Microsoft: FCC Inflating Broadband Availability
Via Karl Bode, writing at Vice's Motherboard; in which, the inimitable Mr. Bode reports on Microsoft's statement targeting FCC claims of inflated broadband availability in the US. Further indication of the borderline criminality of Chairman Pai.
Ready for DNS Flag Day?
If not, you'd be well advised to get with the Program as it is time to Get Squared Away. You can test your domain here at DNS Flag Day, or educate those always hungry neurons here. All of this fal-de-rol is slated to be accomplished worldwide on or about 2019/02/01.
"The current DNS is unnecessarily slow and inefficient because of efforts to accommodate a few DNS systems that are not in compliance with DNS standards established two decades ago. To ensure further sustainability of the system it is time to end these accommodations and remediate the non-compliant systems. This change will make most DNS operations slightly more efficient, and also allow operators to deploy new functionality, including new mechanisms to protect against DDoS attacks." - via DNS Flag Day
ISOC Paper Targeting Border Gateway Protocol Routing And Trust
via Ryan Polk - policy advisor at the Internet Society (ISOC), comes this outstanding paper displaying admirably clear thinking applied to the challenge of security-in-internetwork-routing (especially when that security is encapsulated in BGP Routing). Enjoy!
MicroTik For Tat, Flawed Routers Join Proxy Army
Sean Gallagher, plying his trade at Ars Technica, regales us with the very bad news of MictoTik (a Latvian network electronics firm) manufactured (and - of course - deeply flawed) network routers. Read it and weep, my friends, for evil proxy conflations that apparently never end, quid pro qou.
Wireshark, Bitten
News - via Help Net Security's Zeljka Zorz, of serious flaws in Wireshark's bits leading to potential crashes apparently caused by stored malicous packet trace files. HelpNet notes that Wireshark has fixed versions: 2.6.3, 2.4.9, or 2.2.17 - all of which can be downloaded on the Wireshark Download page: https://www.wireshark.org/download.html
"The vulnerabilities – CVE-2018-16056, CVE-2018-16057 and CVE-2018-16058 – affect three components of Wireshark: the Bluetooth Attribute Protocol (ATT) dissector, the Radiotap dissector, and the Audio/Video Distribution Transport Protocol (AVDTP) dissector, respectively." - via Help Net Security's Zeljka Zorz
Mutually Agreed Norms for Routing Security (MANRS) →
The beginning of May 2018 saw problematic internetworking operational issues revolving around the notion of robust router security (in reality, the lack thereof...). Today's Must Read comes from ISOC personnel Megan Kruse and Aftab Siddiqui, and lightly details the initiative entitled Mutually Aagreed Norms for Routing Security (MANRS). No resolution of this issue has been unequivocally accepted, but hope does spring eternal, as such, you can learn much more about MANRS here. Enjoy the Norms, and have a go with the MANRS for Network Operators document.
Crypto-Zealots →
If you read anything in the next couple of days regarding the IETF, and cryptography, take a moment and read Geoff Huston's superb retort to a controversial statement piece by Tony Rutkowski, both on CircleID. Tremendous responses are many on our beloved interweb, and this may be one of them... Enjoy today's MustRead!
IPv6, The DDoSing →
Meanwhile in DDoS news... Reportage of IPv6 DDoSing via El Reg, (and well-written by Kieren McCarthy) detailing an IPv6-transported DDoS attack - a 1.35Tbps attack on GitHub - that should be baking a lot of noodles out there in the network protection racket...
"Network guru Wesley George noticed the strange traffic earlier this week as part of a larger attack on a DNS server in an effort to overwhelm it. He was taking packet captures of the malicious traffic as part of his job at Neustar's SiteProtect DDoS protection service when he realized there were "packets coming from IPv6 addresses to an IPv6 host." The attack wasn't huge – unlike this week's record-breaking 1.35Tbps attack on GitHub – and it wasn't using a method that is exclusive to IPv6, but it was sufficiently unusual and worrying to flag to the rest of his team." - via Kieren McCarthy writing at El Reg
Net Neutrality, The Case Against →
Notwithstanding the FCC's vote in the affirmative (to strike the Net Neutrality rules), the Commission is still reportedly working on the final document, and has not released the official decision (at the time of this writing)(which may surprise some readers). Consequently, we are publishing this superlative opinion piece by Professor Harsha Madhyastha of the University of Michigan's Enjoy!
Professor Harsha Madhyastha (Associate Professor at the University of Michigan's Computer Science and Engineering Division) , writes eloquently at the IEEE's Spectrum Magazine, and enthralls us with a nicely logical case against Net Neutrality. Today's Must Read.
2017/01/06 - Update: The FCC has released the Commission's here: Order.
The New(ish) Interweb
A new DNS root environ, courtesy of our friends in Russia and the People's Republic of China - ostensibly arriving in August of 2018. Essentially, both countries will begin managing their own 'internal' DNS infrastructure for the majority of their 'in-country' routing. What could go wrong?
IPv6, The Fragmentation Chronicles →
or, How I learned to Relax and Trust in Large-Addressing-Schemes-That-Should-Have-Been-Designed-To-Be-Free-From-Worry...
Requiescat in Pacem, Leo Beranek, Ph.D., Internet Pioneer →
Leo Beranek, Ph.D. inimitable and venerable co-founder of Bolt Beranek and Newman Inc. (now Raytheon BBN Technologies and one of the handful of companies responsible for the Internet) died last month as a centenarian of one hundred and two years.
Requiescat in Pace.