The Upload: Your tech news briefing for Tuesday, June 23

Privacy group wants Uber probed for data collectionThe Electronic Privacy Information Center has complained to the U.S. Federal Trade Commission about Uber’s new data collection policy: it comes into effect next month and allows the company to access a customer’s location even when the smartphone app is not actively in use, and to access the information from users’ phone address books and send out promotional materials to contacts listed there. The changes “ignore past bad practices of the company involving the misuse of location data, pose a direct risk of consumer harm, and constitute an unfair and deceptive trade practice,” EPIC said in its request for an FTC investigation.To read this article in full or to leave a comment, please click here

Google’s 60Tbps Pacific cable welcomed with champagne in Japan

With bottles of bubbly and a purification ceremony, a Google-backed undersea cable was given a warm welcome on a beach in Japan last week, a critical step in building the highest capacity data link in the Pacific ever created.The 9,000-kilometer FASTER cable will have a peak capacity of 60 terabytes per second (Tbps) when it enters operation next year, joining Japan with Oregon on the West Coast of the U.S.Apart from Google, the project is backed by telecom carriers KDDI of Japan, SingTel of Singapore, Global Transit of Malaysia, China Mobile International and China Telecom Global.At the landing site in Shima, Mie Prefecture, east of Osaka, a machine pulled the cable onto the beach from an offshore cable-laying ship while stacks of armored pipes, which shield the link from anchors near the shore, were piled nearby.To read this article in full or to leave a comment, please click here

The Game Changer in Cloud Networking

The networking market is at an exciting pivot point, evolving away from legacy enterprise networking to the cloud. While the public cloud providers (“titans”) may take a “do it yourself” approach to engineering cloud network designs, mainstream enterprises demand a “cloudified” turnkey solution and want to emulate cloud operators. The increasingly massive scale of address tables, devices, flooding, broadcast traffic from discovery protocols, subnets and routing protocols have accelerated the need for disruption in networking workflows, making Arista a unique and welcome pioneer for customers ready to make SDN a reality.

Software Driven Cloud Networking Trends

To appreciate the need for SDN and cloud solutions one must step back and understand why the cloud network is dramatically different from legacy networking.

First, in a cloud, everything is dynamic. Resources become available and go off-line, users are logging in and out, and workloads are going up or down depending on compute needs. This is a fundamental difference of cloud versus static computing in enterprises.

Second, cloud data centers are much larger than typical enterprise datacenters and can contain tens, even hundreds of thousands of servers. Legacy management practices and policies that are used in smaller datacenters don’t apply to clouds since Continue reading

Alibaba sells off 11Main US e-commerce site to focus on China

Alibaba Group has decided to sell off its 11Main e-commerce site in the U.S., as part of its focus on attracting foreign brands to its China business.OpenSky, a U.S.-based online retail company, will be taking over 11Main. “This joining of forces will help drive sales worldwide,” Alibaba said on Tuesday.As part of the deal, Alibaba has also sold its Auctiva and Vendio properties to OpenSky, in exchange for a minority stake of 37.6 percent in the U.S. company.11Main, which launched last year, represented an Alibaba foray into the U.S. market. The site was, however, a small operation and offered goods from boutique merchants, rather than competing head-on with Amazon or eBay.To read this article in full or to leave a comment, please click here

RubyGems DNS flaw now patched after second try

A revised patch has been released for a flaw in the distribution platform for Ruby applications, RubyGems, which could be used to deliver malware to someone trying to download a program.RubyGems lets people search for a “gem,” which is a packaging format for Ruby applications and code libraries. Ruby developers publish a gem when an application is ready.Security researchers from Trustwave found a problem with the platform. When people search for a gem, RubyGems uses a DNS (Domain Name System) SRV record request to find a server hosting a particular gem.The request, however, “does not require that DNS replies come from the same security domain as the original gem source,” according to a writeup, which Trustwave plans to release on its blog on Tuesday.To read this article in full or to leave a comment, please click here

Liveblog: Docker Networking

This is a liveblog of the Docker Networking breakout session. This session is led by Madhu Venugopal and Jana Radhakrishnan, both formerly of Socketplane (and now with Docker following the acquisition). They are introduced by John Willis, also formerly of Socketplane and well-known within the DevOps community.

Some display issues plague the session at the beginning, so it appears that Murphy’s Law is back with a vengeance.

Madhu starts out the session with an overview of why networking (in particular Docker networking) is so important. Networking is vast and complex, and networking is an inherent part of distributed applications. Therefore, it’s important to make networking developer-friendly and application-driven. He shares a vision: “We’ll do for networking what Docker did for compute”. So what are the goals from this vision?

  • Make “network” and “service” top-level objects
  • Provide a pluggable networking stack
  • Span networks across multiple hosts
  • Support multiple platforms

Libnetwork is a key part of this effort. It was open-sourced in April, with over 200 pull requests and 200 GitHub stars. Windows and FreeBSD ports are in progress. Libnetwork is part of the Docker 1.7 release with limited functionality, allowing users to test it before it is fully enabled in Continue reading

Liveblog: Secret Session (Docker Plugins)

This is the “Top Secret Docker Session led by Gordon the Turtle,” which is really a session on Docker Plugins. However, since Docker Plugins were only announced this morning during the general session, the title for this session had to be obscured. On stage are ClusterHQ (Luke Marsden), Glider Labs (Jeff Lindsay), and Weaveworks (Alexis Richardson).

Marsden starts the session with a brief history of the Docker Plugins project, and how it grew out of Powerstrip. Marsden reiterates that he said Powerstrip would be successful if they would “throw it away” in 6 months. Four months later, the Docker Plugins project is now officially announced, and Powerstrip is no longer necessary.

Marsden next turns the stage over to Jeff Lindsay. Lindsay talks about why the Docker Plugins project is so important—every customer is unique, and customers want/need the freedom to choose the right solution to use the tools that best solve their particular problem(s).

Jeff Lindsay turns it over to Alexis Richardson, who outlines the core requirements for Docker Plugins. Richardson outlines 3 requirements, but he doesn’t have a slide that lists those requirements, so I couldn’t capture them. Plugins today are limited to storage and networking, but that isn’t Continue reading

Liveblog: Resilient Routing and Discovery

This is a liveblog of the DockerCon 2015 session on resilient routing and discovery, part of the “Advanced Tech” track. Simon Eskilden (@Sirupsen on Twitter) from Shopify is the speaker for this session.

Not surprisingly (you’d understand this if you walked Eskilden’s presentation from DockerCon EU 2015), he starts out with a mention of the walrus (his favorite animal). Eskilden starts with a brief overview of Shopify (his employer) and Shopify’s production deployment of Docker (they’ve had Docker in production for over a year). Eskilden freely acknowledges that moving to a microservices-based architecture increases complexity and is not “free”. In order to help address the complexity brought on by microservices-based architectures, Eskilden wants to talk about resiliency, service discovery, and routing.

Eskilden reinforces that companies shouldn’t be implementing Docker solely for the sake of implementing Docker; it should be for a reason, a purpose (for him, it’s making sure Shopify’s services stay up and available). Resiliency is about building a reliable system from a bunch of unreliable components. Total availability is the availability per service to the power of the number of services. This means that the more services there are, the lower the total availability is. (To help Continue reading

Networking Books Up For Auction – Good Stuff Cheap

I've put several of my networking books up for auction on eBay. Lots of CiscoPress titles, but several others as well. Many design guides. Routing protocol coverage such as OSPF, including an OSPF vs ISIS guide by Jeff Doyle. Some are older, what I consider classics. Some are fairly new. Some are targeted at certification seekers. I need to clear some space here in my home library, and would like to move these titles along. Far too many books in my collection, and I've gotten what I can from these. Good luck!

Worth Reading: Don’t be so Surprised

Whether you are an obvious target or not depends heavily on what kind of information and access to information and systems you have or can provide. Whether you are a prioritized target depends much more on the current strategic, tactical and operational need of your adversary, whoever that might be. This is much more unpredictable.

The post Worth Reading: Don’t be so Surprised appeared first on 'net work.

Here comes bare metal and NFV for the enterprise

Two hardware vendors this week unveiled products to bring commodity switching and network functions virtualization (NFV) to enterprises through service providers.Bare metal switch supplier Pica8 this week rolled out a Power-over-Ethernet switches to be sold into enterprises by service providers as managed service customer premises equipment (CPE). And Ciena announced availability of the 3938vi Service Virtualization Switch, an Ethernet CPE platform with virtualized network function (VNF) integration. Pica8 The offerings address a desire by service providers, like AT&T, to sell bare metal white box switches into the customer premises for cost, flexibility, performance and SDN programmability advantages, and to offer service as VNFs on that hardware. Pica8 says this market – bare metal as CPE – is six months old and that this week’s PoE offerings are merely the latest in an existing CPE portfolio to onboard enterprises to the cloud.To read this article in full or to leave a comment, please click here

IMT-2020 is the future of mobile — but you can keep calling it 5G

There’s finally something real to 5G: a name.The International Telecommunication Union (ITU) has decided to call the next-generation cellular system IMT-2020. That name may have a hard time catching up with “5G,” a tag that’s been applied to just about every future mobile technology in the works: Googling “5G mobile” brings up 12.9 million results. But it’s a clear sign of progress toward the concrete. Where there’s a bureaucratic-sounding numeric acronym, can a formal standard be far behind?The ITU now has an answer to that question, too. It’s set a timeline that calls for the standard to be finished in 2020. Hence the name, which follows in the footsteps of IMT-2000 (3G) and IMT-Advanced (4G).To read this article in full or to leave a comment, please click here

US, UK spies said to attack security software

Spies working for the U.S. National Security Agency and its British counterpart found anti-virus and security software a hindrance to their intelligence gathering processes, and worked to thwart it, according to a report Monday in The Intercept.The efforts, revealed through documents leaked by former NSA contractor Edward Snowden, focused on vendors including Moscow-based security software developer Kaspersky Labs, which claims over 400 million customers worldwide.The NSA and the U.K.-based Government Communications Headquarters monitored web and email traffic between Kasperksy’s software and its servers, the report said, and obtained sensitive customer information in the process.To read this article in full or to leave a comment, please click here

Liveblog: DockerCon 2015 Day 1 General Session

This is a liveblog for the day 1 general session at DockerCon 2015, taking place this week (today and tomorrow, anyway) at the Marriott Marquis in San Francisco, CA. This is my first DockerCon, and I’m looking forward to picking up lots of new knowledge.

The general session starts with a video (cartoon) about something working in development but not in production, and how Solomon Hykes came up with the idea for containers and Docker. It’s a humorous, tongue-in-cheek production. As the video wraps up, Docker CEO Ben Golub takes the stage.

Golub starts with a personal story about the various startups for which he’s worked, and the importance of his “two fold test” (that it has global significance and that it is easy to explain when you go home for Thanksgiving). Maybe the Thanksgiving test didn’t quite make it, but Golub does think (naturally) that Docker has global significance. Golub says that Docker has become a fundamental part of how companies build, ship, and run distributed applications, and that Docker is a key part of how industries and cultures are being transformed. He attributes this success to the Docker community and the Docker ecosystem. Rightfully so, Golub credits the Continue reading

1 3,357 3,358 3,359 3,360 3,361 3,773