• Human Infrastructure
  • Posts
  • Human Infrastructure 378: Sources of Truth, AI Welfare, and Other Things to Think About

Human Infrastructure 378: Sources of Truth, AI Welfare, and Other Things to Think About

AuthorAuthor

Drew Conry-Murray & Ethan Banks
November 14, 2024

THIS WEEK’S MUST-READ BLOGS 🤓

Ivan Pepelnjak succinctly explains the problem of recursive routing through tunnel interfaces. He then recommends several design options to avoid this scenario in several common network topologies. - Ethan

Ian Nightingale explains the design principle of a single source of truth, dispelling several wrong ideas about it along the way. To Ian, an SSoT “is where all users of a distinct unit of data understand and adhere to the principle that there is only one source of it. All changes are made to only that source. Copying the data to be used elsewhere should be avoided and every effort should be made to make the source easily accessed.” To read his thinking that outlines the practical aspects of this conclusion is worth a click. - Ethan

Phil Gervasi performs a service for the networking community with this post. He clearly articulates what LLMs are good for in the specific use case of network operations. He describes what an LLM really does as well as its limitations. He then discusses several real world practical examples you can, with some effort, execute today. Don’t overlook Phil’s enthusiasm for agentic AI, which he thinks might change network operations as we know it. I think so, too. AI agents came up in this podcast discussion with Cisco if you’d like more background. - Ethan

To help you decide if you want to read this one, I leave you with this quote...

“Traceroute, as far as the industry is concerned, does not exist. Look it up. There is no RFC. There are no ports for traceroute, no rules in firewalls to accommodate it, no best practices for network operators. Why is that?

First off: Yes, there is a traceroute RFC. It's RFC1393, it's 31 years old, and to my knowledge nothing supports it. The RFCs are jam-packed with brilliant ideas nobody implemented. This is one of them. The traceroute we have is completely unrelated to this.”

While I wouldn’t use this post as the basis for a textbook, it’s decidedly entertaining. Reads like this give me joy. - Ethan

If you ever need to do investigations into, or write detection rules for, Microsoft Entra ID, this post shares log-in fields that can yield useful information. It starts with simple instructions for getting the logs either via API or Powershell, and then goes through multiple fields and why they’re valuable. For example, Sapir writes about the authenticationdetails field: “It contains the full details of each authentication attempt. For example, if someone is trying to use MFA fatigue attacks, where they flood with MFA prompts until one succeeds, each failed attempt leading up to success will be documented here.” There’s lots more in this blog post. Definitely worth reading if Entra ID is  within your remit. - Drew

TECH NEWS 📣

No. Before we concern ourselves about whether a software program deserves moral consideration, let’s tackle the serious and significant impacts of AI on actual living human beings: from well-documented biases in AI models that affect things such as hiring, health care outcomes, and access to financial services; to the energy consumption and greenhouse gas emissions of AI infrastructure; to the unholy marriage of AI and surveillance technologies

Our current cohort of AI leaders are cavalier, if not reckless, when it comes to identifying and mitigating the harms of their creations. Maybe that’s why they’re so fixated on machine consciousness—they’re terrified of what their AI children will learn from them. - Drew

Yes, sixteen states still ban municipal broadband, but that’s five less than in 2020. That’s progress. But there’s more work to be done as incumbent providers sow disinformation and FUD to make voters believe that muni broadband is bad and telco monopolies are good. - Ethan

What does it mean to “take down” 22K IP addresses, since that isn’t a thing, exactly? It means that Operation Synergia II, a global operations supported by several nations, identified malicious IP addresses tied to criminal activity. Several actions were taken, including server takedowns, home searches, related humans identified, plus data and equipment seized. - Ethan

Back in May, US Cellular sold pretty much everything off to T-Mobile. Pretty much…but not all. One of the holdbacks was spectrum, with US Cellular hanging on to 70% of what they’d been allocated. Now part of that spectrum has been sold off to AT&T for $1.02 billion. That should help with long-term debt, which is roughly $3B. - Ethan

It seems Broadcom has heard the cries of disgruntled customers about licensing changes and cost increases around its vSphere software. Last month, Broadcom rolled out a revised offering, primarily targeting SMBs, at a lower cost and with fewer software add-ons that customers don’t want or need. The question now is whether this new vSphere package will gruntle SMB customers sufficiently to keep them from going elsewhere. - Drew

FOR THE LULZ 🤣

Shared by Phil Gervasi (@networkphil.bsky.social) on Bluesky

RESEARCH & RESOURCES 📒

One of those “how have I never heard of this before” projects, Netdata is very active with 19K commits and 72K stars. Version 2.0.0 was just released. And just what is Netdata?

From the README.md, “Netdata is a high-performance, cloud-native, and on-premises observability platform designed to monitor metrics and logs with unparalleled efficiency. It delivers a simpler, faster, and significantly easier approach to real-time, low-latency monitoring for systems, containers, and applications. Netdata requires zero-configuration to get started, offering a powerful and comprehensive monitoring experience, out of the box. Netdata is also known for its cost-efficient, distributed design.”

You can monitor just about anything with Netdata, including network infrastructure. - Ethan

From the README.md. “Bjorn is a « Tamagotchi like » sophisticated, autonomous network scanning, vulnerability assessment, and offensive security tool designed to run on a Raspberry Pi equipped with a 2.13-inch e-Paper HAT.”

Huh. I like it. Maybe we need more whimsy in our field. We’re all so serious… - Ethan

This project caught my eye because of the ability to self-host and train an AI on a specific knowledge domain I might find interesting. Certainly there are ways to do this with commercial LLMs, but I still like the idea of a fully stand-alone AI. What can Khoj do?

From the docs overview page…”Khoj is an open source, personal AI. You can chat with it about anything. It'll use files you shared with it to respond, when relevant. It can also access information from the public internet. Quickly find relevant notes and documents using natural language. It understands pdf, plaintext, markdown, org-mode files, notion pages and github repositories. Access it from your Emacs, Obsidian, the Khoj desktop app, or any web browser. Use our cloud instance to access your Khoj anytime from anywhere, self-host on consumer hardware for privacy.” - Ethan

INDUSTRY BLOGS & VENDOR ANNOUNCEMENTS 💬 

Google pats themselves on the back for 25 years of evolving network infrastructure. Currently on the 5th generation of their “Jupiter” (not Juniper) architecture, this fabric “scales to 13 Petabits/sec of bisectional bandwidth. To put this data rate in perspective, this network could support a video call (@1.5 Mb/s) for all 8 billion people on Earth!”

Google provides lots of links in the article if you’d like to read engineering details beyond the self-congratulations. - Ethan

Meta talks about their disaggregated scheduled fabric architecture built on evolved versions of components you’ve heard of before if you follow the Open Compute Project. There is some monster hardware itemized here, but perhaps more interesting is the disaggregation element. Meta has a goal with this approach.

“Over the past year we have developed a Disaggregated Scheduled Fabric (DSF) for our next-generation AI clusters to help us develop open, vendor-agnostic systems with interchangeable building blocks from vendors across the industry. DSF-based fabrics allow us to build large, non-blocking fabrics to support high-bandwidth AI clusters.”

If you’re reading closely, you also noticed the word “scheduled”…which in the world of basic Ethernet isn’t a thing. What’s Meta getting at? A scheduler in the FBOSS NOS. “VoQ-based traffic scheduling ensures proactive congestion avoidance in the fabric rather than reactive congestion signaling and reaction.” - Ethan

The free version of VMware Fusion & Workstation now have the same features that the paid Pro version did. You can’t buy Pro anymore. Enjoy! (Or keep using Proxmox or whatever you switched to if you already made the move.) - Ethan

The Puppet peeps report, “In early 2025, Puppet will begin to ship any new binaries and packages developed by our team to a private, hardened, and controlled location. Our intention with this change is not to limit community access to Puppet source code, but to address the growing risk of vulnerabilities across all software applications today while continuing to provide the security, support, and stability our customers deserve.”

If you read the entire post, Puppet states that this is all about security. While there are processes that Puppet contributors will be dealing with, the license model is not changing. They don’t want you to interpret this as a HashiCorp-style alteration of the deal. - Ethan

DYSTOPIA IRL 🐙

TOO MANY LINKS WOULD NEVER BE ENOUGH 🐳

  1. Navigating & Making Sense Out of Networking For AI/GenAI - Don't Be Fooled Yet Again by the Presentations Based Promises - A Network Artist

  2. I sent an ethernet packet - francisrstokes via GitHub

  3. Pkl: Apple's New Configuration Language That Could Replace JSON and YAML - /dev/writer

  4. Security Is A Useless Controls Problem - Security Is Substack

  5. Hire the Most Expensive Engineers You Can Find - Minimal Engineering

  6. How I fixed a server with a very precisely placed piece of tape - Hector Martin via Mastodon

  7. 3600 MHz Raspberry Pi 5 with Liquid Nitrogen - SkatterBencher

  8. The Strange Story of Cisco's (Sort of) Beloved Hold Music (2014) - The Atlantic

  9. Inside the $20 million business of gutting failed Bay Area tech companies - SFGate

  10. Spotify’s Car Thing, due for bricking, is getting an open source second life - Ars Technica

LAST LAUGH 😆

Shared by Jason Perlow (@jperlow.bsky.social) on Bluesky