• Human Infrastructure
  • Posts
  • Human Infrastructure 375: Mobile Ad IDs and Surveillance, BGP on Windows, IPv6 Transitions, and More

Human Infrastructure 375: Mobile Ad IDs and Surveillance, BGP on Windows, IPv6 Transitions, and More

THIS WEEK’S MUST-READ BLOGS 🤓

Do you want to run BGP on a Windows server? Thanks to Windows’ Routing and Remote Access (RRAS) implementation, you can. This blog shows you how with step-by-step instructions on Windows Server 2022. For bonus points, he does it using IPv6. - Drew

Brian Krebs has a long and detailed article on how the use of Mobile Advertising IDs (MAIDs) facilitate surveillance, how data brokers are using and selling this data, and whether state laws regarding personal privacy might be upheld or overturned as a company that sells privacy services goes to court with Babel Street, a data broker that sells a service that lets you track users via MAIDs.

MAIDs are unique identifiers built into Apple and Android smartphones. They are meant to be used for targeting advertising, but as you might guess, unique personal identifiers on mobile devices can also be put to other uses.

Krebs has instructions for how to delete your MAID in his article under the subhead “What Can You Do.” He also posted a link to Google documentation on how to delete MAID from Android devices. After reading Krebs’s article, I deleted mine.

And if you’re interested in other surveillance issues to be aware of, the Packet Protector podcast recorded an episode with researchers from the University of Maryland on how the Wi-Fi-based Positioning Systems (WPSs) can be used to track the physical location of wireless APs, and how that data can be used to facilitate mass surveillance. - Drew

Daniel is doing a series on an ISE lab he’s deployed. In his latest installment, he walks through how to create certificates to support his use of EAP-TLS and TEAP. The walk-through includes screenshots and detailed instructions. - Drew

Ivan Pepelnjak discusses what made the Network Operator Meetup (NOG) in Croatia so worthwhile, including the ideal size (enough folks to generate interesting conversations without so many people as to be overwhelming), intriguing ideas that emerged from the hallway track, and good organization. In our age of Zoom calls and streaming webinars, there’s still a strong case to be made for in-person gatherings.  - Drew

Constant Pinger weighs in on how to think about a Single Source of Truth (SSoT) in networking. The SoT question has taken on new relevance as various vendors, projects, and conferences try to drive network automation forward. You need SoTs with accurate, up-to-date information that can be relied on by tools and processes executing automations, and to ensure that humans and systems are working with the same information (configs, IPs, telemetry, etc.). I like the way this post describes SoTs, and the emphasis that an SoT is less a product and more a design principle.  - Drew

Geoff Huston analyzes data that suggests the transition to IPv6 began in measurable earnest in 2015 but won’t be complete until 2045. To him, that begs the question of why a convergence on IPv6 is ultimately necessary.

“If we can operate a fully functional Internet without such a coherent end device address architecture for three decades, then why would we feel the need to restore address coherence at some point in the future? What’s the point of IPv6 if it’s not address coherence? Something has gone very wrong with this IPv6 transition, and that’s what I’d like to examine in this article.”

Geoff goes on to review the milestones of IPv6 adoption as well as the developments in tech (DNS as service identifier), IPv4 deployment (NAT), and web architecture (edge distributed CDNs on powerful servers) that have kept v4 alive long past its anticipated demise. If you appreciate networking history and perspective, this piece is not to be missed. Don’t skip Geoff’s conclusions, either. His arguments about the future of the v4/v6 transition are painfully logical and difficult to refute, in my opinion.

You might also like the Hacker News thread discussing Geoff’s article, which dives into the complexity many have been frustrated by in their v6 deployment attempts. - Ethan

NetOrca

With NetOrca you can allow your internal customers to consume all the great automation infrastructure you have created and manage it throughout its service lifecycle. See our demo with Ethan below or visit our website for more information and contact details.

TECH NEWS 📣

SpaceX is asking for permission to launch more satellites for their second gen constellation. Some of these birds will fly closer to the ground for lower latency and use E-band radio spectrum. An additional radio spectrum request is for L-, S-, Ku-, Ka-, V-, and W-Bands. - Ethan

The key term here is all-optical. An all-optical device wouldn’t have to convert light to electrical signal for processing. That’s what this research is all about.

“A University of Michigan-led research team demonstrated an ultrafast all-optical switch by pulsing circularly polarized light, which twists like a helix, through an optical cavity lined with an ultrathin semiconductor. The study was recently published in Nature Communications. The device could function as a standard optical switch, where turning a control laser on or off switches the signal beam of the same polarization, or as a type of logic gate called Exclusive OR (XOR) switch, which would produce an output signal when one light input twists clockwise and the other is counterclockwise but not when both inputs are the same.”

Such a switch would operate with a lower power requirement and reduction in latency. - Ethan

The US Federal Communications Commission is looking into data caps. Their docket is filling up with comments from the public requesting that data caps be done away with.

If for no other reason, you should scan this piece to read the industry arguments in favor of data caps. The mind boggles. - Ethan

FOR THE LULZ 🤣

Shared by Danilo Neto on the Packet Pushers Slack

RESEARCH & RESOURCES 📒

The USNUA organizes in-person gatherings of networking and IT professionals across the United States. The goal is to help network engineers develop their skills, stay abreast of technology developments, and make connections with peers (which is ideal for building your personal nerd network and for landing that next role). 

You can sign up for a free membership to find out about events in your area, or to start one. What’s more, the USNUA is developing a series of invite-only technical presentations, which you can stream live or watch on demand, just for members. If you’re interested, you can sign up for free here

Last but not least, if you’re attending AutoCon2 this November, USNUA is hosting a “NUG@NAF” social event at the show. The event will center around the “Great Debate - EVPN vs. Layer 2 Link State” where two presenters will square off to make their case. (By the way, NUG@NAF is looking for sponsors, so if you’re a vendor with a stake in the debate, this is a good opportunity!)

To summarize, USNUA is on a mission to build a community of network engineers, and you can get a free membership. Check it out! - Drew

Ben’s created a UI featuring a simple globe with AWS data centers in their approximate geographic location. Click a DC, and lines appear from it to all the other ones. Each line is labeled with latency between the data centers in milliseconds. A great visualization that might help you decide where to place workloads that require a specific latency to perform properly. - Ethan

Here’s part of the abstract if this research interests you…which it should. These findings are counter-intuitive, at least to me.

“QUIC is expected to be a game-changer in improving web application performance. In this paper, we conduct a systematic examination of QUIC's performance over high-speed networks. We find that over fast Internet, the UDP+QUIC+HTTP/3 stack suffers a data rate reduction of up to 45.2% compared to the TCP+TLS+HTTP/2 counterpart. Moreover, the performance gap between QUIC and HTTP/2 grows as the underlying bandwidth increases.”

Note that this is v2 of this research. Version 1 was released in October 2023. - Ethan

Packet Pushers Audience Survey - Get Yours Before It’s Gone!

We’re closing our annual Audience Survey next week. If you’ve been meaning to fill it out, now’s your last chance. Thanks in advance for your feedback!

If you’re sick of us reminding you about it, this is the final irritant. Thanks for putting up with us!

INDUSTRY BLOGS & VENDOR ANNOUNCEMENTS 💬 

Kerberoasting is an attack technique used against Active Directory. This post from Microsoft Security walks through how it works, current threats (apparently, attackers are harvesting credentials and using GPU clusters to try to crack passwords), and steps you can take to limit the risk of a roasting. Of course, one thing Microsoft could do to help is deprecate the use of the RC4 encryption algorithm. The company says it will do so in upcoming Windows releases, but why it’s been supported this long is a head-scratcher. (Apropos of nothing, the person in the stock image used by Microsoft looks like the bass player in Mastodon.) - Drew

Gluware, which makes network automation and orchestration software, has announced a new generative AI capability, called Co-Pilot for NetDevOps. The offering is designed to use the natural language capabilities of generative AI to help network engineers and operators build automation models faster, integrate Gluware and network APIs in hours, and develop automations more quickly. The company has also announced integrations with Netbox and GitHub. - Drew

Netos NetOps is an open-source project from Netos that lets you manage Netbox using Ansible Semaphore. If that’s something you might want to do, the link above goes to a LinkedIn post that includes a subsequent link to all the guides. There’s also a demo video. - Drew

NotebookLM is one of the language model tools I’ve been most impressed with. In this listicle, Google walks you through what NotebookLM is all about and how to get extract value from it. For instance…

“NotebookLM is extremely useful for situations where you need to manage, connect and synthesize information from multiple sources. “We all have this problem where we’re working on something, and the information we need is scattered across desktop folders, tabs and wherever else,” [author Steven Johnson] says. This is what NotebookLM is made for, he explains: connecting all those scattered dots.”

That checks out. In my early experiments with NotebookLM, I uploaded several PDF ebooks covering networking protocols, network processors, and programming to a notebook. I’d ask questions of the notebook, and get footnoted answers back that spanned the various resources. What’s more…the answers flowed well and made good sense. - Ethan

TL;DR. “Universal Jointing is a method of connecting all types of submarine optical tele-communication cables with a common set of construction equipment & methods.” Today I learned! - Ethan

Nefarious actors are taking advantage of remote work in a couple of ways. For instance, North Korea is getting workers hired at companies outside of North Korea by posing them as workers from Europe or North America. These workers may not be trying to steal data or infiltrate the org, they’re just bringing good wages into the country under false pretenses. However, there’s also the threat that once employed, workers hired under false identities (whether from North Korea or elsewhere) will in fact try to upload malware, steal data, and otherwise infiltrate the organization. This kind of attack can happen to infosec companies, and sometimes they blog about it when it does–in part to share their experience and help build attack profiles so that other orgs will know what to look for, and in part as a marketing exercise for their own services. The post linked in the headline above from HYPR definitely falls into the second category, but it’s still worth reading for the learning. - Drew

TOO MANY LINKS WOULD NEVER BE ENOUGH 🐳

  1. Origin Of The Word “Daemon” As Applied To Computing - Take Our Word For It, Issue 146, page 4

  2. Beyond Backside Power: Scaling Chips to 2nm and Beyond Also Requires Frontside Wiring Innovations - Applied Materials

  3. How to secure your new VPS: a step-by-step guide - Bootstrap & Build

  4. Neurotech moonshot: approach for making the general-purpose brain-machine interface happen - e184 via Substack

  5. Cyboard (craziest split ergo keyboards you’ve ever seen) - Cyboard

  6. Giant catapult defies gravity by launching satellites into orbit without the need of rocket fuel - Brighter Side Of News

  7. Norway to increase minimum age limit on social media to 15 to protect children - The Guardian

  8. Tesla driver blocks windscreen on public highway – report - Drive

  9. Wireless Ship Act of 1910 - Wikipedia

  10. Addition is All You Need for Energy-efficient Language Models - Academic PDF via arXiv

  11. Welcome to the Dark Side of the Tech Industry - Keegan Justis via Medium

  12. Is It Better to Fail Spectacularly? - Daniel Mangum

LAST LAUGH 😆

Shared by Kaj Niemi on the Packet Pushers Slack