Worth Reading: Shutting down a BGP Hijack Factory

16 July 2018

It started with a lengthy email to the NANOG mailing list on 25 June 2018: independent security researcher Ronald Guilmette detailed the suspicious routing activities of a company called Bitcanal, whom he referred to as a “Hijack Factory.” —Doug Madory @Dyn

Worth Reading: Top open source tools for security

12 July 2018

While the intrusion detection and security markets are largely catered to by the likes of proprietary offerings like McAfee, Symantec and Juniper, various open source variants are also being deployed within a large number of corporates. Intrusion prevention and detection has been the major focus in the launching of such tools. —Swapneel Mehta @opensourceforu

Worth Reading: Technology’s trustbuster

12 July 2018

People are wont to say that tech empires naturally come and go, and they cite examples like BlackBerry and MySpace. But the reality of the industry is that it’s always been monopolized. —Martin Giles @Technology Review

Worth Reading: The legal status of domain names

11 July 2018

The legal status of domain names is one of the most hotly debated topics with regards to evolving property rights and how they should be applied to technological and intellectual property ‘innovations’ in cyberspace. —Niel Harper @CircleID

Worth Reading: Repository attacks

11 July 2018

After backdoored components were found on the NPM and PyPI repositories in recent months, researchers warn that Docker Hub, another public repository, is about to distribute malicious Docker images. —Lucian Constantin @The New Stack

Worth Reading: A tale of (many) Kubernetes

10 July 2018

It is safe to say that VMware would have been perfectly happy if Docker containers had never been invented. —Timothy Prickett Morgan @The Next Platform

Worth Reading: Reflecting on the GPLv3 license

10 July 2018

GPLv3 must be understood as the product of an earlier era of FOSS, the contours of which may be difficult for some to imagine today. —Richard Fontana @opensource.com

Worth Reading: Why you should care about service mesh

9 July 2018

Service meshes offer the centralized control plane that enterprises require, while still enabling the free-wheeling stylings of agile, cloud-based application development. —Rob Whiteley @The New Stack

Worth Reading: A deeper look at Quad9

9 July 2018

A handy little infographic on the Quad9 website helps show how it works. Essentially, you set up Quad 9 as your DNS and when you query a known bad hostname, the DNS servers respond that the domain does not exist (NX DOMAIN or non-existent domain). —Aftab Siddiqui @The Internet Society

Worth Reading: Recursive DNS resolver pools

5 July 2018

Using DNS redirection offers a fine-grained and unobtrusive method of load balancing compared with alternatives like anycast and application-layer redirects. —Rami Al-Dalky @APNIC