Weekend Reads 122019: Last Call for the Year

I probably won’t be posting much after this edition of the weekend reads until after the turn of the new year. I have a few projects I need to go “heads down” on in order to be set for the beginning of next year, and it’s time to spend time with family and friends. I’ve “supersized” this list of stuff worth reading so you won’t get too bored over the break, however.

This was an entertaining and interesting live stream, full of really good questions and answers.

On December 18, 2019, the Packet Pushers hosted a livestream gathering on YouTube where the Packet Pushers and special guests answered audience questions.

Anyone that has attended a meeting of the Internet Engineering Task Force (IETF) will know that the somewhat dry topic of internet protocols is often the source of passionate disagreement. But rarely does that debate extend beyond the confines of internet engineers. —Kieren McCarthy

The trade war between China and the US has centered largely on escalating tariffs. But in many rural communities, the focus has shifted to the security of networks for which Chinese giants Huawei and ZTE have long provided equipment. As the 5G future approaches, the US is pushing small carriers to rip out and replace whatever parts of their infrastructure come from China, no matter the cost. —Lily Hay Newman

“RISC” was an important architecture from the 1980s when CPUs had fewer than 100,000 transistors. By simplifying the instruction set, they free up transistors for more registers and better pipelining. It meant executing more instructions, but more than making up for this by executing them faster. —Robert Graham

Chances are, you’re reading this in Google’s Chrome browser. As of October 2019, Chrome owned 67% of the market, and there are several good reasons. Chrome is fast, it has tons of extensions, and it runs on every platform. —Mark Coppock

AT&T doesn’t want its home Internet speeds to be measured by the Federal Communications Commission anymore, and it already convinced the FCC to exclude its worst speed-test results from an annual government report. —Jon Brodkin

The question of just how fast your home internet service is seems pretty straightforward. Unfortunately, how the broadband industry gets at the answer is messy and complicated, and over the last few weeks, that’s caused controversy. —Marguerite Reardon

Data privacy hardliners are pretty jazzed about the California Consumer Protection Act (CCPA), which is slated to take effect on the first of the next year. While many outside of the Golden State may not have heard of this bold foray into computing regulation, activists hope that it will soon effectively control how much of the country is allowed to process data. —Andrea O’Sullivan

CES last January marked the first time the Consumer Tech Association recognized cybersecurity and personal privacy as a product category, highlighting antivirus and smart home security systems at the annual trade show. —Alfred Ng

Security professionals recommend against clicking links in emails like this. Instead, go to your bank account’s website directly and sign in. Similarly, if someone claiming to be from your bank calls you on the phone, it’s a good idea to hang up and call your bank’s customer service number directly to see if the call is legitimate. —Chris Hoffman

ICANN is reviewing the pending sale of the .org domain manager from a nonprofit to a private equity firm and says it could try to block the transfer. The .org domain is managed by the Public Internet Registry (PIR), which is a subsidiary of the Internet Society, a nonprofit. The Internet Society is trying to sell PIR to private equity firm Ethos Capital. —Jon Brodkin

In November, President Donald Trump called Ajit Pai, chairman of the Federal Communications Commission, to talk about spectrum. At the time, the FCC was considering a proposal to allow four satellite operators to privately sell a massively valuable swath of public airwaves directly to the U.S. wireless carriers. The carriers said they needed it to “win the race” to deploy 5G mobile networks. —Michael Calbrese and Amir Nasr

Crowdsourcing is fast emerging as a mainstream innovation channel for companies. It seems like the crowd has an answer to all sorts of innovation problems – they can come up with ideas for new toys and generate solutions to pressing scientific challenges. In theory, the crowd holds tremendous potential: A large, diverse group of people, consisting of experts and others from all over the world, should have fresh perspectives to bring about breakthrough insights on a given problem. —Ogux A. Acar

IIJ (AS2497) is a Japanese ISP that also provides CDN services, including live video streaming. Among the live-streaming events hosted at IIJ, by far the biggest is ‘Summer Koshien‘, the National High School Baseball Championship held at Koshien Stadium. The biannual championships started more than 100 years ago, and have become a symbolic amateur sporting event in Japan. —Kenjiro Cho

As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up. To make matters worse, one ransomware gang has now created a public Web site identifying recent victim companies that have chosen to rebuild their operations instead of quietly acquiescing to their tormentors. —Krebs

The conduct that reverse domain name hijacking (RDNH) was crafted to punish is “using the [Uniform Domain Name Dispute Resolution Policy] in bad faith to attempt to deprive a registered domain-name holder of a domain name.” —Gerald M. Levine

In March 2019, in a move described in one news report as a “government-imposed Internet shutdown,” the president of Sri Lanka temporarily blocked Facebook, WhatsApp, Instagram, Viber, and other services. In this case, limited access to a class of applications was inaccurately painted as a full-scale Internet shutdown. Unfortunately, this isn’t unusual. Media coverage and general discussion of Internet disruptions often misclassify what happened. The confusion is likely unintentional. Many journalists, as well as the general public, are not well-versed in the various ways Internet access and access to content can be disrupted. —David Belson

Major European legislation, the General Data Protection Regulation, evoked substantial change in the way we deal with the visibility of domain name registration information, and understandably those that use that data to solve problems are concerned about these changes, and some have even called for a U.S. legislative fix. —Christian Dawson

Just a week after hackers broke into a Ring camera in a child’s bedroom, taunting the child and sparking serious concerns about the company’s security practices, Buzzfeed News is reporting that over 3,600 Ring owners’ email addresses, passwords, camera locations, and camera names were dumped online. This includes cameras recording private spaces inside homes. —Cooper Quintin and Bill Budington

Upcoming Course: Data Center Design

My next course on Safari Books is a data center design webinar. I’ll talk about the history of the Clos fabric, fabric sizing with single-SKU designs, some of the pros and cons of single-SKU versus chassis based scaling, and underlay control planes. I generally go through these slides each time I give one of these webinars and rework various bits and pieces of it to smooth over things I remember being “rough” last time, and to update the material based on what I think is more relevant.

Sign up here.

2019 on Rule11

Yep, it’s that time of year when everyone does “retrospective pieces…” So… why not? There were several notable events this year—first and foremost, I kicked off a new podcast called the Hedge for network engineers. It’s probably not going to make anyone’s “top ten list of must listen to podcasts” anytime soon (if ever), but it’s been a lot of fun to move out of the commercial podcast space and just talk about “whatever seems interesting.” The History of Networking podcast also became independent this year; we are chugging along at more than 60 episodes, and there are a lot of great guests yet to come.

On the personal front, I moved from LinkedIn to Juniper Networks, and made some progress at school. I have finished my coursework and passed my comprehensive exams, so I’m now a PhD candidate, or as it is more commonly known, ABD.

Rule11 has, as a blog, had a good year. The most popular posts were:

When deploying IPv6, one of the fundamental questions the network engineer needs to ask is: DHCPv6, or SLAAC? As the argument between these two has reached almost political dimensions, perhaps a quick look at the positive and negative attributes of each solution are. Originally, the idea was that IPv6 addresses would be created using stateless configuration (SLAAC).

We often hear about fabrics, and we often hear about networks—but on paper, an in practice, they often seem to be the same thing. Leaving aside the many realms of vendor hype, what’s really the difference? Poking around on the ‘net, I came across a couple of definitions that seemed useful, at least at first blush.

We all use the OSI model to describe the way networks work. I have, in fact, included it in just about every presentation, and every book I have written, someplace in the fundamentals of networking. But if you have every looked at the OSI model and had to scratch your head trying to figure out how it really fits with the networks we operate today, or what the OSI model is telling you in terms of troubleshooting, design, or operation—you are not alone.

BMP is described in RFC7854 as a protocol intended to “provide a convenient interface for obtaining route views.” How is BMP different from setting up an open source BGP process and peering with all of your edge speakers? If you peer using eBGP, you will not see parroted updates unless you look for them; if you peer using iBGP, you might not receive all the updates (depending on how things are configured).

An article on successful writers who end up driving delivery trucks. My current reading in epistemology for an upcoming PhD seminar. An article on the bifurcation of network engineering skills. Several conversations on various slacks I participate in. What do these things have in common? Just this: What is to become of network engineering?

For any field of study, there are some mental habits that will make you an expert over time. Whether you are an infrastructure architect, a network designer, or a network reliability engineer, what are the habits of mind those involved in the building and operation of networks follow that mark out expertise?

If you’re still confused about why this blog is called rule11, then you need to read this post.

Finally, just for fun… My family entered a gingerbread house competition in our town, and won. Now I can add “prize winning gingerbread house maker” to my resume, I suppose.

Keep watching this space, because there is plenty more to come in 2020.

Weekend Reads 121319

Based on “winner-take-most” network economies, the innovation sector has generated significant technology gains and wealth but has also helped spawn a growing gap between the nation’s dynamic “superstar” metropolitan areas and most everywhere else. Neither market forces nor bottom-up economic development efforts have closed this gap, nor are they likely to. Instead, these deeply seated dynamics appear ready to exacerbate the current divides.

As we’ve discussed ad nauseam over the years, most of the missives you read about this-or-that super-scary malware/virus/brain-eating-boogie-monster are overly sensationalized accounts tied to theoretical threats with practically zero chance of actually affecting you in the real world. If you look closely, in fact, you’ll start to notice that the vast majority of those stories stem from companies that — gasp! — make their money selling malware protection programs for Android phones. (Pure coincidence, right?) —JR Raphael

As the Internet has grown, so too have the abuses that go along with one of the world’s most transformative technologies. For all of the positives the Internet brings, negatives like phishing, malware and child exploitation are a reality online. —Matt Serlin

If you are reading this, you are doing the right type of security digging. You are looking for ways to get started in the security industry. You have a desire to dive deep in the security world. Welcome to the world of chaos, excitement, long hours, uncertain rewards, and overwhelming intensity. The community of professionals who are pushing back against the badness need your help. We need people from all walks of life who love to learn. Today’s security world interconnects with everything and everyone. —Barry Greene

If you’re young or unfamiliar with the history of computing from its earliest days in the 1940s and 1950s, you’ll find it a worthwhile history lesson. This talk also includes the thesis of another talk of his — The Scribe’s Oath — in which he talks about the extreme care that ancient scribes used to put into their work, and how programmers are effectively today’s scribes. —Joey Devilla

Encryption is fundamental to our daily life. Practically everything we do online makes use of encryption is some form. Access to our financial transactions, health records, government services, and exchanged private messages are all protected by strong encryption. —Mohamed EL Bashir

In the not-too-distant future, I can clearly see how ISO 27001, SOC 2 and HITRUST certifications could become a diminished, legacy activity, viewed as a rarity left over from marketing efforts to distinguish an organization’s security posture from its competition. Absurd? Unrealistic? Actually, it is a very pragmatic understanding of what is coming with the Cybersecurity Maturity Model Certification (CMMC) that the US Department of Defense (DoD) is rolling out just a few short weeks away (January 2020). —Tom Cornelius

As we begin our new decade of the 2020s, we can look back at the last 30 odd years and examine the collaboration between technology and our daily lives. If you think of your day-to-day, it’s easy to see how much our society relies on technology. Consider our smart devices such as mobile phones, watches, even homes. However, what about the technology that we don’t see, that gives us clean drinking water, removes wastewater, and keeps our homes warm? Industrial Control Systems (ICS) are often considered a part of the Critical National Infrastructure (CNI). CNI is generally classified as assets needed to keep our society and economy running as we expect, our normal. —Zoë Rose

The History of Interop with Dan Lynch

Interop is the longest running “show” in the networking space—but it didn’t not start as a “show” at all. Dan Lynch, the founder of Interop, joins us at the History of Networking to talk about how Interop really started (hint, it’s in the name). One important lesson to learn through this discussion: it is not enough to have standards or open source; in the realm of network protocols, being able to prove multiple vendors can work together is important, too.