The Week in Internet News: Apple Backs Away from Encryption Plan

Under pressure: Apple has scrapped plans to allow iPhone users to fully encrypt backups of their devices in iCloud after the U.S. FBI complained it would hinder investigations, Reuters reports. About two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, but its plans seem to have changed. Meanwhile, U.S. Attorney General William Barr and President Donald Trump have continued their pressure for tech vendors to build backdoors in encrypted devices, Politico says.

One high-profile phone: Two United Nations rights experts have accused Saudi Arabia of hacking the phone owned by Jeff Bezos, founder of Amazon.com and owner of the Washington Post, the New York Times says. The hack appears to be an attempt to influence the Post’s coverage of the kingdom, the U.N. people say. The hack of Bezos’ phone appears to have bypassed encryption through spyware, adds a Fortune story.

If it’s good for smartphones: Swiss cryptography firm Teserakt has introduced E4, “a sort of cryptographic implant that Internet of Things manufacturers can integrate into their servers,” Wired reports. The open source tool aims to be a comprehensive encryption solution for IoT.

Continue reading

IBM Power-based cloud instances available… from Google

IBM and Google may be competitors in the cloud platform business, but that doesn't prevent them from working together. Google is partnering with IBM to offer "Power Systems as a service" on its Google Cloud platform.IBM’s Power processor line is the last man standing in the RISC/Unix war, surviving Sun Microsystems’ SPARC and HP’s PA-RISC. Along with mainframes it’s the last server hardware business IBM has, having divested its x86 server line in 2014.IBM already sells cloud instances of Power to its IBM Cloud customers, so this is just an expansion of existing offerings to a competitor with a considerable data center footprint. Google said that customers can run Power-based workloads on GCP on all of its operating systems save mainframes — AIX, IBM i, and Linux on IBM Power.To read this article in full, please click here

The Debate Over Regulating AI Ramps Up

Sundar Pichai, CEO of Google and parent company Alphabet, generated a lot of buzz recently with an op-ed he wrote for the The Financial Times calling for greater regulation of artificial intelligence (AI) technologies, adding a high-profile voice into a debate that has been simmering as innovation around AI, machine learning and deep learning have advanced rapidly.

The Debate Over Regulating AI Ramps Up was written by Jeffrey Burt at The Next Platform.

Community Collaboration on Notary v2

One of the most productive meetings I had KubeCon in San Diego last November was a meeting with Docker, Amazon and Microsoft to plan a collaboration around a new version of the CNCF project Notary. We held the Notary v2 kickoff meeting a few weeks later in Seattle in the Amazon offices.

Emphasising that this is a cross-industry collaboration, we had eighteen people in the room (with more dialed in) from Amazon, Microsoft, Docker, IBM, Google, Red Hat, Sylabs and JFrog. This represented all the container registry providers and developers, other than the VMware Harbor developers who could unfortunately not make it in person. Unfortunately, we forgot to take a picture of everyone!

The consensus and community are important because of the aims of Notary v2. But let’s go back a bit as some of you may not know what Notary is and what it is for.

The Notary project was originally started at Docker back in 2015 to provide a general signing Continue reading

Fast Failover in SD-WAN Networks

It’s amazing how quickly you get “must have feature Y or it should not be called X” comments coming from vendor engineers the moment you mention something vaguely-defined like SD-WAN.

Here are just two of the claims I got as a response to “BGP with IP-SLA is SD-WAN” trolling I started on LinkedIn based on this blog post:

Key missing features [of your solution]:

  • real time circuit failover (100ms is not real-time)
  • traffic steering (again, 100ms is not real-time)

Let’s get the facts straight: it seems Cisco IOS evaluates route-map statements using track objects in periodic BGP table scan process, so the failover time is on order of 30 seconds plus however long it takes IP SLA to detect the decreased link quality.

Read more ...

Reverb: speculative debugging for web applications

Reverb: speculative debugging for web applications, Netravali & Mickens, SOCC’19

This week we’ll be looking at a selection of papers from the 2019 edition of the ACM Symposium of Cloud Computing (SoCC). First up is Reverb, which won a best paper award for its record and replay debugging framework that accommodates speculative edits (i.e., candidate bug-fixes) during replay. In the context of the papers we’ve been looking at recently, and for a constrained environment, Reverb is helping its users to form an accurate mental model of the system state, and to form and evaluate hypotheses in-situ.

Reverb has three features which enable a fundamentally more powerful debugging experience. First, Reverb tracks precise value provenance, allowing a developer to quickly identify the reads and writes to JavaScript state that affected a particular variable’s value. Second, Reverb enables speculative bug fix analysis… Third, Reverb supports wide-area debugging for applications whose server-side components use event-driven architectures.

The problem

Reverb’s goal is to aid in debugging the client-side of JavaScript web applications. These are "pervasively asynchronous and event-driven" which makes it notoriously difficult to figure out what’s going on. See e.g. "Debugging data flows Continue reading

Congress fights for additional Wi-Fi spectrum

A Congressional committee is weighing in on a spat between the FCC and parts of the automotive industry over a plan to appropriate a piece of wireless spectrum set aside for connected cars and instead designate it for Wi-Fi.The dispute centers on Dedicated Short Range Communications or DSRC, a point-to-point communication standard designated to let vehicles close to each other on roadways share information to improve safety. The go-to example is using it to warn a driver near-instantly if the car ahead suddenly slams on its brakes.[Get regularly scheduled insights by signing up for Network World newsletters.] DSR and its 75MHz of spectrum in the 5.9GHz band has been a relatively obscure technology until late last year when the FCC started considering that 45MHz of that spectrum should be made available for unlicensed wireless use such as Wi-FiTo read this article in full, please click here

Congress weighs in on additional Wi-Fi spectrum

A Congressional committee is weighing in on a spat between the FCC and parts of the automotive industry over a plan to appropriate a piece of wireless spectrum set aside for connected-cars and instead designate it for Wi-Fi.The dispute centers on Dedicated Short Range Communications or DSRC, a point-to-point communication standard designated to let vehicles close to each other on roadways share information to improve safety. The go-to example is using it to warn a driver near-instantly if the car ahead suddenly slams on its brakes.[Get regularly scheduled insights by signing up for Network World newsletters.] DSR and its 75MHz of spectrum in the 5.9GHz band has been a relatively obscure technology until late last year when the FCC started considering that 45MHz of that spectrum should be made available for unlicensed wireless use such as Wi-FiTo read this article in full, please click here

5G Strategies of T-Mobile US, Sprint Hinge on Merger

If the merger is blocked and the operators remain separate companies, their respective 5G plans are...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

ThinkPad X1 Carbon 2014: 5 years later

I have recently replaced my ThinkPad X1 Carbon 2014 (second generation). I have kept it for more than five years, using it every day and carrying it everywhere. The expected lifetime of a laptop is always an unknown. Let me share my feedback.

ThinkPad X1 Carbon with the lid closed
ThinkPad X1 Carbon 20A7 with its lid closed

My configuration embeds an Intel vPro Core i7-4600U, 8 Gib of RAM, a 256 Gib SATA SSD, a matte WQHD display and a WWAN LTE card. I got it in June 2014. It has spent these years running Debian Sid, starting from Linux 3.14 to Linux 5.4.

Inside the X1 Carbon
The inside is still quite dust-free! In the bottom left, there is the Intel WLAN card, the Sierra WWAN card as well as the SSD.

This generation of ThinkPad X1 Carbon has been subject to a variety of experiences around the keyboard. We are still hunting the culprits. The layout is totally messed up, with many keys displaced.1 I have remapped most of them. It also lacks physical function keys: they have been replaced by a non-customizable touch bar. I do not like it due to absence of tactile feedback and it is quite easy to hit a key by mistake. I would recommend to Continue reading

Creating an AWS VPC Endpoint with Pulumi

In this post, I’d like to show readers how to use Pulumi to create a VPC endpoint on AWS. Until recently, I’d heard of VPC endpoints but hadn’t really taken the time to fully understand what they were or how they might be used. That changed when I was presented with a requirement for the AWS EC2 APIs to be available within a VPC that did not have Internet access. As it turns out—and as many readers are probably already aware—this is one of the key use cases for a VPC endpoint (see the VPC endpoint docs). The sample code I’ll share below shows how to programmatically create a VPC endpoint for use in infrastructure-as-code use cases.

For those that aren’t familiar, Pulumi allows users to use one of a number of different general-purpose programming languages and apply them to infrastructure-as-code scenarios. In this example, I’ll be using TypeScript, but Pulumi also supports JavaScript and Python (and Go is in the works). (Side note: I intend to start working with the Go support in Pulumi when it becomes generally available as a means of helping accelerate my own Go learning.)

Here’s a snippet of TypeScript code that Continue reading

Manually Loading Container Images with containerD

I recently had a need to manually load some container images into a Linux system running containerd (instead of Docker) as the container runtime. I say “manually load some images” because this system was isolated from the Internet, and so simply running a container and having containerd automatically pull the image from an image registry wasn’t going to work. The process for working around the lack of Internet access isn’t difficult, but didn’t seem to be documented anywhere that I could readily find using a general web search. I thought publishing it here may help individuals seeking this information in the future.

For an administrator/operations-minded user, the primary means of interacting with containerd is via the ctr command-line tool. This tool uses a command syntax very similar to Docker, so users familiar with Docker should be able to be productive with ctr pretty easily.

In my specific example, I had a bastion host with Internet access, and a couple of hosts behind the bastion that did not have Internet access. It was the hosts behind the bastion that needed the container images preloaded. So, I used the ctr tool to fetch and prepare the images on the bastion, then Continue reading

ExtraHop CEO: We’ve Doubling Down on Cloud

Looking ahead to 2020, “our top priority is becoming the unquestioned leader" in cloud-based...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Daily Roundup: Microsoft Exposes 250M Customer Records

Microsoft exposes 250 million customer records; Ericsson stock slipped; and Intel's data center...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Thinking and Learning About API Design

In July of 2018 I talked about Polyglot, a very simple project I’d launched whose only purpose was simply to bolster my software development skills. Work on Polyglot has been sporadic at best, coming in fits and spurts, and thus far focused on building a model for the APIs that would be found in the project. Since I am not a software engineer by training (I have no formal training in software development), all of this is new to me, and I’ve found myself encountering lots of questions about API design along the way. In the interest of helping others who may be in a similar situation, I thought I’d share a bit here.

I initially approached the API in terms of how I would encode (serialize?) data on the wire using JSON (I’d decided on using a RESTful API with JSON over HTTP). Starting with how I anticipated storing the data in the back-end database, I created a representation of how a customer’s information would be encoded (serialized) in JSON:

{
    "customers": [
        {
            "customerID": "5678",
            "streetAddress": "123 Main Street",
            "unitNumber": "Suite 123",
            "city": "Anywhere",
            "state": "CO",
            "postalCode": "80108",
            "telephone": "3035551212",
            "primaryContactFirstName": "Scott",
            "primaryContactLastName": "Lowe"
        }
    ]
 Continue reading

Cisco and IBM offer a managed private-cloud service

Cisco and IBM have rolled out a pair of managed private-cloud services aimed at customers looking for the utility of a public cloud delivered on premises. Cisco and IBM Services have partnered to offer a Managed Private Cloud-as-a-service powered by Cisco's Unified Computing System and available in two varieties, one for VMware and one for RedHat OpenShift environments. Cisco’s UCS combines x86 servers with networking and storage access into a single packaged system.[Get regularly scheduled insights by signing up for Network World newsletters.] IBM installs and manages the compute environment and delivers tools for support and enhancement requests. In addition, the offering places a high priority on security, proactive monitoring, and reporting. Cisco’s cloud-based Intersight system helps to manage the environment, according to a blog post about the services from Keith Dyer, a vice president in the Global Partner Organization at Cisco.To read this article in full, please click here

Data Center Revenue Drives Intel to Record Q4

Intel's Data Center Group accounted for more than 50% of its Q4 revenues, said CEO Bob Swan on the...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Heavy Networking 499: Introducing Cisco IOS XR7 (Sponsored)

Cisco IOS XR version 7 is the topic of Heavy Networking in this sponsored episode. We dig into what's new in this latest network OS release, the hardware platforms it runs on (including whitebox), key security features, and more. Our guests from Cisco are Bhavna Prasad, Product Manager; and Reda Haddad, Distinguished Engineer.

The post Heavy Networking 499: Introducing Cisco IOS XR7 (Sponsored) appeared first on Packet Pushers.

1 1,035 1,036 1,037 1,038 1,039 3,833