0

The Week in Internet News: IT Pros Know IoT Security Needs Work, But They Aren’t There Yet

What IoT security problem? Most IT professionals realize the Internet of things poses some security risks, but less than a third of them actively monitor for third-party IoT security problems, according to a survey detailed at ZDNet. More than a third of those surveyed said that nobody in their organization is responsible for reviewing the risk-management policies of their IoT vendors.

Some security risks, only faster: Meanwhile, the European Union Agency for Network and Information Security is warning organizations that 5G mobile service may bring the same security risks as earlier mobile standards have. Known flaws in SS7 and Diameter, the signaling protocols used in 2G, 3G, and 4G, could end up in 5G, and allow traffic to be eavesdropped or spoofed, reports ARN.

Community broadband for net neutrality: The American Civil Liberties Union is urging U.S. cities to build their own broadband networks as a way to protect net neutrality principles, now that the Federal Communications Commission has repealed its related regulations. The Hill has a story. Many small U.S. cities are already building their own, in an effort to provide faster or cheaper service than commercial providers, Governing Magazine says.

Fake news in the news: Malaysia Continue reading

0

The Future is Containerized

Last week I announced my departure from VMware, and my intention to step away from VMware’s products and platforms to focus on a new technology area moving forward. Today marks the “official” start of a journey that’s been building for a couple years, a journey that will take me into a future that’s containerized. That journey starts in Seattle, Washington.

Why Seattle, Washington? Because that’s where Heptio is based, and because today I am joining Heptio as a senior member of the field engineering team to help drive the adoption of Kubernetes across the industry. Only a couple of folks guessed that I was headed to Heptio. If you were one of those folks, you guessed correctly!

Two questions are probably rolling around in your head right now:

1. Why Kubernetes?
2. Why Heptio?

Good questions!

It’s clear to me that containers will have a significant impact on how we as IT professionals will develop, deploy, upgrade, and manage applications. It’s also clear to me that when it comes to orchestrating containers, Kubernetes is the clear leader. So, if I accept that containers are going to be a significant part of IT moving forward, then it logically follows that Kubernetes is Continue reading

0

IPv4 Subnetting Best Practices

0

IPv4 Subnetting Best Practices

0

Why the crypto-backdoor side is morally corrupt

Crypto-backdoors for law enforcement is a reasonable position, but the side that argues for it adds things that are either outright lies or morally corrupt. Every year, the amount of digital evidence law enforcement has to solve crimes increases, yet they outrageously lie, claiming they are "going dark", losing access to evidence. A weirder claim is that  those who oppose crypto-backdoors are nonetheless ethically required to make them work. This is morally corrupt.

What I am saying is that those arguing that we should reject third-party access out of hand haven’t carried their research burden. ... There are two reasons why I think there hasn’t been enough research to establish the no-third-party access position. First, research in this area is “taboo” among security researchers. ... the second reason why I believe more research needs to be done: the fact that prominent non-government experts are publicly willing to try to build secure third-party-access solutions should make the information-security community question the consensus view. 

0

Welcoming Cisco to disaggregation

Earlier this week, Cisco announced that they will be offering a disaggregated solution with their Cisco IOS XR and Nexus operating systems (1). It’s true, the same organization that claimed to have killed white-box networking is jumping on the bandwagon three years later.

Open networking is no longer just the future

It’s now a requirement in today’s innovative data centers. Cumulus was founded on the notion that the future of data center networking is disaggregation, that the industry should be open and that innovation will only prevail when open networking does. The fact that one more incumbent vendor has acknowledged this notion about where the industry is headed only validates our vision. The future of networking truly is here, and we welcome Cisco to the club — really!

In the last few years, and even last several months, we’ve seen open networking takeoff. From the moment we helped bring ONIE to the market back in 2013, we knew things were going to change in the industry. Since then, we’ve seen the list of participating hardware vendors grow like crazy and our customer base grow with them. We’ve seen web-scale companies like Facebook, Google, LinkedIn and more contribute to the Continue reading

0

Announcing 1.1.1.1: the fastest, privacy-first consumer DNS service

0

Introducing DNS Resolver, 1.1.1.1 (not a joke)

0

Security: Mitigating Spectre on Older Intel CPUs

I suspect all of my readers are well aware of the Spectre exploit affecting, among others, Intel CPUs going back many years. Intel for their part, after a few missteps, have issued microcode updates for more recent CPUs. But for those of us with computers running older CPUs, the solutions are less likely to be forthcoming. Thankfully there is a solution.

 

Branch Prediction and Speculative Execution

The Spectre exploit affects processors which perform branch prediction, a kind of optimistic lookahead where the processor prepares and executes a potential instruction before it is actually requested. For example, if the processor encounters conditional code (like and if..then..else construct), based on previous behavior it predicts what the most likely outcome is and thus which branch of code would be executed as a result, then loads and executes that code in advance (hence “speculative execution”). If the branch prediction is correct, then since the code was already executed the code will benefit from improved performance. Spectre abuses some predictable timing behavior of the speculative execution to be able to extract other processes’ data from the CPU caches. In other words, it’s bad news for security.

The only way to restore security Continue reading

0

Welcome, Luxembourg City and Chișinău! Cloudflare Global Network Spans 151 Cities

0

OpenContrail & dNOS Join The Linux Foundation, Get New Names

Juniper's OpenContrail and AT&T's dNOS projects have joined the Linux Foundation and gotten new names. Should you care? Yes, a little bit.

0

Wireless Thoughts From Aruba Atmosphere

I just got back from Aruba Atmosphere this week and I thought it would be a good chance to go over some of the cool stuff that I saw there.

• Rasa is now Aruba NetInsights. That platform is going to be a big one for Aruba in the future. There’s a lot of information that is being gleaned from installations and it’s fueling some hard looks at best practices and such. Also funny that it’s being installed primarily in university campuses to profile coverage and client capabilities. Those are usually pretty hostile environments for users and administrators alike.
• The security pieces that were shown off were also very interesting. The idea of port profiles has always made me a bit skeptical, but the way that Aruba is doing actual traffic profiling makes me think they have it this time. It’s also really cool that it can be done with non-managed devices in the middle. I think the key is that Aruba is doing actual traffic profiling instead of just looking at the basics behind the packets, like ports or VLANs. Real, automatic port security could be a huge win for places that need on-the-fly access to rapidly changing conditions. Like, Continue reading

0

Link Propagation 112

Welcome to Link Propagation, a Packet Pushers newsletter. Link Propagation is included in your free membership. Each week we scour the InterWebs to find the most relevant practitioner blog posts, tech news, and product announcements. We drink from the fire hose so you can sip from a coffee cup. Blogs The problem of unpredictable interface […]

0

Why Does Training Your Employees Matter?

In today’s competitive job market, many employers find themselves asking the question “How do I keep my employee’s satisfied?”

What’s the Secret to Retaining Top Talent?

We’ve all heard that the job market is changing. With millennial’s making up a third of the workforce and growing, according to Forbes Magazine, it’s becoming increasingly common for individuals to jump from job to job and even switch industries. In the midst of this change, many employers may wonder if training employees is a waste of time. Why would you want to spend valuable resources training someone who is just going to leave in a couple of years?

What if I were to tell you that the secret to keeping talent is fueling it, enabling your employees to learn and grow by providing them with training opportunities.

We’re Biologically Wired to Learn

As humans, we crave learning. It’s an innate survival instinct that despite our modern way of life still prevails. Whether you know it or not, your employees are already learning in the workplace every day. They’re learning about job skills, company policies and procedures, company values and colleagues, just to name a few. Why not extend this learning culture to Continue reading

0

Oriental Lantern

0

Connecting 500K Bolivians to a National Research and Education Network

As players in the development of the Internet in the world, the academic and scientific communities of the five continents have made important efforts to establish National Research and Education Networks (NRENs) to interconnect universities and research centers to exchange information at a regional level. Examples of these networks are GÉANT in Europe, Internet 2 in the United States, and RedCLARA (Latin American Cooperation of Advanced Networks) in the Latin American region.

The Bolivian academic sector is made up of more than 60 universities with half a million students and 20,000 teachers. Unfortunately Bolivia is the only country that is not connected to RedCLARA. Bolivia not only lacks connection with any NREN, but also has not managed to constitute its own National Academic Scientific Network. Since 2002, several attempts have been made, involving more than 30 universities in the country. As a result, the statutes and regulations of the Bolivian Integration Academic Network (RIAB) have been drafted.

The project Red Academica Boliviana, led by the Internet Society Bolivia Chapter and supported by Beyond the Net Funding Programme, has a long-term goal: to lay the foundations that will strengthen the development of research and education in Bolivia through the Continue reading

0

Microsoft CEO Satya Nadella ‘Embraces’ Cloud, Edge as the Future

Microsoft will form two new business units, one focused on end-user “experience and devices” and a second on cloud and AI.

0

CenturyLink Trials NFV Startup NetElastic’s Software

NetElastic’s software is tailored to telecom operators, not enterprises, and can scale quickly to handle networks with terabits of traffic.

0

SDxCentral’s Weekly Roundup — March 30, 2018

TM Forum and the Linux Foundation team up for APIs; Ericsson and Ambra Solutions build underground LTE network; Dell Technologies takes a step further to connected vehicles.

0

2,600 meters closer to the stars: Cloudflare Data Center #149 in Bogotá, Colombia