Cisco | Bach Seat

Tag Archive for Cisco

RB | January 6, 2015

Comments Off

UMich Helps Secure the Web with Let’s Encrypt

The University of Michigan is teaming up with leading Internet firms to help secure the web. UMich, Cisco (CSCO), Akamai (AKAM), Mozilla, the Electronic Frontier Foundation, and public key certificate authority IdenTrust, have launched a new free certificate authority (CA) called Let’s Encrypt.

The Let’s Encrypt CA, which will be available in the Summer of 2015. It aims to get people to encrypt their connections to their websites according to a recent GigaOM article. Let’s Encrypt goal is to make it easier to get a proper Secure Sockets Layer/Transfer Layer Security (SSL/TLS) certificate. That way the certs can be deployed to secure a Web server and its users.

Let’s Encrypt will help secure the Internet

According to the article Let’s Encrypt, comes as the tech industry scrambles to encrypt the web. This is more important after the mass surveillance revelations of NSA leaker Edward Snowden. The CA will aid other efforts to secure the Internet.

Let’s Encrypt is developing the Automated Certificate Management Environment or ACME protocol. The ACME protocol. will sit between Web servers and the CA. It includes support for new, stronger forms of domain validation.

Let’s Encrypt will serve as its own root CA. The nonprofit CA public benefit corporation, Internet Security Research Group (ISRG) will run the root CA. Josh Aas, the executive director of ISRG, explained securing the web is just not a simple thing to use Transport Layer Security (TLS), the successor to Secure Socket Layer (SSL). He explains that getting, paying for, and installing a certificate is too hard for many network administrators.

The anchor for any TLS-protected communication is a public-key certificate which demonstrates that the server you’re actually talking to is the server you intended to talk to. For many server operators, getting even a basic server certificate is just too much of a hassle. The application process can be confusing. It usually costs money. It’s tricky to install correctly. It’s a pain to update.

According to the statement, Let’s Encrypt’s certificates will be free. It will have an automated issuance and renewal protocol – an open standard. A step to reduce the need for input from the domain holder’s side. According to an EFF blog post, “switching a webserver from HTTP to HTTPS with this CA will be as easy as issuing one command, or clicking one button.”

Records of certificate issuance and revocation will be publicly available. The organizations behind Let’s Encrypt are stressing that the system won’t be under any one organization’s control.

The EFF has been working on helping users take advantage of HTTPS for a while. The EFF worked with the Tor Project, to create the HTTPS Everywhere extension for Firefox, Firefox for Android, Chrome, and Opera browsers.

The Let’s Encrypt project will use Internet-wide datasets of certificates to make higher-security decisions about when a certificate is safe to issue. The data will include the EFF’s Decentralized SSL Observatory, the University of Michigan’s scans.io, and Google‘s (GOOG) Certificate Transparency logs.

In addition to the Let’s Encrypt project, some of the paths to secure the web include:

The next version of the HTTP protocol will likely be encrypted by default.
Mozilla and Firefox are collaborating with the EFF to bring Microsoft, Google, Opera, and others to add Let’s Encrypt to their list of valid CAs.
Google will rank up sites that use SSL/TLS encryption.
The content delivery and security outfit Cloudflare is offering free SSL encryption for millions of its customers.
And now Let’s Encrypt aims to equip websites with free certificates – the proof they need to tell users’ browsers that their public encryption keys are genuine and the connection is properly secured.

rb-

Many websites currently use the HTTP protocol, a standard that exposes site owners to a number of threats including cyber espionage, keyword-based censorship, account hijacking, and a host of web application attacks such as SQLi and XSS. Let’s Encrypt helps reduce these risks which I think it is a good step in the right direction.

Larry Seltzer argues on Wired that Let’s Encrypt does not go far enough. We want the project to not only encrypt data but also authenticate users. IMHO that is a pipe dream. Authentication will step on the toes of Symantec, Oracle, and other hugely funded firms that will squash anybody doing the right thing that threatens their profits.

Power Up 2014: Double Your Impact! (eff.org)

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: 2015, Cisco, CSCO, EFF, Firefox, GOOG, Google, HTTPS, Let’s Encrypt, Mozilla, Security, SSL, TLS, University of Michigan

RB | December 23, 2014

Comments Off

Instagram Purge

Just in time for the holidays, online time-waster Instagram cleansed itself of several million fake followers. The photo-sharing service warned all of its “users” they were going to delete fake accounts and low-n-behold they actually did. The inevitable whining from the entitled generation ensured as their follower’s nee spambots were deleted one by one.

The moaning and wailing and gnashing of teeth that was coming for LA-LA land and its faux-lebrites whose “followers” disappeared overnight. According to the site 64px.com (bravo sir!), the top biggest loser was Instagram itself which lost nearly 19 million fake followers. The biggest faux-lebrity losers (and click-bait) in the #InstagramRapture according to the site are:

Rank	Account	Users disappeared	% Users disappeared
1	Instagram	18,880,211	29.44
2	justinbieber	3,538,228	14.86
3	arianagrande	1,529,206	7.03%
4	kimkardashian	1,300,963	5.53
5	selenagomez	1,116,032	5.70%
6	kendalljenner	906,897	5.32%
7	kyliejenner	826,529	5.28%
8	beyonce	831,971	3.75
9	khloekardashian	748,269	4.70%
10	taylorswift	725,379	4.39%
11	mileycyrus	711,898	5.03
12	snookinic	378,116	7.2838%

Not only the denizens of LA-LA Land that were impacted by the Instagram purge, but several businesses also lost large numbers of bogus fans. Besides Instagram the biggest business loser include:

natgeo lost nearly 289,000 followers
nike lost over a quarter of a million ~~spambots~~ followers
forever21 lost 245,210 followers
nba account lost 195,531 fake fans and
louisvitton lost 106,740 bogus followers

rb-

I wrote about another social media “issue” when Cisco was reportedly buying followers on Twitter. Maybe Cisco has been selling its followers to the tweenies on Instagram.

We can hope that the #temperature teaches the entitled generation that life is not fair, especially when your friends are spambots. Go outside, talk to people, learn a programming language, stop supporting reality TV and porn actors.

- Technology › Instagram hits 300 million users, passes Twitter (japantoday.com)

Category: Social Networking | Tags: 2014, Beyonce, Cisco, CSCO, fake accounts, Instagram, InstagramRapture, Justin Bieber, SPAM, Spambot, Taylor Swift

RB | June 19, 2014

Comments Off

Facebook Challenges Cisco

Julie Bort at the BusinessInsider says Facebook is challenging the stagnate network giant Cisco (CSCO). Facebook’s (FB) Najam Ahmad, leader of the OCP networking project announced a product that should have Cisco shaking in its boots. Mr. Ahmad told the New York Times, “The bigger strategy here is to get computer networking out of the black box, black operations part of the world.”

Facebook introduced the new top-of-rack Wedge switch in 2013. The Wedge release made good FB’s promise to disrupt the $23 billion Ethernet switch market, now dominated by Cisco. Wedge is part of the Open Compute Project (OCP). The author says is OCP one of the most important tech projects Facebook has ever created. OCP began in 2012 as a radically new way to build and buy computer hardware. It creates free and “open source” designs where anyone can contribute to the designs and use them for free.

Open Compute Project

The hardware OCP designs range from computer servers to hard drives to the racks that hold them all. While Facebook still leads the project, it has grown into an industry phenom. In 2013, the article says Facebook saved “over $1 billion” by using the hardware invented by Facebook.

And a year ago, OCP announced plans to build a network switch. And not just any network switch, but one designed as a software-defined networking (SDN) device. BI explains that SDN is a new way to build networks that threaten Cisco, or at least Cisco’s 60+% profit margins. SDN takes the fancy features baked into network equipment – things like security, management – and puts them into the software. This turns the hardware into something that dumbly moves bits of information around. The hardware switch becomes easier to move around and manage, and far less expensive, all things that cloud computing does better.

Software-defined networking

Cisco has already recently released its own SDN product line Cisco Open Network Environment (ONE). Ms. Bort (and others) contend these products encourage customers to keep buying Cisco’s high-performance but expensive gear by including features that will only work with said Cisco’s products. No doubt many enterprises will want that. But Facebook’s switch is a threat for a lot of reasons.

Facebook is already testing it in its own data centers, one of the most demanding environments around, it said.
Wedge is “open source.” Cisco gear is somewhat like Apple’s (AAPL) gear. Cisco controls and keeps secret every part of it from the operating system to the custom processors.

The Wedge is different. Everything from the software to the choice of processor Intel (INTC), AMD (AMD), or ARM (ARMH), is “open source” meaning others can see and use or modify the design. As Facebook’s Yuval Bachar and Adam Simpkins explain in a Facebook post about the Wedge switch:

Traditional network switches often use fixed hardware configurations and non-standard control interfaces, limiting the capabilities of the device and complicating deployments. … Unlike with traditional closed-hardware switches, with “Wedge” anyone can modify or replace any of the components in our design to better meet their needs.

Standard parts

EnterpriseTech explains the Wedge switch was built using standard parts. It uses Broadcom’s (BRCM) popular Trident-II switch ASIC, which can provide sixteen 40 Gb/sec ports, which could easily be expanded to 32 ports. The ports can also be equipped with splitter cables, breaking them down into 10 Gb/sec ports that would boost the effective port count to 64 ports in a 1U enclosure. The Wedge switch has a compute element, which is a microserver based on an unspecified Intel processor (most likely an eight-core “Avoton” C2000 processor) that adheres to Facebook’s “Group Hug” microserver specification. Finally, the Wedge switch uses a Facebook homegrown version of Linux.

OCP has already attracted some big players beyond Facebook, too, including Microsoft (MSFT), Intel, Goldman Sachs, Rackspace (RAX), Bloomberg, and many others. It’s worth noting that enterprises cannot buy this switch from Facebook. They would have to order it from a custom manufacturer, just like all other OCP designs. But if this switch does well for Facebook, enterprises will be encouraged to try SDN. And up-and-coming competitors to Cisco, like Arista and Big Switch are involved in OCP and are standing by to cash in.

rb-

Facebook is not alone. Google (GOOG) and Amazon (AMZN) have done the same thing after being frustrated by the slow pace at which incumbent tech companies move. By comparison, the Asian contractor manufacturers that Facebook has used for its open hardware have moved disarmingly quickly, according to Facebook’s Ahmad.

Is this an industry inflection point? There is a school of thought out there that believes we are. They compare today’s networking environment to the phone era when Lucent and Nortel were at their peak and failed in the face of the newfangled softswitch. The Cisco Smartnet annual fee on top of any hardware you buy from them sounds exactly like the kinds of pricing practice those who remember, saw in the voice industry when it was a duopoly of Nortel and Lucent.

How Does Cisco Make Money? (dailyfinance.com)

Category: Uncategorized | Tags: 2014, Arista Networks, Big Switch, Cisco, Cloud computing, CSCO, Facebook, FB, Open Compute Project, SDN, Software Defined Network

RB | January 7, 2014

Comments Off

Rockstars Team Up Against Google

To usurp Mark Twain, the reports of Nortel‘s demise are greatly exaggerated. GigaOm reports that the defunct Canadian telco giant has found an afterlife as part of a patent trolling operation that struck Android phone makers and is now targeting network and cable operators, including Google, with lawsuits in Texas and Delaware.

Jeff John Roberts writes that Nortel’s second act as the walking dead is taking place thanks to “Rockstar Consortium,” a group formed by Microsoft (MSFT), Apple (AAPL), Blackberry (BBRY), Sony (SNE), Ericsson AB (ERIC), EMC (EMC) and other Google (GOOG) rivals, which bought bankrupt Nortel’s patent portfolio in 2011 for $4.5 billion. (rb- I covered the sale of Nortel’s IP here)

“Nortel was the source of many of the most important innovations in history in the field of telecommunications and networking,” says a new Rockstar lawsuit filed in the seemingly pro-troll U.S. District Court for the Eastern District of Texas that accuses Time Warner Cable (TWC) of violating six patents, including US Patent 6128649, which was issued in the year 2000 and describes a method to show multiple screens in a video conference the article summarizes.

The complaint doesn’t say how exactly Time Warner Cable is infringing the old Nortel patents, but only notes that “TWC operates, sells and offers to sell video, high-speed data and voice services over its broadband cable systems throughout the United States.” The author says Rockstar, which is suing through a subsidiary called Constellation, also complains that the cable company walked away from its licensing demands in 2012.

GigaOm notes a second lawsuit, filed in Delaware by Rockstar under the alias “Bockstar” makes a series of broad-based allegations against Cisco (CSCO) that claim the company is violating six other old Nortel patents, including this one from 1998, related to routers and switches.

Like all patent trolling, the author says that has nothing to do with innovation, but it certainly will lead to higher cable bills as Time Warner will have to spend millions on lawyers to fight the suit or else pay expensive license fees for old patents from a dead company; either way, the costs are passed on to customers.

Joe Mullin of Ars Technica noted when Rockstar sued the phone companies, “it’s patent trolling gone corporate.” And there’s no sign of where this will stop. Apple and Microsoft are sitting on thousands of patents that date from an era when the Patent Office would grant a patent on nearly anything, and it looks like they’re going to use them to sue every industry they can think of.

The totally dysfunctional US Congress tried to take on patent trolling but caved into lobbyists. Microsoft has already succeeded in stripping out a part of the law that would have made it easier to challenge bad patents. This means the best hope for a return to patent sanity may lie with the Supreme Court, which agreed to consider what type of software patents should be granted in the first place.

GigaOm cites CBC reports that Ottawa, Nortel’s hometown has been transformed from a one-time innovation hotbed into a tech necropolis where once-proud engineers are paid to pick apart other people’s inventions in search of new patent violations that they can pass on their American masters.

rb-

I have covered the patent trolling mayhem in the mobile market for a while and this seems to be more of the same. Innovation is dead in the mobile market and the only way these firms can compete is in the courthouse.

In addition to their choice of venue in the pro-troll Texas court, further evidence that Microsoft and Apple have created a patent troll can be found in the fact that Rockstar has filed suit against the leading Android phone producers:

Samsung Electronics Co. (005930) (#1 Android OEM in U.S. sales),
LG Electronics (LGLD) (#2),
ZTE (763) (#4),
Huawei (002502) (#6) and
HTC (2498) (#7).

In addition, DailyTech notes that Rockstar member Sony is a minor Android OEM. If somehow Microsoft and Apple are able to troll other Android OEMs to death, Sony could see gains in market share, as the only OEM who doesn’t have to pay direct licensing fees to Microsoft/Apple (Sony also notably has preexisting licensing deals with Microsoft and Apple).

Google Takes Rockstar To Court Over Nortel Patents (phonescoop.com)

Category: Uncategorized | Tags: 2014, AAPL, Apple, Business, Cisco, CSCO, EMC, GOOG, Google, Microsoft, MSFT, Nortel, Patent, Rockstar, Sony, Time Warner Cable, Troll

RB | December 10, 2013

Comments Off

6LoWPAN ?

BYOD, BYON, IoT, IPv6, SaaS, SDN, MDM, M2M, TCP/IP, IEEE, EIEIO, IMHO, tech is drowning in drowning in acronyms. And now Stacey Higginbotham at GigaOM explains 6LoWPAN. 6LoWPAN stands for IPv6 over Low-Power Wireless Personal Area Networks. 6LoWPAN is the lightweight version of traditional internet protocol (IP) designed for the internet of things.

Misco reports that Internet-connected devices will number 9.6 billion by the end of 2013 and the figure will jump to 28 billion by 2020. Currently, the 9.6 billion Internet-connected devices connect to another device, a phone, or a corporate gateway. In order for a true internet of things to emerge, these devices should have the ability to connect directly to a web service.

Device to cloud

Instead of device-to-device, it’s device to cloud. The article surmises that since most of today’s devices use IP to connect to the web, engineers would like to use IP to connect devices to the web as well. The only problem is that IP is a heavy, energy-intensive beast. This is one that reason, the Internet’s standard’s setting organization, the IETF, proposed 6LoWPAN in 2004.

The numeral 6 in the standard, is short for IPv6. Ms.Higginbotham explains that if you’re envisioning tens of billions of connected sensors then IPv6 is the way to go. However, supporting the 128-bit numbering system required by IPv6 also takes computing and memory overhead that tiny sensors don’t have. It also requires longer packet headers and such that can clog low bit-rate networks. Since the 6 is IPv6 and the Lo references the low-power aspect of the protocol.

The WPAN or Wireless Personal Area Network is a nod to the wireless mesh network that the protocol supports. Because this isn’t directly analogous to the traditional network stacks, it’s hard to limit the technology to a particular layer in the network.

Sensors in a connected network can run the gamut from a video camera that’s plugged into a wall to a battery-powered water sensor hiding under the washing machine. GigaOM says the standard is flexible enough that some nodes might be able to do more than just send information. Others can be designed to sleep until an event wakes them for a data transmission. In short, it’s complicated, which makes defining a network stack or standards for the internet of things tough.

6LoWPAN will use multiple radio protocols

The WPAN in 6LoWPAN will use multiple radio protocols. It can work over several radio networks that use the IEEE 802.15.4 standard, the most popular being ZigBee. The IETF is also working with the Bluetooth Special Interest Group to build 6LoWPAN support for the Bluetooth protocol.

GigaOM notes that the Bluetooth SIG already has taken steps to cut power consumption to meet the demands of the internet of things, so it clearly is also aware of the need for the IPv6 addressing scheme if every bra, door lock, or porta-potty is going to hop on the InterTubes without a phone or computer.

Charles McLellan at ZDNet explains that IBM (IBM) has teamed up with wireless sensor network specialist Libelium to deliver a wireless sensor platform starter kit comprising IBM’s Mote Runner SDK and Libelium’s Waspmote sensor platform, Waspmote Mote Runner development platform allows researchers to explore the benefits of 6LoWPAN.

Tech titans betting on 6LoWPAN

Ms. Higginbotham says that IBM getting behind the standard with this announcement is just one more big-name betting on 6LoWPAN as the communications protocol for the internet of things. She says a few months ago ARM purchased Sensinode, a company that has literally written the book (MP4) about 6LoWPAN. Cisco (CSCO) has an investment in 6LoWPAN with its 2010 purchase of Arch Rock, for its smart grid initiative.

Platforms such as Electric Imp, Ayla Networks, and ThingSquare, all of which offer modules and services to connect devices directly to the internet, are also gaining ground with test programs and early adopters, helping make the case for 6LoWPAN. So as devices start going directly to the cloud and bypassing phones and computers, having a protocol that supports modern addressing at relatively low power and low overhead will become more important. And that’s what this terribly awkward acronym provides.

rb-

6LoWPAN is what will drive the rapid growth of the IoT. The Business Insider says that IoT grows from 1.9 billion devices today, to 9 billion by 2018. To put that in perspective, BI claims that by 2018 IoT will be roughly equal to the number of smartphones, smart TVs, tablets, wearable computers, and PCs combined.

You can insert your own joke about the feds collecting data from a porta-potty.

What do you think? Is 6LoWPAN the best way to connect IoT devices to the cloud?

Discovering new IoT hardware development scenarios (sensos.wordpress.com)

Category: Uncategorized | Tags: 2013, 6LoWPAN, ARM, Bluetooth, Cisco, Cloud, CSCO, IBM, Internet of Things, IOT, IPv6, Libelium, Sensinode, WPAN, ZigBee

« Older Entries Recent Entries »

Bach Seat

Tag Archive for Cisco

UMich Helps Secure the Web with Let’s Encrypt

Let’s Encrypt will help secure the Internet

Related Posts

Rockstars Team Up Against Google

Related articles

Meta