5 Lessons and 8 Industry Changes Over 5 Years as Etsy CTO

Endings are often a time for reflection and from reflection often comes wisdom. That is the case for Kellan Elliott-McCrea, who recently announced he was leaving his job after five successful years as the CTO of Etsy. Kellan wrote a rather remarkable going away post: Five years, building a culture, and handing it off, brimming with both insight and thoughtful commentary.

This post is just a short gloss of the major points. He goes into more depth on each point, so please read his post.

The Five Lessons:

  1. Nothing we “know” about software development should be assumed to be true.
  2. Technology is the product of the culture that builds it.
  3. Software development should be thought of as a cycle of continual learning and improvement rather a progression from start to finish, or a search for correctness.
  4. You build a culture of learning by optimizing globally not locally.
  5. If you want to build for the long term, the only guarantee is change.

The Eight Industry Changes

  1. Five years ago, continuous deployment was still a heretical idea. 
  2. Five years ago, it was crazy to discuss that monitoring, testing, debugging, QA, staged releases, game days, user research, and prototypes Continue reading

How the Internet Really Works

Way back in April of 2014, I started a series over on Packet Pushers called “How the Internet Really Works.” This is a long series, but well worth reading if you want to try and get a handle around how the different companies and organizations that make up the ecosystem of the ‘net actually do what they do.

Overview
DNS Lookups
The Business Side of DNS (1)
The Business Side of DNS (2)
Reverse Lookups and Whois
DNS Security
Provider Peering Types
Provider Peering and Revenue Streams (1)
Provider Peering and Revenue Streams (2)
Standards Bodies
IETF Organizational Structure
The IETF Draft Process
Reality at the Mic (Inside the IETF, Part 1)
Reality at the Mic (Inside the IETF, Part 2)
Reality at the Mic (Inside the IETF, Part 3)
Internet Exchange Points
That Big Number Database in the Sky (IANA)
NOG World (Network Operator Groups)
The Internet Society

The slides that go with this set of posts are available on slideshare, as well. This set is in Ericsson format, but I have older sets in “vendor neutral” formatting, and even cisco formatting (imagine that!).

LinkedInTwitterGoogle+FacebookPinterest

The post How the Internet Continue reading

8 ways to fend off spyware, malware and ransomware

Spyware, malware, phishing and, more recently, ransomware -- the list of online threats can be confusing and daunting. Knowing what you’re up against is half the battle. Each of these types of attacks have specific characteristics:Spyware – software that collects information about you or your computer without your knowledge.Malware – a broad category of software (including viruses, worms, Trojan horses, etc.) that damages your computer, in either a minor or major way.Phishing – an attempt to get your personal information (usernames, passwords, credit card numbers and), usually for nefarious reasons. Usually accomplished by electronic communication (e.g., email), but also by "social engineering" (tricking people into abandoning standard security protocol).To read this article in full or to leave a comment, please click here

Why startup leaders need to set the tone for security

Federal consumer-protection authorities have called on the entrepreneurs building tech startups to prioritize cybersecurity from the earliest stages of the development process.[ Related: Tech startups need to get serious about security ]But a variety of factors -- cost, lack of technical expertise, rush to market, etc. -- can make security seem like more of a burden or an impediment to the startup's growth than anything else.To read this article in full or to leave a comment, please click here

Corebot cleverly written botnet malware with growth potential

There's a new botnet malware on the loose, called Corebot, that researchers believe has the potential to develop into a significant threat.The malware was first spotted by IBM Security X-Force, and Damballa followed up with a deep dive into how the malware works, and what else the malware's author is working on.The malware itself is particularly clever, said Loucif Kharouni, senior threat researcher at Damballa, in that it is written from scratch to be modular, making it easy for the author to add plugins to do specific tasks.MORE ON CSO: How to spot a phishing email "Most malware is based on older malware, on Zeus code for example," he said. "This one looks like it was built new, from scratch."To read this article in full or to leave a comment, please click here

SYNful Knock router exploit isn’t going away soon

The SYNful Knock compromise of routers can implant software that creates backdoors to let attackers return over and over, a sophisticated endeavor that demonstrates the ingenuity of its creators, according to a member of the team that discovered the attack in the wild.The software has features that enable it to stay hidden within networks so it can be updated and new attack modules can be downloaded for long periods of time, according to FireEye researchers.“The impressive portion of the attack is the implant and not the delivery,” says Tony Lee, technical director at FireEye. “This sort of implant would take significant skills to produce and go undetected for so long.”To read this article in full or to leave a comment, please click here

A guide to Docker container networking

Despite all the hype about containers, the application packaging technology is still evolving, especially as relates to networking. In the past year though there have been significant advancements to Docker container networking functionality. At the same time Docker has built a plug-in architecture that allows more advanced network management tools to control containers. +MORE AT NETWORK WORLD: Cisco’s “open” data center OS embraces containers + Meanwhile, startups have developed custom platforms for managing containers, while traditional vendors such as Cisco and VMware have enabled their network management tools to control containers. So, the earliest container networking challenges are beginning to be solved, but there’s still more work to be done.To read this article in full or to leave a comment, please click here

IDG Contributor Network: How pumped up is your pumped-up cloud data center?

"Ve are here to Pump You Up." I can't help but think about the old Saturday Night Live routines with bodybuilders Hans and Franz when looking at today's cloud data centers. They are big. They are bulked up. They are, indeed, pumped up. But how strong are they, really? As we would ask in IT terms: Do they scale? Can they perform? Or are they girly-man clouds?Those are hard questions.Knowing the capacity of a data center is next to impossible. The tech specs are easy – so many servers, so many CPUs, so many gigahertz, such-and-such network connectivity, so much storage I/O bandwidth. Those specs are easy, and also meaningless, without actually measuring the complete stack's end-to-end performance.To read this article in full or to leave a comment, please click here

Find out if the NSA spied on you and shared it with GCHQ

Curious if the NSA has ever spied on you? Privacy International launched a site so you can find out if Britain’s GCHQ spied on you; put another way, GCHQ can access NSA data so if the NSA gobbled up your communications, then this is how you can find out and get that digital dirt destroyed.Privacy International wrote: Have you ever made a phone call, sent an email, or, you know, used the internet? Of course you have!Chances are, at some point over the past decade, your communications were swept up by the U.S. National Security Agency's mass surveillance program and passed onto Britain's intelligence agency GCHQ. A recent court ruling found that this sharing was unlawful but no one could find out if their records were collected and then illegally shared between these two agencies… until now!To read this article in full or to leave a comment, please click here

Adding Spirent Virtual Test Center traffic generator to Unetlab

Having a traffic generator in a lab is a huge advantage, hands down. As to this moment Unified Networking Lab supports software-based traffic generator called Ostinato. But I had an opportunity to use another traffic generator – Spirent Test Center, virtual edition. Spirent’s images are not officially integrated/supported by UNL, so you will see how to

Why It’s Hard to Deploy SDN-Like Functionality Today

Whenever I talk about the various definitions of SDN (ending with the “SDN provides an abstraction layer”), old-timers sitting quickly realize that the SDN products that you can deploy in real life aren’t that different from what we did in the past – an SDN controller is often just an overhyped glorified network services orchestration system.

OK, so why didn’t we have that same functionality for the last 20 years?

Read more ...
1 3,235 3,236 3,237 3,238 3,239 3,756