REPT: reverse debugging of failures in deployed software

REPT: reverse debugging of failures in deployed software Cui et al., OSDI’18

REPT (‘repeat’) won a best paper award at OSDI’18 this month. It addresses the problem of debugging crashes in production software, when all you have available is a memory dump. In particular, we’re talking about debugging Windows binaries. To effectively understand and fix bugs, a developer wants to be able to follow the path leading up to the point of failure. Not just the control flow, but also the data values involved. This is known as reverse debugging. What’s so clever about REPT is that it enables reverse debugging without the high overheads of record/replay systems (typically up to 200%). It combines low overhead hardware tracing (Intel PT) to record a programs control flow, with a novel binary analysis technique to recover (a very good percentage of) data flow information. Evaluated on 16 real-world bugs in software such as Chrome, Apache, PHP, and Python, REPT enabled effective reverse debugging for 14 of them, including 2 concurrency bugs.

REPTs offline binary analysis and reverse debugging is integrated into WinDbg, and the Windows Error Reporting service (WER) is enhanced to support REPT so that developers can request Intel PT Continue reading

What is a private cloud? [ And some things that it’s not ]

Private cloud is a well-defined term that government standards groups and the commercial cloud industry have pretty much agreed upon, and while some think its use is waning, recent analysis indicates that spending on private cloud is still growing at a breakneck pace.A study by IDC projects that sales from private-cloud investment hit $4.6 billion in the second quarter of 2018 alone, which is a 28.2 percent increase from the same period in 2017.[ Also see How to plan a software-defined data-center network and Efficient container use requires data-center software networking.] So why are organizations attracted to private cloud?To read this article in full, please click here

What is a private cloud? [ And some things that it’s not ]

Private cloud is a well-defined term that government standards groups and the commercial cloud industry have pretty much agreed upon, and while some think its use is waning, recent analysis indicates that spending on private cloud is still growing at a breakneck pace.A study by IDC projects that sales from private-cloud investment hit $4.6 billion in the second quarter of 2018 alone, which is a 28.2 percent increase from the same period in 2017.[ Also see How to plan a software-defined data-center network and Efficient container use requires data-center software networking.] So why are organizations attracted to private cloud?To read this article in full, please click here

What is a private cloud? [ And some things that it’s not ]

Private cloud is a well-defined term that government standards groups and the commercial cloud industry have pretty much agreed upon, and while some think its use is waning, recent analysis indicates that spending on private cloud is still growing at a breakneck pace.A study by IDC projects that sales from private-cloud investment hit $4.6 billion in the second quarter of 2018 alone, which is a 28.2 percent increase from the same period in 2017.[ Also see How to plan a software-defined data-center network and Efficient container use requires data-center software networking.] So why are organizations attracted to private cloud?To read this article in full, please click here

What is a private cloud? [ And some things that it’s not]

Private cloud is a well-defined term that government standards groups and the commercial cloud industry have pretty much agreed upon, and while some think its use is waning, recent analysis indicates that spending on private cloud is still growing at a breakneck pace.A study by IDC projects that sales from private-cloud investment hit $4.6 billion in the second quarter of 2018 alone, which is a 28.2 percent increase from the same period in 2017.[ Also see How to plan a software-defined data-center network and Efficient container use requires data-center software networking.] So why are organizations attracted to private cloud?To read this article in full, please click here

What is a private cloud? [ And some things that it’s not]

Private cloud is a well-defined term that government standards groups and the commercial cloud industry have pretty much agreed upon, and while some think its use is waning, recent analysis indicates that spending on private cloud is still growing at a breakneck pace.A study by IDC projects that sales from private-cloud investment hit $4.6 billion in the second quarter of 2018 alone, which is a 28.2 percent increase from the same period in 2017.[ Also see How to plan a software-defined data-center network and Efficient container use requires data-center software networking.] So why are organizations attracted to private cloud?To read this article in full, please click here

What is a private cloud? [ And some things that it’s not]

Private cloud is a well-defined term that government standards groups and the commercial cloud industry have pretty much agreed upon, and while some think its use is waning, recent analysis indicates that spending on private cloud is still growing at a breakneck pace.A study by IDC projects that sales from private-cloud investment hit $4.6 billion in the second quarter of 2018 alone, which is a 28.2 percent increase from the same period in 2017.[ Also see How to plan a software-defined data-center network and Efficient container use requires data-center software networking.] So why are organizations attracted to private cloud?To read this article in full, please click here

Notes on the UK IoT cybersec “Code of Practice”

The British government has released a voluntary "Code of Practice" for securing IoT devices. I thought I'd write some notes on it.

First, the good parts

Before I criticize the individual points, I want to praise if for having a clue. So many of these sorts of things are written by the clueless, those who want to be involved in telling people what to do, but who don't really understand the problem.

The first part of the clue is restricting the scope. Consumer IoT is so vastly different from things like cars, medical devices, industrial control systems, or mobile phones that they should never really be talked about in the same guide.

The next part of the clue is understanding the players. It's not just the device that's a problem, but also the cloud and mobile app part that relates to the device. Though they do go too far and include the "retailer", which is a bit nonsensical.

Lastly, while I'm critical of most all the points on the list and how they are described, it's probably a complete list. There's not much missing, and the same time, it includes little that isn't necessary. In contrast, a lot of other Continue reading

Comparing Upgrade Strategies with Cumulus Linux

You’ve been running your Cumulus Linux network for a while, and everything has been running perfectly. Cumulus Linux has sliced your bread, you’ve gotten a promotion because your boss can’t believe how successful the project was, and the cost savings being felt by the organization. Your company has even been able to fire the accountant because Cumulus Linux has surprisingly also done your taxes for the coming year, and in general everything is going swimmingly with your open networking.

So what now, is our story over? Well not exactly, enterprise networks have long lifespans. Hyperscalers typically operate on a refresh cycle of 3-5 years. For them, anything over 3/yrs old is considered tech debt. Anything over 5/yrs old is considered a critical fault point. Your typical enterprise network may be around even longer than that. It is very common in this timespan for the needs of the applications to change requiring the network to change too. This often requires support for newer features at some point in the lifecycle of the equipment.

While the scenario above is quite rosey, (Hey – this is our blog after all!) the reasons for wanting to upgrade are many and varied. New features, Continue reading

More Videos By Us

During VMworld 2018, the Packet Pushers team girded themselves with an array of video gear. We conducted a live deployment to validate some ideas we had about producing video.  Our starting idea is to  asking a single question “What do customers not know about your company/product/technology?” In the end, we did about 30 videos of […]

The post More Videos By Us appeared first on EtherealMind.

DOH!

The level of interest in the general topic of routing security seems to come in waves in our community. At times it seems like the interest from network operators, researchers, security folk and vendors climbs to an intense level, while at other times the topic appears to be moribund. If the attention on this topic at NANOG 74 is anything to go by we seem to be experiencing a local peak.

Senegal First African Country to Implement Recommendations of ‘Personal Data Protection Guidelines for Africa’

Last week, we have had a busy two days (11-12 October 2018) in Dakar participating in a mutlistakeholder workshop on Privacy and Personal Data Protection in Senegal co-organized by the Personal Data Protection Commission (CDP), the Ministry in charge of Digital Economy (MCTPEN), the Internet Society Senegal Chapter, and supported by the African Regional Bureau of the Internet Society. This workshop was recommended in the Personal Data Protection Guidelines for Africa launched in May 2018 during #AISDakar by the African Union and the Internet Society.

Senegal stands out as the first African Union member to act on that recommendation and run such a workshop, bringing together policy makers, law enforcement, data protection authorities, lawyers, academics, entrepreneurs, and actors of the private sector, civil society, and technologists to debate the issues and build a shared vocabulary and shared understanding.

The discussion was wide-ranging, informed, and mature

Wide-ranging, because the organizers did a great job of attracting a diverse and engaged set of stakeholders and giving them the time and space to contribute.

Informed, because the participants were asking all the right questions (about privacy, innovation, cybercrime, threats to information, reputation and Continue reading

1 1,430 1,431 1,432 1,433 1,434 3,840