Weekend Reads 082820

CENTR has published a white paper separating registry lock services into two standardized models. This categorization and the included recommendations can help top-level domain registries (re)design their registry lock services.

Simply stated: No matter how sophisticated your security software is, data cannot be simultaneously used and secured. But that may be changing soon.

Blockchain technology is going to change everything: the shipping industry, the financial system, government … in fact, what won’t it change? But enthusiasm for it mainly stems from a lack of knowledge and understanding. The blockchain is a solution in search of a problem.

Or you could reduce all of that complexity to a single roll of 25 dice into a plastic box.

Multitenancy is a common pattern in Kubernetes. Many organizations deploy Kubernetes-as-a-Service, where one cluster houses many tenants and workloads. This pattern might sound familiar, as cloud computing services like AWS, Azure, and GCP have enabled multiple customers (tenants) to run their business-critical workloads in a single cluster for years.

As gaming grows in stature in the lives of Americans during the pandemic, it has highlighted the extraordinary grip that two of the four tech companies under investigation have over the white-hot industry.

In general I dislike operating load balancers and IP multicast: I’m a network engineer. Load balancers and IP multicast are very complicated, have a large amount of state, and they are hard to understand and debug.

One of the “fathers of the internet,” Vint Cerf, in a September 2019 article he published, said: “Today, hackers routinely break into online accounts and divert users to fake or compromised websites. We constantly need to create new security measures to address them. To date, much of the internet security innovation we’ve seen revolves around verifying and securing the identities of people and organizations online.”

Quantum computing, which exploits the entanglement of particles that so infuriated Einstein (“spooky action at a distance”), is not a receding mirage like cold fusion, feasible in theory but not in prac­tice. It is already with us as Google, IBM, IonQ, Rigetti, and Honey­well have assembled working specimens of suitably otherworldly appearance.

According to interviews with several sources, this hybrid phishing gang has a remarkably high success rate, and operates primarily through paid requests or “bounties,” where customers seeking access to specific companies or accounts can hire them to target employees working remotely at home.

The SOLID Principles are five principles of Object-Oriented class design. They are a set of rules and best practices to follow while designing a class structure.

On August 15th the NSA and FBI published a joint security alert containing details about a previously undisclosed Russian malware.

In its 2020 Data Breach Investigations Report (DBIR), for instance, Verizon Enterprise found that more than half of large organizations took days or even months to detect a security incident. Such dwell time gave attackers all they needed to move throughout an infected network and exfiltrate sensitive data. The finding shared above raises an important question: h

The B-17 could roar through angry squalls of shrapnel and bullets, emerging pockmarked but still airworthy. It was a symbol of American ingenuity, held aloft by four engines, bristling with a dozen machine guns.

Information security should be at the heart of every system launched. In accordance with the Federal Information Security Management Act (FISMA), an information technology system is granted an Authority to Operate (ATO) after passing a risk-based cybersecurity assessment.