Ripple20 TCP/IP flaws can be patched but still threaten IoT devices

A set of serious network security vulnerabilities collectively known as Ripple20 roiled the IoT landscape when they came to light last week, and the problems they pose for IoT-equipped businesses could be both dangerous and difficult to solve.Ripple20 was originally discovered by Israel-based security company JSOF in September 2019. It affects a lightweight, proprietary TCP/IP library created by a small company in Ohio called Treck, which has issued a patch for the vulnerabilities. Several of those vulnerabilities would allow for remote-code execution, allowing for data theft, malicious takeovers and more, said the security vendor.That, however, isn’t the end of the problem. The TCP/IP library that contains the vulnerabilities has been used in a huge range of connected devices, from medical devices to industrial control systems to printers, and actually delivering and applying the patch is a vast undertaking. JSOF said that “hundreds of millions” of devices could be affected. Many devices don’t have the capacity to receive remote patches, and Terry Dunlap, co-founder of security vendor ReFirm Labs, said that there are numerous hurdles to getting patches onto older equipment in particular.To read this article in full, please click here

The Hedge Episode 41: Centralized Architectures with Jari Arkko

Consolidation is a well-recognized trend in the Internet ecosystem—but what does this centralization mean in terms of distributed systems, such as the DNS? Jari Arkko joins this episode of the Hedge, along with Alvaro Retana, to discuss the import and impact of centralization on the Internet through his draft, draft-arkko-arch-infrastructure-centralisation.

download

Day Two Cloud 054: Real Life VMware Cloud On AWS

We discuss the reality of running VMware Cloud (VMC) on AWS with Adam Fisher, Cloud & DevOps Engineer at RoundTower. Adam's been deploying VMC on AWS in the real world for customers since the product's early days, and has plenty of insights. VMC on AWS presents a VMware software defined data center (SDDC) hosted on bare metal in AWS data centers. If you're trying to vacate your own data centers or colos, but aren't going to refactor your applications to do it, VMC on AWS presents a compelling technical solution.

Day Two Cloud 054: Real Life VMware Cloud On AWS

We discuss the reality of running VMware Cloud (VMC) on AWS with Adam Fisher, Cloud & DevOps Engineer at RoundTower. Adam's been deploying VMC on AWS in the real world for customers since the product's early days, and has plenty of insights. VMC on AWS presents a VMware software defined data center (SDDC) hosted on bare metal in AWS data centers. If you're trying to vacate your own data centers or colos, but aren't going to refactor your applications to do it, VMC on AWS presents a compelling technical solution.

The post Day Two Cloud 054: Real Life VMware Cloud On AWS appeared first on Packet Pushers.

Getting AWS Availability Zones using Pulumi and Go

I’ve written several different articles on Pulumi (take a look at all articles tagged “Pulumi”), the infrastructure-as-code tool that allows users to define their infrastructure using a general-purpose programming language instead of a domain-specific language (DSL). Thus far, my work with Pulumi has leveraged TypeScript, but moving forward I’m going to start sharing more Pulumi code written using Go. In this post, I’ll share how to use Pulumi and Go to get a list of Availability Zones (AZs) from a particular region in AWS.

Before I proceed, I feel like it is important to provide the disclaimer that I’m new to Go (and therefore still learning). There are probably better ways of doing what I’m doing here, and so I welcome all constructive feedback on how I can improve.

With that disclaimer out of the way, allow me to first provide a small bit of context around this code. When I’m using Pulumi to manage infrastructure on AWS, I like to try to keep things as region-independent as possible. Therefore, I try to avoid hard-coding things like the number of AZs or the AZ names, and prefer to gather that information dynamically—which is what this code does.

Here’s the Continue reading

Top 5 Questions from “How to become a Docker Power User” session at DockerCon 2020

This is a guest post from Brian Christner. Brian is a Docker Captain since 2016, host of The Byte podcast, and Co-Founder & Site Reliability Engineer at 56K.Cloud. At 56K.Cloud, he helps companies to adapt technologies and concepts like Cloud, Containers, and DevOps. 56K.Cloud is a Technology company from Switzerland focusing on Automation, IoT, Containerization, and DevOps.

It was a fantastic experience hosting my first ever virtual conference session. The commute to my home office was great, and I even picked up a coffee on the way before my session started. No more waiting in lines, queueing for food, or sitting on the conference floor somewhere in a corner to check emails. 

The “DockerCon 2020 that’s a wrap” blog post highlighted my session “How to Become a Docker Power User using VS Code” session was one of the most popular sessions from DockerCon. Docker asked if I could write a recap and summarize some of the top questions that appeared in the chat. Absolutely.

Honestly, I liked the presented/audience interaction more than an in-person conference. Typically, a presenter broadcasts their content to a room full of participants, and if you are lucky and Continue reading

BiB094 – HPE Discover Greenlake and Ezmeral

      HPE Greenlake Common cloud platform – pivot to “edge-to-cloud platform-as-a-service company” cloud services, software and customer experiences. Greenlake in numbers: 4B in contract value , 1000 customers, 50 countries, 90% retention rate 700 partners selling Greenlake = next generational partner ecosystem self-served, pay per use     HPE Ezmeral The HPE Ezmeral... Read more »

BiB094 – HPE Discover Greenlake and Ezmeral

      HPE Greenlake Common cloud platform – pivot to “edge-to-cloud platform-as-a-service company” cloud services, software and customer experiences. Greenlake in numbers: 4B in contract value , 1000 customers, 50 countries, 90% retention rate 700 partners selling Greenlake = next generational partner ecosystem self-served, pay per use     HPE Ezmeral The HPE Ezmeral […]

The post BiB094 – HPE Discover Greenlake and Ezmeral appeared first on Packet Pushers.

Eighty for Africa: Kenya and Nigeria’s IXP Success

Ten years ago the peering community came up with a vision: We wanted 80 percent of Internet traffic to be localized by 2020. I must admit, over the last decade there were times I wondered if it was possible.

But Kenya and Nigeria have just proven that it is – all thanks to the help of Internet exchange points (IXPs). A new report, Anchoring the African Internet Ecosystem: Lessons from Kenya and Nigeria’s Internet Exchange Points Growth is a case study on how they did it.

What Changed in Kenya and Nigeria

In just eight years a dedicated community helped Kenya and Nigeria to boost the levels of Internet traffic that is locally exchanged from 30% to 70%.

That happened because of a vibrant community of people united around a common cause: bringing faster, cheaper, and better Internet to their neighbours. They did this by focusing on their local Internet ecosystem that is dependent on the IXP.

Building an IXP takes humans and tech. We often say it takes 80% human engineering and 20% network engineering. It certainly is no easy task. Building a strong local Internet community facilitates this collaboration and results in neutral, even, and good local governance Continue reading

Adapting Network Design to Support Automation

This blog post was initially sent to the subscribers of my SDN and Network Automation mailing list. Subscribe here.

Adam left a thoughtful comment addressing numerous interesting aspects of network design in the era of booming automation hype on my How Should Network Architects Deal with Network Automation blog post. He started with:

A question I keep tasking myself with addressing but never finding the best answer, is how appropriate is it to reform a network environment into a flattened design such as spine-and-leaf, if that reform is with the sole intent and purpose to enable automation?

A few basic facts first:

Read more …

HPE Builds Out GreenLake Utility, Creates Ezmeral Software

Hewlett Packard Enterprise in January created its Transformation Office with an eye toward accelerating its move to become a platform provider – complete with hardware, software, services and other components – with a reach from the datacenter out through the cloud and to the fast-growing edge computing environment.

HPE Builds Out GreenLake Utility, Creates Ezmeral Software was written by Jeffrey Burt at The Next Platform.

Open Call To The Next Generation of Internet Leaders – Apply for the IGF Youth Ambassadors Program

Photo of IGF Youth Ambassadors

We are living in unprecedented times. COVID-19 has disrupted our world and it’s a crucial time for the Internet. We are facing issues related to misinformation, online education and connectivity. Challenges have been posed to encryption. Debates around the trade-off between privacy and contact tracing apps take place around the globe.

The acceleration of digital transformation worldwide has created immense opportunities and at the same time, uncertainty and challenges. Under these circumstances, youth must be represented in these discussions.

Young people know the benefits of connection, sharing and openness. Young engineers and programmers create new tools for the Internet every day, and many proposals about governance of new technologies come from interested people below the age of 30.

We grew up in cyberspace, and it has become an intrinsic part of many of our lives. We care for it, we value its principles, invariants and characteristics. Most of all, we understand how important the Internet is and how much of a force for good (or for evil) it can be.

The voice of youth matters and the Internet Society plays a significant role to empower the next generation of Internet leaders and to provide them with the freedom to voice Continue reading

The History of LINUX and SUSE with Dirk Hohndel

Started as a consulting company, SUSE was one of the first organizations to begin working in the development and commercialization of LINUX. Through the years, LINUX has become the base for much of the IT world, including many of the open source network operating systems. Dirk Hohndel joins the History of Networking to discuss the origins of SUSE LINUX.

download

Containerize Your Go Developer Environment – Part 3

In this series of blog posts, we show how to put in place an optimized containerized Go development environment. In part 1, we explained how to start a containerized development environment for local Go development, building an example CLI tool for different platforms. Part 2 covered how to add Go dependencies, caching for faster builds and unit tests. This third and final part is going to show you how to add a code linter, a GitHub Action CI, and some extra build optimizations.

Adding a linter

We’d like to automate checking for good programming practices as much as possible so let’s add a linter to our setup. First step is to modify the Dockerfile:

# syntax = docker/dockerfile:1-experimental

FROM --platform=${BUILDPLATFORM} golang:1.14.3-alpine AS base
WORKDIR /src
ENV CGO_ENABLED=0
COPY go.* .
RUN go mod download
COPY . .

FROM base AS build
ARG TARGETOS
ARG TARGETARCH
RUN --mount=type=cache,target=/root/.cache/go-build \
  GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -o /out/example .

FROM base AS unit-test
RUN --mount=type=cache,target=/root/.cache/go-build \
  go test -v .

FROM golangci/golangci-lint:v1.27-alpine AS lint-base

FROM base AS lint
COPY --from=lint-base /usr/bin/golangci-lint /usr/bin/golangci-lint
RUN --mount=type=cache,target=/root/.cache/go-build \
  --mount=type=cache,target=/root/.cache/golangci-lint \
  golangci-lint run --timeout 10m0s ./...

FROM scratch AS bin-unix
COPY Continue reading

Intel unveils third-generation Xeon Scalable processors

Intel formally unveiled the third generation of its Xeon Scalable processor family, developed under the codename "Cooper Lake." This generation is aimed at the high end of the performance line for functions such as high-performance computing (HPC) and artificial intelligence (AI).The Cooper Lake line is targeted at four- and eight-socket servers. Xeons based on the Ice Lake architecture are due later this year and will target one- and two-socket servers. The latest announcement includes 11 new SKUs with between 16 and 28 cores, running at up to 3.1 Ghz base clock (and up to 4.3 Ghz with Turbo Boost), plus support for up to six memory channels. READ MORE: Data center sales dip amid COVID-19 fallout, but public cloud growsTo read this article in full, please click here

Now Available: Red Hat-Maintained Content Collections on Automation Hub

Today marks an important milestone for Red Hat Ansible Automation Platform subscribers: The initial release of Red Hat-maintained Ansible Content Collections have been published to Automation Hub for automating select platforms from Arista, AWS, Cisco, IBM, Juniper, Splunk and more. The addition of these 17 Red Hat-maintained Collections on Automation Hub brings the total number to 47 Collections certified and published since September 2019. Finally, we are thrilled to have Ansible Collections for automating Red Hat Insights and Red Hat Satellite included as part of this release as well.

Why is this significant? First, it is important to understand that the Ansible project has recently completed an effort to decouple the Ansible executable from most of the content, and all migrated content now resides in new upstream repositories on GitHub. This change has had a ripple effect on backend development, testing, publishing, and maintenance on Ansible content. The good news is that now features of high quality, can be delivered more quickly, asynchronously from Ansible releases. 

Today’s announcement highlights the successful culmination of the following: 

  1. Migration of Ansible-maintained content from Ansible project to Collections. 
  2. Releasing new features and functionality since Ansible 2.9, without having to wait Continue reading

Lessons from a 2020 intern assignment

Lessons from a 2020 intern assignment

This summer, Cloudflare announced that we were doubling the size of our Summer 2020 intern class. Like everyone else at Cloudflare, our interns would be working remotely, and due to COVID-19, many companies had significantly reduced their intern class size, or outright cancelled their programs entirely.

With our announcement came a huge influx of  students interested in coming to Cloudflare. For applicants seeking engineering internships, we opted to create an exercise based on our serverless product Cloudflare Workers. I'm not a huge fan of timed coding exercises, which is a pretty traditional way that companies gauge candidate skill, so when I was asked to help contribute an example project that would be used instead, I was excited to jump on the project. In addition, it was a rare chance to have literally thousands of eager pairs of eyes on Workers, and on our documentation, a project that I've been working on daily since I started at Cloudflare over a year ago.

In this blog post, I will explain the details of the full-stack take home exercise that we sent out to our 2020 internship applicants. We asked participants to spend no more than an afternoon working on it, and Continue reading

1 931 932 933 934 935 3,841