It’s not a CLOS, it’s a Clos

Way back in the day, when telephone lines were first being installed, running the physical infrastructure was quite expensive. The first attempt to maximize the infrastructure was the party line. In modern terms, the party line is just an Ethernet segment for the telephone. Anyone can pick up and talk to anyone else who happens to be listening. In order to schedule things, a user could contact an operator, who could then “ring” the appropriate phone to signal another user to “pick up.” CSMA/CA, in essence, with a human scheduler.

This proved to be somewhat unacceptable to everyone other than various intelligence agencies, so the operator’s position was “upgraded.” A line was run to each structure (house or business) and terminated at a switchboard. Each line terminated into a jack, and patch cables were supplied to the operator, who could then connect two telephone lines by inserting a jumper cable between the appropriate jacks.

An important concept: this kind of operator driven system is nonblocking. If Joe calls Susan, then Joe and Susan cannot also talk to someone other than one another for the duration of their call. If Joe’s line is tied up, when someone tries to Continue reading

BrandPost: How to Win at Customer Support in the Age of Digital Transformation

The era of digital transformation has injected new life into the old wisdom, “the only constant in life is change.” In our plugged-in world, change is happening at a breakneck pace and it’s pretty much impacting everything, including support. How users want to be supported and what defines a good support experience seems to be constantly evolving as the devices, connections, and channels users choose changes.So when it comes to providing fast and easy support for internal employees or external customers, what worked yesterday probably won’t carry you through tomorrow. Companies must strategize on how to keep up in this new support landscape or be left behind by your customers and the competition.To read this article in full, please click here

Exploring /run on Linux

If you haven’t been paying close attention, you might not have noticed a small but significant change in how Linux systems work with respect to runtime data. A re-arrangement of how and where it’s accessible in the file system started taking hold about eight years ago. And while this change might not have been big enough of a splash to wet your socks, it provides some additional consistency in the Linux file system and is worthy of some exploration.To get started, cd your way over to /run. If you use df to check it out, you’ll see something like this:$ df -k . Filesystem 1K-blocks Used Available Use% Mounted on tmpfs 609984 2604 607380 1% /run Identified as a “tmpfs” (temporary file system), we know that the files and directories in /run are not stored on disk but only in volatile memory. They represent data kept in memory (or disk-based swap) that takes on the appearance of a mounted file system to allow it to be more accessible and easier to manage.To read this article in full, please click here

Uruguay Joins Others Taking Action to Strengthen IoT Security

The use of Internet of Things devices has substantially increased in recent years and the trends indicate that the number will continue to grow significantly. In this environment of rapid technological adoption, the inclusive and collaborative approach is essential to face the challenges and take advantage of the opportunities that arise.

Specifically, to overcome the privacy and security challenges associated with the growing number of Internet of Things (IoT) devices and systems, the Internet Society signed an agreement with the Agency of Electronic Government and the Information and Knowledge Society of Uruguay (Agesic). The agreement will encourage us to strengthen our collaborative ties to develop a multistakeholder process that will seek to issue recommendations on IoT security in the country.

The recommendations issued will be useful to guide the processes of development of national and regulatory policies in Uruguay. In addition, the agreement focuses on two broad areas: the exchange of information and the development of training materials on consumer protection and network resilience.

This is undoubtedly great news for the region, since Uruguay joins a group of countries that have opted for the multistakeholder processes to strengthen the security of IoT devices. The most recent example is Canada, whose Continue reading

The Week in Internet News: Hackers Eye Security Cameras

Big targets: Internet-connected security cameras make up nearly half of all the Internet of Things devices compromised by hackers, ZDNet reports. Smart hubs and network-attached storage devices are next on the hit list. The average U.S. household contains 17 Internet-connected devices, while the average European household has 14.

New rules for the IoT? A U.S. House of Representatives committee has approved an IoT security bill that would create security standards that vendors would have to apply before government agencies could buy IoT devices from them, Nextgov says. The legislation aims to leverage the government’s substantial purchasing power to drive security in the IoT market.

Cleaning house: The Chinese government has blocked several foreign media sites in the name of cleaning up the Internet, Reuters reports. China’s campaign will punish and expose websites for “illegal and criminal actions” and for failing to “fulfil their obligation” to take safety measures or prevent the theft of personal information, the government says.

Exposing anti-encryption: The Electronic Frontier Foundation and other groups are going to court in an attempt to expose the U.S. Department of Justice’s efforts to break Facebook’s Messenger encryption, ZDNet reports. The groups are asking a court to unseal Continue reading

League of Entropy: Not All Heroes Wear Capes

League of Entropy: Not All Heroes Wear Capes
League of Entropy: Not All Heroes Wear Capes

To kick-off Crypto Week 2019, we are really excited to announce a new solution to a long-standing problem in cryptography. To get a better understanding of the technical side behind this problem, please refer to the next post for a deeper dive.

Everything from cryptography to big money lottery to quantum mechanics requires some form of randomness. But what exactly does it mean for a number to be randomly generated and where does the randomness come from?

Generating randomness dates back three thousand years, when the ancients rolled “the bones” to determine their fate. Think of lotteries-- seems simple, right? Everyone buys their tickets, chooses six numbers, and waits for an official to draw them randomly from a basket. Sounds like a foolproof solution. And then in 1980, the host of the Pennsylvania lottery drawing was busted for using weighted balls to choose the winning number. This lesson, along with the need of other complex systems for generating random numbers spurred the creation of random number generators.

Just like a lottery game selects random numbers unpredictably, a random number generator is a device or software responsible for generating sequences of numbers in an unpredictable manner. As the need for Continue reading

Inside the Entropy

Inside the Entropy
Inside the Entropy

Randomness, randomness everywhere;
Nor any verifiable entropy.

Generating random outcomes is an essential part of everyday life; from lottery drawings and constructing competitions, to performing deep cryptographic computations. To use randomness, we must have some way to 'sample' it. This requires interpreting some natural phenomenon (such as a fair dice roll) as an event that generates some random output. From a computing perspective, we interpret random outputs as bytes that we can then use in algorithms (such as drawing a lottery) to achieve the functionality that we want.

The sampling of randomness securely and efficiently is a critical component of all modern computing systems. For example, nearly all public-key cryptography relies on the fact that algorithms can be seeded with bytes generated from genuinely random outcomes.

In scientific experiments, a random sampling of results is necessary to ensure that data collection measurements are not skewed. Until now, generating random outputs in a way that we can verify that they are indeed random has been very difficult; typically involving taking a variety of statistical measurements.

Inside the Entropy

During Crypto week, Cloudflare is releasing a new public randomness beacon as part of the launch of the League of Entropy. The League of Entropy is Continue reading

Survey: Data-center staffing shortage remains challenging

It’s getting harder to find people to design, build and manage data centers.The sector is facing a staffing crisis, said Andy Lawrence, executive director of research at Uptime Institute, which just released its annual data-center survey. “We all know that that the data-center skills shortage is real. I think what we’re seeing in this data is that it’s getting a little worse,” Lawrence said. Learn more about network jobs What’s hot in network certifications How to boost collaboration between network and security teams SDN, programmable networks change the role of network engineers Top storage skills to boost your salary This year, 61 percent of respondents said they've had significant difficulty retaining or recruiting staff, up from 55 percent last year.To read this article in full, please click here

Survey: Data-center staffing shortage remains challenging

It’s getting harder to find people to design, build and manage data centers.The sector is facing a staffing crisis, says Andy Lawrence, executive director of research at Uptime Institute, which just released its annual data-center survey. “We all know that that the data-center skills shortage is real. I think what we’re seeing in this data is that it’s getting a little worse,” Lawrence says. Learn more about network jobs What’s hot in network certifications How to boost collaboration between network and security teams SDN, programmable networks change the role of network engineers Top storage skills to boost your salary This year, 61 percent of respondents said they've had significant difficulty retaining or recruiting staff, up from 55 percent last year.To read this article in full, please click here

Nvidia Makes Arm A Peer To X86 And Power For GPU Acceleration

Creating the Tesla GPU compute platform has taken Nvidia the better part of a decade and a half, and it has culminated in a software stack comprised of various HPC and AI frameworks, the CUDA parallel programming environment, compilers from Nvidia’s PGI division and their OpenACC extensions as well as open source GCC compilers, and various other tools that together account for tens of millions of lines of code and tens of thousands of individual APIs.

Nvidia Makes Arm A Peer To X86 And Power For GPU Acceleration was written by Timothy Prickett Morgan at .

How Microsoft Azure Orchestration System Crashed My Demos

One of the first things I realized when I started my Azure journey was that the Azure orchestration system is incredibly slow. For example, it takes almost 40 seconds to display six routes from per-VNIC routing table. Imagine trying to troubleshoot a problem and having to cope with 30-second delay on every single SHOW command. Cisco IGS/R was faster than that.

If you’re old enough you might remember working with VT100 terminals (or an equivalent) connected to 300 baud modems… where typing too fast risked getting the output out-of-sync resulting in painful screen repaints (here’s an exercise for the youngsters: how long does it take to redraw an 80x24 character screen over a 300 bps connection?). That’s exactly how I felt using Azure CLI - the slow responses I was getting were severely hampering my productivity.

Read more ...

Towards multiverse databases

Towards multiverse databases Marzoev et al., HotOS’19

A typical backing store for a web application contains data for many users. The application makes queries on behalf of an authenticated user, but it is up to the application itself to make sure that the user only sees data they are entitled to see.

Any frontend can access the whole store, regardless of the application user consuming the results. Therefore, frontend code is responsible for permission checks and privacy-preserving transformations that protect user’s data. This is dangerous and error-prone, and has caused many real-world bugs… the trusted computing base (TCB) effectively includes the entire application.

The central idea behind multiverse databases is to push the data access and privacy rules into the database itself. The database takes on responsibility for authorization and transformation, and the application retains responsibility only for authentication and correct delegation of the authenticated principal on a database call. Such a design rules out an entire class of application errors, protecting private data from accidentally leaking.

It would be safer and easier to specify and transparently enforce access policies once, at the shared backend store interface. Although state-of-the-are databases have security features designed for exactly this purpose, Continue reading

Welcome to Crypto Week 2019

Welcome to Crypto Week 2019
Welcome to Crypto Week 2019

The Internet is an extraordinarily complex and evolving ecosystem. Its constituent protocols range from the ancient and archaic (hello FTP) to the modern and sleek (meet WireGuard), with a fair bit of everything in between. This evolution is ongoing, and as one of the most connected networks on the Internet, Cloudflare has a duty to be a good steward of this ecosystem. We take this responsibility to heart: Cloudflare’s mission is to help build a better Internet. In this spirit, we are very proud to announce Crypto Week 2019.

Every day this week we’ll announce a new project or service that uses modern cryptography to build a more secure, trustworthy Internet. Everything we release this week will be free and immediately useful. This blog is a fun exploration of the themes of the week.

  • Monday: Coming Soon
  • Tuesday: Coming Soon
  • Wednesday: Coming Soon
  • Thursday: Coming Soon
  • Friday: Coming Soon

The Internet of the Future

Many pieces of the Internet in use today were designed in a different era with different assumptions. The Internet’s success is based on strong foundations that support constant reassessment and improvement. Sometimes these improvements require deploying new protocols.

Performing an upgrade on a system Continue reading

Security Compliance at Cloudflare

Security Compliance at Cloudflare

Cloudflare believes trust is fundamental to helping build a better Internet. One way Cloudflare is helping our customers earn their users’ trust is through industry standard security compliance certifications and regulations.

Security compliance certifications are reports created by independent, third-party auditors that validate  and document a company’s commitment to security. These external auditors will conduct a rigorous review of a company’s technical environment and evaluate whether or not there are thorough controls - or safeguards - in place to protect the security, confidentiality, and availability of information stored and processed in the environment. SOC 2 was established by the American Institute of CPAs and is important to many of our U.S. companies, as it is a standardized set of requirements a company must meet in order to comply. Additionally, PCI and ISO 27001 are international standards. Cloudflare cares about achieving certifications because our adherence to these standards creates confidence to customers across the globe that we are committed to security. So, the Security team has been hard at work obtaining these meaningful compliance certifications.

Since the beginning of this year, we have been renewing our PCI DSS certification in February, achieving SOC 2 Type 1 compliance in March, obtaining Continue reading

1 1,197 1,198 1,199 1,200 1,201 3,832