This post is part of an open-ended series I’m writing where I take a specific protocol, app, or whatever-I-feel-like and focus on five functional aspects of that thing in order to expose some of how that thing really works.
The topic in this post is the AWS Identity and Access Management (IAM) service. The IAM service holds a unique position within AWS: it doesn’t get the attention that the machine learning or AI services get, and doesn’t come to mind when buzzwords like “serverless” or “containers” are brought up, yet it’s used by–or should be used by–every single AWS customer (and if you’re not using it, you’re not following best practice, tsk, tsk) so it’s worthwhile to take the time to really get to know this service.
Let’s begin!
The main reason I threw a bit of shade about following best practice and always using IAM has to do with the root user in an account. The root user is what’s created when a new AWS account is opened. The username for the root user is always an email address and the root user is able to log into the AWS account Continue reading
Do you know how – or even if – your favorite retailer, or your bank, or your ISP is working to protect you? The Online Trust Alliance recognizes excellence in consumer protection, data security and responsible privacy practices. Today, we released the 10th annual Online Trust Audit & Honor Roll, covering more than 1,200 predominantly consumer-facing websites, and found that 70% of the websites we analyzed qualified for the Honor Roll. That’s the highest proportion ever, driven primarily by improvements in email authentication and session encryption.
Overall, we found a strong move toward encryption, with 93% of sites encrypting all web sessions. Email authentication is also at record highs; 76% use both SPF and DKIM (which prevent spoofed/forged emails) and 50% have a DMARC record (which provides instruction on how to handle messages that fail authentication).
It’s not all good news, though. We also found that only 11% of organizations use mechanisms for vulnerability reporting, which allows users to report bugs and security problems. Only 6% use Certificate Authority Authorization, which limits certificate abuse. And overall privacy scores dropped compared to last year, primarily due to more stringent scoring in light of the E.U.’s General Continue reading
This blog post was initially sent to subscribers of my SDN and Network Automation mailing list. Subscribe here.
I was walking down the infinite hallways of Cisco Live Europe chatting with the fellow Tech Field Day Extra delegates when I probably blanked out for a minute as the weirdest of thoughts hit me: “REST API is not transactional”
TL&DR: Apart from using structured data and having error codes REST API is functionally equivalent to Cisco IOS CLI from 1995
Read more ...This post is part of an open-ended series I'm writing where I take a specific protocol, app, or whatever-I-feel-like and focus on five functional aspects of that thing in order to expose some of how that thing really works.
The topic in this post is the AWS Identity and Access Management (IAM) service. The IAM service holds a unique position within AWS: it doesn't get the attention that the machine learning or AI services get, and doesn't come to mind when buzzwords like “serverless” or “containers” are brought up, yet it's used by-or should be used by-every single AWS customer (and if you're not using it, you're not following best practice, tsk, tsk) so it's worthwhile to take the time to really get to know this service.
Let's begin!
Today's Network Break issues a few corrections, and then delves into hybrid cloud news from Google and Cisco, examines a new SD-WAN service from Juniper, discusses Sungard's bankruptcy, and other tech news.
The post Network Break 230: Google Anthos Targets Hybrid Cloud; Cisco Puts ACI In AWS appeared first on Packet Pushers.
Japan's telecom regulator also imposed a condition that effectively bans Chinese vendors Huawei and...
The Wall Street Journal reported that the investigation included a raid on Ericsson’s offices in...
Every so often, while browsing the web, you run into a web page that asks if you would like to allow the site to push notifications to your browser. Apparently, according to the paper under review, about 12% of the people who receive this notification allow notifications. What, precisely, is this doing, and what are the side effects?
Allowing notifications allows the server to kick off one of two different kinds of processes on the local computer, a service worker. There are, in fact, two kinds of worker apps that can run “behind” a web site in HTML5; the web worker and the service worker. The web worker is designed to calculate or locally render some object that will appear on the site, such as unencrypting a downloaded audio file for local rendition. This moves the processing load (including the power and cooling use!) from the server to the client, saving money Continue reading
Google is saying we're OK with being your No. 2 choice — for now. While Amazon and Microsoft...
The products insecurely store authentication and/or session cookies, giving hackers access to a...
In this Short Take, Russ discusses a couple tools we have in the network for DDoS mitigations and explores some of the reasons they may not be as pervasively used as we would like.
The post Short Take – Flowspec and BCP38 appeared first on Network Collective.
Building nice AIs: Efforts by large tech vendors to think about ways to design “ethical Artificial Intelligence” systems have hit some speedbumps along the way, says Insurance Journal. Google abandoned its newly formed ethical AI council after employee complaints about its membership. Some critics say efforts to create ethical AI teams are attempts by companies to avoid regulations.
No smoking or bikinis: Business Insider India has a look at the efforts of the Chinese government to police Internet and social media content, with smoking, excessive tattoos, and in some cases, bikinis prohibited. At Inke, one of China’s largest livestreaming companies, a group of about 1,200 moderators attempt to keep up with the government’s rules, the story says.
Fake news arms race: Facebook has announced a new round of efforts to fight fake news with updates to updates to News Feed, Messenger, and Instagram, Fortune reports. The social media giant is expanding its fact-checking capabilities, and it is trying to limit the reach of groups that repeatedly spread misinformation. Facebook also says it’s getting better at identifying click-bait.
Comments gone wild: YouTube shut down comments on the livestream of a U.S. Congress hearing on white nationalism after the comments section Continue reading