BGP. Border Gateway Protocol. The de-facto standard routing protocol of the Internet. The nervous system of the Internet. I don't think I can overstate the importance, the criticality of BGP to the operation of the modern Internet. BGP is the glue that holds the Internet together at its core. And like so many integral pieces of the Internet, it, too, is designed and built on the principle of trust... The folks who operate the individual networks that make up the Internet are generally interested in keeping the Internet operating, in keeping the packets flowing. And they do a great job, for the most part. more
We are suffering an epidemic of cyberattacks while in a viral pandemic. This post is for those who have responsibility for assuring that the IT-based services offered by their enterprise can quickly recover in the case of successful cyber-attack or other disaster. University of Vermont Medical Center (UVMMC) is an excellent hospital. I owe my life to treatment there and am grateful for both the skill and the kindness of UVMMC staff. They have been devastated by a cyber-attack. more
Technology always evolves, and I've been reading about where scientists envision the evolution of 5G. The first generation of 5G, which will be rolled out over the next 3-5 years, is mostly aimed at increasing the throughput of cellular networks. According to Cisco, North American cellular data volumes are growing at a torrid 36% per year, and even faster than that in some urban markets where the volumes of data are doubling every two years. The main goal of the first-generation 5G is to increase network capacity to handle that growth. more
Netflix has announced that they are deploying their own Content Delivery Network (CDN) for delivery of their video streams to Internet Exchange Points (IXPs) around the world. More importantly they are making the hardware and software design of their CDN servers freely available. That means any network can deploy Netflix CDN boxes deep into their network to significantly reduce traffic volumes and improve performance for users. more
The largest and most important global information infrastructure today by any measure is clearly the global mobile network and all of its gateways, services, and connected devices. That network is standardized, managed, and energized by a combination of the 3GPP and GSMA. The level of 3GPP industry involvement and collaboration today probably exceeds all other telecom, internet, and assorted other bodies put together... and then some. more
It has been a very busy period in the domain of computer security. With "shellshock", "heartbleed" and NTP monlink adding to the background of open DNS resolvers, port 445 viral nasties, SYN attacks and other forms of vulnerability exploits, it's getting very hard to see the forest for the trees. We are spending large amounts of resources in reacting to various vulnerabilities and attempting to mitigate individual network attacks, but are we making overall progress? What activities would constitute "progress" anyway? more
In the December of last, Cuba singed a deal with Google to enable faster access to content served via its popular platforms such Gmail and YouTube. more
The argument for end-to-end encryption is apparently heating up with the work moving forward on TLSv1.3 currently in progress in the IETF. The naysayers, however, are also out in force, arguing that end-to-end encryption is a net negative... The idea of end-to-end encryption is recast as a form of extremism, a radical idea that should not be supported by the network engineering community. Is end-to-end encryption really extremist? Is it really a threat to the social order? more
A couple of days ago, Threatpost posted an article indicating that the United States is the most bot-infected country... I think that Microsoft's mechanism of measuring bot infections is a good one, not necessarily because it is the most accurate but because it represents the most complete snapshot of botnet statistics. Because Microsoft Windows is installed on so many computers worldwide and because so many users across the world call home to the MSRT, Microsoft is able to collect a very large snapshot of data. more
The two lawsuits filed by the Russian software firm Kaspersky Lab against the U.S. government banning federal networks from using the company's anti-virus software was dismissed on Wednesday by a federal judge. more
The law set by U.S. Government for all agencies to fully remove the controversial Russian based Kaspersky Lab security software by October is proving a lot harder than anticipated. more
Soon after capitulating to Comcast's surcharge demand for improved treatment of its traffic, Netflix got better downstream delivery speeds. Apparently Comcast did not have to undertake a major bandwidth expansion program. Much to the immediate relief of Netflix, Comcast merely needed to allocate more ports for Netflix traffic. So with a reallocation of available bandwidth, Comcast solved Netflix's quality of service dilemma apparently without degrading service to anyone else, upstream or downstream. more
When rolling out a new protocol such as IPv6, it is useful to consider the changes to security posture, particularly the network's attack surface. While protocol security discussions are widely available, there is often not "one place" where you can go to get information about potential attacks, references to research about those attacks, potential counters, and operational challenges. more
Earlier this week, I came across a working paper from Professor Peter Swire - a highly respected attorney, professor, and policy expert. Swire's paper, entitled "Online Privacy and ISPs", argues that ISPs have limited capability to monitor users' online activity. The paper argues that ISPs have limited visibility into users' online activity for three reasons: (1) users are increasingly using many devices and connections, so any single ISP is the conduit of only a fraction of a typical user's activity; (2) end-to-end encryption is becoming more pervasive, which limits ISPs' ability to glean information about user activity; and (3) users are increasingly shifting to VPNs to send traffic. more
I often think there are only two types of stories about the Internet. One is a continuing story of prodigious technology that continues to shrink in physical size and at the same time continue to dazzle and amaze us... The other is a darker evolving story of the associated vulnerabilities of this technology where we've seen "hacking" turn into organised crime and from there into a scale of sophistication that is sometimes termed "cyber warfare". And in this same darker theme one could add the current set of stories about various forms of state sponsored surveillance and espionage on the net. more
A World-Renowned Source for Internet Developments. Serving Since 2002.