CC BY-ND 2.0 image image by Clinton Steeds
CloudFlare is always trying to improve customer experience by adopting the latest and best web technologies so that our customers (and their visitors) have a fast and a secure web browsing experience.
More and more web sites are now using HTTPS by default. This sea change has been spearheaded by many groups including CloudFlare enabling free SSL for millions of sites with Universal SSL, Google moving towards marking plain HTTP as insecure in Chrome, and the Let’s Encrypt project’s plans to make certificates free in 2015.
Not only is the encrypted web more secure, it can also be faster than the unencrypted web if the latest HTTPS features are implemented. HTTPS sites are blazing fast on CloudFlare because we keep up with the latest performance-enhancing features:
Today, we completely disabled the RC4 encryption algorithm for all SSL/TLS connections to CloudFlare sites. It's no longer possible to connect to any site that uses CloudFlare using RC4.
Over a year ago, we disabled RC4 for connections for TLS 1.1 and above because there were more secure algorithms available. In May 2014, we deprecated RC4 by moving it to the lowest priority in our list of cipher suites. That forced any browser that had a good alternative to RC4 to use it. Those two changes meant that almost everyone who was using RC4 to connect to CloudFlare sites switched to a more secure protocol.
Back in May, we noted that some people still needed RC4, particularly people using old mobile phones and some Windows XP users. At the time, 4% of requests using RC4 came from a single phone type: the Nokia 6120.
At the time, we noted that roughly 0.000002% of requests to CloudFlare were using the RC4 protocol. In the last 9 months, that number is halved and so, although some people are still using RC4, we have decided to turn off the protocol. It's simply no longer secure.
The remaining users are almost Continue reading
Although I attended HP Discover in Barcelona as a guest of the folks at HP Networking (via their Independent Bloggers program), I didn’t restrict myself to looking at etherstuff; HP makes way too broad a portfolio of products to get away with that. I ended up looking at printers, and I found something that pretty much blew me away.
Before I forget, please accept my apologies for the clickbait headline. I’ve always wanted to do one of those; but unlike so many others I’ve seen, I hope that this article won’t disappoint. You’ll see “the man” in the headline in a video later.
It was hard to miss at HP Discover that HP believes in eating their own dog food. The signage at the event – many large, inspiring, multicultural images reminding us that HP’s mission is to provide “solutions for the New Style of IT” – was all printed on HP printers. The signs looked pretty amazing, I have to say:
Not only were they printed using HP products, but the poster tells you which printer was used, you know, in case you wanted to buy one for your spare bedroom or something:
Given the price Continue reading
CSC Carrier Supporting Carrier is a hierarchical MPLS VPN architecture between the Service Providers. Service is an MPLS VPN service mostly but doesn’t have to be as you will see throughout the post. Customer carrier ( Provider ) receives an MPLS VPN service from the Core/Backbone carrier. Although CSC architecture is not common in real… Read More »
The post Carrier Supporting Carrier – CSC appeared first on Network Design and Architecture.
Metadata doesn’t just apply to data science or protocols — it applies to engineering life. Think about the concept of epistomology — the study of how we know what we know — or the concept of hermeneutics — the study of how we understand communication — and you can quickly see that stepping outside what we are doing to examine how we are doing it is a common human experience (see Lewis’ Meditation in a Tool Shed as another instance).
But how does this apply to the engineering life? It’s called process — now, before you click off the page, scurrying away in shock, process isn’t a bad thing. In fact, process can be a good set of “guard rails” in the way we live our lives, something to remind us not to run off the road (like positive thinking signs), or even physically/mentally “bump” us in the right direction.
This week I’d like to kick off a short series on one process I learned in the US Air Force, and have used in many ways over the years — the OODA Loop. Originally developed by USAF Colonel John Boyd, and designed to help pilots deal with Continue reading