The Internet is a cooperative system: CNAME to Dyn DNS outage of 6 July 2015

Today, shortly after 21:00 UTC, on our internal operations chat there was a scary message from one of our senior support staff: "getting DNS resolution errors on support.cloudflare.com", at the same time as automated monitoring indicated a problem. Shortly thereafter, we saw alarms and feedback from a variety of customers (but not everyone) reporting "1001 errors", which indicated a DNS resolution error on the CloudFlare backend. Needless to say, this got an immediate and overwhelming response from our operations and engineering teams, as we hadn't changed anything and had no other indications of anomaly.

In the course of debugging, we were able to identify common characteristics of affected sites—CNAME-based users of CloudFlare, rather than complete domain hosted entirely on CloudFlare, which, ironically, included our own support site, support.cloudflare.com. When users point (via CNAME) to a domain instead of providing us with an IP address, our network resolves that name —- and is obviously unable to connect if the DNS provider has issues. (Our status page https://www.cloudflarestatus.com/ is off-network and was unaffected). Then, we were investigating why only certain domains were having issues—was the issue with the upstream DNS? Testing whether their domains were resolvable Continue reading

Instagram bumps up photo resolution to 1080 pixels

Instagram is increasing the size of pictures users of its mobile app are allowed to post, finally opening the door of the photo sharing service to much more detailed images.The iOS and Android apps are gradually being updated to store and display photos that are 1080 pixels by 1080 pixels in size, an Instagram spokeswoman said Monday, adding that most users should already have this update. She declined to comment on when Instagram began rolling out the update and when it expects to finish.The spokeswoman also declined to comment if the resolution improvement will also be available in the version of the service accessed via desktop browsers.To read this article in full or to leave a comment, please click here

Microsoft’s new Tossup app tries to simplify getting friends together

Tossup, a new Microsoft app for Android and iOS, aims to make it easier for users to poll their friends and get together.Tossup lets people create quick polls and share them with their friends. The polls can be simple, consisting of a single yes or no question, or they can be more detailed, for example providing a list of local businesses to choose from for a meeting. After creating a poll, users are prompted to send it out to their friends as a link either via text message or email. After that, the people invited can answer the poll questions inside the app and add comments.To read this article in full or to leave a comment, please click here

Humans again to blame for latest accidents involving Google autonomous cars

Google’s self-driving cars were involved in two accidents on the roads of Mountain View, California, during June, but humans driving the other vehicles were at fault in both cases.No injuries were reported in either incident, Google said in its monthly report that lists accidents involving its fleet of autonomous cars. Both collisions involved Google’s Lexus sport utility vehicles that are equipped with autonomous driving technology. Last month, Google also began testing on the streets of Mountain View another one of the self-driving prototype cars it has built.In one accident, a car travelling around 5 miles per hour hit the rear bumper of a Google Lexus that had stopped at a red light. Both cars ended up with small scrapes on their bumpers.To read this article in full or to leave a comment, please click here

Prototype wave energy device passes grid-connected pilot test

A prototype wave energy device advanced with backing from the Energy Department and U.S. Navy has passed its first grid-connected open-sea pilot testing.According to the DOE, the device, called Azura, was recently launched and installed in a 30-meter test berth at the Navy’s Wave Energy Test Site (WETS) in Kaneohe Bay, on the island of Oahu, Hawaii.+More on Network World: 16 facts about our slowly mutating energy consumption+This pilot testing is now giving U.S. researchers the opportunity to evaluate the long-term performance of the nation’s first grid-connected 20-kilowatt wave energy converter (WEC) device to be independently tested by a third party—the University of Hawaii—in the open ocean, the DOE said.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Mainframes and mobile: What powers your mobile banking?

As someone who lives and breathes mainframes, I often forget that people who aren't part of this world don't always believe some of the truths that I believe to be self-evident. One  common way that I raise eyebrows is when I tell my fellow technologists that mainframes are perfect for supporting mobile applications. In fact, it is almost guaranteed to invoke skepticism. So let me just say it again: mainframes and mobile are a perfect combination.At first glance, it's easy to see why this might be somewhat incongruous. Mainframes have been around for more than half a century, and for most of their history the idea of small, portable devices was the stuff of science fiction. When laptops, smartphones and tablets (and, more recently, intelligent wearables) came on the scene they were truly revolutionary because they fulfilled the long-standing promise of truly portable computing. So what role could "Big Iron" possibly play in a world of increasingly smaller devices?To read this article in full or to leave a comment, please click here

Microsoft offers researchers $500K to work on HoloLens

Microsoft is offering academic researchers in the U.S. a chance to get their hands on its HoloLens augmented reality headgear later this year with a new program that will award funding and hardware to a handful of projects that will put the new gear to use.The company put out a request for proposals Monday seeking projects that will help “to better understand the role and possible applications for holographic computing in society.” Microsoft will pick “approximately five” proposals and give the researchers behind them a grant of up to $100,000 and two HoloLens development kits. In particular, Microsoft said it’s interested in seeing its technology used for things like data visualization, new forms of collaboration, interactive art and new teaching tools.To read this article in full or to leave a comment, please click here

1 Year Anniversary for Networking With Fish

It seems like just yesterday I was at CiscoLive in San Francisco asking people I had met on twitter about their experiences blogging as well as hosting a web page.  Today?  Last week marked the 1 year anniversary of “Networking With Fish”.

I want to say thank you.

Those of you who know me, know that I’m not much on the idea of one person’s success being solely on them.  That can be a philosophical debate for some other day.  But suffice it to say I had nothing to do with the IQ or EQ I was born with.  Also while I was studying for my certifications…. I was reading documents and books that other people wrote.

So too with success of Networking With Fish.

So please indulge me for one moment on this 1 year Anniversary to say “thank you” to all those who were instrumental in the success of this web site.  Your mug is in the mail.  :)

Russ White – Much starts with Russ. My CiscoLive career started because he asked me to be a speaker for CiscoLive 2006.  My becoming a CiscoLive Session Group Manager is because he Continue reading

Operational Annoyances: Validating SSL VIPs

Trust

In the last two posts I described tools to validate the required intermediate SSL certificate chain for a given server certificate, and to validate that the private key and server certificate are a match. Once the SSL configuration is deployed though, how do we check that everything is working correctly and the new certificate is in place?

Checking deployed SSL Certificates and Intermediates

The simple answer is “use one of the tools already out there on the Internet.” That’s a fair answer, and I have been known to use some of these. A quick Google search shows a validator on SSLShopper:

Operational Annoyances: Validating SSL VIPs

There’s also a similar tool on DigiCert:

DigiCert

These are great tools and I strongly encourage using them to check your sites. However, there’s one situation where they can’t help you, and that’s when your site is only accessible internally. How do I do certificate validation for private sites?

OpenSSL To The Rescue. Again

Yet again, OpenSSL is my tool of choice because not only can it open an SSL connection to a VIP, but it can also show the certificates it is sent. You may be thinking “Why not just use a web browser?” Again, Continue reading

The truth about Intel’s Broadwell vs. Haswell CPU

Intel’s fifth-generation Broadwell CPU has been the default laptop processor of choice since its debut in January, but it’s been difficult to get a real bead on just how much of an improvement it really was over its Haswell predecessor.That’s because unlike desktops, where it’s easy to control the environment they run in, laptops are complete packages. I tried to compare the updated ThinkPad Carbon X1 Carbon with Broadwell to the Haswell ThinkPad Carbon X1, for instance, but it wasn’t quite apples-to-apples. I initially determined that the Broadwell CPU was significantly faster than the Haswell. Something didn’t ring right, though, and ultimately I decided Lenovo’s redesign of the laptop likely contributed to the results and really made it useless to try to draw any conclusion on the CPUs themselves.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Monday, July 6

Surveillance firm Hacking Team gets hackedWho watches the watchmen? Italian online surveillance company Hacking Team appears to have been hacked, with attackers releasing what purports to be a trove of internal documents showing how the company helps governments around the world spy on their citizens. CSO has the details.Microsoft’s $2.5B marketing budget: Minecraft on Windows 10Is Microsoft counting on pester power to push Windows 10 sales? The company will release a special version of Minecraft for its new operating system when it goes on sale at the end of this month, PC World reports. Minecraft’s author Markus “Notch” Persson famously said he would rather not see the game on PCs at all than have it distributed through the Windows store—but since Microsoft paid $2.5 billion for his company Mojang last year, it calls the shots.To read this article in full or to leave a comment, please click here

Reaction: SD-WAN and Multiple Metrics

Ivan has posted a reaction to Ethan, which prompts me to… Okay, let’s start at the beginning. Ethan wrote a nice post on SD-WAN and the “shortest path we always wanted,” covering some of the positive and negative aspects of software defined WAN.

Ivan responded with this post, in which he says several interesting things, prompting some thoughts from yours truly…

Routing in SD-WAN environment is almost trivial…

Depends on what you mean when you say “routing…” If routing here means the discovery of the topology, and computing a best path through a topology, then controller based (centralized) “routing” is almost certainly more complex than distributed routing protocols. If routing here means, “take into consideration a wide swath of policies, including which link is most loaded right now, which link has the shortest queues, and lots of other things, and compute me a best path,” then a controller based centralized system is most likely going to be less complex. Take a gander through my last set of NANOG slides if you want to see where my thinking lies in this area — or read my new book on network complexity if you want a longer explanation.

The question is — Continue reading

Leak of ZeusVM malware building tool might cause botnet surge

The Internet could see a new wave of botnets based on the ZeusVM banking Trojan after the tools needed to build and customize the malware program were published online for free.The source code for the builder and control panel of ZeusVM version 2.0.0.0 was leaked sometime in June, according to a malware research outfit called Malware Must Die (MMD). The leak was kept under wraps by the researchers as they tried to stop the files from becoming widely available, an effort that ultimately exceeded their resources.As a result, the group decided to go public with the information Sunday in order to alert the whole security community so that mitigation strategies can be developed.To read this article in full or to leave a comment, please click here