Looking Ahead: My 2019 Projects

It’s been a little while now since I published my 2018 project report card, which assessed my progress against my 2018 project goals. I’ve been giving a fair amount of thought to the areas where I’d like to focus my professional (technical) development this coming year, and I think I’ve come up with some project goals that align both with where I am professionally right now and where I want to be technically as I grow and evolve. This is a really difficult balance to strike, and we’ll see at the end of the year how well I did.

Without further ado, here’s my list of 2019 project goals, along with an optional stretch goal (where it makes sense).

  1. Make at least one code contribution to an open source project. For the last few years, I’ve listed various programming- and development-related project goals. In all such cases, I haven’t done well with those goals because they were too vague, and—as I pointed out in previous project report cards—these less-than-ideal results are probably due to the way programming skills tend to be learned (by solving a problem/challenge instead of just learning language semantics and syntax). So, in an effort to Continue reading

Exec: How SDN, SD-WAN, security fit in VMware’s strategy

It has been just 10 months since Tom Gillis became VMware's senior vice president and general manager of its networking and security business, and in that time he has overseen some major changes in the company’s core products.Most recent is a milestone release of the company’s NSX-T Data Center software, making it VMware’s primary networking platform for organizations looking to support multivendor cloud-native applications, bare-metal workloads as well as the growing hybrid and multi-cloud worlds.To read this article in full, please click here

Exec: How SDN, SD-WAN, security fit in VMware’s strategy

It has been just 10 months since Tom Gillis became VMware's senior vice president and general manager of its networking and security business, and in that time he has overseen some major changes in the company’s core products.Most recent is a milestone release of the company’s NSX-T Data Center software, making it VMware’s primary networking platform for organizations looking to support multivendor cloud-native applications, bare-metal workloads as well as the growing hybrid and multi-cloud worlds.To read this article in full, please click here

Exec: How SDN, SD-WAN, security fit in VMware’s strategy

It has been just 10 months since Tom Gillis became VMware's senior vice president and general manager of its networking and security business, and in that time he has overseen some major changes in the company’s core products.Most recent is a milestone release of the company’s NSX-T Data Center software, making it VMware’s primary networking platform for organizations looking to support multivendor cloud-native applications, bare-metal workloads as well as the growing hybrid and multi-cloud worlds.To read this article in full, please click here

Seeking Canadian Feedback: Draft Report on Securing the Internet of Things in Canada

Trying to remove cyber security risks from the growing world of connected things is not an easy task. That said, there’s no time like World Consumer Rights Day to give Canada a shout out for its global leadership to champion a safer digital future for all.

Recognizing the need to secure the Internet of Things (IoT), the Internet Society, in partnership with the Ministry of Innovation Science and Economic Development (ISED), the Canadian Internet Registration Authority (CIRA), Canadian Internet Policy and Public Interest Clinic (CIPPIC), and CANARIE, led a voluntary multistakeholder process to develop a broad-reaching policy to ingrain security at the core of innovation in Canada.

Over the past year, we led a series of meetings with business leaders, technical experts, government representatives, civil society, and academia to discuss challenges and recommend the best ways to address them. We gathered feedback through in-person and online attendance. Collectively, these efforts, combined with well-rounded research and documentation, formed the Canadian Multistakeholder Process for Enhancing IoT Security.

Rather than a top-down, government-imposed regulatory model, our multistakeholder approach helped us balance roles and contributions among the group. By working in a way that includes feedback from all participants, we are developing IoT security Continue reading

RFC8482 – Saying goodbye to ANY

RFC8482 - Saying goodbye to ANY

Ladies and gentlemen, I would like you to welcome the new shiny RFC8482, which effectively deprecates the DNS ANY query type. DNS ANY was a "meta-query" - think of it as a similar thing to the common A, AAAA, MX or SRV query types, but unlike these it wasn't a real query type - it was special. Unlike the standard query types, ANY didn't age well. It was hard to implement on modern DNS servers, the semantics were poorly understood by the community and it unnecessarily exposed the DNS protocol to abuse. RFC8482 allows us to clean it up - it's a good thing.

RFC8482 - Saying goodbye to ANY

But let's rewind a bit.

Historical context

It all started in 2015, when we were looking at the code of our authoritative DNS server. The code flow was generally fine, but it was all peppered with naughty statements like this:

if qtype == "ANY" {
    // special case
}

This special code was ugly and error prone. This got us thinking: do we really need it? "ANY" is not a popular query type - no legitimate software uses it (with the notable exception of qmail).

RFC8482 - Saying goodbye to ANY

Image by Christopher MichelCC BY 2.0

ANY is Continue reading

Weekend Reads 031519

Most medium to large companies now runs A/B tests and new feature experiments on segments of their user base. They are a great way to check whether a feature will have long time success, and get observable metrics on the repercussion of their changes. —JonLuca DeCaro

There are myriad theories as to why software remains insecure after we’ve spend decades trying to solve the problem. —Daniel Miessler

Ask yourself this: do you find yourself becoming outraged or saying “ho-hum” every time you hear about the latest record data breach? Society seems to be agreeing with the latter answer. —Roger A. Grimes

Why is privacy so hard? Why is it, after so much negative press about it, are we still being constantly tracked on the web and on our smartphones? —Jason Hong

As you can see in the video, a malicious website that looks like Airbnb prompts users to authenticate using Facebook login, but upon clicking, the page displays a fake tab switching animation video aimed to trick users into thinking that their browsers are behaving normally. —Mohit Kumar

The hyperscalers and cloud builders of the world build things that often look and feel like supercomputers if you squint your eyes Continue reading

Stuff The Internet Says On Scalability For March 15th, 2019

Wake up! It's HighScalability time:

 

The web is 30! Some say it's not the web we wanted. But if we got that web, would it have ever grown so big? Worse usually is better.

 

Do you like this sort of Stuff? I'd greatly appreciate your support on Patreon. Know anyone who needs cloud? I wrote Explain the Cloud Like I'm 10 just for them. It has 40 mostly 5 star reviews. They'll learn a lot and love you even more.

 

  • 300%: AWS IoT growth per year; 74%: mobile games user spending in the App store; 31.4 trillion: new record for calculating digits of pi (121 days); 112Gbps: Intel's SerDes; 100M: image and video dataset; 1.5 trillion suns: weight of the Milky Way; 300+: backdoored apps on GitHub; 10%: hacked self-driving cars needed to bring traffic to a halt; $3 million: Marriott data breach cost after insurance; 

  • Quoteable Quotes:
    • @kelseyhightower: Platform in a box solutions that are attempting to turn Kubernetes into a PaaS are missing the "as a service" part. It's more like PaaR: Platform as a Responsibility. Your responsibility to purchase, staff, patch, scale, and Continue reading

Heavy Networking 435: End-To-End Network Performance Monitoring With AppNeta (Sponsored)

On today’s sponsored Heavy Networking episode we explore how AppNeta wraps user metadata around Netflow records, deep packet inspection, and discovery of networks to help engineers get a continuous view of end user performance and the telemetry to find and fix problems.

The post Heavy Networking 435: End-To-End Network Performance Monitoring With AppNeta (Sponsored) appeared first on Packet Pushers.

Docker Pals Program 2019

At DockerCon Copenhagen we launched the Docker Pals program in order to connect attendees and help them make the most out of their trip. Attending a conference for the first time or by yourself can be intimidating and we don’t want anyone to feel that way at DockerCon! Pals get matched with a few others who are new (the “Pals”), and someone who knows their way around (the “Guide”) so you will have a familiar group before you arrive at the conference. Guides help Pals figure out which talks and activities to attend, and are available for questions.

This year we are excited to grow the program, matching more groups and adding Meet-and-Greets throughout the week. You won’t want to miss the best version of Docker Pals yet!

        

Here’s what Pals had to say about DockerCon Barcelona:

Docker Pals made my DockerCon experience ten times better and I’ve made friends I hope to see again!”

Our Guide was very helpful and I really enjoyed meeting other Pals at the conference.”

 

“[I enjoyed] the fact that even though I was there alone I always had a place to turn for help and fellowship.”

“[Our Continue reading

Unit Testing Worker Functions

Unit Testing Worker Functions

If you were not aware, Cloudflare Workers lets you run Javascript in all 165+ of our Data Centers. We’re delighted to see some of the creative applications of Workers. As the use cases grow in complexity, the need to sanity check your code also grows.  

More specifically, if your Worker includes a number of functions, it’s important to ensure each function does what it’s intended to do in addition to ensuring the output of the entire Worker returns as expected.

In this post, we’re going to demonstrate how to unit test Cloudflare Workers, and their individual functions, with Cloudworker, created by the Dollar Shave Club engineering team.

Dollar Shave Club is a Cloudflare customer, and they created Cloudworker, a mock for the Workers runtime, for testing purposes. We’re really grateful to them for this. They were kind enough to post on our blog about it.

This post will demonstrate how to abstract away Cloudworker, and test Workers with the same syntax you write them in.

Example Script

Before we get into configuring Cloudworker, let’s introduce the simple script we are going to test against in our example. As you can see this script contains two functions, both of Continue reading

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions, and mentioned some of the protocols that have been recently developed to improve user privacy.

To complement this, we are publishing our DNS Privacy Frequently Asked Questions (FAQ). This highlights and provides answers to the most important aspects of DNS privacy.

Please also check our DNS Privacy page for more information!

Further Information

The post DNS Privacy Frequently Asked Questions (FAQ) appeared first on Internet Society.

Vrnetlab: Emulate networks using KVM and Docker

Vrnetlab, or VR Network Lab, is an open-source network emulator that runs virtual routers using KVM and Docker. It supports developers and network engineers who use continuous-integration processes for testing network provisioning changes. Researchers and engineers may also use the vrnetlab command line interface to create and modify network emulation labs in an interactive way. In this post, I review vrnetlab’s main features and show how to use it to create a simple network emulation scenario using open-source routers.

Vrnetlab implementation

Vrnetlab users create Docker images for each type of router that will run in their network. They package the router’s disk image together with KVM software, Python scripts, and any other resources required by the router into the Docker image. Vrnetlab uses KVM to create and run VMs based on router software images, and uses Docker to manage the networking between the network nodes.

Virtual nodes

Vrnetlab users create Docker images that incorporate the router’s qemu disk image, along with software packages such as qemu-kvm, and the other resources needed by the router, such as a launch script and license files. The new Docker image represents a “virtual router” that comes with all the software and Continue reading

Feedback: Data Center Interconnects Webinar

I got great feedback about the first part of Data Center Interconnects webinar from one of ipSpace.net subscribers:

I had no specific expectation when I started watching the material and I must have watched it 6 times by now.

Your webinar covered just the right level of detail to educate myself or refresh my knowledge on the technologies and relevant options for today’s market choices

The information provided is powerful and avoids useless discussions which vendors and PowerPoint pitches. Once you ask the right question it’s easy to get an idea of the vendor readiness

In the first live session we covered the easy cases: design considerations, and layer-3 interconnect with path separation (multiple routing domains). The real fun will start in the second live session on March 19th when we’ll dive into stretched VLANs and long-distance vMotion ideas.

You can attend the live session with any paid ipSpace.net subscriptiondetails here.

1 1,062 1,063 1,064 1,065 1,066 3,617