Weekend Reads 013021


I recently shared at a conference how a seasoned brand and fraud expert from one of the world’s largest global financial institutions lamented a major attack where multiple fraudulent websites would pop up every single day.


Every now and then we hear buzzing in the news about some egregious Big Tech privacy infringement. We are also frequently notified about all the new steps our apps are taking to further protect our privacy.


Few people would seriously dispute the advantages of a zero-trust security model, particularly in a fast-changing cloud environment with business being conducted by a dispersed workforce using a wide variety of devices. The question is how best to approach zero trust.


Silicon photonics has been proving its worth in telco and communications but there is a much brighter opportunity photonics-based computing. The energy efficiency and data movement potential is promising, especially for increasingly data-laden analytics and AI/ML applications, but the road to a diverse hardware ecosystem for compute is still long.


The designers of DNSSEC, as well as academic researchers, have separately considered the answer of “negative” responses — when the domain name doesn’t exist. In this case, as I’ll explain, responding with a signed “does not exist” is not the best design. This makes the non-existence case interesting from a cryptographer’s perspective as well.


Charter and other cable companies use hybrid fiber-coaxial (HFC) technology to deliver service to customers. This technology builds fiber to neighborhood nodes and then delivers services from the nodes using coaxial copper cables.


As yet another piece of malware has been uncovered in the attack on SolarWinds network management system software, there still remain several missing elements needed to draw a complete picture of the massive cyberattacks against major US government agencies and corporations, including security vendor and incident response expert FireEye.


DNS over HTTPS is a new protocol that protects domain-lookup traffic from eavesdropping and manipulation by malicious parties. Rather than an end-user device communicating with a DNS server over a plaintext channel—as DNS has done for more than three decades—DoH, as DNS over HTTPS is known, encrypts requests and responses using the same encryption websites rely on to send and receive HTTPS traffic.


NSEC5 is a result of research by cryptographers at Boston University and the Weizmann Institute. In this approach, which is still in an experimental stage, the endpoints are the outputs of a verifiable random function (VRF), a cryptographic primitive that has been gaining interest in recent years.


Artificial intelligence and machine learning and data are inextricably linked. Yet common misconceptions persist. What is intelligence and is machine intelligence same or better than human intelligence? What are implicit biases and can we eliminate them from being programmed to either reinforce or hinder stereotypes to guard against prejudice in AI?


Surprisingly, we have found that all today’s WiFi devices acknowledge any packet they receive as long as the destination address matches their MAC address.


Cybersecurity researchers have uncovered multiple vulnerabilities in Dnsmasq, a popular open-source software used for caching Domain Name System (DNS) responses, thereby potentially allowing an adversary to mount DNS cache poisoning attacks and remotely execute malicious code.


In December 2020, the industry was rocked by the disclosure of a complex supply chain attack against SolarWinds, Inc., a leading provider of network performance monitoring tools used by organizations of all sizes across the globe.


Engineering teams at Juniper have developed a broad set of 400G pluggable optics that support an extensive range of use cases for customers, including 500m and 2km single-mode fiber intra-data center interconnects. Juniper’s current 400G optics are based on PAM4 modulation technology that has been standardized in the IEEE 802.3 with some additional optical specifications provided by the 100G Lambda MSA