Computer security costs money. It costs more to develop secure software, and there’s an ongoing maintenance cost to patch the remaining holes. Spending more time and money up front will likely result in lesser maintenance costs going forward, but too few companies do that. Besides, even very secure operating systems like Windows 10 and iOS have had security problems and hence require patching. (I just installed iOS 10.3.2 on my phone. It fixed about two dozen security holes.) So — who pays? —CircleID
The AtSea Shop is an example storefront application that can be deployed on different operating systems and can be customized to both your enterprise development and operational environments. In my last post, I discussed the architecture of the app. In this post, I will cover how to setup your development environment to debug the Java REST backend that runs in a container.
I used the Spring Boot framework to rapidly develop the REST backend that manages products, customers and orders tables used in the AtSea Shop. The application takes advantage of Spring Boot’s built-in application server, support for REST interfaces and ability to define multiple data sources. Because it was written in Java, it is agnostic to the base operating system and runs in either Windows or Linux containers. This allows developers to build against a heterogenous architecture.
The AtSea project uses multi-stage builds, a new Docker feature, which allows me to use multiple images to build a single Docker image that includes all the components needed for the application. The multi-stage build uses a Maven container to build the the application jar file. The jar file is then copied to a Java Development Kit image. This Continue reading
Recently Akamai published an article about CLDAP reflection attacks. This got us thinking. We saw attacks from Conectionless LDAP servers back in November 2016 but totally ignored them because our systems were automatically dropping the attack traffic without any impact.
We decided to take a second look through our logs and share some statistics about reflection attacks we see regularly. In this blog post, I'll describe popular reflection attacks, explain how to defend against them and why Cloudflare and our customers are immune to most of them.
Let's start with a brief reminder on how reflection attacks (often called "amplification attacks") work.
To bake a reflection attack, the villain needs four ingredients:
The general idea:
A good bit has been written about the recent WannaCry outbreak over the last few weeks; rather than stringing the best out through Worth Reading posts, I have collected the three best posts on the topic here.
There are a number of takeaways and lessons to learn from the far-reaching attack that we witnessed. Let me tie those to voluntary cooperation and collaboration which together represent the foundation for the Internet’s development. The reason for making this connection is because they provide the way to get the global cyber threat under control. Not just to keep ourselves and our vital systems and services protected, but to reverse the erosion of trust in the Internet. —CircleID
Over the weekend a cyber attack known as “WannaCry” infected hundreds of computers all over the world with ransomware (malware which encrypts your data until you pay a ransom, usually in Bitcoin). The attack takes advantage of an exploit for Windows known as “EternalBlue” which was in the possession of NSA and, in mid April, was made public by a group known as “The Shadow Brokers.” Microsoft issued a patch for the vulnerability on March 14 for all supported versions of Windows (Vista and Continue reading
The term software defined storage is in the new job title that Eric Barton has at DataDirect Networks, and he is a bit amused by this. As one of the creators of early parallel file systems for supercomputers and one of the people who took the Lustre file systems from a handful of supercomputing centers to one of the two main data management platforms for high performance computing, to a certain way of looking at it, Barton has always been doing software-defined storage.
The world has just caught up with the idea.
Now Barton, who is leaving Intel in the …
SD-WAN Go will complement Silver Peak's SD-WAN offering sold by Masergy.
As businesses continue their migration to the cloud, the issue of monitoring the performance and health of their applications gets more challenging as they try to track them across both on-premises environments and in both private and public clouds. At the same time, as they become more cloud-based, they have to keep an eye on the entire stack, from the customer-facing applications to the underlying infrastructure they run on.
A Health Check For Code And Infrastructure In The Cloud was written by Jeffrey Burt at The Next Platform.
That is how CPUs got their name, after all. And perhaps this is a good time to remind everyone that systems used to be a collection of different kinds of compute, and that is why the central compute complex in an IBM System/360 was called the main frame. There were other frames, and in the case of RISC processors at IBM, the original 801 RISC chip that underlies half of its systems business today was commercialized as a controller for mainframe disk controllers. The Xeon processor that now dominates the datacenters of the world made a three-decade long jump off our desks. —The Next Platform
In-house trial delivered 80 Gb/s aggregate bandwidth over a single fiber strand.