Are Chatbots a Security Risk?
Chatbots – ingenious little bits of programming that have been making it possible for companies to automate the handling of queries, sales, and basic customer support. These bots are deployed through a number of different messaging platforms like Facebook Messenger, WhatsApp, etc.
And they have proven very popular. But, how secure is the tech? Lately, especially, there have been a lot of concerns raised. Say, for example, that I head out and use the Nordstrom app. I find the perfect pair of discounted sport shoes and want to buy them.
How safe am I entering my credit card details over the system? Or, more importantly, can chatbots be hacked?
Let's take a step back here for a second. Certainly, a chatbot is essentially just a program, and so, it makes sense that it could be hacked. But the danger is not likely to be any more than your local bank being hacked.
The same HTTPS protocols and metadata techniques used to provide security for the bank's site and messaging services can also secure the information transmitted via chatbots. The tech underlying the chatbot is similar, in fact, to your standard app, so it is not new.
The main difference here, Continue reading
Are Chatbots a Security Risk?
Chatbots – ingenious little bits of programming that have been making it possible for companies to automate the handling of queries, sales, and basic customer support. These bots are deployed through a number of different messaging platforms like Facebook Messenger, WhatsApp, etc.
And they have proven very popular. But, how secure is the tech? Lately, especially, there have been a lot of concerns raised. Say, for example, that I head out and use the Nordstrom app. I find the perfect pair of discounted sport shoes and want to buy them.
How safe am I entering my credit card details over the system? Or, more importantly, can chatbots be hacked?
Let's take a step back here for a second. Certainly, a chatbot is essentially just a program, and so, it makes sense that it could be hacked. But the danger is not likely to be any more than your local bank being hacked.
The same HTTPS protocols and metadata techniques used to provide security for the bank's site and messaging services can also secure the information transmitted via chatbots. The tech underlying the chatbot is similar, in fact, to your standard app, so it is not new.
The main difference here, Continue reading
Azure accelerated networking: SmartNICs in the public cloud
Azure accelerated networking: SmartNICs in the public cloud Firestone et al., NSDI’18
We’re still on the ‘beyond CPUs’ theme today, with a great paper from Microsoft detailing their use of FPGAs to accelerate networking in Azure. Microsoft have been doing this since 2015, and hence this paper also serves as a wonderful experience report documenting the thought processes that led to an FPGA-based design, and lessons learned transitioning an all-software team to include hardware components.
There’s another reminder here too of the scale at which cloud vendors operate, which makes doing a project like this viable. The bulk purchase of FPGAs keeps their cost low, and the scale of the project makes the development investment worthwhile.
One question we are often asked is if FPGAs are ready to serve as SmartNICs more broadly outside Microsoft… We’ve observed that necessary tooling, basic IP blocks, and general support have dramatically improved over the last few years. But this would still be a daunting task for a new team… The scale of Azure is large enough to justify the massive development efforts — we achieved a level of performance and efficiency simply not possible with CPUs, and programmability far beyond an ASIC, Continue reading
Radia Perlman Demystifies and Debunks Network Protocols
At Interop ITX, network pioneer Radia Perlman talks about Ethernet, STP, and recites her famous poem.
Announcing Cumulus Linux 3.6 and…early access to Voyager!
The reign of proprietary networking in optical and data center interconnect falls
In furthering our mission to bring S.O.U.L. to networking through Simple, Open, Untethered, Linux-based networking solutions, and just on the heels of our Cumulus NetQ 1.3 announcement around simplifying container networking and operations, today we continue the mission to advance web-scale networking in the digital age with our release of Cumulus Linux 3.6. Our focus has been to help organizations move towards a modern world of simplification, flexibility and scale — where complex applications reside on standardized infrastructure that is automated, repeatable and scalable. We see a world of agility built upon cloud principles; of converged administrative teams where sysadmins can manage the network and network admins can manage systems.
What’s new in Cumulus Linux 3.6
In this release of Cumulus Linux 3.6, we are not only driving network efficiency and simplicity, but also expanding our solution set to include data center interconnect (DCI) use cases. Additionally, to help organizations adopt these web-scale principles in networking, we are enhancing our portfolio by adding popular networking capabilities to the open Linux platform. These include:
Voyager code is available for early access
From Continue reading
Michael Dell Says Robopocalypse Is Fake News, Future Is Software Defined
Michael Dell told Dell Technologies World attendees to use software, data, AI, and IoT to remain relevant.
Big Switch Adds Packet Capture, Analytics To Its Network Packet Broker
Big Switch has added packet capture and analytics appliances, based on x86 servers, to its Big Monitoring Fabric NPB product.Why Knowing About Industry / Market Makes You Smarter
Understanding industry and market forces, and how those forces shape vendor behavior, can be valuable for your career.CONSENT: Privacy Is Key to Reinforcing Trust
To address mounting US user concerns, Senators Ed Markey (D-MA) and Richard Blumenthal (D-CT) have introduced the Consumer Online Notification for Stopping Edge-provider Network Transgressions (CONSENT) Act. (They have also introduced legislation to increase transparency and consumer privacy protection, though the text is not yet public.) While the Internet Society is weary of a reactionary regulatory trend and would rather see proactive anticipatory movement towards stronger privacy protections, we are supportive of legislation, like the CLOUD Act, that puts more control over how data is used in consumers’ hands, and moves towards a more user-centric Internet.
Currently, US users often have to go through an extensive and complicated process to opt out of data usage practices. Some may not even be aware that those options exist. Opt-out processes make data collection the “default” setting and weaken consumers’ ability to really consent to data handling practices.
The CONSENT Act, however, would require “edge-providers” (defined by the Act as persons that provide a service over the Internet) to notify users when they subscribe, establish an account, purchase, or begin receiving service if their data will be collected. This would make significant gains for user trust, as it would increase transparency at Continue reading
We’re Excited To Introduce Our First Blockchain Technology Course!
The Blockchain is disrupting industries and certainly not just the financial sector. Technological innovation can impact more than our daily lives and perhaps it can effectively disrupt entire industries. The Blockchain is already impacting the processing of payments for international settlements. The Blockchain is now one of the most sought after technical skills and is expected grow exponentially. In a recent report by Deloitte named “Deloitte’s 2018 Outlook” highlights the growth of Blockchain Technology.
Whether you’re a PHP developer, pre sales engineer, or a networking architect, the Blockchain is now at the forefront of technologies to know.
In this course we will cover key aspects around Blockchain and Bitcoin, including: What is a Blockchain? What is Bitcoin? What are smart contracts? What is a cryptocurrency? What are digital tokens? How are Blockchain and Bitcoin related and why is it so important to know the relation? We will also cover Some common misconceptions about Blockchain and Bitcoin and discuss Ethereum as a primary example of a common open source Blockchain.
Get Started Here.
T-Mobile’s Hookup With Sprint Is Far From Certain
It’s now or never for this acquisition. But first T-Mobile must convince regulators that the competitive landscape is growing and that the new company will create jobs, not eliminate them.
Verizon Grabs Software Control from Cisco, Juniper Routers
The company is using SDN technology to combine service edge routers for Ethernet and IP-based services. Software control will come from a single common compute platform based on x86 architecture.
ONUG Open SD-WAN Exchange Takes a Step Closer to Vendor Interoperability
The Open SD-WAN Exchange (OSE) plans to launch its service level API, which helps SD-WAN vendors talk, at the upcoming ONUG Spring 2018 conference.
Microsoft Beats AWS in Cloud Revenues for the First Quarter of 2018
Microsoft reported cloud revenues of $6 billion, while AWS reported revenues of $5.4 billion for the quarter.
The Universal Fat Tree
Have you ever wondered why spine-and-leaf networks are the “standard” for data center networks? While the answer has a lot to do with trial and error, it turns out there is also a mathematical reason the fat-tree spine-and-leaf is is used almost universally. There often is some mathematical reason for the decisions made in engineering, although we rarely explore those reasons. If it seems to work, there is probably a reason.
The fat-tree design is explored in a paper published in 2015 (available here at the ACM, and now added to my “classic papers” page so there is a local copy as well), using a novel technique to not only explore why the spine-and-leaf fat-tree is so flexible, but even what the ideal ratio of network capacity is at each stage. The idea begins with this basic concept: one kind of network topology can be emulated on top of another physical topology. For instance, you can emulate a toroid topology on top of a hierarchical network, or a spine-and-leaf on top of of hypercube, etc. To use terms engineers are familiar with in a slightly different way, let’s call the physical topology the underlay, and the emulated topology the overlay. Continue reading
Getting started with Terraform and Cloudflare (Part 2 of 2)
In Part 1 of Getting Started with Terraform, we explained how Terraform lets developers store Cloudflare configuration in their own source code repository, institute change management processes that include code review, track their configuration versions and history over time, and easily roll back changes as needed.
We covered installing Terraform, provider initialization, storing configuration in git, applying zone settings, and managing rate limits. This post continues the Cloudflare Terraform provider walkthrough with examples of load balancing, page rules, reviewing and rolling back configuration, and importing state.
Reviewing the current configuration
Before we build on Part 1, let's quickly review what we configured in that post. Because our configuration is in git, we can easily view the current configuration and change history that got us to this point.
$ git log
commit e1c38cf6f4230a48114ce7b747b77d6435d4646c
Author: Me
Date: Mon Apr 9 12:34:44 2018 -0700
Step 4 - Update /login rate limit rule from 'simulate' to 'ban'.
commit 0f7e499c70bf5994b5d89120e0449b8545ffdd24
Author: Me
Date: Mon Apr 9 12:22:43 2018 -0700
Step 4 - Add rate limiting rule to protect /login.
commit d540600b942cbd89d03db52211698d331f7bd6d7
Author: Me
Date: Sun Apr 8 22:21:27 2018 -0700
Step 3 - Enable TLS 1.3, Continue readingIETF RFC 8374 BGPsec Design Choices and Summary of Supporting Discussions
Why BGPSec turned out the way it did ?
