Article Roundup - January 4, 2019
This is an interesting exercise in iterators, generators, and general data structures and is worth a read. The methods shown in the article have their limitations, but it is pretty cool to see everything put together.
EU to fund bug bounty programs for 14 open source projects starting January 2019
The European Union is helping to fund bug bounty programs for 7-zip, Apache Kafka, Apache Tomcat, Digital Signature Services (DSS), Drupal, Filezilla, FLUX TL, the GNU C Library (glibc), KeePass, midPoint, Notepad++, PuTTY, the Symfony PHP framework, VLC Media Player, and WSO2. This isn’t the first time that the EU has supported bug bounty programs for open source projects, but I am glad to see it continuing. It’s also interesting to see the projects they are supporting because it means they are of some importance to the EU.
Netflix Information Security: Preventing Credential Compromise in AWS
An attacker compromising credentials in your application’s infrastructure can be a nightmare, so it is a good idea to try and prevent that wherever possible. Wouldn’t it be great if they couldn’t use those credentials, even if they had them? This article walks through a few ways to prevent credentials from being compromised.
Netflix OSS and Spring Boot — Coming Full Circle
Several years ago Netflix built and open sourced solutions to provide load balancing, service discovery, and fault tolerance in their Java services. Netflix has made the decision to move from those custom solutions to using Spring Boot. Initially, Spring didn’t meet Netflix’s requirements, but in the last several years Netflix says:
Fast forward to 2018, the Spring product has evolved and expanded to meet all of these requirements, some through the usage and adaptation of Netflix’s very own software! In addition, community solutions have evolved beyond Netflix’s original needs. Spring provides great experiences for data access (spring-data), complex security management (spring-security), integration with cloud providers (spring-cloud-aws), and many many more.
Netflix has partnered with Pivotal, Spring’s sponsor, to make the transition.