Weekend Reads 090718

Did the passage of gDPR impact the amount of spam on the ‘net, or not? It depends on who you ask.

The folks at the Recorded Future blog examined the volume of spam and the number of registrations for domains used in phishing activity, and determined the volume of spam was not impacted by the implementation of Europe’s new privacy laws.

There were many concerns that after the European Union’s General Data Protection Regulation (GDPR) went into effect on May 25, 2018, there would be an uptick in spam. While it has only been three months since the GDPR went into effect, based on our research, not only has there not been an increase in spam, but the volume of spam and new registrations in spam-heavy generic top-level domains (gTLDs) has been on the decline.

John Levine at CircleID, however, argues the measures used in the Recorded Future piece are not useful measures of spam volume in relation to the controls imposed by GDPR:

To understand the effect of GDPR, the relevant questions are: Is GDPR enabling damage, because it makes detection, blocking, and mitigation harder?

Note that the CircleID article only addresses the domain registration question, and does Continue reading

Come Visit Our Booth at DevOpsDays Raleigh 2018!

DevOpsDays is a technical conference for developers, system administrators and anyone else, whether expert or beginner, involved in technology. With technology and responsibilities crossing over spaces, DevOps is a movement that has rapidly spread through the technical community along with the adoption of agile techniques. DevOps Days take place all over the world as self-organized events which community members who are passionate about their work attend. The format of presentations, Ignites and Open Spaces is unique to this event. It is highly interactive and invigorating for attendees.

Come say hi, give us your feedback, and you could win a Nintendo Switch!

We’d love to get feedback from you, our customers, on what courses you’d like to see next. We’re constantly working to create new content which caters to a variety of technical certifications. We need your help deciding the best topics to add to our ever-exanding DevOps course library. As a token of appreciation, everyone who visits our booth and assists us by suggesting DevOps course topics will be entered into a contest to win a Nintendo Switch.

 

INE is also looking for talented individuals to propose and execute new courses.

Interested in working with us? We’re looking for Continue reading

We Need a Common Language for the Internet of Things

When someone tells me they have bought smart light bulbs, an Internet-connected pet cam, or any other Internet of Things (IoT) device, I always get an unsettled feeling in the pit of my stomach. They’re so excited about the affordances or their new IoT devices and apps, but I am skeptical about the privacy and security vulnerabilities. How do I have a conversation about these concerns without coming across as hyper paranoid? Perhaps the answer is that we aren’t quite ready to discuss these issues on a societal level.

Privacy and security advocates all over the world have been talking about the threats that IoT may pose to society – unless standards and regulations are put in place to help mitigate some of these risks. They champion that privacy and security should be built into design and should not come as an afterthought.

While I praise the work that advocates are doing, IoT devices are on the shelves right now and we need to be able to have conversations with everyday folk about what privacy and security risks look like in the digital economy. However, how can we have these conversations when we haven’t yet established understandable and common terms Continue reading

A Review of Ubiquiti Wireless

About six months ago, I got fed up with my Meraki MR34 APs. They ran just fine, but they needed attention. They needed licenses. They needed me to pay for a dashboard I used rarely but yet had to keep up yearly. And that dashboard had most of the “advanced” features hidden away under lock and key. I was beyond frustrated. I happen to be at the Wireless LAN Professionals Conference (WLPC) and ran into Darrell DeRosia (@Darrell_DeRosia) about my plight. His response was pretty simple:

“Dude, you should check out Ubiquiti.”

Now, my understanding of Ubiquiti up to that point was practically nothing. I knew they sold into the SMB side of the market. They weren’t “enterprise grade” like Cisco or Aruba or even Meraki. I didn’t even know the specs on their APs. After a conversation with Darrell and some of the fine folks at Ubiquiti, I replaced my MR34s with a UniFI AP-AC-HD and an AP-AC-InWall-Pro. I also installed one of their UniFi Security Gateways to upgrade my existing Linksys connection device.

You may recall my issue with redundancy and my cable modem battery when I tried to install the UniFi Security Gateway for Continue reading

IDG Contributor Network: 5 reasons why it’s important to mix and match in your cloud strategy

The rise of the cloud settled the age-old debate about whether IT teams should choose an array of exceptional technologies from various providers, or a fully integrated stack of (mostly unexceptional) applications from a single vendor.Thanks to cloud computing, you can have the very best applications—and the very best clouds—for the IT tasks at hand. And you don't have to deal with the headache of investing heavily in infrastructure and building it yourself.Here's a quick look at five ways the cloud and related technologies enable your IT team to launch, integrate, scale, and secure the full spectrum of applications.1. You can pick the best cloud for the job While businesses may end up running most applications in a single cloud, there are lots of reasons to diversify and adopt a multi-cloud strategy. The major cloud infrastructure providers have individual strengths—and a well-planned multi-cloud strategy enables you to pick the cloud platform that offers the best combination of technical features, pricing, and performance for each application.  Some examples of workloads that may be better running on one hyper-scale cloud over another could be enterprise business applications, big data or high-performance computing (HPC) workloads.To read this article Continue reading

IDG Contributor Network: 5 reasons why it’s important to mix and match in your cloud strategy

The rise of the cloud settled the age-old debate about whether IT teams should choose an array of exceptional technologies from various providers, or a fully integrated stack of (mostly unexceptional) applications from a single vendor.Thanks to cloud computing, you can have the very best applications—and the very best clouds—for the IT tasks at hand. And you don't have to deal with the headache of investing heavily in infrastructure and building it yourself.Here's a quick look at five ways the cloud and related technologies enable your IT team to launch, integrate, scale, and secure the full spectrum of applications.1. You can pick the best cloud for the job While businesses may end up running most applications in a single cloud, there are lots of reasons to diversify and adopt a multi-cloud strategy. The major cloud infrastructure providers have individual strengths—and a well-planned multi-cloud strategy enables you to pick the cloud platform that offers the best combination of technical features, pricing, and performance for each application.  Some examples of workloads that may be better running on one hyper-scale cloud over another could be enterprise business applications, big data or high-performance computing (HPC) workloads.To read this article Continue reading

Technology Short Take 104

Welcome to Technology Short Take 104! For many of my readers, VMworld 2018 in Las Vegas was “front and center” for them since the last Tech Short Take. Since I wasn’t attending the conference, I won’t try to aggregate information from the event; instead, I’ll focus on including some nuggets you may have missed amidst all the noise.

Networking

Servers/Hardware

  • Greg Schulz discusses new Power9-based systems announced by IBM; see his post. Normally I wouldn’t be too interested in non-x86 stuff, as it seems like x86 is ascendant. However, given the rise of all the various speculative execution attacks, and given the recent interest in ARM platforms (can’t recall if they are affected by the speculative execution attacks), is a revival of non-x86 platforms in the works?

Security

Nothing this time around, but I’ll stay alert for items to include next time!

Cloud Computing/Cloud Management

IDG Contributor Network: Visibility is key for devops and the hybrid cloud

Cloud has undoubtedly become a key component of successful business in recent years, especially when you consider the race to digitally transform. Across the globe, companies are moving their applications and services to the cloud and are consequently reaping the benefits of lower capex and opex as a result.However, with this process, cloud migration is only a beginning for any organization’s digital transformation (DX) journey. If harnessed correctly, cloud is a pillar of innovation for DX, and can be a driving force for new business models and use cases that – even a few years ago – weren’t possible. No one knows this better than devops teams; these teams hold the line when it comes to continuous delivery and deployment, and it therefore stands to reason that devops play a crucial role in the digital transformation journey. In practice however, the decision makers in charge of cloud strategies are rarely those in the bowels of the ship.To read this article in full, please click here

IDG Contributor Network: Visibility is key for devops and the hybrid cloud

Cloud has undoubtedly become a key component of successful business in recent years, especially when you consider the race to digitally transform. Across the globe, companies are moving their applications and services to the cloud and are consequently reaping the benefits of lower capex and opex as a result.However, with this process, cloud migration is only a beginning for any organization’s digital transformation (DX) journey. If harnessed correctly, cloud is a pillar of innovation for DX, and can be a driving force for new business models and use cases that – even a few years ago – weren’t possible. No one knows this better than devops teams; these teams hold the line when it comes to continuous delivery and deployment, and it therefore stands to reason that devops play a crucial role in the digital transformation journey. In practice however, the decision makers in charge of cloud strategies are rarely those in the bowels of the ship.To read this article in full, please click here

Worth Reading: IPv6 Renumbering == Pain in the …

Johannes Weber was forced to stress-test the IPv6 networks are easy to renumber nonsense and documented his test results – a must-read for everyone deploying IPv6.

He found out that renumbering IPv6 in his lab required almost four times as many changes as renumbering (outside) IPv4 in the same lab.

My cynical take on that experience: “Now that you’ve documented everything that needs to be changed, make sure it’s automated the next time ;)

Unveiling and quantifying Facebook exploitation of sensitive personal data for advertising purposes

Unveiling and quantifying Facebook exploitation of sensitive personal data for advertising purposes Cabañas et al., USENIX Security 2018

Earlier this week we saw how the determined can still bypass most browser and tracker-blocking extension protections to track users around the web. Today’s paper is a great example of why you should care about that. Cabañas et al. examine the extent to which the profile Facebook builds on its users includes sensitive personal data made available to advertisers for targeting. The work was done just prior to the GPDR coming into force, which makes for very interesting timing from a legal perspective. The headline result is that it looks like Facebook is holding sensitive data on about 40% of the EU population, and that this data can be used by third-parties to target individuals in sensitive demographics and even identify them at a cost of as little as €0.015 per user.

What kinds of sensitive data are we talking about?

The GDPR definition of sensitive personal data is “data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying Continue reading

Kernel of Truth: Optical networking

Subscribe to Kernel of Truth on iTunes, Google Play, Spotify, Castbox and Stitcher!

Click here for our previous episode.

Let’s talk about lasers! In this episode of Kernel of Truth, I asked Product Manager Brian O’Sullivan (who you’ll remember from our episode about automation) and Principal Engineer Scott Emery to join me in the recording booth and chat about optical networking. We’ll get into topics like forward error correction, the divide between data center networking engineers and optical networking engineers, Voyager and Pink Floyd. Who knew that progressive rock had anything to do with optical networking?? (It doesn’t, really, but we somehow worked it in.)

So tune in and learn why an open packet optical platform is so innovative for optical networking and telco! And make sure to subscribe to the Kernel of Truth podcast so you stay up to date on the open networking revolution — get with the future of networking so you’re not just “Another Brick in the Wall!”

Tweet any questions, feedback or topics you want us to discuss at @cumulusnetworks and use the hashtag #KernelOfTruth — let us know if you like what you’re hearing!

Guest bios

Brian O’Sullivan: Brian Continue reading

BrandPost: Ethernet Adventures: Making Progress with an Old Friend – Good ol’ Ethernet

In the second post of this 3-part series we unravel one hero’s journey on the road to streamlined enterprise networking operations. Ciena’s Chris Sweetapple follows Our Hero’s adventures as he realizes the opportunities of high-bandwidth business Ethernet.In episode 1 our hero, stuck in a tangle of outdated networking equipment, services and complexity, realizes that with business Ethernet as his WAN technology of choice, he can complement the existing network set-up and connect his branch offices, while handling massive volumes of traffic concurrently using high speed (up to 100G) high-performance Ethernet connectivity.To read this article in full, please click here

1 1,475 1,476 1,477 1,478 1,479 3,841