Tech Companies Endorse MANRS Routing Security Actions

A coalition of more than 40 companies focused on protecting online users has endorsed a global community initiative, coordinated by the Internet Society, to improve the security of the Internet’s routing system.

The Cybersecurity Tech Accord, whose members include Facebook, Microsoft, Oracle, and Hewlett Packard Enterprise, will support the Mutually Agreed Norms for Routing Security (MANRS) initiative.

The goal of MANRS is to ensure a secure and resilient Internet by protecting its routing infrastructure. In 2017 alone, more than 14,000 routing outages or attacks – such as hijacking, leaks, or spoofing – resulted in stolen data, lost revenue, and reputational damage.

“The new endorsement is a good first step,” said Salam Yamout, Internet Society Lead for the MANRS initiative.

“It is not enough to talk about routing security; it is time for action,” Yamout added. “Because the Internet’s routing system was built on the principles of collaboration and shared responsibility, this endorsement from the Cybersecurity Tech Accord and our new partnership is a major step forward. It clearly reflects the will of industry to be proactive in implementing safe routing practices.”

MANRS focuses on four defensive actions that can reduce the most common routing threats:

Stuff The Internet Says On Scalability For August 10th, 2018

Hey, it's HighScalability time (out Thur-Fri, so we're going early):

 

London Maker Faire 1851—The Great Exhibition—100,000 objects, displayed along more than 10 miles, by over 15,000 contributors.

 

Do you like this sort of Stuff? Please lend me your support on Patreon. It would mean a great deal to me. And if you know anyone looking for a simple book that uses lots of pictures and lots of examples to explain the cloud, then please recommend my new book: Explain the Cloud Like I'm 10. They'll love you even more.

 

  • 90%: accuracy predicting gender from retinal image; $1 billion: Ebay sales per quarter from AI; $78 billion: global AI software market by 2025; $75m: penalty for botched SAP upgrade; 35 million: m^3 of mud dredged out of the Dutch waterways; 138 terabytes: memory per square inch; 500 million: Uber metrics per second; 22x: new faster JSON Sparser; 

  • Quotable Quotes:
    • @IanColdwater: The JIRA tickets will continue until morale improves
    • @david_perell: Three crazy stats from @mikedariano’s newsletter. 1. People watch more Minecraft hours than the NBA, NHL, NFL, and MLB combined.  2. Only 26 countries have more people than Continue reading

The rise of next-generation network packet brokers

Network packet brokers (NPB) have played a key role in helping organizations manage their management and security tools. The tool space has exploded, and there is literally a tool for almost everything. Cybersecurity, probes, network performance management, forensics, application performance, and other tools have become highly specialized, causing companies to experience something called “tool sprawl” where connecting a large number of tools into the infrastructure creates a big complex mesh of connections.Ideally, every tool would receive information from every network device, enabling it to have a complete view of what’s happening, who is accessing what, where they are coming in from, and when events occurred.To read this article in full, please click here

The rise of next-generation network packet brokers

Network packet brokers (NPB) have played a key role in helping organizations manage their management and security tools. The tool space has exploded, and there is literally a tool for almost everything. Cybersecurity, probes, network performance management, forensics, application performance, and other tools have become highly specialized, causing companies to experience something called “tool sprawl” where connecting a large number of tools into the infrastructure creates a big complex mesh of connections.Ideally, every tool would receive information from every network device, enabling it to have a complete view of what’s happening, who is accessing what, where they are coming in from, and when events occurred.To read this article in full, please click here

The rise of next-generation network packet brokers

Network packet brokers (NPB) have played a key role in helping organizations manage their management and security tools. The tool space has exploded, and there is literally a tool for almost everything. Cybersecurity, probes, network performance management, forensics, application performance, and other tools have become highly specialized, causing companies to experience something called “tool sprawl” where connecting a large number of tools into the infrastructure creates a big complex mesh of connections.Ideally, every tool would receive information from every network device, enabling it to have a complete view of what’s happening, who is accessing what, where they are coming in from, and when events occurred.To read this article in full, please click here

Optimising Caching on Pwned Passwords (with Workers)

Optimising Caching on Pwned Passwords (with Workers)

In February, Troy Hunt unveiled Pwned Passwords v2. Containing over half a billion real world leaked passwords, this database provides a vital tool for correcting the course of how the industry combats modern threats against password security.

In supporting this project; I built a k-Anonymity model to add a layer of security to performed queries. This model allows for enhanced caching by mapping multiple leaked password hashes to a single hash prefix and additionally being performed in a deterministic HTTP-friendly way (which allows caching whereas other implementations of Private Set Intersection require a degree of randomness).

Since launch, PwnedPasswords, using this anonymity model and delivered by Cloudflare, has been implemented in a widespread way across a wide variety of platforms - from site like EVE Online and Kogan to tools like 1Password and Okta's PassProtect. The anonymity model is also used by Firefox Monitor when checking if an email is in a data breach.

Since it has been adopted, Troy has tweeted out about the high cache hit ratio; and people have been asking me about my "secret ways" of gaining such a high cache hit ratio. Over time I touched various pieces of Cloudflare's caching systems; in late 2016 Continue reading

Building Connectivity Across 27,000 Square Miles

In November 2017, the Internet Society hosted the inaugural Indigenous Connectivity Summit in Santa Fe, New Mexico. The event brought together community network operators, Internet service providers, community members, researchers, policy makers, and Indigenous leadership to work together to bridge the connectivity gap in indigenous communities in North America. One of the participants shared her story.

The Navajo Nation spans over 27,000 square miles across three states, making it the largest indigenous nation in the United States, in both geographic area and population. With such a sizable landmass, network building can face significant challenges.

“Infrastructure and coverage are tricky because of the way that the Navajo Nation is surrounded by highways and railways but none really cross through,” says Sylvia Jordan, Principal IT for the Navajo Nation Division of Community Development. “We are trying to bridge middle mile to last/first mile,” says Jordan, “while maintaining affordability for communities requesting access.”

The unique geographic features of the area can dictate connection quality in many areas on the Navajo Nation. Jordan explains that the ridge around Black Mesa, which is more than 8,000 feet high, is large enough that service can trickle down to some rural communities in the southern part of the Continue reading

How to query your Linux system kernel

How much can your Linux system tell you about the kernel it's running and what commands are available to help you ask? Let's run through some of them.uname The simplest and most straight-forward command for providing information on your kernel is the uname -r command. It provides a succinct answer to your question but in a format that also includes a number of fields each which provides a particular piece of information.$ uname -r 4.15.0-30-generic ^ ^ ^ ^ ^ | | | | | | | | | | | | | | +-- the distribution-specific string | | | +------- the latest bug fix | | +---------- the minor revision | +------------ the major revision +--------------- the kernel version Add an "s" and your output will include the kernel's name:To read this article in full, please click here

Submarine cables carry whole Internet Traffic ! More than 95

Submarine cables carry whole Internet Traffic. I am not exaggerating. Today’s 95{ea8372c0850978052e20c0d53be15bc420c794e9b9b32f0ee9dfe0056552e01e} of the Internet Traffic is carried over Submarine cables.     They are so important but as a network engineer how much do you know about Submarine cables ?       I explained the fundamentals of submarine cables in this post. If …

Continue reading "Submarine cables carry whole Internet Traffic ! More than 95"

The post Submarine cables carry whole Internet Traffic ! More than 95 appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Submarine cables carry whole Internet Traffic ! More than 95

Submarine cables carry whole Internet Traffic. I am not exaggerating. Today’s 95{ea8372c0850978052e20c0d53be15bc420c794e9b9b32f0ee9dfe0056552e01e} of the Internet Traffic is carried over Submarine cables.     They are so important but as a network engineer how much do you know about Submarine cables ?       I explained the fundamentals of submarine cables in this post. If …

Continue reading "Submarine cables carry whole Internet Traffic ! More than 95"

The post Submarine cables carry whole Internet Traffic ! More than 95 appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Submarine cables carry whole Internet Traffic ! More than 95%

Submarine cables carry whole Internet Traffic. I am not exaggerating. Today’s 95% of the Internet Traffic is carried over Submarine cables.     They are so important but as a network engineer how much do you know about Submarine cables ?       I explained the fundamentals of submarine cables in this post. If […]

The post Submarine cables carry whole Internet Traffic ! More than 95% appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Bounding data races in space and time – part I

Bounding data races in space and time Dolan et al., PLDI’18

Are you happy with your programming language’s memory model? In this beautifully written paper, Dolan et al. point out some of the unexpected behaviours that can arise in mainstream memory models (C++, Java) and why we might want to strive for something better. Then they show a comprehensible (!) memory model that offers good performance and supports local reasoning. The work is being done to provide a foundation for the multicore implementation of OCaml, but should be of interest much more broadly. There’s so much here that it’s worth taking our time over it, so I’m going to spread my write-up over a number of posts.

Today we’ll be looking at the concept of local data-race-freedom (local DRF) and why we might want this property in a programming language.

Mainstream memory models don’t support local reasoning

Modern processors and compilers have all sorts of trickery they can deploy to make your program run faster. The optimisations don’t always play well with parallel execution though.

To benefit from these optimisations, mainstream languages such as C++ and Java have adopted complicated memory models which specify which of these relaxed Continue reading

1 1,452 1,453 1,454 1,455 1,456 3,787