Playing games with Tensorflow
As a fun project, I recently built a web app to play checkers online against the computer. This post tries to outline the methodology I used. If you want to checkout the results, I would encourage you to try the web link above, change the difficulty level to ‘hard’ and play a round against the computer. You will be playing against a very simple neural network model that is, as far as I can tell, reasonably effective.
The standard approach to developing a game AI for something like board games is the “MiniMax” algorithm. Implementing “MiniMax” for a game like checkers is a relatively simple task; one needs to components:
- A method of generating valid moves for a play given a board position;
- A scorer function that evaluates the “goodness” of a given board position for a play;
There are multiple sets of possible rules for the game of checkers. I used the “Spanish draughts” rule set popular in Portugal: men move forward only; flying kings and mandatory moves on a 8×8 board. The minimax algorithm is independent of the particular rule-set used.
The scorer function must be able to look at a given player position and determine a score. Continue reading
netsim-tools: Release 0.4 Is Out
TL&DR: The new release of netsim-tools includes unnumbered interfaces, configuration modules, and OSPF configuration.
In mid-March, we enjoyed another excellent presentation by Dinesh Dutt, this time focused on running OSPF in leaf-and-spine fabrics. He astonished me when he mentioned unnumbered Ethernet interfaces being available on all major network operating systems. It was time to test things out, and I wanted to use my networking simulation builder to build the test lab.
netsim-tools: Unnumbered Interfaces, Configuration Modules, OSPF
TL&DR: The new release of netsim-tools includes unnumbered interfaces, configuration modules, and OSPF configuration.
In mid-March, we enjoyed another excellent presentation by Dinesh Dutt, this time focused on running OSPF in leaf-and-spine fabrics. He astonished me when he mentioned unnumbered Ethernet interfaces being available on all major network operating systems. It was time to test things out, and I wanted to use my networking simulation builder to build the test lab.
TCP Congestion Control at IETF 110
IETF 110 was held virtually in March 2020. These are some notes I took on the topic of current research activities in the area of transport protocol flow control at the meeting of the Internet Congestion Control Research Group at that meeting.Don’t Be Complex When Simple Will Do
Let’s say you’re a consultant working on a couple of internet edge design projects.
In the first scenario, you are designing an internet connection for a factory.
- There are a few hundred workers who access AWS using the internet-as-WAN for critical apps related to factory operations.
- The factory is automated, and metrics related to production line health and performance are analyzed in AWS.
- There is an IoT network used for physical security that relies on an internet-based SaaS product to run reports and distribute alerts.
- A group of executives have offices at one end of the factory. Because of the pandemic, they don’t use them right now, but they do remotely access workstations with highly sensitive data that reside in those offices.
In the second scenario, you are designing an internet connection for an executive’s home.
- The executive has been working from home since the pandemic started, and finds the internet connection is unreliable for video calls. The video lags and gets pixelated. There are audio dropouts and audible jitter.
- The executive’s family members are also demanding internet users. The kids are in Zoom school. The spouse has a digital editing business and shares large files with clients.
Worth Reading: Learning without Burnout
We’re in an unfortunate industry where you can’t learn everything there’s to know in 3 years and keep doing the same stuff for the next 30 years… but how do you keep learning? Andrew Owen documented what works for him in Learning without Burnout.
Worth Reading: Learning without Burnout
We’re in an unfortunate industry where you can’t learn everything there’s to know in 3 years and keep doing the same stuff for the next 30 years… but how do you keep learning? Andrew Owen documented what works for him in Learning without Burnout.
Keyless SSL now supports FIPS 140-2 L3 hardware security module (HSM) offerings from all major cloud providers
Private encryption keys stored in hardware security module offerings from all major cloud providers can now be used to secure HTTPS connections at Cloudflare’s global edge.
Cloudflare generates, protects, and manages more SSL/TLS private keys than perhaps any organization in the world. Private keys must be carefully protected, as an attacker in possession of one can impersonate legitimate sites and decrypt HTTPS requests. To mitigate this risk, Cloudflare has strict key handling procedures and layers of isolation at the edge that are designed to safeguard keys at all costs. But for a small minority of customers with information security policies dictating where they can (or cannot) custody their keys, these protections do not meet their requirements.
It was for these customers that we first released Keyless SSL in 2014, a protocol we use extensively inside our network: all of the TLS handshakes per day established at the Cloudflare edge that take place in a process that has no access to our customers’ private keys. The data required to establish the session is instead sent to a separate system, where the necessary cryptographic signing operation is performed. For keys uploaded to or generated by Cloudflare, we manage this other system, Continue reading
Heartbleed Revisited
In 2014, a bug was found in OpenSSL, a popular encryption library used to secure the majority of servers on the Internet. This bug allowed attackers to abuse an obscure feature called TLS heartbeats to read memory from affected servers. Heartbleed was big news because it allowed attackers to extract the most important secret on a server: its TLS/SSL certificate private key. After confirming that the bug was easy to exploit, we revoked and reissued over 100,000 certificates, which highlighted some major issues with how the Internet is secured.
As much as Heartbleed and other key compromise events were painful for security and operations teams around the world, they also provided a learning opportunity for the industry. Over the past seven years, Cloudflare has taken the lessons of Heartbleed and applied them to improve the design of our systems and the resiliency of the Internet overall. Read on to learn how using Cloudflare reduces the risk of key compromise and reduces the cost of recovery if it happens.
Keeping keys safe
An important tenet of security system design is defense-in-depth. Important things should be protected with multiple layers of defense. This is why security-conscious people keep spare house Continue reading
Introducing: Advanced Certificate Manager
In 2016, we launched Dedicated Certificates. Today, we are excited to announce that dedicated certs are getting an upgrade… and a new name… introducing Advanced Certificate Manager! Advanced Certificate Manager is a flexible and customizable way to manage your certificates on Cloudflare.
Certificates
TLS Certificates are the reason you can safely browse the Internet, securely transfer money online, and keep your passwords private. They do that by encrypting your sensitive messages using public-key cryptography that is cryptographically linked to the certificate itself. But beyond that, TLS certificates are used to make an assertion about identity — verifying that the server is who they claim to be. Server Certificates — used by every website — include the website's name on the certificate and is issued by a third-party certificate authority (CA) who verifies that the certificate's information is correct and accurate.
Browsers only let you visit a website when it's encrypted using TLS after it has successfully validated the certificate presented by the server — much like how security checks your ID to board a plane.
We are focusing on securing the Internet now more than ever. We want to make it as easy as possible for any customer to be Continue reading
Worth Reading: Network Automation ChatBot with Discord
It’s amazing how easy it is to create a chatbot that will send messages to a Discord channel… just follow John Capobianco’s step by step tutorial.
Worth Reading: Network Automation ChatBot with Discord
It’s amazing how easy it is to create a chatbot that will send messages to a Discord channel… just follow John Capobianco’s step by step tutorial.
Planning for a Rural Broadband Breakout
The FCC’s RDOF has begun to award $20 billion to service providers. Winners are committed to broadband expansion to under and un-served areas nationwide.Is It Illegal To Be Called “Engineer” Without Having An Engineering Degree?
Some engineers are called engineers because they went through a rigorous process recognized in their industry. The stuff they do tends to affect lives, and so the title of engineer is not awarded until a bunch of other people agree it’s deserved. Engineers in those disciplines sometimes take exception to IT engineers being called such, as there is no industry-wide process one follows to become an IT engineer. So should we be disallowed from using the term?
The post Is It Illegal To Be Called “Engineer” Without Having An Engineering Degree? appeared first on Packet Pushers.
Heavy Networking 569: New Metro Architectures For 5G, IoT, And Low Latency Services (Sponsored)
5G, IoT, and low-latency virtualized edge services present a major opportunity for providers and enterprises to build and consume new services in the metro network. On today's Heavy Networking episode, sponsor Juniper Networks is here to share its vision of new metro architectures. Our guests are Amit Bhardwaj, Sr. Director Product Management; and Mats Nordlund, Sr. Director Product Management.
The post Heavy Networking 569: New Metro Architectures For 5G, IoT, And Low Latency Services (Sponsored) appeared first on Packet Pushers.
Heavy Networking 569: New Metro Architectures For 5G, IoT, And Low Latency Services (Sponsored)
5G, IoT, and low-latency virtualized edge services present a major opportunity for providers and enterprises to build and consume new services in the metro network. On today's Heavy Networking episode, sponsor Juniper Networks is here to share its vision of new metro architectures. Our guests are Amit Bhardwaj, Sr. Director Product Management; and Mats Nordlund, Sr. Director Product Management.You Can’t Think If You’re Always Thinking
On the March 25, 2021 edition of his Daily Check-In podcast, Ned Bellavance talks about feeling like he’s putting too many inputs into his brain, and not leaving enough time to hear his own thoughts. I have had similar concerns for myself.
I tend to have something going most of the time. Podcasts in the morning before settling into my office. Music during the day, typically something familiar or non-intrusive so that it’s not too distracting while I write and research. YouTube or a Boston Celtics basketball game in the evenings while I eat dinner and unwind from Zoomday. (Zoomday is everyday! 
) Before I go to bed, I read mentally engaging things. Books, a mix of fiction and non-fiction, currently Aldous Huxley’s Brave New World. Blogs like Astral Codex Ten plus a myriad of tech writers. When the sleepies finally hit, I turn off the glowing doom rectangle and hope my dreams aren’t unfathomable. Like the one two days ago where I was inside a commercial jet taxing rapidly through a city, the jet being chased by emergency vehicles that kept inexplicably bursting into flames. My dreams are fun. But I digress.
Like Ned outlined in his podcast, Continue reading
Servant Leadership and Standing Out
My son is fifteen and he’s the typical teenager that either thinks he’s being asked to do way too much or he’s not getting recognized for what he’s accomplished. That last part is hard for him because he’s a bit humble and doesn’t like to tout his own work. I once told him that he didn’t need to do that because he stands out to the people that matter. He did the typical teenager thing where he fought me and said that no one noticed anything he did. I told him that if you do things the way they’re supposed to be done and don’t spend your whole day crowing about what you’re doing that the right people will most assuredly notice.
The worry that your work is going unnoticed isn’t unfounded among teenagers or adults. How many times have we asked ourselves in our daily work roles if we matter? It takes about two weeks worth of meetings in a typical IT department for you to see how things go. There are those that coast by with the knowledge they obtained years ago that have their niche and they intend to fill it. Their entire purpose is to avoid Continue reading
Introducing Super Bot Fight Mode
Almost half of the Internet’s traffic is powered by bots. Bots have scoured the net for years, relentlessly hacking into bank accounts, scooping up Bruno Mars tickets, and scraping websites for data. The problem is so widespread that we launched Bot Fight Mode in 2019 to fight back. Since then, over 150,000 individuals and small businesses have used the product, and we’ve received countless requests for more functionality. More analytics, more detections, and more controls.
Introducing Super Bot Fight Mode.
Beginning immediately, any Cloudflare user with a Pro or Business site can take new action against bots. We’ve added advanced features in the dashboard and some exciting updates to analytics. Free customers will retain all the benefits they've enjoyed with Bot Fight Mode, and our Enterprise Bot Management product will continue to push the needle on innovation.
In the Dashboard
Our bot solutions have a new home. The features we discuss in this blog post go beyond a single toggle, so we created a hub for bot protection. Head to the Firewall app and select the “Bots” subtab to get started.
The new hub is live for all users, including those with Enterprise Bot Management.
Pro Plan Features
First up: Continue reading