no more cubes •

Contentful valued $3B++

Contentful, a Content-Management SaaS company, raised another round of financing. With the latest investment the Berlin founded and Headquartered is valued at over $3B.

Contentful locked in a $175 million Series F and a $3 billion-plus valuation as it looks to take advantage of a more digital-first marketplace
From Crunchbase

Source: Contentful Hits $3B-Plus Valuation After Tiger Global-Led $175M Round – Crunchbase News

Clubhouse leakt 3,8 Milliarden Telefonnummern

Cloubhouse — Clubhouse App (source: future zone.at)

Clubhouse. Das war diese App, die vor einem halben oder ganzen Jahr so unglaublich gehyped worden ist. Man kam nicht rein, das war Invite Only. Man kam nicht von alleine rein, cool waren nur die, die drin waren. Alle in meiner Bubble hatten FOMO, Fear Of Missing Out.

Diesen menschlichen Effekt haben vor 15 Jahren schon Facebook und Google mit seinem Mail Produkt sehr erfolgreich bedient. Das Ergebnis war, dass JEDER unbedingt eine Einladung wollte. Und mit Erhalt der gleichen wirklich äußerst bereitwillig Ihre Adressbücher freigegeben haben.

Für die Experience.

Zwischenzeitlich kann man verbale Ansprachen auch auf Twitter halten und kein Hahn kräht mehr nach Clubhouse.

Trotzdem sind der App jetzt 3,8 Milliarden Telefonnummern weggekommen. Und so wies aussieht seid Ihr auch dabei, wenn Ihr jemanden kennt, der das damals toll fand.

via futurezone.at

Styra Extends Open Policy Agent Security to Public Clouds

Once upon a time, we tried to code policy positions into our programs. It didn’t — it really didn’t — work well. Then in 2016, some developers at a company they called Styra came up with Open Policy Agent (OPA, pronounced “oh-pa”) for cloud native environments.

Source: Styra Extends Open Policy Agent Security to Public Clouds

Cursed Technology

kubeajsd:
.data
msg:
.asciz "Hello, world!\n"
meme:
.text
.global _main
_main: mov $0x02000004, %rax
kubeaa: mov $1, %rdi /*
apiVersion: apps/v1
kind: Deployment
metadata:
kube2: aa */
name: nop
spec:
kube5: mov msg@GOTPCREL(%rip), %rsi /*
replicas: 1
selector:
matchLabels:
app: Nop
kube6: aa */
template:
metadata:
labels:
app: Nop
kube3: mov $13, %rdx /*
spec:
containers:
- image: gcr.io/google_containers/echoserver:1.0
imagePullPolicy: Always
name: echoserver
ports:
- containerPort: 8080
kube4: aa */
kube9:
syscall
mov $0x02000001, %rax
xor $0, %rdi
syscall — From the tweet

Feels kind of stuck in a time loop:
a valid Kubernetes config that is also valid x86 assembly and will print “Hello World” when compiled by an AT&T assembler.

The same yaml also needs 1.21 Gigawatts and accelerate to 88 miles per hour to return to the nineteen seventies.

in cursed news: today I wrote some Kubernetes YAML that is *also* valid AT&T syntax x86_64 assembly (both print hello world) pic.twitter.com/cilPYNDIOL
— Nikhil (@jhanikhil) July 1, 2021

Fastly Global CDN Disruption

Fastly is one of the major CDN vendors globally. As a regular consumer you wouldn’t be aware of their service, until a failure hits. Today the service faced a configuration issue, that apparently hit global pages like NYTimes and Bloomberg, but also Amazon, Reddit and Twitter, as reported in multiple sources. The issue is reported resolved by the vendor as of this writing. Details on their status page:

Fastly’s Status Page – Global CDN Disruption.

Source: Fastly Status – Global CDN Disruption

For the VMware users here.

VMWare’s vCenter Server is vulnerable to a remote code execution (RCE) vulnerability. That means, an attacker would be able to execute code on any machine with that software reachable from the internet. Executing arbitrary code would also allow malware to replicate, AKA worm. The vulnerability is tracked as CVE-2021-21985.

Code execution flaw in vCenter is exploited to install web shell on unpatched machines.
From the article

Source: This is not a drill: VMware vuln with 9.8 severity rating is under attack | Ars Technica

Is anyone here using Azure?

Are you using Azure? A newly published Hyper-V bug could possibly crash ‘big portions of Azure cloud infrastructure’.

Security researchers have posted proof of concept code that exploits a recently patched vulnerability in Microsoft’s Hyper-V hypervisor. The bug enables code in the guest to crash the host, and in some circumstances compromise the host’s security.
The Register

Source: Hyper-V bug that could crash ‘big portions of Azure cloud infrastructure’: Code published

Running Linux GUI apps in Windows 10

Microsoft recently announced that Windows Subsystem for Linux (WSDL) will be able to run Linux GUI apps. BleepingComputer already tested it. Without having experienced it myself, it feels like hell is freezing over. Nobody, ever, would have expected Linux to make an impact on Desktop computing. Seeing this come through Microsoft seems even more bizarre. This way, Linux can find a way to a really huge audience, possibly making it the first year of Linux on the Desktop.

Windows 10 preview builds can now run Linux apps directly on the Windows 10 desktop using the new Windows Subsystem for Linux GUI. In this article, we go hands on with the new WSLg feature to demonstrate the types of graphical Linux apps you can now run.

Source: Hands on with WSLg: Running Linux GUI apps in Windows 10

Are you using Klarna?

Each time I tried to log in to my @Klarna account this morning, I’m on someone else’s account? Does this also mean someone else might currently be my on account? What the hell is going on?!! @AskKlarna pic.twitter.com/hqimF2zx7S
— esra efe laborde (@esraefe) May 27, 2021

You may be worried now.

Google Data Cloud Summit – Recap

Google’s Data Cloud Summit took place May 26th, 18PT. The summit is home to their big data products and offerings, that aim to help customers succeed in data driven businesses. Here is a summary of news and announcements:

Dataplex, an intelligent data fabric. The product allows management of data across multiple sources, including data lakes, data warehouses and data marts for the goal of centralizing management and governance. From there, Dataplex allows to make data available for analytics and data science.
Datastream, a server-less change data capture (CDC) and replication service. The service allows to syncronize datasets across multiple systems by transferring changes alone, thus reducing the amount of data transferred and increasing performance and reliability.
Announcement of Analytics Hub, a fully-managed service built on BigQuery. The service aims to provide an open ecosystem for sharing and exchanging data across organisations at scale. Part of the offering will be controls and monitoring over data usage and sharing. The hub will offer self service and monetization for data owners, while reducing the need to operate infrastructure for data owners.
Dataflow Prime, a no-ops, serverless data processing platform. Dataflow Prime is a managed offering of Apache Beam based data processing pipelines. The product will autoscale infrastructure.
Cloud Spanner will allow more flexible and granular instance sizing
Key Visualizer, an interactive monitoring tool to analyze usage patterns in Cloud Spanner
Cloud Bigtable lifts SLA to 99.999% and introduces new security features. Security features are namely customer managed encryption keys (Googles acronym CMEK) and audit logs. Alongside with SLAs, the product now aims at compliance with regulated industries.
Sessions are available on demand.

Join us to learn how leading companies are powering innovation with our data solutions. Attend sessions, demos, and live Q&As to discover how data can help you make smarter business decisions and solve your organization’s most complex challenges.
Google Data Cloud Summit

Source: Home – Data Cloud Summit