Weekend Reads 041720

The perils of the modern communications conveyor belt that never ends, divides your attention, fractures your time, and chains you to FOMO.

It’s important to note that the educational community is a target for cybercriminals and not just from a ransomware angle. Primary educational institutions still face off against students attempting to manipulate grades or just create random chaos on systems with the purpose of causing a delay or canceling school. The research conducted by secondary institutions is also a target, especially by nation-state actors. —David Gilmore

There are new threats that you may have already been exposed to. Here are some of the new threats and advice on how to protect yourself. —Ram Mohan

This article will discuss a few of the frameworks mentioned above and will go deep into OpenFaaS and Knative to present their architecture, main components, and basic installation steps. If you are interested in this topic and plan to develop serverless applications using open-source platforms, this article will give you a better understanding of these solutions. —Ran Ribenzaft

Electrical safety is of paramount importance in the data center industry. Awareness of electrical incident risks and preventive procedures (such as lock-out/tag-out) have become well established in the last decade. —Andy Banks

The ongoing COVID-19 pandemic provides a useful case study for the impact of privacy regulations. U.S. policymakers have been considering federal data protection legislation for some time, and whether the current less regulatory approach remains appropriate. —Jennifer Huddleston

Cybersecurity researchers have discovered a new emerging IoT botnet threat that leverages compromised smart devices to stage ‘distributed denial-of-service’ attacks, potentially triggered on-demand through platforms offering DDoS-for-hire services. —Ravie Lakshmanan

One challenge I’ve heard from a number of companies is that, with say 3-5 AppSec engineers supporting 500 – 1000 devs, you can’t TM every story, or even every epic. So what do you focus on? —Adam Shostack

Since the first browser war between Netscape and Internet Explorer, web browsers have been using features as their primary means of competing with each other. This strategy of unlimited scope and perpetual feature creep is reckless, and has been allowed to go on for far too long. —Drew DeVault

The Internet, born as a Pentagon project during the chillier years of the Cold War, has taken such a central role in 21st Century civilian society, culture and business that few pause any longer to appreciate its wonders — except perhaps, as in the past few weeks, when it becomes even more central to our lives. —Craig Timberg

During the labs component of the Deployathon, we installed the following four validators and used these in our lab set up, running on Ubuntu18 Desktop images as well, as seen on the left hand of the topology… —Drikus Brits

Imagine this composite scenario, drawn from real-life customer experiences: Laura is the CFO of SoBank and receives an urgent email from Tom, a partner at Dorling Clayton, SoBank’s external law firm. —Tim Sadler

To one way of looking at it, a reprise of the Bus Wars from days gone by in the late 1980s and early 1990s would have been a lot of fun. The fighting among vendors to create standards that they controlled ultimately resulted in the creation of the PCI-X and PCI-Express buses that have dominated in servers for two decades, as well as the offshoot InfiniBand interconnect, which was originally intended as a universal switched fabric to connect everything at high bandwidth and low latency. It perhaps took longer than it might otherwise – it is hard to rewrite history. —Timothy Prickett Morgan

I recently visited the Flørli stairs in Lysefjorden, Norway, near where my grandfather spent his childhood, and looked up at 4,444 wooden steps stretching toward the top of a plateau through a steep, tree-covered hillside. —John Kindervag

Penetration testing, also known as pen testing, involves testing networks, computer systems, and Web and mobile applications to discover vulnerabilities that could potentially put an organization at risk. Pen tests may simulate human- or technology-based social engineering attacks against an organization’s employees to see how people could put a business at risk. —Kelly Sheridan