Upcoming Course: Data Center Fabrics

On the 18th and 22nd (Thursday and Monday) I’m teaching the two-part series on Data Center Fabrics and Control Planes over at Safari Books Online. This is six hours total training covering everything from Clos fabrics to eVPN.

Register here.

If you register for the course you can access a recording at a later date. From Safari:

This class consists of two three-hour sessions. The first session will focus on the physical topology, including a short history of spine-and-leaf fabrics, the characteristics of fabrics (versus the broader characteristics of a network), and laying out a spine-and-leaf network to support fabric lifecycle and scaling the network out. The first session will also consider the positive and negative aspects of using single- and multi-forwarding engine (FE) devices to build a fabric, and various aspects of fabric resilience. The second session will begin with transport considerations and quality of experience. The session will then consider underlay control planes, including BGP and IS-IS, and the positive and negative aspects of each. Routing to the host and the interaction between the control plane and automation will be considered in this session, as well. EVPN as an overlay control plane will be considered next, and finally the relationship between security and control plane design will be examined.

Weekend Reads 050523

The past decade has seen numerous reports of so-called cloud “repatriations”–the migration of applications back to on-premises venues following negative experiences with, or unsuccessful migrations to, the public cloud.

While agile software development is often associated with specific methodologies, such as Scrum, Kanban, and Extreme Programming it is not enough to just follow such a methodology.

The heady, exciting days of ChatGPT and other generative AI and large-language models (LLMs) is beginning to give way to the understanding that enterprises will need to get a tight grasp on how these models are being used in their operations or they will risk privacy, security, legal, and other problems down the road.

When deploying changes to an application, there are several strategies you can use.

The sad story of OAuth 2.0 and open standards.

Payment Card Industry Data Security Standard (PCI DSS) was developed and established to foster a safe cardholder data practice in the industry.

While the DNS (Web2) has been a reliable and trusted internet standard for decades, Web3 platforms (such as ENS, Handshake and Unstoppable) are a relatively new technology deployment that presents unique and different features.

In this blog post, we at the University Grenoble Alpes (France) analyse that event from the RIPE Atlas point of view and, more broadly, evaluate the extent of DNS manipulation when sending queries to DNS root servers.

Amazon Web Services has spent the past decade and a half testing this principle, and is being tested now as companies are skittish that national economies are going to push the world into recession.

Bluetooth, the technology that powers the wireless data connections between billions of devices, is going to become even more capable, with big increases planned for the data bandwidth of Bluetooth LE.

Just a few short years ago, lateral movement was a tactic confined to top APT cybercrime organizations and nation-state operators. Today, however, it has become a commoditized tool, well within the skillset of any ransomware threat actor.

Unsuspecting website visitors are often unaware when they have landed on a spoofed page or are re-directed to malware-hosting web servers designed to steal their sensitive data and information.

Ever wondered where the personally identifiable information (PII) phishers steal from victims end up? More likely than not, they’re put up for sale on the ever-growing number of online stolen card shops.

So when we got a call last week from someone asking us how big are Nvidia’s server and networking businesses in a finer-grained detail than just the broad “Compute & Networking” and “Datacenter” categories that Nvidia talks about, we didn’t hesitate to load up our spreadsheet for Big Green and take a stab at it.

Satellite comms firm Viasat has successfully hurled ViaSat-3 Americas into orbit, the first of three satellites designed to offer high speed global broadband coverage.

Weekend Reads 042823

There has always been some concern about undersea fibers. Countries fear that sabotage of the fibers connected to their shores could result in being isolated from the Internet.

Do your employees use unauthorized SaaS apps? The average organization has over 100 SaaS apps, many unsanctioned by IT, posing a serious security risk.

A proposed permanent network of electromagnetic monitoring stations across the continental US, operating in tandem with a machine learning (ML) algorithm, could facilitate accurate predictions of geomagnetic disturbances (GMDs).

We may be seeing an equally dramatic transformation of chip design right now, this time with the use of AI to drive designs.

But for now it”s exciting to see what ChatGPT has already been able to do. At some level it”s a great example of the fundamental scientific fact that large numbers of simple computational elements can do remarkable and unexpected things.

He”s sharing the story of JSON, his discovery of JavaScript”s good parts, and his approach to finding a simple way to build software.

Back in January of this year, we studied the infrastructure of Ducktail, a malware that trailed its sights on Facebook business owners and advertisers.

The Philippines is an archipelago comprising three major island groups: Luzon, Visayas, and Mindanao with 7,641 islands at high tide and a population of 113 million spread across roughly 2,000 of those islands.

Cable operators are eager to take advantage of the forthcoming DOCSIS 4.0 rollout, as a survey from ATX Networks found nearly half (48%) of cable companies plan to activate DOCSIS 4.0 in their hybrid-fiber coaxial (HFC) networks by the end of 2025.

While Prolexic’s overall service and mitigation stacks are not changing, the new offering allows customers to define and adjust their own access control rules and provides analytics of existing ones.

However, alongside these more “traditional” or perhaps “structural” security concerns that cannot be swiftly shaken off, countries in the region have increasingly had to deal with the additional burden of cybersecurity threats.

Distributed denial-of-service (DDoS) is the attack method businesses are most concerned about, believing it will have the largest impact on the business.

A prominent example of a PET is fully homomorphic encryption, often mentioned in the same breath as differential privacy, federated learning, secure multiparty computation, private set intersection, synthetic data, zero knowledge proofs or trusted execution environments.

We already know that software can displace people. In 2019, Wells Fargo predicted that efficient software would replace 200,000 jobs in the banking industry.

There were a few efforts to flesh out what 6G might look like but they didn”t really get much further than “5G done properly” with a bit of utopian AI and ubiquitous sensing thrown in to sex it up a bit.

Hedge 176: OpenAI, ChatGPT, and the Cost of a Data Center

It’s time for the April Hedge roundtable! This month Eyvonne, Russ, and Tom are talking about OpenAI, the hype around AI, the “pause letter” and the lack of a real conversation, and the rising costs of building and operating a data center. As always, let us know if you have topics you’d like to hear us talk about, or guests you’d like to hear.

Thanks for listening!


Controversial Reads 042223

Tech companies are embedding these deeply flawed models into all sorts of products, from programs that generate code to virtual assistants that sift through our emails and calendars.

On the morning of October 14, 2020, I caught a firsthand glimpse of what it’s like for a traditional media outlet to go up against the vast agglomeration of economic and digital power known as Big Tech—and to do so without the benefit of what economist John Kenneth Galbraith defined as countervailing power.

Former Google CEO Eric Schmidt said that artificial intelligence could hurt American politics and needs to be reined in.

The National Assembly’s decision to greenlight the bill followed months of debate about one section in particular — Article 7 — which permits the use of AI-assisted video surveillance technology by law enforcement during and up to six months after the Games.

Calling a business, civic organization, or even school a family may be well-intended but comes with unintended consequences that do an injustice to the necessary commitments that should be made to our actual families.

If normal means mass layoffs, empty office buildings, confusing return-to-office policies, AI panic, and the whiplash-y feeling that just when employees were starting to redraw some boundaries between work and home, an economic downturn has forced society to fret even more about work.

On April 11th, 2023, China’s top internet regulator proposed new rules for generative AI.

Many people stare down face recognition technology every day as they unlock their smartphones. But this technology also has applications in people’s places of work.

A variety of digital tools are being used to monitor workers across various industries, some of which use artificial intelligence (AI) to try to gain insights into workers’ performance.

But increasing use of AI by employers has led some to question the fairness, quality and accuracy of hiring decisions made in this way – even as others tout AI as an improvement over human involvement.

Weekend Reads 042123

A new report from analyst firm Omdia suggests operators’ best chance of growth in the consumer market comes from partnering with Big Tech.

In a 2023 survey of cybersecurity leaders, 51% said they believe an AI-based tool like ChatGPT will be used in a successful data breach within the next year.

When folks ask me for an estimate of the cost of building aerial fiber, I always say that the cost is dependent upon the amount of required make-ready needed. Make-ready is well-named–it’s any work that must be done on poles to be ready to string the new fiber.

On 10 February 2023, Reddit announced it suffered a security incident where a phishing campaign led an employee to a website that imitated the network’s intranet gateway.

This video looks at various Kubernetes vulnerabilities and their severity scores to help you understand how to evaluate CVEs so you can prioritize remediation. It also shows different options and sources of CVEs.

It is almost 25 years since the Internet was privatized by the U.S. government. ICANN was formed by Esther Dyson and Jon Postel as a California-based non-profit with the responsibility to administer the Internet.

The series glamourized Anna’s fraudulent endeavors and depicted her as clever, interesting, and mysterious; someone who we wanted to figure out and understand.

Even if cyber attack tactics, techniques, and procedures (TTPs) have become increasingly sophisticated over the years, age-old phishing remains the most-used attack vector to this day.

On a specific date and time in 2038, the old-world model of time in 32 bits as a positive integer value “wraps around” (when an integer value is too big for the container assigned in the computer) and returns nonsensical results.

Today, Microsoft is excited to announce that we are shifting to a new threat actor naming taxonomy aligned to the theme of weather.

From the coverage that ChatGPT, developed by OpenAI, has been receiving since its launch in November 2022, you would be forgiven for thinking that is the only technology story around.

The Domain Name System (DNS) root zone will soon be getting a new record type, called ZONEMD, to further ensure the security, stability, and resiliency of the global DNS in the face of emerging new approaches to DNS operation.