Posts by Russ

Weekend Reads 082319

Red Hat is unveiling its own service mesh for OpenShift version 4, its hybrid cloud enterprise Kubernetes platform. The commercial offering packages Istio, the emerging leader in the space, as well as the Jaeger project for tracing, and Kiali for monitoring and management of Istio. —Susan Hall

DNSSEC is increasingly adopted by organizations to protect DNS data and prevent DNS attacks like DNS spoofing and DNS cache poisoning. At the same time, more DNS deployments are using proprietary DNS features like geo-routing or load balancing, which require special configuration to support using DNSSEC. —Jan Včelák

Cybercrooks increasingly are anonymizing their malicious traffic by routing it through residential broadband and wireless data connections. Traditionally, those connections have been mainly hacked computers, mobile phones, or home routers. But this story is about so-called “bulletproof residential VPN services” that appear to be built by purchasing or otherwise acquiring discrete chunks of Internet addresses from some of the world’s largest ISPs and mobile data providers. —Krebs on Security

At first glance, the University of the South Pacific network is not your usual university network. Our network operates across 26 sites in 12 different Pacific economies and is spread over 33 million square kilometres of ocean — about three times the size of Europe. —Edwin Sandys

Facebook users are eager for alternatives to the service, but are held back by the fact that the people they want to talk with are all locked within the company’s walled garden. Interoperability presents a means for people to remain partially on Facebook, but while using third-party tools that are designed to respond to their idiosyncratic needs. —Cory Doctorow

Geoffrey A. Fowler of the Washington Post recently engaged a data expert to track everything going on behind the scenes with his iPhone. What he found was surprising since Apple touts itself as a company that doesn’t invade user privacy. The various apps on his phone were routinely handing out his personal data on a scale that shocked him. —Doug Dawson

In this post, I explore the methods that recursive resolvers use to select authoritative nameservers and why. Answering these questions informs decisions around authoritative nameserver deployment and improving recursive resolver behaviour. —Kyle Schomp

DNS Flag Day was the result of a collaborative effort and agreement of DNS implementers and DNS resolver operators to commit to no longer providing workarounds for non-standards-compliant authoritative nameservers as of 1 February 2019. —Willem Toorop

As long we’ve had electronic mass media, audiences and creators have benefited from periods of technological upheaval that force old gatekeepers to compete with brash newcomers with new ideas about what constitutes acceptable culture and art. Those newcomers eventually became gatekeepers themselves, who then faced their own crop of revolutionaries. But today, the cycle is broken: as media, telecoms, and tech have all grown concentrated, the markets have become winner-take-all clashes among titans who seek to dominate our culture, our discourse and our communications. —Cory Doctorow

Dan Bricklin, co-creator of the first killer app, VisiCalc, recently pointed out it’s been 38 years since the IBM PC was introduced. It wasn’t the first PC — when it rolled out I wrote about it on my CP/M-powered KayPro II — but it was the one that started Bill Gates and Microsoft on their way to stardom. —Steven J. Vaughan-Nichols


It’s still a little way out, but I’ll be speaking at NXTWORK 2019 in Las Vegas on November 11-13. I have one master class on data center design lined up, and may be speaking in another session. Otherwise, I’ll be hanging out at the Network Reliability Engineering (NRE) lounge taking questions on the white board and talking to folks.

Hope to see you there!

History of YANG with Phil Shafer

YANG is a data modeling language used to model configuration data, state data, Remote Procedure Calls, and notifications for network management protocols, described in RFC7950. The origins of YANG are rooted in work Phil Shafer did in building an interface system for JUNOS. Phil joins us on this episode of the History of Networking to discuss the history of YANG.


Upcoming Webinar: Resilience and Fast Reroute

There are just a few days left to register for my upcoming webinar on resilience and fast reroute on Safari Books. From the description—

This training will provide an overview of many different solutions in the resilience space, including redundancy, BFD, graceful restart, IP based local fast reroute, MPLS based fast reroute, PIC, and others. The positive and negative aspects of each solution will be considered, including the complexity tradeoffs, how these solutions can be combined.

Register here.

Weekend Reads 081619

If you are using any supported version of the Windows operating system, stop everything and install the latest security updates from Microsoft immediately. —Swati Khandelwal

Is poor documentation always evil? Absolutely not. I’m often amazed at just how much some open source projects manage to accomplish considering the limited resources they’re usually working with. And, in any case, as long as people (like me) aren’t volunteering to help out, we have no right to grumble. —David Clinton

In any chip design, the devil – and the angel – is always in the details. AMD has been burned by some architectural choices it has made with Opteron processors in the past, where assumptions about how code might exploit the hardware did not pan out as planned. — Timothy Prickett Morgan

The unknown knowns quadrant is often overlooked or just misinterpreted. I can easily understand why people don’t see the importance of it and just refer to it as a nonsense contradiction — how can someone not know something they already know? —Alon Kiriati

With a focus on continuous improvements, agile project management upends the traditional linear way of developing products and services. Increasingly, organizations are adopting agile project management because it utilizes a series of shorter development cycles to deliver features and improve continually. —Matt Shealy

Seldom has a new IETF protocol sparked so much controversy and discussion than the DNS privacy protocol DNS-over-HTTPS (DoH). —Carsten Strotmann

The security expert contacted dozens of UK and US-based firms to test how they would handle a “right of access” request made in someone else’s name. —Leo Kelion

How safe are your secrets? If you used Amazon’s Elastic Block Storage snapshots, you might want to check your settings. —Zack Whittaker

It looks like an Apple lightning cable. It works like an Apple lightning cable. But it will give an attacker a way to remotely tap into your computer. —Joseph Cox

How do you solve a problem like deepfake? It’s a question that everyone from tech companies to politicians are having to ask with the advent of new, increasingly accessible tools that allow for the creation of A.I. manipulated videos in which people’s likenesses are reappropriated in once unimaginable ways —Luke Dormehl Luke Dormehl

With so much dissatisfaction over how companies like Facebook and YouTube moderate user speech, you might think that the groups that run the Internet’s infrastructure would want to stay far away from the speech-policing business. Sadly, two groups that control an important piece of the Internet’s infrastructure have decided to jump right in. —Mitch Stoltz