My SDN Testbed

Over the next few articles, I will write about OpenFlow, Open vSwitch and other SDN related topics. As always, I'm combining the theory part with some hands-on practice and for this, I put this article together describing one way of building such a testing environment.

State Department turned off spam filters for Hillary Clinton

Former Secretary of State Hillary Clinton’s emails, those sent from her private home server – using Clintonemail.com – were being caught in the spam filter, so the State Department turned the filters off.Bob Gourley, former CTO for the Defense Intelligence Agency (DIA) told Fox News, “You're putting not just the Clinton server at risk but the entire Department of State emails at risk. When you turn off your defensive mechanisms and you're connected to the Internet, you're almost laying out the welcome mat for anyone to intrude and attack and steal your secrets.”To read this article in full or to leave a comment, please click here

State Department turned off spam filters for Hillary Clinton

Former Secretary of State Hillary Clinton’s emails, those sent from her private home server – using Clintonemail.com – were being caught in the spam filter, so the State Department turned the filters off.Bob Gourley, former CTO for the Defense Intelligence Agency (DIA) told Fox News, “You're putting not just the Clinton server at risk but the entire Department of State emails at risk. When you turn off your defensive mechanisms and you're connected to the Internet, you're almost laying out the welcome mat for anyone to intrude and attack and steal your secrets.”To read this article in full or to leave a comment, please click here

OpenSwitch Containers ♥ GNS3

OpenSwitchDocker

In one of my previous articles, I elaborated on a setup to create DC fabric simulations with GNS3 and OpenSwitch. I also promised to follow up with some post about using Ansible with it.

Well, I have been a bit distracted with some changes to the setup before moving into the Ansible details (to say true, I got the Ansible article almost ready, but things are moving so fast, that I keep rewriting it).

One of the things that ‘change everything’ recently was the release of GNS3 1.5. This is a great release that includes several features that makes using OpenSwitch with GNS3 awesome:

  • Support for Docker containers! This enables OpenSwitch to be a container instead of a VM, allowing to scale better:
    • This obviously consumes less RAM memory and use it more efficiently.
    • We are no longer limited to 8 ports per node (VirtualBox’s restriction), but instead we can have as many ports as you want. Even more, the OpenSwitch Appliance container will change the number of ports available, based on the GNS3 configuration.
  • Support for portable projects! Now you can export your project and shared it with others (restrictions apply).

Let’s see how to use this Continue reading

DNS Privacy

It seems that it's the season to consider "openess" in Internet Governance circles. The OECD has recently stated that: “the level of Internet openness will also affect the digital economy’s potential." And according to the Global Commission on Internet Governance (GCIG) “One Internet” report, an open and accessible Internet should generate several trillions of dollars a year in economic benefits. A fragmented Internet on the other hand would weigh on investment, trade and GDP, as well as on the right to free expression and access to knowledge.” It seems that the stakes are high when we consider Internet Openness. How well are we doing?

Amazing analysis of the Brexit with machine learning

So the UK has just given itself a national headache. Whether you think the Brexit was the right decision or a dangerous and unmitigated screw-up (as I do), the consequences of the referendum will be non-trivial and take years to complete. But the mechanics of the UK exiting the European Union aside, the question of how people now feel about the Brexit is interesting. Are they awash in jubilation or has buyer’s remorse set in? An intriguing post by MonkeyLearn attempts to answer this question by analyzing tweets and, as a bonus, provides tools that you might well find useful for similar exercises.First, let me explain what MonkeyLearn is: The service defines itself as a “[highly] scalable Machine Learning API to automate text classification.” To use MonkeyLearn you assemble your text data,  train and test a machine learning model with that data, then, using a custom API for your model, have your application code interact with the API to perform analysis and classification of new data. You can also provide your data to MonkeyLearn by pasting it into their Web interface or uploading CSV files or Excel spreadsheets.To read this article in full or to leave a Continue reading

Here’s how NASCAR is digitizing race day

When cars leave the starting line at Sonoma Raceway in California on Sunday for the start of the Toyota/Save Mart 350, they'll be taking part in the launch of a product designed to help NASCAR officials monitor and manage the 110-lap race.New race management software that NASCAR is launching on Sunday is designed to give officials a single screen to watch where cars are on the racetrack, manage penalties and share information with racing teams about what's going on.It arose from a partnership between NASCAR and Microsoft that started in 2014. It began with a mobile inspection app that let race officials see whether cars were in compliance with all the rules about how they have to be constructed.To read this article in full or to leave a comment, please click here

Should Microsoft release a successor to Surface 3?

Microsoft will stop manufacturing Surface 3 by the end of the year, which raises a big question: Will there be a Surface 4?The company has declined to say whether a Surface 4 will ever be released. But Microsoft says it saw strong demand for the Surface 3 tablet PC, so releasing a successor seems like a no-brainer.But the PC market is challenged. Upgrades have slowed down to every five or six years, and tablet shipments -- with the exception of 2-in-1s -- are declining. PC makers are already releasing innovative products that could be viable options to a Surface 3 successor.To read this article in full or to leave a comment, please click here

Researchers steal data from a PC by controllng the noise from the fans

Even the noise from your PC’s fans could be used to steal the data inside. Researchers in Israel have found a way to do just by hijacking the fans inside and manipulating the sounds they create.The research from Ben-Gurion University of the Negev shows how data could be stolen from “air-gapped” computers, which are not connected to the Internet.These air-gapped computers are isolated and typically contain the most sensitive information. To hack them, attackers typically need to gain physical access and install malware, possibly through a USB stick. To read this article in full or to leave a comment, please click here

Researchers steal data from a PC by controllng the noise from the fans

Even the noise from your PC’s fans could be used to steal the data inside. Researchers in Israel have found a way to do just by hijacking the fans inside and manipulating the sounds they create.The research from Ben-Gurion University of the Negev shows how data could be stolen from “air-gapped” computers, which are not connected to the Internet.These air-gapped computers are isolated and typically contain the most sensitive information. To hack them, attackers typically need to gain physical access and install malware, possibly through a USB stick. To read this article in full or to leave a comment, please click here

The ‘summer of AI’ is here, this startup chief says

Artificial intelligence is still surrounded by an aura of mystery, and it would be tough to find a better illustration than the story in the news last week about a British grandmother who includes "please" and "thank you" in all her Google searches."Please translate these roman numerals mcmxcviii thank you," read the search request from May Ashworth that ultimately went viral when her grandson tweeted it on Twitter."I thought, well somebody's put it in, so you're thanking them," Ashworth reportedly explained. "I don't know how it works, to be honest. It's all a mystery to me."To read this article in full or to leave a comment, please click here

IoT pioneer announces big contracts with the Department of State, energy leader ENGIE

Internet of Things platform supplier C3 IoT this week announced two sweeping contracts, one with ENGIE, a huge energy company in Europe, the other with the U.S. Department of State, adding to the eight-year-old company’s roster of big IoT wins. The Department of State is said to have signed a multi-year deal valued up to $25 million to use C3 IoT’s enterprise application development platform for a global energy management initiative.  C3 IoT will enable the Department of State to “gain dynamic, real-time operational insights and efficiencies by analyzing … data from enterprise and extra-prise systems and sensors across 22,000+ Department facilities in 190+ countries,” C3 IoT says.To read this article in full or to leave a comment, please click here

A Raspberry Pi 3 competitor will boast an SSD storage slot

You can't put SSDs on the Raspberry Pi 3, but a competitive board coming soon will have that option.The new MinnowMax Turbot Dual-E board will have an m.2 slot in which SSDs can be inserted. It's being made by ADI Engineering and will be released in the third quarter, according to a message on Twitter.The board's price wasn't immediately available.High-capacity SSD chips up to 512GB can be found on sites like NewEgg. But the MinnowMax board's SSD storage capacity will ultimately depend on the device's hardware specifications.To read this article in full or to leave a comment, please click here

Economical With The Truth: Making DNSSEC Answers Cheap

We launched DNSSEC late last year and are already signing 56.9 billion DNS record sets per day. At this scale, we care a great deal about compute cost. One of the ways we save CPU cycles is our unique implementation of negative answers in DNSSEC.

CC BY-SA 2.0 image by Chris Short

I will briefly explain a few concepts you need to know about DNSSEC and negative answers, and then we will dive into how CloudFlare saves on compute when asked for names that don’t exist.

What You Need To Know: DNSSEC Edition

Here’s a quick summary of DNSSEC:

This is an unsigned DNS answer (unsigned == no DNSSEC):

cloudflare.com.        299 IN  A   198.41.214.162
cloudflare.com.        299 IN  A   198.41.215.162

This is an answer with DNSSEC:

cloudflare.com.        299 IN  A   198.41.214.162
cloudflare.com.        299 IN  A   198.41.215.162
cloudflare.com.        299 IN  RRSIG   A 13 2 300 20160311145051 20160309125051 35273     cloudflare.com. RqRna0qkih8cuki++YbFOkJi0DGeNpCMYDzlBuG88LWqx+Aaq8x3kQZX TzMTpFRs6K0na9NCUg412bOD4LH3EQ==

Answers with DNSSEC contain a signature for every record type that is returned. (In this example, only A records are returned so there is only one signature.) The signatures allow Continue reading