Happy Pink Dot SG from the Proudflare team!

Happy Pink Dot SG from the Proudflare team!

Pink Dot SG is an event which takes place every June in Singapore to celebrate LGBTQIA+ pride! Cloudflare participated this year, on June 21st. We’re a little late, but wanted to share what we got up to. Pink Dot SG started in 2009, as a way for queer people and allies alike to demonstrate their belief that everyone deserves the “freedom to love.”

Proudflare at Pink Dot ‘18

Proudflare, Cloudflare's LGBTQIA+ employee resource group, finds ways to support and provide resources for the LGBTQIA+ community, both within Cloudflare and in the larger community.

Proudflare started in 2017 in our San Francisco headquarters and in 2018, the Proudflare Singapore chapter was formed. We were excited to participate in our first public-facing event and demonstrate Cloudflare’s commitment to equality and dignity for all people!

We took to the streets this year to celebrate, but more importantly demand equality for our community in Singapore. It was an exciting event, with heaps of buzz, cheer, and joy amongst the crowd! Pink Dot SG included LGBTQIA+-themed events, information tents, a concert, and onstage were 10 Declarations for Equality, a list of changes the LGBTQIA+ community and their allies are ready for and Continue reading

Top 5 Blog Post of 2018: Play with Kubernetes

All this week, we have been bringing you the top 5 blog posts of 2018. Now for #3 on top 5 list – our blog post on Play with Kubernetes. Following the success of Play with Docker, earlier this year, we gave you the ability to learn Kubernetes from the convenience of our training site. Continue reading to learn more…

 

Every month for the last year, thousands of people have used Play with Docker and the accompanying hands-on Play with Docker Classroom training site. These sites allow you to use and learn Docker entirely within your own browser, without installing anything. Last summer, we quietly launched the companion site Play with Kubernetes, to give people a full command line while learning Kubernetes on the command line. And today we’re launching a new Kubernetes training site, the Play with Kubernetes Classroom.

The Play with Kubernetes Classroom is a workshop environment just like the Play with Docker Classroom. We currently have an extensive Kubernetes workshop originally based on Jérôme Petazzoni’s Container Training Kubernetes workshop. But instead of doing it all locally or setting up VMs in the cloud, you can now run through the workshop entirely in the browser.

Continue reading

The Importance of the Multistakeholder Approach: My Experience at the Internet Governance Forum

My name is Gustavo Babo, I’m from Brazil and I’m a Law and Political Science student. One of my biggest interests is to understand the best way to create national and international policies related to the Internet and other technologies such as Artificial Intelligence, IoT, and Blockchain. Having participated in the IGF as a 2018 Youth@IGF Fellow has enhanced my perspective on the future of all these technologies. Enjoy my opinion!

Throughout the IGF event, in all the panels I have attended, I have noticed one thing in common: the feeling that the human being has had less-and-less control over technology and its implications. The unpredictable factor for the future of some emerging technologies that have developed very rapidly is a situation that divided the event into two perspectives: some of those present believe that technology will bring to the world many positive situations and we need to collaborate with its acceleration to any cost. However, there are others who fear the speed and lack of control of the impacts of these technologies – which are really transforming the world – believing also that the human being may be tracing a disastrous path for itself, since we no longer control Continue reading

DNS-over-HTTPS (DoH) Support in Mozilla Firefox

Recent releases of Firefox have introduced the concept of DNS privacy under the name “Trusted Recursive Resolver”. Although Firefox ships with DNS-over-HTTPS (DoH) disabled by default, there has been some discussion within the Mozilla developer community about changing the default to “enabled”.

Although DoH is somewhat controversial because it moves control plane (signalling) messages to the data plane (data forwarding), and can thereby bypass local network policies, DoH advocates argue that it makes it harder to block or monitor DNS queries which is a commonly used method for restricting access to the Internet and/or monitoring user behaviour.

But putting these arguments aside, if you want to try out DoH then the DNS privacy (or “TRR” in Firefox speak) configuration in Firefox can be accessed as follows:

  • Enter “about:config” in the address box of the browser
  • Search for “trr” (without quotes)

A sample output of DNS privacy configuration in Mozilla Firefox is as follows:

Firefox offers its technical users quite a few settings to play with, but the most important options (along with their recommended settings) for TRR are:

“network.trr.bootstrapAddress” specifies the IP address of a recursive resolver that should Continue reading

Concise Christmas Cryptography Challenges 2019

Concise Christmas Cryptography Challenges 2019

Last year we published some crypto challenges to keep you momentarily occupied from the festivities. This year, we're doing the same. Whether you're bored or just want to learn a bit more about the technologies that encrypt the internet, feel free to give these short cryptography quizzes a go.

We're withholding answers until the start of the new year, to give you a chance to solve them without spoilers. Before we reveal the answers; if you manage to solve them, we'll be giving the first 5 people to get the answers right some Cloudflare swag. Fill out your answers and details using this form so we know where to send it.

Have fun!

NOTE: Hints are below the questions, avoid scrolling too far if you want to avoid any spoilers.

Concise Christmas Cryptography Challenges 2019

Challenges

Client says Hello

Client says hello, as follows:

00000c07ac01784f437dbfc70800450000f2560140004006db58ac1020c843c
7f80cd1f701bbc8b2af3449b598758018102a72a700000101080a675bce16787
abd8716030100b9010000b503035c1ea569d5f64df3d8630de8bdddd1152e75f
528ae577d2436949ce8deb7108600004400ffc02cc02bc024c023c00ac009c0
08c030c02fc028c027c014c013c012009f009e006b0067003900330016009d
009c003d003c0035002f000a00af00ae008d008c008b010000480000000b
000900000663666c2e7265000a00080006001700180019000b0002010000
0d0012001004010201050106010403020305030603000500050100000000
001200000017000052305655494338795157524c656d6443436c5246574651
675430346754456c4f52564d674e434242546b51674e513d3d

[Raw puzzle without text wrap]

Time-Based One-Time Password

A user has an authenticator device to generate one time passwords for logins to their banking website. The implementation contains a fatal flaw.

At the following times, the following codes are generated (all in GMT/UTC):

Top 5 Blog Post of 2018: Docker Enterprise 2.0 with Kubernetes

Day 2 of our top blog posts of 2018 and coming in at Number 4 is the launch of Docker Enterprise 2.0 (formerly Docker Enterprise Edition). Docker’s industry-leading container platform is the only platform that simplifies Kubernetes and manages and secures applications on Kubernetes in multi-Linux, multi-OS and multi-cloud customer environments. To learn more about our Docker Enterprise, read on…

 

 

We are excited to announce Docker Enterprise Edition 2.0 – a significant leap forward in our enterprise-ready container platform. Docker Enterprise Edition (EE) 2.0 is the only platform that manages and secures applications on Kubernetes in multi-Linux, multi-OS and multi-cloud customer environments. As a complete platform that integrates and scales with your organization, Docker EE 2.0 gives you the most flexibility and choice over the types of applications supported, orchestrators used, and where it’s deployed. It also enables organizations to operationalize Kubernetes more rapidly with streamlined workflows and helps you deliver safer applications through integrated security solutions. In this blog post, we’ll walk through some of the key new capabilities of Docker EE 2.0.

Eliminate Your Fear of Lock-in

As containerization becomes core to your IT strategy, the importance of having a platform Continue reading

Strong identity is strong security


I think of classical firewall-based security like a community with a common manned gate, but where the homes in the community don’t have locks on their doors.   Strong locks on strong doors is better if you ask me.

Traditional firewall security matches on patterns in the packet header to determine what action to take on the matching application flows.  I'd equate this to the security guard allowing people into the gated community based by how they look.  If a person looks like someone who belongs to the community, then let them in.   In the same way, if a bad person crafts packet headers to match permit rules in the firewall, then it is allowed through.

One might say that’s where app-based firewalls come in.  They go deeper than just the packet header to determine what application is being transported.  How do these firewalls know what application a transport session belongs to?  Well, they do Continue reading

Top 5 Post: Improved Docker Container Integration with Java 10

As 2018 comes to a close, we looked back at the top five blogs that were most popular with our readers. For those of you that had difficulties with memory and CPU sizing/usage when running Java Virtual Machine (JVM) in a container, we are kicking off the week with a blog that explains how to get improved Docker container integration with Java 10 in Docker Desktop ( Mac or Windows) and Docker Enterprise environments.

Docker and Java

Many applications that run in a Java Virtual Machine (JVM), including data services such as Apache Spark and Kafka and traditional enterprise applications, are run in containers. Until recently, running the JVM in a container presented problems with memory and cpu sizing and usage that led to performance loss. This was because Java didn’t recognize that it was running in a container. With the release of Java 10, the JVM now recognizes constraints set by container control groups (cgroups). Both memory and cpu constraints can be used manage Java applications directly in containers, these include:

  • adhering to memory limits set in the container
  • setting available cpus in the container
  • setting cpu constraints in the container

Java 10 improvements are realized in both Docker Desktop ( Mac Continue reading

The Wired Nursery

This month, we’ve asked parents to share their experiences of raising kids in the tech age. Today’s guest author is Kimberly Rae Miller, author of Beautiful Bodies and the bestselling memoir Coming Clean.

Being a parent means living with constant, underlying anxiety over just about everything from how to slice hot dogs, to the age old winter jacket vs. car seat conundrum, to whether all the tech used to keep kids alive/make life with them easier is actually going to screw them up/destroy your life.

The latter takes a fair bit of cognizant dissonance. Most of us know at least some of the pitfalls of our wired life. After all, the digital assistant in my living room knew that I was pregnant again about five seconds after I did (and yes, there are Bluetooth-enabled home pregnancy tests), and voila, almost immediately targeted ads for diapers and nursery furniture started showing up when I shopped online. Most of the time I brush aside how uncomfortable it all makes me, because the gizmos and gadgets that make momming slightly easier are maybe worth the invasion of privacy.

When I was pregnant with my now two-year-old son, I knew that I didn’t know Continue reading

Improving HTML Time to First Byte

Improving HTML Time to First Byte

The Time to First Byte (TTFB) of a site is the time from when the user starts navigating until the HTML for the page they requested starts to arrive. A slow TTFB has been the bane of my existence for more than the ten years I have been running WebPageTest.

There is a reason why TTFB appears as one of the few “grades” that WebPageTest scores a site on and, specifically, why it is the first grade in the list.

Improving HTML Time to First Byte

If the first byte is slow, EVERY other metric will also be slow. Improving it is one of the few cases where you can predict what the impact will be on every other measurement. Every millisecond improvement in the TTFB translates directly into a millisecond of savings in every other measurement (i.e. first paint will be 500ms faster if TTFB improves by 500ms). That said, a fast ttfb doesn't guarantee a fast experience but a slow ttfb does guarantee a slow Continue reading

The Week in Internet News: India Rethinks Frequent Internet Shutdowns

Keep the pipes flowing: The Indian government’s Department of Telecommunications has told state governments they should avoid Internet shutdowns in situations not involving an emergency or public safety, Business Insider India reports. There were about 130 Internet shutdowns in the country in 2018, up from 79 the year before. But shutdowns close off residents’ access to banking and other online services, the agency said in its notice.

A fragmenting Internet: The global Internet is fracturing with governments increasingly exerting their influence on digital companies, markets, and rights, Foreign Policy says. The authors see a future Internet Warring States Period, in which several countries jockey for influence on the Internet, which could lead to a fragmented Internet in areas where there was once common ground.

Fake crackdown: Egypt is using a crackdown on so-called fake news to detain or jail “scores” of journalists, bloggers, and social media users, the Los Angeles Times reports. In 2018, Egypt jailed 19 journalists for allegedly “disseminating false information,” while all other countries jailed a total of nine journalists.

Beware the cryptominers: Internet users saw a 4,000 percent increase in crytomining malware in 2018, The Next Web says. MacAfee Labs noted more than 4 million new Continue reading

1 1,381 1,382 1,383 1,384 1,385 3,860