Steven J. Vaughan-Nichols

Author Archives: Steven J. Vaughan-Nichols

What the Heck Happened to the Internet? Fastly’s Hard Fall and Quick Recovery

Well, wasn’t that fun? On June 8, 2021, many internet users went to their usual sites such as Amazon, Reddit, CNN, or the New York Times and found nothing but an “Error 503 service unavailable” and an ominous “connection failure” note. So, what happened? The Commercial Internet Exchange (CIX) other features became important. In particular, everyone started demanding faster performance and lower latency. The solution? CDNs. These companies, which besides Fastly include market-leader Cloudflare, all use the same basic techniques to speed up the net. They take the data from popular sites and place it in distributed caches in points of presence (PoP) close to consumers. If that sounds familiar to you even if you’re a cloud native developer and not a network administrator there’s a good reason. CDNs were one of the first business models Continue reading

Why Open Source Project Maintainers are Reluctant to use Digital Signatures, Two-Factor Authentication

We all agree that open source development methods help create better code. The Cathedral and the Bazaar,” which explained how the methodology of openness worked in Fetchmail project. But, that’s a general rule. Open source can still be abused by unscrupulous developers. So, why don’t we make sure when a programmer attempts to merge code into a program that they’re really who they say they are, by using two-factor authentication (2FA) or a digital signature? Good question. You might not think this is a real problem. Alas, it is. For example, in 2019 CursedGrabber malware was successfully Linux Foundation’s 2020 FOSS Contributor Survey, when developers were asked if the open source projects Continue reading

Open Policy Agent for the Enterprise: Styra’s Declarative Authorization Service

Open Policy Agent (OPA, pronounced “oh-pa”) for cloud native environments was created, and policy enforcement in code became much more practical. Now, its developers, under their company, new three-tier product offering for Styra Declarative Authorization Service (DAS). Before diving into DAS, though, let’s make sure we’re all on the same page with OPA and policies in general. OPA is an open source, general-purpose policy engine that unifies policy enforcement across the stack. You write these policies in its high-level declarative language Datalog query language. With Rego, you can specify policy as code and create simple APIs to offload policy decision-making from your software. You can then use OPA to enforce policies in microservices, Kubernetes, CI/CD pipelines, API gateways, and more. And, what’s a policy engine you ask?

Say goodbye to MS-DOS command prompt

My very first technology article, back in 1987, was about MS-DOS 3.30. Almost 30 years later, I’m still writing, but the last bit of MS-DOS, cmd.exe — the command prompt — is on its way out the door. It’s quite possible that you have been using Microsoft Windows for years — decades, even — without realizing that there’s a direct line to Microsoft’s earliest operating system or that an MS-DOS underpinning has carried over from one Windows version to another — less extensive with every revision, but still there nonetheless. Now we’re about to say goodbye to all of that. Interestingly, though, there was not always an MS-DOS from Microsoft, and it wasn’t even dubbed that at birth. The history is worth reviewing now that the end is nigh.To read this article in full or to leave a comment, please click here

Say goodbye to MS-DOS command prompt

My very first technology article, back in 1987, was about MS-DOS 3.30. Almost 30 years later, I’m still writing, but the last bit of MS-DOS, cmd.exe — the command prompt — is on its way out the door. It’s quite possible that you have been using Microsoft Windows for years — decades, even — without realizing that there’s a direct line to Microsoft’s earliest operating system or that an MS-DOS underpinning has carried over from one Windows version to another — less extensive with every revision, but still there nonetheless. Now we’re about to say goodbye to all of that. Interestingly, though, there was not always an MS-DOS from Microsoft, and it wasn’t even dubbed that at birth. The history is worth reviewing now that the end is nigh.To read this article in full or to leave a comment, please click here

Containers vs. virtual machines: How to tell which is the right choice for your enterprise

Name a tech company, any tech company, and they're investing in containers. Google, of course. IBM, yes. Microsoft, check. But, just because containers are extremely popular, doesn't mean virtual machines are out of date. They're not. Containers Containers vs. virtual machines: How to tell which is the right choice for your enterprise Do you need a container-specific Linux distribution? Container wars: Interesting times ahead for Docker and its competitors The beginner's guide to Docker Yes, containers can enable your company to pack a lot more applications into a single physical server than a virtual machine (VM) can. Container technologies, such as Docker, beat VMs at this part of the cloud or data-center game.To read this article in full or to leave a comment, please click here

Why you want a bare metal hypervisor and how to choose

Once upon a time, there was nothing but native, or bare metal, hypervisors (a.k.a. virtual machine managers). In the 1980s, I cut my teeth on IBM System/370 mainframes running VM/CMS, but bare metal's history goes all the way back to the 1960s. With bare metal hypervisors, the hypervisor runs directly on the hardware. There is no intervening operating system.To read this article in full or to leave a comment, please click here(Insider Story)

For containers, security is problem #1

I get it. I really do. Containers let data-center and cloud administrators put two to three times more server instances on a given server than they can with virtual machines. That means fewer servers, which means less power usage, which equals -- Ka-ching! -- less spending on your IT budget. What's not to like?MORE ON NETWORK WORLD: 12 Free Cloud Storage options Well, ahem, you see there's this little, tiny problem. It’s unclear just how secure containers are, and there is certainly not much agreement on how to secure them or who will take that on.To read this article in full or to leave a comment, please click here

Do you need a container-specific Linux distribution?

You've always been able to run containers on a variety of operating systems: Zones on Solaris; Jails on BSD; Docker on Linux and now Windows Server; OpenVZ on Linux, and so on. As Docker in particular and containers in general explode in popularity, operating system companies are taking a different tack. They're now arguing that to make the most of containers you need a skinny operating system to go with them.To read this article in full or to leave a comment, please click here

Containers vs. virtual machines: How to tell which is the right choice for your enterprise

Name a tech company, any tech company, and they're investing in containers. Google, of course. IBM, yes. Microsoft, check. But, just because containers are extremely popular, doesn't mean virtual machines are out of date. They're not.Yes, containers can enable your company to pack a lot more applications into a single physical server than a virtual machine (VM) can. Container technologies, such as Docker, beat VMs at this part of the cloud or data-center game.To read this article in full or to leave a comment, please click here

How to run Linux and Chrome OS on your Chromebook

Chromebooks are pretty darn handy. Even some hardcore Windows users now acknowledge that a Chromebook might be just what you need for work. But, as great as Chromebooks are, and as much progress as Google has made in getting "Web-only" apps such as Google Docs to work offline, there are still times that you want an application that's only available off-line such as the LibreOffice office suite or the GIMP photo editor. For those times, it's darn handy to be able to run a Linux desktop on a Chromebook.To read this article in full or to leave a comment, please click here