0

Weekend Reads 042321

The average software application depends on more than 500 open source libraries and components, up 77% from 298 dependencies in two years, highlighting the difficulty of tracking the vulnerabilities in every software component, according to a new report from software management firm Synopsys.

Ambient computing is a broad term that describes an environment of smart devices, data, A.I. decisions, and human activity that enables computer actions alongside everyday life, without the need for direct human commands or intervention.

The emergence of new protocols such as DNS-over HTTPS (DoH) has resulted in some browsers changing security critical behaviour without explaining the implications to users.

In early March 2021, a hacker group publicly exposed the username and password of an administrative account of a security camera vendor. The credentials enabled them to access 150,000 commercial security systems and, potentially, set up subsequent attacks on other critical equipment.

Security automation for posture assessment has been difficult to achieve even though many standards-based and proprietary solutions have been developed. The primary problem is the complexity of solutions requiring customisation by each enterprise.

In this study, we investigate DoT using 3.2k RIPE Atlas home probes deployed across more than 125 countries in July Continue reading

0

Worth Reading: The Insider’s Guide To Evangelizing Good Design

Scott Berkun wrote another great article that’s equally applicable to the traditional notion of design (his specialty) and the network design. Read it, replace design with network design, and use its lessons. Here’s just a sample:

• Convincing people is a social process
• Aim for small wins, not conversions of belief systems
• Allies matter more than ideas
• Design maturity grows one step at a time.

0

Worth Reading: The Insider’s Guide To Evangelizing Good Design

Scott Berkun wrote another great article that’s equally applicable to the traditional notion of design (his specialty) and the network design. Read it, replace design with network design, and use its lessons. Here’s just a sample:

• Convincing people is a social process
• Aim for small wins, not conversions of belief systems
• Allies matter more than ideas
• Design maturity grows one step at a time.

0

Organizations need to patch Pulse Secure VPNs

Organizations using Pulse Secure’s mobile VPN should patch vulnerabilities reportedly being exploited in the wild, possibly by a “Chinese espionage actor”.The patch–available here–is considered important enough that the Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies a deadline of April 23 to apply them.Backup lessons from a cloud-storage disaster CISA’s guidance states that federal users of Pulse Connect Secure VPNs must use the company’s free utility to ascertain whether their devices are vulnerable.To read this article in full, please click here

0

Organizations need to patch Pulse Secure VPNs

Organizations using Pulse Secure’s mobile VPN should patch vulnerabilities reportedly being exploited in the wild, possibly by a “Chinese espionage actor”.The patch–available here–is considered important enough that the Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies a deadline of April 23 to apply them.Backup lessons from a cloud-storage disaster CISA’s guidance states that federal users of Pulse Connect Secure VPNs must use the company’s free utility to ascertain whether their devices are vulnerable.To read this article in full, please click here

0

The Future of Ransomware Attacks on Cloud Services

A combination of best practices can help you significantly reduce the impact of a ransomware attack on your organization.

0

The Intel Datacenter Party Starts Feeling The Hangover

All good parties come to an end, and the one that Intel has enjoyed for an unbelievable dozen years, starting with the rollout of the “Nehalem” Xeon E5500 processors back in March 2009, is over. …

The Intel Datacenter Party Starts Feeling The Hangover was written by Timothy Prickett Morgan at The Next Platform.

0

Heavy Networking 574: Get HIP With Zero Trust And Tempered Networks (Sponsored)

Today's Heavy Networking podcast, sponsored by Tempered Networks, dives into how Tempered builds a software-defined perimeter with native zero trust, leveraging the Host Identity Protocol (HIP), Tempered's Airwall software, cryptographic identities, and secure overlays. Our guests from Tempered are Jeff Hussey, Founder and CEO; and Bryan Skene, CTO.

0

Heavy Networking 574: Get HIP With Zero Trust And Tempered Networks (Sponsored)

Today's Heavy Networking podcast, sponsored by Tempered Networks, dives into how Tempered builds a software-defined perimeter with native zero trust, leveraging the Host Identity Protocol (HIP), Tempered's Airwall software, cryptographic identities, and secure overlays. Our guests from Tempered are Jeff Hussey, Founder and CEO; and Bryan Skene, CTO.

The post Heavy Networking 574: Get HIP With Zero Trust And Tempered Networks (Sponsored) appeared first on Packet Pushers.

0

In the Dominican Republic IX.DO Begins Silent Production, with Several Committed Members

The Dominican Republic’s new Internet Exchange Point (IXP) already has 24 members, three of which began exchanging traffic in November 2020. Another four will start this quarter – including the largest operators in the country. The IX.DO was born after frustrated attempts. A government-led initiative in 2007 never became operational and the data center NAP […]

The post In the Dominican Republic IX.DO Begins Silent Production, with Several Committed Members appeared first on Internet Society.

0

Racing On the Edge of Burnout

Exhibit A:

It’s been a year and more and I think a lot of us are on the ragged edge of burning out completely. Those that think they are superhuman and can just keep grinding away at things without acknowledging what’s going on are kidding themselves. I know I’m feeling it too even though I have a pretty decent handle on what’s going on. Let’s explore some of the ways it’s impacting us and what should be done, if anything can even be done.

Creativity Black Hole

I don’t feel like doing anything remotely creative right now. The cooking will get finished. The dishes will be done. The things in my floor will be picked up and put away. But beyond that? Good. Luck. I’m not feeling any kind of drive to do anything beyond that.

Remember when everyone was picking up quarantine skills? Baking, cooking, knitting, crocheting, home improvement, or even an instrument? Those were fun days filled with massive uncertainty and a need to distract ourselves from what might be coming next. However, those skill pickups are things that need Continue reading

0

Understanding Various Approaches to Data Center Network Automation

In the last blog I provided a review of data center network virtualization approaches with a focus on the pros...

The post Understanding Various Approaches to Data Center Network Automation appeared first on Pluribus Networks.

0

Data-center outages: Causes are changing, report says

A new survey by the Uptime Institute found that power issues are becoming less of a problem for data center operators, but networking and software issues are emerging as an increasingly bigger problem.The Uptime Institute's third Annual Outage Analysis notes that while improvements have been made with technology and availability, outages remain a major industry, customer, and regulatory concern. The report also shows that the overall impact and direct and indirect cost of outages continue to grow. When asked about their most recent significant outage, more than half of respondents reported an outage in the past three years and estimated its cost at more than $100,000; among those respondents, almost one-third reported costs of $1 million or above.To read this article in full, please click here

0

Backup lessons from a cloud-storage disaster

The largest cloud provider based in Europe, OVHcloud, suffered a catastrophic fire last month that destroyed one of its data centers and smoke-damaged a neighboring one. OVHcloud customers with data in the burned-out data cener who had their own disaster recovery measures in place or who purchased the off-site backup and disaster-recovery services offered by OVHcloud have been able to resume operations. Those who did not lost data that will never come back.Some losses were complete, such as those described on Twitter by rounq.com who is still waiting for backups and redundancy that he thought were already in place, according to his tweets. Companies that had some type of off-site backup seemed to be up and running again, such as Centre PompidouTo read this article in full, please click here

0

Data-center outages: Causes are changing, report says

A new survey by the Uptime Institute found that power issues are becoming less of a problem for data center operators, but networking and software issues are emerging as an increasingly bigger problem.The Uptime Institute's third Annual Outage Analysis notes that while improvements have been made with technology and availability, outages remain a major industry, customer, and regulatory concern. The report also shows that the overall impact and direct and indirect cost of outages continue to grow. When asked about their most recent significant outage, more than half of respondents reported an outage in the past three years and estimated its cost at more than $100,000; among those respondents, almost one-third reported costs of $1 million or above.To read this article in full, please click here

0

Backup lessons from a cloud-storage disaster

The largest cloud provider based in Europe, OVHcloud, suffered a catastrophic fire last month that destroyed one of its data centers and smoke-damaged a neighboring one. OVHcloud customers with data in the burned-out data cener who had their own disaster recovery measures in place or who purchased the off-site backup and disaster-recovery services offered by OVHcloud have been able to resume operations. Those who did not lost data that will never come back.Some losses were complete, such as those described on Twitter by rounq.com who is still waiting for backups and redundancy that he thought were already in place, according to his tweets. Companies that had some type of off-site backup seemed to be up and running again, such as Centre PompidouTo read this article in full, please click here

0

How to use the cat command: 2-Minute Linux Tips

In this Linux tip, learn how to use the cat command. It's one of the most basic Linux commands, though it's used for two very different operations and not everyone is likely familiar with the second.

0

Interview: What New Technologies Should You Aim to Master?

In the last part of my chat with David Bombal we discussed interesting technologies networking engineers could focus on if they want to grow beyond pure packet switching (and voice calls, if you happen to believe VoIP is not just an application). We mentioned public clouds, automation, Linux networking, tools like Git, and for whatever reason concluded with some of my biggest blunders.

0

Interview: What New Technologies Should You Aim to Master?

In the last part of my chat with David Bombal we discussed interesting technologies networking engineers could focus on if they want to grow beyond pure packet switching (and voice calls, if you happen to believe VoIP is not just an application). We mentioned public clouds, automation, Linux networking, tools like Git, and for whatever reason concluded with some of my biggest blunders.

0

IPv6 Fragmentation Loss

In this report I would like to revisit this measurement of packet drop for IPv6 Fragmented packets and see if the picture has changed over the intervening four years since we last measured this behaviour.