Hewlett Packard Enterprise (HPE) announced plans to buy data center networking hardware maker Juniper Networks for about $14 billion, or $40 per share, in an all-cash deal. The company expects to close the deal by the end of this year or in early 2025. CNBC reports: The acquisition would double HPE's existing networking business after years of competition. If it's completed, Juniper CEO Rami Rahim would lead the combined group and report to HPE's CEO, Antonio Neri, according to the statement. HP got deeper into the category when it bought Aruba Networks in 2015, and months later, the technology conglomerate split in two, resulting in the formation of HPE, which sells servers and other equipment for data centers, and HP Inc., which makes PCs and printers. HPE said adding Juniper to its portfolio would bolster margins and speed up growth.

Founded in 1996, Juniper spent many years chasing Cisco in the market for networking gear. Revenue grew 12% year over year in 2022, the fastest growth since 2010. In the most recent quarter, Juniper eked out a $76 million profit on $1.4 billion in revenue, which declined 1%. HPE's networking segment was the company's top source of earnings before taxes, at $401 million on $1.4 billion in revenue, which was up 41%. Coming together would lead to $450 million in annual cost savings within three years of the deal's completion, HPE said.

The Wi-Fi Alliance is now starting to certify devices that use the latest generation of wireless connectivity, and the goal is to make sure these devices work with each other seamlessly. Android Central: Basically, the certification allows router brands and device manufacturers to guarantee that their products will work with other Wi-Fi 7 devices. Qualcomm, for its part, is announcing that it has several designs that leverage Wi-Fi 7, and that it achieved the Wi-Fi Alliance certification -- dubbed Wi-Fi Certified 7 -- for the FastConnect 7800 module that's baked into the Snapdragon 8 Gen 3 and 8 Gen 2, and the Networking Pro portfolio.

Wi-Fi Certified 7 is designed to enable interoperability, and ensure that devices from various brands work without any issues. In addition to Qualcomm, the likes of MediaTek, Intel, Broadcom, CommScope, and MaxLinear are also picking up certifications for their latest networking products. I chatted with Andy Davidson, Sr. Director of Technology Planning at Qualcomm, ahead of the announcement to understand a little more about how Wi-Fi 7 is different. Wi-Fi 7 uses the 6GHz band -- similar to Wi-Fi 6E -- but introduces 320Mhz channels that have the potential to deliver significantly greater bandwidth. Wi-Fi 7 also uses a clever new feature called Multi-Link Operation (MLO) that lets devices connect to two bands at the same time, leading to better signal strength and bandwidth. Further reading: Wi-Fi 7 Signals the Industry's New Priority: Stability.

Business Insider's Kelli Maria Korducki reports on a growing trend happening on LinkedIn: some people are using the professional network for personal connections, fielding romantic offers amid job postings. But that leaves the question: Is it a good idea to mix work and love? From the report: Dustin Kidd, a professor of sociology at Temple University who researches social media and pop culture, said that dating via LinkedIn belonged to a long tradition of "dating hacks" -- using online tools designed for other purposes to snag a date. "In the aughts, this happened with Friendster and then Myspace," Kidd said, but has since spread to myriad platforms that are ostensibly romance-free. Even fitness-tracking sites such as Strava are fair game. The common thread for love-hijacked social-media sites is a single feature, Kidd said: DMs. "The design of LinkedIn helps to maintain its focus on the professional, but any platform with a direct-messaging option is likely to also be used to pursue sex and dating," he told me. The ease and relative privacy of direct messaging help explain how some people are using LinkedIn for romance, but it doesn't explain why. In an age with so many dedicated dating platforms -- from giants such as Tinder, Bumble, and Hinge to niche apps including Feeld (for the unconventional), Pure (for the noncommittal), and NUiT (for the astrologically inclined) -- why mix Cupid's arrow with corporate updates?

Any type of social media where you can see people's pictures can turn into a dating app. And LinkedIn is even better because it's not just showing people's fake lives. One answer may be the growing number of Americans who have gotten tired of the roulette-like experience that comes with modern dating apps. In a 2023 Pew survey of US adults, nearly one-third of respondents said they had used an online dating site or app at least once. More than half of women who had used the apps reported feeling overwhelmed by the number of messages they had received in the past year, while 64% of men said they felt insecure from the lack of messages they had gotten. Though an overwhelming majority of men and women said they'd felt excited about people they connected with, an even-larger proportion of respondents said they were sometimes or often disappointed by their matches. [...]

LinkedIn's appeal as a dating site, according to people who use it that way, is the platform's ability to give back some of that control and boost the caliber of their prospects. Because the professional-networking site asks users to link to their current and former employers' profile pages, it offers an additional layer of credibility that other social-media platforms lack. Many profiles also include first-person references from former colleagues and managers -- real people with real profile pages. [...] Even for those who shy away from using LinkedIn to angle for dates, the site has become a go-to tool for vetting romantic candidates found through conventional dating apps or in-person encounters. "Social media is just one big dating app," [said Samuela John, a 24-year-old personal organizer in New York City who developed chemistry with an oil-industry man on the platform]. "Any type of social media where you can see people's pictures can turn into a dating app. And LinkedIn is even better because it's not just showing people's fake lives." [...] "I don't think you should go into it like, 'All right, I'm going to find my husband on LinkedIn,'" John said. "I think you should go about it as if you were just networking, like in a casual sense. And then if you end up meeting the person, see the vibes and then go from there."

In a notice on Monday, Xfinity notified customers of a "data security incident" that resulted in the theft of customer information, including usernames, passwords, contact information, and more. The Verge reports: Xfinity traces the breach to a security vulnerability disclosed by cloud computing company Citrix, which began alerting customers of a flaw in software Xfinity and other companies use on October 10th. While Xfinity says it patched the security hole, it later uncovered suspicious activity on its internal systems "that was concluded to be a result of this vulnerability."

The hack resulted in the theft of customer usernames and hashed passwords, according to Xfinity's notice. Meanwhile, "some customers" may have had their names, contact information, last four digits of their social security numbers, dates of birth, and / or secret questions and answers exposed. Xfinity has notified federal law enforcement about the incident and says "data analysis is continuing."

We still don't know how many users were affected by the breach. Xfinity will automatically ask customers to change their passwords the next time they log in to their accounts, and it's also encouraging users to turn on two-factor authentication. You can find the full notice, including contact information for the company's incident response team, on Xfinity's website (PDF). UPDATE 12/19/23: According to TechCrunch, almost 36 million Xfinity customers had their sensitive information accessed by hackers via a vulnerability known as "CitrixBleed." The vulnerability is "found in Citrix networking devices often used by big corporations and has been under mass-exploitation by hackers since late August," the report says. "Citrix made patches available in early October, but many organizations did not patch in time. Hackers have used the CitrixBleed vulnerability to hack into big-name victims, including aerospace giant Boeing, the Industrial and Commercial Bank of China and international law firm Allen & Overy."

"In a filing with Maine's attorney general, Comcast confirmed that almost 35.8 million customers are affected by the breach. Comcast's latest earnings report shows the company has more than 32 million broadband customers, suggesting this breach has impacted most, if not all Xfinity customers."

Slow load times? Choppy videos? The real problem is latency, writes the Verge — but the good news is "there's a plan to almost eliminate latency, and big companies like Apple, Google, Comcast, Charter, Nvidia, Valve, Nokia, Ericsson, T-Mobile parent company Deutsche Telekom, and more have shown an interest." It's a new internet standard called L4S that was finalized and published in January, and it could put a serious dent in the amount of time we spend waiting around for webpages or streams to load and cut down on glitches in video calls. It could also help change the way we think about internet speed and help developers create applications that just aren't possible with the current realities of the internet... L4S stands for Low Latency, Low Loss, Scalable Throughput, and its goal is to make sure your packets spend as little time needlessly waiting in line as possible by reducing the need for queuing. To do this, it works on making the latency feedback loop shorter; when congestion starts happening, L4S means your devices find out about it almost immediately and can start doing something to fix the problem. Usually, that means backing off slightly on how much data they're sending... [L4S] makes it easier to maintain a good amount of data throughput without adding latency that increases the amount of time it takes for data to be transferred...

If you really want to get into it (and you know a lot about networking), you can read the specification paper on the Internet Engineering Task Force's website... The L4S standard adds an indicator to packets, which says whether they experienced congestion on their journey from one device to another. If they sail right on through, there's no problem, and nothing happens. But if they have to wait in a queue for more than a specified amount of time, they get marked as having experienced congestion. That way, the devices can start making adjustments immediately to keep the congestion from getting worse and to potentially eliminate it altogether... In terms of reducing latency on the internet, L4S or something like it is "a pretty necessary thing," according to Greg White, a technologist at research and development firm CableLabs who helped work on the standard. "This buffering delay typically has been hundreds of milliseconds to even thousands of milliseconds in some cases. Some of the earlier fixes to buffer bloat brought that down into the tens of milliseconds, but L4S brings that down to single-digit milliseconds...."

Here's the bad news: for the most part, L4S isn't in use in the wild yet. However, there are some big names involved with developing it... When we spoke to Greg White from CableLabs, he said there were already around 20 cable modems that support it today and that several ISPs like Comcast, Charter, and Virgin Media have participated in events meant to test how prerelease hardware and software work with L4S. Companies like Nokia, Vodafone, and Google have also attended, so there definitely seems to be some interest. Apple put an even bigger spotlight on L4S at WWDC 2023 after including beta support for it in iOS 16 and macOS Ventura... At around the same time as WWDC, Comcast announced the industry's first L4S field trials in collaboration with Apple, Nvidia, and Valve. That way, content providers can mark their traffic (like Nvidia's GeForce Now game streaming), and customers in the trial markets with compatible hardware like the Xfinity 10G Gateway XB7 / XB8, Arris S33, or Netgear CM1000v2 gateway can experience it right now...

The other factor helping L4S is that it's broadly compatible with the congestion control systems in use today...

To celebrate the 30th anniversary of Doom, both John Romero and John Carmack are appearing now on a special 30th anniversary stream on Twitch. (Right now they're talking about people who got into professional networking careers because of what they'd learned from setting up multiplayer deathmatches...)

And earlier this morning, Romero shocked the gaming world by posting six words on X.

"Free WAD for SIGIL II is up"

The official page for the long-awaited new Doom episode promises a 2 megabyte file "packed with some hardcore classic DOOM punishment — beware of Ultra-Violence mode!" There's nine new maps with names like "Wrathful Reckoning" and "Vengeance Unleashed". And the site is also selling an upgrade with a THORR soundtrack — priced at €6.66 — along with t-shirts, boxed editions of the original game Sigil, and a "Megawad Beast Box" that's "individually numbered and signed personally by John Romero and featuring the artwork of Christopher Lovell" (including a signed art print).

Besides sundry extras including a t-shirt, stickers, and a Sigil-themed coin, it also comes with a pewter statue of John Romero's head on a spike...

UPDATE: John Romero released a new 9-map episode of Doom.

But it was 30 years ago today that Doom "invented the modern PC games industry, as a place dominated by technologically advanced action shooters," remembers the Guardian: In late August 1993, a young programmer named Dave Taylor walked into an office block... The carpets, he discovered, were stained with spilled soda, the ceiling tiles yellowed by water leaks from above. But it was here that a team of five coders, artists and designers were working on arguably the most influential action video game ever made. This was id Software. This was Doom... [W]hen Taylor met id's charismatic designer and coder John Romero, he was shown their next project... "There were no critters in it yet," recalls Taylor of that first demo. "There was no gaming stuff at all. It was really just a 3D engine. But you could move around it really fluidly and you got such a sense of immersion it was shocking. The renderer was kick ass and the textures were so gritty and cool. I thought I was looking at an in-game cinematic. And Romero is just the consummate demo man: he really feeds off of your energy. So as my jaw hit the floor, he got more and more animated. Doom was amazing, but John was at least half of that demo's impact on me." [...]

In late 1992, it had become clear that the 3D engine John Carmack was planning for Doom would speed up real-time rendering while also allowing the use of texture maps to add detail to environments. As a result, Romero's ambition was to set Doom in architecturally complex worlds with multiple storeys, curved walls, moving platforms. A hellish Escher-esque mall of death... "Doom was the first to combine huge rooms, stairways, dark areas and bright areas," says Romero, "and lava and all that stuff, creating a really elaborate abstract world. That was never possible before...."

[T]he way Doom combined fast-paced 3D action with elaborate, highly staged level design would prove hugely influential in the years to come. It's there in every first-person action game we play today... But Doom wasn't just a single-player game. Carmack consumed an entire library of books on computer networking before working on the code that would allow players to connect their PCs via modem to a local area network (LAN) and play in the game together... Doom brought fast-paced, real-time action, both competitive and cooperative, into the gaming mainstream. Seeing your friends battling imps and zombie space marines beside you in a virtual world was an exhilarating experience...

When Doom was launched on 10 December 1993, it became immediately clear that the game was all-consuming — id Software had chosen to make the abbreviated shareware version available via the FTP site of the University of Wisconsin-Madison, but that crashed almost immediately, bringing the institution's network to its knees... "We changed the rules of design," says Romero. "Getting rid of lives, which was an arcade holdover that every game had; getting rid of score because it was not the goal of the game. We wanted to make it so that, if the player died, they'd just start that level over — we were constantly pushing them forward. The game's attitude was, I want you to keep playing. We wanted to get people to the point where they always needed more."
It was a unique moment in time. In the article designer Sandy Petersen remembers that "I would sometimes get old dungeons I'd done for D&D and use them as the basis for making a map in Doom." Cheat codes had been included for debugging purposes — but were left in the game rs to discover. The article even includes a link to a half-hour video of a 1993 visit to Id software filmed by BBS owner Dan Linton.

And today on X, John Romero shared a link to the Guardian's article, along with some appreciative words for anyone who's ever played the game. "DOOM is still remembered because of the community that plays and mods it 30 years on. I'm grateful to be a part of that community and fortunate to have been there at its beginning."

The Guardian's article notes that now Romero "is currently working on Sigil 2, a spiritual successor to the original Doom series."

An anonymous reader quotes a report from Ars Technica: Miscreants are actively exploiting two new zero-day vulnerabilities to wrangle routers and video recorders into a hostile botnet used in distributed denial-of-service attacks, researchers from networking firm Akamai said Thursday. Both of the vulnerabilities, which were previously unknown to their manufacturers and to the security research community at large, allow for the remote execution of malicious code when the affected devices use default administrative credentials, according to an Akamai post. Unknown attackers have been exploiting the zero-days to compromise the devices so they can be infected with Mirai, a potent piece of open source software that makes routers, cameras, and other types of Internet of Things devices part of a botnet that's capable of waging DDoSes of previously unimaginable sizes.

Akamai researchers said one of the zero-days under attack resides in one or more models of network video recorders. The other zero-day resides in an "outlet-based wireless LAN router built for hotels and residential applications." The router is sold by a Japan-based manufacturer, which "produces multiple switches and routers." The router feature being exploited is "a very common one," and the researchers can't rule out the possibility it's being exploited in multiple router models sold by the manufacturer. Akamai said it has reported the vulnerabilities to both manufacturers, and that one of them has provided assurances security patches will be released next month. Akamai said it wasn't identifying the specific devices or the manufacturers until fixes are in place to prevent the zero-days from being more widely exploited.

The Akamai post provides a host of file hashes and IP and domain addresses being used in the attacks. Owners of network video cameras and routers can use this information to see if devices on their networks have been targeted. [...] In an email, Akamai researcher Larry Cashdollar wrote: "The devices don't typically allow code execution through the management interface. This is why getting RCE through command injection is needed. Because the attacker needs to authenticate first they have to know some login credentials that will work. If the devices are using easy guessable logins like admin:password or admin:password1 those could be at risk too if someone expands the list of credentials to try." He said that both manufacturers have been notified, but only one of them has so far committed to releasing a patch, which is expected next month. The status of a fix from the second manufacturer is currently unknown. Cashdollar said an incomplete Internet scan showed there are at least 7,000 vulnerable devices. The actual number of affected devices may be higher.

An anonymous reader quotes a report from Ars Technica: This Sunday, November 19, makes a full 25 years since the original Half-Life first hit (pre-Steam) store shelves. To celebrate the anniversary, Valve has uploaded a feature-packed "25th anniversary update" to the game on Steam, and made the title free to keep if you pick it up this weekend. Valve's 25th Anniversary Update page details a bevy of new and modernized features added to the classic first-person shooter, including:

- Four new multiplayer maps that "push the limits of what's possible in the Half-Life engine"
- New graphics settings, including support for a widescreen field-of-view on modern monitors and OpenGL Overbright lighting (still no official ray-tracing support, though-leave that to the modders)
- "Proper gamepad config out of the box" (so dust off that Gravis Gamepad Pro)
- Steam networking support for easier multiplayer setup
- "Verified" support for Steam Deck play ("We failed super hard" on the first verification attempt, Valve writes)
- Proper UI scaling for resolutions up to 3840x1600
- Multiplayer balancing updates (because 25 years hasn't been enough to perfect the meta)
- New entity limits that allow mod makers to build more complex mods
- A full software renderer for the Linux version of the game
- Various bug fixes
- "Removed the now very unnecessary 'Low video quality. Helps with slower video cards' setting"

In addition, the new update includes a host of restored and rarely seen content, including:

- Three multiplayer maps from the "Half-Life: Further Data" CD-ROM: Double Cross, Rust Mill, and Xen DM
- Four restored multiplayer models: Ivan the Space Biker, Proto-Barney (from the alpha build), a skeleton, and Too Much Coffee Man (from "Further Data")
- Dozens of "Further Data" sprays to tag in your multiplayer matches
- The original Half-Life: Uplink demo in playable form

The Top500 organization released its semi-annual list of the fastest supercomputers in the world, with the AMD-powered Frontier supercomputer retaining its spot at the top of the list with 1.194 Exaflop/s (EFlop/s) of performance, fending off a half-scale 585.34 Petaflop/s (PFlop/s) submission from the Argonne National Laboratory's Intel-powered Aurora supercomputer. From a report: Argonne's submission, which only employs half of the Aurora system, lands at the second spot on the Top500, unseating Japan's Fugaku as the second-fastest supercomputer in the world. Intel also made inroads with 20 new supercomputers based on its Sapphire Rapids CPUs entering the list, but AMD's EPYC continues to take over the Top500 as it now powers 140 systems on the list -- a 39% year-over-year increase.

Intel and Argonne are currently still working to bring Arora fully online for users in 2024. As such, the Aurora submission represented 10,624 Intel CPUs and 31,874 Intel GPUs working in concert to deliver 585.34 PFlop/s at a total of 24.69 megawatts (MW) of energy. In contrast, AMD's Frontier holds the performance title at 1.194 EFlop/s, which is more than twice the performance of Aurora, while consuming a comparably miserly 22.70 MW of energy (yes, that's less power for the full Frontier supercomputer than half of the Aurora system). Aurora did not land on the Green500, a list of the most power-efficient supercomputers, with this submission, but Frontier continues to hold eighth place on that list. However, Aurora is expected to eventually reach up to 2 EFlop/s of performance when it comes fully online. When complete, Auroroa will have 21,248 Xeon Max CPUs and 63,744 Max Series 'Ponte Vecchio' GPUs spread across 166 racks and 10,624 compute blades, making it the largest known single deployment of GPUs in the world. The system leverages HPE Cray EX â" Intel Exascale Compute Blades and uses HPE's Slingshot-11 networking interconnect.

The Nepal government has decided to impose a ban on TikTok. From a report on the local newspaper Kathmandu Post: A Cabinet meeting on Monday took the decision to ban the Chinese-owned app, citing its negative effects on social harmony. However, when the decision will be brought into force is yet to be ascertained. Although freedom of expression is a basic right, a large section of society has criticised TikTok for encouraging a tendency of hate speech, the government said. In the past four years, 1,647 cases of cyber crime have been reported on the video sharing app.

The Cyber Bureau of the Nepal Police, Ministry of Home Affairs, and representatives of TikTok discussed the issue earlier last week. Monday's decision is expected to be enforced following the completion of technical preparations. The latest decision has come within days after the government introduced the 'Directives on the Operation of Social Networking 2023.' As per the new rule, social media platforms operating in Nepal required to set up their offices in the country.

Microsoft has decided to axe the Windows Insider MVP program, which is now scheduled to be discontinued at the end of the year. From a report: A Microsoft spokesperson told The Register: "In an effort to consolidate MVP-style programs across Microsoft, we have decided to retire the Windows Insider MVP Program effective December 31, 2023. All our existing Windows Insider MVPs will be nominated to participate in the Microsoft MVP Program which has similar benefits and opportunities to continue networking with us and interacting with many other Microsoft MVPs globally."

The Windows Insider MVPs are usually enthusiasts of Microsoft's wares who are rewarded for their loyalty with access to the engineering teams, complimentary subscriptions to products such as Visual Studio Enterprise and Office 365, as well as the odd paperweight or two. A nomination must come from another MVP or a Microsoft employee to achieve this coveted status. An application is then scrutinized, and if one has demonstrated sufficient passion for all things Microsoft, the nod is given. Microsoft has plenty of Insider programs where users can play with pre-release versions of the company's software.

An anonymous reader quotes a report from TorrentFreak: The head of the Russian department responsible for identifying threats to the "stability, security and integrity" of the internet, has revealed the extent of the Kremlin's VPN crackdown. Former FSO officer Sergei Khutortsev, a central figure in Russia's 'sovereign internet' project, confirmed that 167 VPN services are now blocked along with over 200 email services. Russia is also reported as stepping up measures against protocols such as OpenVPN, IKEv2 and WireGuard. [...]

An in-depth report published by TheIns.ru has details of the monitoring/blocking system reportedly deployed in Russia, how much it costs (4.3 billion rubles/$43 million in 2020, 24.7 billion rubles/$247 million for 2022-2024), and the names of the companies supplying the components. The publication also obtained original documents that apparently show some of the protocols Russia initially intended to block. They include older VPN protocols IPSec, L2TP, and PPTP, plus the BitTorrent protocol still widely used today. The full report on the system, which reveals the use of Intel chips/chipsets in 965 servers manufactured by Huawei and already purchased by Russia, plus another 2400+ servers for 2023/24, is available here.

"For the last two decades, our social networking and social media platforms have been universes unto themselves," writes the Verge's editor-at-large: Each has its own social graph, charting who you follow and who follows you. Each has its own feed, its own algorithms, its own apps, and its own user interfaces (though they've all pretty much landed on the same aesthetics over time). Each also has its own publishing tools, its own character limits, its own image filters. Being online means constantly flitting between these places and their ever-shifting sets of rules and norms. Now, though, we may be at the beginning of a new era. Instead of a half-dozen platforms competing to own your entire life, apps like Mastodon, Bluesky, Pixelfed, Lemmy, and others are building a more interconnected social ecosystem.

If this ActivityPub-fueled change takes off, it will break every social network into a thousand pieces. All posts, of all types, will be separated from their platforms. We'll get new tools for creating those posts, new tools for reading them, new tools for organizing them, and new tools for moderating them and sharing them and remixing them and everything else besides.
He's talking about a decades-old concept called POSSE: Publish (on your) Own Site, Syndicate Everywhere. ("Sometimes the P is also 'Post,' and the E can be 'Elsewhere.' The idea is the same either way." The idea is that you, the poster, should post on a website that you own. Not an app that can go away and take all your posts with it, not a platform with ever-shifting rules and algorithms. Your website. But people who want to read or watch or listen to or look at your posts can do that almost anywhere because your content is syndicated to all those platforms... [Y]our blog becomes the hub for everything, your main home on the internet.
The article argues that for now, "the best we have are tools like Micro.blog, a six-year-old platform for cross-posters." But the article ultimately envisions a future with not just new posting tools, but also new reading tools "with different ideas about how to display and organize posts."

VentureBeat reports: Thursday San Francisco-based Oxide, a startup founded by computing experts from Joyent and Dell, launched what it calls the world's first "commercial cloud computer," a rack-scale system that enterprises can own to reap the benefits and flexibility of cloud computing on-premises, right within their data center. The company believes the new offering can finally put an end to the "cloud vs on-prem" dilemma enterprises face while setting up their infrastructure...

It also announced $44 million in a series A round of funding, led by Eclipse VC with participation from Intel Capital, Riot Ventures, Counterpart Ventures and Rally Ventures. Oxide plans to use this money to accelerate the adoption of its cloud computer, giving teams a new, better option to serve their customers... The round brings Oxide's total financing raised to date to $78 million.
Since 2019 Oxide has thrown a team of 60 technologists at the problem — and Thursday, Oxide also revealed an impressive list of current customers: There's the U.S. Department of Energy — specifically its Idaho National Laboratory (which has historically been involved in nuclear research) — as well as "a well-known financial services firm". Oxide also announced that within just a few months, there'll be additional installments at multiple Fortune 1000 companies. And beyond that, Oxide is also boasting that they now have "a long wait list of customers ready to install once production catches up with demand...."

Will Coffield, a partner at Riot Ventures, quipped that Oxide had "essentially wrapped all the hopes and dreams of a software engineer, IT manager, and a CFO into a single box...." Steve Tuck, CEO and co-founder of Oxide, pointed out that cloud computing "remains restricted to a centralized, rental-only model." There are many reasons why an enteprise might want to own their infrastructure — security, reliability, cost, and response time/latency issues — and as Tuck sees it, "the rental-only model has denied them modern cloud capabilities for these use cases.

"We are changing that."
Earlier this year on the Software Engineering Daily podcast, CTO/co-founder Bryan Cantrill remembered that when doing their compliance testing, "The folks at the compliance lab — they see a lot of servers — and they're like, 'Are you sure it's on?' Because it's so quiet!" (This June article notes that later on the podcast Cantrill argued that the acoustics of today's data centers are "almost like an odor. It is this visceral reminder that this domain has suffered for lack of real systemic holistic thinking...")

Oxide's press packet lays out other advantages for their servers. "Power usage is 2x efficient, takes up half the space, and can be up and running in just four hours instead of three months."

Google Fiber plans to upgrade some users to 20Gbps service by the end of the year. Ars Technica reports: Google's Wednesday blog post calls this part of a "GFiber Labs" experiment and says the service "will initially be available as an early access offering to a small group of GFiber customers in select areas." The 20Gbps service is made possible by new networking gear: Nokia's 25G PON (passive optical network) technology, which lets Internet service providers push more bandwidth over existing fiber lines. Google says it's "one of the first" ISPs to adopt the technology for consumers, though at least one other US ISP, the Tennessee provider "EPB," has rolled out the technology. Customers will need new networking gear, too, and Google says you'll get a new fiber modem with built-in Wi-Fi 7.

Fierce Telecom spoke with Google's Nick Saporito, head of product at Google Fiber, who said, "We definitely see a need" for 20Gbps service. For now, Saporito says the service is "a very early adopter product," but it will eventually roll out "in most, if not all, of our markets." According to that Fierce report, Fiber is built on Nokia's "Quillion" Fiber platform, which is upgradable, so Google only needed to "plug in a new optical module and replace the optical network terminal on the end-user side" to take its 5 and 8Gbps infrastructure to 20Gbps.

There's no word yet on the price or which utopian Google Fiber cities will get access to the 20Gbps service, but Google has already run trials in Kansas City, Missouri. Currently, Google Fiber costs $70 for 1Gbps and $150 for 8Gbps. Interested customers can sign up for early access at this link.

NASA is demonstrating laser communications on multiple missions -- showcasing the benefits infrared light can have for science and exploration missions transmitting terabytes of important data. NASA: The International Space Station is getting a "flashy" technology demonstration this November. The ILLUMA-T (Integrated Laser Communications Relay Demonstration Low Earth Orbit User Modem and Amplifier Terminal) payload is launching to the International Space Station to demonstrate how missions in low Earth orbit can benefit from laser communications. Laser communications uses invisible infrared light to send and receive information at higher data rates, providing spacecraft with the capability to send more data back to Earth in a single transmission and expediting discoveries for researchers.

Managed by NASA's Space Communications and Navigation (SCaN) program, ILLUMA-T is completing NASA's first bi-directional, end-to-end laser communications relay by working with the agency's LCRD (Laser Communications Relay Demonstration). LCRD launched in December 2021 and is currently demonstrating the benefits of laser communications from geosynchronous orbit by transmitting data between two ground stations on Earth in a series of experiments. Some of LCRD's experiments include studying atmospheric impact on laser signals, confirming LCRD's ability to work with multiple users, testing network capabilities like delay/disruption tolerant networking (DTN) over laser links, and investigating improved navigation capabilities.

A critical vulnerability that hackers have exploited since August, which allows them to bypass multifactor authentication in Citrix networking hardware, has received a patch from the manufacturer. Unfortunately, applying it isn't enough to protect affected systems. ArsTechnica: The vulnerability, tracked as CVE-2023-4966 and carrying a severity rating of 9.8 out of a possible 10, resides in the NetScaler Application Delivery Controller and NetScaler Gateway, which provide load balancing and single sign-on in enterprise networks, respectively. Stemming from a flaw in a currently unknown function, the information-disclosure vulnerability can be exploited so hackers can intercept encrypted communications passing between devices. The vulnerability can be exploited remotely and with no human action required, even when attackers have no system privileges on a vulnerable system.

Citrix released a patch for the vulnerability last week, along with an advisory that provided few details. On Wednesday, researchers from security firm Mandiant said that the vulnerability has been under active exploitation since August, possibly for espionage against professional services, technology, and government organizations. Mandiant warned that patching the vulnerability wasn't sufficient to lock down affected networks because any sessions hijacked before the security update would persist afterward.

Computer networking company Sandvine has scrapped an effort to sell US law enforcement agencies a controversial internet surveillance technology that tracks encrypted messages and laid off most of the employees involved in the initiative, Bloomberg News reported Friday, citing four people with knowledge of the matter. From the report: Sandvine had pitched the new product, called "Digital Witness," to governments and law enforcement agencies in Europe, the Middle East, Asia and North America. It was marketed as a tool to covertly monitor people's internet use and encrypted messages sent using popular applications such as Meta Platform's WhatsApp and Signal, according to the people, who asked not to be identified to discuss confidential matters.

Sandvine had already provided trial versions of the technology in the US, these people said. But a combination of broader economic woes and lingering concern over the company's previous work with authoritarian governments hindered the product's success, the people said. Sandvine declined to comment when asked about Digital Witness. The company's marketing materials indicate the product is sold only to law enforcement and government agencies, and it is still listed on Sandvine's website.

An anonymous reader quotes a report from ZDNet: Microsoft's proprietary protocol, Remote Network Driver Interface Specification (RNDIS), started with a good idea. It would enable hardware vendors to add networking support to USB devices without having to build them from scratch. There was only one little problem. RNDIS has no security to speak of. As Greg Kroah-Hartman, the Linux Foundation fellow responsible for stable Linux kernel releases, wrote in November 2022 on the Linux Kernel Mailing List (LKML), "The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on any system that uses it with untrusted hosts or devices. Because the protocol is impossible to make secure, just disable all RNDIS drivers to prevent anyone from using them again."

He added, in another message, "The protocol was never designed to be used with untrusted devices. It was created, and we implemented support for it, when we trusted USB devices that we plugged into our systems, AND we trusted the systems we plugged our USB devices into." That's no longer the case. Kroah-Hartman concluded, "Today, with untrusted hosts and devices, it's time just to retire this protocol. As I mentioned in the patch comments, Android disabled this many years ago in their devices, with no loss of functionality."

[...] But now, sick and tired of having a built-in Windows security exploit in Linux, Kroah-Hartman has decided that enough was enough. He's disabled all the RNDIS protocol drivers in Linux's Git repository. That means that while the RNDIS code is still in the Linux kernel, if you try to build Linux using this new patch, all your RNDIS drivers will be broken and won't build. This is one step short of purging RNDIS from Linux.