BT

Bootable Apps for Immutable Infrastructure and Security

by Manuel Pais on  Mar 15, 2016

Axel Fontaine on the "Bootable App" pattern, a bare bones machine image for deploying immutable infrastructure to the cloud. This minimal image covers all layers of the stack, including OS kernel, libraries and runtime environment but still has a small footprint, reducing both image upload time and storage costs while also significantly reducing the attack surface on running instances.

New Security Capabilities Available in Azure Operations Management Suite

by Kent Weare on  Mar 13, 2016

On February 25th, 2016 Microsoft announced updates to their Operations Management Suite (OMS). The updates, in this particular iteration of the service, are focused on the security and audit portions of the suite and target the user experience, additional capabilities and features.

All Things Containers From Solaris Zones to Docker

by Rags Srinivas on  Mar 07, 2016

InfoQ's Rags Srinivas caught up with Bryan Cantrill a day after the Containers Summit at New York City and discussed all things containers from Solaris Zones to Docker.

Apple, FBI Testify before Congress

by Alex Blewitt on  Mar 01, 2016

Apple and the FBI have appeared before the House Committee on the Judiciary Hearings to argue over the legalities of whether Apple should be compelled to create an insecure version of iOS to allow the FBI to break into a suspect's phone. InfoQ has been watching the live video stream and summarises the outcome.

Apple Defends Encryption with TV Interview, Files Counter Lawsuit

by Alex Blewitt on  Feb 26, 2016

Apple has responded to questions raised about its stance with the FBI and CEO Tim Cook has appeared on live TV to defend Apple's stance. They have now filed a lawsuit to have the FBI's case dismissed. InfoQ updates you with the latest on the subject.

Apple Backdoor iOS Case Develops

by Alex Blewitt on  Feb 20, 2016 1

Apple continues to resist providing a backdoored version of iOS for the FBI, while technology companies come out in support of Apple's stance. Political candidates capitalise on the stance leading to polarised advice. InfoQ provides an update to the situation as it currently stands.

Remotely Exploitable GlibC DNS Bug Discovered

by Alex Blewitt on  Feb 17, 2016 1

A recently discovered buffer overflow in the DNS resolution of GLibC, which has been present since 2008, has the potential to be remotely exploitable and crash a significant number of Linux applications. InfoQ investigates.

Building an Agile Organization Using Business Mapping

by Ben Linders on  Feb 04, 2016

Dan North gave a talk about business mapping at the Scaling Agile for the Enterprise 2016 congress in Brussels. InfoQ interviewed him about the problems that he sees from a business perspective when the IT part of an organization adopts agile, and asked him what business mapping is and how it can help organizations to increase their agility.

Secrets Management with Chef-Vault

by João Miranda on  Jan 31, 2016

Secret management is a difficult problem in a distributed and scalable environment. Chef-vault is a Chef tool built on top of encrypted data bags that eliminates the need to share the decryption key with all users and nodes of an infrastructure.

Oracle to Deprecate Java Browser Plugin in 2017

by Charles Humble on  Jan 28, 2016

Oracle has announced that it will deprecate the Java browser plugin as part of the JDK 9 release now expected in 2017. The deprecated technology will be completely removed from the Oracle Java Development Kit (JDK) and Java Runtime Environment (JRE) in a future Java release, but Oracle is yet to indicate which one.

Critical Bug Affects OpenSSH Users

by Jeff Martin on  Jan 16, 2016

A critical bug has been revealed that affects users running OpenSSH. The bug affects both the OpenBSD specific version and the portable version used on Linux and several other operating systems. Patches and mitigations are available now.

Startup Afero Platform Addresses Internet of Things Communications Security

by Kevin Farnham on  Jan 13, 2016

Tech startup Afero has launched a new platform that addresses both hardware and software necessities for securely connecting the internet of things (IoT). The platform interfaces IoT devices with a secure Bluetooth smart module, which communicates with a mobile phone that interfaces with the Afero cloud. All communications between the Bluetooth smart module node and the cloud are encrypted.

AVG Plugin Exposes Chrome User Data

by Jeff Martin on  Dec 31, 2015

Anti-virus software vendor AVG has produced a plugin for Google Chrome that negates that browser's security settings, leaving users at risk of having their information stolen or possibly having their system compromised.

Clair Helps Secure Docker Images

by Manuel Pais on  Dec 30, 2015

Clair is an open-source container vulnerability scanner recently released by CoreOs. The tool cross-checks if a Docker image's operating system and any of its installed packages match any known insecure package versions. The vulnerabilities are fetched from OS-specific common vulnerabilities and exposures databases. Currently supported are Red Hat, Ubuntu, and Debian.

Postponing the Retirement of SHA-1

by Jeff Martin on  Dec 29, 2015

The need to retire SHA-1 faces obstacles with the access needs of users who have yet to upgrade. Facebook, Twitter, and CloudFlare have proposed an interim solution for users of these legacy devices.

General Feedback
Bugs
Advertising
Editorial
Marketing
InfoQ.com and all content copyright © 2006-2016 C4Media Inc. InfoQ.com hosted at Contegix, the best ISP we've ever worked with.
Privacy policy
BT