1 October 2023 Reading time: ~1 minute

Antique car exhibition and car race

Airplanes display and airshow

2 September 2023 Reading time: ~1 minute

Burghley Cross Country 2024

Burghley Cross Country 2023

28 July 2022 Reading time: 3 minutes

Probably I should have published this news much earlier, but as they say, "better late than never". So here we go: I am delighted to announce that Metro Ethernet Forum (MEF) formally issued Draft Release 1 of MEF Secure SD-WAN Certification Test Requirements (MEF 131). As a nominated editor, I was leading this project for a year, and happy to see that now it has been released.

A quick intro to SD-WAN: it is an acronym for Software-Defined Wide Area Networking. It is a networking paradigm that promises to change the way we think about networking. In a nutshell, SD-WAN technology is a software-defined solution that allows the network to be centrally managed. This leads to a whole new way of designing, deploying and managing the network that is less complex, more flexible, and more user-friendly. The SD-WAN solutions are based on a suite of software and hardware components and can be deployed on various platforms and technologies. SD-WAN delivers a flexible and cost-effective infrastructure to support a unified data centre in the cloud where all applications and servers can reside and interconnect with the network and each other, resulting in lower Total Cost of Ownership and simplified network architectures. At the same time, it is important to know that the last thing you want is when yours or your customers’ data is compromised due to an insecure network, so it is imperative to have a clear understanding of how SD-WAN should be secured before going live.

Now a bit more about the document. MEF 131 describes the certification test requirements needed to verify that a service conforms to MEF 88, which outlines requirements for Application Flow Security for SD-WAN Services. The requirements in MEF 88 have been analyzed to determine which ones are valuable and testable, and this standard outlines the certification test requirements for those requirements. This standard also includes the ACTP Test Plan and ACTP Test Report, which specify the detailed test requirements and test cases, respectively. MEF 88 requirements were mapped to a set of Test Cases:

Each Test Case can cover one or more MEF 88 Requirements. This is possible due to the fact that each Test Case can have one or more Tests. There is no mandatory direct relationship between the number of Tests and related Requirements, as one Test can cover more than one MEF 88 Requirement. 

It was a very interesting project, and I am happy to have a chat with you if you want to know more about it and also learn a thing or two about the cybersecurity of SD-WAN. 

So the document is publicly available, and I think it is a good time to say thank you for the tremendous support: my colleagues from Spirent Communications and also from MEF members.

[The article is also published on LinkedIn]

3 March 2022 Reading time: 3 minutes

You know, I don't write about politics. On the contrary, I stay away from it as far as possible. But maybe this is the time to break the rule, so let me share a few thoughts.

Two days ago, I was attending the Mobile World Congress in beautiful Barcelona. While walking amongst hundreds of much-too-much overexcited geeks, businessmen and demonstrations of all the unimaginable advances of the "technologies of tomorrow," one thought came to me: what all of it is worth if there is no tomorrow? It was such a strange, surreal feeling. Like being on the stage of the beginning of an apocalyptic movie, where everything looks completely fine, but the viewer is already anticipating that actually, the peace is hanging on a very thin thread...

We are a generation of people who do not know war. If we hear about wars, it is only a bunch of pictures on our TV screen. They are so far from us, so it all looks completely harmless. It does not resonate much inside with anything we've ever experienced before. "These are someone else's problems," we think and continue drinking our morning coffee. Well, it seems we all are in a bit different situation now. And if this situation is not resolved - I am afraid there will be no 5G, no augmented reality, no smart and self-driving cars and mobile phones. The whole civilised humanity will rapidly tumble down from the higher levels of Maslow's pyramid to the very bottom, where we will face nothing but endless basic survival.

Whether we like it or not, it seems the faith of the future might be decided on the streets and fields of the country, which (what an irony!) is the largest in Europe, but not everyone in the world could have pointed at on the map. But now everyone can. Because it is so much clear now that Ukrainians are not fighting only for their motherland. It's about all of us. So we can live in peace, continue to develop science, advance technology and, first of all: so nobody on Earth will ever be afraid of tomorrow.

Many say that these days "information is a weapon". And this type of support is also what Ukraine desperately needs. The global tech industry and hundreds of IT activists are already helping and supporting the freedom of information, which is phenomenal. I think this is desperately needed on both sides of the barricade. I also think it is very important that not only the giants of the tech industry but all of us: IT business professionals, not stay aside from the situation. We all should do what we can to support by any means the fight for the freedom of Ukraine. It's not their fight. It's our fight. Fight the future of the whole civilised world: the world of peace, the world as we really want it to be. 

[The article is also published on LinkedIn]

1 February 2021 Reading time: ~1 minute

The story is short: I am de-registering my Kindle Paperwhite from Amazon and this is what see during the process:

I was genuinely astonished when I saw this question. So is there anybody who can enlighten me: why on earth does Amazon store in the cloud my private WiFi passwords? Ok, I understand that maybe (I said: maybe) there is some genuine reason to keep all the details about what I read, how quickly, how often I turn pages and at what time I switch on or off the backlight. But storing my WiFi passwords in the cloud? How much it does "enhance" my user experience? Should I ask another question: did I allow this? (Oh my bad, probably it is somewhere on page 543 in T&Cs.)

[The article is also published on LinkedIn]

6 October 2020 Reading time: ~1 minute

An overview of vulnerabilities in hardware devices (in this case: it's a home router) and an illustration of the hacker's/pentester's approach to security analysis and exploitation of embedded/IoT devices.