Archive

Category Archives for "Russ White"

Controversial Reads 102221


Mark Zuckerberg, unlike Einstein, did not dream up Facebook out of a sense of moral duty, or a zeal for world peace. This summer, the population of Zuckerberg’s supranational regime reached 2.9 billion monthly active users, more humans than live in the world’s two most populous nations—China and India—combined.


The greatest risk of monopolies is that they’ll obstruct the ideas that will make our homes truly smart. Our “Jetsons” future is on the line.


Given these concerns, it seems especially bizarre that Amazon was willing to reference the price of competing smart thermostats sold via its platform during the launch. Its smart thermostat is “less than half the average cost of a smart thermostat sold on Amazon.com,” the company’s senior vice president of devices and services, Dave Limp, said.


Apple’s co-founder changed how we view tech. A decade after his death, we’ve changed how we view the tech industry, too.


The U.S. government is secretly ordering Google to provide data on anyone typing in certain search terms, an accidentally unsealed court document shows. There are fears such “keyword warrants” threaten to implicate innocent Web users in serious crimes and are more common than previously thought.


There are Continue reading

Weekend Reads 102121


A recent phishing campaign targeting Coinbase users shows thieves are getting smarter about phishing one-time passwords (OTPs) needed to complete the login process.


What does it mean to cloud-connect the network? Simply put, it means connecting network equipment to the cloud and collecting telemetry, but this simple idea has far-reaching benefits that can up level the support experience for customers and vendors.


This post will focus on a key part of DNSSEC infrastructure — Root KSK ceremonies. These ceremonies exist to provide transparency to the Internet community around the creation, use, and storage of the Root KSK.


Despite 60% surge in dangerous third-party domain registrations, domain security is an underutilized security component to curb phishing and related ransomware attacks.


The term “code debt” in computer programming refers to the idea that certain decisions in writing computer code will lead to future consequences which have to be dealt with.


Before you give in to your impulses and wipe your screen with whatever you have at hand, let us stop you right there. Your display is way more delicate than you think, and if you want it to last you a long time in optimal conditions, you’ll need to treat it with Continue reading

Hedge 105: Johan Gustawsson and Changing Provider Architectures

Many service providers have the feeling that they “didn’t do anything wrong, but somehow we still lost.” How are providers reacting to the massive changes in the networking field, and how are they trying to regain their footing so they can move into the coming decades better positioned to compete? Join Johan Gustawsson, Tom Ammon, and Russ White as we discuss the impact of merchant silicon and changing applications on the architecture of service providers.

download

You can read Johan’s post on this topic here.

Weekend Reads 101521


Russia is the source of the lion’s share of nation-state cyberattacks Microsoft has observed in the past year (58%), followed by North Korea (23%), Iran (11%), China (8%), and South Korea, Vietnam, and Turkey all with less than 1% representation, a new pool of data reveals.


Equinix has been testing the use of liquid cooling in its data centers, and hopes to use the technology in its Equinix Metal service to create a high-density, energy efficient computing platform.


As a rule, the English term “computer” and the equivalent German term “Rechner” describe calculating machines. But until the middle of the 20th century, computers were, in fact, humans who performed calculations.


The job-killing robots are almost at the door, we are told, mere moments away from replacing the last traces of human inefficiency and heralding the dawn of a world without work.


The technological breakthroughs and intelligence superiority of the Israel Defense Force’s Unit 8200 position it, and Israel, as a world leader, at the same level as the United States, Russia, or China.


New PCIe 6.0 technology is in the works, and according to nonprofit electronics industry consortium PCI-SIG, it’s in the final draft stages.


Recently I was asked Continue reading

Hedge 104: Automation with David Gee

Automation is often put forward as the answer to all our problems—but without a map, how can we be certain we are moving in the right direction? David Gee joins Tom Ammon and Russ White on this episode of the Hedge to talk about automata without a map. Where did we come from, what are we doing with automation right now, and what do we need to do to map out a truly better future?

download

Live Stream: The Journey to Architect

On Thursday the 19th of October at 1PM ET, I’ll be joining Keith Bogart for the em>INE Live live stream. You can find the details on their web site.

In this session, Keith Bogart will interview prolific author and Network Architect, Russ White Ph.D. One of only a handful of people who have attained CCAr status, Russ White has authored several books such as “Practical BGP”, “The Art of Network Architecture” and “Computer Networking Problems And Solutions”. During this session we’ll find out about his journey to becoming a Network Architect and how his passion for technology can inspire you!

Weekend Reads 100821

first, a few interesting stories on the facebook outage


Facebook says that a configuration error broke its connection to a key network backbone, disconnecting all of its data centers from the Internet and leaving its DNS servers unreachable, the company said.


Following the Facebook outage that took place on 4 October, we saw people looking to BGPlay to get a better view of what went on. Here’s a look at what the RIPEstat visualisation has to show us about the event in question.


On October 4th Facebook managed to achieve one of the more impactful of outages of the entire history of the Internet, assuming that the metric of “impact” is how many users one can annoy with a single outage. In Facebook’s case the 6-hour outage affected the services it provides so some 3 billion users, if we can believe Facebook’s marketing hype.


But surely the bigger lesson is that we are all too dependent on too few Really Big providers. EU Competition Commissioner told Reuters “Facebook’s (FB.O) six-hour outage the previous day shows “the repercussions fn relying on just a few big players and underscores the need for more rivals.”

and other stories, as usual


Email Continue reading

Hedge 103: BGP Security with Geoff Huston

Our community has been talking about BGP security for over 20 years. While MANRS and the RPKI have made some headway in securing BGP, the process of deciding on a method to provide at least the information providers need to make more rational decisions about the validity of individual routes is still ongoing. Geoff Huston joins Alvaro, Russ, and Tom to discuss how we got here and whether we will learn from our mistakes.

download

Weekend Reads 100121


Bowles is showing off her whatever-it-takes strategy for narrowing the digital divide between people with reasonably speedy internet access and those without.


Articles 33 and 34 outline the requirements for breach notification; however, most businesses are still unaware of their responsibilities. Details such as what an organization should report, when, to whom it should be reported, and what should be included in the breach notification are some of the major aspects that businesses overlook.


The idea behind Security.txt is straightforward: The organization places a file called security.txt in a predictable place — such as example.com/security.txt, or example.com/.well-known/security.txt.


Air is an absolutely terrible medium with which to move or remove heat from a system, but it sure is a lot easier and cheaper (well, at least in terms of the cost of goods sold sense) than adding some sort of liquid cooling to a system.


The EU aims to have a common charging port for mobile phones, tablets, and headphones under a European Commission proposal presented on Thursday in a world first, with the move impacting iPhone maker Apple more than its rivals.


As we head toward the annual Supercomputing Conference season we wanted Continue reading

Hedge 102: BGP Security with Geoff Huston

Our community has been talking about BGP security for over 20 years. While MANRS and the RPKI have made some headway in securing BGP, the process of deciding on a method to provide at least the information providers need to make more rational decisions about the validity of individual routes is still ongoing. Geoff Huston joins Alvaro, Russ, and Tom to discuss how we got here and whether we will learn from our mistakes.

download

Keith’s Law (1)

I sometimes reference Keith’s Law in my teaching, but I don’t think I’ve ever explained it. Keith’s Law runs something like this:

Any large external step in a system’s capability is the result of many incremental changes within the system.

The reason incremental changes within a system appear as a single large step to outside observers is the smaller changes are normally hidden by abstraction. This is, in fact, the purpose of abstraction—to hide small changes inside a system from external view. Keith’s law is closely related to Clarke’s third law that “Any sufficiently advanced technology is indistinguishable from magic.” What looks like magic from the outside is really just a bunch of smaller things—each easier to understand on its own—combined into one single “thing” through abstraction.
If you’ve read this far, you’re probably thinking—what does this have to do with network engineering?
Well, several things, really.

First—the network is just an abstraction that moves packets to its users. Moving packets seems so … simple … to network users. You put data in here, and data comes out over there. All the little stuff that goes into making a network work are lost in the abstraction of the virtual Continue reading

Controversial Reads 092521


Apple then made public what was private. The company, under CEO Tim Cook’s leadership, had actually been consulting the FBI on various methods for hacking the phone. In fact, the FBI had botched one of the suggested techniques after a mistake. The agency wasn’t willing to risk another gaffe.


Software locks, API restrictions, legal threats, forced downgrades and more – these are why Big Tech stays big.


Megan Borovicka joined Facebook in 2013 and then forgot she even had an account. But Facebook never forgot about her.


On May 27, 2020, in the French National Assembly, Cédric O, the French Secretary of State for Digital Economy, forcibly expressed his government’s frustration with Apple and Google in terms more appropriate to a cold war confrontation between superpowers.


Almost everything we do online today is designed to be addictive. The average American spent more than two hours a day on social media in 2020.


Gary Gensler, Joe Biden’s deeply establishmentarian SEC head, has dropped a bomb on the crypto community with his sudden attack on Coinbase, the leading crypto platform.


As the data these devices collect is sold and shared—and hacked—deciding what risks you’re comfortable with is a necessary part of making Continue reading

Weekend Reads 092421


Microsoft on Tuesday addressed a quartet of security flaws as part of its Patch Tuesday updates that could be abused by adversaries to target Azure cloud customers and elevate privileges as well as allow for remote takeover of vulnerable systems.


To meet current demands, as well as those of the next normal and an unpredictable future, retailers are now adopting software-driven strategies to deliver connected retail experiences and operations, ultimately resulting in the software-defined store.


Network measurement techniques have been mostly developed independently from protocols and, therefore, typically build upon externally visible semantics. One example of this is TCP sequence numbers and acknowledgements, which can be used to derive a flow’s round-trip time (RTT).


Ordinarily, when developing something, you start with a set of requirements or goals. But DNSSEC was a research project, so in place of requirements, developers set expectations of what needed to be done and what could be done to solve the DNS security problem.


Open-source M1-style chips may be in our future, according to a reverse-engineering document released online, Tom’s Hardware reports.


But how can they know that the plan they have is efficient enough to alleviate future cyber incidents? By using a cyber crisis tabletop Continue reading

Hedge 101: In Situ OAM

Understanding the flow of a packet is difficult in modern networks, particularly data center fabrics with their wide fanout and high ECMP counts. At the same time, solving this problem is becoming increasingly important as quality of experience becomes the dominant measure of the network. A number of vendor-specific solutions are being developed to solve this problem. In this episode of the Hedge, Frank Brockners and Shwetha Bhandari join Alvaro Retana and Russ White to discuss the in-situ OAM work currently in progress in the IPPM WG of the IETF.

download

Thoughts on the Collapsed Spine

One of the designs I’ve been encountering a lot of recently is a “collapsed spine” data center network, as shown in the illustration below.

In this design, and B are spine routers, while C-F are top of rack switches. The terminology is important here, because C-F are just switches—they don’t route packets. When G sends a packet to H, the packet is switched by C to A, which then routes the packet towards F, which then switches the packet towards H. C and F do not perform an IP lookup, just a MAC address lookup. A and B are responsible for setting the correct next hop MAC address to forward packets through F to H.
What are the positive aspects of this design? Primarily that all processing is handled on the two spine routers—the top of rack switches don’t need to keep any sort of routing table, nor do any IP lookups. This means you can use very inexpensive devices for your ToR. In brownfield deployments, so long as the existing ToR devices can switch based on MAC addresses, existing hardware can be used.

This design also centralizes almost all aspects of network configuration and management on the spine routers. Continue reading

Weekend Reads 091721


Relationships also evolved during this uprooting of typical routines. Pandemic “pods” helped some Americans maintain connection, but they complicated relationships and family dynamics at the same time.


Attackers are actively exploiting a Microsoft remote code execution vulnerability using malicious Office files, the tech giant has warned.


“When you have a high percentage of all AI activity in Bay Area metros, you may be overconcentrating, losing diversity, and getting groupthink in the algorithmic economy. It locks in a winner-take-most dimension to this sector, and that’s where we hope that federal policy will begin to invest in new and different AI clusters in new and different places to provide a balance or counter.”


Email isn’t just a communication tool; it’s also an identifier and a security measure. Companies use it to create profiles of you when you start accounts with them and it often doubles as your username.


However, it looks like most phishing emails could be used to obtain user credentials according to the 2021 Annual State of Phishing Report by Cofense. After analyzing millions of emails, Cofense found that 57% are credential phishing emails.


Computer programmers are a pretty predictable bunch. Every time they approach legacy code, the gut Continue reading

Hedge 100: Supply Chain Diversity with Brooks Westbrook and Mike Bushong

Most network engineers don’t spend a lot of time thinking about their supply chain—you must call your favorite vendor, order, and a few weeks later the hardware shows up on your loading dock. It’s not so simple any more. If you disaggregate, you need to manage your software and hardware supply chains separately. You need to think about security in your supply chain—is that software package backdoored? Moving to the cloud might seem to solve these problems, but they don’t. Even virtual networks have physical limits.

Listen in as Mike Bushong, Brooks Westbrook, Eyvonne Sharp, Tom Ammon, and Russ White discuss supply chain diversity and security.

download

1 20 21 22 23 24 164