Using WireGuard on macOS

A short while ago I published a post on setting up WireGuard for AWS VPC access. In that post, I focused on the use of Linux on both the server side (on an EC2 instance in your AWS VPC) as well as on the client side (using the GNOME Network Manager interface). However, WireGuard is not limited to Linux, and I recently configured one of my macOS systems to take advantage of this WireGuard infrastructure for access to the private subnets in my AWS VPC. In this post, I’ll walk readers through configuring macOS to use WireGuard.

The first step is installing WireGuard on macOS. This is remarkably easy; just go to the App Store and install the WireGuard app for macOS. (Hopefully this link will take you directly there if you’re on a macOS-based system.)

Once the app is installed, the next step is to configure the WireGuard tunnels. I found this to be a bit confusing at first, but only because I wasn’t clear on the relationship between the WireGuard app and the Network pane in System Preferences. In this case, you need to use the WireGuard app to create the tunnels, which will show up as Continue reading

The Evolving WAN Part 2

On April 6 at 9 am PDT I’m moderating the second part of a discussion on the evolution of wide area networks. This time we’re going to focus on more of the future rather than the past, relying on our guests, Jeff Tantsura, Brooks Westbrook, and Nick Buraglio to answer questions about putting new WAN technologies to use, and how to choose between private and public wide area options.

Please register here.

The Hedge 77: The Internet is for End Users

When the interests of the end user, the operator, and the vendor come into conflict, who should protocol developers favor? According to RFC8890, the needs and desires of the end user should be the correct answer. According to the RFC:

As the Internet increasingly mediates essential functions in societies, it has unavoidably become profoundly political; it has helped people overthrow governments, revolutionize social orders, swing elections, control populations, collect data about individuals, and reveal secrets. It has created wealth for some individuals and companies while destroying that of others. All of this raises the question: For whom do we go through the pain of gathering rough consensus and writing running code?

Mark Nottingham joins Alvaro Retana and Russ White on this episode of the Hedge to discuss why the Internet is for end users.

download

Docker Installation on VyOS

Docker really makes it easier to create, deploy, and run applications by using containers, and containers allow a developer to package up an application with all of the parts it needs, such as libraries and other dependencies, and ship it all out as one package [1]. I would like to share the script vyos-docker-install.sh, which […]
Continue reading...

Compiling Containers – Dockerfiles, LLVM and BuildKit

Today we’re featuring a blog from Adam Gordon Bell at Earthly who writes about how BuildKit, a technology developed by Docker and the community, works and how to write a simple frontend. Earthly uses BuildKit in their product.

Introduction

How are containers made? Usually, from a series of statements like `RUN`, `FROM`, and `COPY`, which are put into a Dockerfile and built.  But how are those commands turned into a container image and then a running container?  We can build up an intuition for how this works by understanding the phases involved and creating a container image ourselves. We will create an image programmatically and then develop a trivial syntactic frontend and use it to build an image.

On `docker build`

We can create container images in several ways. We can use Buildpacks, we can use build tools like Bazel or sbt, but by far, the most common way images are built is using `docker build` with a Dockerfile.  The familiar base images Alpine, Ubuntu, and Debian are all created this way.     

Here is an example Dockerfile:

FROM alpine
COPY README.md README.md
RUN echo "standard docker build" > /built.txt"

We will be using Continue reading

ASIC Maker Innovium Announces SONiC-Certified Switches For The Cloud And Large Enterprises

Innovium, which makes ASICs to compete with Broadcom and others, is now offering a menu of switches with the SONiC network OS pre-installed. It's a clever opportunity for Innovium to boost its appeal in the whitebox/disaggregation market while also moving its own silicon.

The post ASIC Maker Innovium Announces SONiC-Certified Switches For The Cloud And Large Enterprises appeared first on Packet Pushers.

5G: mm-wave signals could power self-charging IoT devices

A 3D-printed antenna could turn high-frequency 5G signals into a wireless power source, potentially eliminating the need for batteries in low-power IoT devices, according to researchers at Georgia Tech. 5G resources What is 5G? Fast wireless technology for enterprises and phones How 5G frequency affects range and speed Private 5G can solve some problems that Wi-Fi can’t Private 5G keeps Whirlpool driverless vehicles rolling 5G can make for cost-effective private backhaul CBRS can bring private 5G to enterprises The antenna, which the researchers call a mm-wave harvester, is about the size of a playing card and has visible circuitry printed on it. It uses a technology called a Rotman lens as a waveguide to focus multiple beams of millimeter-wave electromagnetic radiation used in 5G into a coherent whole.To read this article in full, please click here

Researchers show that quantum computers can reason

Quantum computers can learn to reason, even when burdened with uncertainty and incomplete data, concludes a team of scientists from U.K.-based quantum software developer Cambridge Quantum Computing (CQC).This ability is similar to intuitive human reasoning, which allows people to draw conclusions and make decisions despite a lack of comprehensive information. CQC’s research confirms a belief among many scientists that quantum computers have a natural propensity for reasoning.[Get regularly scheduled insights by signing up for Network World newsletters.] In a paper published on the open-access scholarly archive arXiv, CQC scientists detail how they developed methods that demonstrated how quantum machines can learn to infer hidden information from general probabilistic reasoning models. If replicable, these methods could improve a broad range of applications for quantum computing, including medical diagnoses, fault-detection in mission-critical machines, and financial forecasting for investment management.To read this article in full, please click here

Researchers show that quantum computers can reason

Quantum computers can learn to reason, even when burdened with uncertainty and incomplete data, concludes a team of scientists from U.K.-based quantum software developer Cambridge Quantum Computing (CQC).This ability is similar to intuitive human reasoning, which allows people to draw conclusions and make decisions despite a lack of comprehensive information. CQC’s research confirms a belief among many scientists that quantum computers have a natural propensity for reasoning.[Get regularly scheduled insights by signing up for Network World newsletters.] In a paper published on the open-access scholarly archive arXiv, CQC scientists detail how they developed methods that demonstrated how quantum machines can learn to infer hidden information from general probabilistic reasoning models. If replicable, these methods could improve a broad range of applications for quantum computing, including medical diagnoses, fault-detection in mission-critical machines, and financial forecasting for investment management.To read this article in full, please click here

Planning the Extended Coffee Break: Three Months Later

It’s almost exactly three months since I announced ipSpace.net going on an extended coffee break. We had some ideas of what we plan to do at that time, but there were still many gray areas, and thanks to tons of discussions I had with many of my friends, subscribers, and readers, they mostly crystallized into this:

You’re trusting me to deliver. We added a “you might want to read this first” warning to the checkout process, and there was no noticeable drop in revenue. Thanks a million for your vote of confidence!

Read more …

Planning the Extended Coffee Break: Three Months Later

It’s almost exactly three months since I announced ipSpace.net going on an extended coffee break. We had some ideas of what we plan to do at that time, but there were still many gray areas, and thanks to tons of discussions I had with many of my friends, subscribers, and readers, they mostly crystallized into this:

You’re trusting me to deliver. We added a “you might want to read this first” warning to the checkout process, and there was no noticeable drop in revenue. Thanks a million for your vote of confidence!

Read more …

TeamTNT: Latest TTPs targeting Kubernetes

In April 2020, MalwareHunterTeam found a number of suspicious files in an open directory and posted about them in a series of tweets. Trend Micro later confirmed that these files were part of the first cryptojacking malware by TeamTNT, a cybercrime group that specializes in attacking the cloud—typically using a malicious Docker image—and has proven itself to be both resourceful and creative.

Since this first attack, TeamTNT has continuously evolved its tactics and added capabilities to expand and capture more available cloud attack surfaces. They started with targeting exposed Docker instances and quickly added support for different C2 mechanisms, encryption, DDoS, evasion, persistence and more. Now, their latest variant is targeting the most popular container orchestrator, Kubernetes. Let’s take a closer look.

Evolving Tactics, Techniques and Procedures (TTPs)

TeamTNT’s initial attack targeted an exposed, unprotected Docker API on the internet in order to run an Alpine Linux container. Once the container started running on the unprotected Docker API, a series of scripts were downloaded to facilitate the installation of a Monero cryptominer (to carry out scanning and cleaning activities). A notable script used in the attack was <clean.sh>, which removed a bit of technically advanced Kinsing malware. Kinsing is Continue reading

1 758 759 760 761 762 3,841