10 reasons Amazon’s drone delivery plan still won’t fly

Last week, the Federal Aviation Administration awarded Amazon an "experimental airworthiness certificate" to test its plans to use drones to deliver purchases to customers. The certificate allows drone use only within line-of-sight of a certified pilot, but that's not the only problem with the concept.See also: FAA deems Amazon delivery drones 'airworthy,' with heavy regulations In fact, the quest for FAA approval is just a sideshow. The real problems with drone deliveries are practical, not regulatory. Don't believe me? Let's think about it for a moment (you won't need much more time than that…I came up with this list in just a few minutes, with only marginal help from a Google search):To read this article in full or to leave a comment, please click here

Amazon’s drone ‘win’ will prove fleeting

Late last week the FAA gave Amazon permission to move ahead with its experiments to develop a drone-driven package-delivery system.Bottom line first: I believe this whole concept is ludicrous – which is an upgrade from my initial reaction: publicity stunt -- and that nothing like it will be an important package-delivery mechanism for Amazon or anyone else in our lifetimes. (Everything happens eventually.)But just to play along, it would appear that the FAA’s biggest stipulations – the experimental drones must be operated by licensed pilots who must maintain line of sight contact with their craft – are deal killers if they prove permanent.To read this article in full or to leave a comment, please click here

Lab: iBGP and OSPF Traffic Engineering

Click to enlarge

Here’s the scenario: An enterprise network with an MPLS core and two branch locations connected to their own Provider Edge (PE) router. In addition to the MPLS link, the PEs are also connected via a DMVPN tunnel. The PEs are peering via iBGP (of course) and are also OSPF neighbors on the DMVPN. Both Customer Edge (CE) routers at the branch are OSPF neighbors with their local PE.

Task: Use the high speed MPLS network as the primary path between the CE routers and only use the DMVPN network if the MPLS network becomes unavailable.

Question: Is the solution as simple as adjusting the Admin Distance (AD) so that the iBGP routes are more preferred?

Default State

The obvious first issue is the default AD for iBGP (200) is higher than the default AD of OSPF (110) which means the OSPF path over the DMVPN is going to be preferred. This is confirmed if we do a traceroute from R5 to R6:

R5#traceroute 6.6.6.6 source lo5
 1 10.0.45.4 2 msec 0 msec 1 msec
 2 10.10.10.7 17 msec 17 msec 17 msec
 3 10.0.67.6 18  Continue reading

Here are the components that will power your next smartphone

The last couple of months haven seen the launch of a clutch of new smartphones—and also new chipsets that aim to make the next generation of smartphones more powerful and simpler to recharge.Competition between chip makers is increasing, with companies spurring each other to improve smartphone performance. Here are some of the components and technologies that will help make it happen:Qualcomm’s next-generation processorsThe Snapdragon 820 will be the first processor to use Qualcomm’s homegrown ARM-based Kryo architecture—and also the first to use the company’s new Zeroth platform for adding machine learning capabilities. The company plans to make samples available to phone manufacturers in the second half of the year. Qualcomm will need to have the chips ready for mass production in the first half of 2016 to catch the next wave of high-end smartphone launches, or manufacturers may look elsewhere—as Samsung Electronics did this year, choosing to use one of its own Exynos processors for its Galaxy S6.To read this article in full or to leave a comment, please click here

The Problem with Peanuts

I was hungry. Perhaps that’s a good excuse, or perhaps not. Either way, I sat down after ordering, took a peanut, broke the nuts out of the shell, and ate them.

After eating the peanut, I felt less hungry. So I picked up another one and ate it, as well. Soon enough, long before I order came out in fact, I wasn’t really hungry any longer. I still ate, of course, because I’d bought the burger, and it was a good burger. The fries were pretty good, too. The sweet tea wasn’t shabby, either.

But I thought about the peanut it all started with as I ate the burger. You see, a peanut solved my hunger problem. So it one peanut solves my hunger, why couldn’t a pile of peanuts solve world hunger? So I took a pile of peanuts and put them on the table, considering something I’d never thought about before — I could solve world hunger. Right here, right now, in this place, I could actually solve a major problem the world has been struggling with for thousands of years.

Okay, but then where would I get these peanuts? The place I was in had boxes stacked Continue reading

Retiring the Rockstar: A Counterpoint

“You’re a rockstar!” Chances are, you’ve either a) been told this as a compliment for some work you’d done; b) heard this told to someone else for some work they’d done; or c) told someone this for some work they’d done. If you said this to someone else—I just told someone this quite recently—chances are also very likely that you had nothing but positive intentions behind this statement and your goal was to compliment them on what you saw as outstanding work. But is “rockstar” the wrong term to use? And if so, what is the right term?

Recently, Tyler Britten (a very talented professional and a former colleague when I worked as an EMC vSpecialist) posted an article titled “Time to Retire the Rockstar,” in which he draws a connection between the use of terms like “rockstar,” “superstar,” “genius,” or “guru” and the myth of the lone genius. I see his point, and don’t necessarily disagree with it. Something can be said that calling someone a rockstar (or any of the other terms listed) isn’t automatically encouraging them to “eschew teams and communities and to work alone”, but that isn’t the point of this post. Here I’d rather Continue reading

The Upload: Your tech news briefing for Monday, March 23

EMC pools enterprise smarts to create data lakesEMC is pulling assets from its conglomeration of businesses to help customers build data lakes using EMC storage, VMware virtualization and Pivotal big-data smarts. The Federation Business Data Lake debuting Monday will ingest and analyze data from diverse sources—and may also show how EMC can make the diverse businesses it owns add up to more than the sum of their parts.New US bill aims to limit use of student dataA new bill to be introduced in Congress on Monday aims to place checks on the collection and possible misuse of student data by tech companies that supply services to schools. The Student Digital Privacy and Parental Rights Act prohibits companies such as online homework portals or email services from using or disclosing students’ personal information for advertisement purposes, according to The New York Times.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Monday, March 23

EMC pools enterprise smarts to create data lakesEMC is pulling assets from its conglomeration of businesses to help customers build data lakes using EMC storage, VMware virtualization and Pivotal big-data smarts. The Federation Business Data Lake debuting Monday will ingest and analyze data from diverse sources—and may also show how EMC can make the diverse businesses it owns add up to more than the sum of their parts.New US bill aims to limit use of student dataA new bill to be introduced in Congress on Monday aims to place checks on the collection and possible misuse of student data by tech companies that supply services to schools. The Student Digital Privacy and Parental Rights Act prohibits companies such as online homework portals or email services from using or disclosing students’ personal information for advertisement purposes, according to The New York Times.To read this article in full or to leave a comment, please click here

Foxconn partners with China’s Tencent on smart electric cars

As rumors swirl that Apple might be developing an electric car one of its major suppliers, Foxconn Technology Group, is moving ahead with its own plans to bring an electric-powered vehicle to China.On Monday, the electronics manufacturer struck a partnership with Chinese Internet giant Tencent and luxury car dealership China Harmony Auto to develop smart electric cars. All three companies are together establishing a special team for the project, Foxconn said.Foxconn, which is based in Taiwan, is perhaps best known for assembling Apple’s iPhone.To read this article in full or to leave a comment, please click here

EMC pools enterprise smarts to create data ‘lakes’

EMC is drawing on its “federation” of companies to help customers build data lakes using EMC storage, VMware virtualization and Pivotal big-data smarts.The Federation Business Data Lake will ingest and analyze data from diverse sources to give enterprises new insights that can help them make better decisions, EMC says. It can tie together existing EMC assets with new software to run the data lake, and the whole package can be built and started up in as little as seven days, according to the company.EMC’s aim is to help enterprises of all sizes make better use of information they collect, including both structured and unstructured data. Building the data lakes may also show how EMC can make the diverse businesses it owns add up to more than the sum of their parts.To read this article in full or to leave a comment, please click here

New products of the week 03.23.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.CartoDB WordPressKey features: For WordPress users looking to add custom maps to webpages. CartoDB is the easiest tool for adding maps to a WordPress site for users to share maps with their posts. More info.To read this article in full or to leave a comment, please click here

New products of the week 03.23.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.CartoDB WordPressKey features: For WordPress users looking to add custom maps to webpages. CartoDB is the easiest tool for adding maps to a WordPress site for users to share maps with their posts. More info.To read this article in full or to leave a comment, please click here

Cisco small business phones open to remote eavesdropping, calling

You don’t need to be the NSA to tap calls on Cisco’s SPA 300 and 500 IP phones: An authentication flaw allows potential attackers to do that by default.An unpatched vulnerability in the firmware of the SPA 300 and 500 series IP phones, typically used by small businesses, could allow eavesdropping on calls.“The vulnerability is due to improper authentication settings in the default configuration,” Cisco Systems said in a security advisory.Unauthenticated remote attackers could send crafted XML requests to affected devices in order to exploit the flaw and remotely listen to audio streams or make phone calls through them, the company warned.To read this article in full or to leave a comment, please click here

SElinux policy for icmp checks

Many issues reported with scanning subnets and updating host statuses are related to SElinux being enabled. So far the solution was to completely disable SElinux, but this was more workaround than anything else. Robert was kind enough to share SElinux policy that should be used with phpipam if SElinux is enabled on your server.

Basically it permits the opening of raw IP sockets for non-root users, that are required for executing ping command.

1) Create the file http_ping.tt and add the following to it:

module http_ping 1.0;

require {
type httpd_t;
class capability net_raw;
class rawip_socket { getopt create setopt write read };
}

#============= httpd_t ==============
allow httpd_t self:capability net_raw;
allow httpd_t self:rawip_socket { getopt create setopt write read };

2) Run the following commands (as root user):

checkmodule -M -m -o http_ping.mod http_ping.tt
semodule_package -o http_ping.pp -m http_ping.mod
semodule -i http_ping.pp

brm

You Must Understand the Fundamentals to Be Successful

I was speaking with a participant of an SDN event in Zurich after the presentations, and he made an interesting comment: whenever he experienced serious troubleshooting problems in his career, it was due to lack of understanding of networking fundamentals.

Let me give you a few examples: Do you know how ARP works? What is proxy ARP? How does TCP offload work and why is it useful? What is an Ethernet collision and when would you see one? Why do we need MLD in IPv6 neighbor discovery?

You must understand the fundamentals to be successful

I was speaking with a participant of the recent SDN event in Zurich after the presentations, and he made an interesting comment: whenever he experienced serious troubleshooting problems in his career, it was due to lack of understanding of networking fundamentals.

Netvisor Analytics: Secure the Network/Infrastructure

We recently heard President Obama declare cyber security as one of his top priorities and we saw in recent time major corporations suffer tremendously from breaches and attacks. The most notable one is the breach at Anthem. For those who are still unaware, Anthem is the umbrella company that runs Blue Shield and Blue Cross Insurance as well. The attackers had access to people details, social security, home addresses, and email address for a period of month. What was taken and extent of the damage is still guesswork because network is a black hole that needs extensive tools to figure out what is happening or what happened. This also means the my family is impacted and since we use Blue Shield at Pluribus Networks, every employee and their family is also impacted prompting me to write this blog and a open invitation to the Anthem people and the government to pay attention to the new architecture that makes network play a role similar to NSA in helping protect the infrastructure. It all starts with converting the network from a black hole to something we can measure and monitor. To make this meaningful, lets look at state of the art today Continue reading

Fake patient data could have been uploaded through SAP medical app

SAP has fixed two flaws in a mobile medical app, one of which could have allowed an attacker to upload fake patient data.The issues were found in SAP’s Electronic Medical Records (EMR) Unwired, which stores clinical data about patients including lab results and images, said Alexander Polyakov, CTO of ERPScan, a company based in Palo Alto, California, that specializes in enterprise application security.Researchers with ERPScan found a local SQL injection flaw that could allow other applications on a mobile device to get access to an EMR Unwired database. That’s not supposed to happen, as mobile applications are usually sandboxed to prevent other applications from accessing their data.To read this article in full or to leave a comment, please click here

Lab: iBGP and OSPF Traffic Engineering

Here's the scenario: An enterprise network with an MPLS core and two branch locations connected to their own Provider Edge (PE) router. In addition to the MPLS link, the PEs are also connected via a DMVPN tunnel. The PEs are peering via iBGP (of course) and are also OSPF neighbors on the DMVPN. Both Customer Edge (CE) routers at the branch are OSPF neighbors with their local PE.

Task: Use the high speed MPLS network as the primary path between the CE routers and only use the DMVPN network if the MPLS network becomes unavailable.

Question: Is the solution as simple as adjusting the Admin Distance (AD) so that the iBGP routes are more preferred?

SElinux policy for icmp checks