Infrastructure Privacy Live Webinar

16 January 2023 | Comments Off on Infrastructure Privacy Live Webinar

I’m teaching a three-hour webinar on infrastructure privacy this coming Friday. From the description—

Privacy is important to every IT professional, including network engineers—but there is very little training oriented towards anyone other than privacy professionals. This training aims to provide a high-level overview of privacy and how privacy impacts network engineers. Information technology professionals are often perceived as “experts” on “all things IT,” and hence are bound to face questions about the importance of privacy, and how individual users can protect their privacy in more public settings.

There is a recording for anyone who registers.

Register here.

Hedge 161: Going Dark with Geoff Huston

12 January 2023 | Comments Off on Hedge 161: Going Dark with Geoff Huston

Encrypt everything! Now! We don’t often do well with absolutes like this in the engineering world–we tend to focus on “get it down,” and not to think very much about the side effects or unintended consequences. What are the unintended consequences of encrypting all traffic all the time? Geoff Huston joins Tom Ammon and Russ White to discuss the problems with going dark.

Hedge 158: The State of DDoS with Roland Dobbins

15 December 2022 | Comments Off on Hedge 158: The State of DDoS with Roland Dobbins

DDoS attacks continue to be a persistent threat to organizations of all sizes and in all markets. Roland Dobbins joins Tom Ammon and Russ White to discuss current trends in DDoS attacks, including the increasing scope and scale, as well as the shifting methods used by attackers.

Hedge 153: Security Perceptions and Multicloud Roundtable

2 November 2022 | Comments Off on Hedge 153: Security Perceptions and Multicloud Roundtable

Tom, Eyvonne, and Russ hang out at the hedge on this episode. The topics of discussion include our perception of security—does the way IT professionals treat security and privacy helpful for those who aren’t involved in the IT world? Do we discourage users from taking security seriously by making it so complex and hard to use? Our second topic is whether multicloud is being oversold for the average network operator.

On the ‘net: Privacy and Networking

24 October 2022 | Comments Off on On the ‘net: Privacy and Networking

The final three posts in my series on privacy for infrastructure engineers is up over at Packet Pushers. While privacy might not seem like a big deal to infrastructure folks, it really is an issue we should all be considering and addressing—if for no other reason than privacy and security are closely related topics. The primary “thing” you’re trying to secure when you think about networking is data—or rather, various forms of privacy.

Privacy for Providers

11 July 2022 | Comments Off on Privacy for Providers

While this talk is titled privacy for providers, it really applies to just about every network operator. This is meant to open a conversation on the topic, rather than providing definitive answers. I start by looking at some of the kinds of information network operators work with, and whether this information can or should be considered “private.” In the second part of the talk, I work through some of the various ways network operators might want to consider when handling private information.

On Securing BGP

22 April 2022 | Comments Off on On Securing BGP

The US Federal Communications Commission recently asked for comments on securing Internet routing. While I worked on the responses offered by various organizations, I also put in my own response as an individual, which I’ve included below.

Legal and Ethical Aspects of Privacy

21 April 2022 | Comments Off on Legal and Ethical Aspects of Privacy

My second post on privacy for network engineers is up over at Packet Pushers—

Given the arguments from the first article in this series, if privacy should be and is essential—what does the average network engineer do with this information? How does privacy impact network design and operations? To answer this question, we need to look at two other questions.

Why Privacy?

2 February 2022 | Comments Off on Why Privacy?

I’ve kicked off a series over at Packet Pushers on the ; the first installment is up now.

Hedge 103: BGP Security with Geoff Huston

6 October 2021 |

Our community has been talking about BGP security for over 20 years. While MANRS and the RPKI have made some headway in securing BGP, the process of deciding on a method to provide at least the information providers need to make more rational decisions about the validity of individual routes is still ongoing. Geoff Huston joins Alvaro, Russ, and Tom to discuss how we got here and whether we will learn from our mistakes.