Archive

Category Archives for "Russ White"

Writing An IETF Draft: Document Streams And Document Status

So far in this series we’ve discussed the history of the IETF, some of the tools you might want to use when building an IETF submission, and document formatting. There are other seemingly mystical concepts in the IETF process as well—for instance, what is a “document stream,” and what is a document’s “status?” Let’s look […]

The post Writing An IETF Draft: Document Streams And Document Status appeared first on Packet Pushers.

Controversial Reads 052723


The net’s long decline into “five giant websites, each filled with screenshots of the other four” isn’t a mystery. Nor was it by any means a forgone conclusion. Instead, we got here through a series of conscious actions by big businesses and lawmakers that put antitrust law into a 40-year coma.


The federal government should not have warrantless, backdoor access to private communication systems like Twitter.


My experiences in the War on Terror provided me with a glimpse of the AI revolution that is now remaking America’s political system and culture in ways that have already proved incompatible with our system of democracy and self-government and may soon become irreversible.


America has a monopoly problem. Most industries in the United States have consolidated in recent decades,1 and markups and profits have dramatically increased since around 1980.


If the fabric is error-free, and can send and receive between hosts at interface speed with no buffering or delay, a case can be made for a different kind of stream protocol, which implies perhaps less overhead per host to manage that stream of data.


The real problem Altman is trying to solve—and everyone knows this—is how to use the power of the federal Continue reading

Weekend Reads 052623


Communities installing WiFi that spans an entire property. From tennis courts to pools, from fields to lakes, Hotwire says the new hybrid work-from-home lifestyle means homeowners are working from everywhere within a community.


BGP is the Internet’s de facto routing protocol – but relatively few have a deep understanding of its vulnerabilities.


Since its invention by Bob Metcalf and David Boggs back in 1973, Ethernet has continuously been expanded and adapted to become the go-to Layer 2 protocol in computer networking across industries.


However, it is important to acknowledge that passwords have long been identified as one of the weakest elements in the security chain.


Ready to live on the edge? In my last network design post we talked about remote access VPN but in this instalment, we will take a detailed look at designs for the network edge.


Intel has launched a field-programmable gate array—Agilex 7 with R-Tile—that features PCIe 5.0 and CXL capabilities for processing networking workloads.


Speaking of the existential threat of AI is science fiction, and bad science fiction for that matter because it is not based on anything we know about science, logic, and nothing we even know about ourselves.


In a recent workshop Continue reading

Weekend Reads 051923


When it comes to understanding what exactly confidential computing entails, it all begins with a trusted execution environment (TEE) that is rooted in hardware.


So, just for fun, we pulled out the trust Excel spreadsheet and tried to estimate what the feeds and speeds of the MI300 and the MI300A GPUs, the latter of which will be at the heart of the El Capitan system might be. Y


The popular PC storage manufacturer, Western Digital, has confirmed that it experienced a network security breach earlier this year, in which an unauthorized third party gained control of several of its systems.


How bad is the human security weakness problem? Verizon’s 2022 Data Breaches Investigations Report says 82 percent of data breaches have human involvement.


On 13 April 2023, through our recently launched Threat Intelligence Data Feeds (TIDF), we identified more than 1 million suspicious and malicious domains that figured in phishing, malware distribution, spam, and other cyber attacks, such as brute-force and distributed denial-of-service (DDoS) attacks.


Although honeypots are an effective solution for tracking attackers and preventing data theft, they have yet to be widely adopted due to their setup and maintenance difficulties.


If you want to get a sense of Continue reading

Hedge 178: Defined Trust Transport with Kathleen Nichols

The Internet of Things is still “out there”—operators and individuals are deploying millions of Internet connected devices every year. IoT, however, poses some serious security challenges. Devices can be taken over as botnets for DDoS attacks, attackers can take over appliances, etc. While previous security attempts have all focused on increasing password security and keeping things updated, Kathleen Nichols is working on a new solution—defined trust transport in limited domains.

Join us on for this episode of the Hedge with Kathleen to talk about the problems of trusted transport, the work she’s putting in to finding solutions, and potential use cases beyond IoT.

download

You can find Kathleen at Pollere, LLC, and her slides on DeftT here.

Weekend Reads 051223


Cybersecurity researchers have uncovered weaknesses in a software implementation of the Border Gateway Protocol (BGP) that could be weaponized to achieve a denial-of-service (DoS) condition on vulnerable BGP peers.


Enter OpenTelemetry, which provides a vendor-neutral standard for telemetry data, as well as the necessary tools to collect and export data from cloud-native applications.


DevEx drives business performance through increased efficiency, product quality, and employee retention.


Last January, thousands of users of two popular open source libraries, “faker” and “colors,” were shocked to see their applications breaking and showing gibberish data after being infected with a malicious package.


Netskope, a leader in Secure Access Service Edge (SASE), today unveiled new research confirming that attackers are finding new ways to evade detection and blend in with normal network traffic using HTTP and HTTPS to deliver malware.


In keeping with WhoisXML API’s mission to make the Internet a transparent and safe place for users, we expanded the list of IoCs in hopes of identifying social media pages that could already be serving or used to serve as fraud vehicles.


According to research carried out across a sample of over failed 17,000 hard drives, the failure occurred after only two years and 6 months. Continue reading

Upcoming Course: Data Center Fabrics

On the 19th and 22nd (Friday and Monday) I’m teaching the two-part series on Data Center Fabrics and Control Planes over at Safari Books Online. This is six hours total training covering everything from Clos fabrics to eVPN.

Register here.

If you register for the course you can access a recording at a later date. From Safari:

This class consists of two three-hour sessions. The first session will focus on the physical topology, including a short history of spine-and-leaf fabrics, the characteristics of fabrics (versus the broader characteristics of a network), and laying out a spine-and-leaf network to support fabric lifecycle and scaling the network out. The first session will also consider the positive and negative aspects of using single- and multi-forwarding engine (FE) devices to build a fabric, and various aspects of fabric resilience. The second session will begin with transport considerations and quality of experience. The session will then consider underlay control planes, including BGP and IS-IS, and the positive and negative aspects of each. Routing to the host and the interaction between the control plane and automation will be considered in this session, as well. EVPN as an overlay control plane will be considered next, and finally Continue reading

Weekend Reads 050523


The past decade has seen numerous reports of so-called cloud “repatriations”–the migration of applications back to on-premises venues following negative experiences with, or unsuccessful migrations to, the public cloud.


While agile software development is often associated with specific methodologies, such as Scrum, Kanban, and Extreme Programming it is not enough to just follow such a methodology.


The heady, exciting days of ChatGPT and other generative AI and large-language models (LLMs) is beginning to give way to the understanding that enterprises will need to get a tight grasp on how these models are being used in their operations or they will risk privacy, security, legal, and other problems down the road.


When deploying changes to an application, there are several strategies you can use.


The sad story of OAuth 2.0 and open standards.


Payment Card Industry Data Security Standard (PCI DSS) was developed and established to foster a safe cardholder data practice in the industry.


While the DNS (Web2) has been a reliable and trusted internet standard for decades, Web3 platforms (such as ENS, Handshake and Unstoppable) are a relatively new technology deployment that presents unique and different features.


In this blog post, we at the University Grenoble Alpes (France) Continue reading

Weekend Reads 042823


There has always been some concern about undersea fibers. Countries fear that sabotage of the fibers connected to their shores could result in being isolated from the Internet.


Do your employees use unauthorized SaaS apps? The average organization has over 100 SaaS apps, many unsanctioned by IT, posing a serious security risk.


A proposed permanent network of electromagnetic monitoring stations across the continental US, operating in tandem with a machine learning (ML) algorithm, could facilitate accurate predictions of geomagnetic disturbances (GMDs).


We may be seeing an equally dramatic transformation of chip design right now, this time with the use of AI to drive designs.


But for now it”s exciting to see what ChatGPT has already been able to do. At some level it”s a great example of the fundamental scientific fact that large numbers of simple computational elements can do remarkable and unexpected things.


He”s sharing the story of JSON, his discovery of JavaScript”s good parts, and his approach to finding a simple way to build software.


Back in January of this year, we studied the infrastructure of Ducktail, a malware that trailed its sights on Facebook business owners and advertisers.


The Philippines is an archipelago comprising three major island Continue reading

Hedge 176: OpenAI, ChatGPT, and the Cost of a Data Center

It’s time for the April Hedge roundtable! This month Eyvonne, Russ, and Tom are talking about OpenAI, the hype around AI, the “pause letter” and the lack of a real conversation, and the rising costs of building and operating a data center. As always, let us know if you have topics you’d like to hear us talk about, or guests you’d like to hear.

Thanks for listening!

download

Controversial Reads 042223


Tech companies are embedding these deeply flawed models into all sorts of products, from programs that generate code to virtual assistants that sift through our emails and calendars.


On the morning of October 14, 2020, I caught a firsthand glimpse of what it’s like for a traditional media outlet to go up against the vast agglomeration of economic and digital power known as Big Tech—and to do so without the benefit of what economist John Kenneth Galbraith defined as countervailing power.


Former Google CEO Eric Schmidt said that artificial intelligence could hurt American politics and needs to be reined in.


The National Assembly’s decision to greenlight the bill followed months of debate about one section in particular — Article 7 — which permits the use of AI-assisted video surveillance technology by law enforcement during and up to six months after the Games.


Calling a business, civic organization, or even school a family may be well-intended but comes with unintended consequences that do an injustice to the necessary commitments that should be made to our actual families.


If normal means mass layoffs, empty office buildings, confusing return-to-office policies, AI panic, and the whiplash-y feeling that just when employees were Continue reading

Weekend Reads 042123

A new report from analyst firm Omdia suggests operators’ best chance of growth in the consumer market comes from partnering with Big Tech.


In a 2023 survey of cybersecurity leaders, 51% said they believe an AI-based tool like ChatGPT will be used in a successful data breach within the next year.


When folks ask me for an estimate of the cost of building aerial fiber, I always say that the cost is dependent upon the amount of required make-ready needed. Make-ready is well-named – it’s any work that must be done on poles to be ready to string the new fiber.


On 10 February 2023, Reddit announced it suffered a security incident where a phishing campaign led an employee to a website that imitated the network’s intranet gateway.


This video looks at various Kubernetes vulnerabilities and their severity scores to help you understand how to evaluate CVEs so you can prioritize remediation. It also shows different options and sources of CVEs.


It is almost 25 years since the Internet was privatized by the U.S. government. ICANN was formed by Esther Dyson and Jon Postel as a California-based non-profit with the responsibility to administer the Internet.


The series glamourized Continue reading

Hedge 175: Mike B on Personal Superpowers

When the economy starts contracting, career advisors start talking about the importance of “soft skills.” What are “soft skills,” exactly—and why are they “soft?” Mike Bushong joins Tom Amman and Russ White to talk about why these skills are important, why they are not “soft,” and how we should talk about people skills instead. They are superpowers,” and there isn’t anything “soft” about them.

 
download

On the ‘net: The CCIE Shuffle Podcast

The Cisco Certified Design Expert (CCDE) exam was launched in 2007, but not many people know what the main objectives of the certification were at the time. Who better to enlighten us on some of the thought process and reasons behind the exam being created than one of the original development team? In this podcast, we are extremely humbled to be joined by networking industry legend, Russ White who spoke about his career, how he got into networking and some insights on the CCDE concept and how it came to fruition in the early 2000s!

On the ‘net: Privacy and IPv6 Renumbering

One of the biggest advantages of IPv6, from a network administration perspective, is the ease of renumbering. While IPv4 networks can be renumbered using DHCP, the process of changing the address of every device on a network is always fraught with unexpected challenges. People (like me) have a habit of manually assigning printers and network attached storage devices a fixed address so they will be easy to find and use.

Hedge 174: Javier Antich and Cloud AI

ChatGPT has broken through the hype barrier and brought AI hype to the larger world. But what does AI mean to network engineers? We’ve talked about AI driven network management for years, and commercial products abound, but what does it really mean to move from the automation driven configuration to AI driven decision-making? Javier Antich joins Tom Ammon and Russ White for this episode of the Hedge to talk about cloud AI for network engineers.

download

You can learn more about cloud AI in Javier’s new book.

1 8 9 10 11 12 164