0

ISOC Engages with R&E Networking in the Asia-Pacific Region

The APAN 45 meeting was held on 25-29 March 2018 in Singapore, where Kevin Meynell presented the MANRS routing security initiative during the Network Engineering Workshop.

We’ve previously discussed the underlying trust-based issues of BGP that MANRS attempts to address in a number of blogs, but we’re particularly interested in partnering with R&E networking communities for the reasons that National Research and Education Networks (NRENs) are often early adopters of new technologies and initiatives, they’re interested in distinguishing themselves from commercial operators, and the R&E community is a collaborative one.

This engagement resulted in significant interest from a number of NRENs in becoming MANRS participants, with AARNet (Australian Academic and Research Network) signing-up shortly afterwards (AS 7575). The presentation is available on the APAN 45 website, and may be freely used by those interested in promoting MANRS to raise awareness of routing security issues and promote the initiative.

APAN (Asia Pacific Advanced Network) supports the R&E networks in the region to help them to connect to each other and to other R&E networks around the world, allows knowledge to be exchanged, and coordinates the activities, services and applications of its members for their common good. APAN and the preceding APNG Continue reading

0

Network Break 180: Tetration In The Cloud; Attackers Target Cisco Switches

0

The Week in Internet News: AI Goes to the Dogs

Do you trust this documentary? Do You Trust This Computer? is a new documentary from filmmaker Chris Paine that’s dedicated to the dangers of artificial intelligence. Elon Musk, who’s been vocal about the potential downsides of the technology, appears in the film and has promoted it. But The Verge finds the film a bit overly dramatic, saying “feels more like a trailer for a bad sci-fi movie than a documentary on AI.”

Or you could just get a dog: Speaking of AI, researchers at the University of Washington in Seattle are using canine behavior to train an AI system to make dog-like decisions, reports MIT Technology Review.  The researchers are using dog behavior as a way to help AI better learn how to plan, with hopes of helping AI better understand visual intelligence, among other things.

News apps meet the Great Firewall: The Chinese government has temporarily blocked four news apps from being downloaded from Android app stores, ZDNet reports. The apps, with a combined user base of more than 400 million, have been suspended for up to three weeks in an apparent government media crackdown. Meanwhile, Chinese regulators have permanently banned a joke app for supposed vulgar content.

Continue reading

0

At RSA USA 2018 in San Francisco this week? Join the IoT Security conversation on Tuesday, April 17

Are you attending the RSA USA 2018 Conference this week in San Francisco? If so, please plan to join this panel session happening Tuesday, April 17, 2018, from 3:30 – 4:14pm (PDT):

IoT Trust by Design: Lessons Learned in Wearables and Smart Home Products

Moderated by my colleague Jeff Wilbur, Director of the Online Trust Alliance (OTA), the panel abstract is:

---

The world has awakened to the need for tighter security and privacy in consumer-grade IoT offerings. This panel will present a trust framework for IoT, and wearable and smart home experts will discuss top attack vectors, typical vulnerabilities in devices, apps and systems, common reasons for design compromise, the evolution of security and privacy in IoT and where it needs to go.

---

They will be discussing the OTA’s IoT Trust Framework, as well as some new mechanisms available to help enterprises understand the risks associated with IoT devices.

If you believe securing the Internet of Things is a critical step to having a secure Internet, please join Jeff and his panelists to learn more.

Unfortunately there appears to be no live stream available but they do seem to be recording many of the sessions. If Jeff’s Continue reading

0

Juniper – NXTWORK 2018 – Save the date!

Juniper has finally released the dates for 4th annual partner and customer Juniper NXTWORK conference – and the event has …

Continue reading →

The post Juniper – NXTWORK 2018 – Save the date! appeared first on Fryguy's Blog.

0

Notes on setting up Raspberry Pi 3 as WiFi hotspot

I want to sniff the packets for IoT devices. There are a number of ways of doing this, but one straightforward mechanism is configuring a "Raspberry Pi 3 B" as a WiFi hotspot, then running tcpdump on it to record all the packets that pass through it. Google gives lots of results on how to do this, but they all demand that you have the precise hardware, WiFi hardware, and software that the authors do, so that's a pain.


I got it working using the instructions here. There are a few additional notes, which is why I'm writing this blogpost, so I remember them.
https://www.raspberrypi.org/documentation/configuration/wireless/access-point.md

I'm using the RPi-3-B and not the RPi-3-B+, and the latest version of Raspbian at the time of this writing, "Raspbian Stretch Lite 2018-3-13".

Some things didn't work as described. The first is that it couldn't find the package "hostapd". That solution was to run "apt-get update" a second time.

The second problem was error message about the NAT not working when trying to set the masquerade rule. That's because the 'upgrade' updates the kernel, making the running system out-of-date with the files on the disk. The solution to that is make Continue reading

0

Cisco Ramps Up RSA Conference Security Services Roll Out

It added new email security services, visibility and malware protection features, and managed security offerings through IT services company ConnectWise.

0

My letter urging Georgia governor to veto anti-hacking bill

February 16, 2018

Office of the Governor
206 Washington Street
111 State Capitol
Atlanta, Georgia 30334


Re: SB 315

Dear Governor Deal:

I am writing to urge you to veto SB315, the "Unauthorized Computer Access" bill.

The cybersecurity community, of which Georgia is a leader, is nearly unanimous that SB315 will make cybersecurity worse. You've undoubtedly heard from many of us opposing this bill. It does not help in prosecuting foreign hackers who target Georgian computers, such as our elections systems. Instead, it prevents those who notice security flaws from pointing them out, thereby getting them fixed. This law violates the well-known Kirchhoff's Principle, that instead of secrecy and obscurity, that security is achieved through transparency and openness.

That the bill contains this flaw is no accident. The justification for this bill comes from an incident where a security researcher noticed a Georgia state election system had made voter information public. This remained unfixed, months after the vulnerability was first disclosed, leaving the data exposed. Those in charge decided that it was better to prosecute those responsible for discovering the flaw rather than punish those who failed to secure Georgia voter information, hence this law.

Too many security experts oppose Continue reading

0

Should I Take CCIE DC or ipSpace.net Data Center Online Course?

Got this question from a networking engineer who couldn’t decide whether to go for CCIE Data Center certification or attend my Building Next-Generation Data Center online course:

I am considering pursuing CCIE DC. I found your Next-Generation DC course very interesting. Now I am bit confused trying to decide whether to start with CCIE DC first and then do your course.

You might be in a similar position, so here’s what I told him.

Read more ...

0

IaaS Cloud Adoption Trends

0

Cleared JNCIS-Devops

Last week I went to write JNCIS-Devops exam, I was under an impression that I may not be able to clear it but good did happen!

First and Foremost

-> I had the official training for JAUTcourse – The course is extremetly helpful as it provides the precise material and also the structured lab environment for you to explore and study, nothing beats a class-room study and training environment

But, after appearing I can tell you that you dont really require the offiicial training (if that is the only thing stopping you to think about the exam), the exam will test you for your understanding of automation philosophy and also how Juniper Implements it.

Topics of Interest

– Juniper  pyez – understand how everything helps in Pyez

Dayone Books Helps – https://www.juniper.net/uk/en/training/jnbooks/day-one/automation-series/junos-pyez-cookbook/

– Juniper ansible – https://www.juniper.net/uk/en/training/jnbooks/day-one/automation-series/junos-pyez-cookbook/

-Book – Network Programmability and Automation

https://www.safaribooksonline.com/library/view/network-programmability-and/9781491931240/

— Jsnapy – https://www.juniper.net/uk/en/training/jnbooks/day-one/automation-series/using-jsnap-automate-network-verifications/

All you need to have are couple of VMX devices a Linux machine and you should be able to deploy all of the automation efforts discussed in above books.

You dont have to know the code in your head or how to write a Continue reading

0

ipSpace.net Subscription Now Available with PayPal

Every second blue moon someone asks me whether they could buy ipSpace.net subscription with PayPal. So far, the answer has been no.

Recently we started testing whether we could use Digital River to solve a few interesting challenges we had in the past, and as they offer PayPal as a payment option, it seemed to be a perfect fit for a low-volume trial.

The only product that you can buy with PayPal during the trial is the standard subscription – just select PayPal as the payment method during the checkout process.

Finally: the first three subscribers using PayPal will get extra 6 months of subscription.

0

Let’s stop talking about password strength

Picture from EFF -- CC-BY license

Near the top of most security recommendations is to use "strong passwords". We need to stop doing this.

Yes, weak passwords can be a problem. If a website gets hacked, weak passwords are easier to crack. It's not that this is wrong advice.

On the other hand, it's not particularly good advice, either. It's far down the list of important advice that people need to remember. "Weak passwords" are nowhere near the risk of "password reuse". When your Facebook or email account gets hacked, it's because you used the same password across many websites, not because you used a weak password.

Important websites, where the strength of your password matters, already take care of the problem. They use strong, salted hashes on the backend to protect the password. On the frontend, they force passwords to be a certain length and a certain complexity. Maybe the better advice is to not trust any website that doesn't enforce stronger passwords (minimum of 8 characters consisting of both letters and non-letters).

To some extent, this "strong password" advice has become obsolete. A decade ago, websites had poor protection (MD5 hashes) and no enforcement of complexity, so it Continue reading

0

Symantec Shares Its Own Internal Threat Detection Tools for Targeted Attacks

This technology uncovered last year’s Dragonfly 2.0 attacks targeting energy companies to gain access to the power grid.

0

Introducing the new Cumulus VP of Engineering

It’s a new era for Cumulus technology. We’re thrilled to announce the new Cumulus VP of Engineering – Partho Mishra. Partho joins Cumulus with 25 years of experience in product definition, engineering development and technology evangelization in data science/analytics, wireless and networking.

A truly experienced leader

Prior to joining Cumulus, Partho was running the RASA Network Analytics team at Aruba where he lead as CEO and then VP after RASA was acquired by Aruba in 2016. At RASA analytics, Partho’s team was in charge of developing a product that used ML/AI techniques to analyze data collected from network infrastructure to help Aruba customers with optimizing their wireless network and improving user experience.

Previously, he was Vice President and General Manager of Cisco’s Service Provider Access Business Unit with responsibility for Metro-Ethernet and Wireless Backhaul products including the ASR 901, ASR 903, ME 3400 and CPT 50 products.

Partho is no stranger to bringing startups to the next level. Prior to being acquired, RASA was a VC-funded startup with Khosla Ventures as the lead investor. Additionally, he was involved as part of the initial technology/founding teams in two Silicon Valley start-ups: Airgo Networks (acquired by Qualcomm) and Iospan Wireless (acquired by Continue reading

0

Worth Reading: The Death of Expertise

Bruno Wollman pointed me to an excellent article on the ignorance of expertise and confidence of the dumb. Here’s the TL&DR summary (but you should really read the whole thing):

• The expert isn’t always right;
• An expert is far more likely to be right than you are;
• Experts come in many flavors – usually you need a combination of education and expertise;
• In any discussion, you have a positive obligation to learn at least enough to make the conversation possible. University of Google doesn’t count;
• While you’re entitled to have an opinion, having a strong opinion isn’t the same as knowing something.

Enjoy ;)

0

xRAN, Open vRAN, and OpenRAN: What’s the Difference?

These three initiatives are all focused on virtualizing the RAN, and some of the same companies belong to all three groups. But why are there three?

0

Embark on your Docker Containerization journey at DockerCon 2018

DockerCon is the premier container conference where the IT industry comes together to learn, belong, and collaborate on the different phases of the containerization journey. This year, we’re focusing on helping our 6,000+ attendees define their containerization journeys. Whether you’re a developer just getting started with Docker or an Enterprise systems architect ready to scale and innovate, at DockerCon we’ll help you map out and implement a containerization strategy for you, your team and your company.

Throughout the four days, you’ll have the chance to design your own DockerCon journey – selecting from 7 different breakout session tracks, a collection of free hands-on labs and workshops, and our peer to peer networking Hallway Track.

This year at DockerCon we’re designing our conference around the containerization journey and providing opportunities for our attendees to create tailored learning and networking experiences for their particular needs.

We’ve identified four stages of the containerization journey that will be present at DockerCon 2018:

The event program is designed to be a “choose your own adventure,” allowing every attendee to find the content, people, trainings, and labs that are right for them. Maybe you’re new to the Docker platform and are looking for more information on Continue reading

0

After Facebook, Are Google, Amazon And Apple Next?

Facebook is the current villain of surveillance capitalism, but other tech giants may find themselves being asked difficult questions about what they know about us.

0

The Battle Of The InfiniBands, Part Two

For decades, the IT market has been obsessed with the competition between suppliers of processors, but there are rivalries between the makers of networking chips and the full-blown switches that are based on them that are just as intense. Such a rivalry exists between the InfiniBand chips from Mellanox Technologies and the Omni-Path chips from Intel, which are based on technologies Intel got six years ago when it acquired the InfiniBand business from QLogic for $125 million.

At the time, we quipped that AMD needed to buy Mellanox, but instead AMD turned right around and shelled out $334 million to …

The Battle Of The InfiniBands, Part Two was written by Timothy Prickett Morgan at The Next Platform.