RPKI ARIN Agreement Update

In December of 2014 I wrote an article about  a legal agreement that was discouraging network operators from implementing an important Internet security function.  I am happy to report, the situation has improved: ARIN no longer requires operators explicitly accept a click-through agreement in order to access the Trust Anchor Locator (TAL). Resource Public Key […]

The post RPKI ARIN Agreement Update appeared first on Packet Pushers.

RPKI ARIN Agreement Update

In December of 2014 I wrote an article about  a legal agreement that was discouraging network operators from implementing an important Internet security function.  I am happy to report, the situation has improved: ARIN no longer requires operators explicitly accept a click-through agreement in order to access the Trust Anchor Locator (TAL). Resource Public Key […]

The post RPKI ARIN Agreement Update appeared first on Packet Pushers.

Reaction: BGP convergence, divergence & the ‘net

Let’s have a little talk about BGP convergence.

We tend to make a number of assumptions about the Internet, and sometimes these assumptions don’t always stand up to critical analysis. . . . On the Internet anyone can communicate with anyone else – right? -via APNIC

Geoff Huston’s recent article on the reality of Internet connectivity—no, everyone cannot connect to everyone—prompted a range of reactions from various folks I know.

For instance, BGP is broken! After all, any routing protocol that can’t provide basic reachability to every attached destination must be broken, right? The problem with this statement is it assumes BGP is, at core, a routing protocol. To set the record straight, BGP is not, at heart, a routing protocol in the traditional sense of the term. BGP is a system used to describe bilateral peering arrangements between independent parties in a way that provides loop free reachability information. The primary focus of BGP is not loop free reachability, but policy.

After all, BGP convergence is a big deal, right? Part of the problem here is that we use BGP as a routing protocol in some situations (for instance, on data center fabrics), so we have a hard time adjusting our thinking Continue reading

French legislators want to compel companies to decrypt data, because terrorism

Legislators in France are trying to make the U.S. Federal Bureau of Investigation jealous of its French counterparts.The poor old FBI has to rely on a loosely drafted law two centuries old in its effort to compel Apple to help it unlock data held in a dead terrorist's smartphone.In France, refusing to hand over encrypted information in terrorism cases could lead to a fine of €350,000 (US$385,000) and five years in prison, under proposed legislation.To read this article in full or to leave a comment, please click here

Cisco containing clouds, enterprises

Cisco will soon unveil a container “stack” for developers of cloud applications and services, and expects to have one for enterprises over time as well. The Cloud Native Platform will emerge in April, according to Yvette Kanouff, Cisco senior vice president and general manager, Cloud Solutions. It will be delivered as a SaaS model with continuous integration/continuous delivery, and include containerized automated infrastructure as its base, policy-based management and orchestration as a middle layer, and analytics, development tools, and initial hybrid cloud applications in its framework.To read this article in full or to leave a comment, please click here

Seagate reveals world’s fastest SSD

Seagate today announced what it's calling the world's fastest enterprise-class, solid-state drive (SSD), one that can transfer data at rates up to 10 gigabytes per second (GBps), some 6GBps faster than its previously fastest SSD.While there were no specifics with regard to the SSD's read/write rates, capacities or pricing, the company did say the new drive meets the Open Compute Project (OCP) specifications. The OCP was launched in 2011 to allow the sharing of data center designs among IT vendors -- including Facebook, Intel, Apple, and Microsoft -- as well as financial services companies such as Bank of America and Fidelity.To read this article in full or to leave a comment, please click here

MapR delivers support for containers, security

MapR Technologies today announced the general availability of the MapR Converged Data Platform, which brings Hadoop together with Spark, Web-scale storage, NoSQL and streaming capabilities in a unified cluster, designed to support customers deploying real-time global data applications. The Converged Data Platform features security, data governance and performance features enhancements built to meet enterprise requirements, and adds support for containers, including persistent storage and integrated resource management. + ALSO ON NETWORK WORLD MapR Aims to Take SQL-on-Hadoop to Next Level +To read this article in full or to leave a comment, please click here

IoT makes security and privacy top challenges for wearables

From fitness trackers to connected headwear for soldiers on the battlefield, wearable devices stand as one of the fastest-growing segments of the tech industry.[ Related: Consumers are buying millions and millions of wearable devices ]But with those always-on devices come a slew of considerations for policy makers, in particular the concern that device manufacturers aren't implementing appropriate security and privacy measures.Those worries got an airing at a recent House hearing, where industry witnesses urged lawmakers to tread lightly before developing stringent new privacy rules, while at the same time acknowledging that device and application makers need to be vigilant in how they are handling the data collected from users.To read this article in full or to leave a comment, please click here

Performance Tuning Apache Storm at Keen IO


Hi, I'm Manu Mahajan and I'm a software engineer with Keen IO's Platform team. Over the past year I've focused on improving our query performance and scalability. I wanted to share some things we've learned from this experience in a series of posts.

Today, I'll describe how we're working to guarantee consistent performance in a multi-tenant environment built on top of Apache Storm.

tl;dr we were able to make query response times significantly more consistent and improve high percentile query-duration by 6x by making incremental changes that included isolating heterogenous workloads, making I/O operations asynchronous, and using Storm’s queueing more efficiently.

High Query Performance Variability

Keen IO is an analytics API that allows customers to track and send event data to us and then query it in interesting ways. We have thousands of customers with varying data volumes that can range from a handful of events a day to upwards of 500 million events per day. We also support different analysis types like counts, percentiles, select-uniques, funnels, and more, some of which are more expensive to compute than others. All of this leads to a spectrum of query response times ranging from a few milliseconds to a few minutes.

The Continue reading

Privacy groups want rules for how ISPs can track their customers

Some Internet service providers are building powerful tools to track customers, and the U.S. Federal Communications Commission needs to step in, privacy advocates say.Some privacy advocates are calling on the FCC to create new regulations that limit how ISPs can track their customers across the Internet. The agency could release a proposal for ISP privacy rules as soon as this month, FCC Chairman Tom Wheeler said last week.Some ISPs are deploying "invasive and ubiquitous" tracking practices as a way to deliver targeted advertising to customers, 12 privacy groups said in a letter to the FCC this week. In recent years, large ISPs like Comcast and Verizon have entered into advertising partnerships or launched their own advertising services that take advantage of ISP customer data, the letter said.To read this article in full or to leave a comment, please click here

Google offers app to help companies assess their vendors’ security

Google has published an interactive questionnaire that companies can use to assess the security practices of their suppliers or to review and improve their own security programs.The Vendor Security Assessment Questionnaire (VSAQ) is a Web-based application and was released under an open-source license on GitHub. It contains a collection of questionnaires that Google itself uses to review multiple aspects of a vendor's security.The application has templates for Web application security, infrastructure security, physical and data center security and an organization's overall security and privacy program. The questions cover everything from whether the vendor has processes in place for external researchers to report vulnerabilities to HTTPS implementation details and internal data handling policies.To read this article in full or to leave a comment, please click here

Worth Reading: Mobile is not everything

The industry is now maturing, and is well past its glory days of early growth. We have 4G widely deployed, and 5G is in the wings. Both are incremental rather than revolutionary changes. The retail market for “minutes, messages and megabytes” is saturating. . . . The high revenue and profit growth has shifted to devices (notably Apple’s) and online services (Google, Amazon, Alibaba, et al). The centre of power has inexorably moved towards platforms that manage and mine the flow of information. -via CircleID

LinkedInTwitterGoogle+FacebookPinterest

The post Worth Reading: Mobile is not everything appeared first on 'net work.

Multi-factor authentication goes mainstream

Fingerprints, rather than passwords, are what more than a million financial services customers at USAA use to get online. Part of a trend toward multi-factor authentication (MFA), there is no stored list of passwords for hackers to steal.In 2014, San Antonio-based USAA became the first financial institution to roll out facial and voice recognition on a mobile app, says Gary McAlum, USAA's chief security officer. Thumbprint recognition followed a few months later. A year after that, USAA had 1.1 million enrolled MFA users, out of a target population of 5 million mobile banking app users.To read this article in full or to leave a comment, please click here(Insider Story)

Reviewing incident response plans for data risk preparedness

Incident response plan reviews are growing in importance with the rapidly increasing numbers and types of information security incidents that enterprises must face. The enterprise must approach these reviews with a view toward effective event response.Yet more than one-quarter of IR professionals (26 percent) are dissatisfied with their current organization’s IR capabilities, calling them ineffective, according to a SANS Institute survey on the state of IR. After initial plan creation, the review is the opportunity to correct that ineffectiveness.To read this article in full or to leave a comment, please click here(Insider Story)

China is working on a big data Minority Report system

Think there’s a limit to how far countries can go to monitor their citizens? Think again. China’s new plan to create software to track a wide variety of data to predict who might commit terrorist acts pushes the envelop into the realm of science fiction, a la Minority Report.Last December, I wrote about China's planned Social Credit System, which takes invasion of privacy to terrifying new levels by going well beyond Western-style credit scores to create a mandatory scheme to "rate the trustworthiness of citizens in all facets of life, from business deals to social behavior,” according to the New Republic. The national database will combine records of Internet data with financial information and government data into a score designed to determine eligibility for all kinds of things, including credit, employment and access to social benefits.To read this article in full or to leave a comment, please click here

1 3,108 3,109 3,110 3,111 3,112 3,845