Quantum-embedded chips could secure IoT

Microprocessors that are unique to each Internet of Things (IoT) device is the way forward in the ongoing and tricky quest to secure the IoT, says Crypto Quantique. One idea is that by making each chip one of a kind and unclonable, an application would become almost impossible to hack.The U.K.-based startup says it has introduced “the world's most advanced security product for IoT devices.” The microprocessor-based solution uses quantum physics, combined with cryptography, all embedded in silicon, it explained in a press release last October.To read this article in full, please click here

Quantum-embedded chips could secure IoT

Microprocessors that are unique to each Internet of Things (IoT) device is the way forward in the ongoing and tricky quest to secure the IoT, says Crypto Quantique. One idea is that by making each chip one of a kind and unclonable, an application would become almost impossible to hack.The U.K.-based startup says it has introduced “the world's most advanced security product for IoT devices.” The microprocessor-based solution uses quantum physics, combined with cryptography, all embedded in silicon, it explained in a press release last October.To read this article in full, please click here

NAE: Some Help Dealing with Brain Block

For years, thanks to the gift of misaligned perception, I’ve been mentally blocked. I’ve avoided things like Machine Learning because my perceived skill with mathematics is weak, avoided programming languages like C# because the perceived uphill hike to get familiar is high and avoided front end web development because of the perceived browser nightmares.

Technology has come a long way since I last touched C# and web development and there are some great ML libraries out there which minimize the requirement for hardcore mathematical skill sets. My perceived problems have remained yet the actual blockers have moved and morphed. I’ve lived on old ideas without re-grouping and forming a refreshed attack. More on my foolish ways later.

For many people and organizations, it pains me to admit that perception of network automation is also misplaced. It spans from “Ansible is the answer, sorry, what were you asking?” to “Python will save the day”, following “The automation is the design!”.

Ivan Pepelnjak as usual has wrote some great content on topic as per usual. Read this post for a rather targeted view on expert beginners. TL;DR: “I got hello-world working for one tool, me now expert”.

Currently I also Continue reading

Five Stages of Automation Grief

As I’m doing occasional consulting for large enterprises redesigning their data centers, I encounter a wide range of network automation readiness, from “we don’t need that” to “how could we automate as much as possible”.

Based on the pervasiveness of “we don’t need that” responses it looks like many enterprise network engineers still have to go through the five stages of automation grief.

Read more ...

obfs4proxy-openvpn: Obfuscating OpenVPN traffic using obfs4proxy

This post provides a more in-depth look at the obfs4proxy-openvpn script. You don’t need to fully read it to make use of the script, but it will help you to get the most out of it.

Overview

After my initial post about obfs4 on how to hide any TCP traffic and an example for hiding SSH traffic, it’s now time to do so for OpenVPN.

For this, I have written a Bash script to do the job. It’s called obfs4proxy-openvpn and is freely available under MIT license.

Supported transports

obfs4

The main goal of the script is to provide obfs4 transport to OpenVPN. This is also the main interest of this article.

This transport requires out-of-band CERT exchange between client and server and because of that, can provide some advanced functionalities which are missing in older transports.

obfs3

obfs3 transport is supported but should generally be avoided in favor of obfs4.

obfs2

obfs2, the oldest transport is supported as well (mainly because its supported by obfs4proxy). You really shouldn’t use it…

Architecture

Before going into detail, its good to have a basic idea on how different parts of the script work together to provide obfs4 functionality to Continue reading

Containers are here to stay, who has the right skill set?

Who controls containers: developers, or operations teams? While this might seem like something of an academic discussion, the question has very serious implications for the future of IT in any organization. IT infrastructure is not made up of islands; each component interacts with, and depends on, others. Tying all components of all infrastructures together is the network.

If operations teams control containers, they can carefully review the impact that the creation of those containers will have on all the rest of an organization’s infrastructure. They can carefully plan for the consequences of new workloads, assign and/or reserve resources, map out lifecycle, and plan for the retirement of the workload, including the return of those resources.

If developers control containers, they don’t have the training to see how one small piece fits into the wider puzzle, and almost certainly don’t have the administrative access to all the other pieces of the puzzle to gain that insight. Given the above, it might seem like a no-brainer to let operations teams control containers, yet in most organizations deploying containers, developers are responsible for the creation and destruction of containers, which they do as they see fit.

This is not as irrational as it Continue reading

Multi-Vendor Network Simulations at Scale with meshnet-cni and vrnetlab

In the previous post I’ve demonstrated how to build virtual network topologies on top of Kubernetes with the help of meshnet-cni plugin. As an example, I’ve shown topologies with 50 cEOS instances and 250 Quagga nodes. In both of these examples virtual network devices were running natively inside Docker containers, meaning they were running as (a set of) processes directly attached to the TCP/IP stack of the network namespace provided by the k8s pod. This works well for the native docker images, however, the overwhelming majority of virtual network devices are still being released as VMs. In addition to that, some of them require more than one VM and some special bootstrapping before they can they can be used for the first time. This means that in order to perform true multi-vendor network simulations, we need to find a way to run VMs inside containers, which, despite the seeming absurdity, is quite a common thing to do.

Option 1 - kubevirt

Kubevirt is a very popular project that provides the ability to run VMs inside k8s. It uses the power of Custom Resource Definitions to extend the native k8s API to allow the definition of VM parameters (libvirt domainxml) same Continue reading

IoT for retailers: opportunities and challenges

The rise of the Internet of Things (IoT) is already having a profound impact on the world of retail, both online and in the brick-and-mortar world. But according to Darin Archer, chief marketing officer of ecommerce software vendor Elastic Path, we haven’t seen nothing yet.Via email, I asked Archer about the opportunities and challenges the IoT poses for retailers, and he offered some illuminating answers, including how IoT devices are “especially useful for routine purchases” and how they will increasingly pit retailers against manufacturers.[ Read also: 6 ways IoT is transforming retail ] Opportunity in the home, the car, online, and IoT devices That retailer/manufacturer competition will play out in four key fields, Archer said: the home, the car, online and social media, and from devices themselves.To read this article in full, please click here

On the ‘net: ARCnet

ARCnet was not an accidental choice in the networks I supported at the time. While thinnet was widely available, it required running coax cable. The only twisted pair Ethernet standard available at the time required new cables to be run through buildings, which could often be an expensive proposition. For instance, one of the places that relied heavily on ARCnet was a legal office in a small town in north-central New Jersey. @ECI’s LighTALK

1 1,360 1,361 1,362 1,363 1,364 3,856