AI Security and Safety Ecosystem
The field of artificial intelligence (AI) has seen explosive growth over the past two years, with its potential for future advancements appearing virtually limitless. However, with this rapid expansion comes a growing wave of challenges and risks. From AI-generated scams to deepfakes and data breaches, many people have either directly experienced or heard about the … Continue reading AI Security and Safety EcosystemThe forecast is clear: clouds on e-paper, powered by the cloud
I’ve noticed that many shops are increasingly using e-paper displays. They’re impressive: high contrast, no backlight, and no visible cables. Unlike most electronics, these displays are seamlessly integrated and feel very natural. This got me wondering: is it possible to use such a display for a pet project? I want to experiment with this technology myself.
(source)
My main goal in this project is to understand the hardware and its capabilities. Here, I'll be using an e-paper display to show the current weather, but at its core, I’m simply feeding data from a website to the display. While it sounds straightforward, it actually requires three layers of software to pull off. Still, it’s a fun challenge and a great opportunity to work with both embedded hardware and Cloudflare Workers.
For this project, I'm using components from Waveshare. They offer a variety of e-paper displays, ranging from credit card-sized to A4-sized models. I chose the 7.5-inch, two-color "e-Paper (G)" display. For the controller, I'm using a Waveshare ESP32-based universal board. With just these two components — a display and a controller — I was ready to get started.
When the components arrived, I carefully Continue reading
2024 Year In Review
https://codingpackets.com/blog/2024-year-in-review
Open sourcing h3i: a command line tool and library for low-level HTTP/3 testing and debugging
Have you ever built a piece of IKEA furniture, or put together a LEGO set, by following the instructions closely and only at the end realized at some point you didn't quite follow them correctly? The final result might be close to what was intended, but there's a nagging thought that maybe, just maybe, it's not as rock steady or functional as it could have been.
Internet protocol specifications are instructions designed for engineers to build things. Protocol designers take great care to ensure the documents they produce are clear. The standardization process gathers consensus and review from experts in the field, to further ensure document quality. Any reasonably skilled engineer should be able to take a specification and produce a performant, reliable, and secure implementation. The Internet is central to everyone's lives, and we depend on these implementations. Any deviations from the specification can put us at risk. For example, mishandling of malformed requests can allow attacks such as request smuggling.
h3i is a binary command line tool and Rust library designed for low-level testing and debugging of HTTP/3, which runs over QUIC. h3i is free and open source as part of Cloudflare's quiche project. In this post we'll Continue reading
AI for Network Engineers: Recurrent Neural Network (RNN) – Part II
Challenges of a RNN Modell
Figure 5-3 shows the last two time steps of our Recurrent Neural Network (RNN). At the time step n (on the left side), there are two inputs for the weighted sum calculation: Xn (the input at the current time step) and ht−1 (the hidden state from the previous time step).
First, the model calculates the weighted sum of these inputs. The result is then passed through the neuron’s activation function (Sigmoid in this example). The output of the activation function, ht , is fed back into the recurrent layer on the next time step, n+1. At time step n+1, the ht is combined with the input Xn to calculate weighted sum. This result is then passed through the activation function, which now produces the model's prediction, y ̂ (y hat). These steps are part of the Forward Pass process.
As the final step in the forward pass, we calculate the model's accuracy using the Mean Square Error (MSE) function (explained in Chapter 2).
If the model's accuracy is not close enough to the expected result, it begins the Backward Pass to improve its performance. The most used optimization algorithm for minimizing the loss function during Continue reading
Framework 16 Laptop Review
https://codingpackets.com/blog/framework-16-laptop-review
What’s new in Cloudflare: MASQUE now powers 1.1.1.1 & WARP apps, DEX now generally available with Remote Captures
At Cloudflare, we are constantly innovating and launching new features and capabilities across our product portfolio. Today’s roundup blog post shares two exciting updates across our platform: our cross-platform 1.1.1.1 & WARP applications (consumer) and device agents (Zero Trust) now use MASQUE, a cutting-edge HTTP/3-based protocol, to secure your Internet connection. Additionally, DEX is now available for general availability.
We’re excited to announce that as of today, our cross-platform 1.1.1.1 & WARP apps now use MASQUE, a cutting-edge HTTP/3-based protocol, to secure your Internet connection.
As a reminder, our 1.1.1.1 & WARP apps have two main functions: send all DNS queries through 1.1.1.1, our privacy-preserving DNS resolver, and protect your device’s network traffic via WARP by creating a private and encrypted tunnel to the resources you’re accessing, preventing unwanted third parties or public Wi-Fi networks from snooping on your traffic.
There are many ways to encrypt and proxy Internet traffic — you may have heard of a few, such as IPSec, WireGuard, or OpenVPN. There are many tradeoffs Continue reading
Revisiting Segment Routing IPv6 (SRv6) with VyOS
At the beginning of 2024, I looked at configuring a very basic SRv6 L3VPN service using VyOS. During that effort, I ran into a critical caveat in which CE traffic was not being forwarded until locally sourced traffic on each PE was transmitted. Issue The trace below demonstrates a sequence of CE1 sourced ICMP echo packets destined for CE5. We can see that they were encapsulated in an SRv6 packet by noting the destination prefix as the End.Sometimes I cache: implementing lock-free probabilistic caching
HTTP caching is conceptually simple: if the response to a request is in the cache, serve it, and if not, pull it from your origin, put it in the cache, and return it. When the response is old, you repeat the process. If you are worried about too many requests going to your origin at once, you protect it with a cache lock: a small program, possibly distinct from your cache, that indicates if a request is already going to your origin. This is called cache revalidation.
In this blog post, we dive into how cache revalidation works, and present a new approach based on probability. For every request going to the origin, we simulate a die roll. If it’s 6, the request can go to the origin. Otherwise, it stays stale to protect our origin from being overloaded. To see how this is built and optimised, read on.
Let's take the example of an online image library. When a client requests an image, the service first checks its cache to see if the resource is present. If it is, it returns it. If it is not, the image server processes the request, places the response into the Continue reading
Ubuntu Server 2404 Nvidia Driver Install
https://codingpackets.com/blog/ubuntu-server-2404-nvidia-driver-install
Ubuntu Server 2404 Increase Logical Volume Size
https://codingpackets.com/blog/ubuntu-server-2404-increase-logical-volume-size
Un experimento rápido: translating Cloudflare Stream captions with Workers AI
Cloudflare Stream launched AI-powered automated captions to transcribe English in on-demand videos in March 2024. Customers' immediate next questions were about other languages — both transcribing audio from other languages, and translating captions to make subtitles for other languages. As the Stream Product Manager, I've thought a lot about how we might tackle these, but I wondered…
What if I just translated a generated VTT (caption file)? Can we do that? I hoped to use Workers AI to conduct a quick experiment to learn more about the problem space, challenges we may find, and what platform capabilities we can leverage.
There is a sample translator demo in Workers documentation that uses the “m2m100-1.2b” Many-to-Many multilingual translation model to translate short input strings. I decided to start there and try using it to translate some of the English captions in my Stream library into Spanish.
I started with my short demo video announcing the transcription feature. I wanted a Worker that could read the VTT captions file from Stream, isolate the text content, and run it through the model as-is.
The first step was parsing the input. A VTT file is a text file that Continue reading
When the world logs off: Christmas, New Year’s, and the Internet’s holiday rhythm
As January approaches and the year comes to a close, distinct changes in global Internet usage emerge. Year-end traditions — ranging from Christmas feasts to New Year’s Eve (NYE) countdowns — shape online behavior across continents and cultures. Looking back at Christmas and NYE 2023 offers insights into how these trends may repeat this year, and by January 2025, we’ll be able to directly compare patterns. Examining data from 50 countries and regions reveals how people celebrated in 2023-2024, providing a timely reminder of typical holiday trends.
With Cloudflare’s global reach, we observe planet-wide and local Internet habits during the holiday season. In the past, unintended trends during Christmas and New Year’s Eve have surfaced through our Outage Center, which uses automatic traffic anomaly alerts to detect Internet outages or unusual patterns. In the 2023 overview below, traffic dropped enough on those days to trigger dozens of anomaly alerts (orange and pink bubbles):
While Christmas dominates in many regions, other cultural and religious holidays — like Hanukkah or regional festivities — shape online rhythms in places where Western traditions are less central.
In countries and regions where Christmas is deeply rooted, Internet traffic slows during Christmas Eve dinners, Continue reading
Grinch Bots strike again: defending your holidays from cyber threats
Back in 2021, we covered the antics of Grinch Bots and how the combination of proposed regulation and technology could prevent these malicious programs from stealing holiday cheer.
Fast-forward to 2024 — the Stop Grinch Bots Act of 2021 has not passed, and bots are more active and powerful than ever, leaving businesses to fend off increasingly sophisticated attacks on their own. During Black Friday 2024, Cloudflare observed:
29% of all traffic on Black Friday was Grinch Bots. Humans still accounted for the majority of all traffic, but bot traffic was up 4x from three years ago in absolute terms.
1% of traffic on Black Friday came from AI bots. The majority of it came from Claude, Meta, and Amazon. 71% of this traffic was given the green light to access the content requested.
63% of login attempts across our network on Black Friday were from bots. While this number is high, it was down a few percentage points compared to a month prior, indicating that more humans accessed their accounts and holiday deals.
Human logins on e-commerce sites increased 7-8% compared to the previous month.
These days, holiday shopping Continue reading
Global elections in 2024: Internet traffic and cyber threat trends
Elections define the course of democracies (even as there are several types of democracies), and 2024 was a landmark year, with over 60 countries — plus the European Union — holding national elections, impacting half the world’s population. As highlighted in Pew Research’s global elections report, this was a year of “political disruption,” where the Internet was a relevant stage for both democratic engagement and cyber threats.
At Cloudflare, with our presence in over 330 cities and 120 countries and interconnection with 12,500 networks, we’ve witnessed firsthand the digital impact of these elections. From monitoring Internet traffic patterns to mitigating cyberattacks, we’ve observed trends that reveal how elections increasingly play out online. As detailed in our just-published Cloudflare Impact report, we’ve also worked to protect media outlets, political campaigns, and help elections worldwide.
Here’s the map of countries with national elections that took place in 2024, from our elections report.
We’ve been monitoring 2024 elections worldwide on our blog and in the 2024 Election Insights report available on Cloudflare Radar.
In terms of Internet patterns, we’ve observed how cyber activity in 2024 continues to intersect with real-world events. Online attacks are clearly a significant part of elections, Continue reading
Merry Christmas And Happy 2025 Year
Dear friends,
We wish you nothing but the best in the upcoming 2025 year. May the health, wealth and joy accompany every your day.
Sincerely yours,
Team Karneliuk
Running Cisco CML in Proxmox
For the past few years, I’ve been running all my virtual machines on VMware Workstation Pro, installed on Windows 11. While it worked well for the most part, there were a few recurring issues. Windows would occasionally reboot to install updates, and when it did, my VMs would go down with it. This dependency on Windows to keep my VMs running became frustrating. Recently, I switched to Proxmox, a type-1 hypervisor, and the difference has been night and day.
In this blog post, we'll go through how to install Cisco CML (specifically CML 2.8 Free Tier) on Proxmox. If you're looking to install Cisco CML on VMware Workstation, check out my other blog post linked below.
Cisco CML Free Tier (No Kidding)
My initial reaction was, ‘Cisco giving something away for free? That can’t be true!’ But it turns out, it is. I couldn’t wait to try it. I believe it’s limited to five nodes, but I’ll take it.
Suresh Vina
Download the Cisco CML Image
Head over to the Cisco download page and select CML (2.8 Free Tier). You need a Cisco account, which is easy to create. Once you create the account and log Continue reading
RFC8277 breaks backwards compatibility
A quick public service announcement for anyone implementing BGP-LU or deploying it in a multivendor environment.
What is BGP Labeled Unicast
Originally, BGP was designed to advertise IP prefixes. Then [RFC2283] (obsoleted by [RFC4760]) defined Multiprotocol …