Worth Reading 051226

The screenshot feature has cultivated a wide range of impactful academic research across computing and social scientific fields.

When Motorola unveiled its Iridium global satellite-based mobile telephony service in the late 1990’s everything augured well for a revolution in the satellite communications market, only it didn’t happen.

While the software industry has made genuine strides over the past few decades to deliver products securely, the furious pace of AI adoption is putting that progress at risk.

The analytic company IDC says the U.S. economy will be generating 394 trillion zettabytes of data annually by 2028 (a zettabyte is a trillion gigabytes).

Enterprise strategists need to worry about securing their environments against AI-powered attacks.

Worth Reading 050926

These milestones highlight the significance RPKI has gained over the past decade. Starting off as an experimental technology, it has become a central component of the Internet, affecting a large percentage of its networks.

More than 9.7 million third-party businesses sell goods on Amazon, and Amazon makes a lot of money charging those third parties to sell on its platform—$117.7 billion in 2022, representing 23% of Amazon’s total revenues.

For much of the history of computing, it was reasonably safe to assume that a machine was doing what you told it to do (and what its creators promised it would do), because its operations were local.

There is always the case that the unexpected happens, and X.509 certificates are no exception. There are circumstances where the certificate should be marked as unusable immediately, which is before the notAfter expiration time.

Our investigation uncovers two sophisticated telecom surveillance campaigns and, for the first time, links real-world attack traffic to mobile operator signalling infrastructure.

Hedge 304: Deep Dive into a Network Master’s Program

If you’ve ever been curious about what an advanced degree in network engineering looks like, you’ll want to join us for this episode of the Hedge. Levi Perigo from the University of Colorado at Boulder joins Tom and Russ to talk through what earning a Master’s in Networking involves and what kinds of things you would learn.
 

 
download

Worth Reading 050626

DDoS mitigation often relies on BGP for “scrubbing”, but how this appears in routing data is not well understood. We analyse five major providers to distinguish between always-on and on-demand protection.

This column argues that without AI, adequate privacy has become simply out of reach. This is not because AI is benign; it most definitely is not. Rather, the modern digital ecosystem has evolved to a point where no human, unaided, can understand, monitor, or manage the complexity of today’s data practices.

Conventional memory schemes follow the Pareto Principle, in which approximately maintaining 20% hot data can meet 80% of requests. L

Google has just forked its Tensor Processing Unit, or TPU, designs for these two workloads, the very first time in more than a decade that TPU systems of the same generation were truly architecturally distinct from each other.

Fake domains are not a new problem. What’s now changing is the scale and how easily attackers can blend into your domain ecosystem with lookalikes, inactive registrations, and domains set up purely for email.

Worth Reading 050426

What can we learn about QUIC deployments just by listening to unsolicited QUIC traffic? This question becomes specifically exciting since QUIC aims for enhanced privacy by obfuscating metadata.

Securing AI means securing all the AI layers and throughout the lifecycle: data, model, and applications, in training and in inference.

According to a Reuters report, Meta is installing tracking software on its employees’ work computers. The tool, called Model Capability Initiative (MCI), will log mouse movements, clicks, and keystrokes. It will also take occasional screenshots of employees’ screens.

Despite its usage, the behaviour of BGP-based scrubbers is not well understood, such as whether scrubbers are always on-path or activated on-demand.

The UK’s National Cyber Security Centre (NCSC) has officially endorsed passkeys as the default authentication standard, marking the first time the agency has told consumers to move away from passwords entirely.

Worth Reading 042926

Many BGP route leaks reported by automated detection systems are actually brief, low-impact artifacts of normal BGP convergence.

Long round‑trip times have serious consequences for protocols like TCP, which rely on a steady stream of acknowledgements (ACKs) to manage sending rates, estimate delay, and trigger retransmissions.

As datacenter networks evolve toward ultra-high-speed links, the energy footprint of host-side packet processing grows increasingly significant.

The old perception of satellite internet as slow, expensive, and marginal is increasingly outdated. Today’s market includes multiple orbital models, each with distinct technical and operational characteristics.

What can we learn about QUIC deployments just by listening to unsolicited QUIC traffic? This question becomes specifically exciting since QUIC aims to enhance privacy by obfuscating metadata.

Hedge 303: Data Centers?

In this roundtable episode of the Hedge, Eyvonne, Tom, and Russ hang out and talk about data centers–why are we building all these things again? Our second topic is the FCC’s ban on non-US made home routers. Was this the right thing to do? Was it the wrong thing to do? Were there any other policy options?
 

 
download

Worth Reading 042226

In late 2024, the federal government’s cybersecurity evaluators rendered a troubling verdict on one of Microsoft’s biggest cloud computing offerings.

This report explores the evolution and current state of neuro- symbolic artificial intelligence, an approach that integrates neural network capabilities with symbolic reasoning.

The Linux 7.0 kernel is now out, and it’s one of the most impactful releases in years for networking professionals.

The human-speed defense of small business is being obliterated by the machine-speed offense of AI-driven cybercrime. Today, what large companies treat as a manageable risk is a terminal expense for small enterprises, with 60% of small enterprises shutting down within six months of a major attack.

The original frustration was familiar. You build on one provider, they change pricing, deprecate an API, or just aren’t the right tool anymore, and migrating is brutal.

Hedge 302: Communications in Biological Systems

What does biology have to do with computer networks? Much more than you might think. Communications systems, after all, need to solve the same problems–and they often use the same kinds of tools. In this episode of the Hedge, Emily Reeves and Joe Deweese join Russ and Tom to talk about a recent paper comparing computer communications to biological communications.
 

 
download

Worth Reading 041326

Tech leaders hoping AI might help save money and improve efficiency in IT infrastructure should know that only 28 percent of use cases fully succeed and offer return on investment (ROI).

The best strategy in the world won’t succeed if a team falters operationally. But what is operational excellence, and what does it take to acquire it

Industry analysts are using the word convergence as shorthand for competition that bundles cell service with broadband. Convergence is the newest strategy that replaces the traditional bundling strategy of selling a package of broadband, cable TV, and voice.

Leaving aside my discovery that YouTube videos on the Naturalistic Fallacy are branded by female cleavage (???), we move on to the two problems embedded in statements I hear by articulation and by implication in the public discourse: “We must cultivate trust in AI,” and “AI acquiescence is inevitable.”

Most engineers don’t think about securing TCP itself. We rely on the applications riding on top of the network. When you run routing protocols or long-lived control sessions across untrusted or shared infrastructure, TCP becomes part of your attack surface whether you planned for it or not.

Best of the Hedge: Episode 30, Network Fundamentals

What are networking fundamentals, and why are they important? Join us for this repost of a classic Hedge discussion with Ethan, Eyvonne, Tom, and Russ.
 

 
download

Worth Reading 040626

Stanford researchers are warning that using AI chatbots for personal advice could backfire. The problem isn’t just accuracy, it’s how these systems respond when you’re dealing with complicated, real-world conflicts.

During the APNIC Routing Security Special Interest Group (SIG) session at APRICOT 2026 / APNIC 61, APNIC and LACNIC presented a case study of a Border Gateway Protocol (BGP) hijack that combined a technical attack with social engineering.

It is widely believed that all BGP routers within an Autonomous System (AS) must be connected in a full iBGP mesh, or, when this becomes impractical, that route reflectors or confederations must be used. However, a full mesh is not always necessary, and in some scenarios it may even be undesirable.

The skies are quickly filling with communications satellites. Following is a short list of the many ventures that have or will soon be launching large numbers of broadband satellites.

In early demos, the system looked impressive. It could summarize logs, explain configuration issues, and suggest possible fixes. Instead of digging through internal docs, the answers were coming back in seconds. For a while, it really felt like this system was going to work as expected.

Worth Reading 040426

What appears as double extraction at the operator level becomes something larger and more serious at the level of the state. It becomes sovereignty inversion.

Major memory makers have already sold all the kit they can make this year, creating shortages and price increases.

It’s fading from our collective memory, but almost thirty years ago the global IT industry was gripped by Y2K fever.

What do you get when you combine Big Tech, a Bill Clinton fixer, Davos, the architect of the Hunter Biden laptop disinfo, and “Artificial Intelligence”? The biggest heist in world history.

Stop blaming the GPUs! Your AI feels slow because data is getting stuck in traffic. Fix the “supply chain” to keep those tokens flowing.

Hedge 301: SONiC

What’s the deal with SONiC? Is it easy to build and use, or hard? Is it something you should be looking at? Jeff Doyle joins Russ and Tom to look at the SONiC operating system, ecosystem, and deployment.
 

 
download

Worth Reading 032826

This document provides DNS deployment guidelines to secure the DNS protocol and infrastructure, mitigate misuse or misconfiguration, and provide an additional layer of network security as part of a zero trust and/or defense-in-depth security risk management approach.

However, eBPF has not seen similarly widespread adoption in other types of networked applications, such as web servers and databases. In this blog post, we argue that this gap stems from limitations in the current eBPF architecture — specifically, the kernel runtime, APIs, and compiler toolchain.

Time and again, I see people begging for companies with deep pockets to fund open source projects. I mean, after all, they’ve made billions from this code. You’d think they could support the code’s creators and maintainers. It would be only fair, right?

The weird, rare, surprising patterns that make data rich slowly get smoothed out when an AI model trains on outputs from a previous model.

In the previous note, the claim was not that the registry layer merely imposes visible fees or administrative inconvenience. The claim was more precise. The first extraction occurs when a scarce, transferable, revenue-enabling resource is kept institutionally discounted through non-asset rhetoric, conditional recognition, and friction around Continue reading

Hedge 300: Solving Injection Attacks

It’s episode 300, and it’s roundtable time. In this episode, Tom, Eyvonne, and Russ talk about how systems can be designed to prevent injection attacks, and then the perennial unpleasantness of layoffs.
 

 
download

Worth Reading 032526

For organizations in telecommunications, financial services, healthcare, and public infrastructure, the driver for running inference at the edge is not to reduce milliseconds. It is because the data cannot legally leave the building, the country, or the jurisdiction.

Internet number resources are not political property. They are operator-held assets embedded in functioning networks.

Just over half of U.S. teens say they have used chatbots for help with schoolwork, and 12% say they’ve gotten emotional support. More teens think AI will be positive for them than negative

You’ll use AI and like it too – if you work for PwC. Paul Griggs, US chief executive of the global professional services giant, has made clear there is no room at the corporation for AI skeptics.

For some time, I have been looking after a routing analysis report called the “CIDR Report”. Here I’d like to explain the reasons for this report, and what is in the report and share some thoughts as to its usefulness today to the Internet routing community.

Worth Reading 032326

The ENIAC (Electronic Numerical Integrator and Computer), a machine that profoundly reshaped computing, marked its 80th anniversary on 15 February 2026. ENIAC was a technological leap that laid the foundation for the modern computing revolution and eventually transformed nearly every aspect of society.

During the APNIC Routing Security SIG session, held at APRICOT 2026 in Jakarta, the community heard about six applications of Resource Public Key Infrastructure (RPKI) to the problem of secure Internet routing.

There is no doubt that automation offers benefits such as speed, accuracy, reliability, and efficiency, and goes far beyond simple configuration management tasks, including resource provisioning. However, it may not be a good fit for every infrastructure environment. One must evaluate and compare the pros and cons before adopting automation.

Meta’s Ray-Ban smart glasses are a privacy nightmare, with footage of naked people, sensitive information, and violent acts captured and seen by Meta’s AI and an army of employees.

MOSAIC ditches lasers for cheap MicroLEDs and medical imaging fiber, cuts cabling energy by up to 50%, and already fits in a standard transceiver after a proof-of-concept with MediaTek.

Worth Reading 031526

As malicious domains continue to pose a threat across the Internet, security professionals are left to consider the measures that can effectively defend their organizations from these threats.

Right now, a growing chorus is treating India’s “lock and suspend” approach as a success story and a model for the world.

On the last day of December 2016 there was a brief hiccup as the world’s clocks adjusted their time according to the Coordinated Universal Time (UTC) standard by adding an extra second to the last minute of the 31st of December.

For the past decade, Docker has provided a robust solution for building, shipping, and sharing applications. But behind its simple “build and run” workflow lie many years of complex technical challenges.

AI assistants that produce drawings and other output that looks like evidence reduce questioning without increasing correctness.

Hedge 299: 6G

As we discussed in the prior episode, the 6G hype is building. What’s in 6G, though, and how realistic is it that a new wireless technology is going to radically change the world? In this episode of the Hedge, George Michaelson joins us from Australia to discuss the ins and outs of 6G.
 

 
download