Homeland Security Uncovers VPN Flaw in Cisco, F5, Palo Alto Networks, Pulse Secure
The products insecurely store authentication and/or session cookies, giving hackers access to a...
The Hallway Track Is Open For Scheduling
The Hallway Track at DockerCon is an innovative space designed to help facilitate those valuable conversations that come from chance hallway encounters. Instead of leaving it to chance, we’ve partnered with e180 to provide a platform that helps you find like-minded people to meet and learn from, discussing topics you are both interested in.
The Hallway Track is open Monday through Thursday, and it’s best to schedule your meetings in advance. Register for DockerCon and then follow these steps to log in and start scheduling your Hallway Tracks today:
- Explore the Market – where all participants post knowledge offers of topics they are willing to share, or questions they want to brainstorm.
- Pick a topic from the list and/or create your own offers or questions. You don’t have to be an expert to post!
- Schedule your Hallway Tracks and meet in person at the Hallway Track Lounge at DockerCon (Lobby, Level 2).
The Hallway Track is your opportunity to meet and share knowledge with other attendees, Docker Staff, Speakers, and Docker Captains. Register for DockerCon today and look out for email instructions to log into the Hallway Track platform.
Arriving for early registration before the Welcome Reception on Monday? Continue reading
Short Take – Flowspec and BCP38
In this Short Take, Russ discusses a couple tools we have in the network for DDoS mitigations and explores some of the reasons they may not be as pervasively used as we would like.
Russ White
The post Short Take – Flowspec and BCP38 appeared first on Network Collective.
The Week in Internet News: Tech Giants’ ‘Ethical AI’ Efforts Scrutinized
Building nice AIs: Efforts by large tech vendors to think about ways to design “ethical Artificial Intelligence” systems have hit some speedbumps along the way, says Insurance Journal. Google abandoned its newly formed ethical AI council after employee complaints about its membership. Some critics say efforts to create ethical AI teams are attempts by companies to avoid regulations.
No smoking or bikinis: Business Insider India has a look at the efforts of the Chinese government to police Internet and social media content, with smoking, excessive tattoos, and in some cases, bikinis prohibited. At Inke, one of China’s largest livestreaming companies, a group of about 1,200 moderators attempt to keep up with the government’s rules, the story says.
Fake news arms race: Facebook has announced a new round of efforts to fight fake news with updates to updates to News Feed, Messenger, and Instagram, Fortune reports. The social media giant is expanding its fact-checking capabilities, and it is trying to limit the reach of groups that repeatedly spread misinformation. Facebook also says it’s getting better at identifying click-bait.
Comments gone wild: YouTube shut down comments on the livestream of a U.S. Congress hearing on white nationalism after the comments section Continue reading
The High-Performance Network (Cloud Next ’19) – YouTube
Presentation on Google's internal network from the show floor
The post The High-Performance Network (Cloud Next ’19) – YouTube appeared first on EtherealMind.
Privacy First for Security Companies
Privacy has become a major issue around the world. Hopeful presidential candidates, such as Elizabeth Warren, have proposed privacy legislation and European countries are beginning to issue their first judgements based on GDPR violations. Given this evolving environment, the Internet Society participated in a panel on data privacy at the ISC-West conference on 11 April 2019.
The conference was sponsored by ADT, one of the largest home security companies and an Internet Society organizational member. The panel included Frank Cona from ADT, Dylan Gilbert from Public Knowledge, Brandon Board from Resideo, and Kenneth Olmstead from the Internet Society.
The discussion focused on two main themes. The first was that in the data-driven economy, user agency is more important than ever. Users must be able to ask companies what data they have about them and be able to update or delete that data. The second was that companies must put privacy at the forefront of their business practices. Privacy cannot be an afterthought, but must be the starting point.
There was not consensus among panelists regarding whether there will be Federal privacy legislation at some point, but it was clear that the security industry should do its best to implement privacy Continue reading
Automating 802.1x (Part One)
This is a guest blog post by Albert Siersema, senior network and cloud engineer at Mediacaster.nl. He’s always busy broadening his horizons and helping his customers in (re)designing and automating their infrastructure deployment and management.
We’d like to be able to automate our network deployment and management from a single source of truth, but before we get there from a running (enterprise, campus!) network, we’ll have to take some small steps first.
These posts are not focused on 802.1x, but it serves as a nice use case in which I’ll show you how automation can save time and bring some consistency and uniformity to the network (device) configuration.
Read more ...Time protection: the missing OS abstraction
Time protection: the missing OS abstraction Ge et al., EuroSys’19
Ever since the prominent emergence of timing-based microarchitectural attacks (e.g. Spectre, Meltdown, and friends) I’ve been wondering what we can do about them. When a side-channel is based on observing improved performance, a solution that removes the improved performance can work, but is clearly undesirable. In today’s paper choice, for which the authors won a best paper award at EuroSys’19 last month, Ge et al., set out a principled basis for protecting against this class of attacks. Just as today’s systems offer memory protection, they call this time protection. The paper sets out what we can do in software given today’s hardware, and along the way also highlights areas where cooperation from hardware will be needed in the future.
Timing channels, and in particular microarchitectural channels, which exploit timing variations due to shared use of caches and other hardware, remain a fundamental OS security challenge that has eluded a comprehensive solution to date… We argue that it is time to take temporal isolation seriously, and make the OS responsible for time protection, the prevention of temporal inference, just as memory protection prevents spatial inference.
System Monitoring: Glances at Top
System monitoring is one of the topics that has got a lot of attention lately. A lot of options already exists in the open but every-time I search a for a system monitoring tool I am presented with options suitable for large scale cluster of machines, capturing metrics over time, showing trends of resource utilization … Continue reading System Monitoring: Glances at TopOur Green Card Journey
We are now Lawful Permanent Residents of the United States - aka Green Card Holders. It took a few years to get to this point. Here’s our timeline, why we did it, what it means for us, and what next.
Timeline
I first moved to the US on an L-1B visa. This is an intra-company transfer visa, that let me move to the US to continue working for Brocade.
- May 2015 - Began work for Brocade, based in New Zealand.
- Jul 2016 - Received L-1B visa, allowing us to move to US.
- Aug 2016 - Moved from New Zealand to US.
- Nov 2016 - Broadcom announces intention to acquire Brocade
- Nov 2016 - Green Card process initiated - Department of Labour certification filed.
- Jul 2017 - PERM filed.
- Oct 2017 - Extreme Network acquired my business unit. I remained employee of Broadcom.
- Nov 2017 - PERM approved.
- Jan 2018 - Received permission to transfer L-1 visa to Extreme Networks.
- Feb 2018 - I-140 and I-485 submitted.
- Sep 2018 - I-140 approved.
- Feb 2019 - I-485 interview scheduled.
- Mar 2019 - I-485 interview held. Lots of questions, confirming details & history, but all straightforward.
- One week later: cards in hand
Total Continue reading
Our Green Card Journey
We are now Lawful Permanent Residents of the United States - aka Green Card Holders. It took a few years to get to this point. Here’s our timeline, why we did it, what it means for us, and what next.
Timeline
I first moved to the US on an L-1B visa. This is an intra-company transfer visa, that let me move to the US to continue working for Brocade.
- May 2015 - Began work for Brocade, based in New Zealand.
- Jul 2016 - Received L-1B visa, allowing us to move to US.
- Aug 2016 - Moved from New Zealand to US.
- Nov 2016 - Broadcom announces intention to acquire Brocade
- Nov 2016 - Green Card process initiated - Department of Labour certification filed.
- Jul 2017 - PERM filed.
- Oct 2017 - Extreme Network acquired my business unit. I remained employee of Broadcom.
- Nov 2017 - PERM approved.
- Jan 2018 - Received permission to transfer L-1 visa to Extreme Networks.
- Feb 2018 - I-140 and I-485 submitted.
- Sep 2018 - I-140 approved.
- Feb 2019 - I-485 interview scheduled.
- Mar 2019 - I-485 interview held. Lots of questions, confirming details & history, but all straightforward.
- One week later: cards in hand
Total Continue reading
Our Green Card Journey
We are now Lawful Permanent Residents of the United States - aka Green Card Holders. It took a few years to get to this point. Here’s our timeline, why we did it, what it means for us, and what next.
Timeline
I first moved to the US on an L-1B visa. This is an intra-company transfer visa, that let me move to the US to continue working for Brocade.
- May 2015 - Began work for Brocade, based in New Zealand.
- Jul 2016 - Received L-1B visa, allowing us to move to US.
- Aug 2016 - Moved from New Zealand to US.
- Nov 2016 - Broadcom announces intention to acquire Brocade
- Nov 2016 - Green Card process initiated - Department of Labour certification filed.
- Jul 2017 - PERM filed.
- Oct 2017 - Extreme Network acquired my business unit. I remained employee of Broadcom.
- Nov 2017 - PERM approved.
- Jan 2018 - Received permission to transfer L-1 visa to Extreme Networks.
- Feb 2018 - I-140 and I-485 submitted.
- Sep 2018 - I-140 approved.
- Feb 2019 - I-485 interview scheduled.
- Mar 2019 - I-485 interview held. Lots of questions, confirming details & history, but all straightforward.
- One week later: cards in hand
Total Continue reading
Kontainer Korner: CNCF Welcomes CRI-O, Graduates Fluentd
Plus, Google's Anthos launch draws new Kubernetes-focused storage updates, and Knative turns 0.5.
Weekly Top Posts: 2019-04-14
- Pentagon Narrows JEDI Cloud Contract Down to Amazon and Microsoft
- IoT Security Startup Armis Raises $65 Million Series C
- Canada’s Rogers Spends Big to Secure 600 MHz Spectrum for 5G
- ONF Releases Trio of Reference Designs With Buy-In From Operators, Vendors
- SDxCentral Weekly Wrap: LF Networking Releases Compliance, Verification Testing
Worth Reading: There Is No Magic
I’m not the only one telling people not to bet the farm on Santa Claus and dancing unicorns. Pete Welcher wrote a nice blog post describing the implications of laws of physics and data gravity (I described the gory details in Designing Active-Active Data Centers and AWS Networking Deep Dive webinars).
Meanwhile, Russ White reviewed an article that (without admitting it) discovered that serverless is just software running on other people’s servers.
Enjoy!
Trump Boasts American Leadership on 5G
Trump gave his speech on 5G surrounded by a group of farmers wearing cowboy hats and cell tower...