a private cloud wherever they want physically, it can help with data sovereignty requirements, such as rules in Europe that restrict data inside national borders.To read this article in full, please click here

We’re Excited To Introduce Our First Blockchain Technology Course!

The Blockchain is disrupting industries and certainly not just the financial sector. Technological innovation can impact more than our daily lives and perhaps it can effectively disrupt entire industries. The Blockchain is already impacting the processing of payments for international settlements. The Blockchain is now one of the most sought after technical skills and is expected grow exponentially. In a recent report by Deloitte named “Deloitte’s 2018 Outlook” highlights the growth of Blockchain Technology.

 

Whether you’re a PHP developer, pre sales engineer, or a networking architect, the Blockchain is now at the forefront of technologies to know.

In this course we will cover key aspects around Blockchain and Bitcoin, including: What is a Blockchain? What is Bitcoin? What are smart contracts? What is a cryptocurrency? What are digital tokens? How are Blockchain and Bitcoin related and why is it so important to know the relation? We will also cover Some common misconceptions about Blockchain and Bitcoin and discuss Ethereum as a primary example of a common open source Blockchain.

Get Started Here.

The Universal Fat Tree

Have you ever wondered why spine-and-leaf networks are the “standard” for data center networks? While the answer has a lot to do with trial and error, it turns out there is also a mathematical reason the fat-tree spine-and-leaf is is used almost universally. There often is some mathematical reason for the decisions made in engineering, although we rarely explore those reasons. If it seems to work, there is probably a reason.

The fat-tree design is explored in a paper published in 2015 (available here at the ACM, and now added to my “classic papers” page so there is a local copy as well), using a novel technique to not only explore why the spine-and-leaf fat-tree is so flexible, but even what the ideal ratio of network capacity is at each stage. The idea begins with this basic concept: one kind of network topology can be emulated on top of another physical topology. For instance, you can emulate a toroid topology on top of a hierarchical network, or a spine-and-leaf on top of of hypercube, etc. To use terms engineers are familiar with in a slightly different way, let’s call the physical topology the underlay, and the emulated topology the overlay. Continue reading

Getting started with Terraform and Cloudflare (Part 2 of 2)

Getting started with Terraform and Cloudflare (Part 2 of 2)

In Part 1 of Getting Started with Terraform, we explained how Terraform lets developers store Cloudflare configuration in their own source code repository, institute change management processes that include code review, track their configuration versions and history over time, and easily roll back changes as needed.

We covered installing Terraform, provider initialization, storing configuration in git, applying zone settings, and managing rate limits. This post continues the Cloudflare Terraform provider walkthrough with examples of load balancing, page rules, reviewing and rolling back configuration, and importing state.

Reviewing the current configuration

Before we build on Part 1, let's quickly review what we configured in that post. Because our configuration is in git, we can easily view the current configuration and change history that got us to this point.

$ git log
commit e1c38cf6f4230a48114ce7b747b77d6435d4646c
Author: Me
Date:   Mon Apr 9 12:34:44 2018 -0700

    Step 4 - Update /login rate limit rule from 'simulate' to 'ban'.

commit 0f7e499c70bf5994b5d89120e0449b8545ffdd24
Author: Me
Date:   Mon Apr 9 12:22:43 2018 -0700

    Step 4 - Add rate limiting rule to protect /login.

commit d540600b942cbd89d03db52211698d331f7bd6d7
Author: Me
Date:   Sun Apr 8 22:21:27 2018 -0700

    Step 3 - Enable TLS 1.3,  Continue reading