March 12, 2013
By George Patterson
Last week I had the opportunity to attend the Large Scale Production Engineering meet up group at Yahoo’s office in Sunnyvale. The group meets monthly to discuss various technologies related to running large production environments. This past week the topic was dynamic scaling, with presentations from Coburn Watson of Netflix, Aren Sandersen of Pintrest, and Sebastian Stadil of Scalr.
Over the past few years, it’s been really exciting to see how a number of companies have started utilizing cloud providers for ...
March 6, 2013
By Frank Denis
Cryptography is hard. Hard to design, hard to implement, hard to use, and hard to get right.
Modern and well-studied ciphers rely on intractable problems and are believed to have a very high security margin, even in a post-quantum world.
But the cipher is rarely the weakest link in an application using cryptography. No matter how secure a function is, its security can be totally destroyed by a tiny weakness in its implementation or by using it incorrectly. And an application using cryptography has to ...
March 1, 2013
By OpenDNS Security Research
Editor’s Note: This post is a collaboration between security researcher Dhia Mahjoub and OpenDNS IT Pro Owen Lystrup.
Crowds of security enthusiasts and vendors have descended upon San Francisco once again this week for the RSA conference, and the security community’s off-RSA event, BSidesSF.
RSA and BSides both provide an opportunity to survey the security scene, but while one can run a marathon of booth demos, keynote speeches, and after-parties at RSA, BSidesSF is a great way to meet the key players ...
February 27, 2013
By OpenDNS Security Research
With good reason, the Mandiant report on Advanced Persistent Threat 1 (APT1) and reported operator Chinese PLA Unit 61398 (nicknamed Comment Crew) have been dominating recent news cycles.
A recent New York Times article reported that,“While Comment Crew has drained terabytes of data from companies like Coca-Cola, increasingly its focus is on companies involved in the critical infrastructure of the United States — its electrical power grid, gas lines and waterworks. According to the security researchers, one target was a company with remote ...