IPv6 Q&A For The Home Network Nerd
I was a guest on the Daily Tech News Show, episode 2957A. We chatted about the news of the day, then had an IPv6 discussion aimed at folks who are curious, but haven’t had a chance to work with v6 yet. My goal was to dispel FUD and spread the gospel of IPv6 to the nerdy public.
For those of you that listened to the show, here’s the text I’d prepped. We didn’t get to all of this when recording, so you might find more information here to inspire your IPv6-related Google-fu.
What are the benefits to me as a general consumer of IPv6? (beyond having fifteen bajillion addresses)
In a certain sense, there is little tangible benefit for consumers. Addressing is largely transparent to general consumers. I think many consumers don’t know or care about the IPv4 address assigned to their gear. They care whether or not they can access the Internet resource they are trying to access.
For the more tech savvy, IPv6 does indeed bring fifteen bajillion addresses, so to speak. And while that doesn’t seem like a big deal, it is. For example, most of us at home have gear obscured by NAT. This makes us feel more secure Continue reading
TLS 1.3 explained by the Cloudflare Crypto Team at 33c3
Nick Sullivan and I gave a talk about TLS 1.3 at 33c3, the latest Chaos Communication Congress. The congress, attended by more that 13,000 hackers in Hamburg, has been one of the hallmark events of the security community for more than 30 years.
You can watch the recording below, or download it in multiple formats and languages on the CCC website.
The talk introduces TLS 1.3 and explains how it works in technical detail, why it is faster and more secure, and touches on its history and current status.
The slide deck is also online.
This was an expanded and updated version of the internal talk previously transcribed on this blog.
TLS 1.3 hits Chrome and Firefox Stable
In related news, TLS 1.3 is reaching a percentage of Chrome and Firefox users this week, so websites with the Cloudflare TLS 1.3 beta enabled will load faster and more securely for all those new users.
You can enable the TLS 1.3 beta from the Crypto section of your control panel.
Nominations Open for the Next Class of Internet Hall of Fame Inductees
Do you know someone who has played a significant role in the development and advancement of the open, global Internet? Organizations and individuals from around the world are invited to submit nominations to the Internet Hall of Fame.
2017 marks a significant milestone for the Internet Society as we celebrate 25 years of dedication to an open, secure Internet that benefits all people throughout the world. The Internet has come a long way since its earliest days, and the Internet Hall of Fame honors a select group of visionaries and innovators who were instrumental in the Internet’s development and advancement along the way.
Ms. Kathryn Brown
Six runtime threat detection and response tips for container security
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.
Security for containers has evolved quite substantially over the past year, but there is still a lot of education that needs to be done. The key point being that the biggest difference in this new paradigm is that everything is based on continuously delivered, micro-service based, applications. The fact that the technology enabler for that paradigm is containers is really less of an issue.
When it comes to containerized applications, everyone seems to be in agreement - statically analyzing what an application can do inside a container and rejecting non-security compliant images and/or vulnerable images is a must. However, no matter how good a job you do with vulnerability scanning and container hardening, there are unknown bugs and vulnerabilities that may manifest in the runtime and cause intrusions or compromises. That is why it’s so important to outfit your system with real-time threat detection and incident response capabilities.
To read this article in full or to leave a comment, please click here
Tap DANZing for Visible Cloud Networking
Networking is running blind. It is akin to driving a car in the fog at night without street lights, signs or a navigation system. Simply put, it’s a scary visibility problem, and it impacts the security and availability of the network. When coupled with massive shifts to virtualization, containerization, cloud-native applications and unstructured data, the insatiable telemetry demand is exponential. Every architect is looking for modern analytical methods of networking to gain visibility for millions of devices, data or events efficiently and consistently.
Connecting SMBs The Easy Way With Aerohive Connect
Wireless is hard. When you’re putting together large deployments of access points in challenging environments with tons of security on top of it all you realize the difficulty. That’s why most major wireless deployments require a lot of time, planning, and documentation to pull off correctly. But what if things are on the small side?
A Small World Without Wires
The average small business (SMB) is stuck in a wireless limbo. They have requirements that far exceed the performance profile of standard consumer wireless devices. Most SMBs have more than three or four devices connecting at a time. They have reliability issues that need to be dealt with. And they need it all in a package that doesn’t need constant minding to work appropriately.
When you look at the market for consumer wireless today, the real push is to get rid of any configuration at all. Even the old Apple Airport, which was simplistic in its day, is too “complicate” for modern users. Solutions like Google Wifi aim to be the kind of solution that just requires a cable plugged in. No additional configuration beyond that. Which works wonders if you’re a consumer at home that needs to enable some Continue reading