Archive for 2022
2022 Working Environment
The change of the year is always a good time to reflect. This year I’ve made major changes in my physical environment by reshaping many of the things about this house we recently moved to in Knoxville. Besides ripping out the entire kitchen, replacing all the floors, and reworking the fireplace, it was a good chance to rethink the office I work in every day. I’m rather persnickety about the lighting, layout, and tools I use (although a lot of people still think I’m crazy for using fairly standard tools, like Word, for writing).
This is my space, pretty much—
I use an adjustable height desk where I’m either leaning or standing—if I want to sit to read something, I normally grab a tablet and sit in the red chair off to the side, or even go someplace else in the house. I prefer not to read on my main computer screen most of the time. I normally keep ambient light to a minimum, and turn my monitor brightness down to pretty minimal, as well—below 20%.
I’m currently running an LG 38in curved monitor. I don’t game, so I care a lot more about resolution than refresh rate, etc. My main driver is a Microsoft Surface 8, topped out in specs, with a thunderbolt dock to support all the externals. I’m typing on a Drop ALT with 68g Zilentv2 switches. The smaller keyboard keeps the Wacom pad close by, making it easier to switch between keyboard and pointer. Smaller keyboards like this are perfectly useable if you map all the function and other special purpose keys onto a separate layer, and then place your layer control keys wisely. I’ve been thinking about switching to a more ergonomic keyboard, but I’ve not made my mind up yet.
For audio and video gear above the monitor I used two desk-clamp photography stands on the back of the desk, along with a long cheesebar. The cheesebar holds the Logitech webcam connected to my work machine, which is off to the side, the Dell Ultrasharp 4k, the ball mount for a digital camera (for recordings), and an AT4053 shotgun mic. On the side of the desk is a boom arm with a Blue Baby Bottle mic.
The two mics feed into an Antelope Zen Go interface, which allows me to do some minor eq and such before my voice hits the computer. I used to do all this onboard the computer itself using a Focusrite Clarett, but its a lot simpler to push some audio processing onto the interface itself with the Zen Go. These kinds of DSP-onboard interfaces tend to be hard to get up and running, by the way. I worked with an Apollo interface for a solid month before giving up and switching to the Zen Go.
Beside the Zen is a little Tascam recorder; the primary mic is routed through the Zen to this recorder so I don’t need to record on the computer itself (though most of the time I do just record in Audition). I find that when I’m doing training recording that will be edited and combined later, it’s better to pull as much processing off the main computer as possible to improve the quality and performance of the screen capture process … so I record voice on the Tascam, video on a separate digital camera, and just the screen capture on the computer.
I do have a set of Meze classic headphones hooked up to the Zen Go, but I mostly listen to meetings and music throughout the day on a Klipsch Three.
Audio wise, I put up a set of acoustic panels along one wall. I’m certain I could do more here, but the panels plus the carpeted floor seem to do okay for keeping the audio sounding pretty clean.
Lights… I’ve switched back and forth between GVM and Neewer over the years. Right now I’m using two Neewer flat panel lights, one of which provides ambient light by bouncing off the ceiling—this is the only ambient light I normally have turned on. There’s another LED panel with a diffuser to my front acting as a key, and a spot with a strong diffuser as far away on my right as I can get it.
Well, that’s my working environment for the moment … if you have questions about why I chose specific pieces of gear, etc., please feel free to drop a comment here, or pm me on LinkedIn.
Hedge 159: Roundtable on SONiC, Antipatterns, and Resilience through Acquisition
In this last episode of 2022, Tom, Eyvonne, and Russ sit around and talk about some interesting things going on in the world of network engineering. We start with a short discussion about SONiC, which we intend to build at least one full episode about sometime in 2023. We also discuss state and antipatterns, and finally the idea of acquiring another company to build network resilience.
Weekend Reads 121622
Today, we released the latest issue of The Domain Name Industry Brief, which shows that the third quarter of 2022 closed with 349.9 million domain name registrations across all top-level domains, a decrease of 1.6 million domain name registrations, or 0.4%, compared to the second quarter of 2022.
Since 2019, unpatched ESXi servers have been targets of ongoing in-the-wild attacks based on two vulnerabilities in the ESXiâ€™s OpenSLP service: CVE-2019-5544 and CVE-2020-3992.
In many cases, once a high-risk security vulnerability has been identified in a product, a bigger challenge emerges: how to identify the affected component or product by its assigned name in the National Vulnerability Database (NVD).
A developer’s cryptographic signing key is one of the major linchpins of Android security. Any time Android updates an app, the signing key of the old app on your phone needs to match the key of the update you’re installing.
Hashing is one of the pillars of cybersecurity. From securing passwords to sensitive data, there are a variety of use cases for hashing.
Cloud gaming needs wide access to 5G networks to thrive. Performance requirements for streaming the latest AAA titles on mobile devices are already high and are likely to increase as the industry adopts AR and VR devices, with the future growth of AR and VR devices also incentivizing telecom providers to bundle and/or upsell.
Did you know over 93% of all malware employs DNS as a mechanism to identify and contact its command and control (C2) to receive instructions? This is why a truly holistic cybersecurity strategy must include protection from malicious domains.
Today, we are glad to release the third version of the threat matrix for Kubernetes, an evolving knowledge base for security threats that target Kubernetes clusters.
The software industry is making headway against a group of pernicious vulnerabilities that are responsible for the vast majority of critical, remotely exploitable, and in-the-wild attacks, software-security experts said this week.
PCI DSS 4.0 was released in March 2022 and will replace the current PCI DSS 3.2.1 standard in March 2025. That provides a three-year transition period for organizations to be compliant with 4.0.
Arista Networks has a new high-end data-center switch as well as several smaller ones designed to provide more configuration and upgrade choices to fit the specific needs of individual organizations.
However, I’m going to ask an awkward question, one that has been burning in my mind for a while. What really happens to that data once you click “delete” on a cloud service?
Ofcomâ€™s data shows that 97 percent of UK homes now have access to superfast broadband, defined as a downstream connection of 30 Mbps or more. While 27 percent of those who can access superfast broadband have yet to take up such services, Ofcom doesnâ€™t seem particularly keen to persuade them to do so.
The European Telecommunications Standards Institute (ETSI) has unveiled a new Industry Specification Group (ISG) to undertake preliminary work on the potential use of terahertz frequencies in 6G communications.
NuGet, PyPi, and npm ecosystems are the target of a new campaign that has resulted in over 144,000 packages being published by unknown threat actors.
Hedge 158: The State of DDoS with Roland Dobbins
DDoS attacks continue to be a persistent threat to organizations of all sizes and in all markets. Roland Dobbins joins Tom Ammon and Russ White to discuss current trends in DDoS attacks, including the increasing scope and scale, as well as the shifting methods used by attackers.
Controversial Reads 121022
Simply put, we have been right all along, and we now have the conflicting circuit court precedent to prove it. The Supreme Court needs to consider the Fourth Circuitâ€™s arguments and address this split between circuits.
Do we let Big Tech have access to our private communications and free email accounts because itâ€™s so easy? Once youâ€™ve said yes â€” and who among us has not? â€” itâ€™s not a stretch to think that Big Data already has almost all your information, so why get picky at the next juncture?
Internet infrastructure servicesâ€”the heart of a secure and resilient internet where free speech and expression flowsâ€”should continue to focus their energy on making the web an essential resource for users and, with rare exceptions, avoid content policing.
Then Elon announced Apple, the most powerful company in the world, threatened to remove Twitter from the app store.
A California judge has cleared the way for a potentially massive class-action lawsuit against Google, which stands accused – again – of anticompetitive practices surrounding its Play store.
There is a growing trend in American culture of what the literary theorist Peter Brooks calls â€œstorification.â€
Targeted advertisingâ€™s days may be numbered. The Wall Street Journal and Reuters report that the European Data Protection Board has ruled that Meta cannot continue targeting ads based on userâ€™s online activity without affirmative, opt-in consent.
The Council of the European Union this week adopted new language for regulations governing internet systems that may put the security of your browser at greater risk.
Since the dawn of digital marketing, people have been asked to provide their personal information in exchange for information online. This “information swap” is still a common digital tactic.
Weekend Reads 120922
In this article, I will explain how SSHFP DNS records can help mitigate such risks and share the results of our large-scale analysis.
A vulnerability in IBM Cloud databases for PostgreSQL could have allowed attackers to launch a supply chain attack on cloud customers by breaching internal IBM Cloud services and disrupting the hosted system’s internal image-building process.
Amazon Web Services has signaled that the future of cloud computing cannot rely alone on general-purpose chips with its new Graviton3E silicon, joining AMD and Intel in introducing specialized central processing units that are meant to perform certain applications faster and more efficiently.
A recent statement from Italyâ€™s data protection authority, the Garante, opens a new chapter in the never-ending story of profiling cookies.
While analyzing its capabilities, Akamai researchers have accidentally taken down a cryptomining botnet that was also used for distributed denial-of-service (DDoS) attacks.
Biometrics is supposed to be one of the underpinnings of a modern authentication system. But many biometric implementations (whether that be fingerprint scanes or face recognition) can be wildly inaccurate, and the only universally positive thing to say about them is they’re better than nothing.
Geolocation providers usually focus on locating end user devices at the edge of the Internet. But what about the machines that make up the infrastructure in the middle?
There are certainly plenty of myths in the industry about OpenRAN, and today I hope to eradicate one of them: OpenRAN will be deployed anywhere and everywhere, including the busy city centres.
The SMO provides a central interface for application configuration and provisioning. It also automates both infrastructure management processes and the creation of new services through southbound APIs (O2-IMS & O2-DMS).
There is a common misconception that all problems have clear, straightforward solutions â€” as long as you look hard enough. While this is a bold and ambitious goal, it’s misguided when applied to cybersecurity.
How valuable is it to keep older solutions like this running? Well, organizations don’t enjoy running old legacy systems just for the pleasure of it, but they’re often forced to keep them running because it’s their only option, or at least the only cost-effective option available to them.
Securing critical infrastructure is complicated because of the vast network of facilities and management systems. Threats targeting this sector can have dire consequences, and when attacks do happen, they’re often accompanied by a media storm.
The European tech industry saw $400 billion in value wiped out this year and an 18% decline in venture capital funding, according to a report from venture capital firm Atomico.
Fondly referred to as â€œspinning rustâ€ among some computer nerds, mechanical hard drives seem almost quaint compared to hyper-fast SSDs. Yet, the idea that mechanical hard drives are ready for the trash pile may be more than a little premature.
Conventional wisdom says that trying to attach system memory to the PCI-Express bus is a bad idea if you care at all about latency. The further the memory is from the CPU, the higher the latency gets, which is why memory DIMMs are usually crammed as close to the socket as possible.
Hedge 157: Vendor Lock-in with Frank Seesink
Vendor lock-in has been an issue in networking for the entire time I’ve been working in the field—since the late 1980s. I well remember the arguments over POSIX compliance, SQL middleware standards, ADA, and packet formats. It was an issue in electronics, which is where I worked before falling into a career in computer networks, too. What does “vendor independence” really mean, and what are the ways network operators can come close to having it? Frank Seesink joins Russ White and Tom Ammon to rant about—and consider—solutions to this problem.