Archive

Category Archives for "Russ White"

Simple or Complex?

A few weeks ago, Daniel posted a piece about using different underlay and overlay protocols in a data center fabric. He says:

There is nothing wrong with running BGP in the overlay but I oppose to the argument of it being simpler.

One of the major problems we often face in network engineering—and engineering more broadly—is confusing that which is simple with that which has lower complexity. Simpler things are not always less complex. Let me give you a few examples, all of which are going to be controversial.

When OSPF was first created, it was designed to be a simpler and more efficient form of IS-IS. Instead of using TLVs to encode data, OSPF used fixed-length fields. To process the contents of a TLV, you need to build a case/switch construction where each possible type a separate bit of code. You must count off the correct length for the type of data, or (worse) read a length field and count out where you are in the stream.

Fixed-length fields are just much easier to process. You build a structure matching the layout of the fixed-length fields in memory, then point this structure at the packet contents in-memory. From there, Continue reading

On the ‘net: Network Models at Packet Pushers

I’ve just started a new series on network models over at Packet Pushers. The first two installments are here:

I learned the Open Systems Interconnect (OSI) model way back in the mid-1980s, as a part of my basic networking education. Ever since then, I’ve used the OSI model in my day-to-day work as a network engineer.

First, models are not sacrosanct. A model is just a tool. If the model you are using is not working for you, feel free to modify it.

On the ‘Net: The IETF at Packet Pushers

I’ve been writing a series about working within the IETF to publish a new standard over at Packet Pushers. The most recent installments are:

There are other seemingly mystical concepts in the IETF process as well—for instance, what is a “document stream,” and what is a document’s “status?”

You’re almost ready to submit a shiny new document to the IETF for consideration, right? Not quite yet—we still need to deal with mandatory sections and language.

Schedule 0923

Here’s a preview of what I’m working on for those who are interested:

  • September 2023: (this Friday) How Routers Really Work, a three-hour live webinar at Safari Books Online through Pearson
  • October 2023:
    • How the Internet Really Works a four-hour live webinar at Safari Books Online through Pearson; this is newly formatted and reorganized version of the two sessions I used to do
    • I’m speaking at a small theological conference on AI and ethics in Cary, NC
  • November 2023:
    • The new CCST book should be released
    • I have recorded a network basics video series that should be released in late 2023 or early 2024
  • January 2024:
    • What Coders Need to Know about Networks, a new course, co-authored with an engineer from Akamai; a three-hour live webinar at Safari Books Online through Pearson
    • I’ll be teaching a course in network engineering at the University of Colorado for the spring semester
  • February 2024: A new three-hour live webinar on infrastructure interviewing skills at Safari Books Online through Pearson
  • March 2024: BGP Policy, a three-hour live webinar on Safari Books Online through Pearson
  • April 2024: Troubleshooting, a reformatted and rebuilt three-hour live webinar at Safari Books Online through Pearson

There will probably Continue reading

Weekend Reads 091523


The average total cost of a data breach has reached an all-time high in 2023 of $4.45 million. This is an increase of 2.3% from last year’s $4.35 million.


Originally created as a secure sandbox to run compiled C/C++ code in web browsers, WebAssembly (Wasm) has been gaining traction and momentum on the server-side.


Specifically, the web giant’s Privacy Sandbox APIs, a set of ad delivery and analysis technologies, now function in the latest version of the Chrome browser. Website developers can thus write code that calls those APIs to deliver and measure ads to visitors with compatible browsers.


The German digital association, Bitkom, recently announced that the cost of IT equipment theft, data breaches, digital and industrial espionage, and sabotage is expected to reach a staggering 206 billion euros ($224 billion) in 2023.


The alarming rise of phishing attacks has been underscored by a recent study “Phishing Landscape 2023: An Annual Study of the Scope and Distribution of Phishing conducted” by the Interisle Consulting Group, revealing a tripling of such attacks since May 2020.


Japan is widely regarded as one of the most advanced economies for Internet penetration. Japan’s Internet usage rate (individuals) is 82.9% Continue reading

Upcoming Training: How Routers Really Work

Have you ever wondered exactly how a router moves a packet from input to output interface? Or what the difference between is between a router’s and host’s operating system? Or why forwarding engines are built in classes, and one forwarding engine cannot “do it all?” Join me on the 22nd at 1pm ET for How Routers Really Work, a three-hour tour through router guts. I’ve replaced about 10% of the slides since the last time I taught this course.

If you register, you can watch the recording at a later date.

Register here.

Hedge 194: Network Automation with the Network Automation Forum

Year after year network engineering media, vendors, and influencers talk about the importance of network automation—and yet according to surveys, most network operators still have not automated their network operations. In this episode of the Hedge, part 2 of 2, Chris Grundemann and Scott Robohn join the Hedge to give their ideas on why network automation isn’t happening, and how we can resolve the many blockers to automation.

download

Weekend Reads 090123


However, unlike most of the world, which is taking a flexible, adaptive Zero Trust Model approach of continuous controls for cyberdefense, the EU government is pursuing a vastly expanded version of the failed Common Criteria certification model coupled with regulatory extremism and exceptionalism strategies.


Enabled by SD-WAN, internet-first networking strategies are now the order of the day for wide-area connectivity and have been for some time.


The European Union’s Digital Services Act comes into effect today, August 25, and it’s unclear if the hoped-for consumer protections are going to have their desired impact.


Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows.


I like monitoring stuff. That’s what I do at work and when my home ISP started giving me random problems I decided it would be nice to monitor my home network as well.


Although we cannot fix humans, we can put extra measures in place to minimize the risk of having wrongly issued certificates operational in the wild. In comes Certificate Transparency (CT), a concept introduced by Google in 2013.

Hedge 193: Network Automation with the Network Automation Forum

Year after year network engineering media, vendors, and influencers talk about the importance of network automation—and yet according to surveys, most network operators still have not automated their network operations. In this episode of the Hedge, part 1 of 2, Chris Grundemann and Scott Robohn join the Hedge to give their ideas on why network automation isn’t happening, and how we can resolve the many blockers to automation.

download

To find out more about the Network Automation Forum and their upcoming meeting, check out their web site.

Weekend Reads 082623


This open-source hardware optimized implementation uses a novel ECC/Dilithium hybrid signature schema that benefits from the security of ECC against standard attacks and Dilithium’s resilience against quantum attacks.


Dig Security, the cloud data security leader, today released findings from its first-ever “State of Cloud Data Security 2023 Report.” The analysis of more than 13 billion files stored in public cloud environments reveals how – and why – sensitive data is at risk in the modern enterprise.


Dr. Read Schuchardt, professor of communications at Wheaton College (IL), identifies five primary ways digital technology can erode our lives and relationships, or produce what he calls “vices of the virtual life”


In the name of taking the global cybersecurity lead and protecting EU citizens, it seeks to impose dozens of onerous, if not impossible, conformance requirements on all “products with digital elements” and associated obligations on every “manufacturer, importer, or distributor.”


Given the exuberance surrounding machine learning (ML) and deep learning (DL) in particular, the claims I will make in this short article will be quite controversial, to say the least.


We all know there are many skilled cyber attackers out there, professionals with the technical know-how to manipulate and exploit Continue reading

Hedge 192: Addiction Recovery

Addiction and addiction recovery are not a “normal” Hedge topic, but addiction afflicts many people in Information Technology. We’re all “hard driven” types, who feel failure keenly, and we tend to spend more time working than is probably healthy for us. Brett Lovins has been through addiction and recovery, and joins Tom Ammon, Russ White, and Eyvonne Sharp to talk about this high impact topic.

download

Weekend Reads 081823


A group of academics has devised a “deep learning-based acoustic side-channel attack” that can be used to classify laptop keystrokes that are recorded using a nearby phone with 95% accuracy.


Of all vertical industries, manufacturing saw a 42% increase in total victims between Q4 2021 and Q4 2022, underscoring the potential threat to global supply chains.


In this article, we discuss the constant back and forth that has been going on for the last 5 years or so in protecting the privacy of data through FL. Just when it looks like FL is able to keep local data private, out comes a study to deflate us.


New research has revealed that threat actors are abusing Cloudflare Tunnels to establish covert communication channels from compromised hosts and retain persistent access.


Luckily there is a huge amount of research underway to look for batteries that last longer, charge faster, and are made from more readily available minerals.


Vade’s Threat Intelligence and Response Center (TIRC) researchers analyzed what they dubbed the “Eevilcorp phishing campaign” and the malware its perpetrators used in depth.


The latest quarterly report from Backblaze on hard drive reliability reveals a rise in failures among certain drives.


In 2020 a Continue reading

Hedge 190: Sunspots

What impact would Electromagnetic Pulses (EMP) from a large-scale sunspot have in the modern world? One this episode of the Hedge, Ulrich Speidel and Jaap Akkerhuis join George Michaelson and Russ White to discuss space weather and its impact on communication systems. Note this is a joint episode with Ping, APNIC’s podcast. Because this is a joint recording, the format is a little different than normal.

download

Hedge 189: Data Center Careers with Carrie Goetz

When network engineers think of a data center, we think of fabrics and routers and switches. There is a lot more to a data center, though—there is power, building construction, environmentals, and a lot of others. What possible jobs are out there in the data center space for people who want to work in IT, but don’t either want to code or build networks? Carrie Goetz, author of Jumpstart Your Career in Data Centers joins Tom Ammon and Russ White to tell us about a few, and about the importance of other careers in the data center.

download

In case you didn’t see it I’m uploading the rough “machine generated” transcript of each episode about a week after the episode airs. It takes a little time for the transcription to be created, and then for me to log back in and upload the file.

Weekend Reads 072823


Incredible as it may seem, US tax preparation companies using Google and Meta tracking technology have been sending sensitive information back to the megacorps, not to mention other tech firms, it is claimed.


The Federal Trade Commission (F.T.C.) sent a letter to OpenAI, the San Fransisco company responsible for creating ChatGPT, the Large Language Model that captured the world’s imagination in November of 2022.


Steganography is the art of hiding secret data in plain sight. It sounds kind of counter-intuitive, but you’d be surprised how effective it is.


On Wednesday, Microsoft announced that Chinese hackers had managed to secretly access email accounts belonging to 25 different organizations across the country, including government agencies.


But for a human to interact with this hardware, they must really know and understand how it works. The person must also know the order in which to give the computer various tasks to produce a meaningful result.


The UK’s Competition Market Authority (CMA) has provisionally cleared Broadcom’s proposed acquisition of VMWare, paving the way for the $61 billion deal to go ahead.


In 2021, we discussed a potential future shift from established public-key algorithms to so-called “post-quantum” algorithms, which may help protect sensitive Continue reading

Hedge 188: Sidewalk, Who’s Responsible?, and Data Breaches

It’s the last show of the month, which means it is time for a roundtable! Today we are discussing three news stories, including Amazon’s Sidewalk Labs, a court case in California involving Cisco and the Great Firewall of China, and yet another data breach.

In case you didn’t see it I’m uploading the rough *machine generated) transcript of each episode about a week after the episode airs. It takes a little time for the transcription to be created, and then for me to log back in and upload the file.

download

1 6 7 8 9 10 164