Network Break | January 11, 2016
Network Break 69: Crypto Ups, Crypto Downs
Greg
Ferro
Drew
Conry-Murray
Listen, Subscribe & Follow:
Take a Network Break! Episode 69 gets into cryptography and security issues, among other topics, including open hardware efforts and the Web site obesity crisis.
Joining us is Steven Iveson, IT pro, author, and longtime blogger at Packet Pushers. Check out his latest post, and see his authorial output.
Sponsor: Interop
Join the Packet Pushers at Interop Las Vegas for the Future of Networking Summit, May 2 and 3. We’ll talk about the changing state of network operations, advances in network hardware and silicon, open networking, SD-WAN, containers and more. You can join us for live podcast recordings and an after-hours hangout too. Use the code PPUSHERS in the “Marketing Code” field when you register and get 25% off 5-Day, 3-Day, and 2-Day conference passes.
Show Notes:
In Defense Of Cryptography
Dutch govt says no to backdoors, slides $540k into OpenSSL without breaking eye contact – The Register
Backdoors To The Front Door?
Flaws in Comcast’s Xfinity Home Security System fails to warn homeowners of intruders – Network World
Let’s Encrypt: 250,000 Certs, But Abusers Catch On
Let’s Encrypt Now Being Abused By Malvertisers – Trend Micro
Barracuda Bitten By Cloud, Software
Barracuda Reports Third-Quarter Fiscal 2016 Results – Barracuda
The Bloated Web
The website obesity crisis – IdleWords
A Good Book
Network Programmability and Automation: Skills for the Next-Generation Network Engineer – Jason Edelman, Scott S. Lowe, Matt Oswalt
Snabb Switch, Melanox, And Open Hardware
Open Network Cards – Snabb Switch
Mellanox ConnectX-4 PRM (datasheet) to be released – Mellanox
Docker Networking
Multi-Host Docker Networking is now ready for production – Docker
So Long, Rola
Goodbye, Moto(rola). Iconic brand name to be phased out – CNet
Amazon Price Tweaking
Happy New Year – EC2 Price Reduction (C4, M4, and R3 Instances) – Amazon
Share this episode
Hey guys! As always, great show.
Just wanted to point out that there are three of us authoring “Network Programmability and Automation” – in addition to Scott, Jason Edelman and I have published our own blog posts – you can see them here:
Jason – http://jedelman.com/home/the-network-automation-book/
Me – http://keepingitclassless.net/2015/12/training-next-generation-network-engineer/
Hey Matt,
I did make that clear in the podcast itself. Thanks for saving me the time finding the other posts. Cheers
Hi Matt,
I’ve updated the link and added you and Jason in the notes. Apologies for the unintentional oversight. Congrats to all of you!
I just wanted to comment on the Comcast vuln because I hear this mistake made frequently. Rapid7 worked with CERT/CC, not US-CERT, which are two distinctly separate organizations (See the link in the Rapid7 blog post for clarity – https://community.rapid7.com/community/infosec/blog/2016/01/05/r7-2015-23-comcast-xfinity-home-security-system-insecure-fail-open). CERT/CC is affiliated with CMU, whereas US-CERT is affiliated with DHS. An interesting note is that CMU actually owns the term “CERT” and licenses it to other orgs, including to DHS. That, and the fact that the two organizations do very similar tasks causes them to be mixed up frequently. See the two below links for details.
https://en.wikipedia.org/wiki/CERT_Coordination_Center#Confusion_with_US-CERT_and_other_CERTs
https://www.kb.cert.org/vuls/id/418072
Hi Jon,
Thanks for the clarification!
Our comments are to highlight the lack of customer focus and poor business competency shown by Comcast. It would appear that they have a badly designed product and service that actively puts customers at risk.