Articles and News
Fastly Status - Global CDN Disruption
Incident Report on Fastly’s service disruption this week.
#fastly #cdn #incident #varnish #post-mortem
FBI Sold Phones to Organized Crime and Read 27 Million “Encrypted” Messages
The encrypted device company ANOM, developed and operated by the FBI, was used to route messages to an FBI-owned server and decrypted with a master key.
#fbi #anom #operation-trojan-shield #operation-ironside
A Secure and Formally Verified Linux KVM Hypervisor
Paper on SeKVM, a modified version of KVM, that guarantees data confidentiality and integrity.
#kvm #virtualization #kvm virtualization
Video: HotOS 2021: Cores That Don’t Count
In this 10-minute video, one of the authors summarizes the issues with silent silicon data corruption presented in their »Cores that don’t count paper«.
#hardware #cpu #data-corruption
The Pedantic Checklist for Changing Your Data Model in a Web Application
Example step-by-step guide for introducing data model changes.
»ALPACA is an Application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. Attackers can redirect traffic from one subdomain to another, resulting in a valid TLS session.«
#tls #security #vulnerability
Choose Boring Technology
Not only are the capabilities of boring technology well understood, but more importantly, their failure modes, too.
Projects and Releases
Grafana 8.0 was released. Among other improvements, it centralizes alerting information, introduces library panels and real-time streaming.
»Terraform v1.0.0 intentionally has no significant changes compared to Terraform v0.15.5. You can consider the v1.0 series as a direct continuation of the v0.15 series; we do not intend to issue any further releases in the v0.15 series, because all of the v1.0 releases will be only minor updates to address bugs.«
Open-source remote desktop software for Linux.
Web server scanner.
#security-scan #vulnerability-scan #web-security
Random Walk Through Git
»A weird tour through Git and some of its internals.«
Introduction to the concept of dark patterns used in websites and apps.
#ui-design #ux-design #dark-pattern