Worth Reading 091925

19 September 2025


“Classic” TCP uses an extremely simple loss-based congestion detection algorithm that is intended to save networks from collapsing under extreme overload.


The endgame is a society where corporate algorithms make decisions about employment, education, and social interaction with no accountability.


The rise of Agentic AI, the emergence and adoption of AI agents and agent-to-agent networking to autonomously perform tasks on behalf of humans, has introduced unique challenges for existing security products.


In the landscape of organizational management, a distinction exists between teams that (a.) efficiently deliver a high-quality service or product, and (b.) those that innovate and develop their thought leadership in an area of emerging technology.


Broadcom CEO Hock Tan delivered a rather defiant keynote to open the VMware Explore conference in Las Vegas recently, telling the audience they are better off using the latest version of VMware Cloud Foundation (VCF) on-premises than hyperscale cloud service providers.


The public is told that AI systems are super smart and have the world’s info at their electronic beck and call. At the same time, it is humans and human organizations who claim professional expertise and so deliver their “truth” via media and Internet.


While Eutelsat’s OneWeb operates the second-largest commercial LEO satellite network, its real-world network performance remains largely unexplored by researchers, due to its targeted enterprise and government markets.


If AI is to become pervasive, as the model builders and datacenter builders who are investing enormous sums of money are clearly banking on it to be, then it really goes have to be a global phenomenon.


It looks to me like history is repeating itself. We’re seeing the same hype cycle for 6G that we saw for 5G.


This article taxonomizes the 25-year history of IPID-based exploits and the corresponding changes to IPID selection methods. By mathematically analyzing these methods’ correctness and security and empirically evaluating their performance, we reveal recommendations for best practice as well as shortcomings of current operating system implementations, emphasizing the value of systematic evaluations in network security.


But for NaaS to truly transform enterprise networking, one thing has been missing: standards. Enter Mplify (formerly the Metro Ethernet Forum), a non-profit focused on standardizing NaaS service definitions.

Worth Reading 090925

9 September 2025


The arrangements regarding the composition and organisation of the provision and operation of authoritative root servers are one of the more long-lasting aspects of the public Internet.


Microsoft has achieved a breakthrough in the hollow core fiber technology, reducing data transmission loss to just 0.091 dB per kilometer, the lowest ever achieved and significantly below the 0.14 dB/km limit that has constrained fiber networks for decades.


China has pursued a strategy of competition among government-owned organizations, and it initiated two government-owned constellation projects, Hongyun and Hongyan, in 2018.


There is no question that one of the smartest things that chip designer, packager, and manufacturing process manager Marvell Technology did was to shell out $650 million in May 2019 to buy Avera Semiconductor.


In early 2024, a Hong Kong-based clerk at multinational consulting engineering firm Arup was duped into transferring about $25 million to scammers who used AI to impersonate the company’s CFO, and other senior executives, in a live video meeting.

Worth Reading 090325

3 September 2025


Among the plethora of advanced attacker tools that exemplify how threat actors continuously evolve their tactics, techniques, and procedures (TTPs) to evade detection and maximize impact, PipeMagic, a highly modular backdoor used by Storm-2460 masquerading as a legitimate open-source ChatGPT Desktop Application, stands out as particularly advanced.


In this episode of PING, APNIC’s Chief Scientist, Geoff Huston, explores the economic inevitability of centrality in the modern Internet.


Philipp delivers a sober message for innovators: invention is only half the battle; defending your invention can define your company’s fate.


Google now estimates that the specs for a Cryptographically Relevant Quantum Computer (CRQC), which can break conventional public key encryption in a useful amount of time, are lower than they had previously estimatedナby 95%.


In this report, I’ll focus on the material presented at the DELEG and DNSOP Working Groups.

Worth Reading 090125

1 September 2025


Can we trust AI? Will AI take our jobs? Is an AI app safe? Shall we invest in AI company? Create an AI startup? Will AI accelerate cybercrime?


This study highlights the inadequacy of current privacy protection measures and proposes an automated, sustainable approach to correlate user profiles, including homonyms and pseudonyms, solely through publicly available data.


Bargury’s attack starts with a poisoned document, which is shared to a potential victim’s Google Drive. (Bargury says a victim could have also uploaded a compromised file to their own account.)


I wrote last week about three examples of the new GPT 5.0 chatbot contradicting Sam Altman’s claim that “it really feels like talking to an expert in any topic, like a PhD-level expert.”


RFCs are, inherently, the result of a design-by-committee writing process; usually intended for engineers to read. Especially with cryptography, they err on the side of technical specification rather than introductory blog post.


The transition to IPv6 is now a practical necessity for networks under pressure to scale, secure, and streamline their operations.

Worth Reading 082925

29 August 2025


In this episode of PING, Robert Kisteleki from the RIPE NCC discusses the RIPE Atlas system — a network of over 13,000 measurement devices deployed worldwide in homes, exchange points, stub and transit Autonomous Systems, densely connected regions and sparse island states.


The common denominator in both tests was technology called “Innovative Optical and Wireless Network” (IOWN), an all-optical networking stack that NTT hopes will mature in 2030 and expects will reduce power consumption by 100x, improve transmission capacity by 125x, and reduce network latency to 0.5 percent of current levels.


Internet Exchange Points (IXPs) are often overlooked in discussions about critical infrastructure. Yet their role in routing stability, local resilience, and digital sovereignty is undeniable.


Is adding AI to your environment a software purchase? Or is it more like hiring an employee?


Design by committee should always ring alarm bells, particularly in technology. The desire to achieve acceptable compromises between various opinions often leads to compromised technical outcomes, and it seems to me that the current work on redefining zone cuts and delegation in the DNS is leading to this same outcome


The TCP/IP Interoperability Conference—later renamed Interop—began as a small workshop in August 1986. It quickly grew in scope to incorporate tutorials, and by 1988 an exhibition network connected 51 exhibitors to each other and to the global Internet.


There is a relatively new fiber technology that most readers will not have heard about. Multi-core fiber (MCF) is a technology that packs multiple strands of fiber inside a bundle that is about the same size as a single strand of fiber today.


This is where the “Jericho” StrataDNX switch/router chips and their related “Ramon” fabric elements come in, which are an important part of the Broadcom datacenter networking portfolio.


We had a series of mini-outages at sketch.dev on July 15th, caused by LLM-written code.

Worth Reading 081325

13 August 2025


The current state of digital identity is a mess. Your personal information is scattered across hundreds of locations: social media companies, IoT companies, government agencies, websites you have accounts on, and data brokers you’ve never heard of.


It turns out that, if you have your domain hosted by a big provider (we happen to use GoDaddy), it’s easy to turn on DNSSEC. But I think it says a lot that it took us this long (and the stimulus of working on a new security book) to get us to turn on DNSSEC


As we left the laboratory, I thought about how we in the computing field build a tremendous number of things that really cannot be called beautiful and then are commonly tossed aside without a thought.


The accelerated migration to advanced services will be accompanied by unprecedented complexity, and security and reliability concerns that must be addressed by the network-engineering and formal-methods communities.


Quantum scientists have long treated quantum entanglement as precious cargo, forging fresh links for every secure message or computation. A new theoretical study proposes a thriftier route, letting an existing pair pass portions of its entanglement down an extended chain.

Worth Reading 072725

27 July 2025


We sketch out the enabling technologies for AI. They include search, reasoning, neural networks, natural language processing, signal processing and computer graphics, programming and conventional software engineering, human-computer interaction, communications, and specialized hardware that provides supercomputing power.


For decades, thanks to the low latency enabled by Remote Direct Memory Access, or RDMA, a method of allowing CPUs and then GPUs and finally other kinds of XPUs to directly access the main memory of each other without having to go through the entire network software stack, InfiniBand found a niche and was one of the reasons why Nvidia shelled out $6.9 billion to acquire Mellanox Technologies more than five years ago.


Shipments of tape storage media increased again in 2024, according to HPE, IBM, and Quantum – the three companies that back the Linear Tape-Open (LTO) Format.


In this episode of PING, APNIC’s Chief Scientist, Geoff Huston, discusses a day in the life of Border Gateway Protocol (BGP). Not an extraordinary day, not a special day, just a regular day.


Dumb phones represent the laziest possible solution to a complex behavioral problem. They’re the dietary equivalent of having your jaw wired shut.

Worth Reading 072425

23 July 2025


They call themselves Scattered Spider. They’re probably younger than your college freshman. They live in suburban bedrooms across America and Britain, and they’ve just brought industries to their knees.


The RPKI makes use of RSA signatures. These “traditional” digital signatures are expected to be vulnerable to attacks with powerful quantum computers. While no quantum computer currently exists that can break traditional cryptography, the development of quantum computers is progressing rapidly, and it is expected that they will be able to break RSA and other traditional cryptographic algorithms, be it in several years or several decades.


Analysing Transmission Control Protocol (TCP) SYN segments, the initial step in the TCP three-way handshake, can reveal patterns and anomalies in network traffic, providing insights into potential threats.


One way to establish if a QUIC connection is viable without paying a time penalty is for the server to signal the capability to use QUIC to the client in the first (TCP/TLS) connection, allowing the client to initiate a QUIC session on the second and subsequent connections.


These are not bugs but are inherent limitations of the technology. The same limitations make it unlikely that LLM machines will ever be capable of performing all human tasks at the skill levels of humans.

Worth Reading 071725

17 July 2025


Is Your Wi-Fi Router Tracking Your Browsing? Here’s What 30,000 Words of Privacy Policies Revealed.


Browser Dating wants your search history — all of it. Your 3 a.m. Reddit rabbit holes, your medical anxieties, your peculiar curiosities about President Trump’s hair, and whether cats plot murder.


Now, people are rethinking the trade-off. Ubuntu has disabled some protections, resulting in 20% performance boost.


Each time you swipe a loyalty card, you’re not just saving on groceries—you’re feeding a powerful data machine known as retail media.


Over the last ten years, more than 600 million websites have been secured with free certificates from Let’s Encrypt. Here’s how it all began and why.

Worth Reading 070325

3 July 2025


Ossification is still a major issue in today’s networking environment, and while it’s not a theme in the architecture of the transmission platform, we see it in the Internet Protocol itself, in our transport protocols, in our routing protocols, and in various applications.


The Federal Bureau of Investigation (FBI) is issuing this Public Service Announcement to warn the public about cyber criminals exploiting Internet of Things (IoT)1 devices connected to home networks to conduct criminal activity using the BADBOX 2.0 botnet2.


hile the architecture of the 900 series had no support for partitioning memory (requiring cooperation for multi-user activity), and many ran without any operating system at all, there was an optional NPL interface.


Most protocols do not have the equivalent of an X-Forwarded-For header. To solve this, HAProxy came up with the PROXY protocol, which is a Layer 4 protocol that allows a proxy server to communicate client information to a backend server.


If you built a proper technology strategy in the first place, driven by the business strategy, then no matter what is happening don’t ignore it, and don’t throw it out—update it and stick to it!