New BlueBorne Vulnerability to Bluetooth Devices – What happened and what to do about it
Billions of Bluetooth-enabled devices may be exposed to a new remote attack called “BlueBorne”, even without user interaction or pairing. Affected systems include Windows, iOS (older than iOS 10), the Linux kernel, and Android. What should you do about it?
Bluetooth is ubiquitous, commonly connecting accessories like headsets and keyboards, but is also used throughout the brave new Internet of Things (IoT) world. An attacker exploiting these BlueBorne vulnerabilities can mount a man-in-the-middle attack, or even take control of a device without the user even noticing it.
The vulnerabilities were discovered by a security company called Armis earlier this year. Researchers reached out to the companies responsible for vulnerable implementations that lead to the coordinated disclosure (and patches) on September 12. (You can read more about our views on responsible disclosure and collaborative security in Olaf Kolkman’s blog post here.)
This case once again highlights how crucial it is that software update mechanisms are available to fix vulnerabilities, update configuration settings, and add new functionality to devices. There are challenges, both technological and economic, in having update capabilities ubiquitously deployed, as discussed in the recently published Report from the Internet of Things Software Update (IoTSU) Workshop 2016.
Vulnerabilities Continue reading
Worth Reading: Hunting AdwindRAT
The post Worth Reading: Hunting AdwindRAT appeared first on rule 11 reader.
Penny Pinching With Open Source
You might have seen this Register article this week which summarized a Future:Net talk from Peyton Koran. In the article and the talk, Peyton talks about how the network vendor and reseller market has trapped organizations into a needless cycle of bad hardware and buggy software. He suggests that organizations should focus on their new “core competency” of software development and run whitebox or merchant hardware on top of open source networking stacks. He says that developers can use code that has a lot of community contributions and shares useful functionality. It’s a high and mighty goal. However, I think the open source part of the equation is going to cause some issues.
A Penny For Your Thoughts
The idea behind open source isn’t that hard to comprehend. Everything available to see and build. Anyone can contribute and give back to the project and make the world a better place. At least, that’s the theory. Reality is sometimes a bit different.
Many times, I’ve had off-the-record conversations with organizations that are consuming open source resources and projects as a starting point for building something that will end up containing many proprietary resources. When I ask them about contributing back to Continue reading
VMware Releases Telco-Oriented Version of its OpenStack Distribution
It’s designed to function as the VIM in NFV networks.
LAG vs. ECMP discussion on real network deployments
We discussed LAG (Link Aggregation Group) and the ECMP (Equal Cost Multipath) on real network deployments with the Service Provider/Telco Engineer engineers on my slack group. I thought it was good discussion so you can see what others are doing and the reasons of their deployments. In this talk, three people involved. Myself […]
The post LAG vs. ECMP discussion on real network deployments appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.
7 Habits of IT Pros That Might Surprise You
SolarWinds survey provides insight into the lives of IT professionals.
IRP Lite (free IRP version) now equipped with the Circuit Issues Detection feature
IRP Lite – the free version of the Intelligent Routing Platform just got even better. It is now equipped with the Circuit Issues Detection
The post IRP Lite (free IRP version) now equipped with the Circuit Issues Detection feature appeared first on Noction.
Network Automation with Ansible for Undergraduate Students
Long story short: I’m offering a few free seats in my Ansible for Networking Engineers online course to undergraduate or master’s students.
Interested? Check out the details, and apply before October 1st.
Too old? Please spread the word ;)
Truth Lives in the Open: Lessons from Wikipedia
Victoria Coleman, CTO, Wikimedia Foundation
Moderator: Michelle Zatlyn, Co-Founder & COO, Cloudflare
Photo by Cloudflare Staff
MZ: What is the Wikimedia Foundation?
VC: We pride ourselves in aiming to make available information broadly
not-for-profit
We’re the 5th most visited site on the planet.
We are the guardians of the project. There are 12 projects that we support, Wikipedia is the most prominent but there are others that will be just as influential in the next 5 years: e.g. Wikidata.
299 languages
Let’s also talk about the things that we don’t do: we don’t do editing. We edit as community members but not as members of the foundation.
We don’t monetize our users, content, or presence. We are completely funded by donations, with an average donation of $15.
MZ: If your mission is to help bring free education to all, getting to everyone can be hard. So how do you get access to people in hard-to-reach areas?
VC: It’s definitely a challenge. We built this movement primarily in NA and EU, but our vision goes beyond that. We started doing some critically refined and focused research in Brazil, Mexico, Nigeria.
Trying to understand what global communities need in other Continue reading
Will Data Destroy Democracy?
Lawrence Lessig, Roy L. Furman Professor of Law and Leadership, Harvard Law School and Darren Bolding, CTO, Cambridge Analytica
Moderator: Matthew Prince, Co-Founder & CEO, Cloudflare
Photo by Cloudflare Staff
MP: If there’s one person responsible for the Trump presidency, it seems there is a compelling argument that that might be you.
DB: I very much disagree with that.
MP: How does Cambridge Analytica work, and how did the Trump campaign use it to win the presidency?
DB: we take that data and match it up with lists of voters, and combine that data science to come up with ideas about you who might want to sell a product to, or in teh case of politics, this is this person's’ propensity to vote, this is the candidate they are likely most interested in. WE also do all the digital advertising. By combining data with digital advertising, we have lots of power.
MP: so you don’t want to take credit for having won the election; but the campaign's use of data and targeting was an important factor in the election.
DB: Yes, and what Cambridge did was basically a great turnaround story.
MP: larry you ran a presidential Continue reading
OpenStack SDN – Skydiving Into Service Function Chaining
SFC is another SDN feature that for a long time only used to be available in proprietary SDN solutions and that has recently become available in vanilla OpenStack. It serves as another proof that proprietary SDN solutions are losing the competitive edge, especially for Telco SDN/NFV use cases. Hopefully, by the end of this series of posts I’ll manage do demonstrate how to build a complete open-source solution that has feature parity (in terms of major networking features) with all the major proprietary data centre SDN platforms. But for now, let’s just focus on SFC.
SFC High-level overview
In most general terms, SFC refers to packet forwarding technique that uses more than just destination IP address to decide how to forward packets. In more specific terms, SFC refers to “steering” of traffic through a specific set of endpoints (a.k.a Service Functions), overriding the default destination-based forwarding. For those coming from a traditional networking background, think of SFC as a set of policy-based routing instances orchestrated from a central element (SDN controller). Typical use cases for SFC would be things like firewalling, IDS/IPS, proxying, NAT’ing, monitoring.
SFC is usually modelled as a directed (acyclic) graph, where the first and Continue reading
Napalm Getting Started
Napalm installation and basic usage.Napalm Getting Started
Napalm is a network automation library written in python that abstracts the differences between libraries such as Juniper's pyez and Arista's pyeapi bringing a common interface across many API's. Napalm is well supported in the network community, originally started by David Barroso and Elisa...As Seen on TV
Chris Cantwell, Co-Creator and Show Runner, Halt & Catch Fire
Moderator: John Graham-Cumming, CTO, Cloudflare
Photo by Cloudflare Staff
CC: first off, we have very low ratings! The story came from my father who worked in computers in the early 80s in dallas; later in california. The dynamic between those characters was influenced by my dad.
This was largely a story about reverse engineering. The underdog story was interesting: not Bill Gates, not Silicon Valley, but a different story about the computer world.
JGC: and you managed to do 4 seasons
CC: In four seasons we go from ‘83 to ‘94; we cover everything from small networks to building of internet backbone, rise in search and www
JGC: I watched it before I came; it gave me some bad memories because there were AOL disks
CC: We have an incredible prop team. Some comes from RI computer museum; i have to ask our prop master, he might have manufactured them from images online.
JGC: This is a show about tech but also about money; these people are trying to build companies. The same people trying again and again. Is that a metaphor for recycling something?
CC: Yes, i Continue reading
Private Companies, Public Squares
Daphne Keller, Director, Stanford Center for Internet & Society, and Lee Rowland, Senior Staff Attorney, ACLU Speech, Privacy & Technology Project
Moderator: Matthew Prince, Co-Founder & CEO, Cloudflare
Photo by Cloudflare Staff
MP: Technology and law seem like they are colliding more and more. Tech companies are being asked to regulate content. For a largely non-lawyer audience, give us some foundations about basic rules when you have content on your network?
LR: Communications 2.0 makes the 1st amendment almost quaint. The vast majority of speech that we exchange happens online. When it is hosted by private companies, the 1st amendment doesn’t constrain it. So this is a space governed by norms and individual choices of people like Matthew. In the wake of Cloudflare's decision to take down the Daily Stormer, Matthew penned a piece saying it’s scary that we have this power, and I exercised it. We have a completely unaccountable private medium of communication.
MP: There are shields for companies for this; What is intermediary liability and why is this a position at Google/Stanford?
DK: No one knows what it means; it’s a set of laws that tell platforms when they have to take down Continue reading
Openstack SDN – Skydiving Into Service Function Chaining
In this post I’ll show how to configure Neutron’s service function chaining, troubleshoot it with Skydive and how SFC is implemented in OVS forwarding pipeline.
Continue readingBetting on Blockchain
Juan Benet, Founder, Protocol Labs, and Jill Carlson, GM, Tezos Foundation
Moderator: Jen Taylor, Head of Product, Cloudflare
Photo by Cloudflare Staff
JT: Tell us about what BlockChain is
JC: Going back to 2008, advent of blockchain came with bitcoin white paper.
The word Blockchain wasn’t mentioned at that point, but that was the advent of this tech.
What it solved was niche problem called double spend problem. Creation of digital cash.
What you see in a bank account isn’t digital cash. The problem in cryptography was how to create digital cash that doesn't rely on 3rd party intermediary. This is what Bitcoin created.
JB: Blockchain packs in lots of stuff: useful as brand. Like internet/web in early 90s, the meaning is fuzzy.
Properties that all of these apps have in common:
Academic definition: A blockchain is an indelible chain of blocks; once you insert information into one of them it remains.
Marketing definition: many applications have been developed over last few years, all have to do with public verifiability. Reliance on cryptographic methods to achieve goals on clearing payments and the ability to check and verify.
Across the board, removing 3rd parties from equation. Establishing publicly verifiable Continue reading
The New Breed of Patent Trolls
Lee Cheng, President & Co-CLO, Symmetry IP LLC, and Vera Ranieri, Staff Attorney, Electronic Frontier Foundation
Moderator: Doug Kramer, General Counsel, Cloudflare
Photo by Cloudflare Staff
DK: Patent--IP issues and challenges are accelerating important supreme court cases. there’s also a flurry of legislative activity about patents. Good idea to talk about this topic: where is this going? How to push world in virtuous direction?
DK: current state of affairs. Vera: at the core is the patent itself, which is issued by and often adjudged by the patent office… is this where the problem lies?
VR: I like to blame everyone. How does someone get a patent in the first place? Someone comes up with an invention, patent attorney, documents it with opaque language, and files. The examiner then interprets the patent and searches for prior art, and says “I think this is what the patent owner is trying to claim.”
In the software space, it’s especially difficult. A lot of where inventing happens in software is right here, in businesses. People have a problem and find a solution by developing software. They don’t patent and publish.
Patent office tends to focus on patents.
DK: Talk about the Continue reading