Weekend Reads 040419

The world is private. The world has gone public. The world turns out is hybrid. There are numerous reports out there of the fast adoption and migration from private clouds to public ones as the hybrid cloud trend picks up. However, there are still risks associated with shifting applications from one to another… —Grant Kirkwood

Blockchain, or distributed ledger technology (DLT), is estimated by Gartner to create $3.1 trillion of business value by 2030, yet many organizations lack a clear understanding of its applications, the risks and benefits specific to their company and industry, or strategies for achieving optimal return from DLT projects. —Steve McNew

The construction site of the future may look very different. Data centers will be pieced together from pre-fab components built in factories, with on-site teams assembling walls, components and sometimes entire rooms. —Rich Miller

A new standard being developed by the National Fire Protection Association could have a big impact on the use of batteries in UPS systems, according to a group of data center energy experts, who are seeking to mobilize the industry to seek revisions. —Rich Miller

Gone are the days when robbers wore ski masks, carried guns and dynamite, and risked Continue reading

Why Is MPLS Segment Routing Better than LDP?

A while ago I made a statement along the lines of “MPLS segment routing is the best thing that happened to MPLS control plane in a decade”. Obviously some MPLS-focused engineers disagree with that and a few years ago I decided to write a lengthy blog post explaining the differences between using MPLS SR with IGP (or BGP) versus more traditional IGP+LDP approach.

Obviously, I wasn’t making any progress on that front, so the only way forward was to record a short video on the topic which didn’t work well either because the end-result was a set of three videos (available with free or paid ipSpace.net subscription).

Watch the videos

Ginseng: keeping secrets in registers when you distrust the operating system

Ginseng: keeping secrets in registers when you distrust the operating system Yun & Zhong et al., NDSS’19

Suppose you did go to the extreme length of establishing an unconditional root of trust for your system, even then, unless every subsequent piece of code you load is also fully trusted (e.g., formally verified) then you’re open to post-boot attacks. This is especially true in a context where lots of third-party application code (e.g. apps on a mobile phone) gets loaded.

Many mobile and IoT apps nowadays contain sensitive data, or secrets, such as passwords, learned models, and health information. Such secrets are often protected by encryption in the storage. However, to use a secret, an app must decrypt it and usually store it as cleartext in memory. In doing so, the app assumes that the operating system (OS) is trustworthy. OSes are complex software and have a large attack surface… Increasingly abundant evidence suggests that prudent apps should not trust the OS with their secrets.

Instead of trying to protect absolutely everything, Ginseng assumes that some data matters more than others. It arranges things such that this sensitive data is only ever in the clear in registers Continue reading

Why blockchain (might be) coming to an IoT implementation near you

Companies have found that IoT partners well with a host of other popular enterprise computing technologies of late, and blockchain – the innovative system of distributed trust most famous for underpinning cryptocurrencies – is no exception. Yet while the two phenomena can be complementary in certain circumstances, those expecting an explosion of blockchain-enabled IoT technologies probably shouldn’t hold their breath.Blockchain technology can be counter-intuitive to understand at a basic level, but it’s probably best thought of as a sort of distributed ledger keeping track of various transactions. Every “block” on the chain contains transactional records or other data to be secured against tampering, and is linked to the previous one by a cryptographic hash, which means that any tampering with the block will invalidate that connection. The nodes – which can be largely anything with a CPU in it – communicate via a decentralized, peer-to-peer network to share data and ensure the validity of the data in the chain.To read this article in full, please click here

Your Kubernetes Agenda at DockerCon

Kubernetes has seen a rapid rise over the last few years and is becoming one of the most sought after skills. DockerCon is a great opportunity to get hands-on training from industry experts and hear from real customers who have deployed Kubernetes in production.

You’ll also have a chance to learn how Docker is the easiest way to get started with Kubernetes and attend sessions that describe how the Docker platform manages and secures applications on Kubernetes in multi-Linux, multi-OS and multi-cloud customer environments.

.

Download your Kubernetes agenda and register now for DockerCon!

 

Expert-Led Workshops

Register soon as space is running out in these hands-on workshops!

  • Kubernetes 101: Getting up and running with Kubernetes – Led by Nigel Poulton, Docker Captain and Pluralsight author and writer of several popular Docker and Kubernetes books
  • Security Best Practices for Kubernetes – Led by Scott Coulton, Docker Captain and Principal Software Engineer at Microsoft

Customer Case Studies

Hear from Docker customers who are running Kubernetes in production.

Technical Sessions

Learn about the inner workings of Kubernetes and the Continue reading

RIP Up Your Dynamic Routing With OSPF

What is dynamic routing? Why is Routing Information Protocol (RIP) horrible, and Open Shortest Path First (OSPF) ever so slightly less horrible? How does Linux handle OSPF, and what advantages does it bring over traditional networking gear in complex, intent-based, infrastructure-as-code environments?

RIP and OSPF are Interior Gateway Protocols (IGPs). IGPs are protocols designed to allow network routers and switches within an organization’s internal network to dynamically reconfigure the network to respond to changes. These changes may include the addition or removal of network equipment or network links between network devices.

The purpose of IGPs is to tell networking equipment which devices live where. While devices that are part of the same subnet can find one another, they require a router to communicate with devices on other subnets. Routers and switches keep routing tables of which devices are on which physical interface, and VLAN. These routing tables allow each device to know where to send a packet to reach a given system, and whether or not that packet needs to be encapsulated or tagged.

IGPs allow routers and switches to exchange some or all of their routing tables so that other devices within the network fabric know where to send Continue reading

BrandPost: Edge Computing is Key to Meeting Digital Transformation Demands – and Partnerships Can Help Deliver Them

Organizations in virtually every vertical industry are undergoing a digital transformation in an attempt to take advantage of edge computing technology to make their businesses more efficient, innovative and profitable. In the process, they’re coming face to face with challenges ranging from time to market to reliability of IT infrastructure.It’s a complex problem, especially when you consider the scope of what digital transformation entails. “Digital transformation is not simply a list of IT projects, it involves completely rethinking how an organization uses technology to pursue new revenue streams, products, services, and business models,” as the research firm IDC says.To read this article in full, please click here

1 1,258 1,259 1,260 1,261 1,262 3,832