An open letter to Senator Richard Burr

I sent this to Senator Richard Burr through his website. I am also leaving it here, and will update with his response:

Senator Burr,

First, I want to say Thank You for working on the behalf of North Carolina in our nation’s capital. I recognize that there are hundreds, if not thousands of issues that you are asked to consider on a regular basis, which cannot be easy.

I am contacting you regarding the encryption bill that you are working on with Senator Feinstein. North Carolina is a very tech savvy state. We have major technology companies in almost every tech sector, and now are home to some of the largest and most efficient data centers in the US. There is much to be proud of. With that in mind, I am surprised to see you as one of the advocates of the bill.

I recognize that as the Chair of the Senate Intelligence Committee you hear from our intelligence services on a regular basis. I am certain the current conversation is heavily geared towards how to deal with the pervasive nature of encryption. Today it is easy for a terrorist organization to have fully encrypted end-to-end communication. I am sure that is incredibly frightening to the intelligence services and their job is a very difficult one. I recognize that every attack on American citizens ultimately creates hundreds of questions like “How did the [insert three letter acronym] not know this was going to happen?” It’s an impossible battle.

I am a network engineer and I have worked in IT for many years. I intimately understand encryption and the basic underpinnings of the internet. I have spent many years protecting my employers networks and systems from outside attack. I understand that ever evolving battle first-hand.

With that said, I am very concerned that you feel that you can force companies to provide backdoor access to devices and communication without affecting every citizen who chooses to use an electronic device. I assume that you have chosen to believe the rhetoric which states that open access can be protected. Otherwise, the only other assumption is that you believe that normal everyday citizens should not have the ability to protect their private, personal information; that corporations should not have the ability to protect their intellectual property.

Assuming that you believe the former; I want you to consider these questions. How long do you expect that backdoor to be kept safe? How long do you think it will take before technical terrorist, both foreign and domestic find and utilize that backdoor?

If the US makes and is granted the demand, what prevents other foreign entities from doing the same? What do you think the economic impact would be for companies when China has a backdoor to every corporate device of every manufacturing company in the US? I have spent eight years of my career working with large international manufacturing companies. I know first hand what the impact of that is. I have watched it with my own eyes. I could argue this particular point, citing experience, but I want to respect your time. If you would like to discuss, I will be happy to do so.

I have one more question I would like to present. How do you expect that forcing backdoor access will actually aid the intelligence services? This is an exercise in futility and escalation. Assume for a moment that the NSA/CIA/FBI has root access to every device. What happens when the user also employs an encrypted communication app which also requires a passcode and does not store data locally? Let’s also suppose that they are always running a VPN or TOR client. Finally, let’s assume that the server the encrypted app on the encrypted phone, communicates to through an encrypted tunnel, lives in a non-friendly foreign state. What good does this legislation then do? The answer is, none. The US cannot compel the foreign server to give it a back door. But, the US, who loves to discuss freedom has created a wide exploit that will then begin to be used for a different type of terrorism and removed every citizens right to privacy with their most personal data.

I am not hurling these questions at a wall to see what sticks. I would like a response. This is a very important discussion to be had without rhetoric and fear-mongering. I can be contacted with the information provided if you would like to further discuss these or other concerns.

With respect,

Jonathan Davis

Advertisements

Geek Toys – The future of Apple TV

As WWDC approaches, I once again hope for a new Apple TV. The Apple TApple TVV has so much potential, and so much disappointment associated with it. Will WWDC be the time when we finally see an update? The bigger question is, with such strong competition from other products, has Apple already missed the boat?
I’ve spent quite a bit of time thinking about what I would like to see in a new Apple TV. There has been a lot of change in the last few months around home entertainment, and if Apple really wants to own the space, it has to adapt to compete. There are some key features that I think could make Apple TV ready to own the space again.

Siri

When I hear people discuss using Siri on an Apple TV, I rolled my eyes. I hate Siri. I refuse to use Siri. However, that changed just a little when I received an Amazon Echo. Amazon has knocked voice recognition out of the park! Alexa is fast, error free, and simply amazing. It is so good, I actually caught myself preparing to say “Thank you” to a piece of hardware! Each morning I ask Alexa for the news and my commute information. I use it when cooking for timers. Alexa is the only reason I use Prime Music. Let me repeat that. I began using Amazon Prime Music only because Alexa made it so easy. Make Siri that good on an AppleTV, and I get it now.

Facetime HD camera and mic

I do not understand why this hasn’t happened before. An Apple TV that could connect via FaceTime, is a no brainer in my opinion. Besides the ability to talk with relatives and friends through a TV, a camera could provide a lot of other features. The camera or mic could be used as a detector for HomeKit automation. Add some face recognition, and use it to choose the profile, and permit or deny content based on age restrictions. The list goes on and on.

HomeKit Integration

Imagine the Apple TV turning on lights when motion or sound is detected. It could also provide the remote view capabilities required by those of us who regularly travel and would like to check on our homes. This would be an easy way to integrate HomeKit and directly compete with the existing products on the market from Belkin and Wink and many other companies. I love my Wink Hub and the attached lights, sensors, and outlets. I hope that Apple gets the integration right.

4K

Apple has built the 5K iMac to encourage 4K content creation. 4K content only becomes valuable once there is an easy way to consume that content. Apple TV should be that avenue.

Glances and notifications

The notifications on Watch are the reason I love my watch. There is no reason why this same thing shouldn’t work as a pop-up on the Apple TV.

A decent remote!

Apple works hard to refine every detail of their products, which leads me to ask. What happened? The AppleTV Remote is simple, small, and sleek. It is also the worst of the worst of the entertainment hub remotes. It uses IR, which means it must be in direct line of site of the AppleTV. Anyone who has used both an Apple TV and a Roku or Amazon Fire TV understands what I am talking about. The Roku and Fire TV remotes can be oriented in any direction, and yet they still work. The devices themselves can be hidden behind TVs or in closets and they still work. Not so for the AppleTV. It is time to move to BluetoothLE for the remote and show IR the door.

Games, apps, blah blah, blah.

I don’t play games. I try to care…but I don’t.

RSA can’t be trusted. Death to RSA.

RSA has finally admitted that it’s root certificates were compromised, which affects ALL SecurID tokens.

I personally feel that this shows absolute failure on the part of RSA. First, their root certificate was compromised. Second, rather than admit it, begin contacting customers immediately, and notifying the public, they chose to hide behind NDA’s while their customers were being compromised. RSA’s excuse for their lack of communication was that they didn’t want to give the attackers more information that could be used to exploit further companies. Based on the target of the attacks: Lockheed, Northrup Grumman, and L3 Communications, it is clear that the attackers knew everything already.

A company that was built on trusts and security has now been found completely untrustworthy and insecure. I expect to see major lawsuits resulting from this. I hope to see heads roll.

The company I work for uses these tokens. We have asked RSA for more information multiple times, but they have been slow in providing anything.

http://www.net-security.org/secworld.php?id=11122

Google warns of World IPv6 Day

Google is warning users of tomorrow’s test of IPv6, and more importantly of the fact that current IPv4 addresses have been depleted. I was only able to see the yellow banner in Linux running Firefox4, it never appeared on my Windows 7 machine. Google warning of IPv6 testing on June 8th.

While the banner is sure to cause some discussion among the non-networking crowd, I wish Google had included a link to more information. Instead they only include a link to test a users internet connection for IPv6 readiness. I don’t think the average user understands that their ISP is responsible for providing IPv6 connectivity, or of the problems that currently face IPv4.

I will give Google credit for starting the conversation. Hopefully, tomorrow there will be a lot of companies asking themselves what they must do to be ready for IPv6. Enterprise must lead IPv6 adoption, because as we all know, carriers are more than happy to sit on their butts as long as no one complains. The fact that so many ISP are considering CGN is a perfect example of that.

Cisco is SCARED! Why Cisco won’t release an emulator.

Greg Ferro posted on his blog another plea to Cisco to play nice and give network engineers tools for testing, verifying, and learning new technology. If you’ve missed the recent debate on the matter, it’s OK. Crawl back under that rock, you won’t miss a thing.

I generally read Greg’s posts while nodding my head like some sick bobble headed doll, with an occasional grunt in agreement. However today, my head stopped bobbing when I realized something…

Cisco is AFRAID of the virtual switch/router.

Let that sink in for a minute.

I know what you’re thinking. “They don’t have anything to be afraid of. That’s crazy talk.”  I’m sure that people said the same about Dell and HP when ESX was first announced. “They don’t have anything to worry about. No data center could ever virtualize all of their servers. That’s just crazy.” Only, it did happen. Right now I am sitting just a few hundred feet from 100 servers that would be over 500 servers if it wasn’t for vmWare. Think of the lost revenue to Dell and HP.

But, you say, “what about the Nexus 1000v”. What about it? Cisco had already lost sales because all of those virtual servers didn’t need individual switchports. That was Cisco’s way of getting some of that revenue back. It wasn’t about extending network engineer’s control into the virtual environment. It was about lost port revenue.

Imagine with me for a moment. What would happen if you could virtualize the Edge and Core layers of your network all onto a single HA cluster. (Maybe a couple of Dell or HP servers.)

Firewalls, Check
Routing, Check
IDS, Check
VPN, Check

Where is the need for 10GB, 40GB, 100GB, TRILL, or Fabric Path? What about all of the other technologies that Cisco will sell us over the next 10 years, forcing us to replace existing hardware?

Outside of the HA cluster, you would need a couple of switches for Distribution, and you would need your normal Access layer switches, but how many components of the network would be cut? Not only routers, firewalls, and switches, but adapters, redundant power supplies, wireless controllers.

It’s already been done. Look at Cisco Call Manager. A router, switch, and server that do the work of racks and racks of PBX equipment.

“But, I just want them to release it so that I can test.”

Cisco has three choices: 1. Stick fingers in their ears and hum loudly. (Current tactic) 2. Release a good virtual network platform, and wait for everyone to ask, “wait…why can’t we virtualize this for real?” 3. Release a crippled, barely working virtual platform, and then get derided for their poor product.

No matter how Cisco looks at it, they lose.

Suddenly I am asking myself. After IPv6, what is the next big thing to happen in networking? Could virtualization change networking the way it changed servers?

Is Cisco getting back on track?

Cisco’s big-man-in-charge, John Chambers, sent out an email to all employees this week, which outlined a few important things:

-Cisco has lost focus
-Cisco was caught off guard by certain movements within the Networking community (openflow, new products from other vendors, etc)
-Cisco makes it difficult for new product to make it to market
-Cisco has to focus on the core business components, rather than continuing to diversify into low margin consumer markets
-Most importantly, Cisco shareholders, employees, and customers are not happy with the current direction that Cisco has taken

The message is a great read, and gives me hope that Cisco can get back on the ball, and address some of it’s core issues. Kudos to the Cisco team for taking a hard look at where they are, and making decisions to correct their wandering trajectory. Here’s hoping they follow through!

http://blogs.cisco.com/news/message-from-john-chambers-where-cisco-is-taking-the-network/

Microsoft meets the first snag in plan to purchase IPv4 addresses

As you should now be aware of, Microsoft is planning on hoarding purchasing a large huge block of IP addresses from Nortel. Now ARIN chief, John Curran, has made it clear that if the plan does not meet the current ARIN requirements for transfers, the IP address space can be reassigned. Here are a couple of relevant quotes:

Companies that are allocating their address to a third party can ask for compensation if they want to, he said. However, the acquiring party is required to show an immediate and appropriate need for the addresses, he said.

Existing transfer policies allow up to 12-months worth of address space to be transferred from one entity to another, he said.

So, that brings up the question, can Microsoft show a need for 666,000 in the next 12 months?

Link: http://www.computerworld.com/s/article/9215091/IPv4_address_transfers_must_meet_policy_ARIN_chief_says