Harvard Business Review just ran an interesting article on the information security aspects of Internet of Things (IoT). Based on the storyline, the smart city initiatives are doomed to fail unless the security of the IoT devices and the systems will be improved. While security of the digital society is obviously a key concern, I am not entirely convinced that relying on the security of individual devices and systems is the best course of action. more
Your first line of defense to any DDoS, at least on the network side, should be to disperse the traffic across as many resources as you can. Basic math implies that if you have fifteen entry points, and each entry point is capable of supporting 10g of traffic, then you should be able to simply absorb a 100g DDoS attack while still leaving 50g of overhead for real traffic... Dispersing a DDoS in this way may impact performance -- but taking bandwidth and resources down is almost always the wrong way to react to a DDoS attack. But what if you cannot, for some reason, disperse the attack? more
What will the Internet look like in the next seven to 10 years? How will things like marketplace consolidation, changes to regulation, increases in cybercrime or the widespread deployment of the Internet of Things impact the Internet, its users and society? At the Internet Society, we are always thinking about what's next for the Internet. And now we want your help! more
Comcast enhanced the value position of its broadband subscriptions by increasing the monthly data allowance to 1 Terrabyte (1000 Gigabytes). See Comcast Announcement. As an independent, unsponsored researcher, I can say "Thank You Comcast" without adverse consequences and only a bit of irony. This company does much to displease, but an expanded data allowance offers a winning proposition. more
We tend to make a number of assumptions about the Internet, and sometimes these assumptions don't always stand up to critical analysis. We were perhaps 'trained' by the claims of the telephone service to believe that these communications networks supported a model of universal connectivity. Any telephone handset could establish a call with any other telephone handset was the underlying model of a ubiquitous telephone service, and we've carried that assumption into our perception of the Internet. On the Internet anyone can communicate with anyone else - right? more
A hot topic in telecoms at the moment is 'software-defined networking' (SDN). This term covers a range of technologies that put networks under the control of centralised management software. But what if SDN misses the point of why broadband networks exist in the first place? Network equipment vendors are busy pushing operator CTOs to adopt a 'software telco' approach. A small army of analysts and consultants cheer this process on. more
I recently read an interesting post on LinkedIn Engineering's blog entitled "TCP over IP Anycast -- Pipe dream or Reality?" The authors describe a project to optimize the performance of www.linkedin.com. The web site is served from multiple web server instances located in LinkedIn's POPs all over the world. Previously LinkedIn used DNS geomapping exclusively to route its users to the best web server instance, but the post describes how they tried using BGP routing instead. more
In 2013 I wrote a blog Telecoms as a spying tool, in which I mentioned that those who use the internet to spy indiscriminately will have to face the reality that such activities will only start a cat-and-mouse game -- the technology will always be able to stay one step ahead of those who are using the internet for criminal purposes. Since that time some very significant developments have taken place that have confirmed our prediction. more
I spend most of my time teaching engineers in different countries how to plan and deploy IPv6 networks. Over the last two years, I have been speaking more and more to non-engineers. These are either technology executives who sense that they need to do something about this "IPv6" thing, or government IT leaders who want to understand what the problem is and more importantly, what they could do. The most impactful part of these these exchanges is when I get these managers to understand the implications of IPv4 address exhaustion to their organisations. more
It's Apple's Developers Conference time again, and in amongst the various announcements was week, in the "Platforms Status of the Union" presentation was the mention of Apples support of IPv6. Sebastien Marineau, Apple's VP of Core OS told the conference that as far as IPv4 addresses are concerned, exhaustion "is finally here", noting that this already started in 2011 in the Asia Pacific while in North America IPv4 address exhaustion is imminent. Sebastien noted that it's really important to support IPv6 in devices and applications these days... more
As security breaches increasingly make headlines, thousands of Internet security companies are chasing tens of billions of dollars in potential revenue. While we, the authors, are employees of Internet security companies and are happy for the opportunity to sell more products and services, we are alarmed at the kind of subversive untruths that vendor "spin doctors" are using to draw well-intentioned customers to their doors. Constructive criticism is sometimes necessarily harsh, and some might find the following just that, harsh. But we think it's important that organizations take a "buyers beware" approach to securing their business. more
As the FCC moves forward with its plans to regulate the internet in the U.S., it's worth taking a look at what's happened when the government has regulated other innovative industries. As a facilitator of innovation, I've always been fascinated with the history of Bell Labs. Bell Labs was once thought of as the source of most modern innovations... The work done at Bell Labs built the foundation for modern invention leading to phones, space exploration, the internet, music distribution, cell phones, radio and television and more. more
Internet Protocol addresses fill two unique roles. They are both identifiers and locators. They both tell us which interface is which (identity) and tell us how to find that interface (location), through routing. In the last myth, about network scanning, we focused mainly on threats to IPv6 addresses as locators. That is, how to locate IPv6 nodes for exploitation. Today's myth also deals with IPv6 addresses as identifiers. more
After the botched burglary at the Watergate Apartments, every scam and scandal that hit the headlines became a 'gate' -- Irangate, Contragate, you name it. The Heartbleed bug is possibly the closest thing to Watergate that this generation of computer security had seen till the past few days -- an exploit in a component that is "just there" -- something you utterly rely on to be there and perform its duties, and give very little thought to how secure (or rather, insecure) it might be. So, fittingly, every such catastrophic bug in an ubiquitous component is now a 'bleed'. more
There are often confused reports in the media about mobile and fixed broadband, with arguments that one could replace the other. Yet the reality is that they coexist and complement each other - perhaps even more so since one cannot manage without the other. Increasingly, devices such as smartphones, tablets and smart TVs are at the end of fixed lines, with a wireless (WiFi) connection between the fixed line and the device. more
A World-Renowned Source for Internet Developments. Serving Since 2002.