Worth Reading: What Facebook learns by shutting down entire facilities

As we have reported before, Facebook has one of the boldest approaches to testing its infrastructure resiliency. The Facebook data center team regularly shuts down entire sites to see how its application will behave and to learn what improvements can be made. During his keynote this morning at the Facebook @Scale conference in San Jose, California, Jay Parikh, the company’s head of engineering and infrastructure, shared some of the big lessons his team has learned so far from these fire drills. —Data Center Knowledge

The post Worth Reading: What Facebook learns by shutting down entire facilities appeared first on 'net work.

Worth Reading: More huge tech acquisitions

The market for tech acquisitions is booming in 2016 as legacy technology companies shed old assets and consolidate, and companies in other industries scoop up tech assets at a historic pace. This comes despite 2015’s boom in overall M&A waning, the market for initial public offerings declining, and as data shows some tech “unicorns” may wait until at least 2017 to make their market debut. The tech industry appears to be an anomaly, with analysts expecting deal making to remain strong for the foreseeable future, despite near-term macro uncertainties such as the U.S. election. —Market Watch

The post Worth Reading: More huge tech acquisitions appeared first on 'net work.

Technology

The post Technology appeared first on 'net work.

Worth Reading: Connecting Python to Slack

The scripting language Python can retrieve information from or publish information into the messaging app Slack. This means you can write a program that puts info into Slack for you, or accepts your queries using Slack as the interface. This is useful if you spend a lot of time in Slack, as I do. —Ethan Banks

The post Worth Reading: Connecting Python to Slack appeared first on 'net work.

Worth Reading: Exploring the Cybercrime Underground Part 2

In this second part of Unit 42’s Cybercrime Underground blog series, we dive into the cybercrime forum ecosystem and focus on observed cybercriminal roles, as well as prevalent tools and services bought and sold in the underground. The goal of this post is not to provide an exhaustive directory, but rather to provide additional context on the operations and highly prevalent threats observed within this ecosystem. —Palo Alto

The post Worth Reading: Exploring the Cybercrime Underground Part 2 appeared first on 'net work.

On Definitions: Whatever is Forwarding Information?

After last week’s, a reader left a comment noting “I2RS doesn’t manipulate forwarding data.” If I2RS isn’t “manipulating forwarding data,” then what, precisely, is it doing? I thought it’s worth a post to try and help folks understand the definitions in this space—except, as you’ll soon discover, there are no definitions here. In fact, it’s almost impossible to create a single set of definitions that will clarify the issues involved in understanding the various sorts of state in a network device. The following illustration might be helpful in trying to understand the vagaries of the various kinds of state, and the confusion that results from the various names used in different places.

It would be “nice” to say something like: information held in the forwarding table, that’s actually used to forward traffic through the router, is the only real “forwarding data.” This makes for a nice clean definition that clearly separates, say, what the RIB does and what the FIB does in most of the hardware based switching devices produced today. There are two problems with this clean definition, however.

First, there are, and always will be, devices produced that simply don’t have a forwarding table. Instead of Continue reading

Worth Reading: Your QUIC Questions Answered

Watch our second Facebook Live broadcast, where George Michaelson, APNIC’s Senior R&D Scientist, and Byron Ellacott, APNIC’s Senior Software Architect, discussed QUIC – Quick UDP Internet Connection. QUIC is a new protocol that supports a set of multiplexed connections over UDP and was designed to provide security protection equivalent to TLS/SSL, along with reduced connection and transport latency. —APNIC

The post Worth Reading: Your QUIC Questions Answered appeared first on 'net work.

Worth Reading: Hybrid and the last common denominator problem

Hybrid cloud only works when applications are designed to run predictably across all the infrastructure choices in the IT portfolio. Most organizations achieve this through a “least common denominator” approach to design, one in which API abstractions are so thoroughly simplified that only the barest set of cloud services remain. This approach, while functional, strips away nearly all of the useful advanced features that different infrastructures offer. A new Apache open source project, ARIA (Agile Reference Implementation of Automation) wants to solve this compromise. —The New Stack

The post Worth Reading: Hybrid and the last common denominator problem appeared first on 'net work.

Hallway

The post Hallway appeared first on 'net work.

Worth Reading: Cisco, Arista, and shades of grey

Cisco has effectively designated Arista as their number one competitor by way of this lawsuit. Arista represents a larger threat that HPE, Brocade, or Juniper. Yes, I agree that it is easy to argue that the infringement constituted a material problem to their business. But at the same time, Cisco very publicly just said that Arista is causing a problem for Cisco. Enough of a problem that Cisco is going to take them to court. Not make Arista license the patent. That’s telling. —Networking Nerd

The post Worth Reading: Cisco, Arista, and shades of grey appeared first on 'net work.

Worth Reading: Biometrics are less secure than passwords

Many technology pundits talk about biometrics as the ultimate authentication solution — the technology that will make the ‘imperfect’ password obsolete. Despite the hype, most companies are approaching with caution. In fact, CEB found that there are varied degrees of biometrics adoption globally, as around 20 percent of firms have actually deployed the technology. A big reason for low adoption could be that they are less secure. And while many are touting the security of biometrics, there are four issues to consider when evaluating the technology. —betanews

The post Worth Reading: Biometrics are less secure than passwords appeared first on 'net work.

Docker Forks the Open Source Bubble

The magic of open source.

If I’ve heard this once, I’ve heard it a thousand times.

Put the software “out there,” and someone, somewhere, will add features because they need or want them, fix bugs because they’ve run into them, and generally just add value to the software you’ve created for free.

This is why, I’m told, open source is so much better than open standards—isn’t open standards just another name for a bogged down, broken process where vendors try to run in fourteen different directions at once? Where customers really aren’t heard for the din of careers being made, and technical solutions far too often take a back seat to political considerations? Open source is going to ride in and save the day, I’m told, making all complex software free and better.

Unicorns. No, seriously. Or maybe you prefer frogs on stilts. It doesn’t work this way in the real world. If any project, whether it be an open source project or an open standard, gains enough community buy-in, it will succeed. If any project, whether it be an open source project or an open standard, doesn’t gain community buy-in, it is dead—no matter which company supports it, Continue reading

Worth Reading: Legally Defining Metadata

One of the foundational questions in surveillance law is how to distinguish between the contents of communications and non-content metadata. Contents generally receive very high privacy protection, while metadata generally receive very low protection. Identifying the line between the two is critical. Earlier this week, the ODNI declassified an April 2016 FISCR decision on post-cut-through digits that adopts an approach to the distinction in some tension with a recent Third Circuit case. This post will explain the problem and the apparent disagreement. —Lawfare

The post Worth Reading: Legally Defining Metadata appeared first on 'net work.

Worth Reading: Open Flow Controller Performance

OpenFlow’s architecture is inefficient, and caps performance while sucking unnecessary power. That’s the conclusion of a bunch of Comp. Sci boffins from researchers at Australian brain box Data61 and Sydney University, who assessed four major OpenFlow controllers – NOX, Maestro, Floodlight and Beacon. Their paper is at Arxiv. Poor old OpenDaylight was also tested but not reported: “the performance [was] too low to provide any insightful comparison”. To cut to the chase: none of the controllers tested got anywhere close to line speed, whether running on a network processor (based on Tilera chips), or on a Xeon E5-2450-based server (more on the configurations later). —The Register

The post Worth Reading: Open Flow Controller Performance appeared first on 'net work.

An I2RS Overview

What is the Interface to the Routing System (I2RS), and why do we need it? To get a good I2RS overview, consider the following illustration for a moment—

What does the interface between, say, BGP and the routing table (RIB) actually look like? What sort of information is carried over this interface, and why? A short (and probably incomplete) list might be—

• Routes being installed by the routing protocol into the RIB—this is the most obvious bit of information, allowing the device to actually build a forwarding table
• Routes being overwritten—this isn’t as obvious as installed routes, but BGP (for instance), can only advertise what is installed in the local table; hence if a route it has installed is overwritten, the process needs to know to stop advertising the route
• Routes being removed from the routing table—perhaps even less obvious, but some routing protocols (BGP is one) allow for multihop routes; when the next hop is removed, any routes using that next hop need to be removed as well
• Connected interfaces removed—this is often handled as a route removal, but it impacts more than just multihop routes; removing a connected route implies loss of reachability to a specific set of Continue reading

Worth Reading: The Internet of Poorly Working Things

Of course, not all connected devices are so easily mocked; some devices are dead serious: home security, HVAC, almost any kitchen appliance — even our very smart toaster. And it’s not that the IoT doesn’t work. The situation is actually worse than that: The IoT randomly works. Devices stop and restart, they require visit to unsupportive customer support pages and helpless Your Call Is Important To US help lines (and now we have chatbots). If you think I exaggerate, google “Nest trouble” or “smart bulbs trouble”. We don’t have to look around much to find the culprit: with its razor-thin margins, the Consumer Electronics (CE) culture offers a big fat target for our inquisition. —Monday Note

The post Worth Reading: The Internet of Poorly Working Things appeared first on 'net work.

Worth Reading: Disregarding Security Warnings

Software developers listen up: if you want people to pay attention to your security warnings on their computers or mobile devices, you need to make them pop up at better times. A new study from BYU, in collaboration with Google Chrome engineers, finds the status quo of warning messages appearing haphazardly—while people are typing, watching a video, uploading files, etc.—results in up to 90 percent of users disregarding them. Researchers found these times are less effective because of “dual task interference,” a neural limitation where even simple tasks can’t be simultaneously performed without significant performance loss. Or, in human terms, multitasking. —Brigham Young University

The post Worth Reading: Disregarding Security Warnings appeared first on 'net work.

On the ‘net: BGP—the most successful virus

This Weekly Show episode was recorded live at IETF 96 in Berlin in July 2016. Greg Ferro and several guests discuss the state of routing protocols such as BGP, and explore different approaches to routing, like Facebook’s Open/R initiative. They also debate issues around telemetry, network disaggregation, and whether enterprises should participate in the IETF to influence vendor product development.

Listen to the podcast over at Packet Pushers

The post On the ‘net: BGP—the most successful virus appeared first on 'net work.

Worth Reading: Intel’s Snap

Scale is creating the demand for new enterprise tooling to better understand and manage ever disparate workloads across devices, cars, buildings, etc. There were examples of this trend in almost all of the IDF keynotes and sessions we attended as well as additional discussions that focused on how Snap, Grafana, and platforms such as Kubernetes serve as ways to manage workloads and lots of data. —The New Stack

The post Worth Reading: Intel’s Snap appeared first on 'net work.

Worth Reading: Cloud Key and Key Escrow

The problem Apple wanted to solve is this. Suppose that you have some sort of iToy — an iPhone, an iPad, etc. — or Mac. These systems allow you to back up your keychain to Apple’s iCloud service, where they’re protected by your AppleID (an email address) and password. If you buy a new device from Apple, your keychain can be downloaded to it once you log on to iCloud. (Note: uploading keys to iCloud is optional and disabled by default, though you are prompted about enabling it during device setup.) —CircleID

The post Worth Reading: Cloud Key and Key Escrow appeared first on 'net work.