The Network Collective: Networking in Harsh Environments

Worth Reading: Five myths of Silicon Valley

Very little has changed over the past decade, with the Valley still mired in myth and stale stereotype. Ask any older entrepreneurs or women who have tried to get financing; they will tell you of the walls they keep hitting. Speak to venture capitalists (VCs), and you will realize they still consider themselves kings and kingmakers. —Vivek Wadhwa @Market Watch

Worth Reading: A new way to attack WPA2 weakenesses

On August 4, 2018, Jens “Atom” Steube, the lead developer of Hashcat, released a forum post disclosing a new technique that attempts to obtain and crack Wi-Fi Protected Access 2 (WPA2) passwords. —Ryan Morrow @Cisco

Research: Are We There Yet? RPKI Deployment Considered

The Resource Public Key Infrastructure (RPKI) system is designed to prevent hijacking of routes at their origin AS. If you don’t know how this system works (and it is likely you don’t, because there are only a few deployments in the world), you can review the way the system works by reading through this post here on rule11.tech.

Gilad, Yossi & Cohen, Avichai & Herzberg, Amir & Schapira, Michael & Shulman, Haya. (2017). Are We There Yet? On RPKI’s Deployment and Security. 10.14722/ndss.2017.23123.

The paper under review today examines how widely Route Origin Validation (ROV) based on the RPKI system has been deployed. The authors began by determining which Autonomous Systems (AS’) are definitely not deploying route origin validation. They did this by comparing the routes in the global RPKI database, which is synchronized among all the AS’ deploying the RPKI, to the routes in the global Default Free Zone (DFZ), as seen from 44 different route servers located throughout the world. In comparing these two, they found a set of routes which the RPKI system indicated should be originated from one AS, but were actually being originated from another AS in the default free zone.

Continue reading

Worth Reading: AI for security is a dangerous gamble

Machine learning and artificial intelligence can help guard against cyberattacks, but hackers can foil security algorithms by targeting the data they train on and the warning flags they look for. —Martin Giles @Technology Review

Weekend Reads 081018: Security and Privacy in Focus

It started with a lengthy email to the NANOG mailing list on 25 June 2018 — independent security researcher Ronald Guilmette detailed the suspicious routing activities of a company called Bitcanal, which he referred to as a “Hijack Factory”. —Doug Madory @APNIC

Reddit.com today disclosed that a data breach exposed some internal data, as well as email addresses and passwords for some Reddit users. As Web site breaches go, this one doesn’t seem too severe. What’s interesting about the incident is that it showcases once again why relying on mobile text messages (SMS) for two-factor authentication (2FA) can lull companies and end users into a false sense of security. @Krebs on Security

A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. And with good reason — sex sells (the second most-read piece here was my 2015 scoop about the Ashley Madison hack). @Krebs on Security

Last month, 360 cyber crime experts from 95 countries gathered in Strasbourg to attend the Octopus Conference. The event sounds like something from James Bond, and when you Continue reading

Arched Way

Worth Reading: Understanding FR Routing

Free Range Routing (FRR) is an open source routing project. It’s designed to provide a full routing stack that can run on top of a network OS. FRR is itself a fork from the Quagga routing project. @Packet Pushers

Short Take: SDN is not DevOps

Worth Reading: Network engineers and WISP startups

Many startup WISPs are often borne out of necessity – fast, reliable or economical Internet access – one or more of these is missing in the areas we see WISPs develop. —Kevin Myers @stubarea51

Worth Reading: Hedgehogs and Foxes

There were several reasons for this: foxes were more willing to be self-critical thinkers, possessing intellectual humility. More importantly, they were willing to update their beliefs when presented with new evidence, and were more skeptical of grand explanations. —Ilana R. Akresh @Heterodox Academy

On the ‘net: A Riff on RIFT

Today, an update on some compelling projects at IETF 102. Ours guest are Jeff Tantsura and Russ White. We review the following projects to see what’s new and understand what problems they’re solving: RIFT (Routing In Fat Trees), BIER (Bit Indexed Explicit Replication), PPR (Preferred Path Routing), and YANG data modeling. We also look at the state of SD-WAN, which is a bit of the Wild West, to look at standards and interoperability efforts underway. @Packet Pushers

Network Collective: Security and Analytics

In this community roundtable, Eyvonne and I talk to Eric Osterweil about the increasing reliance on analytics in the realm of security.

Worth Reading: Honeypot DDoS monitoring

The first flaw allows an attacker to spoof requests to a vulnerable service in the name of the victim; the second flaw causes the vulnerable service to answer this request immediately. —Johannes Krupp @APNIC

Worth Reading: Compelling reasons for hybrid cloud

Hybrid cloud is actually straightforward. It’s simply the combination of private-cloud resources in a private data center with additional resources in a public-cloud platform such as Azure or AWS. —Scott Sanders @Data Center Journal

On the ‘net: Subsidiarity and Control Planes

A social principle might seem like an odd link to network engineering, design and software-defined networking, but seemingly unrelated principles often address a concept that can be applied in other contexts. In this case, the social subsidiarity principle can shed light on the use of network control planes and SDN model design. @TechTarget

History of Networking: Vint Cerf

In this recording of the History of Networking, Donald Sharp, Jordan Martin, and I sit with Vint Cert to discuss the origins of the Internet, and it’s commercialization.

Worth Reading: Existential Neediness

Many of us seek to fill our existential neediness with something from the world and find that others and circumstances never deliver enough to extinguish the ache. The more recognition, the more appreciation we seek from the world, the more we ache. —Barry Brownstein @The Intellectual Takeout

Worth Reading: Looking at Edge Computing

And yet, despite all of the activity and discussion surrounding the edge, it really lacks a single, accepted definition. It’s closer to the consumer, sure, and edge locations typically are smaller, but beyond those facts, the edge seems to be different things to different people. —Martin T. Olsen @The Data Center Journal

Research: Covert Cache Channels in the Public Cloud

One of the great fears of server virtualization is the concern around copying information from one virtual machine, or one container, to another, through some cover channel across the single processor. This kind of channel would allow an attacker who roots, or otherwise is able to install software, on one of the two virtual machines, to exfiltrate data to another virtual machine running on the same processor. There have been some successful attacks in this area in recent years, most notably meltdown and spectre. These defects have been patched by cloud providers, at some cost to performance, but new vulnerabilities are bound to be found over time. The paper I’m looking at this week explains a new attack of this form. In this case, the researchers use the processor’s cache to transmit data between two virtual machines running on the same physical core.

The processor cache is always very small for several reasons. First, the processor cache is connected to a special bus, which normally has limits in the amount of memory it can address. This special bus avoids reading data through the normal system bus, and this is (from a networking perspective) at least one hop, and often several Continue reading