0

Data Privacy Day 2021 – Looking ahead at the always on, always secure, always private Internet

Welcome to Data Privacy Day 2021! Last year at this time, I was writing about how Cloudflare builds privacy into everything we do, with little idea about how dramatically the world was going to change. The tragedy of the COVID-19 pandemic has reshaped the way we go about our daily lives. Our dependence on the Internet grew exponentially in 2020 as we started working from home, attending school from home, and participating in online weddings, concerts, parties, and more. So as we begin this new year, it’s impossible to think about data privacy in 2021 without thinking about how an always-on, always secure, always private Internet is more important than ever.

The pandemic wasn’t the only thing to dramatically shape data privacy conversations last year. We saw a flurry of new activity on data protection legislation around the globe, and a trend toward data localization in a variety of jurisdictions.

I don’t think I’m taking any risks when I say that 2021 looks to be another busy year in the world of privacy and data protection. Let me tell you a bit about what that looks like for us at Cloudflare. We’ll be spending a lot of time in Continue reading

0

Businesses Can’t Afford to Lose Trust in the Encrypted Economy, and Neither Can You

End-to-end encrypted platforms have become an important means to establish online trust for businesses and individuals globally – and law enforcement/intelligence services are struggling to keep up.

Their unfamiliarity and uncertainty is reflected in the ambiguity of political discourse on the subject. On one hand, the European Union endorses strong encryption within data protection laws such as GDPR. On the other, attempts to intercept end-to-end-encrypted communication between suspicious parties resurface over and over again.

The Council Resolution on Encryption, adopted by the Council of the European Union, is the latest example. Politicians continue to strive for both strong end-to-end encryption and getting targeted access to information when – from a security and technology standpoint – the two concepts are at odds. Symbiosis is only possible in political rhetoric.

As the co-founder of an end-to-end encrypted cloud service, I am deeply concerned at how demands for access to encrypted data will affect the security of thousands of businesses and the millions of clients who rely on them in the EU and worldwide.

The Digital Economy Is at Risk

Our digital economy depends on the widespread use of strong encryption. This includes end-to-end encryption, within organizations of all shapes and sizes.

Continue reading

0

Build Virtual Lab Topology: VirtualBox Support

When I blogged about release 0.2 of my lab-building tool, Kristian Larsson was quick to reply: “now do vrnetlab”. You could guess what my reply was (hint: “submit a pull request”), but I did realize I’d have to add multi-provider support before that would make sense.

Release 0.3 adds support for multiple virtualization providers. You can run six different platforms on vagrant-libvirt (assuming you build the boxes), and I added rudimentary support for Vagrant provider for VirtualBox:

0

Build Virtual Lab Topology: VirtualBox Support

When I blogged about release 0.2 of my lab-building tool, Kristian Larsson was quick to reply: “now do vrnetlab”. You could guess what my reply was (hint: “submit a pull request”), but I did realize I’d have to add multi-provider support before that would make sense.

Release 0.3 adds support for multiple virtualization providers. You can run six different platforms on vagrant-libvirt (assuming you build the boxes), and I added rudimentary support for Vagrant provider for VirtualBox:

0

Elixir Notes: Functions

A function is a unit of code that does a thing. With Elixir being a functional language, functions are a core tenant of the language. Elixir has both named functions and anonymous functions. Named Functions Functions are defined in Elixir with the def keyword. Anonymous Functions ...

0

Elixir Notes: Comments

A comment is descriptive text that will be ignored during compile time. Comments are denoted with the hash # character.

0

Elixir Notes: Modules

A module is a collection of functions that can be used to organize your code in a manner similar to namespacing. Modules are defined in Elixir with the defmodule keyword. Considerations Modules must start with an uppercase [A-Z] CamelCase is the formatting convention...

0

Palo Alto CLI Tips and Tricks

Getting sh!t done from the Palo Alto CLI.

0

Copy SSH Keys to Linux Host From Windows 10

How to copy your SSH keys from Windows 10 to a Linux host.

0

The Future of Network Engineering; some possibilities through 2040 and beyond

Incident 1: October, 2006 Sydney Australia – Simply put, someone hit me with a tough question. Totally out of the box and very much to the point, so to the point that it took me years to swallow the impact. The question was an innocent one asked by one of the sharpest software engineers I […]

The post The Future of Network Engineering; some possibilities through 2040 and beyond appeared first on Packet Pushers.

0

Serious 10-year-old flaw in Linux sudo command; a new version patches it

Linux users should immediately patch a serious vulnerability to the sudo command that, if exploited, can allow unprivileged users gain root privileges on the host machine.Called Baron Samedit, the flaw has been “hiding in plain sight” for about 10 years, and was discovered earlier this month by researchers at Qualys and reported to sudo developers, who came up with patches Jan. 19, according to a Qualys blog. (The blog includes a video of the flaw being exploited.)To read this article in full, please click here

0

Serious 10-year-old flaw in Linux sudo command; a new version patches it

Linux users should immediately patch a serious vulnerability to the sudo command that, if exploited, can allow unprivileged users gain root privileges on the host machine.Called Baron Samedit, the flaw has been “hiding in plain sight” for about 10 years, and was discovered earlier this month by researchers at Qualys and reported to sudo developers, who came up with patches Jan. 19, according to a Qualys blog. (The blog includes a video of the flaw being exploited.)To read this article in full, please click here

0

The Hedge Podcast #66: Daniel Migault and the ADD Working Group

The modern DNS landscape is becoming complex even for the end user. With the advent of so many public resolvers, DNS over TLS (DoT) and DNS over HTTPS (DoH), choosing a DNS resolver has become an important task. The ADD working group will, according to their page—

…focus on discovery and selection of DNS resolvers by DNS clients in a variety of networking environments, including publicnetworks, private networks, and VPNs, supporting both encrypted and unencrypted resolvers.

In this episode of the Hedge, Daniel Migault joins Alvaro Retana and Russ White to discuss Requirements for Discovering Designated Resolvers, draft-box-add-requirements-02.

download

0

Day Two Cloud 082: You Don’t Need A Service Mesh

Today's Day Two Cloud podcast speaks with the creator of the Envoy proxy, Matt Klein, about the challenges of networking, load balancing, and service discovery in microservices architectures. The upshot? Depending on what you're trying to do and why, you may not need a service mesh. You may not need microservices. Sometimes a VM is just right.

0

Day Two Cloud 082: You Don’t Need A Service Mesh

Today's Day Two Cloud podcast speaks with the creator of the Envoy proxy, Matt Klein, about the challenges of networking, load balancing, and service discovery in microservices architectures. The upshot? Depending on what you're trying to do and why, you may not need a service mesh. You may not need microservices. Sometimes a VM is just right.

The post Day Two Cloud 082: You Don’t Need A Service Mesh appeared first on Packet Pushers.

0

Automating data center expansions with Airflow

Cloudflare’s network keeps growing, and that growth doesn’t just come from building new data centers in new cities. We’re also upgrading the capacity of existing data centers by adding newer generations of servers — a process that makes our network safer, faster, and more reliable for our users.

Connecting new Cloudflare servers to our network has always been complex, in large part because of the amount of manual effort that used to be required. Members of our Data Center and Infrastructure Operations, Network Operations, and Site Reliability Engineering teams had to carefully follow steps in an extremely detailed standard operating procedure (SOP) document, often copying command-line snippets directly from the document and pasting them into terminal windows.

But such a manual process can only scale so far, and we knew must be a way to automate the installation of new servers.

Here’s how we tackled that challenge by building our own Provisioning-as-a-Service (PraaS) platform and cut by 90% the amount of time our team spent on mundane operational tasks.

Choosing and using an automation framework

When we began our automation efforts, we quickly realized it made sense to replace each of these manual SOP steps with an API-call equivalent and Continue reading

0

Sign Up for Internet Society Fundamentals and Advance an Internet for Everyone, Everywhere

Do you believe in an Internet that inspires development and progress? Do you want to enable opportunities to help people improve their quality of life? Are you ready to become an agent of change, starting in your own community? If you answered yes to these questions, this is your opportunity to shine! Join our Internet Society crew for the brand new Internet Society Fundamentals Program and get ready to make your mark. This opportunity is exclusive to our members and is available until March 15^th.

During Internet Society Fundamentals you’ll learn to use your knowledge and personal skills to build local impact. Using the 2021 Action Plan as your blueprint, you’ll work to advance our vision: the Internet is for everyone.

Now is the time to start your journey!

Check your email for program details and submit the included form. You can also follow your member Chapter and SIG leaders on social media for instructions on how to begin, or contact your Community Engagement Manager for more information.

Not a member, but want to learn about opportunities like Internet Society Fundamentals and more? Join today!

Together we are strong. Together we build the future of Internet.

---

Image by Hudson Hintze via Continue reading

0

AMD, Cray, Nvidia Behind Massive NCAR Supercomputer Upgrade

The National Center for Atmospheric Research (NCAR) is getting a significant upgrade to its all-CPU “Cheyenne” supercomputer, bringing it from 5.2 peak petaflops of performance to 19.87 with a combination of AMD CPUs and Nvidia A100 GPUs laid out in an HPE Cray XE (formerly called “Shasta”) system. …

AMD, Cray, Nvidia Behind Massive NCAR Supercomputer Upgrade was written by Nicole Hemsoth at The Next Platform.

0

Deploying Advanced AWS Networking Features

Miha Markočič created sample automation scripts (mostly Terraform configuration files + AWS CLI commands where needed) deploying these features described in AWS Networking webinar:

• IP multicast deployment (video)
• Web Application Firewall deployment (video)
• Network Load Balancer deployment (video)
• Inter-region VPC Peering deployment (video)

To recreate them, clone the GitHub repository and follow the instructions.

0

Deploying Advanced AWS Networking Features

Miha Markočič created sample automation scripts (mostly Terraform configuration files + AWS CLI commands where needed) deploying these features described in AWS Networking webinar:

• IP multicast deployment (video)
• Web Application Firewall deployment (video)
• Network Load Balancer deployment (video)
• Inter-region VPC Peering deployment (video)

To recreate them, clone the GitHub repository and follow the instructions.