Worth Reading 090325


Among the plethora of advanced attacker tools that exemplify how threat actors continuously evolve their tactics, techniques, and procedures (TTPs) to evade detection and maximize impact, PipeMagic, a highly modular backdoor used by Storm-2460 masquerading as a legitimate open-source ChatGPT Desktop Application, stands out as particularly advanced.


In this episode of PING, APNIC’s Chief Scientist, Geoff Huston, explores the economic inevitability of centrality in the modern Internet.


Philipp delivers a sober message for innovators: invention is only half the battle; defending your invention can define your company’s fate.


Google now estimates that the specs for a Cryptographically Relevant Quantum Computer (CRQC), which can break conventional public key encryption in a useful amount of time, are lower than they had previously estimatedナby 95%.


In this report, I’ll focus on the material presented at the DELEG and DNSOP Working Groups.

Posted in WORTH READING

Worth Reading 090125


Can we trust AI? Will AI take our jobs? Is an AI app safe? Shall we invest in AI company? Create an AI startup? Will AI accelerate cybercrime?


This study highlights the inadequacy of current privacy protection measures and proposes an automated, sustainable approach to correlate user profiles, including homonyms and pseudonyms, solely through publicly available data.


Bargury’s attack starts with a poisoned document, which is shared to a potential victim’s Google Drive. (Bargury says a victim could have also uploaded a compromised file to their own account.)


I wrote last week about three examples of the new GPT 5.0 chatbot contradicting Sam Altman’s claim that “it really feels like talking to an expert in any topic, like a PhD-level expert.”


RFCs are, inherently, the result of a design-by-committee writing process; usually intended for engineers to read. Especially with cryptography, they err on the side of technical specification rather than introductory blog post.


The transition to IPv6 is now a practical necessity for networks under pressure to scale, secure, and streamline their operations.

Posted in WORTH READING

Worth Reading 082925


In this episode of PING, Robert Kisteleki from the RIPE NCC discusses the RIPE Atlas system — a network of over 13,000 measurement devices deployed worldwide in homes, exchange points, stub and transit Autonomous Systems, densely connected regions and sparse island states.


The common denominator in both tests was technology called “Innovative Optical and Wireless Network” (IOWN), an all-optical networking stack that NTT hopes will mature in 2030 and expects will reduce power consumption by 100x, improve transmission capacity by 125x, and reduce network latency to 0.5 percent of current levels.


Internet Exchange Points (IXPs) are often overlooked in discussions about critical infrastructure. Yet their role in routing stability, local resilience, and digital sovereignty is undeniable.


Is adding AI to your environment a software purchase? Or is it more like hiring an employee?


Design by committee should always ring alarm bells, particularly in technology. The desire to achieve acceptable compromises between various opinions often leads to compromised technical outcomes, and it seems to me that the current work on redefining zone cuts and delegation in the DNS is leading to this same outcome


The TCP/IP Interoperability Conference—later renamed Interop—began as a small workshop in August 1986. It quickly grew in scope to incorporate tutorials, and by 1988 an exhibition network connected 51 exhibitors to each other and to the global Internet.


There is a relatively new fiber technology that most readers will not have heard about. Multi-core fiber (MCF) is a technology that packs multiple strands of fiber inside a bundle that is about the same size as a single strand of fiber today.


This is where the “Jericho” StrataDNX switch/router chips and their related “Ramon” fabric elements come in, which are an important part of the Broadcom datacenter networking portfolio.


We had a series of mini-outages at sketch.dev on July 15th, caused by LLM-written code.

Posted in WORTH READING

Best of the Hedge: Episode 3

From time to time, I like to dive into the archive and find a show that’s worth repeating. Forthwith, Derrick Winkworth and automation.
 
Network automation efforts tend to focus on building and maintaining configurations–but is this the right place to be putting our automation efforts? Derick Winkworth joins Tom Ammon and Russ White at the Hedge for a conversation about what engineers really do, and what this means for automation.
 

 

Posted in AUDIO, HEDGE

Worth Reading 081325


The current state of digital identity is a mess. Your personal information is scattered across hundreds of locations: social media companies, IoT companies, government agencies, websites you have accounts on, and data brokers you’ve never heard of.


It turns out that, if you have your domain hosted by a big provider (we happen to use GoDaddy), it’s easy to turn on DNSSEC. But I think it says a lot that it took us this long (and the stimulus of working on a new security book) to get us to turn on DNSSEC


As we left the laboratory, I thought about how we in the computing field build a tremendous number of things that really cannot be called beautiful and then are commonly tossed aside without a thought.


The accelerated migration to advanced services will be accompanied by unprecedented complexity, and security and reliability concerns that must be addressed by the network-engineering and formal-methods communities.


Quantum scientists have long treated quantum entanglement as precious cargo, forging fresh links for every secure message or computation. A new theoretical study proposes a thriftier route, letting an existing pair pass portions of its entanglement down an extended chain.

Posted in WORTH READING