Pinging admins: Here comes your packet of networking news

Blockchain comes to the cable biz, acquisitions, Red Hat Summit and more

Roundup What happened in networking this week? Well, for starters, Nokia acquired analytics company SpaceTime Insight, and will roll its capabilities into its Internet of Things business.

SpaceTime Insight provides IoT analytics and applications for the transport, energy, and utilities sectors. Its focus was predicting asset failure, and automatic optimisation.

The analytics firm's CEO, Rob Schilling, comes with the deal, joining Nokia's Software business group's IoT product unit.

CableLabs looking at blockchain. Wait, what?

The American cable network operators' club CableLabs says blockchain technology is ready for the cable industry somehow.

Principal security architect Steve Goeringer wrote that the most important blockchain feature to CableLabs is its ability to create a high-integrity history of transactions.

That “boring” but “transformational” capability means that during 2018, the industry will begin “quiet and subtle” integration of blockchain into … well, that's not spelled out.

The world can hardly wait.

Mozilla: unsecured FTP is officially dead

Last month, the Firefox developers started considering the future of FTP, and this week, it became official: it will be deprecated in Firefox 61.

It's not a complete ban: Mozilla's Christoph Kerschbaumer explained that the browser will block FTP subresources from loading unless “the document itself is an FTP document” – an FTP link from an HTTPS-secured page, for example, will be verboten.

Kerschbaumer noted that FTP is one of the internet's oldest surviving protocols, and it doesn't support the automatic security upgrading provided by HSTS (HTTP Strict Transport Security).

We doubt many users will notice, let alone mourn, its passing.

Patch your Fortinet wireless controllers

Fortinet's FortiWLC controllers running version 7 software up to 7.0.11 and version 8 software up to 8.3.3 need patching.

The University of Toronto notified the company that when the company's Meru access points filed dump reports with FortiWLC, they were using hardcoded credentials.

An attacker with those credentials had read/write privileges over “various parts of the system”.

Networking from Red Hat Summit

Among the news out of this week's Red Hat Summit were some networking nuggets from Mellanox and Netronome.

Red Hat Enterprise Linux 7.5 now has native support for Mellanox ConnectX NICs, giving RHEL developers access to DPDK (Data Plane Development Kit) and ASAP2 (Accelerated Switching and Packet Processing) Open vSwitch offload capabilities on the interface cards.

Red Hat positions the capability as important for Network Function Virtualisation (NFV) and cloud data centre applications.

There's more in this blog post from Mellanox.

Netronome also got on the networking workload offload bandwagon at the Red Hat Summit, getting its NICs supported in RHEL 7.5.

Its Agilio CX SmartNICs also bestow Open vSwitch offloading on the operating system, again with a focus on NFV deployments.

Netronome said benchmarks conducted with Red Hat showed servers managing thousands of policy rules could cut their CPU utilisation to 20 per cent, but handle seven times the throughput compared to a server without the offload capability.

Savvius expands app traffic monitor

This week, Savvius shipped Spotlight 2.0, enhancing the monitoring suite's ability to identify traffic from any application that can be identified by a server port.

The company said Spotlight 2.0 includes monitoring and troubleshooting for custom and SaaS applications; dashboards to show content by geography, app type, app latency, and worst conversation; extra TCP and VoIP quality metrics including connections refused, retransmissions, zero window, and worst jitter; extra filters and definitions; and its streaming analytics has been expanded from 5 to 10 streams.

CAIDA updates BGPStream

The internet research outfit CAIDA (the Center for Applied Internet Data Analysis) has pushed an update to its BGPStream software.

First released in 2015, BGPStream is an open source framework for analysing live and historical BGP data, to help the internet community – researchers and sysadmins – dig into route behaviour.

This is a bugfix release, required because the libbgpdump data-parsing library can crash.

CAIDA noted that it's getting ready to ship v2.0 of the software (it's currently in beta), so this will be one of the last releases in the BGPStream 1.x series. ®

Broader topics

Other stories you might like

  • I was fired for blowing the whistle on cult's status in Google unit, says contractor
    The internet giant, a doomsday religious sect, and a lawsuit in Silicon Valley

    A former Google video producer has sued the internet giant alleging he was unfairly fired for blowing the whistle on a religious sect that had all but taken over his business unit. 

    The lawsuit demands a jury trial and financial restitution for "religious discrimination, wrongful termination, retaliation and related causes of action." It alleges Peter Lubbers, director of the Google Developer Studio (GDS) film group in which 34-year-old plaintiff Kevin Lloyd worked, is not only a member of The Fellowship of Friends, the exec was influential in growing the studio into a team that, in essence, funneled money back to the fellowship.

    In his complaint [PDF], filed in a California Superior Court in Silicon Valley, Lloyd lays down a case that he was fired for expressing concerns over the fellowship's influence at Google, specifically in the GDS. When these concerns were reported to a manager, Lloyd was told to drop the issue or risk losing his job, it is claimed. 

    Continue reading
  • Google battles bots, puts Workspace admins on alert
    No security alert fatigue here

    Google has added API security tools and Workspace (formerly G-Suite) admin alerts about potentially risky configuration changes such as super admin passwords resets.

    The API capabilities – aptly named "Advanced API Security" – are built on top of Apigee, the API management platform that the web giant bought for $625 million six years ago.

    As API data makes up an increasing amount of internet traffic – Cloudflare says more than 50 percent of all of the traffic it processes is API based, and it's growing twice as fast as traditional web traffic – API security becomes more important to enterprises. Malicious actors can use API calls to bypass network security measures and connect directly to backend systems or launch DDoS attacks.

    Continue reading
  • DARPA study challenges assumptions about distributed ledger (and Bitcoin) security
    Blockchain not as decentralised as many assume, finds Pentagon sponsored research

    US government sponsored research is casting new light on the security of blockchain technology, including the assertion that a subset of a distributed ledger's participants can gain control over the entire system.

    The finding is part of a study [PDF] conducted by IT security researchers at Trail of Bits and commissioned by the Defense Advanced Research Projects Agency that points to several ways in which the immutability of blockchain – the distributed ledger on which Bitcoin and other cryptocurrencies rely – can be called into question.

    Continue reading
  • Google recasts Anthos with hitch to AWS Outposts
    If at first you don't succeed, change names and try again

    Google Cloud's Anthos on-prem platform is getting a new home under the search giant’s recently announced Google Distributed Cloud (GDC) portfolio, where it will live on as a software-based competitor to AWS Outposts and Microsoft Azure Stack.

    Introduced last fall, GDC enables customers to deploy managed servers and software in private datacenters and at communication service provider or on the edge.

    Its latest update sees Google reposition Anthos on-prem, introduced back in 2020, as the bring-your-own-server edition of GDC. Using the service, customers can extend Google Cloud-style management and services to applications running on-prem.

    Continue reading
  • FTC urged to probe Apple, Google for enabling ‘intense system of surveillance’
    Ad tracking poses a privacy and security risk in post-Roe America, lawmakers warn

    Democrat lawmakers want the FTC to investigate Apple and Google's online ad trackers, which they say amount to unfair and deceptive business practices and pose a privacy and security risk to people using the tech giants' mobile devices.

    US Senators Ron Wyden (D-OR), Elizabeth Warren (D-MA), and Cory Booker (D-NJ) and House Representative Sara Jacobs (D-CA) requested on Friday that the watchdog launch a probe into Apple and Google, hours before the US Supreme Court overturned Roe v. Wade, clearing the way for individual states to ban access to abortions. 

    In the days leading up to the court's action, some of these same lawmakers had also introduced data privacy bills, including a proposal that would make it illegal for data brokers to sell sensitive location and health information of individuals' medical treatment.

    Continue reading
  • Google: How we tackled this iPhone, Android spyware
    Watching people's every move and collecting their info – not on our watch, says web ads giant

    Spyware developed by Italian firm RCS Labs was used to target cellphones in Italy and Kazakhstan — in some cases with an assist from the victims' cellular network providers, according to Google's Threat Analysis Group (TAG).

    RCS Labs customers include law-enforcement agencies worldwide, according to the vendor's website. It's one of more than 30 outfits Google researchers are tracking that sell exploits or surveillance capabilities to government-backed groups. And we're told this particular spyware runs on both iOS and Android phones.

    We understand this particular campaign of espionage involving RCS's spyware was documented last week by Lookout, which dubbed the toolkit "Hermit." We're told it is potentially capable of spying on the victims' chat apps, camera and microphone, contacts book and calendars, browser, and clipboard, and beam that info back to base. It's said that Italian authorities have used this tool in tackling corruption cases, and the Kazakh government has had its hands on it, too.

    Continue reading
  • Brave Search leaves beta, offers Goggles for filtering, personalizing results
    Freedom or echo chamber?

    Brave Software, maker of a privacy-oriented browser, on Wednesday said its surging search service has exited beta testing while its Goggles search personalization system has entered beta testing.

    Brave Search, which debuted a year ago, has received 2.5 billion search queries since then, apparently, and based on current monthly totals is expected to handle twice as many over the next year. The search service is available in the Brave browser and in other browsers by visiting

    "Since launching one year ago, Brave Search has prioritized independence and innovation in order to give users the privacy they deserve," wrote Josep Pujol, chief of search at Brave. "The web is changing, and our incredible growth shows that there is demand for a new player that puts users first."

    Continue reading

Biting the hand that feeds IT © 1998–2022