Archive

Category Archives for "Russ White"

Weekend Reads 071924


On the other hand, these same minimal overheads imply that DNS over UDP cannot perform prompt detection of packet loss and cannot efficiently defend itself against various approaches to tampering with the DNS, such as source address spoofing, payload alteration and third-party packet injection. Perhaps most importantly, the way UDP handles large payloads is a problem.


User interface (UI) design is currently experiencing a transition from traditional graphical user interfaces (GUIs) to systems designed to recognize a personメs gestures and movements.


The U.S. Federal Trade Commission (FTC), along with two other international consumer protection networks, announced on Thursday the results of a study into the use of “dark patterns” — or manipulative design techniques — that can put users’ privacy at risk or push them to buy products or services or take other actions they otherwise wouldn’t have.


One of the most concerning aspects of social media is that much of its influence evades our notice. We don’t realize that we’re being influenced, or shaped to think a certain way, or view the world through a specific lens.


Chinese automobile conglomerate Geely has made significant strides since I last wrote about their Geesat LEO constellation for mobile vehicle connectivity.


Continue reading

The Hedge 235: Copyrights and Centralization

Join us as Tom, Eyvonne, and Russ hang out for another roundtable. We start the show talking about Tom’s plant (is it real or … ??). What does copyright have to do with Internet Service Providers? Should the two topics be related at all? What can the IETF do about Internet centralization?

Thanks for listening—and please reach out if you have a topic you’d like to hear about, or a guest you’d like to hear.

 

 

download

Weekend Reads 071224


The gang’s time from initial access to draining data out of a Veeam server is shockingly fast; after which the attackers went on to deploy actual ransomware in less than a day.


A critical security issue has been disclosed in the Exim mail transfer agent that could enable threat actors to deliver malicious attachments to target users’ inboxes.


The new fireball is the arrival of AI, its widespread acceptance and adoption, and the view that it is now a competitive imperative.


As a follow-up to the post yesterday on native VLANs, there was a question on what would happen to 802.1Q-tagged frames traversing an unmanaged switch.


State-controlled media on Tuesday covered the proceedings of the third China IPv6 Innovation and Development Conference, at which officials revealed that as of May 2024 the Middle Kingdom was home to 794 million users of the protocol, and that 64.56 percent of mobile traffic – plus 21.21 percent of fixed network traffic – is carried on networks that employ it.


In fact, since 2017, Google’s environmental reports show that the company’s electricity use, CO2 emissions, and carbon intensity have soared.


Using DevSecOps helps ensure the right level of security throughout both Continue reading

Weekend Reads 070524


Anybody not involved in the telephone business will probably be surprised to find that the old TDM telephone networks are still very much alive and in place.


Intel has demonstrated an optical chiplet co-packaged with a CPU capable of supporting 4 Tbps data links to feed the increasing datacenter bandwidth requirements of AI and high performance computing (HPC) applications.


My one-liner for The AI Delusion is that the real danger today is not that computers are smarter than us but that we think computers are smarter than us and consequently trust them to make decisions they should not be trusted to make.


If the Senate passes an expansion of the Foreign Intelligence Surveillance Act, any Americanメs international communications could become an open book.


Anybody who builds fiber networks can describe the litany of state and local regulations involved in constructing fiber. Following are the primary kinds of such regulations ヨ and there are others in some places.


OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems.


This only works for so long. Software can keep getting bigger and slower only for as Continue reading

Weekend Reads 062824


Often the scourge of tech execs in the US, Britain’s competition regulator has a new potential target in its sights: HPE’s proposed $14 billion purchase of Juniper Networks.


Normally, with a signature scheme, you have the public key and want to know whether a given signature is valid. But what if we instead have a message and a signature, assume the signature is valid, and want to know which public key signed it?


Comparing social media with tobacco use is bizarre. Smoking cigarettes is a known danger, whereas social media is a generally positive development that has troubling side effects for some young people who spend too much time on the platforms.


The Biden administration today banned the sale of Kaspersky Lab products and services in the United States, declaring the Russian biz a national security risk.


Meta has identified another reason AI might produce rubbish output: Hardware faults that corrupt data.


During the 59th BEREC plenary meeting (6 June 2024), the Board of Regulators approved the Draft BEREC Report on the IP Interconnection Ecosystem (BoR (24) 93) for public consultation.


Is there any company out there who has hurt young people more than Mark Zuckerberg’s gargantuan Meta empire?


At Continue reading

rule 11 reader 2024-06-21 15:19:04


Talking at Bernstein’s 40th Annual Strategic Decision Conference late last week, HP boss Enrique Lores acknowledged the pressures facing the print division, saying the number of printed pages has dropped by a fifth.


The petition makes three general arguments for issuing a pause on net neutrality, the first of which is that the FCC may not have the authority to reinstate net neutrality at all.


Each time someone interacts with a large language model (LLM), there is an energy cost in running the model for inference. In addition, there is an energy cost in the preparation and training of the model before it was brought to production.


On December 14, 2022, the European Parliament adopted the Directive on measures for a high common level of cybersecurity across the Union (Directive (EU) 2022/2555) hereinafter referred to as “NIS2”), which was published in the official journal on December 27, 2022


In my view, Thomas’ approach is inconsistent with the remainder of Article 28 and would not achieve the goals of NIS2 to improve cybersecurity across the EU member states.


This kind of marketing, historically, is quite effective – bigger numbers are easier for us customers to understand. But, as is the case Continue reading

Live Training: Build Your Own Networking Lab

This Friday at 1pm ET, Bruce McDougall and I are teaching a live class on using Containerlab to build and automate network labs. From the course description:

This course will guide learners through the tools and techniques to build virtual labs either locally or on common cloud services, so you can become more proficient at understanding, designing, monitoring, and troubleshooting networks. The course begins with obtaining and starting the basic tools required to build and test network labs using open-source and freely available tools. The instructors will build a variety of network topologies, including data center and campus, to help learners understand how to test in different environments.

Register here.

Hedge 230: Preparing for Layoffs

You will probably be laid off at least once in your career–we no longer live a world of “permanent positions,” or even a world where people are in complete control of their “work destiny.” It’s important, then, to prepare to be laid off, made redundant, or impacted by a RIF, today. Mike Bushong joins Eyvonne Sharp, Tom Ammon, and Russ White in a wide-ranging discussion about preparing to be laid off.

 

 

download

Weekend Reads 060724


The US Securities and Exchange Commission (SEC) wants to clarify guidelines for public companies regarding the disclosure of ransomware and other cybersecurity incidents.


Technical report 69, or TR-069, which defines how people’s broadband routers and other customer-premises equipment can be remotely provisioned and managed by ISPs automatically, is turning 20 years old.


Google and many other organizations, such as NIST, IETF, and NSA, believe that migrating to post-quantum cryptography is important due to the large risk posed by a cryptographically-relevant quantum computer (CRQC).


IPng’s network is built up in two main layers, (1) an MPLS transport layer, which is disconnected from the Internet, and (2) a VPP overlay, which carries the Internet.


Elon Musk doesn’t want you to share links from Substack, the blogging and newsletter platform that has grown in popularity over the last two years and serves as the primary mode of expression for independent Internet writers.


Quantum computers are probably coming, though we don’t know when—and when they arrive, they will, most likely, be able to break our standard public-key cryptography algorithms.


Domain name monitoring—that is, the detection of domains with names containing a brand-term (or other string) of interest—is a very well-established element of brand protection Continue reading

Rule 11 Academy 060324

New material at Rule 11 Academy this week:

Understanding Intra-AS BGP
Suboptimal BGP Route Reflection Lab

I’ve done a good bit of BGP to this point; I’m probably going to work on link state or some other part of the outline next week. I’m trying to make certain everyone who signs up for the first time gets the first six months for free; the membership plugin is being a bit squirrely, so you might see accounts expired, etc. I’m fixing these as I see them.

Weekend Reads 053124


In this episode of the RIPE Labs podcast, three Internet pioneers talk about how they helped grow the Internet out of its early infancy, back when its purpose – and much of the excitement around its development – lay in the promise of connecting researchers from around the world.


Meta, parent company of Facebook and Instagram, also now is in the AI-focused processor game. The company recently unveiled the next generation of custom-made chips to help power AI-driven rankings and recommendation ads on social media platforms.


Phishing threats have reached unprecedented levels of sophistication in the past year, driven by the proliferation of generative AI tools.


In recent news, more than 13,000 subdomains of brands were hijacked for a large spam campaign that “leverages the trust associated with these domains to circulate spam and malicious phishing emails by the millions each day, cunningly using their credibility and stolen resources to slip past security measures.”


Tenable Research has discovered a critical memory corruption vulnerability dubbed Linguistic Lumberjack in Fluent Bit, a core component in the monitoring infrastructure of many cloud services.


Pew Research Center conducted the analysis to examine how often online content that once existed becomes inaccessible. One part Continue reading

1 2 3 162