Weekend Reads 102519

Last year, OpenSSL celebrated its 20th birthday. It was born of the earlier SSLeay project, which had begun some years before. The age of the project and the development history over those years evolved into a code base that wasn’t always simple and easy to maintain. —Paul Dale

In August last year, Amazon vowed to move all of its applications off internal Oracle databases and onto various database services running on the Amazon Web Services public cloud. Such projects are very difficult to do, particularly for companies that have applications and databases that have been in the field for one, two, or more decades. —Timothy Prickett Morgan

Glitching (or fault-injection) attacks aren’t easy (yet). But get ready, because as the IoT grows, these attacks will be a big reason that hardware security should be part of your cybersecurity planning. —Curtis Franklin Jr.

A team of German cybersecurity researchers has discovered a new cache poisoning attack against web caching systems that could be used by an attacker to force a targeted website into delivering error pages to most of its visitors instead of legitimate content or resources. —Swati Khandelwal

Conceptually, a cache system always involve at least three participants. With HTTP, these participants are the client, the server, and the caching proxy. —Léo Jacquemin

A new cryptojacking worm, named Graboid, has been spread into more than 2,000 Docker hosts, according to the Unit 42 researchers from Palo Alto Networks. This is the first time such a piece of malware has spread via containers within the Docker Engine (specifically docker-ce). —Jack Wallen

For many years, Chinese users of Apple devices have had a very different experience from non-Chinese users. Chinese users can’t type or see the Taiwanese flag emoji (which has even caused severe bugs in the past)… —Danny O’Brien

Andre Fuetsch, President of AT&T Labs and CTO of AT&T hopes you don’t think that the new 5G internet will just mean more bandwidth. It could also mean that your smartphone will go the way of the calculator, replaced by a wristband or glasses. Put simply, more and more, “Objects become apps.” —Denyse O’Leary

The European Data Protection Supervisor (EDPS) says it has “serious concerns” over Microsoft’s contracts with European Union institutions and their compliance with European data-protection laws. —Liam Tung

A new data analysis by ProPublica and the Urban Institute shows more than half of older U.S. workers are pushed out of longtime jobs before they choose to retire, suffering financial damage that is often irreversible. —Peter Gosselin