Weekend Reads 071924

On the other hand, these same minimal overheads imply that DNS over UDP cannot perform prompt detection of packet loss and cannot efficiently defend itself against various approaches to tampering with the DNS, such as source address spoofing, payload alteration and third-party packet injection. Perhaps most importantly, the way UDP handles large payloads is a problem.

User interface (UI) design is currently experiencing a transition from traditional graphical user interfaces (GUIs) to systems designed to recognize a personメs gestures and movements.

The U.S. Federal Trade Commission (FTC), along with two other international consumer protection networks, announced on Thursday the results of a study into the use of “dark patterns” — or manipulative design techniques — that can put users’ privacy at risk or push them to buy products or services or take other actions they otherwise wouldn’t have.

One of the most concerning aspects of social media is that much of its influence evades our notice. We don’t realize that we’re being influenced, or shaped to think a certain way, or view the world through a specific lens.

Chinese automobile conglomerate Geely has made significant strides since I last wrote about their Geesat LEO constellation for mobile vehicle connectivity.

Retail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication purposes when signing into online accounts to mitigate the risk of phishing attacks.

A threat actor that was previously observed using an open-source network mapping tool has greatly expanded their operations to infect over 1,500 victims.

With the first Zen 5 CPUs and SoCs set to ship later this month, AMD offered a closer look at the architectural improvements underpinning the platform’s 16 percent uplift in instructions per clock (IPC) during its Tech Day event in LA last week.

At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week.

Everybody knows that companies, particularly hyperscalers and cloud builders but now increasingly enterprises hoping to leverage generative AI, are spending giant round bales of money on AI accelerators and related chips to create AI training and inference clusters.

Alphabet’s cloud computing division, Google Cloud, tried to sustain the European Union’s inquiry into Microsoft’s antitrust practices in the cloud computing sector by offering complainant Cloud Infrastructure Services Providers in Europe (CISPE) a package worth €470 million ($511 million), Bloomberg reported.

Just one problem: observability tools wonメt help us solve any of the problems above. Even real-user monitoring (RUM) wonメt give us the information we need.

Weekend Reads 071224

The gang’s time from initial access to draining data out of a Veeam server is shockingly fast; after which the attackers went on to deploy actual ransomware in less than a day.

A critical security issue has been disclosed in the Exim mail transfer agent that could enable threat actors to deliver malicious attachments to target users’ inboxes.

The new fireball is the arrival of AI, its widespread acceptance and adoption, and the view that it is now a competitive imperative.

As a follow-up to the post yesterday on native VLANs, there was a question on what would happen to 802.1Q-tagged frames traversing an unmanaged switch.

State-controlled media on Tuesday covered the proceedings of the third China IPv6 Innovation and Development Conference, at which officials revealed that as of May 2024 the Middle Kingdom was home to 794 million users of the protocol, and that 64.56 percent of mobile traffic – plus 21.21 percent of fixed network traffic – is carried on networks that employ it.

In fact, since 2017, Google’s environmental reports show that the company’s electricity use, CO2 emissions, and carbon intensity have soared.

Using DevSecOps helps ensure the right level of security throughout both the development phase and the entire lifespan of the software.

While these tools and studies have merit, there is a need to understand what the developers want instead of what we think they want.

ORCA Computing engineers and builds quantum computers using the photonics quantum modality (i.e. photonic, or light based qubits), which operate at room temperature.

The power efficiency of a server fleet, that is, how much work servers perform for the energy they use, is influenced by multiple factors.

Weekend Reads 070524

Anybody not involved in the telephone business will probably be surprised to find that the old TDM telephone networks are still very much alive and in place.

Intel has demonstrated an optical chiplet co-packaged with a CPU capable of supporting 4 Tbps data links to feed the increasing datacenter bandwidth requirements of AI and high performance computing (HPC) applications.

My one-liner for The AI Delusion is that the real danger today is not that computers are smarter than us but that we think computers are smarter than us and consequently trust them to make decisions they should not be trusted to make.

If the Senate passes an expansion of the Foreign Intelligence Surveillance Act, any Americanメs international communications could become an open book.

Anybody who builds fiber networks can describe the litany of state and local regulations involved in constructing fiber. Following are the primary kinds of such regulations ヨ and there are others in some places.

OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems.

This only works for so long. Software can keep getting bigger and slower only for as long as computers keep getting faster, and the rate of improvement there has fallen off a cliff and shows no sign of recovery.

While data-driven insights propelled tech giants to unprecedented heights, they also led to privacy debacles. As a reaction, the last decade witnessed the emergence and strengthening of data protection regulations such as the General Data Protection Regulation (GDPR) in Europe and the California Consumer Privacy Act (CCPA) in California.

It is easy to overlook the role lithography plays in developing digital technologies. Every year, new and more advanced integrated circuits appear, pushing computing capabilities to more advanced levels.

While Broadcom claimed that many users would see their costs fall because of the changes in licensing, it was simultaneously telling its shareholders that the changes were expected to lead to double-digit revenue growth for its VMware portfolio throughout 2024.

Weekend Reads 061224

Talking at Bernstein’s 40th Annual Strategic Decision Conference late last week, HP boss Enrique Lores acknowledged the pressures facing the print division, saying the number of printed pages has dropped by a fifth.

The petition makes three general arguments for issuing a pause on net neutrality, the first of which is that the FCC may not have the authority to reinstate net neutrality at all.

Each time someone interacts with a large language model (LLM), there is an energy cost in running the model for inference. In addition, there is an energy cost in the preparation and training of the model before it was brought to production.

On December 14, 2022, the European Parliament adopted the Directive on measures for a high common level of cybersecurity across the Union (Directive (EU) 2022/2555) hereinafter referred to as “NIS2”), which was published in the official journal on December 27, 2022

In my view, Thomas’ approach is inconsistent with the remainder of Article 28 and would not achieve the goals of NIS2 to improve cybersecurity across the EU member states.

This kind of marketing, historically, is quite effective – bigger numbers are easier for us customers to understand. But, as is the case with clock speeds and cores, it’s never as simple as the marketers make it sound.

And now that the OEMs are finally able to get some GPU allocations, they are beginning to drive sales, but they do not seem to be able to make money on this ridiculously expensive iron. Which is, well, ironic.

Dozens of policing agencies are currently using cell-site simulators (CSS) by Jacobs Technology and its Engineering Integration Group (EIG), according to newly-available documents on how that company provides CSS capabilities to local law enforcement.

TL;DR: AES-GCM is great, as long as every nonce (mnemonic: number used once) is truly unique. Once a nonce is reused, AES-GCM completely falls apart.

Topology Aware Routing is a feature of Kubernetes that prevents cluster traffic within one availability zone from crossing to another availability zone.

Our recent discovery in router firmware exposes a security flaw in routers’ Network Address Translation (NAT) mapping handling, which can be exploited by attackers to bypass TCP’s built-in randomization.

In a significant escalation against piracy, a French court has ordered Google, Cloudflare, and Cisco to tamper with their DNS resolvers to block access to approximately 117 pirate sports streaming domains.

Weekend Reads 060724

The US Securities and Exchange Commission (SEC) wants to clarify guidelines for public companies regarding the disclosure of ransomware and other cybersecurity incidents.

Technical report 69, or TR-069, which defines how people’s broadband routers and other customer-premises equipment can be remotely provisioned and managed by ISPs automatically, is turning 20 years old.

Google and many other organizations, such as NIST, IETF, and NSA, believe that migrating to post-quantum cryptography is important due to the large risk posed by a cryptographically-relevant quantum computer (CRQC).

IPng’s network is built up in two main layers, (1) an MPLS transport layer, which is disconnected from the Internet, and (2) a VPP overlay, which carries the Internet.

Elon Musk doesn’t want you to share links from Substack, the blogging and newsletter platform that has grown in popularity over the last two years and serves as the primary mode of expression for independent Internet writers.

Quantum computers are probably coming, though we don’t know when—and when they arrive, they will, most likely, be able to break our standard public-key cryptography algorithms.

Domain name monitoring—that is, the detection of domains with names containing a brand-term (or other string) of interest—is a very well-established element of brand protection services.

To tackle these challenges, we developed ROuting SEcurity Tool (ROSE-T), the first open source tool to verify MANRS compliance automatically.

Today’s blog talks about a practice that doesn’t get discussed very often, which is the warehousing of spectrum. Warehousing is the practice where carriers sit on spectrum without using it or make only a minimal technical deployment to protect a spectrum license without actually using the spectrum as intended.

In this blog, we will analyze the modern practice of Phishing “Tests” as a cybersecurity control as it relates to industry-standard fire protection practices.

Recent research showed that 60% of participants fell victim to artificial intelligence (AI)-automated phishing, which is comparable to the success rates of non-AI-phishing messages created by human experts.

From a high level, optical interconnects perform the task their name implies: they deliver data from one place to another while keeping errors from creeping in during transmission. Another important task, however, is enabling data center operators to scale quickly and reliably.

This blog will provide an understanding of what AI jailbreaks are, why generative AI is susceptible to them, and how you can mitigate the risks and harms.

Experts on artificial intelligence raised concerns about the implications of AI’s rapid growth at a panel discussion in Washington, D.C. Tuesday.

Weekend Reads 053124

In this episode of the RIPE Labs podcast, three Internet pioneers talk about how they helped grow the Internet out of its early infancy, back when its purpose – and much of the excitement around its development – lay in the promise of connecting researchers from around the world.

Meta, parent company of Facebook and Instagram, also now is in the AI-focused processor game. The company recently unveiled the next generation of custom-made chips to help power AI-driven rankings and recommendation ads on social media platforms.

Phishing threats have reached unprecedented levels of sophistication in the past year, driven by the proliferation of generative AI tools.

In recent news, more than 13,000 subdomains of brands were hijacked for a large spam campaign that “leverages the trust associated with these domains to circulate spam and malicious phishing emails by the millions each day, cunningly using their credibility and stolen resources to slip past security measures.”

Tenable Research has discovered a critical memory corruption vulnerability dubbed Linguistic Lumberjack in Fluent Bit, a core component in the monitoring infrastructure of many cloud services.

Pew Research Center conducted the analysis to examine how often online content that once existed becomes inaccessible. One part of the study looks at a representative sample of webpages that existed over the past decade to see how many are still accessible today.

As well as making EPP easier for registrars to use, such an API would help domain registries by increasing scalability and improving performance and security.

Three teams – in Boston, in China, and the Netherlands – have simultaneously announced that they’ve figured out ways to store entangled photons without breaking the entanglement, a critical step in building quantum repeaters, and, thus, scalable quantum networks.

Microsoft has a lot more than AI riding on Copilot+ PCs. Although AI is the current buzzword of the tech industry, Microsoft’s push into a new era of PCs has just as much to do with declining PC sales over the past several years, as well as Microsoft’s decade-long drive to get Windows on ARM working.

The IBM Power Virtual Server Private Cloud – announced Tuesday with little fanfare – is based on the IBM Power Virtual Servers Big Blue rents out in a manner that will be familiar to users of IaaS services.

We have a long-standing policy that when you redact text, the only way to do it securely is to use black bars. Sometimes, people like to be clever and try some other redaction techniques like blurring, swirling, or pixelation. But this is a mistake.

The relationship between shift length, fatigue and human error is well documented, but less clear is how the data center industry can define shifts that help minimize human error. The recommended best practices for other industries do not always translate into the data center world, where 24/7 service availability is the standard.

Weekend Reads 052424

The European Union’s new Digital Markets Act (DMA) is a complex, many-legged beast, but at root, it is a regulation that aims to make it easier for the public to control the technology they use and rely on.

When optimizing the write performance of GreptimeDB v0.7, we discovered through flame graphs that the CPU time spent parsing Prometheus write requests accounted for about 12% of the total.

We think that waferscale computing is an interesting and even an inevitable concept for certain kinds of compute and memory. But inevitably, the work you need to do goes beyond what a single wafer’s worth of cores can deliver, and then you have the same old network issues.

Evidence is mounting that tech companies’ policies demanding staff return to the office are only serving to drive out the talent that became accustomed to remote work.

ZTDNS integrates the Windows DNS client and the Windows Filtering Platform (WFP) to enable this domain-name-based lockdown. First, Windows is provisioned with a set of DoH or DoT capable Protective DNS servers; these are expected to only resolve allowed domain names.

The use of Machine Learning and Deep Learning models allows us to understand the intention of the message, who is sending it, and if the sender is pretending to be someone they are not. It also allows us to learn what a legitimate message looks like and identify the parts of an email that indicate malicious intent, making it easier to predict those markers in the future.

That said, I have been running e-mail servers since well before Google existed as a company. I started off at M.C.G.V. Stack, the computer club of the University of Eindhoven, in 1995.

Alas, the feds did something you wouldn’t want your government to do. The Federal Trade Commission launched an investigation into MGM — the victim of the cyberattack — and demanded that MGM, which suffered an estimated $100 million loss from the hack, provide information about the breach.

If successful in the Google and Apple cases, the result will be far more clarity on non-priced harms and a much-needed update to how we evaluate consumer welfare in the digital age, all without throwing the baby out with the bathwater.

How do you profit off intelligence once it’s been commoditized? Will the AI transition let a thousand flowers bloom, or will the returns largely flow to a few tech behemoths and their infrastructure providers?

Broadcom has introduced a new series of 400G Ethernet adapters specifically tuned for resolving network bottlenecks when moving massive amounts of data around for AI processing.

Yes, this time is different. And the key difference is Joe Biden’s EPA. On May 9, that agency published a rule in the Federal Register that, if it survives legal challenges, will force the closure of every coal-fired power plant in America and prevent the construction of new baseload gas-fired plants. If the rule survives those challenges, it will strangle AI in the crib.