0

No, Ray Ozzie hasn’t solved crypto backdoors

According to this Wired article, Ray Ozzie may have a solution to the crypto backdoor problem. No, he hasn't. He's only solving the part we already know how to solve. He's deliberately ignoring the stuff we don't know how to solve. We know how to make backdoors, we just don't know how to secure them.


The vault doesn't scale

Yes, Apple has a vault where they've successfully protected important keys. No, it doesn't mean this vault scales. The more people and the more often you have to touch the vault, the less secure it becomes. We are talking thousands of requests per day from 100,000 different law enforcement agencies around the world. We are unlikely to protect this against incompetence and mistakes. We are definitely unable to secure this against deliberate attack.

A good analogy to Ozzie's solution is LetsEncrypt for getting SSL certificates for your website, which is fairly scalable, using a private key locked in a vault for signing hundreds of thousands of certificates. That this scales seems to validate Ozzie's proposal.

But at the same time, LetsEncrypt is easily subverted. LetsEncrypt uses DNS to verify your identity. But spoofing DNS is easy, as was recently shown in Continue reading

0

Ericsson: 70% of Service Providers Will Focus on Cellular IoT

The service providers interviewed believe that cellular IoT technologies, such as Cat-M1 and NB-IoT, will be “game changers.”

0

Juniper Unveils Contrail Software to Compete With Cisco, VMware

Contrail Enterprise Multi-Cloud focuses on the data center as part of Juniper's overall strategy to help enterprises deal with multiple clouds.

0

Nokia Puts a Physical Box at the Edge to Support Cloud, 5G

The box runs a real-time OPNFV-compatible, OpenStack-distribution built to run in small data centers or at base station locations.

0

Next Market Transition ? Cheaper Buying, Less Selling

This article was first published in Human Infrastructure Magazine at PacketPushers.net. The cost selling products to the Enterprise is large. How large ? As a rough guide, 20% of a typical IT companies cost is sales and marketing. The number varies, more when a company has a push to grow quickly (Palo Alto Networks had […]

0

IDG Contributor Network: What networks and the Internet of Things are doing for health care

With budgets and resources becoming ever tighter, the health care industry, in common with many others, is undergoing a significant digital transformation. Advances in digital technology are proving to be a great benefit, enabling health care providers to do more with less.The ability to securely access a patient’s Electronic Medical Records (EMR) and their diagnostic test results in real time, from virtually any device, regardless of location, is now largely taken for granted. Not only does it improve a health care provider’s operational efficiency, but it can also allow for more accurate diagnoses and inform a patient’s ongoing treatment plan. Likewise, the introduction of e-prescriptions, and almost ubiquitous Wi-Fi connectivity throughout hospitals and doctors’ surgeries, have reduced the volume of administrative tasks, allowing frontline operatives to concentrate more on their primary task of delivering high-quality health care to their patients.To read this article in full, please click here

0

IDG Contributor Network: What networks and the Internet of Things are doing for health care

With budgets and resources becoming ever tighter, the health care industry, in common with many others, is undergoing a significant digital transformation. Advances in digital technology are proving to be a great benefit, enabling health care providers to do more with less.The ability to securely access a patient’s Electronic Medical Records (EMR) and their diagnostic test results in real time, from virtually any device, regardless of location, is now largely taken for granted. Not only does it improve a health care provider’s operational efficiency, but it can also allow for more accurate diagnoses and inform a patient’s ongoing treatment plan. Likewise, the introduction of e-prescriptions, and almost ubiquitous Wi-Fi connectivity throughout hospitals and doctors’ surgeries, have reduced the volume of administrative tasks, allowing frontline operatives to concentrate more on their primary task of delivering high-quality health care to their patients.To read this article in full, please click here

0

Another BGP Hijacking Event Highlights the Importance of MANRS and Routing Security

Another BGP hijacking event is in the news today. This time, the event is affecting the Ethereum cryptocurrency. (Read more about it here, or here.) Users were faced with an insecure SSL certificate. Clicking through that, like so many users do without reading, they were redirected to a server in Russia, which proceeded to empty the user’s wallet. DNSSEC is important to us, so please check out the Deploy360 DNSSEC resources to make sure your domain names are protected. In this post, though, we’ll focus on the BGP hijacking part of this attack.

What happened?

First, here’s a rundown of routing attacks on cryptocurrency in general – https://btc-hijack.ethz.ch/.

In this case specifically, the culprit re-routed DNS traffic using a man in the middle attack using a server at an Equinix data center in Chicago. Cloudflare has put up a blog post that explains the technical details. From that post:

“This [hijacked] IP space is allocated to Amazon(AS16509). But the ASN that announced it was eNet Inc(AS10297) to their peers and forwarded to Hurricane Electric(AS6939).

“Those IPs are for Route53 Amazon DNS servers. When you query for one of their client zones, those servers Continue reading

0

Update: What will programming look like in the future?

 

Update: Ólafur Arnalds built a robotic music system to accompany him on the piano. He calls his system of two semi generative, self playing pianos—STRATUS. You can hear his most recent song re:member. There's more explanation in The Player Pianos pt. II and a short Facebook live session. His software reacts to his playing in real-time. Then he has to react to the robots because he's not sure what they're going to do. He's improvising like a jazz band would do, but it's with robots. It's his own little orchestra. The result is beautiful. The result is also unexpected. Ólafur makes the fascinating point that usually your own improvisation is limited by your own muscle memory. But with the randomness of the robots you are forced to respond in different ways. He says you get a "pure unrestricted creativity." And it's fun he says with a big smile on his face.

 

 

Maybe programming will look something like the above video. Humans and AIs working together to produce software better than either can separately.

The computer as a creative agent, working in tandem with a human partner, to produce software, in a beautiful act of Continue reading

0

Short Take: Death of the Seven Layer Model

Is the seven-layer OSI model really all that useful any longer? Before you answer, it’s worth listening to my latest short take over at the Network Collective.

0

AT&T Says the 5G Secret Sauce Is in the Software

5G trials from Kalamazoo, Michigan, to Waco, Texas, have helped the company fine-tune its commercial deployment plans. 

0

This Girls in ICT Day, Let’s Increase the Visibility of Women on Wikipedia

At the Women’s Special Interest Group of the Internet Society we are committed to promoting the participation of women in the Internet ecosystem. We also consider it important to increase the content created by and about women on the Internet to give voice and make visible the actions, work, and participation of women in Information and Communication Technologies (ICT).

Just 17% of Wikipedia biographies are of women. This happens because of the invisibility on the Internet of their work, which makes it difficult to create their biographies, no matter how valuable their work is.

April 26 is the International Day of Girls in ICT, promoted by the ITU. It aims to reduce the digital gender gap and encourage and motivate girls to participate in tech careers. With the support of the Wikimedia Foundation and Internet Society Chapters, we are going to commemorate the Girls in ICT Day with an editathon marathon in Wikipedia, to include all the women who are working to build an open Internet, free, safe, transparent, and affordable for everyone.

The important thing about this Global Editathon “Girls in ICT” is that the content will be created by women in their native language or in the Continue reading

0

Enterprise IoT Benefits and Challenges

0

Red Hat Gets Serious About Selling Open Source Storage

If there is one consistent complaint about open source software over the past three decades that it has been on the rise, it is that it is too difficult to integrate various components to solve a particular problem because the software is not really enterprise grade stuff. Well, that is two complaints, and really, there are three because even if you can get the stuff integrated and running well, that doesn’t mean you can keep it in that state as you patch and update it. So now we are up to three complaints.

Eventually, all software needs to be packaged …

Red Hat Gets Serious About Selling Open Source Storage was written by Timothy Prickett Morgan at The Next Platform.

0

Google: Addressing Cascading Failures

Like the Spanish Inquisition, nobody expects cascading failures. Here's how Google handles them.

This excerpt is a particularly interesting and comprehensive chapter—Chapter 22 - Addressing Cascading Failures—from Google's awesome book on Site Reliability Engineering. Worth reading if it hasn't been on your radar. And it's free!

Written by Mike Ulrich

If at first you don't succeed, back off exponentially."

Dan Sandler, Google Software Engineer

Why do people always forget that you need to add a little jitter?"

Ade Oshineye, Google Developer Advocate

A cascading failure is a failure that grows over time as a result of positive feedback.¹⁰⁷ It can occur when a portion of an overall system fails, increasing the probability that other portions of the system fail. For example, a single replica for a service can fail due to overload, increasing load on remaining replicas and increasing their probability of failing, causing a domino effect that takes down all the replicas for a service.

We’ll use the Shakespeare search service discussed in Shakespeare: A Sample Service as an example throughout this chapter. Its production configuration might look something like Figure 22-1.

Figure 22-1. Example production configuration for the Shakespeare search service

Causes of Cascading Failures and Designing to Avoid Them

0

Verizon, Citrix, and Hitachi Invest in The Fabric’s Latest $20M Funding Pool

The investment firm was part of the funding behind VeloCloud, Perspica, and Appcito.

0

Continuing Support for the Work of the IETF

The Internet Engineering Task Force (IETF) has been working recently to update its administrative arrangements to match the changing requirements it faces as the premiere Internet standards organization.

It has been more than a decade since the IETF became an organized activity of the Internet Society. Given the changes in the world and the Internet in the intervening time, it is natural to reconsider how to most effectively organize and implement its administrative structure. The Internet Society Board of Trustees supports the IETF in this work, and has set aside funding for this purpose. Internet Society staff are prepared to help implement the changes required.

Aspects of the mutual relationship between the Internet Society and the IETF, such as the role of the Internet Society in the standards appeal process, the confirmation of the Internet Architecture Board (IAB) members by the Internet Society’s Board of Trustees, and four members of the Internet Society’s Board of Trustees being appointed by the IAB on the IETF’s behalf, are not subject to change.

Both the Internet Society and IETF will benefit from an updated administrative structure for the IETF that continues to provide a solid foundation for the development of open standards for the global Internet.

The post Continuing Support for the Work of the IETF appeared first on Internet Society.

0

Docker for Desktop is Certified Kubernetes

“You are now Certified Kubernetes.” With this comment, Docker for Windows and Docker for Mac passed the Kubernetes conformance tests. Kubernetes has been available in Docker for Mac and Docker for Windows since January, having first being announced at DockerCon EU last year. But why is this important to the many of you who are using Docker for Windows and Docker for Mac?

Kubernetes is designed to be a platform that others can build upon. As with any similar project, the risk is that different distributions vary enough that applications aren’t really portable. The Kubernetes project has always been aware of that risk – and this led directly to forming the Conformance Working Group. The group owns a test suite that anyone distributing Kubernetes can run, and submit the results for to attain official certification. This test suite checks that Kubernetes behaves like, well, Kubernetes; that the various APIs are exposed correctly and that applications built using the core APIs will run successfully. In fact, our enterprise container platform, Docker Enterprise Edition, achieved certification using the same test suite  You can find more about the test suite at https://github.com/cncf/k8s-conformance.

This is important for Docker for Windows and Docker for Continue reading

0

Datanauts 131: Masters And Mentorship

The post Datanauts 131: Masters Continue reading

0

History Of Networking – Tony Przygienda – History of BIER

---

 

---

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

The post History Of Networking – Tony Przygienda – History of BIER appeared first on Network Collective.