Someone just bought your smart home. Did they get your data, too?

It's move-in day, and you finally have the papers and the keys for your new home. But do you have the passwords?That's one of the questions homebuyers and renters should be asking themselves now that connected devices like locks, lights and thermostats are growing more common, according to the Online Trust Alliance. The industry group joined up with the U.S. National Association of Realtors to compile a checklist for anyone moving in or out of a connected home.Built-in Internet of Things gear can make a new residence like a gadget you'd buy from an electronics store, with the added complication that someone else configured and used it before you did. Access to connected-home devices can mean a view into intimate information about how someone lives, or how they lived before they moved out: Door locks and thermostats might record when you're home, lights note what rooms you spend your time in, and security cameras keep an eye on you.To read this article in full or to leave a comment, please click here

Dumb, dumber, and cybersecurity

The reason you got hacked is because you listen to dumbasses about cybersecurity, like Microsoft.

An illustrative example is this article on "10 steps to protect" yourself. The vast majority of cyber threats to a small business are phishing, password reuse, and OWASP threats like SQL injection. That article addressed none of these threats.


But it gets better.

At the bottom of that article is a link to this "Cyber Security IQ" quiz at Microsoft's small-business website. The first question asks about password sharing. I show their "right" answer here:


Their correct answer is "None of the above", meaning that it's not okay to share your passwords with anybody. But this is nonsense. For your work account, of course it's okay to share your password with your boss. In fact, it's often necessary.

There have been several court cases where IT administrators have been fired, where the companies later found that the fired employee is the only one with passwords to certain critical systems. The (former) administrators were prosecuted for refusing to give their former bosses the passwords.

If your boss demands your password to your corporate accounts, of course you must give them your password.


But it Continue reading

Ethics of killing Hitler

The NYTimes asks us: if we could go back in time and kill Hitler as a baby, would we do it? There's actually several questions here: emotional, moral, and ethical. Consider a rephrasing of the question to focus on the emotional question: could you kill a baby, even if you knew it would grow up and become Hitler?


But it's the ethical question that comes up the most often, and it has real-world use. It's pretty much the question Edward Snowden faced: should he break his oath and disclose the NSA's mass surveillance of Americans?

I point this out because my ethical response is "yes, and go to jail". The added "and go to jail" makes it a rare response -- lots of people are willing to kill Hitler if they don't suffer any repercussions.

For me, the hypothetical question is "If you went back in time and killed Hitler, would you go to jail for murder?". My answer is "yes". I'd still do my best to lessen the punishment. I'd hire the best lawyer to defend me. It's just that I would put judgement of my crime or heroism in the hands of others. I would pay Continue reading

MikroTik – CCR1072-1G-8S+ – PPPoE testing preview – 30,000 connections and queues.

 

[adrotate banner=”5″]

 

Why we chose PPPoE as the next test

First of all, thanks to everyone for all the positive feedback, comments and questions about the CCR1072-1G-8S+ testing we have been posting in the last few months.  Even MikroTik has taken an interest in this testing and we have gotten some great feedback from them as well.

We received more questions about the PPPoE capabilities of the CCR1072-1G-8S+  than any other type of request. Since we have already published the testing on BGP, throughput and EoIP, we have decided to tackle the PPPoE testing to understand where the limits of the CCR1072-1G-8S+ are. This is only a preview of the testing as we are working on different methods of testing and config, but this will at least give you a glimpse of what is possible.

30,000 PPPoE Connections !!!!

30k-pppoe

Overview of PPPoE connections and CPU load

30k-PPPoE-overview

PRTG Monitoring

We have started using PRTG in the StubArea51.net lab as it makes monitoring of resource load over time much easier when we are testing. Check it out as it is free up to 100 sensors and works very well with MikroTik

https://www.paessler.com/prtg/download

PRTG CPU Profile 

30k-PPPoE-CPU-total-prtg

 

PRTG PPPoE Continue reading

MikroTik – CCR1072-1G-8S+ – PPPoE testing preview – 30,000 connections and queues.

 

[adrotate banner=”5″]

 

Why we chose PPPoE as the next test

First of all, thanks to everyone for all the positive feedback, comments and questions about the CCR1072-1G-8S+ testing we have been posting in the last few months.  Even MikroTik has taken an interest in this testing and we have gotten some great feedback from them as well.

We received more questions about the PPPoE capabilities of the CCR1072-1G-8S+  than any other type of request. Since we have already published the testing on BGP, throughput and EoIP, we have decided to tackle the PPPoE testing to understand where the limits of the CCR1072-1G-8S+ are. This is only a preview of the testing as we are working on different methods of testing and config, but this will at least give you a glimpse of what is possible.

30,000 PPPoE Connections !!!!

30k-pppoe

Overview of PPPoE connections and CPU load

30k-PPPoE-overview

PRTG Monitoring

We have started using PRTG in the StubArea51.net lab as it makes monitoring of resource load over time much easier when we are testing. Check it out as it is free up to 100 sensors and works very well with MikroTik

https://www.paessler.com/prtg/download

PRTG CPU Profile 

30k-PPPoE-CPU-total-prtg

 

PRTG PPPoE Continue reading

PlexxiPulse—Defining the New Network

The network is changing; there is no doubt about it. Undergoing its own transformation to meet advancements in storage and compute, the network is becoming more important than ever as Big Data and IoT continue to evolve. Our own Bob Noel penned a blog post this week that identifies areas of improvement for the network to meet the requirements of tomorrow. Take a look and tell us your thoughts for the future of the network. Which of Bob’s requirements do you think is the most important?

Below please find a few of our top picks for our favorite news articles of the week. Enjoy!

Enterprise Storage Forum: The New Era of Secondary Storage HyperConvergence
By Jim Whalen, Senior Analyst, Taneja Group
The rise of hyperconverged infrastructure platforms has driven tremendous change in the primary storage space, perhaps even greater than the move from direct attached to networked storage in decades past.  Now, instead of discrete, physically managed components, primary storage is being commoditized, virtualized and clustered, with the goal of providing a highly available virtual platform to run applications on, abstracted away from the individual hardware components themselves.  This has provided dramatic benefits to IT, allowing them to Continue reading

IDG Contributor Network: Report details biggest IT failures of the past decade

This month, radio electronics publication IEEE Spectrum is commemorating the 10th anniversary of its ground-breaking 2005 article, "Why software fails." The now-archived article studied some troubled, large-scale IT projects. IEEE said they were preventable failures and explained why. Along with the celebration, the publication has just brought out an updated database of IT debacles. This bunch covers the last 10 years. It makes for fascinating reading. Financial waste, endless delays correcting things, and the vast numbers of people affected contribute to the horrific, gory screw-ups.To read this article in full or to leave a comment, please click here

DARPA: Monitoring heat, electromagnetic and sound outputs could assess safety of IoT devices

DARPA is looking for a platform that can tell whether Internet of Things devices have been hijacked based on fluctuations in the heat, electromagnetic waves and sound they put out as well as the power they use.The agency wants technology that can decipher these analog waves and reveal what IoT devices are up to in their digital realms, according to a DARPA announcement seeking research proposals under the name “Leveraging the Analog Domain for Security (LADS)”.The LADS program would separate security monitoring from the device itself so if it is compromised, the monitoring platform can’t be affected.To read this article in full or to leave a comment, please click here

New CCIE Collaboration Videos Have Arrived!

Attention all CCIE Collaboration candidates!! We’re excited to announce that Andy Vassar has been tirelessly working on new videos, and we have a brand new CCIE Lab Video on Demand playlist available!

Andy has gone through and broken down all the technologies to make sure that you have the most up to date information to help you effectively prepare for your CCIE Collaboration Lab Exam. In this playlist you’ll find 48 videos, broken down by blueprint section and technology, with the need to know information and topics covered in the lab exam.

All of this is in a high quality HD format that is clear and engaging to watch.

Stay tuned to see what other great video updates we’ll have in the coming days and weeks for our Collaboration track, as well as for our other tracks and certifications.

Make sure you swing by your Member’s Area today to check out this new playlist! We’re pretty excited about it, but don’t just take our word for it… have a look for yourself.

Stuff The Internet Says On Scalability For October 23rd, 2015

Hey, it's HighScalability time:


The amazing story of Voyager's walkabout and the three body problem.

If you like Stuff The Internet Says On Scalability then please consider supporting me on Patreon.
  • $18 billion: wasted on US Army Future Combat system; 70%: Americans who support an Internet sales tax;  $1.3 billion: wasted on an interoperable health record system; trillions: NSA breaking Web and VPN connections; 615: human data teams beat by a computer; $900,000: cost of apps on your smartphone 30 years ago.

  • Quotable Quotes:
    • @PatrickMcFadin: 'Sup 10x coder. Grace Hopper invented the compiler and has a US Navy destroyer named after her. Just how badass are you again?
    • @benwerd: I love Marty McFly too, but more importantly, the first transatlantic voice transmission was sent 100 years ago today. What a century.
    • Martin Goodwell: The nearly two-billion requests that Netflix receives each day result in roughly 20 billion internal API calls.
    • sigma914: It's great to see people implementing distributed services using a vertically scalable technology stack again. The past ~decade has seen a lot of "We can scale sideways so constant overheads are irrelevant! We'll just use Java and add Continue reading

Results of experimenting with Brotli for dynamic web content

Compression is one of the most important tools CloudFlare has to accelerate website performance. Compressed content takes less time to transfer, and consequently reduces load times. On expensive mobile data plans, compression even saves money for consumers. However, compression is not free—it comes at a price. It is one of the most compute expensive operations our servers perform, and the better the compression rate we want, the more effort we have to spend.

The most popular compression format on the web is gzip. We put a great deal of effort into improving the performance of the gzip compression, so we can perform compression on the fly with fewer CPU cycles. Recently a potential replacement for gzip, called Brotli, was announced by Google. Being early adopters for many technologies, we at CloudFlare want to see for ourselves if it is as good as claimed.

This post takes a look at a bit of history behind gzip and Brotli, followed by a performance comparison.

Compression 101

Many popular lossless compression algorithms rely on LZ77 and Huffman coding, so it’s important to have a basic understanding of these two techniques before getting into gzip or Brotli.

LZ77

LZ77 is a simple technique developed Continue reading

Getting Started with VMware NSX Distributed Firewall – Part 1

Who saw it coming that segmentation would be a popular term in 2015?!? Gartner analyst Greg Young was almost apologetic when he kicked off the Network Segmentation Best Practices session at the last Gartner Security Summit.

As a professional with a long history in the enterprise firewall space, I know I found it odd at first. Segmentation is such a basic concept, dovetailing with how we secure networks – historically on network boundaries. Network segmentation is the basis for how we write traditional firewall rules – somehow get the traffic TO the firewall, and policy can be executed. How much more can we say about network segmentation?

But there is a problem with the reach of segmentation based on network. If traffic does not cross the firewall, you are blind. All hosts in the same network, commonly the same VLAN, can abuse each other at will. Perhaps netflow or IPS sensors are throughout your network – just to catch some of this internal network free-for-all. And the DMZ? I like to think of all these networks as blast-areas, where any one compromise could potentially take everything else on the same network down.

It’s not really network segmentation that’s all the Continue reading

1 3,226 3,227 3,228 3,229 3,230 3,793