CAA Records and Site Security

19 November 2018 | 0 Comments

The little green lock—now being deprecated by some browsers—provides some level of comfort for many users when entering personal information on a web site. You probably know the little green lock means the traffic between the host and the site is encrypted, but you might not stop to ask the fundamental question of all cryptography:…

Short Take: DNSSEC Deployment

6 November 2018 | Comments Off on Short Take: DNSSEC Deployment

Short Take: SDN is not DevOps

9 August 2018 | Comments Off on Short Take: SDN is not DevOps

Research: Covert Cache Channels in the Public Cloud

6 August 2018 | Comments Off on Research: Covert Cache Channels in the Public Cloud

One of the great fears of server virtualization is the concern around copying information from one virtual machine, or one container, to another, through some cover channel across the single processor. This kind of channel would allow an attacker who roots, or otherwise is able to install software, on one of the two virtual machines,…

Reaction: The Power of Open APIs

5 June 2018 | Comments Off on Reaction: The Power of Open APIs

Disaggregation, in the form of splitting network hardware from network software, is often touted as a way to save money (as if network engineering were primarily about saving money, rather than adding value—but this is a different soap box). The primary connections between disaggregation and saving money are the ability to deploy white boxes, and…

Whatever is vOLT-HA?

23 April 2018 | Comments Off on Whatever is vOLT-HA?

Many network engineers find the entire world of telecom to be confusing—especially as papers are peppered with a lot of acronyms. If any part of the networking world is more obsessed with acronyms than any other, the telecom world, where the traditional phone line, subscriber access, and network engineering collide, reigns as the “king of…

Reaction: DNS Complexity Lessons

16 April 2018 | Comments Off on Reaction: DNS Complexity Lessons

Recently, Bert Hubert wrote of a growing problem in the networking world: the complexity of DNS. We have two systems we all use in the Internet, DNS and BGP. Both of these systems appear to be able to handle anything we can throw at them and “keep on ticking.” this article was crossposted to CircleID…

Policing, Shaping, and Performance

28 March 2018 | Comments Off on Policing, Shaping, and Performance

Policing traffic and shaping traffic are two completely different things, but it is hard to know, in the wild, what the impact of one or the other will have on a particular traffic flow, or on the performance of applications in general. While the paper under review here, An Internet-Wide Analysis of Traffic Policing, is…

History of Hardware Switching

15 March 2018 | Comments Off on History of Hardware Switching

On this episode of the history of networking, we talk to Tony Li about the origin and history of the Cisco Silicon Switching Engine.

Short Take: Side Channel Attacks

13 March 2018 | Comments Off on Short Take: Side Channel Attacks

In this short take, recently posted over at the Network Collective, I discuss what a side channel attack is, and why they are important.