Weekend Reads 041423

Four major US mobile operators have agreed to a series of undertakings designed to address concerns over airline safety and to allow them to use their C-band spectrum to its full extent.

The result of this effort, Intel Max Series GPU formerly known by the code name Ponte Vecchio, packs 100 billion transistors and 47 tiles onto five process nodes. Beyond that, they include two packaging innovations, EMIB 2.5D and Foveros 3D technology, and stack tiles atop one another for greater processor density.

According to various statistics, there are somewhere around 330 billion emails being sent every day, approximately 3.82 million per second. Who reads all these emails?

In the ongoing AI revolution, images and text are yesterdayâ€s news, leaving audio as a new frontier to explore, and incredible progress has already been made. Here are six examples of AI audio generation that will leave you speechless.

The secret to unlocking the full potential of quantum networking may be hiding at the center of a diamond, according to Amazon Web Services. This week, AWS popped the question to De Beers subsidiary Element Six in the hope of finding it.

Year-over-year global VC funding dropped precipitously in Q1 Continue reading

Privacy And Networking Part 8: IPv6 Addresses And Privacy

One of the biggest advantages of IPv6 is the ease of renumbering thanks to SLAAC and DHCPv6. Easy renumbering of IPv6 addresses should, in theory, make some privacy protection methods easy to implement. Here's how it works, and and how it doesn't solve all privacy problems.

The post Privacy And Networking Part 8: IPv6 Addresses And Privacy appeared first on Packet Pushers.

Weekend Reads 040723

What it is about is how very few companies have access to the raw AI models that are transforming the world, the curated datasets that have been purged of bias (to one degree or another) that are fundamental to training AI systems using machine learning techniques, the model weights and checkpoints that are key to tuning a model, and the money to either build or rent the capacity to bring the neural network software and the data together to train an AI model.

Intel has announced a new processor with 144 cores designed for simple data-center tasks in a power-efficient manner.

Data center fires aren’t common, but they can be devastating. As use of lithium-ion batteries grows, enterprises need to be aware of the risks, Uptime Institute warns.

Russian intelligence services, together with a Moscow-based IT company, are planning worldwide hacking operations that will also enable attacks on critical infrastructure facilities.

Back in the old days, there was a CPU and chip designers crammed everything into that single CPU, which made sense for the greatest number of customers offset against the additional cost of adding extra functionality.

A picture is said to be worth a thousand words. A graph can Continue reading

Hedge 173: If Multicast is the answer, what was the question?

Multicast hasn’t ever really “gone viral” (In modern terms!) throughout the Internet—in fact, it’s not widely used even in networks supporting enterprises. why not? Join Dirk Trossen, Russ White, and Tom Ammon as we discuss the many facets of multicast, and what the future holds.

Dirk’s paper on multicast can be found here.

download

Controversial Reads 040123

Last year, around the Thanksgiving holiday, Ohio businessman Michael Larkin received a request for video from his Amazon Ring security system from Hamilton city police.

Once upon a time there live a tribe who lived on the plains. They were an adventurous tribe, constantly wanting to explore. At night they would see the moon drift lazily overhead, and became curious.

If I’ve written in this space before about “convenience of the employer” rules a lot of late, it’s because they are so pernicious. These rules essentially require taxpayers who switch from working in-person in one state to working remotely in another to continue paying income taxes to the state they used to work in, not the one they currently work in.

A federal judge yesterday ruled that Google intentionally destroyed evidence and must be sanctioned, rejecting the company’s argument that it didn’t need to automatically preserve internal chats involving employees subject to a legal hold.

From a national security perspective, banning TikTok seems to be a reasonable step in protecting U.S. citizens. After all, TikTok is merely a video sharing app that is widely used by children; thus, its ability to harm us far outweighs its utility.

And so Continue reading

Weekend Reads 033123

Late posting due to a conference this weekend …

The rapid rise in IT power density, however, now means that plausible design assumptions regarding future power density and environmental conditions are starting to depart from these standard, narrow ranges.

Globalization is over, at least for the chip industry, and this will mean higher chip prices, according to semiconductor contract manufacturer giant TSMC.

Are your online customers being lured away? Learn why retailers must prevent audience hijacking tactics to keep shoppers focused and not distracted by unwanted or malicious in-browser interruptions.

I surveyed the status of RPKI ROA registration for IXPs operating in the Asia Pacific region and several IXPs in the European region on 17 February 2023. My first impression is that both regions lack a sense of unity, with RPKI ROA registration being inconsistent.

Active DNS measurement is fundamental to understanding and improving the DNS ecosystem. However, the absence of an extensible, high-performance and easy-to-use DNS toolkit has limited both the reproducibility and coverage of DNS research.

A group monitored as REF2924 by Elastic Security Labs is wielding novel data-stealing malware — an HTTP listener written in C# dubbed Naplistener by the researchers — in attacks against victims operating Continue reading

Hedge 172: Roundtable! SONiC, Open Source, and Complexity

It’s roundtable time at the Hedge! Eyvonne Sharp, Tom Ammon, and I start the conversation talking about the SONiC open source NOS, and then wander into using open source, build versus buy, and finally complexity in design and deployment.

Thanks for listening–if you have an idea for a Hedge episode, would like to be a guest, or know someone you think would be a good guest, let one us know!

 
download

Hedge 171: Paul Grubb on Zero Knowledge Middleboxes

Middleboxes are used in modern networking to sniff out attack traffic (IDS), block unwanted traffic (stateful packet filters), and share load among several different servers. Encryption, however, is making it hard for the middleboxes to do their job. Paul Grubb joins Tom Ammon and Russ White to discuss zero knowledge middle boxes, which allow operators to enforce arbitrary policies on the underlying traffic of an encrypted connection without decrypting it.

download

To find out more about Paul’s work in this and other areas, please see Paul’s research page, this article on zero-knowledge middleboxes, and this research paper on zero knowledge middle boxes.

Weekend Reads 031723

Fujitsu’s Arm-based A64FX processor may have driven the most powerful supercomputer in the world, but it looks like its successor will be a more general-purpose chip that will focus on energy efficiency.

Hi everyone! In this article we’re going to take a look at the different rendering pattern options available nowadays for web applications.

Spurred by unprecedented unit pricing, the IPv4 market in North America experienced its second-best year ever in market history.

Getting a new technology out to consumers will usually require good people and boat loads of resources – including money. Generally, lots of money.

The Global Domain Report 2023 shows the domain industry is absorbing the shock waves, proving that the market is resilient and domains are solid assets for digitalization.

A proposed rule change at the Federal Communications Commission (FCC) would expand the definition of a data breach for communications carriers. If approved by the agency, the rule would cover any incident that affects the confidentiality of customer information, even if no harm to customers results.

Threat actors with a connection to the Chinese government are infecting a widely used security appliance from SonicWall with malware that remains active even after the device receives firmware updates, Continue reading

Hedge 170: AI in the Real World with Jonathan Bartlett

Artificial Intelligence is being heavily hyped right now, especially in light of the newer generative AI systems (like ChapGPT). What is the reality behind the hype? Jonathan Bartlett, fellow at the Discovery Institute, joins us for a discussion on AI reality for this episode of the Hedge.

download

Upcoming Training: How the Internet Really Works Part 1

I’m teaching How the Internet Really Works over on Safari Books Online on the 24th of March—in a couple of weeks. From the description:

This live training will provide an overview of the systems, providers, and standards bodies important to the operation of the global Internet, including the Domain Name System (DNS), the routing and transport systems, standards bodies, and registrars. For DNS, the process of a query will be considered in some detail, who pays for each server used in the resolution process, and tools engineers can use to interact DNS. For routing and transport, the role of each kind of provider will be considered, along with how they make money to cover their costs, and how engineers can interact with the global routing table (the Default Free Zone, of DFZ). Finally, registrars and standards bodies will be considered, including their organizational structure, how they generate revenue, and how to find their standards.

Register here.

Weekend Reads 031123

Featuring 18 different participating member companies, the Ethernet Alliance interoperability demo in booth #5417 spans diverse Ethernet technologies ranging from 10 Gigabit Ethernet (GbE) to 800GbE

Every few months, an important ceremony takes place. It’s not splashed all over the news, and it’s not attended by global dignitaries. It goes unnoticed by many, but its effects are felt across the globe. This ceremony helps make the internet more secure for billions of people.

Major cloud platforms, such as Google Cloud Platform (GCP), fail to adequately log the event data that could facilitate the detection of compromises and the forensic analysis during post-compromise response, according to an analysis.

Software dependencies, or a piece of software that an application requires to function, are notoriously difficult to manage and constitute a major software supply chain risk. If you’re not aware of what’s in your software supply chain, an upstream vulnerability in one of your dependencies can be fatal.

As a primary working interface, the browser plays a significant role in today’s corporate environment. The browser is constantly used by employees to access websites, SaaS applications and internal applications, from both managed and unmanaged devices.

For years, the domain registrar and Web hosting company Continue reading

Hedge 169: Network Address Translation with Steinn

Network Address translation is one of those phrases that strikes fear into the hearts of some network engineers … and joy into the hearts of others! Steinn Bjarnarson joins us to discuss the history of NAT, its uses, its misuses, and how NAT fits into the big picture of network design today. Steinn just finished writing a paper on the history of NAT.

download

Controversial Reads 030423

Privacy campaigners say such systems could be used as tools of oppression. In Moscow, Vyborov and countless others now face that oppression on a daily basis.

The general problem statement for technological standards is how to avoid the power imbalance of a single source for essential goods and services; in other words, standards are a line of defense against concentration risk. Interoperability is the goal, and multiple suppliers is the proof.

In this episode, they focus particularly on how social media has become a place where predators will search and highlight childrenâ€s vulnerabilities — which so many young people share online.

Tech policy, however, has its own set of “culture war issues” including net neutrality and encryption that largely serve as a distraction from the real issues at stake. Victims of child porn are now caught in the fray.

A major escalation in official online censorship regimes is progressing rapidly in Brazil, with implications for everyone in the democratic world. Under Brazil’s new government headed by President Lula da Silva, the country is poised to become the first in the democratic world to implement a law censoring and banning “fake news and disinformation” online, and then punishing those deemed Continue reading

Weekend Reads 030323

https://cacm.acm.org/magazines/2023/3/270206-a-turning-point-for-cyber-insurance/fulltext
Insuring against the consequences of cybersecurity seems too good to be true given the underlying problem has perplexed researchers and practitioners for going on 50 years.

https://cacm.acm.org/magazines/2023/3/270207-mapping-the-privacy-landscape-for-central-bank-digital-currencies/fulltext
Payment records paint a detailed picture of an individual’s behavior. They reveal wealth, health, and interests, but individuals do not want the burden of deciding which are sensitive or private.

https://cacm.acm.org/magazines/2023/3/270211-the-ai-tech-stack-model/fulltext
Presently, enterprises have implemented advanced artificial intelligence (AI) technologies to support business process automation (BPA), provide valuable data insights, and facilitate employee and customer engagement.

https://www.theregister.com/2023/02/22/google_milestone_quantum/
Google is claiming a new milestone on the road to fault-tolerant quantum computers with a demonstration that a key error correction method that groups multiple qubits into logical qubits can deliver lower error rates, paving the way for quantum systems that can scale reliably.

https://telecoms.com/520115/mwc-2023-whats-the-point-of-5g/
Four years into the 5G era, the technology is still struggling to find an identity. 3G was about the introduction of mobile data, which matured in the form of 4G, but what is 5G all about?

https://www.theregister.com/2023/02/24/europe_gigabit_transformation_consultation/
The European Union yesterday decided it’s time to start “laying the ground for the transformation of the connectivity sector” in the region Continue reading

Hedge 168: Roundtable

It’s roundtable time! In February’s roundtable, Eyvonne joins Tom and Russ to talk about Network as a Service, innovation, and marketing. Then we jump into the topic of the year at this point—ChaptGPT. Finally, we talk about proposals to eliminate noncompete agreements in the United States. What would this mean? Would it be better for tech, or worse?

As always, you can listen to the show on just about any podcatcher, you can listen right here, or you can download the show to listen later.

download

Weekend Reads 022423

A decade ago, waferscale architectures were dismissed as impractical. Five years ago, they were touted as a fringe possibility for AI/ML. But the next decade might demonstrate waferscale as one of only a few bridges across the post-Mooreâ€s Law divide, at least for some applications.

This is not a ‘silver bullet’, however. In comparison to the sophisticated deception available in traditional IT security, deception in ICS still faces some challenges.

As a numbers guy, Iâ€m always intrigued by the Ookla Speedtest Global Index since it provides an interesting look at broadband speeds in the U.S. and around the world.

Two new separate sets of research released this month underscore real, hidden dangers to physical operations in today’s OT networks from wireless devices, cloud-based applications, and nested networks of programmable logic controllers (PLCs) — effectively further dispelling conventional wisdom about the security of network segmentation as well as third-party connections to the network.

As organizations strengthen their defenses and take a more proactive approach to protection, attackers are adapting their techniques and increasing the sophistication of their operations.

As the security of the Android Platform has been steadily improved, some security researchers have shifted their focus towards other Continue reading

Hedge 167: Christopher Wood and masque

For last week’s show, we had Christopher Wood on to talk about oDoH. This week, Chris joins us again to talk about Multiplexed Application Substrate over QUIC Encryption, or masque, which is a more generalized privacy proxy. You can find more about masque at the IETF WG page.

download

Chatbot Attack Vectors

My monthly post is up over at Packet Pushers—

Machine learning systems “learn” from existing data pools and user interactions and are given “guardrails” by the system’s designers. Let’s look at some possible attack vectors and failure modes of these systems, specifically how training data, interaction with users, and the choice of guardrails might interact with security and privacy.

Chatbot Attack Vectors And Failure Modes In Networking And IT

With the release of ChatGPT as a product, Microsoft brought Machine Learning (ML) and Artificial Intelligence (AI) back into focus for millions of users—including network operators, coders, and other folks in information technology. People are once against asking if this technology will make them redundant or how it might change their day-to-day jobs. As always, […]

The post Chatbot Attack Vectors And Failure Modes In Networking And IT appeared first on Packet Pushers.