0

Getting Blasted by Backdoors

I wanted to take minute to talk about a story I’ve been following that’s had some new developments this week. You may have seen an article talking about a backdoor in Juniper equipment that caused some issues. The issue at hand is complicated at the linked article does a good job of explaining some of the nuance. Here’s the short version:

• The NSA develops a version of Dual EC random number generation that includes a pretty substantial flaw.
• That flaw? If you know the pseudorandom value used to start the process you can figure out the values, which means you can decrypt any traffic that uses the algorithm.
• NIST proposes the use of Dual EC and makes it a requirement for vendors to be included on future work. Don’t support this one? You don’t get to even be considered.
• Vendors adopt the standard per the requirement but don’t make it the default for some pretty obvious reasons.
• Netscreen, a part of Juniper, does use Dual EC as part of their default setup.
• The Chinese APT 5 hacking group figures out the vulnerability and breaks into Juniper to add code to Netscreen’s OS.
• They Continue reading

0

Weekend Reads 090321

In our professional practice, we are often called to perform rapid, approximate calculations without a calculator. Any available scrap of paper such as an envelope will do to scribble on.

The wireless carrier initially confirmed 47.8 million former, prospective and existing customers were impacted, but found the data of an additional 5.3 million customers was compromised.

A recent measurement study suggests that BBR is already being deployed by 22% of the Alexa Top 20k websites on the Internet.

Zero trust improves the security of IT environments as demonstrated over time by reduced attacker dwell time. The challenge many people face is understanding where to begin.

In recent months, we’ve been sharing information collected by APNIC honeypots with our community at several conferences, seminars, and workshops. ‘Information’ here basically means observations from the logs/traffic, as well as artefacts collected (such as scripts and binaries).

The Internet plays a crucial role in our increasingly digital daily lives. But who shapes and governs the patchwork that enables this essential utility? And how do their actions bear on the rights and interests of users all over the world?

We are facing the same paradox with respect to privacy and influence on the Continue reading

0

Black Friday Downtime: How to Avoid Impacts on Your Business

Hannah Culver Hannah is a solutions marketer at PagerDuty interested in how real-time urgent work plays out across all industries in this digital era. It’s a brisk Friday morning in November. You’re sipping your coffee and mentally preparing yourself for the day that’ll define your fiscal year. How will you fare this Black Friday? Are your teams prepared? We’ve all heard the 2020 Holiday Shopping Season Report, “The online holiday season exceeded $188B resulting in a strong growth rate of 32% over the 2019 season.” This trend didn’t start with COVID-19, however. A

0

Data Reduction is the Next IT Frontier

“Ingest it all, keep everything, find that needle in the haystack,” they exclaimed. …

Data Reduction is the Next IT Frontier was written by Nicole Hemsoth at The Next Platform.

0

Heavy Networking 596: Weaponizing Firewalls And Middleboxes For DDoS Attacks

Today's Heavy Networking podcast dives into academic research on DDoS attack techniques. Our guests have published a paper about how the TCP protocol and middleboxes such as firewalls can be weaponized by bad actors and used in reflective amplification attacks. We discuss technical details, how they performed this research, potential countermeasures, and more.

0

Heavy Networking 596: Weaponizing Firewalls And Middleboxes For DDoS Attacks

Today's Heavy Networking podcast dives into academic research on DDoS attack techniques. Our guests have published a paper about how the TCP protocol and middleboxes such as firewalls can be weaponized by bad actors and used in reflective amplification attacks. We discuss technical details, how they performed this research, potential countermeasures, and more.

The post Heavy Networking 596: Weaponizing Firewalls And Middleboxes For DDoS Attacks appeared first on Packet Pushers.

0

The Venerable Tenacity Of System Supplier HPE

Enterprises large and small that depend on Hewlett Packard Enterprise to build their systems and certify them for an absolutely enormous amount of software and support them during a long life in the field should send Thank You notes to the venerable systems maker. …

The Venerable Tenacity Of System Supplier HPE was written by Timothy Prickett Morgan at The Next Platform.

0

Video: Introduction to Network Addressing

A friend of mine pointed out this quote by John Shoch when I started preparing the Network Stack Addressing slide deck for my How Networks Really Work webinar:

The name of a resource indicates what we seek, an address indicates where it is, and a route tells us how to get there.

You might wonder when that document was written… it’s from January 1978. They got it absolutely right 42 years ago, and we completely messed it up in the meantime with the crazy ideas of making IP addresses resource identifiers.

0

Video: Introduction to Network Addressing

A friend of mine pointed out this quote by John Shoch when I started preparing the Network Stack Addressing slide deck for my How Networks Really Work webinar:

The name of a resource indicates what we seek, an address indicates where it is, and a route tells us how to get there.

You might wonder when that document was written… it’s from January 1978. They got it absolutely right 42 years ago, and we completely messed it up in the meantime with the crazy ideas of making IP addresses resource identifiers.

0

If Hyperconverged Storage Is So Good, Why Is It Not Pervasive And Profitable?

Ever since Nutanix, the first virtualized server-storage smashup, dropped out of stealth in 2011, we have been watching with great interest to see if this hyperconverged infrastructure would take the world by storm. …

If Hyperconverged Storage Is So Good, Why Is It Not Pervasive And Profitable? was written by Timothy Prickett Morgan at The Next Platform.

0

Exploring the Future of Enterprise Desktop Management

New desktop-as-a-service platforms like Windows 365 provide a glimpse into the future of enterprise desktop management.

0

Ventana Sees Window for Robust RISC-V Server Business

The field is littered with the remnants of Arm and RISC-V server startups. …

Ventana Sees Window for Robust RISC-V Server Business was written by Nicole Hemsoth at The Next Platform.

0

HS010 Budgeting for Cybersecurity

When it comes to allocating budget for cybersecurity there are many approaches to breaking it down into line items. We discuss various ideas and possibilities that might offer some insight for your own situation.

0

HS010 Budgeting for Cybersecurity

When it comes to allocating budget for cybersecurity there are many approaches to breaking it down into line items. We discuss various ideas and possibilities that might offer some insight for your own situation.

The post HS010 Budgeting for Cybersecurity appeared first on Packet Pushers.

0

Quick Tunnels: Anytime, Anywhere

My name is Rishabh Bector, and this summer, I worked as a software engineering intern on the Cloudflare Tunnel team. One of the things I built was quick Tunnels and before departing for the summer, I wanted to write a blog post on how I developed this feature.

Over the years, our engineering team has worked hard to continually improve the underlying architecture through which we serve our Tunnels. However, the core use case has stayed largely the same. Users can implement Tunnel to establish an encrypted connection between their origin server and Cloudflare’s edge.

This connection is initiated by installing a lightweight daemon on your origin, to serve your traffic to the Internet without the need to poke holes in your firewall or create intricate access control lists. Though we’ve always centered around the idea of being a connector to Cloudflare, we’ve also made many enhancements behind the scenes to the way in which our connector operates.

Typically, users run into a few speed bumps before being able to use Cloudflare Tunnel. Before they can create or route a tunnel, users need to authenticate their unique token against a zone on their account. This means in order to simply Continue reading

0

Western Digital announces a hybrid hard drive

Western Digital has announced a new disk drive architecture that combines flash memory with high-density hard-disk drives plus a small CPU to manage everything.If this sounds familiar, it is. Several years ago there was an effort by WD and other hard-disk drive (HDD) makers to build hybrid hard drives, with small flash drives acting as a cache for the hard disk, but those efforts failed, said Ravi Pendekanti, senior vice president of HDD product management and marketing at WD.Now see how AI can boost data-center availability and efficiency “There was a huge pitfall in those [drives],” he told me. The drives didn’t know what kind of data they had, so they didn’t know that hot data was frequently accessed and should be written on to the flash drive, while warm or cold that wasn’t accessed as much should be written to the disk.To read this article in full, please click here

0

Western Digital announces a hybrid hard drive

Western Digital has announced a new disk drive architecture that combines flash memory with high-density hard-disk drives plus a small CPU to manage everything.If this sounds familiar, it is. Several years ago there was an effort by WD and other hard-disk drive (HDD) makers to build hybrid hard drives, with small flash drives acting as a cache for the hard disk, but those efforts failed, said Ravi Pendekanti, senior vice president of HDD product management and marketing at WD.Now see how AI can boost data-center availability and efficiency “There was a huge pitfall in those [drives],” he told me. The drives didn’t know what kind of data they had, so they didn’t know that hot data was frequently accessed and should be written on to the flash drive, while warm or cold that wasn’t accessed as much should be written to the disk.To read this article in full, please click here

0

Are Tesla’s Dojo supercomputer claims valid?

Self-driving cars must possess the ability to recognize road conditions, make decisions and take appropriate action, all in real time. This requires on-board artificial intelligence (AI) that ensures vehicles are able to “learn,” along with super-fast processing power.Tesla unveiled a custom AI chip back in 2019 and soon began manufacturing cars with it. Now Tesla has unveiled a second internally designed semiconductor to power the company’s Dojo supercomputer.Chip shortage will hit hardware buyers for months to years The D1, according to Tesla, features 362teraFLOPS of processing power. This means it can perform 362 trillion floating-point operations per second (FLOPS), Tesla says.To read this article in full, please click here

0

Are Tesla’s Dojo supercomputer claims valid?

Self-driving cars must possess the ability to recognize road conditions, make decisions and take appropriate action, all in real time. This requires on-board artificial intelligence (AI) that ensures vehicles are able to “learn,” along with super-fast processing power.Tesla unveiled a custom AI chip back in 2019 and soon began manufacturing cars with it. Now Tesla has unveiled a second internally designed semiconductor to power the company’s Dojo supercomputer.Chip shortage will hit hardware buyers for months to years The D1, according to Tesla, features 362teraFLOPS of processing power. This means it can perform 362 trillion floating-point operations per second (FLOPS), Tesla says.To read this article in full, please click here

0

Using the Linux set command

The Linux set command allows you to change the value of shell options or to display the names and values of shell variables. Rarely used, it is a bash builtin, but is quite a bit more complicated than most builtins.If you use the command without any arguments, you will get a list of all the settings—the names and values of all shell variables and functions. Watch out though! You’ll end up with a torrent of output flowing down your screen. There are just short of 3,000 lines of output on my Fedora system:$ set | wc -l 2954 The top of the list looks like what you see below, but the output gets considerably more complicated as you move through it.To read this article in full, please click here