Striking Practical Computational Balance

The phenomenal complexity of computing is not decreasing. Charts of growth, investment and scale continue to follow a logarithmic curve.

But how is computational balance to be maintained with any level of objectivity under such extreme circumstances? How do we plan for this known, and yet highly unknown challenge of building balanced systems to operate at scale? The ever more bewildering set of options (e.g. price lists now have APIs) may, if not managed with utmost care, result in chaos and confusion.

This first in a series of articles will set some background and perspective on the

Striking Practical Computational Balance was written by James Cuff at The Next Platform.

7 transportation IoT predictions from Cisco

Cisco is one of the biggest proponents — and potential beneficiaries — of the Internet of Things (IoT). The networking giant is pushing IoT solutions in a number of areas, not least of which is the transporation sector.To learn more about how the company sees the future of IoT playing out in the world of connected transporation, I spoke (via email) with Kyle Connor, Cisco’s transportation industry principal.Connor covered a lot of ground, but here are what I consider his seven most important points, along with my reactions to them:To read this article in full, please click here

Most powerful Internet of Things companies

Billions of devices, lots of opportunityImage by ThinkstockThe predictions are getting a bit lurid – the Internet of Things will expand to around 20 billion connected devices by 2020, according to Gartner. (Other estimates range as high as ten times that figure.) MarketsandMarkets says that the market will expand from $170 billion last year to over half a trillion dollars by 2022. So who will be the biggest players in this huge and growing market? Find out here. (Note: Companies are listed in alphabetical order.) To read this article in full, please click here

The Week in Internet News: Blockchain Fights Slavery in the Seafood Industry

Blockchain vs. slavery: Provenance, a London NGO, is using Blockchain to add transparency to seafood supply chains, in an effort to reduce the practice of slavery in the seafood industry in Southeast Asia. Blockchain can create end-to-end traceability for seafood products by storing data on all kinds of transactional history. This can help NGOs track suppliers using slaves and abusive employment practices, reports Forbes.

AI joins the HR team: Artificial Intelligence may soon be assisting human resources departments, Inc. reports. Spoke, an AI startup, learns information about the deploying company and answers worker questions through a chatbot. Companies installing Spoke can program it with answers to the most-asked employee questions, but then the service can learn more about the company as time goes on. The Spoke software can also handle meeting room requests and equipment reservations, and it can prioritize IT requests.

The dark side of AI: Many AI experts are concerned about its malicious uses, including the sci-fi sounding scenarios of swarms of micro drones and autonomous weapons. Using AI to automate security tasks could also expand existing surveillance, persuasion, and deception threats, according to a new report, detailed on CNBC.com and in Motherboard.

Can SIM cards improve Continue reading

An Adaptive Approach to Bursting HPC to the Cloud

The HPC field hasn’t always had the closest of relationships with the cloud.

Concerns about the performance of the workloads on a hypervisor running in the cloud, the speed of the networking and capacity of storage, the security and privacy of the research data and results, and the investments of millions of dollars already made to build massive on-premises supercomputers and other systems can become issues when considering moving applications to the cloud.

However, HPC workloads also are getting more complex and compute-intensive, and demand from researchers for more compute time and power on those on-premises supercomputers is growing. Cloud

An Adaptive Approach to Bursting HPC to the Cloud was written by Jeffrey Burt at The Next Platform.

Using Cloudflare Workers to identify pwned passwords

Using Cloudflare Workers to identify pwned passwords

Last week Troy Hunt launched his Pwned Password v2 service which has an API handled and cached by Cloudflare using a clever anonymity scheme.

The following simple code can check if a password exists in Troy's database without sending the password to Troy. The details of how it works are found in the blog post above.

use strict;
use warnings;

use LWP::Simple qw/$ua get/;
$ua->agent('Cloudflare Test/0.1');
use Digest::SHA1 qw/sha1_hex/;

uc(sha1_hex($ARGV[0]))=~/^(.{5})(.+)/;
print get("https://api.pwnedpasswords.com/range/$1")=~/$2/?'Pwned':'Ok', "\n";

It's just as easy to implement the same check in other languages, such as JavaScript, which made me realize that I could incorporate the check into a Cloudflare Worker. With a little help from people who know JavaScript far better than me, I wrote the following Worker:

addEventListener('fetch', event => {
  event.respondWith(fetchAndCheckPassword(event.request))
})

async function fetchAndCheckPassword(req) {
  if (req.method == "POST") {
    try {
      const post = await req.formData()
      const pwd = post.get('password')
      const enc = new TextEncoder("utf-8").encode(pwd)

      let hash = await crypto.subtle.digest("SHA-1", enc)
      let hashStr = hex(hash).toUpperCase()
  
      const prefix = hashStr.substring(0, 5)
      const suffix = hashStr.substring(5)

      const pwndpwds = await fetch('https://api.pwnedpasswords.com/range/' + prefix)
      const t =  Continue reading

Anti-Automation from the Antimatter Universe

One of my readers sent me a vivid description of his interactions with one of the so-called next-generation firewall vendors. Enjoy!

We’re using their highly promoted Next Generation Firewall (NGFW) management solution. New cutting edge software, centralized manager… but no CLI for configuration (besides some initial bootstrap commands). "You don't need that because everything is managed from our centralized manager GUI", says $vendor sales managers.

Read more ...

Improving Routing Security: Introducing Six New MANRS Tutorials

Routing outages or attacks – such as hijacking, leaks, and spoofing – can lead to stolen data, lost revenue, reputational damage and more, all on a global scale. Routing security is therefore vital to the future and stability of the Internet, and the Mutually Agreed Norms for Routing Security (MANRS) initiative implements crucial fixes. Today, we are pleased to announce a series of six new MANRS tutorials that will help network operators improve both the Internet’s routing security and their own network’s operational efficiency.

These tutorials are intended for network administrators, network engineers, and others with a working knowledge of routing and security who are looking for steps to improve their network’s routing security and to join the growing list of MANRS participants.

About the Tutorials

Module 1: Introduction to MANRS

What is MANRS, and why should you join? MANRS is a global initiative to implement crucial fixes needed to eliminate the most common routing threats. In this module you will learn about vulnerabilities of the Internet routing system and how four simple steps, called MANRS Actions, can help dramatically improve Internet security and reliability.

Module 2: IRRs, RPKI, and PeeringDB

This module helps you understand the databases and repositories Continue reading

CI/CD For Networking Part 3

Gitlab is an open source platform for collaborating around code development that is managed via Git. Gitlab presents a nice and friendly web interface that makes it easy to view and track the changes made to a code base. Gitlab have a SAAS offering at https://gitlab.com and also release a...
1 1,720 1,721 1,722 1,723 1,724 3,851