Often when we read news stories, we find them lacking any technical substance. It would seem that the writer aborted the story before asking any interesting questions that would allow us, as technical professionals, to fully understand the story and draw our own conclusions.
For example, over the last two years, Hillary Clinton’s private email server received extensive press coverage, with little technical content. Network professionals know that an email server can be properly configured and made relatively secure. This would require provisioning for authentication and privacy, encryption locally and on the wire, two factor authentication, and the whole gamut of security protocols and procedures. So exactly how was Clinton’s email server configured? Continue reading Why Do Today’s Important News Stories Include Insufficient Technical Content?→
Security researchers claim to have discovered an SNMP flaw that affects several models of Internet-connected devices. Presumably hackers could send random values in specific requests to the SNMP agent in various devices and the authentication mechanism would be bypassed. Continue reading Taking Exception to the StringBleed Vulnerability→
Have you thought about how you will test the performance of IoT apps and drones? Our new video demonstrates performance testing of an IOT application controlling the ESP8266 Microcomputer mounted on a drone! As you might expect, as the drone flies further away from the wireless base station, performance degrades. So how can you emulate that in your test lab?
Waze, the “…world’s largest community-based traffic and navigation app” failed its users in the Santa Cruz, California area during the month of February 2017. These users who depend on Waze to find out traffic conditions and alternate routes were not able to do so. The same was true for Google Maps. For example, when traffic stalled for up to three hours, Waze and Google Maps happily reported that conditions were just fine.
Many Santa Cruz, CA residents commute from the beach community, and ever farther, to the Silicon Valley. They commute over highway 17, a four-lane twisty thoroughfare (two lanes in each direction), built over a mountain range. Normal drive times span between 30 and 45 minutes each way. Once your vehicle enters this highway, you are committed; you cannot turn around until you reach the other side of the mountain.
A New York City based start-up company, Confide, offers a text messaging system “with encrypted messages that self-destruct.” You can download the app at https://getconfide.com/
Confide lets its users “discuss sensitive topics, brainstorm ideas or give unfiltered opinions without fear of the Internet’s permanent, digital record and with no copies left behind.” “Messages disappear forever after they are read once, making them as private and secure as the spoken word.”
Cisco Systems recently announced a patch for a vulnerability in Simple Network Management Protocol (SNMP) functions of some Cisco routers. “This vulnerability could allow an authenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to an incorrect initialized variable. An attacker could exploit this vulnerability by performing SNMP polling on MIBs and using only Interface Index (ifIndex) values. A successful exploit could allow the attacker to increase CPU usage to 99% on an affected device and cause a DoS condition.” 1
“SDN Complexity and Reality” by Russ White and Shawn Zandi, was published on page 31 of The Internet Protocol Journal, November 2016 (Volume 19, Number 3). You can download ipj19-3.pdf at http://ipj.dreamhosters.com/.
In the article, White and Zandi, examine the original three crucial elements to the SDN story:
First, SDNs were supposed to remove the intelligence from the distributed control planes and consolidate that intelligence in a centralized controller.