BrandPost: Answering the Demand for Scale Out

Data sprawl is a problem. Most companies, regardless of industry or size, are trying to balance their need to store increasing volumes of data with the associated costs to their infrastructure.IDC expects continued growth in data, with an estimate that the world will generate 163 zettabytes by 2025. The massive build up is being driven by technologies including machine learning, AI, IoT, video streaming, and augmented and virtual reality. Add digital transformation efforts into the mix and the requirements for data storage become even greater.The straightforward answer is to the data sprawl problem is to add capacity. But that option is often made untenable by variables such as costs, next-generation workloads, increased amounts of unstructured data, and growth of the business and its locations.To read this article in full, please click here

Enhancing IoT Security Project Continues with Second Successful Multistakeholder Event in Ottawa

The Enhancing IoT Security project hosted its second multistakeholder event on June 21, 2018. This meeting served as an opportunity for new participants to join the conversations and for participants of the first meeting to continue working toward consensus on IoT security norms that would empower consumers and ensure network resiliency. A group of 30 individuals met in Ottawa, with another 16 joining virtually, to prioritize the action items from the last meeting and establish working groups that will collaborate and conduct further research for each item. Participants included representatives from private sector companies, public interest groups, the technical community, academia, and government agencies, and each offered unique and valuable insights to the project. Andrew Sullivan, Fellow at Oracle/Dyn, facilitated this discussion and the creation of the working groups.

The meeting began with a discussion about the ten outputs from the first multistakeholder event. The group agreed that it should prioritize work on a few outputs to begin and then expand the projects scope as necessary. Participants decided to focus on the following three issue areas:

  1. Labeling
  2. Consumer education and awareness
  3. Network resiliency

Participants then identified what work would need to be accomplished for each action item and established working Continue reading

Bootstrapping a Typescript Worker

Bootstrapping a Typescript Worker

Cloudflare Workers allows you to quickly deploy Javascript code to our 150+ data centers around the world and execute very close to your end-user. The edit/compile/debug story is already pretty amazing using the Workers IDE with integrated Chrome Dev Tools. However, for those hankering for some Typescript and an IDE with static analysis, autocomplete and that jazz, follow along to see one way to set up a Typescript project with Webstorm and npm run upload your code straight to the edge.

Pre Requisites

My environment looks like this:

  • macOS High Sierra
  • node v8.11.3
  • npm v5.6.0
  • Webstorm v2018.1.3

You'll also need a Cloudflare domain and to activate Workers on it.

I'll be using cryptoserviceworker.com

I'll also use Yeoman to build our initial scaffolding. Install it with npm install yo -g

Getting Started

Let's start with a minimal node app with a "hello world" class and a test.

mkdir cryptoserviceworker && cd cryptoserviceworker
npm install generator-node-typescript -g
yo node-typescript

That generator creates the following directory structure:

drwxr-xr-x   16 steve  staff     512 Jun 18 20:40 .
drwxr-xr-x   10 steve  staff     320 Jun 18 20:35 ..
-rw-r--r--    1 steve  staff     197 Jun 18 20:40 .editorconfig
-rw-r--r--    1 steve  staff       Continue reading

Secure coding practices in Java: challenges and vulnerabilities

Secure coding practices in Java: challenges and vulnerabilities Meng et al., ICSE’18

TL;DR : don’t trust everything you read on Stack Overflow.

Meng et al. conduct a study of Stack Overflow posts relating to secure coding practices in Java to find out the hot topics, what people struggle with, and whether or not the accepted answers are actually following security best practices.

We conducted an empirical study on Stack Overflow posts, aiming to understand developer’s concerns on Java secure coding, their programming obstacles, and insecure coding practices. We observed a wide adoption of the authentication and authorization features provided by Spring Security — a third-party framework designed to secure enterprise applications…

Well, how could I resist reading that! (Some readers may know that I was for many years the CTO of SpringSource). Spring Security does come in for some flak in this paper for the high volume of questions that are asked relating to it. There’s no calibration though for underlying popularity. One of the reasons there are a lot of questions, I posit, is that there are an awful lot of users of Spring Security. Spring Boot applications will use Spring Security, and Spring Boot has been growing Continue reading

Instructor Spotlight: A Bit About Joseph Holbrook

If you’ve watched any of our Google or Blockchain courses, you may be familiar with Joseph Holbrook. Continue reading to learn more about this talented course author:

Joe Holbrook has been in the IT field since 1993 when he was exposed to several HPUX systems on board a US Navy flagship. He has migrated from UNIX world to Storage Area Networking(SAN) and then onto Enterprise Virtualization and Cloud Architecture. In the past, Joe has worked for numerous companies like HDS, 3PAR Data, Brocade, Dimension Data, EMC, Northrup Grumman, ViON, Ibasis.net, Chematch.com, SAIC and Siemens Nixdorf. Currently he’s a Subject Matter Expert specializing in Cloud/IT Security focused on Data Storage infrastructure services and Data migrations to the Cloud.

Joe holds Industry leading certifications from Amazon Web Services, Google Cloud Platform, Brocade, Hitachi Data Systems, EMC, VMWare, CompTIA, HP 3PAR ASE, Cloud Credential Council and other orgs. He is now working on the Google Cloud Platform for several organizations.

Joe is married with children and lives in Jacksonville, Florida. In his free time, he enjoys traveling to South America, spending time with my 5 year old daughter and learning about cryptocurrencies. He is also an avid hockey fan and enjoys Continue reading

Shredding files on Linux

The rm command easily makes files disappear from our file listings, but what does it actually do and how can we ensure that files are unlikely to be recoverable?A little background To understand what happens when you remove a file from a Linux system with rm, first think about inodes -- those intriguing data structures that keep track of all of a file's attributes -- often called "metadata" -- that describe the file. This includes its name, its owner and group, what permissions have been established and where the file's contents can be found on the disk.Next, think about Linux directories. While they take the appearance and character of folders (i.e., merely containers for holding files) they are actually files themselves -- files that include no more than the names and inode numbers of the files they "contain". So, what we get is a convenient way to think about directories and files in the same way you might think about the folders and paperwork in your file cabinets (if any of you still have one of those).To read this article in full, please click here

1 1,554 1,555 1,556 1,557 1,558 3,841