0

Sponsored Post: 3T, Bridgecrew, Toptal, IP2Location, Ipdata, StackHawk, InterviewCamp.io, Educative, Triplebyte, Stream, Fauna

Who's Hiring? 

• Looking to rapidly hire Top Software Developers? Get Started with Toptal. Toptal will match you with top-quality, pre-screened freelance software developers that meet your project requirements. All in under 48 hours. Get started right away with a no risk trial.


• InterviewCamp.io has hours of system design content. They also do live system design discussions every week. They break down interview prep into fundamental building blocks. Try out their platform.


• Triplebyte lets exceptional software engineers skip screening steps at hundreds of top tech companies like Apple, Dropbox, Mixpanel, and Instacart. Make your job search O(1), not O(n). Apply here.


• Need excellent people? Advertise your job here! 

Cool Products and Services

• Discover the MongoDB data masking tool in Studio 3T Enterprise. Enable data compliance and bolster security with powerful field-level data obfuscation. Try for free!


• Bridgecrew is the cloud security platform for developers. By leveraging automation and delivering security-as-code, Bridgecrew empowers teams to find, fix, and prevent misconfigurations in deployed cloud resources and in infrastructure as code. Get started for free!


• IP2Location is IP address geolocation service provider since 2002. The geolocation database or API detects location, proxy and other >20 parameters. Continue reading

0

On Using the Right Word

A while back, I was sitting in a meeting where the presenter described switching from a “traditional, hierarchical data center fabric” to a spine-and-leaf (while drawing CLOS, in all capital letters, on the whiteboard). He pointed out that the spine-and-leaf design is simpler because it only has two tiers rather than three.

There is so much wrong with this I almost winced in physical pain. Traditional hierarchical designs are not fabrics. Spine-and-leaf fabrics are not CLOS, but Clos, fabrics. Clos fabrics have three stages, not two—even if we draw them “folded” so you only see two apparent levels to the fabric. In fact, all spine-and-leaf fabrics always have an odd number of stages, and they are stages, not tiers.

More recently, I heard someone talking about an operating system that was built using microservices. I thought—“that would be at neat trick.” To build something with microservices does not just mean a piece of software using modules—this would be modular application (or operating system) design. Microservices architectures break the application up into the most basic components possible and then scale each kind of component out (rather than up) by spinning new copies of each service as needed. I cannot imagine Continue reading

0

Not the Encryption Apocalypse…Yet

“This destroys the RSA cryptosystem.”

That is the last sentence in the abstract of a new, preliminary, dense mathematical paper published by renowned mathematician Claus Peter Schnorr. If this turns out to be true, it will mean bad news for anybody who relies on the underpinnings of encryption – which is everyone!

The paper, posted as a pre-print, meaning it is a draft paper that must undergo academic peer review, claims it has found an algorithm that significantly speeds up a particular kind of mathematical problem called factorization. Factorization is the process of finding two numbers that, when multiplied together, provide the given number. For example, calculating 23 x 29 is easy. (Try it yourself.) But factorizing 437 – finding the two numbers that multiply together to make 437 – will take anybody a bit of time. (It’s 19 x 23 by the way.)

Schnorr claims that he has found a way to significantly speed up the calculation needed to perform factorization – a claim that is currently widely disputed. Supposedly, his method will factor a number with roughly 260 digits about ten trillion times faster than previous methods.

Does Math Matter?

Factorization is the mathematical puzzle Continue reading

0

Network Break 323: Google To Swap 3rd-Party Cookies For Cohorts; Attackers Exploit On-Prem Exchange

This week's Network Break checks the fine print on a Google pledge to phase out third-party cookie tracking, examines a serious attack against Microsoft Exchange servers, dives into HPE's latest financial results, and analyzes more tech news.

0

Network Break 323: Google To Swap 3rd-Party Cookies For Cohorts; Attackers Exploit On-Prem Exchange

This week's Network Break checks the fine print on a Google pledge to phase out third-party cookie tracking, examines a serious attack against Microsoft Exchange servers, dives into HPE's latest financial results, and analyzes more tech news.

The post Network Break 323: Google To Swap 3rd-Party Cookies For Cohorts; Attackers Exploit On-Prem Exchange appeared first on Packet Pushers.

0

The Week in Internet News: Lawmakers Point to ‘Extremist’ Content on YouTube

Extreme video: A group of Democratic lawmakers in the U.S. has demanded that YouTube explain its policies related to dealing with extremist content, Yahoo News reports. “Incendiary content that indoctrinates, radicalizes, and mobilizes extremists continues to flourish” on YouTube, the lawmakers wrote.

Blaming encryption: Meanwhile, a new government report on possible extremist attacks on the U.S. Capitol says information on future plans are becoming harder to find because militia groups have shifted to encryption tools, Axios reports. U.S. law enforcement authorities appear to be trying to resurrect their calls for encryption backdoors even as extremist groups post information on public websites like YouTube.

Blaming the website: The U.S. isn’t the only government looking to hold websites more responsible for user-generated content. India’s information technology ministry has finalized a set of rules intended to make online service providers more accountable for their users’ bad behavior, Brookings.edu notes. The Brookings blog post suggests that this effort, mirrored by a similar debate in the U.S., will be a grave threat to free speech and privacy rights.

Clamping down: Meanwhile basic rights in 10 African countries are threatened by a trend toward digital authoritarianism, according to a Continue reading

0

The benefits of serving stale DNS entries when using Consul

Introduction

We use Consul for service discovery, and we’ve deployed a cluster that spans several of our data centers. This cluster exposes HTTP and DNS interfaces so that clients can query the Consul catalog and search for a particular service and the majority of the clients use DNS. We were aware from the start that the DNS query latencies were not great from certain parts of the world that were furthest away from these data centers. This, together with the fact that we use DNS over TLS, results in some long latencies. The TTL of these names being low makes it even more impractical when resolving these names in the hot path.

The usual way to solve these issues is by caching values so that at least subsequent requests are resolved quickly, and this is exactly what our resolver of choice, Unbound, is configured to do. The problem remains when the cache expires. When it expires, the next client will have to wait while Unbound resolves the name using the network. To have a low recovery time in case some service needs to failover and clients need to use another address we use a small TTL (30 seconds) Continue reading

0

VoIP Packet Fight: Troubleshooting Phone Initialization Problems

Using a Profitap/ProfiShark tap to understand why VoIP phones got stuck on initializing, we could find a workaround to get things up and running.

0

Happy International Women’s Day!

Here at Cloudflare, we’re thrilled to celebrate International Women’s Day today! We have tons of events planned throughout the month of March, which is our way of honoring Women’s Empowerment Month. We’ll be making sure we acknowledge women’s achievements, raise awareness about women’s equality, and lobby for accelerated gender parity — Cloudflare style.

We take the International Women’s Day initiatives and its calls to action seriously. Then again, how could we not? The latest 2020 Global Gender Gap Report from the World Economic Forum indicates that it’ll take another 257 years to close the gender gap, if we continue at our current pace of progress. It’s going to take all of us to make a positive impact and accelerate the reality of a gender equal world.

Introducing Womenflare

Before we dive further into how we’re planning to celebrate International Women’s Day and Women’s Empowerment Month, we’d like to introduce ourselves. We’re Womenflare — Cloudflare’s Employee Resource Group (ERG) for all who identify as and advocate for women (Talea and Angela are the global Womenflare leads and John is the Womenflare executive advocate). We launched Womenflare on International Women’s Day in 2020, and it was one of the last things we Continue reading

0

Pure Storage, Equinix team for new bare-metal offerings

Flash-array vendor Pure Storage and data-center provider Equinix have teamed to deliver Pure Storage on Equinix Metal, a joint offering the companies claim can deliver physical infrastructure at software speed.The platform provides enterprises with embedded storage and on-demand availability of network and compute services, typical of the cloud. The solution is designed to support a range of storage use cases and is provided by both vendors under a single contract.To read this article in full, please click here

0

Pure Storage, Equinix team for new bare-metal offerings

Flash-array vendor Pure Storage and data-center provider Equinix have teamed to deliver Pure Storage on Equinix Metal, a joint offering the companies claim can deliver physical infrastructure at software speed.The platform provides enterprises with embedded storage and on-demand availability of network and compute services, typical of the cloud. The solution is designed to support a range of storage use cases and is provided by both vendors under a single contract.To read this article in full, please click here

0

Cybersecurity in 2021: Stopping the madness

The challenges are greater than ever. But security pros have learned a lot – and with luck, the right strategic defenses can help even the highest-value targets withstand severe attacks.

0

WAN challenges steer auto-rental firm to SASE

Latency and reliability concerns set car rental company Sixt on a path to rearchitect its WAN. That led the global company, which has locations in more than 100 countries, to become an early adopter of the network-security architecture dubbed secure access service edge (SASE) by research firm Gartner. Tech Spotlight: Security 4 ways to keep the cybersecurity conversation going after the crisis (CSO) Mitigating the hidden risks of digital transformation (CIO) WFH security lessons from the pandemic (Computerworld) WAN challenges steer Sixt to cloud-native SASE deployment (Network World) 6 security risks in software development — and how to address them (InfoWorld) SASE, pronounced "sassy," blends SD-WAN's network optimization features with security capabilities such as zero-trust authentication, data loss prevention, threat detection, and encryption. Driven by demand for a more efficient, scalable network-security architecture, SASE can enable greater network reliability, more flexible deployment options, and pervasive security. The technology is in its infancy but projected to grow quickly. Gartner estimates at least 40% of enterprises will have explicit strategies to adopt SASE by 2024, up from less than 1% at the end of 2018.To read this article in full, please click here

0

Cybersecurity in 2021: Stopping the madness

The challenges are greater than ever. But security pros have learned a lot – and with luck, the right strategic defenses can help even the highest-value targets withstand severe attacks.

0

WAN challenges steer auto-rental firm to SASE

Latency and reliability concerns set car rental company Sixt on a path to rearchitect its WAN. That led the global company, which has locations in more than 100 countries, to become an early adopter of the network-security architecture dubbed secure access service edge (SASE) by research firm Gartner. Tech Spotlight: Security 4 ways to keep the cybersecurity conversation going after the crisis (CSO) Mitigating the hidden risks of digital transformation (CIO) WFH security lessons from the pandemic (Computerworld) WAN challenges steer Sixt to cloud-native SASE deployment (Network World) 6 security risks in software development — and how to address them (InfoWorld) SASE, pronounced "sassy," blends SD-WAN's network optimization features with security capabilities such as zero-trust authentication, data loss prevention, threat detection, and encryption. Driven by demand for a more efficient, scalable network-security architecture, SASE can enable greater network reliability, more flexible deployment options, and pervasive security. The technology is in its infancy but projected to grow quickly. Gartner estimates at least 40% of enterprises will have explicit strategies to adopt SASE by 2024, up from less than 1% at the end of 2018.To read this article in full, please click here

0

Aruba chief: Enterprises must adjust to new normal of remote working

When HPE bought Aruba in 2015, Aruba’s then-president and CEO Dominic Orr said that his company had effectively acquired HP Networking. Aruba’s performance since then has largely borne out Orr’s bullish prediction, as the company has become the driving force behind HPE’s enterprise networking efforts and dramatically grown its market share, expanding beyond its roots as a primarily mid-sized campus networking provider to become a leading competitor to the market’s 800-pound gorilla, Cisco.With HPE’s most recent earnings reports showing the Aruba division having posted $806 million in revenues for the first fiscal quarter of 2021, up 12% year-over-year, Keerti Melkote, president and founder of Aruba, sat down with Network World to talk about network architecture, competing technologies and more.To read this article in full, please click here

0

Implementing Layer-2 Networks in a Public Cloud

A few weeks ago I got an excited tweet from someone working at Oracle Cloud Infrastructure: they launched full-blown layer-2 virtual networks in their public cloud to support customers migrating existing enterprise spaghetti mess into the cloud.

Let’s skip the usual does everyone using the applications now have to pay for Oracle licenses and I wonder what the lock in might be when I migrate my workloads into an Oracle cloud jokes and focus on the technical aspects of what they claim they implemented. Here’s my immediate reaction (limited to the usual 280 characters, because that’s the absolute upper limit of consumable content these days):

0

Implementing Layer-2 Networks in a Public Cloud

A few weeks ago I got an excited tweet from someone working at Oracle Cloud Infrastructure: they launched full-blown layer-2 virtual networks in their public cloud to support customers migrating existing enterprise spaghetti mess into the cloud.

Let’s skip the usual does everyone using the applications now have to pay for Oracle licenses and I wonder what the lock in might be when I migrate my workloads into an Oracle cloud jokes and focus on the technical aspects of what they claim they implemented. Here’s my immediate reaction (limited to the usual 280 characters, because that’s the absolute upper limit of consumable content these days):

0

Getting Started with eBPF and Go

eBPF has a thriving ecosystem with a plethora of educational resources both on the subject of eBPF itself and its various application, including XDP. Where it becomes confusing is when it comes to the choice of libraries and tools to interact with and orchestrate eBPF. Here you have to select between a Python-based BCC framework, C-based libbpf and a range of Go-based libraries from Dropbox, Cilium, Aqua and Calico. Another important area that is often overlooked is the “productionisation” of the eBPF code, i.e. going from manually instrumented examples towards production-grade applications like Cilium. In this post, I’ll document some of my findings in this space, specifically in the context of writing a network (XDP) application with a userspace controller written in Go.

Choosing an eBPF library

In most cases, an eBPF library is there to help you achieve two things:

• Load eBPF programs and maps into the kernel and perform relocations, associating an eBPF program with the correct map via its file descriptor.
• Interact with eBPF maps, allowing all the standard CRUD operations on the key/value pairs stored in those maps.

Some libraries may also help you attach your eBPF program to a specific Continue reading

0

Developing NetBox Plugin – Part 5 – Permissions and API