In part 1 of this series of blog posts, we talked about how the choice between NoSQL and SQL databases is bound to the core design of the application and I promised to get deeper into what this means. We started by looking into how support for a flexible schema is both advantageous and challenging. In this post, I will discuss CAP theorem and explain how it affects both the choice of the database technology and the application logic. Understanding CAP theorem and its implications is very important in designing a distributed system.
In my previous post I advocated reducing the security perimeter to the smallest possible size – because perimeter based security is often not enough, the slightest ‘hole’ in the perimeter allows attackers to get in. […]
At Irdeto we have been working with AWS for some time. Our standard deployments are on AWS and this has led to improved visibility on costs. Of course, once you have that visibility there is always […]
Hosting a Java application in Docker is relatively easy and described in many howtos and tutorials. But what they don’t tell us is how to run Java inside Docker in production… Let me explain.
I recall in early 2000’s having a debate with a security expert about firewalls, at the time they were advocating the firewall model was fundamentally broken! Their argument was if any traffic could get through, in any direction, for any purpose, bad guys could figure out how to use it to exploit the system. I disagreed, believing the ‘new’ filtering technology would be able to stop them, I was wrong.
When choosing the database technology for an application, the most important question is whether to stick with the good old SQL databases, or follow the trend and choose NoSQL. The answer to this question is not as easy as the names (SQL or not) suggest. There are lots of checklists out there trying to help you make the right choice, and they are very helpful for quickly shaping our minds around the topic. However, in my experience, this is more than a checklist topic, rather you need a deep understanding of both technologies. If you are from same era as I am, you have received education or gained experience with SQL databases, probably with none or little knowledge of NoSQL databases. For us, data manipulation and storage have always been tied to relational models, until we heard about the seemingly opposite word of NoSQL. It is just natural to first grasp the new concept in the same light as the old model with supposedly the biggest difference to be ‘not having strict schema’, which sounds just like what we needed. However, there is a lot more to it. We need to dive beyond the shape of stored data or the retrieval options such as ‘to JOIN or not’.
AVTest.org produced their annual malware report recently and it’s interesting reading. It charts of picture of an active battle between attackers trying to make money and defenders who are fighting to keep up. The headlines of the report show malware authors are moving away from just targeting Windows PC’s and intro Macs, Linux (often in iOT) and Android.
More and more security companies are including “white-box cryptography” in their product offerings. This is more than buzzword compliance; it’s a recognition that white-box attacks are real, and that the implementation of a cryptographic algorithm is as important as the algorithm itself.
In May Tim Charman and Ben Gidley presented a talk at CodeMotion in Amsterdam showing how you can use obfuscation, whitebox and integrity verification to secure communications from the browser even in the case of […]
The recent ransomware attacks have focused lots of minds on cyber security, however many of the solutions being proposed are little more than sticking plasters to the larger underlying issue – namely systems are not secure by default. The ‘trend’ in software has been to launch it, then fix it. This is a very attractive proposition for businesses, as it lets them discover the ideas that work and don’t work, and then iteratively improve them. Most of the gadgets we use in our lives today would not exist without this mentality. However, the dark side of this approach is that almost all software is not secure. The evidence shows that pretty much every system deployed has security flaws. The only question is who finds the flaws first – bad people or good people.