Show Notes: techsnap.systems/409

The post Privacy Perspectives | TechSNAP 409 first appeared on Jupiter Broadcasting.

RSS Feeds:

HD Video Feed | MP3 Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Revamp of ‘Pwned Passwords’ Boosts Privacy and Size of Database

In V2 of Pwned Passwords, launched last week, Hunt updated his password data set from 320 million passwords to 501 million new passwords, pulled from almost 3,000 breaches over the past year.

• AgileBits Blog | Finding Pwned Passwords with 1Password

First, 1Password hashes your password using SHA-1. But sending that full SHA-1 hash to the server would provide too much information and could allow someone to reconstruct your original password. Instead, Troy’s new service only requires the first five characters of the 40-character hash.

• Troy Hunt: I’ve Just Added 2,844 New Data Breaches With 80M Records To Have I Been Pwned

tl;dr – a collection of nearly 3k alleged data breaches has appeared with a bunch of data already proven legitimate from previous incidents, but also tens of millions of addresses that haven’t been seen in HIBP before. Those 80M records are now searchable

Apple’s China data migration includes iCloud keys, making data requests easier for authorities

Now, according to Apple, for the first time the company will store the keys for Chinese iCloud accounts in China itself. That means Chinese authorities will no longer have to use the U.S. courts to seek information on iCloud users and can instead use their own legal system to ask Apple to hand over iCloud data for Chinese users, legal experts said.

• Microsoft’s Big Email Privacy Case Heads to the Supreme Court Tomorrow

Researchers Propose Improved Private Web Browsing System

In a paper (PDF) describing Veil, Frank Wang – MIT Computer Science and Artificial Intelligence Laboratory (CSAIL), Nickolai Zeldovich – MIT CSAIL, and James Mickens – Harvard, explain that the system is meant to prevent information leaks “through the file system, the browser cache, the DNS cache, and on-disk reflections of RAM such as the swap file.”

• Your private browsing isn’t as incognito as you want it to be

Nearly 8,000 Security Flaws Did Not Receive a CVE ID in 2017

A record-breaking number of 20,832 vulnerabilities have been discovered in 2017 but only 12,932 of these received an official CVE identifier last year, a Risk Based Security (RBS) report reveals.

What is Serverless Architecture? What are its criticisms and drawbacks?

Serverless architectures refer to applications that significantly depend on third-party services (knows as Backend as a Service or “BaaS”) or on custom code that’s run in ephemeral containers (Function as a Service or “FaaS”), the best known vendor host of which currently is AWS Lambda.

The big promise:

• NO SERVER MANAGEMENT

There is no need to provision or maintain any servers. There is no software or runtime to install, maintain, or administer.
FLEXIBLE SCALING

Your application can be scaled automatically or by adjusting its capacity through toggling the units of consumption (e.g. throughput, memory) rather than units of individual servers.

• HIGH AVAILABILITY

Serverless applications have built-in availability and fault tolerance. You don’t need to architect for these capabilities since the services running the application provide them by default.

• NO IDLE CAPACITY

You don’t have to pay for idle capacity. There is no need to pre- or over-provision capacity for things like compute and storage. For example, there is no charge when your code is not running.

Develop, test and deploy in a single environment, to any cloud provider. You don’t have to provision infrastructure or worry about scale. Serverless teams cut time to market in half.

• Maybe the ultimate layer of abstraction.
• Your not paying for un-utilized hardware/server time
• The vendor, like Amazon, is patching/maintaining the server base for you. Removing the developer from the process.
• Traditional server management roles may start to transition to service management, configuration, and manage all the abstractions AWS gives you. IE the admins role goes from one wrangeling the operating system, to wrangling layers of abstraction and independent services.

The big constraint:

• No local disk, you send data in, and data comes out.
• Not ideal for ongoing workloads.

The big secure:

• Serverless Security: What’s Left to Protect?

Open Source FaaS:

• OpenFaaS – Serverless Functions Made Simple

Serverless Functions Made Simple for Docker and Kubernetes

• open-lambda/open-lambda
• Iron.io – DevOps Solutions from Startups to Enterprise
• Apache OpenWhisk is a serverless, open source cloud platform

Feedback

• David’s Drive Tips

• Alex has BIG cloud storage requirements….

The post A Future Without Servers | TechSNAP 358 first appeared on Jupiter Broadcasting.

The Internet is facing its greatest challenge yet, we explain why the fight against online piracy has taken a turn towards Internet censorship.

PLUS – Steam and NASA were hacked this week, find out how bad the fallout is, and why Private browsing mode, might not be that private!

All that and more, on this week’s episode of TechSNAP!

GoDaddy.com Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

  

New special offer:  techsnap11  $1.99 per month Economy Hosting for 3 months! – Expires Dec 31st 2011.

HD Video | Large Video | Mobile Video | MP3 Audio | OGG Audio | YouTube

   
Subscribe via RSS and iTunes:
Subscribe... --RSS-- TechSNAP HD TechSNAP Large TechSNAP Mobile TechSNAP MP3 TechSNAP OGG --iTunes-- TechSNAP iTunes HD TechSNAP iTunes Mobile TechSNAP iTunes Large TechSNAP iTunes MP3
   

Show Notes: