Stuff The Internet Says On Scalability For May 5th, 2017

Hey, it's HighScalability time:

 

• 25ms: SpaceX satellite latency; 17 million: tax returns received by IRS during week ending April 21; 1.94 billion: Facebook users; 1.2 billion: Lambda requests by Expedia / month; ~$91.5K: Capital One's yearly Serverless TCO; 1.2 billion: Facebook Messenger users; 215 petabytes: storage per gram of DNA; 1/2: households in US are Amazon Prime members; 50.8%: households in US that are mobile phone only; 80 billion: street view images; 3 million: open sourced Instacart orders; $175: RaaS (ransomware-as-a-service); 350,000+: Amazon employees; 


• QuotableQuotes:
  • Paul Barnum: You can have a second computer when you've shown you know how to use the first one
  • @chrisalbon: 2007: “You are the product.”  2017: “You are the training data.”
  • shitloadofbooks: As an Ops guy, I preach Ansible + systemd all day everyday, but so many of our Devs (and Ops) have drunk the containerization Kool-aid.
  • roland-s: Like you, Continue reading

Ultimate geek dream? NASA challenges you to jump on the FORTRAN bandwagon!

NASA is looking to bolster the speed – from ten to 10,000 times -- of the software on its Pleiades supercomputer and is issuing a public challenge to get the job done.The catch is that the software the space agency is looking to squeeze all of that performance out of is based on Fortran – a program that has roots back to 1954.“This is the ultimate ‘geek’ dream assignment,” said Doug Rohn, director of NASA’s Transformative Aeronautics Concepts Program (TACP) in a statement.According to IBM: “From its creation in 1954, and its commercial release in 1957 as the progenitor of software, Fortran (FORMula TRANslator) became the first computer language standard, ‘helped open the door to modern computing,’ and may well be the most influential software product in history. Fortran liberated computers from the exclusive realm of programmers and opened them to nearly everybody else. It is still in use more than 50 years after its creation.To read this article in full or to leave a comment, please click here

Worth Reading: Hackers use drones and lasers to bypass air gap

When hackers infect computers with malware, they generally communicate with their code over the internet via a command-and-control server. But firewalls and intrusion detection systems can block communication going to and from suspicious domains and IP addresses. To bypass these normal detection methods, researchers in Israel have devised a novel way to communicate covertly with malware. The technique uses a flatbed scanner as the gateway through which an attacker can send commands to their malware on a victim’s network. —Motherboard

The post Worth Reading: Hackers use drones and lasers to bypass air gap appeared first on rule 11 reader.

User-guided caching in Docker for Mac

Recent Docker releases (17.04 CE Edge onwards) bring significant performance improvements to bind-mounted directories on macOS. (Docker users on the stable channel will see the improvements in the forthcoming 17.06 release.) Commands for bind-mounting directories have new options to selectively enable caching.

Containers that perform large numbers of read operations in mounted directories are the main beneficiaries. Here’s an illustration of the improvements in a few tools and applications in common use among Docker for Mac users: go list is 2.5× faster; symfony is 2.7× faster, and rake is 3.5× faster, as illustrated by the following graphs:

go list (2.5× speedup)

go list ./... in the moby/moby repository

symfony (2.7× speedup)

curl of the main page of the Symfony demo app

rake (3.5× speedup)

rake -T in @hirowatari’s benchmark

For more details about how and when to enable caching, and what’s going on under the hood, read on.

Basics of bind-mounting

A defining characteristic of containers is isolation: by default, many parts of the execution environment of a container are isolated both from other containers and from the host system. In the filesystem, isolation shows up as layering: the filesystem Continue reading

Keeping Up with Storage Demands by Pairing vNAS and vSAN

This combined approach will give enterprises the flexibility and scalability they need.

Meet The Brand New DNS Analytics Dashboard

Have you noticed something new in your Cloudflare analytics dashboard this morning? You can now see detailed DNS analytics for your domains on Cloudflare.

If you want to skip to the punch and start exploring, go check it out here. Otherwise, hop on the DNS magic school bus - and let us show you all the neat stats in your now-available DNS analytics.

DNS analytics dashboard: What does it know? Does it know things? Let’s find out.

At the top of the DNS analytics dashboard you can see your DNS traffic health. This “Queries by Response Codes” graph breaks down queries by what response code Cloudflare DNS answered to the visitor. Like HTTP response codes, DNS response codes give an indication of what is happening behind the scenes. Mostly you will just see NOERROR, the HTTP 200 of DNS response codes, and NXDOMAIN, the HTTP 404 of DNS response codes. NXDOMAIN is particularly interesting - what are people querying for that doesn’t exist?

If you are an enterprise customer and you want to know what all the NXDOMAIN queries are, just scroll down a little bit where we show you the top queries for your domain and top queries for Continue reading

Cyberspies tap free tools to make powerful malware framework

Over the past year, a group of attackers has managed to infect hundreds of computers belonging to government agencies with a malware framework stitched together from JavaScript code and publicly available tools.The attack, analyzed by researchers from antivirus firm Bitdefender, shows that cyberespionage groups don't necessarily need to invest a lot of money in developing unique and powerful malware programs to achieve their goals. In fact, the use of publicly available tools designed for system administration can increase an attack's efficiency and makes it harder for security vendors to detect it and link it to a particular threat actor.To read this article in full or to leave a comment, please click here

Cyberspies tap free tools to make powerful malware framework

Over the past year, a group of attackers has managed to infect hundreds of computers belonging to government agencies with a malware framework stitched together from JavaScript code and publicly available tools.The attack, analyzed by researchers from antivirus firm Bitdefender, shows that cyberespionage groups don't necessarily need to invest a lot of money in developing unique and powerful malware programs to achieve their goals. In fact, the use of publicly available tools designed for system administration can increase an attack's efficiency and makes it harder for security vendors to detect it and link it to a particular threat actor.To read this article in full or to leave a comment, please click here

Red Hat Is The Gatekeeper For ARM In The Datacenter

If any new hardware technology is going to get traction in the datacenter, it has to have the software behind it. And as the dominant supplier of commercial Linux, Red Hat’s support of ARM-based servers gives the upstart chip makers like Applied Micro, Cavium, and Qualcomm the leverage to help pry the glasshouse doors open and get a slice of the server and storage business that is so utterly dominated by Intel’s Xeon processors today.

It is now or never for ARM in the datacenter, and that means Red Hat has to go all the way and not just support …

Red Hat Is The Gatekeeper For ARM In The Datacenter was written by Jeffrey Burt at The Next Platform.

Released Today Amazon Prime Members get 20% off Prey for Xbox One, PS4 and PC – Deal Alert

Amazon Prime members get an exclusive 20% off of Prey. In Prey, you awaken aboard Talos I, a space station orbiting the moon in the year 2032. You are the key subject of an experiment meant to alter humanity forever – but things have gone terribly wrong.

BGP over GRE Tunnel

The post BGP over GRE Tunnel appeared first on Noction.

What IPv6 Transition Mechanisms Are Actually Being Used?

An engineer watching my IPv6 Transition Mechanisms webinar sent me this question:

We would appreciate any insight you might have as to which transitional mechanisms the ISPs are actually deploying.

All of them ;)

How upgrading from Windows 10 S to Windows 10 Pro could cost you

There’s plenty about Microsoft’s new Windows 10 S that’s not fully understood, not the least of which is its built-in upgrade path to Windows 10 Pro. Which Windows 10 S device you buy and where you buy it, however, will decide whether you’ll pay a $49 fee for the the upgrade—or have Microsoft pay you with a year’s subscription to Office 365.With most Windows 10 S devices reserved for closely managed classrooms, there's arguably only one Windows 10 S device where the transition from Windows 10 S to Windows 10 Pro becomes an important decision: Microsoft's Surface Laptop, designed for college students. But as hardware vendors start shipping more laptops with Windows S installed, more users will have to consider how they handle this upgrade path. We'll explain what we know so far. To read this article in full or to leave a comment, please click here

Third parties leave your network open to attacks

Most businesses hire third-party providers to fill in when they lack in-house resources. It is often necessary to allow third-party vendors access to their network. But after Target’s network was breached a few years ago because of an HVAC vendor’s lack of security, the focus continues to be on how to allow third parties access to the network without creating a security hole.The use of third-party providers is widespread, as are breaches associated with them. Identity risk and lifestyle solution provider SecZetta claims that on average, 40 percent of the workforce make up third parties. A recent survey done by Soha Systems notes that 63 percent of all data breaches can be attributed to a third party. “The increased reliance on third-party employees, coupled with the growing sophistication of hackers, has led to the current identity and access management crisis that most businesses are faced with today — whether they realize it or not,” a SecZetta blog post stated. To read this article in full or to leave a comment, please click here

Third parties leave your network open to attacks

Most businesses hire third-party providers to fill in when they lack in-house resources. It is often necessary to allow third-party vendors access to their network. But after Target’s network was breached a few years ago because of an HVAC vendor’s lack of security, the focus continues to be on how to allow third parties access to the network without creating a security hole.The use of third-party providers is widespread, as are breaches associated with them. Identity risk and lifestyle solution provider SecZetta claims that on average, 40 percent of the workforce make up third parties. A recent survey done by Soha Systems notes that 63 percent of all data breaches can be attributed to a third party. “The increased reliance on third-party employees, coupled with the growing sophistication of hackers, has led to the current identity and access management crisis that most businesses are faced with today — whether they realize it or not,” a SecZetta blog post stated. To read this article in full or to leave a comment, please click here

Pitfalls of identity access management

TrackingImage by ThinkstockIt is easy to overlook identity access management as static infrastructure in the background, and that's the chief problem: Too few organizations treat IAM as the crucial, secure connective tissue between businesses' multiplying employees, contractors, apps, business partners and service providers. Aaron Perry, president at Focal Point Data Risk, runs through some of IAM’s pitfalls.To read this article in full or to leave a comment, please click here

Pitfalls of identity access management

TrackingImage by ThinkstockIt is easy to overlook identity access management as static infrastructure in the background, and that's the chief problem: Too few organizations treat IAM as the crucial, secure connective tissue between businesses' multiplying employees, contractors, apps, business partners and service providers. Aaron Perry, president at Focal Point Data Risk, runs through some of IAM’s pitfalls.To read this article in full or to leave a comment, please click here

Pitfalls of identity access management

TrackingImage by ThinkstockIt is easy to overlook identity access management as static infrastructure in the background, and that's the chief problem: Too few organizations treat IAM as the crucial, secure connective tissue between businesses' multiplying employees, contractors, apps, business partners and service providers. Aaron Perry, president at Focal Point Data Risk, runs through some of IAM’s pitfalls.To read this article in full or to leave a comment, please click here

10 Unix commands every Mac and Linux user should know

GUIs are great—we wouldn’t want to live without them. But if you’re a Mac or Linux user and you want to get the most out of your operating system (and your keystrokes), you owe it to yourself to get acquainted with the Unix command line. Point-and-click is wonderful whenever you need to do something once or twice. But if you need to repeat that task many times, the command line is your savior.The command line is a window into the full, awesome power of your computer. If you long to break free of the constraints of the GUI or think that programming or administering remote machines is in your future, then learning the Unix command line is definitely for you.To read this article in full or to leave a comment, please click here

Packet Blast: Top Tech Blogs, May 5