Cloud Technology and Security Alert News Digest – Issue #15

Update 2019: We’ve been busy working on some great training content around security, check out the Cloud Academy library to prepare on all-things cloud security.


Privacy and Security in the Cloud

Welcome to the Cloud Technology and Security Alert News Digest. This week we’ll discuss the problem of Internet security along with three possible solutions: a new open certificate authority, premium access, and creating an ultra-private internet of your own. We’ll also take a look at the new trend towards Docker orchestration.

Which Internet do you use?

ZDNet has an interesting article about the many ways that the Internet you experience, to a very large degree, depends on our economic and political class. Lenovo’s recent revelation that they only installed Superfish on “consumer” devices – leaving the browsers of their enterprise customer devices under end-user control – is one more indication that enterprise users enjoy a “premium” Internet. In addition, out of mistrust of the activities of US government spy agencies like the NSA, many nations are now encouraging their technology providers to avoid routing regional online traffic through the US, creating still more variations in online experience.

WordPress plugin vulnerability

Ars Technica (among other sources) reports the existence of a critical vulnerability in the Slimstat 3.9.6 WordPress plugin. This version of Slimstat, which is a very widely used analytics tool, is susceptible to blind SQL injection attacks and should be disabled immediately.

The next big Docker thing: orchestration

ZDNet reports that Docker is successfully moving its container orchestration tools through their beta stage. Docker Machine (which allows you to manage containers spread across multiple platforms and technologies), Docker Swarm (a clustering service), and Docker Compose (a tool for marshaling containers playing disparate roles in a distributed app infrastructure) are the key components of this orchestration initiative. Eventually, Docker plans to fully integrate these tools into Amazon EC2, Microsoft Azure, and other cloud platforms.

If you build a better certificate, will they come?

David Holmes at Security Week writes about a proposed initiative designed to provide a practical alternative to inherently weak self-signed SSL certificates. The existence of such weak certificates lies behind many web vulnerabilities, including Lenovo’s recent SuperFish disaster. The Electronic Frontier Foundation (EFF) has proposed a new open Certificate Authority, called Let’s Encrypt, that will make it simpler and more affordable for smaller web providers to deploy secure services. Holmes, while supportive of the effort, suspects that most of the sites that need it most will probably ignore Let’s Encrypt.

Amazon’s CIA cloud goes operational

Amazon’s AWS has long offered specially secured arrangements for sensitive customers like the US government (GovCloud) and China. Now, according to Cloud Computing News, they’ve moved to a new level entirely. Having won the competition to provide private cloud services to the CIA, AWS has now achieved “final operational capability” and can begin supporting communications between seventeen US intelligence agencies.

Avatar

Written by

David Clinton

A Linux system administrator with twenty years' experience as a high school teacher, David has been around the industry long enough to have witnessed decades of technology trend predictions; most of them turning out to be dead wrong.


Related Posts

Avatar
Walter Stone
— October 10, 2019

8 Surprising Ways Cloud Computing Is Changing Education

Cloud computing: Empowering the education industry Over the years, the education industry has come a long way. Teaching and learning are no longer confined to textbooks and classrooms and now reaches computers and mobile devices. Today, learners are always connected — whether they are ...

Read more
  • Cloud Computing
  • education industry
Avatar
Michael Sheehy
— August 19, 2019

What Exactly Is a Cloud Architect and How Do You Become One?

One of the buzzwords surrounding the cloud that I'm sure you've heard is "Cloud Architect." In this article, I will outline my understanding of what a cloud architect does and I'll analyze the skills and certifications necessary to become one. I will also list some of the types of jobs ...

Read more
  • AWS
  • Cloud Computing
Avatar
Andrew Larkin
— August 7, 2019

Disadvantages of Cloud Computing

If you want to deliver digital services of any kind, you’ll need to estimate all types of resources, not the least of which are CPU, memory, storage, and network connectivity. Which resources you choose for your delivery —  cloud-based or local — is up to you. But you’ll definitely want...

Read more
  • AWS
  • Azure
  • Cloud Computing
  • Google Cloud Platform
Avatar
Adam Hawkins
— June 12, 2019

What is Kubernetes? An Introductory Overview

In part 1 of my webinar series on Kubernetes, I introduced Kubernetes at a high level with hands-on demos aiming to answer the question, "What is Kubernetes?" After polling our audience, we found that most of the webinar attendees had never used Kubernetes before, or had only been expos...

Read more
  • Cloud Computing
  • Kubernetes
Avatar
Scott Huntington
— March 25, 2019

How Does Cloud Computing Work?

Whether you're looking to become a cloud engineer or you're a manager wanting to gain more knowledge, learn the basics of how cloud computing works. Are you wondering about how cloud computing actually works? We can help explain the basic principles behind this technology. Cloud comput...

Read more
  • Cloud Computing
Avatar
Guy Hummel
— March 4, 2019

What is Ansible?

What is Ansible? Ansible is an open-source IT automation engine, which can remove drudgery from your work life, and will also dramatically improve the scalability, consistency, and reliability of your IT environment. We'll start to explore how to automate repetitive system administratio...

Read more
  • Ansible
  • Cloud Computing
Avatar
Cloud Academy Team
— February 11, 2019

What is Puppet? Get Started With Our Course

When it comes to building and configuring IT infrastructure, especially across dozens or even thousands of servers, developers need tools that automate and streamline this process. Enter Puppet, one of the leading DevOps tools for automating delivery and operation of software no matter ...

Read more
  • Cloud Computing
  • Puppet
Avatar
Andrew Larkin
— January 15, 2019

2018 Was a Big Year for Content at Cloud Academy

As Head of Content at Cloud Academy I work closely with our customers and my domain leads to prioritize quarterly content plans that will achieve the best outcomes for our customers. We started 2018 with two content objectives: To show customer teams how to use Cloud Services to solv...

Read more
  • AWS
  • Azure
  • Cloud Computing
  • Google Cloud Platform
Avatar
Cloud Academy Team
— December 21, 2018

2019 Cloud Computing Predictions

2018 was a banner year in cloud computing, with Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) all continuing to launch new and innovative services. We also saw growth among enterprises in the adoption of methodologies supporting the move toward cloud-native...

Read more
  • Cloud Computing
  • Cloud Predictions
Albert Qian
Albert Qian
— August 28, 2018

Introducing Assessment Cycles

Today, cloud technology platforms and best practices around them move faster than ever, resulting in a paradigm shift for how organizations onboard and train their employees. While assessing employee skills on an annual basis might have sufficed a decade ago, the reality is that organiz...

Read more
  • Cloud Computing
  • Product Feature
  • Skill Profiles
Stefano Bellasio
Stefano Bellasio
— July 31, 2018

Cloud Skills: Transforming Your Teams with Technology and Data

How building Cloud Academy helped us understand the challenges of transforming large teams, and how data and planning can help with your cloud transformation. When we started Cloud Academy a few years ago, our founding team knew that cloud was going to be a revolution for the IT indu...

Read more
  • Cloud Computing
  • Skill Profiles
Albert Qian
Albert Qian
— May 23, 2018

Announcing Skill Profiles Beta

Now that you’ve decided to invest in the cloud, one of your chief concerns might be maximizing your investment. With little time to align resources with your vision, how do you objectively know the capabilities of your teams? By partnering with hundreds of enterprise organizations, we’...

Read more
  • Cloud Computing
  • Product Feature
  • Skill Profiles