ZModem over amateur radio

While I have built a file transfer protocol for AX.25, I also wanted to try old BBS era protocols. They’re more tested and standardized.

The easiest way is probably to take lrzsz and let it talk over AX.25 connected sockets. Ideally socat should be enough, but it seems that it does not support AX.25.

That’s actually fine, because ideally I want to run on my authenticated wrapped AX.25 (while encryption, obscuring the meaning, is banned, signatures are not).

So I had to make an adapter that bridges stdin/stdout to AX.25. Simple enough.

The setup is two Kenwood TH-D74s, set up the same way as before, in 9600bps.

D74 -> rfcomm -> kissattach -> axpipe -> socat -> lrzsz

The D74 is a great radio. It has the best text entry, menu system, and APRS support of any handheld radio I’ve seen, and it also has a built-in TNC (“modem”) that works both in 1200bps and 9600bps.

First, just for fun, let’s try YModem.

YModem

socat EXEC:'sz --ymodem axpipe.cc' EXEC:'./axpipe -r radio1 -l 0'
socat EXEC:'rz --ymodem -t 100'    EXEC:'./axpipe -r radio6 -s M6VMB-12 -c M0THC-1'

On ARM and RISC-V I Continue reading

Cloudflare’s view of Internet disruptions in Pakistan

On Tuesday, May 9, Imran Khan, former Prime Minister of Pakistan was arrested on corruption charges. Following the arrest, violent protests erupted in several cities, leading the government of Pakistan to order the shutdown of mobile Internet services, as well as the blocking of several social media platforms. Below, we examine the impact of these shutdowns at a national and local level, as seen through Cloudflare traffic data. In addition, we illustrate how Pakistanis appear to be turning to Cloudflare’s 1.1.1.1 resolver in an attempt to maintain access to the open Internet.

General traffic trends

Since Tuesday, May 9, peak traffic levels aggregated at a country level (as measured by HTTP request volume) have been declining, down nearly 30% during the first several days of the mobile Internet shutdowns. The lowest traffic levels (nadirs of the graph) have also declined, dropping by as much as one-third as well. In the sections below, we drill down into this traffic loss, looking at outages at a network level, and the impact of those outages at an administrative unit and city level.

The mobile network shutdowns have also impacted the profile of traffic that Cloudflare sees from Pakistan. In Continue reading

Heavy Networking 679: Mountaintop Networking And Long-Haul Wireless

Heavy Networking 679: Mountaintop Networking And Long-Haul Wireless

Today's Heavy Networking explores the challenges Wireless ISPs (WISPs) face when bringing services to locations without a lot of fiber in the ground. Those challenges include lining up radio antennas, maintaining mountaintop gear, wild horses, network and routing designs, and more. Our guest is Bradley Thompson, Senior Network Engineer at SkyFiber Internet.

The post Heavy Networking 679: Mountaintop Networking And Long-Haul Wireless appeared first on Packet Pushers.

How to integrate Calico Image Scanner with Argo CI/CD

In today’s fast-paced software development environment, developers often use common public libraries and modules to quickly build applications. However, this presents a significant challenge for DevOps teams who must ensure that these applications are safe to use. As organizations move towards dynamic models of software development that rely on Continuous Integration and Continuous Deployment, the responsibility for deploying secure applications has shifted from traditional security teams to development teams.

To address this challenge, I will provide general guidelines on how to integrate the Calico Image Scanning feature into a CI/CD pipeline, using Argo. This will help ensure that images are built safely and free from Common Vulnerabilities and Exposures (CVEs). In this blog post, we will use a Kubernetes validating webhook configuration to attach a Calico Cloud admission controller that can accept or reject certain actions on resources, such as the creation of pods. This will prevent the deployment of images that contain known CVEs, thus strengthening the overall security of your software development process.

Overall Architecture

The building blocks to use Argo as an example of this integration are below:

Relevant Calico configuration

Before even committing changes to our application, we must setup the Calico Admission Controller within our Continue reading

The Roads To Zettascale And Quantum Computing Are Long And Winding

In the United States, the first step on the road to exascale HPC systems began with a series of workshops in 2007. …

The Roads To Zettascale And Quantum Computing Are Long And Winding was written by Jeffrey Burt at The Next Platform.

Aruba Isn’t A Wireless Company (Any More)

Remember when Aruba was a wireless company? I know it sounds like something that happened 40 years ago but the idea that Aruba only really made wireless access points and some campus switches to support them isn’t as old as you think. The company, now known as HPE Aruba Networking (née Aruba, a Hewlett Packard Enterprise Company), makes more than just Wi-Fi gear. Yet the perception of the industry is that they’re still a wireless company looking to compete with the largest parts of the market.

Branching Out of Office

This year’s Aruba Atmopshere showed me that Aruba is trying to do more than just campus wireless. The industry has shifted away from just providing edge connectivity and is now focused on a holistic lineup of products that are user-focused. You don’t need to go much further than the technical keynote on the second day of the conference to see that. Or the Networking Field Day Experience videos linked above.

Do you know what Aruba wanted to showcase?

• Campus Switches
• Data Center Switches
• Private 5G/LTE
• SASE/SSE
• IoT
• Cloud-Enabled Management

You know what wasn’t on that list? Access points. For a “wireless” company that’s a pretty glaring omission, right? I think Continue reading

Technology Short Take 168

Welcome to Technology Short Take #168! Although this weekend is (in the US, at least) celebrated as Mother’s Day weekend—don’t forget to call or visit your mom!—I thought you all might want some light weekend reading. I’m here to help, after all. To that end, here’s the latest Technology Short Take, with links to a variety of articles in various disciplines. Enjoy!

Networking

• Ivan Pepelnjak has been on a bit of a DHCP relaying kick. He’s recently published articles on DHCP relaying in VXLAN segments, DHCP relaying in EVPN VRFs, and most recently DHCP relaying with redundant DHCP servers.
• William Collins has a two-part series on site-to-site VPN with AWS. In part 1, Collins shows how VPN connections directly to VPCs don’t scale (both bandwidth-wise and operationally). In part 2, Collins shows how Transit VPC and Transit Gateway address scaling concerns.
• Daryll Swer talks about BGP zombie routes on JunOS.
• One notable challenge with Kubernetes is handling traffic outbound from the cluster and securing (or controlling) that traffic. Aadhil Abdul Majeed with Tigera reviews how using Calico Egress gateway and access controls enables users/operators to secure this outbound traffic.

Security

• Via Russ White, I came across an Continue reading

How to Put Your ‘Carbonivore’ Data Center on a Diet

Magic in minutes: how to build a ChatGPT plugin with Cloudflare Workers

Today, we're open-sourcing our ChatGPT Plugin Quickstart repository for Cloudflare Workers, designed to help you build awesome and versatile plugins for ChatGPT with ease. If you don’t already know, ChatGPT is a conversational AI model from OpenAI which has an uncanny ability to take chat input and generate human-like text responses.

With the recent addition of ChatGPT plugins, developers can create custom extensions and integrations to make ChatGPT even more powerful. Developers can now provide custom flows for ChatGPT to integrate into its conversational workflow – for instance, the ability to look up products when asking questions about shopping, or retrieving information from an API in order to have up-to-date data when working through a problem.

That's why we're super excited to contribute to the growth of ChatGPT plugins with our new Quickstart template. Our goal is to make it possible to build and deploy a new ChatGPT plugin to production in minutes, so developers can focus on creating incredible conversational experiences tailored to their specific needs.

How it works

Our Quickstart is designed to work seamlessly with Cloudflare Workers. Under the hood, it uses our command-line tool wrangler to create a new project and deploy it to Workers.

Continue reading

How Pingora keeps count

A while ago we shared how we replaced NGINX with our in-house proxy, Pingora. We promised to share more technical details as well as our open sourcing plan. This blog post will be the first of a series that shares both the code libraries that power Pingora and the ideas behind them.

Today, we take a look at one of Pingora’s libraries: pingora-limits.

pingora-limits provides the functionality to count inflight events and estimate the rate of events over time. These functions are commonly used to protect infrastructure and services from being overwhelmed by certain types of malicious or misbehaving requests.

For example, when an origin server becomes slow or unresponsive, requests will accumulate on our servers, which adds pressure on both our servers and our customers’ servers. With this library, we are able to identify which origins have issues, so that action can be taken without affecting other traffic.

The problem can be abstracted in a very simple way. The input is a (never ending) stream of different types of events. At any point, the system should be able to tell the number of appearances (or the rate) of a certain type of event.

In a simple example, colors are Continue reading

Hedge 178: Defined Trust Transport with Kathleen Nichols

The Internet of Things is still “out there”—operators and individuals are deploying millions of Internet connected devices every year. IoT, however, poses some serious security challenges. Devices can be taken over as botnets for DDoS attacks, attackers can take over appliances, etc. While previous security attempts have all focused on increasing password security and keeping things updated, Kathleen Nichols is working on a new solution—defined trust transport in limited domains.

Join us on for this episode of the Hedge with Kathleen to talk about the problems of trusted transport, the work she’s putting in to finding solutions, and potential use cases beyond IoT.

download

You can find Kathleen at Pollere, LLC, and her slides on DeftT here.

Weekend Reads 051223

Cybersecurity researchers have uncovered weaknesses in a software implementation of the Border Gateway Protocol (BGP) that could be weaponized to achieve a denial-of-service (DoS) condition on vulnerable BGP peers.

Enter OpenTelemetry, which provides a vendor-neutral standard for telemetry data, as well as the necessary tools to collect and export data from cloud-native applications.

DevEx drives business performance through increased efficiency, product quality, and employee retention.

Last January, thousands of users of two popular open source libraries, “faker” and “colors,” were shocked to see their applications breaking and showing gibberish data after being infected with a malicious package.

Netskope, a leader in Secure Access Service Edge (SASE), today unveiled new research confirming that attackers are finding new ways to evade detection and blend in with normal network traffic using HTTP and HTTPS to deliver malware.

In keeping with WhoisXML API’s mission to make the Internet a transparent and safe place for users, we expanded the list of IoCs in hopes of identifying social media pages that could already be serving or used to serve as fraud vehicles.

According to research carried out across a sample of over failed 17,000 hard drives, the failure occurred after only two years and 6 months. Continue reading

Video: Kubernetes Container Networking Interface (CNI)

Ready for more Kubernetes details? How about Container Networking Interface (CNI) described by Stuart Charlton as part of Kubernetes Networking Deep Dive webinar?

Notes:

• You REALLY SHOULD watch Kubernetes SDN architecture and Sample Kubernetes SDN Implementations videos first
• The video (and a large portion of Kubernetes Networking Deep Dive webinar) is available with Free ipSpace.net Subscription.

Video: Sample Kubernetes SDN Implementations

Read for more Kubernetes details? How about Container Networking Interface (CNI) described by Stuart Charlton as part of Kubernetes Networking Deep Dive webinar?

Notes:

• You REALLY SHOULD watch Kubernetes SDN architecture and Sample Kubernetes SDN Implementations videos first
• The video (and a large portion of Kubernetes Networking Deep Dive webinar) is available with Free ipSpace.net Subscription.

Taking advantage of the grep command’s many options

The grep command makes it easy to find strings in text files on Linux systems, but that's just a start. It can be used to search through these files for multiple strings or regular expressions at the same time. It can also ignore case when needed, and it can count the lines in the resulting output for you. This post shows how to use grep in all these ways.Basic grep The simplest grep command looks like the one shown below. This "find string in file" command will show all the lines in the file that contain the string, even when that string is only part of a longer one.$ grep word story The wording suggests there was more to the story than anyone wanted to admit. The sword had been left behind the shed. It was several days before it was Finding multiple strings There are a number of ways to search for a group of strings in a single command. In the command below, the '|' character serves as an "or" function. The command will display any lines in the file that contain the word "xray", the word "tape" or both.To read this article in full, Continue reading

Taking advantage of the grep command’s many options

The grep command makes it easy to find strings in text files on Linux systems, but that's just a start. It can be used to search through these files for multiple strings or regular expressions at the same time. It can also ignore case when needed, and it can count the lines in the resulting output for you. This post shows how to use grep in all these ways.Basic grep The simplest grep command looks like the one shown below. This "find string in file" command will show all the lines in the file that contain the string, even when that string is only part of a longer one.$ grep word story The wording suggests there was more to the story than anyone wanted to admit. The sword had been left behind the shed. It was several days before it was Finding multiple strings There are a number of ways to search for a group of strings in a single command. In the command below, the '|' character serves as an "or" function. The command will display any lines in the file that contain the word "xray", the word "tape" or both.To read this article in full, Continue reading

Multivendor 5G network slicing test claims 70% gain in deployment speeds

A group of about a dozen vendors announced this week that a test program for 5G network slicing had achieved 70% gains in the time required to programmatically create a network slice, marking a major step forward in the development of private 5G for enterprise users.A network “slice,” as it’s called, is essentially a logically distinct subnetwork in a 5G deployment that can be used for a variety of purposes to maximize bandwidth use and provide on-demand 5G services to users. The basic idea is that automation in the 5G core can apply a layer of virtualization to wireless networks, letting a service provider “slice” off parts of its available spectrum and provide them to a customer as a discrete network.To read this article in full, please click here

When Push Comes To Shove, Google Invests Heavily In GPU Compute

A year ago, at its Google I/O 2022 event, Google revealed to the world that it had eight pods of TPUv4 accelerators, with a combined 32,768 of its fourth generation, homegrown matrix math accelerators, running in a machine learning hub located in its Mayes County, Oklahoma datacenter. …

When Push Comes To Shove, Google Invests Heavily In GPU Compute was written by Timothy Prickett Morgan at The Next Platform.

Tigera named as one of Forbes America’s Best Startup Employers in 2023

We are proud to announce that we have been named one of America’s Best Startup Employers 2023 by Forbes!

The Forbes list of America’s Best Startup Employers 2023 was compiled by evaluating 2,600 companies with at least 50 employees in the United States. All of the companies considered were founded between 2013 and 2020, from the ground up, and were not spin-offs of existing businesses. Just like other Forbes lists, businesses cannot pay to be considered. Evaluation was based on three criteria: employer reputation, employee satisfaction, and growth.

Great Place to Work 2022

Inclusion in Forbes’ list comes after we were proudly certified as a Great Place to Work in 2022.

The Great Place to Work Certification recognizes employers that create an exceptional employee experience. The certification process involves surveying employees and the employer, and rankings are based on employee feedback and independent analysis. This means job searchers can rely on the certification to help them determine whether an organization is truly a great place to work.

Go Tigers!

Our core values are the foundation of everything we do. Tigera believes in a collaborative, flexible work environment built on mutual respect and commitment. We are delighted to hear that our Continue reading