Hedge 285: Post Quantum Crypto

Is quantum really an immediate and dangerous threat to current cryptography systems, or are we pushing to hastily adopt new technologies we won’t necessarily need for a few more years? Should we allow the quantum pie to bake a few more years before slicing a piece and digging in? George Michaelson joins Russ and Tom to discuss.

download

Hedge 284: Netops and Corporate Culture

We all know netops, NRE, and devops can increase productivity, increase Mean Time Between Mistakes (MTBM), and decrease MTTR–but how do we deploy and use these tools? We often think of the technical hurdles you face in their deployment, but most of the blockers are actually cultural. Chris Grundemann, Eyvonne, Russ, and Tom discuss the cultural issues with deploying netops on this episode of the Hedge.
 

 
download

Worth Reading 101725

The ease with which those images and videos traveled, the thoughtless way in which we shared them, reveals the sinister side of technological advancement. It exposes the degree to which social media has desensitized us, stripped us of the natural horror that ought to accompany the spectacle of death, and conditioned us to consume human suffering as one more item in an endless buffet of digital content.

It’s normal for post-quantum cryptography to be rolled out as an extra layer of security on top of traditional pre-quantum cryptography, rather than as a replacement.

Not that many years ago, telephone and broadband networks were structured in such a way that most outages were local events. A fiber cut might kill service to a neighborhood; an electronics failure might kill service to a larger area, but for the most part, outages were contained within a discrete and local area.

Far from a future concern, AI is already the single largest uncontrolled channel for corporate data exfiltration—bigger than shadow SaaS or unmanaged file sharing.

A new security risk has recently been brought to my attention. I was on a Teams call that included an attorney who would not let the call continue while Continue reading

Worth Reading 101025

A number of recent changes have helped to push Ethernet forward, advancing its capabilities to better meet the needs of AI.

Cloudflare has confessed to a coding error using a React useEffect hook, notorious for being problematic if not handled carefully, that caused an outage for the platform’s dashboard and many of its APIs.

Working with MikroTik and IP Infusion’s OcNOS to interop EVPN/VxLAN has been on my wish list for a long time.

Have you heard about MRT dumps, but never tried to use them because the bar seems too high? Or are you tired of doing “parse -> grep -> process” every time you touch BGP MRT dumps?

Unfortunately, history is again being rewritten. It is rapidly becoming clear that LLMs are not economical.

As part of our research into post-quantum cryptography (PQC) for DNSSEC, we test PQC as a drop-in replacement for classical algorithms. We explore a transition where both run simultaneously, analysing how resolvers validate records, edge cases, and the feasibility and impact of such a period.

In much of the world, we are in an era that I like to call the “post-gigabit era”. Many users have access to gigabit connections—or at least hundreds of Continue reading

Hedge 283: Technical Planning

We network engineers often find ourselves without a viable plan–our plans always seem to go awry, to the point that many network engineers just give up on planning. Is “giving up” the right solution? Or can we learn to be better planners? Jonathan Adams and Tim McConnaughy join Russ to discussion planning for network engineers.

download

Hedge 282: Future of Operations

On this episode of the Hedge, Anil Varanasi joins Russ to talk about the complexities of network operations and what Meter is doing in this space.
 
note: even though this is a more product-heavy episode of the Hedge than usual, it is not sponsored
 

 
download

Best of the Hedge: Episode 4

Multicloud is all the rage — but is this always an intentional state of affairs, or do companies just “fall into” multicloud? Security in multicloud and certifications round out this episode of the Hedge, where we are joined by Joe Cozzupoli. You can get in touch with Joe through twitter at @jcozzupo24150.
 

 
download

Worth Reading 091925

“Classic” TCP uses an extremely simple loss-based congestion detection algorithm that is intended to save networks from collapsing under extreme overload.

The endgame is a society where corporate algorithms make decisions about employment, education, and social interaction with no accountability.

The rise of Agentic AI, the emergence and adoption of AI agents and agent-to-agent networking to autonomously perform tasks on behalf of humans, has introduced unique challenges for existing security products.

In the landscape of organizational management, a distinction exists between teams that (a.) efficiently deliver a high-quality service or product, and (b.) those that innovate and develop their thought leadership in an area of emerging technology.

Broadcom CEO Hock Tan delivered a rather defiant keynote to open the VMware Explore conference in Las Vegas recently, telling the audience they are better off using the latest version of VMware Cloud Foundation (VCF) on-premises than hyperscale cloud service providers.

The public is told that AI systems are super smart and have the world’s info at their electronic beck and call. At the same time, it is humans and human organizations who claim professional expertise and so deliver their “truth” via media and Internet.

While Eutelsat’s OneWeb operates the second-largest Continue reading

Hedge 281: Blockchain

What is the relationship between blockchain technologies and network engineering? Is blockchain “just another application,” or are there implications for naming, performance, and connectivity? Austin Federa joins Tom and Russ to discuss the intersection of blockchain and networks.
 

 
download

Hedge 280: Networking Careers

When you think of careers in network engineering, you probably think of being a console jockey, racking and stacking and configuring boxes. There is, however, much larger than just these things. Ethan Banks joins Eyvonne and Russ to talk about the broader world of careers in network engineering.
 

 
download

Worth Reading 090925

The arrangements regarding the composition and organisation of the provision and operation of authoritative root servers are one of the more long-lasting aspects of the public Internet.

Microsoft has achieved a breakthrough in the hollow core fiber technology, reducing data transmission loss to just 0.091 dB per kilometer, the lowest ever achieved and significantly below the 0.14 dB/km limit that has constrained fiber networks for decades.

China has pursued a strategy of competition among government-owned organizations, and it initiated two government-owned constellation projects, Hongyun and Hongyan, in 2018.

There is no question that one of the smartest things that chip designer, packager, and manufacturing process manager Marvell Technology did was to shell out $650 million in May 2019 to buy Avera Semiconductor.

In early 2024, a Hong Kong-based clerk at multinational consulting engineering firm Arup was duped into transferring about $25 million to scammers who used AI to impersonate the company’s CFO, and other senior executives, in a live video meeting.

Hedge 279: Learning Theory

Returning to a thread here at the Hedge, Rick Graziani joins Tom and Russ to discuss a college professor’s perspective on why network engineers should learn the theory, and not just the configuration.

download

Worth Reading 090325

Among the plethora of advanced attacker tools that exemplify how threat actors continuously evolve their tactics, techniques, and procedures (TTPs) to evade detection and maximize impact, PipeMagic, a highly modular backdoor used by Storm-2460 masquerading as a legitimate open-source ChatGPT Desktop Application, stands out as particularly advanced.

In this episode of PING, APNIC’s Chief Scientist, Geoff Huston, explores the economic inevitability of centrality in the modern Internet.

Philipp delivers a sober message for innovators: invention is only half the battle; defending your invention can define your company’s fate.

Google now estimates that the specs for a Cryptographically Relevant Quantum Computer (CRQC), which can break conventional public key encryption in a useful amount of time, are lower than they had previously estimatedﾅby 95%.

In this report, I’ll focus on the material presented at the DELEG and DNSOP Working Groups.

Worth Reading 090125

Can we trust AI? Will AI take our jobs? Is an AI app safe? Shall we invest in AI company? Create an AI startup? Will AI accelerate cybercrime?

This study highlights the inadequacy of current privacy protection measures and proposes an automated, sustainable approach to correlate user profiles, including homonyms and pseudonyms, solely through publicly available data.

Bargury’s attack starts with a poisoned document, which is shared to a potential victim’s Google Drive. (Bargury says a victim could have also uploaded a compromised file to their own account.)

I wrote last week about three examples of the new GPT 5.0 chatbot contradicting Sam Altman’s claim that “it really feels like talking to an expert in any topic, like a PhD-level expert.”

RFCs are, inherently, the result of a design-by-committee writing process; usually intended for engineers to read. Especially with cryptography, they err on the side of technical specification rather than introductory blog post.

The transition to IPv6 is now a practical necessity for networks under pressure to scale, secure, and streamline their operations.

Worth Reading 082925

In this episode of PING, Robert Kisteleki from the RIPE NCC discusses the RIPE Atlas system — a network of over 13,000 measurement devices deployed worldwide in homes, exchange points, stub and transit Autonomous Systems, densely connected regions and sparse island states.

The common denominator in both tests was technology called “Innovative Optical and Wireless Network” (IOWN), an all-optical networking stack that NTT hopes will mature in 2030 and expects will reduce power consumption by 100x, improve transmission capacity by 125x, and reduce network latency to 0.5 percent of current levels.

Internet Exchange Points (IXPs) are often overlooked in discussions about critical infrastructure. Yet their role in routing stability, local resilience, and digital sovereignty is undeniable.

Is adding AI to your environment a software purchase? Or is it more like hiring an employee?

Design by committee should always ring alarm bells, particularly in technology. The desire to achieve acceptable compromises between various opinions often leads to compromised technical outcomes, and it seems to me that the current work on redefining zone cuts and delegation in the DNS is leading to this same outcome

The TCP/IP Interoperability Conference—later renamed Interop—began as a small workshop in August 1986. It quickly grew Continue reading

Hedge 278: Advocating for Yourself

“Advocate for yourself!” What does this mean, and how can you do it? Alexis Bertholf joins Tom and Russ to discuss practical strategies to advocate for yourself.
 

 
download

Best of the Hedge: Episode 3

From time to time, I like to dive into the archive and find a show that’s worth repeating. Forthwith, Derrick Winkworth and automation.
 
Network automation efforts tend to focus on building and maintaining configurations–but is this the right place to be putting our automation efforts? Derick Winkworth joins Tom Ammon and Russ White at the Hedge for a conversation about what engineers really do, and what this means for automation.
 

 
download

Hedge 277: Sociotechnical Systems

What is the relationship between humans and machines? Do we adapt to machines, or do we adapt machines to humans? Does technology drive culture, or does our culture drive our technology? Join Mark Prosser, Eyvonne, Tom, and Russ as they discuss what a sociotechnical system is and how it impacts our lives.
 

 
download

Worth Reading 081325

The current state of digital identity is a mess. Your personal information is scattered across hundreds of locations: social media companies, IoT companies, government agencies, websites you have accounts on, and data brokers you’ve never heard of.

It turns out that, if you have your domain hosted by a big provider (we happen to use GoDaddy), it’s easy to turn on DNSSEC. But I think it says a lot that it took us this long (and the stimulus of working on a new security book) to get us to turn on DNSSEC

As we left the laboratory, I thought about how we in the computing field build a tremendous number of things that really cannot be called beautiful and then are commonly tossed aside without a thought.

The accelerated migration to advanced services will be accompanied by unprecedented complexity, and security and reliability concerns that must be addressed by the network-engineering and formal-methods communities.

Quantum scientists have long treated quantum entanglement as precious cargo, forging fresh links for every secure message or computation. A new theoretical study proposes a thriftier route, letting an existing pair pass portions of its entanglement down an extended chain.

Fast Following Fails

Fast following fails.

Whenever I hear a leader in a technology business say, “We’re going to fast follow because it’s the most profitable place to be,” I know I’m looking at a failed organization. I didn’t come to this conclusion by thinking about it. I came to this conclusion by observing it repeatedly.

After observing it, however, I wanted to understand why this particular strategy fails so consistently and spectacularly. Why? To understand my theory, we need to start in a somewhat different place than business—we need to start with the nature of goals and humans.

You can place goals into two buckets: first things and second things.

First things are foundational. If you are a technology company, the first thing is building a stable, resilient, and flexible platform (or foundation). The products you sell will only be as stable as your platform. The innovation you achieve will only be as consistent as your platform is.

Second things are goals you can only achieve once you’ve built the first things.

Here’s the hard truth no one wants to hear: Generating revenue is a second thing.

Humans become what they do.

We all want to believe we can become what we Continue reading