Archive

Category Archives for "Russ White"

Hedge 259: Architecture and Process

We often try to “institutionalize” things that work into repeatable processes—and most of the time, it doesn’t work. The process ends up becoming unwieldy, eventually failing to prevent failures and stifling innovation. How can we get out of this rut? Differentiating between architecture and process. Far too many IT shops try to replace architecture with process. Our second topic for this episode is the destructive lies of the tool trope. Tools are not “neutral,” they impact the way we think and work. A primary example of a tool that can often reshape our thinking and doing in very negative ways is … the process.

download

Hedge 257: Gaining Experience in IT

Every recruiter and hiring manager wants people with five years of experience, but you cannot get experience without being hired into a position. How can you break this conundrum? Daniel Dib joins Tom and Russ to talk about how folks just coming into IT, or even those with lots of experience who are trying to shift their focus, can gain experience.

download

Weekend Reads 012425


AI errors come at seemingly random times, without any clustering around particular topics. LLM mistakes tend to be more evenly distributed through the knowledge space. A model might be equally likely to make a mistake on a calculus question as it is to propose that cabbages eat goats.


In this post, we start by explaining the configuration of our switching infrastructure using common IETF protocols to implement redundancy, full usage of resources, and seamless adaptivity in case of failures or maintenance. We then continue presenting the configuration of our route servers with a special focus on isolating different LANs and dynamically excluding invalid routes.


LLMs are undeniably astonishingly good at using the text they trained on (aided by human fine tuners) to generate convincing prose. But they are really bad at distinguishing between truth and falsehoods and responding to prompts that are unlike or even slightly different from what they trained on.


I wonder how many of you have noticed a subtle change in the way that you navigate the web? We’re in the midst of a transition to the zero click Internet, meaning users no longer have to click on links to reach web sites to find content.


Time Continue reading

Hedge 256: The Impact of Your First Language

Richard Wexelblat published an article in 1980 titled: “The consequences of one’s first programming language.” We’ve all seen C code written like Python, or Python code written like C, so it’s obvious a coder’s first language has a long lasting effect on their style. What about network engineers? Are there times and places where the first of anything a network engineers encounters has a long lasting impact on the way they think and work? In this roundtable, Tom, Eyvonne, and Russ consider different ways this might apply to network engineering.

download

Hedge 255: Open Multi-perspective Issuance

One of the various attack surfaces in encryption is insuring the certificates used to share the initial set of private keys are not somehow replaced by an attacker. In systems where a single server or source is used to get the initial certificates, however, it is fairly easy for an attacker to hijack the certificate distribution process.

Henry Birge-Lee joins us on this episode of the Hedge to talk about extensions to existing certificate systems where a certificate is pulled from more than one source. You can find his article here.

download

Weekend Reads 011025


Wi-Fi 8 is coming, but it looks set to focus on greater reliability rather than on pushing the bandwidth ever higher, as the most recent updates to the venerable wireless local network technology have done.


Policymakers need to carefully guide the future consumption of electricity by AI datacenters, according to a report that considers four potential scenarios and suggests a number of guiding principles to prevent it from spiraling out of control.


In one of the quiet announcements that might eventually be a huge deal, the FCC voted to open the entire 6 GHz WiFi frequency band to very low-power devices (VLP – just in case you needed another new acronym to remember).


Gaining a clear view of the DDoS landscape is vital for developing effective countermeasures against this prolific form of attack. A new study, carried out through collaboration between researchers from several institutions, helps bring DDoS into perspective.


Salt Typhoon’s latest victims include Charter, Consolidated, and Windstream, underscoring the widening scope of China’s cyberespionage campaign against critical US infrastructure.

Weekend Reads 111524


Techno-futurists love to dream up visions of the future. Invariably, these are worlds where everything is under control—where every problem has a solution, and the future unfolds exactly as planned. We do seem to be moving toward some sort of centralized loss of agency.


The representational structures of the Internet governance institutions are highly varied (indicating once again that there is no “multistakeholder model”), but they all have one thing in common: decision-making power is vested in non-state actors.


The rapid expansion of AI and generative AI (GenAI) workloads could see 40% of data centers constrained by power shortages by 2027, according to Gartner.


Chiplets and 3D devices, long discussed in the future tense, are a growing sector of the market. Moore’s Law? It’s still alive, but manufacturers and designers are following it by different means than simply shrinking transistors.


Monitoring traffic at Internet Exchange Points (IXPs) is a long-standing operational practice. It is essential for several reasons related to the entire Internet infrastructure’s stability, security, and efficiency.


If you want to sell a lot of hardware to support AI workloads, then the best way to do that is to convince every country on Earth that AI is so important Continue reading

Weekend Reads 110924


Toward the end of August 2024, a customized malware dubbed “Voldemort” based on strings found in its code was used in a cyber espionage campaign targeting various countries.


Until 2019, it was a Google partner running full Android. Then it forked its own version of Android, called it HarmonyOS, stopped including Google proprietary apps, and set up its own Android app store.


As previously discussed in this post, Xiong’an New Area (Xiong’an), a pilot city established in 2017 about 100 kilometres west of Beijing, aims to be a model for future digital cities, built with IPv6-only infrastructure from the start.


A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) models, some of which could lead to remote code execution and information theft.


Today, we’re excited to announce the launch of Kentik’s Cloud Latency Map, a public service that uses Kentik Synthetics to continuously measure latency between the regions of the biggest cloud providers.


Data can undergo a similar transformation—two pieces of data, linked, such that changing one has an impact on the other. Think of this as “spooky data at a distance.”


In this work, we aim to Continue reading

Weekend Reads 110124


Do you want to analyse decrypted TLS traffic in Wireshark or let an Intrusion Detection System (IDS), like Suricata, Snort or Zeek, inspect the application layer data of potentially malicious TLS encrypted traffic?


Thousands of machines running Linux have been infected by a malware strain that’s notable for its stealth, the number of misconfigurations it can exploit, and the breadth of malicious activities it can perform, researchers reported Thursday.


More evidence has emerged that AI-driven demand for energy to power datacenters is prolonging the life of coal-fired plants in the US.


The Regional Internet Registries (RIRs) together ensure the stability of the Internet Numbers Registry System. In order to strengthen their accountability, efforts are under way to revise the criteria for the accreditation of RIRs, and the obligations they must continuously meet.


What happens on the network if you’re joining a Microsoft Active Directory domain? Which protocols are used? As I suspected, it’s a bit more complex than just seeing a single known protocol like HTTPS.


The demand for optical interconnects is so high, given the immense bandwidth bottlenecks for accelerator-to-accelerator and accelerator to memory needs, that raising venture funding is not a problem.


The basic approach to resolving the Continue reading

Weekend Reads 101324


A study by the US General Services Administration (GSA) has revealed that five remote identity verification (RiDV) technologies are unreliable, inconsistent, and marred by bias across different demographic groups.


This time, he included a PoC that caused the ChatGPT app for macOS to send a verbatim copy of all user input and ChatGPT output to a server of his choice.


In the quest to revolutionize medicine, our bodies are becoming living laboratories. By 2030, itメs estimated that bioprinting could address up to 20% of the organ transplant waiting list globally.


Consider this: For every 1,000 human users in your organization, you likely have 10,000 non-human connections or credentials. Some estimates suggest the ratio could be as high as 45-to-1.


The U.S. Department of Justice (DOJ) is considering recommending a federal judge to force Google to sell parts of its business in a bid to eliminate its alleged monopoly on online search, according to a court filing Tuesday.


A US jury has found that employment practices at Cognizant constitute discriminatory conduct toward non-Indian workers in a case that originated in 2013 and claimed the tech giant favored H-1B visa holders from India over local workers.


Consumers are victims of online Continue reading

1 2 3 164