Dave’s Answer:

You’re right, you’ve become a good network citizen, and just in time. Cities are starting to establish laws that define leeching off another person’s wireless wifi network without permission as an illegal act of theft. How you’d get caught I don’t know, but you can imagine that from the other party’s point of view, it’d be alarming if you were, say, pirating movies and it was their computer network that was tagged!

Like many other computer systems (think Windows Vista, for example) the Mac OS X system is smart and tries to simplify your life by remembering what you’re doing and automate the process subsequently. Sometimes that’s a pain.

What happened was that you have a setting in your “Network” System Preferences that tells your computer to remember networks you’ve joined and prefer them over new ones that it hasn’t seen before. Since your neighbor’s network is now marked as a “preferred” network, well, you know the problem you’re seeing!

I actually had a similar problem in a hotel room during the Consumer Electronics Show recently, where the first night I was there I used the hotel network “Encore – Rooms – Wireless”, but then set up a wireless router so my roommate and I could share a single connection.

In the pull-down menu from the wifi icon on the menu bar, I saw this:

The shortcut to get the right spot to change or forget the preferred wireless network can be reached by choosing “Open Network Preferences…” at the bottom of that menu, which takes you here:

Don’t worry about what network it shows you as connected to at this point. You want to click on the “Advanced” button:

Now scroll down and find the network in question. It’ll be somewhere on the list:

Click on the “-” button and that wifi network is no longer on the preferred list. Also notice that right below it is the option to “Remember networks this computer has joined”: if you want to choose a network each and every time just unselect it.

Done? Just click on the red button on the top left and it’ll ask if you want to save the changes:

That’s all there is to it. Good luck, and thanks for not stealing bandwidth.

Comments

I recently spoke with Statton Hammock, Senior Director, Law, Policy & Business Affairs, of Network Solutions, about invalid WHOIS data and how Network Solutions deals with invalid WHOIS on domain names. asked Mr. Hammock if Network Solutions has you ever suspended or deleted a domain name due to invalid WHOIS information on a customer’s domain. Here is what Network Solutions said:

Yes. Network Solutions investigates all allegations of invalid WHOIS information on domains under our management, and has suspended names when the registrant fails to respond to notices that they are in violation of contractual obligations.

I then asked Network Solutions if they have ever suspended or deleted a domain name due to an email address listed in the WHOIS bouncing or being invalid? Even though the other information on the WHOIS is correct?

Mr. Hammock commented, “If we receive a complaint that a domain’s listed email address is invalid and the customer does not respond to our requests via other channels to correct the data, the name will be suspended. Once inactive, the customer very often contacts our customer service department, corrects the inaccurate information, and the domain name is restored.”

According to Network Solutions, they “believe that some exaggerate the magnitude of the invalid WHOIS data issue. ICANN’s own research has shown that approximately 80% of the registrants studied were located or accurately provided deliverable addresses. In fact, we support the positions articulated by the Registrar Stakeholder Group’s public comments on ICANN’s Draft Report on WHOIS Accuracy (see http://forum.icann.org/lists/whois-accuracy-study/msg00019.html).

Network Solutions also told me that “Network Solutions supports the Registrar Stakeholder Group’s positions articulated in public comments on ICANN’s Draft Report on WHOIS Accuracy, including that “ICANN focus its resources on improving and publicizing awareness of the WDPRS [WHOIS Data Problem Reporting System] rather than commissioning expensive research into further WHOIS accuracy studies which lead to unrealistic and cost prohibitive conclusions.””.

Godaddy also had some comments about about invalid WHOIS . I spoke with Camille Ede, Go Daddy Director of Domain Services. According to Ms. Ede, “When Go Daddy receives a complaint of invalid WHOIS information, we launch an investigation. If we find the WHOIS information to be invalid, we contact the customer and ask him or her to update the information. If the information is not updated within 8 days, Go Daddy places the domain name on “Registrar Hold” (which suspends the domain name). If this happens, a reminder goes out to the customer to update his or her information. On the 15th day, if the information is still not updated, Go Daddy sends another reminder to the customer. The domain name then remains suspended until the customer makes the update.”

Camille also went on to say that “Per ICANN rules, the email address listed in the WHOIS information is required to be valid. Therefore, if the email address is invalid Go Daddy would take steps to suspend the domain name. However, if the email bounced due to a storage issue, then Go Daddy would take additional steps to validate the information before taking any action.”

I specifically asked Camille Ede whether Godaddy considers invalid WHOIS data to be a common problem or is it fairly minor at this point. She said, “Yes, invalid WHOIS data does appear to be a common problem. Go Daddy has a dedicated, 24/7 staff who deal specifically with these types of complaints in order to ensure that our customers are compliant with ICANN requirements.” She also went on to say that “All registrars should follow ICANN’s policy and actively investigate all invalid WHOIS complaints.”

So, at this point, I do believe that invalid WHOIS complaints are still an issue that needs to be addressed. Many domain owners do not take this issue seriously enough and realize that it is very important to keep your WHOIS data up to date: it must be accurate or you risk losing your domain names. In the case of Nikki Craft, it appears that the WHOIS data that was not accurate was an email address. Upon notification that this was the case, Ms. Craft told me that she corrected the issue and provided an up-to-date email address. But the registrar, Gandi.net, took their time to correct the issue; just before the 15th day they released the domain names back to Ms. Craft, who was able to then move the domains to another registrar.

If you have not done so recently, take a look at your domain names’ WHOIS record. Make sure the data is accurate. If it’s not, then correct it. Trust me, it is not worth the hassle to lose your domain names because of invalid WHOIS data. Just ask Nikki Craft.

Comments

Firesheep is a Firefox add-on that does the hacker’s work for any laymen computer user. By sniffing the unencrypted data in wireless networks, Firesheep grabs users’ authentication cookies from thin-air, and then does the necessary work to allow an user to utilize these cookies to gain unauthorized access to website accounts. This process is nothing new, and is just one of the many perils of the unsecured wifi network. Although this plugin appears to have been developed for awareness purposes, it will now give additional people the capability to cause serious harm. Not all sites can be hacked in this way, but a long list of sites that can be are found in the options menu of the plugin. This same options menu allows additional sites to be configured given the proper information.

Although computer users can easily do things to combat these issues on unsecured wireless networks (VPN), there are still a vast majority of unaware computer users that would see no problem with using an unsecured wireless network. Giving the ability to a larger base of evil doers to exploit these computer users is not a good thing. Although sites like Facebook may eventually put in place authentication and session methods to combat this particular security issue, this tool still equips malicious users the ability to do damage now until that point and on other/future sites that fail to make changes themselves.

This also brings up the question: is it a website’s or user’s responsibility to make the connection between them secure? How far does the obligation of either party to foster this secure connection reach?

In Certification Magazine, Brett Chambers, IT director for Purdue University’s College of Liberal Arts, indicates a trend for 2010 that clearly shows that “there will be an ongoing push to consolidate resources, justify costs and centralize complexity … new investments need to be made in server infrastructure and virtualization technology to support these changes.” He says more people are needed “that understand virtualization and how to get the most out of server hardware for the least expense.” Once the new infrastructure is in place however, there will be less machines to oversee. More of the hardware will be abstracted into software. Chambers stresses that by deciding to move to virtualized hardware is not without its risks to network engineers and “working ourselves out of a job, because you don’t need as many people to manage as many servers as you once had.”

The push for Virtulization technologies and the business generated by the new need is echoed by Wall Street as evidenced by Alan R. Elliott. On the Investor’s Business Daily Investors.com, he reports that the rise in stock prices held by the Computer-Networking industry group and the stocks of those like Cisco, Riverbed Technology, and Blue Coat Systems reflect the increasing need for virtualization technologies and the cloud computing made possible because of those technologies.

Take notice; more companies look toward virtualization technologies to primarily save money. After the initial investment in virtualization, the return on investment is that they won’t need as much maintenance and can be much more flexible in their service offerings.

Mr. Nichols’ suggests that ISPs should take the initiative and restrict access to those users who appear to be infected with malware, viruses, etc. He points out that Comcast has begun to notify their users when suspected of being infected. However, Comcast is the poster child for what happens when you impede the openness of the Internet. In case you missed it, they got into hot water when they restricted peer-to-peer file transfers on their network. Thus, it comes to no surprise that although Comcast may be thinking in parallel with Steven. Unlike Steven, Comcast knows firsthand the ramifications of going beyond simply notifying users of their infection.

A pillar upon which the Internet stands is freedom/open use. However, there is no legal entity over the Internet, and thus no governing body on which to create and enforce laws. Because of this, the Internet has often been compared to the Wild West. It’s a solid comparison. Like the Wild West, we are generally responsible for protecting our own property and health. There are a lot of uneducated Internet users that do not adequately protect themselves from malware and other malicious software. Should we round all these people up and quarantine them? What did they do wrong to deserve this, other than simply being unaware that their actions would lead to their infection?

It’s not an issue of whether or not these people should be allowed to be online and contribute the spread of malicious code and general evil-doing. The issue is that the Internet is an open and free environment, and we should maintain that at all costs. Let us utilize the tools and practices available to keep ourselves clean, and then educate and equip the malware ignorant masses of the same. There should be no bar to measure up against when it comes to riding the Internet.

The software that provides this functionality is called GNS3. A new version of the open source software application, GNS3, was recently released. GNS stands for Graphical Network Simluator; and that is exactly what it does. In conjunction with the other open source applications, Dynamips, Dynagen, and Qemu, GNS3 combines the software into a workable model that enables a system administrator or application developer to design complex network topologies are actually as usable as a real physical network. The application also depends on the different real router and switch firmwares such as Cisco’s IOS, and JunOS. By using actual router binaries, GNS3 allows real-world results thereby providing a software simulation to the closest approximation of how the real network will respond. The software supplies a graphical representation of the network topology with configuration information, and real packets can be sent to different destinations.

Using GNS3, the graphical network simulator, a system administrator or developer gains the inhuman ability to create and test against a virtual network as if it were a real physical network. New network configurations can be scrutinized before the hardware is installed. New software can be debugged without touching the real network. GNS3 opens up the possibility of checking the real impact of network designs before laying out the hardware.

Here’s why IT decision makers shouldn’t ignore Red Hat’s submission of the cloud neutral Deltacloud cloud API to the Distributed Management Task Force (DMTF) and Apache Software Foundation.

Deltacloud sputtered under a single vendor’s control
Deltacloud was announced nearly a year ago at the 2009 Red Hat summit. Brian Stevens, CTO and VP, Engineering at Red Hat described Deltacloud’s goal:

The goal is simple. To enable an ecosystem of developers, tools, scripts, and applications which can interoperate across the public and private clouds.

Today each infrastructure-as-a-service cloud presents a unique API that developers and ISVs need to write to in order to consume the cloud service. The Deltacloud effort is creating a common, REST-based API, such that developers can write once and manage anywhere.

A cloud broker if you will, with drivers that map the API to both public clouds like EC2, and private virtualized clouds based on VMware and Red Hat Enterprise Linux with integrated KVM.

Red Hat’s approach was simple and seemingly appealing enough. Write to the Deltacloud APIs and your workloads can be ported across any cloud provider’s infrastructure that Deltacloud is able to interoperate with. However, the prospects of trading cloud provider API lock-in for Red Hat API lock-in wasn’t an appealing prospect for potential Deltacloud adopters. Whether “The World’s Open Source Leader”, as Red Hat bills itself, or not, lock-in is lock-in.

Choosing open standards & open source for Deltacloud
Red Hat wisely decided to contribute their Deltacloud API implementation to an independent third party, the Apache Software Foundation. By moving the implementation to an Apache Incubator project earlier this summer, the Deltacloud project is no longer saddled with the chains of a single vendor controlled open source project. This in turn has made it easier for multiple vendors to consider adopting and contributing to the Deltacloud project.

Red Hat appears to be following the standardization through implementation approach, and has submitted the Deltacloud API specifications to DMTF cloud standards body.

Regardless of how successful Red Hat’s cloud and PaaS business results are, they will likely pale in comparison to the customer value enabled should Deltacloud become a widely adopted industry standard.  By leveling the cloud workload portability playing field, Red Hat is enabling other vendors to compete based on the quality and completeness of their PaaS offering rather than portability itself.

It’s encouraging to see that Deltacloud already allows a high level of portability across six different cloud providers, with support for two more providers on the way.

Bryan Che, Red Hat cloud product manager, explained the Deltacloud announcement:

We do not want Deltacloud to be under the control of any one particular vendor, including Red Hat. If you want true interoperability and true portability, you need a third-party governance structure.

On the other end of the spectrum are vendors such as Eucalyptus that have decided to adopt Amazon EC2′s APIs. Marten Mickos, Eucalyptus CEO explains:

We believe the Amazon API is becoming the industry standard, and that many companies will follow it.

Choosing defacto standards vs. open standards
Deltacloud’s success as the standard for controlling cloud operations is far from guaranteed. In the same token, Amazon’s EC2 API remaining the defacto standard is not guaranteed as cloud usage shifts from early adopters to the mainstream enterprise market. Enterprises have been increasingly educated to demand open standards for which multiple implementations exist. IT decision makers must weigh the short term benefit of adopting a cloud specific API, such as Amazon’s EC2 API, versus the long term benefit of a cloud agnostic API such as Deltacloud.

Comments

Network neutrality is the philosophy that all things related to the network of the internet be neutral, i.e. unregulated. In a completely neutral network, there would be no regulations on what can connect to that network and what data can be transferred across that network. This is the environment in which the Internet has grown in and thrived upon, and thus the environment that most Internet purists strive to maintain.

However, the issue with this idea of neutrality is the Internet is now a vessel of capitalism. Capitalism revolves around the creation and protection of wealth. Therefore, it has become in the best interests of many players in this industry to begin to protect their wealth. An example of where this protection of this wealth clashes against net neutrality is the Comcast and BitTorrent issues. As you may recall, Comcast began capping the rates at which their subscribers could use BitTorrent transfers. In Comcast’s defense, it was a matter of protecting their services for all their subscribers. The bandwidth required to support BitTorrent had never existed previously, and was a strain Comcast was not ready to support. On the net neutral end of things, what gave Comcast the right to dictate what John Q. Public could or could not do on the Internet?

Like many political documents, Google and Verizon attempt to avoid clearly defining their stance on net neutrality. It doesn’t appear that Google and Verizon intentionally sought any policies to hinder net neutrality, but by omitting language to specifically foster net neutrality, they opened the flood gates of opposition. For example, a specific clause of “Network Management” was introduced, encouraging the right of an ISP to “engage in reasonable network management.” This clause was skillfully crafted in such a manner to ride the fence of net neutrality. If this was a legal language that existed when Comcast decided to control BitTorrent usage, the outcome of that situation would not have been any more clearly defined than it was without this kind of guideline.

Google’s position shown in this document, is somewhat of an identity crisis. Google’s lifeline is this free and open Internet. However, Google must work with the other big players in the net to create a framework in which Google’s capital interests can be protected. It will be interesting to continue to follow how and what legal entities get involved. One thing is for certain: despite any goodwill shown by any of the parties involved, network neutrality is at risk.

See also:

http://googlepublicpolicy.blogspot.com/2010/08/joint-policy-proposal-for-open-internet.html

http://googleblog.blogspot.com/2010/08/facts-about-our-network-neutrality.html

What does this new standard mean for the IT industry? The intent of this standard was to support faster connection speeds for server-to-server operations, so don’t expect to be purchasing a 40 Gb/s router and NIC from your local electronics retailer anytime soon. In fact, the IEEE 802.3ba task force specifically recognized that the current 10/100/1000 Mb/s was appropriate for most implementations of LANs, but that the current 10,000 Mb/s standard was lacking for larger server and network implementations, including the backbone of the Internet.

This new standard doesn’t call for or utilize any new media technologies, but rather simply outlines the necessary procedures and protocols to follow when utilizing these connection speeds over existing optical and copper line technologies. The new standard also works with the existing IEEE 802.3 standards, and thus will not require a major overhaul of equipment or infrastructure to implement.

This standard will surely help the US government’s Broadband Plan (http://www.broadband.gov), which aims to provide broadband to all US homes. In particular, a large section of US homes are targeted to reach 100 Mb/s connections and all libraries, schools, and hospitals should reach speeds of 1 Gb/s.

With the continuing push and market trend to cloud services and large scale web applications, expect to see a fast availability and adoption of products and services utilizing these much needed connection standards.

For a more detailed information, you can check out the IEEE 802.3ba Task Force’s page here: http://grouper.ieee.org/groups/802/3/ba/index.html. However, the actual standard itself is only available for purchase. You’ll have to wait six months after release to obtain any of IEEE’s standards for free.

HP says as organizations move to a more virtualized and converged infrastructures, the importance of security is increased. Virtualized environments and their applications are subject to the same threats that impact traditional data centers.

The HP TippingPoint Secure Virtualization Framework (SVF) is a suite of products designed to help prevent network threats from impacting virtualized environments. The TippingPoint Virtual Controller (vController), the first product introduced under the SVF, extends TippingPoint security protection from physical to virtual networks by routing it through an HP TippingPoint N-Platform Intrusion Prevention System (IPS) appliance. The vController prevents security attacks by inspecting all VM traffic as it moves through the network — either between VMs or from VMs to traditional servers.

Additional vController features include:

*Increased network security by extending HP’s automated threat-prevention capabilities to virtual environments.

*Reduced deployment complexity by enabling customers to extend the same processes, tools used in securing their physical environments to their virtual infrastructures.

*Simplified management of network security by providing single-pane-of-glass management, visibility and control across both physical and virtual networks.