IPv6 and IoT News

Case Study: New Innovations in IoT Technologies for Manufacturers

By Amber Lee Dennis

Manufacturers want to save money, conserve energy, and reduce greenhouse gas emissions, but it’s a challenge to see where and when energy use is occurring. When the utility bill arrives, a manufacturer can see how much total energy was used, but energy use is not broken down on a machine-by-machine basis. Invisible energy use hides […]

The post Case Study: New Innovations in IoT Technologies for Manufacturers appeared first on DATAVERSITY.

Read more here:: www.dataversity.net/feed/

You have IPv6 address space, now what?

By Erin Scherer

Once you received IPv6 address space, what did you do with it? We recently went on social media and asked you to share the very first step you took after obtaining IPv6 address space. After all, an IPv6 deployment happens one step at a time.

Here’s a look at what some of you had to say:

We gathered the network teams and applications teams together to discuss addressing plans and action item next steps. #VT https://t.co/ZWQyJW5lNt

— Brian Jones (@brianjusa) August 27, 2019

The next step would be to configure your Internet routers to advertise your shiny new #IPv6 prefix to all your upstream Internet peers with MP-BGP. #TipsFor6 #Get6 https://t.co/8PfsEQxESO

— Scott Hogg (@SCOTTHOGG) August 20, 2019

I configured my internet router to give all users access to ipv6

— Thomas Lee (@doctordns) August 20, 2019

Just enable OSPFv3 and #IPv6 on your router interfaces and watch with wonder as the neighbor relationships form magically without having to configure any addresses #TipsFor6

— Aled Morris (@aledmorris) August 20, 2019

And from LinkedIn…

“[We] created an address plan and advertised the IPv6 prefixes to our upstream provider.” – Brent McIntosh, IP Operations, CWC

As you continue sharing your experience with IPv6, you make it more accessible for others to begin their deployment as well. If you’d like to participate, just tweet us @TeamARIN about the first step you took after obtaining IPv6 address space, and we’ll continue sharing your responses on Twitter. Want more tips for getting started with IPv6? Check out our library of case studies featuring organizations that have made progress on their IPv6 journey.

Still struggling to get started with IPv6?

We’re here to help. Let us know what obstacles you’re dealing with or what might be holding you back from making the move to IPv6. We’re always looking for ways to develop more resources to help get you on the right track. Send us an email to training@arin.net or tweet us at @TeamARIN. Also, stay tuned because later this year we’ll be launching our first “Getting Started with IPv6” training. Registration will be opening soon. For more information about IPv6, check out our website or make your first IPv6 request. We wish you luck on your deployment journey, whatever stage you may be in.

The post You have IPv6 address space, now what? appeared first on Team ARIN.

Read more here:: teamarin.net/feed/

Best Software-Related Podcasts

By IntelligentHQ

Best Software-Related Podcasts
Best Software-Related Podcasts

How do software development services and their programmers, developers, engineers, and other employees stay up to date on trends in the industry? One way is by listening to media — podcasts in particular. Not only are they informative, but they can also entertain and inspire you.

With so many software-related podcasts available, how do you decide on which one is the best choice for you? These are our top picks.

The Changelog

This podcast features conversations and interviews with engineers, leaders, and innovators in software development and open-source technology. Software development providers can find information and insights on languages, app development, data tools, and more.

The podcast also covers off-the-beaten-path topics and connects them to the lives of developers. For example, chapter #345, Quirk and Cognitive Behavioral Therapy (CBT), features an interview with Evan Conrad, who suffered from panic attacks. He then developed Quirk, an iOS app that enables users to practice elements of CBT, the therapy that helped him cope.

The Cloudcast

Focusing on topics such as cloud computing, opensource, the Internet of Things, DevOps, and many others, The Cloudcast is ideal for both software development services professionals and those interested in software development outsourcing. The podcast looks at the technology and business changes that are powering digital transformation. It doesn’t just highlight the technology but also examines how cloud computing will change entire industries beyond Silicon Valley.

To that end, The Cloudcast features interviews with developers along with entrepreneurs, venture capitalists, CEOs, and other professionals whose occupations are affected by software development and related technologies.

Developer on Fire

Ideal for software development services professionals in need of a little inspiration, Developer on Fire is a place to celebrate success stories. Listeners hear from software developers about how they got to where they are today, exposing them to the human side of software development.

Notable guests include David Heinemeier Hansson, the creator of Ruby on Rails, and Matt Wynne, the CEO of Cucumber.

Full Stack Radio

This podcast is for software development providers who simply want to create better products. Each episode features a guest who discusses elements, tools, and other aspects of the development process, such as user experience, product design, unit testing, backend and frontend development, and much more. Specific products discussed include Gatsby, Now, and Livewire.

Programming Throwdown

Whether you’re new to the world of programming or are looking into outsourcing of software development and want to understand the basics, Programming Throwdown is the podcast for you. It’s ideal for all levels of experience in development and tackles topics ranging from teaching kids how to code to debugging apps.

A particularly inspiring episode includes an interview with Air Force Veteran Jerome Hardaway, the executive director of Vets Who Code, a nonprofit that teaches veterans how to program for free.

Soft Skills Engineering

Software development services professionals need skills beyond the technical. That’s where this podcast comes in. It addresses the soft skills that are a must for working on development projects and creating top-notch products, including teamwork, management, productivity, communication, salary negotiation, and many others.

For those who are looking into software development outsourcing, Soft Skills Engineering also delves into the hiring process. Plus, you can learn all about what additional skills you should look for in the people you employ beyond technical expertise.

Software Engineering Radio

Each episode of Software Engineering Radio offers an in-depth interview with a subject-matter expert in software development. The podcast covers topics such as languages, testing, frameworks, and system architectures. You’ll learn about both technical subjects like code quality and less specialized and niche areas like motivating programmers.

Software Engineering Daily

Listeners will hear stories and lessons from experts across software development on this podcast. Software Engineering Daily looks at trends and news through the lenses of professionals working at top startups and popular companies.

In a recent episode, for example, Tony Godar, a former PlayStation ecosystem engineer describes his work with game consoles and the challenges and culture of software development in the gaming world in general.

TechZing

Offering advice on how to create a web app startup, TechZing is aimed at entrepreneurs and hackers alike. The podcast delves deep into tech-related topics and offers discussions and interviews with experts in the industry. Subjects are broad, ranging from filmmaking with an iPhone to the impact of CRISPR.

Software development services professionals will find plenty of value in these top industry podcasts — they provide information, lessons, tools, insights, and advice from experts. But non-developers can learn something from listening to them, too.

If you’re considering software development outsourcing or want to build a strong in-house team, these podcasts can help you understand what to look for in the professionals you hire. Or, if you frequently work with developers, they’ll give you a solid overview of the industry and help you stay informed about your colleagues’ work, ultimately allowing you to function better as a team.

This is an article provided by our partners network. It does not reflect the views or opinions of our editorial team and management.

Contributed content

Read more here:: www.intelligenthq.com/feed/

Wi-Fi 6 Officially Launches Today, With Up to 3x the Performance of 802.11ac

By Joel Hruska

The Wi-Fi 6 standard has officially launched today and the Wi-Fi Alliance is now handing out Wi-Fi 6 certifications to manufacturers with qualifying hardware. We’ll start seeing devices and equipment with Wi-Fi 6 support hitting the market in the near future.

Wi-Fi 6 has several features that make it advantageous compared with 802.11ac (aka Wi-Fi 5). First, for those of you who may not remember where this “Wi-Fi 6” moniker came from in the first place: The Wi-Fi Alliance

Image by TP-Link

According to the Wi-Fi Alliance, all of these improvements are necessary to support the dense deployments of current homes. In the early days of Wi-Fi, the only enabled device might be a laptop or two. Today, a household might have 3-5 computers, 3-5 phones, a smart TV, and a smart speaker. Device manufacturers, however, have to plan for a future in which one router might be asked to juggle connections from 3-5 computers, 3-5 phones, 2-4 smart TVs, 4-6 smart speakers, and 20-30 various IoT devices and appliances deployed throughout the house. Stack up that many products, and you’ll start running into local interference from your own network, to say nothing of anything your neighbor might deploy.

New Security Standards of Uncertain Value

The other major feature being introduced with Wi-Fi 6 is WPA3. Unfortunately, WPA3 has already been confirmed to suffer from some of the same security flaws that WPA2 had. Earlier this year, security researchers published results demonstrating these vulnerabilities and called the development approach used to certify WPA3 fundamentally flawed. “In light of our presented attacks, we believe that WPA3 does not meet the standards of a modern security protocol,” the authors’ wrote. “Moreover, we believe that our attacks could have been avoided if the Wi-Fi Alliance created the WPA3 certification in a more open manner.”

There are multiple ways to force WPA3 into a downgraded mode that exposes network information in an unsafe manner, and the standard, as a whole, does not seem to be as strong as either WPA2 or WPA were perceived to be when they finally deployed. There’s evidence that it may be possible to patch WPA3 devices in some cases, and we’re not trying to imply that there are no security improvements in WPA3 versus WPA2 that haven’t been compromised, but the situation does not seem to be as strong as in previous product life cycles.

In all honesty, this is not necessarily surprising. A major review of device firmware over the past 15 years conducted back in August found essentially zero security improvements in that time period. According to Sarah Zatko, the chief scientist at the Cyber Independent Testing Lab (CITL), “Nobody is trying. We found no consistency in a vendor or product line doing better or showing improvement. There was no evidence that anybody is making a concerted effort to address the safety hygiene of their products.”

In theory, WPA3 should be a major selling point for a product like this, but the overarching security issues around these devices make it clear that truly securing them is of secondary importance to their various designers. It is perhaps unsurprising that WPA3 would have issues as well.

Early devices that support Wi-Fi 6 include the Galaxy Note 10, the Galaxy S10, and all three of Apple’s just-announced iPhones. Most, if not all, flagship devices will likely include support from this point forward.

Now Read:

Read more here:: www.extremetech.com/feed

DoH Creates More Problems Than It Solves

By Richard Bennett

Unlike most new IETF standards, DNS over HTTPS has been a magnet for controversy since the DoH working group was chartered on 2017. The proposed standard was intended to improve the performance of address resolutions while also improving their privacy and integrity, but it’s unclear that it accomplishes these goals.

On the performance front, testing indicates DoH is faster than one of the alternatives, DNS over TLS (DoT). This is because DoH is better able to use persistent connections than DoT because of where it’s instantiated.

But the best that can be said of its performance vs. conventional DNS is that users probably won’t notice much additional delay. The individual lookups are slower, but they can be interleaved with other page load activities in such a way that the delays will be hidden.

Changing the DNS Architecture

The privacy and integrity issues are much more complicated, depending on who you trust and why you trust them. DoH has some fairly serious drawbacks in homes that use parental controls, campus intranets, and small business scenarios.

The most serious complaints concern the overall change DoH makes to DNS architecture, but these are more implementation decisions made by some application designers than inherent features. A DoH implementation that uses the DHCP-specified resolver wouldn’t suffer from these issues, but there’s more going on than simply cloaking address lookups.

Mozilla enables DoH by default but makes it relatively easy for enterprises to opt-out; but Google is committed to an approach that takes implementation decisions out of the hands of operating systems, network administrators, and local laws. By implementing DoH in browsers, the firms have created a scenario where lookup speed and integrity depend on the applications doing the lookups.

DNS has always been more than an address book; it is currently a distributed database that supports a number of application needs for email, CDNs, video streaming, and a host of other distributed applications with inter-process communication needs. DoH changes all of this by reducing the capacity of DNS, in contradiction to early hopes.

Who Do You Trust?

If you’re the kind of person that uses Chrome on a Pixel phone to access websites embedded with DoubleClick trackers through Android, you don’t lose any privacy because of DoH; you’ve actually got nothing left to lose. But you or your supplier may have problems in countries that require opt-ins for certain types of data collection and in those that ban lookups of dodgy domains.

You won’t be sharing your browsing habits with your ISP (other than the IP addresses you visit, of course,) but that may not be your worry. If you’re living in an oppressive regime, you may be better off because you should be able to evade governmentally-mandated content filters.

That’s the theory, anyhow. I suspect the practice will be for said oppressive regimes to simply block access to IP addresses such as 1.1.1.1, 8.8.8.8, and 9.9.9.9. At the very least, you’ll be raising red flags every time you perform an unlawful access; but you’re probably used to that.

You Have to Trust Someone

My point is that every DNS transaction depends on the user trusting some provider somewhere to return the correct answer. Protocols can implement user choices, but they can’t remove the requirement for trust.

If you trust your ISP more than Google or Cloudflare — not unreasonable for many — DoH does nothing for you outside of the narrow case of using public Wi-Fi over unsecured networks. If you’re doing that, of course, you have much bigger privacy issues than DNS lookups.

For general privacy on a public network, you need WPA3 (not widely implemented) or a VPN. Otherwise, the IP addresses (and many of the payloads) of your packets are easy pickings for anyone who knows how to use Wireshark.

It’s the Revenue, Stupid!

The major barrier to privacy on today’s Internet isn’t black hats, governments, or ISPs, it’s the revenue model that Geoff Huston pointed out in his recent CircleID post, DNS Privacy at IETF 104: “…pervasive monitoring is a feature, not a bug” of today’s Internet.

When Google takes DNS lookups away from ISPs, it’s not gaining any new information for itself if you’re already in their ecosystem; but they’re preventing anyone else from collecting and monetizing that information.

This is true regardless of the motivation for the design and implementation of DoH as it currently stands. But that doesn’t make DoH a bad standard all by itself.

How to Spot a Good Standard When You See One

Good networking standards work well in a variety of settings. Today’s DNS — placed inside the TCP/IP stack inside the client OS — is fast, flexible, and easy to implement.

Today’s DNS complies with national laws, is easy to bypass through hostfiles, works for CDNs, aids email with security keys, doesn’t leak local network architecture to the Internet, plays well with parental controls, and is resilient because it’s a distributed database.

It does communicate queries in plain text, but only over a wire that’s not generally accessible to any curious parties. If the goal of DoH is to cloak that rather trivial vulnerability, we can achieve it by implementing DoH in the protocol stack and beefing up DHCP. As implemented by Mozilla and Google, DoH is a very bad standard indeed.

The Rainbows and Unicorns Paradigm

The contradiction between the idealistic, privacy-enhancing, censorship evading goals of DoH and the commercial reality of monopolizing access to ad placement data is all too common in Internet history. Our utopian spirt has been compromised by cynical commercial interests as long as there’s been an Internet.

In 1993, the visionary Howard Rheingold laid this dynamic bare in his book, The Virtual Community:

We temporarily have access to a tool that could bring conviviality and understanding into our lives and might help revitalize the public sphere. The same tool, improperly controlled and wielded, could become an instrument of tyranny. The vision of a citizen-designed, citizen-controlled worldwide communications network is a version of technological utopianism that could be called the vision of “the electronic agora.” … But another kind of vision could apply to the use of the Net in the wrong ways, a shadow vision of a less utopian kind of place–the Panopticon.

When we design standards without thinking about the way they’ll be implemented, we feed the growth of the Panopticon while mouthing the rhetoric of the Utopia. A standard that lends itself to taking control of personal data away from users and concentrating it in the hands of firms that are already drowning in our personal data is not progress.

We need to redesign DoH so that it works with DHCP and local policies, not against them. The layered architecture of the Internet and the distributed nature of DNS become nothing more than cruel jokes if this standard is rolled out in its current form.

Written by Richard Bennett, Consultant

Follow CircleID on Twitter

More under: Cybersecurity, DNS, DNS Security, Internet Protocol, Policy & Regulation, Privacy

Read more here:: feeds.circleid.com/cid_sections/blogs?format=xml

%d bloggers like this: