Private Access Tokens: eliminating CAPTCHAs on iPhones and Macs with open standards
This post is also available in 日本語, Español.
Today we’re announcing Private Access Tokens, a completely invisible, private way to validate that real users are visiting your site. Visitors using operating systems that support these tokens, including the upcoming versions of macOS or iOS, can now prove they’re human without completing a CAPTCHA or giving up personal data. This will eliminate nearly 100% of CAPTCHAs served to these users.
What does this mean for you?
If you’re an Internet user:
- We’re making your mobile web experience more pleasant and more private than other networks at the same time.
- You won’t see a CAPTCHA on a supported iOS or Mac device (other devices coming soon!) accessing the Cloudflare network.
If you’re a web or application developer:
- Know your user is coming from an authentic device and signed application, verified by the device vendor directly.
- Validate users without maintaining a cumbersome SDK.
If you’re a Cloudflare customer:
- You don’t have to do anything! Cloudflare will automatically ask for and utilize Private Access Tokens
- Your visitors won’t see a CAPTCHA, and we’ll ask for less data from their devices.
Introducing Private Access Tokens
Over the past year, Cloudflare has collaborated Continue reading
Learning BGP Module 2 Lesson 6: Next Hops – Video
In the final installment of this series, Russ White covers BGP next hops, including: -Next hop in iBGP vs. eBGP -Multi-access links -Route reflectors -Route servers You can subscribe to the Packet Pushers’ YouTube channel for more videos as they are published. It’s a diverse a mix of content from Ethan and Greg, plus selected […]
The post Learning BGP Module 2 Lesson 6: Next Hops – Video appeared first on Packet Pushers.
Hedge 133: Brooks Westfield and Multifactor Testing
Multi-factor testing is one of the most important jobs a vendor takes on—and one of the most underrated. Testing across all possible configurations and use cases is nearly impossible. Brooks Westbrook joins Tom Ammon and Russ White on this episode of the Hedge to talk about the complexity of multi-factor testing and some of the consequences of that complexity.
In Ukraine and beyond, what it takes to keep vulnerable groups online
This post is also available in 日本語, Deutsch, Français, Español, Português.
As we celebrate the eighth anniversary of Project Galileo, we want to provide a view into the type of cyber attacks experienced by organizations protected under the project. In a year full of new challenges for so many, we hope that analysis of attacks against these vulnerable groups provides researchers, civil society, and targeted organizations with insight into how to better protect those working in these spaces.
For this blog, we want to focus on attacks we have seen against organizations in Ukraine, including significant growth in DDoS attack activity after the start of the conflict. Within the related Radar dashboard, we do a deep dive into attack trends against Project Galileo participants in a range of areas including human rights, journalism, and community led non-profits.
To read the whole report, visit the Project Galileo 8th anniversary Radar Dashboard.
Understanding the Data
- For this dashboard, we analyzed data from July 1, 2021 to May 5, 2022 from 1,900 organizations from around the world that are protected under the project.
- For DDoS attacks, we classify this as traffic that we have determined is part of a Continue reading
Cisco DNA Upgrade Issues – Application Update Stuck
After initiating Cisco DNA Appliance version 2.1.2.4 and starting an upgrade towards 2.2.2.8 in order to get to 2.2.3.5 I got a strange issue where the appliance system update went fine but the switch to 2.2.2.8 was disabled until Application Updates did not finish. The real issue here was that Application Updates of Cloud Connectivity – Data Hub got stuck on 12% for 4 days without timing out or finishing. Tried several appliance reboots from CIMC which didn’t help. Below are the steps that helped sort out Application Updates issues with container pods being stuck at the point of pooling
The post Cisco DNA Upgrade Issues – Application Update Stuck appeared first on How Does Internet Work.
Select the Best Switching ASIC For the Job
Last week I described some of the data center switching ASIC design tradeoffs and the ASIC families Broadcom created to fit somewhere in that multi-dimensional space.
Next step: how could you design your data center fabric to make the most out of them? To keep things simple, we’ll build a typical leaf-and-spine fabric with a WAN edge layer (sometimes called border leaf switches).
NFA v 22.06 has arrived, featuring SNMP support
The post NFA v 22.06 has arrived, featuring SNMP support appeared first on Noction.
Extreme Networks Announces New Products Including SD-WAN And Digital Twins Of Switches, APs
Extreme Networks is rolling out several new products during its Extreme Connect live event, including an SD-WAN product, a new digital twin capability for its switches and APs, and a new switch. First is the availability of an Extreme-branded SD-WAN product, Extreme Cloud SD-WAN. The product comes from Extreme’s $73 million purchase of Ipanema Technologies […]
The post Extreme Networks Announces New Products Including SD-WAN And Digital Twins Of Switches, APs appeared first on Packet Pushers.
What’s new in Calico Enterprise 3.14: WAF, Calico CNI on AKS, and support for RKE2
At Tigera, we strive to innovate at every opportunity thrown at us and deliver what you need! We have listened to what users ask and today we are excited to announce the early preview of Calico Enterprise 3.14. From new capabilities to product supportability and extending partnerships with our trusted partners, let’s take a look at some of the new features in this release.
Web application firewall (WAF)
Web applications are a critical aspect of any business, whether they are public facing or internal. There has been a fundamental shift in the way these applications are developed—as they have become more container-based and API-based, we refer to these as cloud-native applications.
To keep these modern web applications secure, we need to analyze all HTTP communication and block any malicious traffic traversing the web application. However, in a cloud-native environment, we can’t achieve this using simple network policies or by using perimeter network firewalls. Instead, a cloud-native web application firewall (WAF) would be necessary.
Fig. 1: Service annotation for workload-based WAF using Calico
This is why we have introduced a cloud-native WAF into Calico Enterprise that’s different from the traditional WAFs you may know. While most traditional WAFs are deployed Continue reading
HS025 Did You Know Your IT is a Crime Scene ?
Does planning for cybersecurity failure include the concept of 'crime scene' ? Can you provide evidence to an external investigation sufficient to get justice or simply prove to insurance investigator that you met the policy requirements ? Should you be lobbying governments ? How does this drive your cyber spending - defense, microsegmentation, detection or evidence collection ?
HS025 Did You Know Your IT is a Crime Scene ?
Does planning for cybersecurity failure include the concept of 'crime scene' ? Can you provide evidence to an external investigation sufficient to get justice or simply prove to insurance investigator that you met the policy requirements ? Should you be lobbying governments ? How does this drive your cyber spending - defense, microsegmentation, detection or evidence collection ?
The post HS025 Did You Know Your IT is a Crime Scene ? appeared first on Packet Pushers.
OSPF Router IDs: Do They Actually Have To Be Unique?
This article uses the example of duplicate Router IDs to explore the distribution of Link State Advertisements (LSAs) in the OSPF routing protocol. It covers multiple types of LSAs, Area Border Routers, and more.
The post OSPF Router IDs: Do They Actually Have To Be Unique? appeared first on Packet Pushers.
Making Data Centers Cool Again
As compute power in data centers increases, so too, does cooling requirements. Some of the biggest providers in the world are beginning to look to liquid immersion to keep their systems cool and working.Let’s celebrate the 8th anniversary of Project Galileo!
This post is also available in 日本語, Deutsch, Français, Español and Português.
We started Project Galileo in 2014 with the simple idea that organizations that work in vulnerable yet essential areas of human rights and democracy building should not be taken down because of cyber attacks. In the past eight years, this idea has grown to more than just keeping them secure from a DDoS attack, but also how to foster collaboration with civil society to offer more tools and support to these groups. In March 2022, after the war in Ukraine started, we saw an increase in applications to Project Galileo by 177%.
Read ahead for details on all of our eighth anniversary announcements:
- Two new civil society partners helping choose participants
- New insights on attack patterns using data from Cloudflare Radar
- A portal designed to ease onboarding for Galileo participants
- Details on our sessions at RightsCon this week
- New case studies highlighting Galileo participants and the important work they are doing
Announcing two new Project Galileo partners
This year, we are excited to welcome two new partners, International Media Support and CyberPeace Institute. As we introduce new partners, we are able to expand the project Continue reading