I’ll be tweeting from thew APNIC 52 conference this afternoon, starting shortly at 1300 AEST. Program at conference.apnic.net/52/program/sch…. Follow or mute #APNIC52 as you prefer.
Gaurab Raj Upadhaya is saying that in the last 18 months, i.e. the pandemic times, APNIC has seen more internet traffic than ever before. As you might imagine. I hope we get to see some graphs later. #APNIC52
The keynote by Kathleen Moriarty, CTO for the Center for Internet Security, is a curious topic. “Role of Service Providers in Transforming Security”. Curious ’cos as service providers try to make the whole thing encrypted all the way down, governments don’t want that. #APNIC52 
This is why we have a 3.5 million deficit in cyber workers globally. We’ve architected our networks with all these components, and there has to be an employee looking at each of these things. #APNIC52
Major organisations are typically taking eight threat intelligence feeds because they’re afraid of missing an indicator, which means they have all the alerts. #APNIC52
“Strong ubiquitous encryption.
This is a major driver that I think can be really a big part of that turning point,” Moriarty says. Heh. #APNIC52
This going to drive IPv6 adoption, she says.
This is a major driver that I think can be really a big part of that turning point,” Moriarty says. Heh. #APNIC52
This going to drive IPv6 adoption, she says.
“Any time I’ve given that explanation and I've gone much deeper, I've gotten a lot of uptake and, you know, within a month I've seen organizations start to transform and adopt IPv6, so it's possible data centric security or zero trust.” (From the Zoom transcript.) #APNIC52
Her big message is that we need “architectural patterns that scale”. These Cybersecurity Best Practices are an example, and you can offer these as a service. #APNIC52
Aside: I just noticed that Zoom is using Otter.ai for the automated transcription. It’s doing a fantastic job. #APNIC52
Moriarty is suggesting that service providers could provide all this stuff for their less capable customers, including automated roll-out of some if it, to those community-agreed baseline configurations. #APNIC52
“If you are asking organizations to sign on to your service you're providing great security benefits, but it takes a really sophisticated person to implement the security policy, as opposed to say, I want level one, level two, [or] level three,” and pay for that. #APNIC52
“It seems that building from a cloud-native architecture was the most logical starting point for working towards zero trust, and not getting overwhelmed with a specific piece. The specific pieces overwhelming you, that might be one to save for later in the journey.” #APNIC52
Someone just asked what end users can do to improve their security. “Patch or systems,” she says. #APNIC52
The inimitable Geoff Huston is kicking off the next session. Expect doom and gloom. #APNIC52
Our moderator is Philip Paeps from the FreeBSD Project. He appears to be a geek of some kind. #APNIC52
Geoff Huston’s gripe today is about network outage reports. #APNIC52
He likes this one from Akamai though, because it explains what went wrong. #APNIC52
“The internet isn't a toy anymore. It's not just, you know, something we do to amuse ourselves when on an otherwise boring day we could be outside playing. The internet's now the foundation of everything lives depend on it." #APNIC52
“Lies don't help anymore. A bit like the airline industry, we actually need to recognize that outages are not just exercising the PR machine, but they're serious threats to what we'd call, public safety.” #APNIC52
Geoff wants to turn the internet into an airplane, I think. Attn: @NewtonMark. #APNIC52
The traits of high-reliability organisations. #APNIC52
Geoff Huston has a blog post on all this outage reporting and blame-free analysis stuff. blog.apnic.net/2021/07/27/opi… #APNIC52
I should also mention that all these sessions are being streamed live on YouTube. Here’s this one. #APNIC52
The book “The Checklist Manifesto: How to Get Things Right” by Atul Gawande is getting a big rap right now. en.wikipedia.org/wiki/The_Check… #APNIC52
Next up is Wataru Saito, “Operating the Network for the Tokyo 2020 Olympic and Paralympic Games”. Totally straightforward, I’m sure. #APNIC52
These slides are at conference.apnic.net/52/assets/file… (PDF) #APNIC52
The frequency management for all this was a thing. #APNIC52
I am hoping this is a transcription error lol. #APNIC52
ASIDE: Another book mentioned in Geoff Huston’s bit was Charles Perot's “Normal Accidents”. #APNIC52
No bureaucracy whatsoever. #APNIC52
Have a timeline. #APNIC52
I must say, Saito-san appears to be not completely insane, even after having run this operation. #APNIC52
Something not showing in the slides PDF but he’s stepping through now is all the virtual LANs they set up over their infrastructure, like this dedicated VLAN for the press. #APNIC52
Eleven thousand wi-fi access points! 20Gbps network usage! (He is scribbling over his slides as he talks.) #APNIC52
Next for me is “Good Bot, Bad Bot: Characterizing Automated Browsing Activity” conference.apnic.net/52/program/sch… #APNIC52
Hah! The system is called Aristaeus, “a system for deploying large numbers of honeysites, i.e., websites that exist for the sole purpose of attracting and recording bot traffic”. #APNIC52
This is a fascinating presentation, but he’s moving through it FAST. Slides at conference.apnic.net/52/assets/file… (PDF) and it’s the first presentation in this video stream #APNIC52
And here’s the paper. “Good Bot, Bad Bot: Characterizing Automated Browsing Activity”. So much cool data in this. securitee.org/files/goodbotb… (PDF) #APNIC52
Next up: “A Year Like No Other: DDoS in a Time of Pandemic” from Roland Dobbins. Slides are at conference.apnic.net/52/assets/file… (PDF) #APNIC52
Ah, this is based on “NETSCOUT THREAT INTELLIGENCE REPORT
DDoS in a Time of Pandemic” netscout.com/threatreport #APNIC52
DDoS in a Time of Pandemic” netscout.com/threatreport #APNIC52
Two of the key slides early up. #APNIC52
Roland is giving some of the data from monitoring Lazarus Bear Armada (LBA), which sounds like a really bad K-Pop group. But it’s not. #APNIC52
He’s powering through the data here. I reckon you could just download the report or watch the video. #APNIC52
And now “Threat hunting using DNS” from Swapneel Patnekar. slides at conference.apnic.net/52/assets/file… and it’s the same video, #APNIC52
I am enjoying the Pyramid of Paid, as so will @jpwarren, but it needs more hexagons. detect-respond.blogspot.com/2013/03/the-py… #APNIC52
This presentation is essentially a walk-through of a bunch of tools to look for anomalies in your DNS traffic, and what you’re likely to see once you do so. Check it out. I choose to not out this much DNS into my head because I did that once and look how I turned out. #APNIC52
I want to know more about the session MC’s earrings. They look very cool indeed. #APNIC52
That’s all for APNIC 52 for me today. There’s one more session but I have some other things to do. There’s links to the YouTube recordings of today’s sessions at conference.apnic.net/52/program/sch…. #APNIC52
@jpwarren Goddammit I missed the typo. :(
• • •
Missing some Tweet in this thread? You can try to
force a refresh
