no more cubes •

Fastly Global CDN Disruption

Fastly is one of the major CDN vendors globally. As a regular consumer you wouldn’t be aware of their service, until a failure hits. Today the service faced a configuration issue, that apparently hit global pages like NYTimes and Bloomberg, but also Amazon, Reddit and Twitter, as reported in multiple sources. The issue is reported resolved by the vendor as of this writing. Details on their status page:

Fastly’s Status Page – Global CDN Disruption.

Source: Fastly Status – Global CDN Disruption

For the VMware users here.

VMWare’s vCenter Server is vulnerable to a remote code execution (RCE) vulnerability. That means, an attacker would be able to execute code on any machine with that software reachable from the internet. Executing arbitrary code would also allow malware to replicate, AKA worm. The vulnerability is tracked as CVE-2021-21985.

Code execution flaw in vCenter is exploited to install web shell on unpatched machines.
From the article

Source: This is not a drill: VMware vuln with 9.8 severity rating is under attack | Ars Technica

Is anyone here using Azure?

Are you using Azure? A newly published Hyper-V bug could possibly crash ‘big portions of Azure cloud infrastructure’.

Security researchers have posted proof of concept code that exploits a recently patched vulnerability in Microsoft’s Hyper-V hypervisor. The bug enables code in the guest to crash the host, and in some circumstances compromise the host’s security.
The Register

Source: Hyper-V bug that could crash ‘big portions of Azure cloud infrastructure’: Code published

Running Linux GUI apps in Windows 10

Microsoft recently announced that Windows Subsystem for Linux (WSDL) will be able to run Linux GUI apps. BleepingComputer already tested it. Without having experienced it myself, it feels like hell is freezing over. Nobody, ever, would have expected Linux to make an impact on Desktop computing. Seeing this come through Microsoft seems even more bizarre. This way, Linux can find a way to a really huge audience, possibly making it the first year of Linux on the Desktop.

Windows 10 preview builds can now run Linux apps directly on the Windows 10 desktop using the new Windows Subsystem for Linux GUI. In this article, we go hands on with the new WSLg feature to demonstrate the types of graphical Linux apps you can now run.

Source: Hands on with WSLg: Running Linux GUI apps in Windows 10

Are you using Klarna?

Each time I tried to log in to my @Klarna account this morning, I’m on someone else’s account? Does this also mean someone else might currently be my on account? What the hell is going on?!! @AskKlarna pic.twitter.com/hqimF2zx7S
— esra efe laborde (@esraefe) May 27, 2021

You may be worried now.

Google Data Cloud Summit – Recap

Google’s Data Cloud Summit took place May 26th, 18PT. The summit is home to their big data products and offerings, that aim to help customers succeed in data driven businesses. Here is a summary of news and announcements:

Dataplex, an intelligent data fabric. The product allows management of data across multiple sources, including data lakes, data warehouses and data marts for the goal of centralizing management and governance. From there, Dataplex allows to make data available for analytics and data science.
Datastream, a server-less change data capture (CDC) and replication service. The service allows to syncronize datasets across multiple systems by transferring changes alone, thus reducing the amount of data transferred and increasing performance and reliability.
Announcement of Analytics Hub, a fully-managed service built on BigQuery. The service aims to provide an open ecosystem for sharing and exchanging data across organisations at scale. Part of the offering will be controls and monitoring over data usage and sharing. The hub will offer self service and monetization for data owners, while reducing the need to operate infrastructure for data owners.
Dataflow Prime, a no-ops, serverless data processing platform. Dataflow Prime is a managed offering of Apache Beam based data processing pipelines. The product will autoscale infrastructure.
Cloud Spanner will allow more flexible and granular instance sizing
Key Visualizer, an interactive monitoring tool to analyze usage patterns in Cloud Spanner
Cloud Bigtable lifts SLA to 99.999% and introduces new security features. Security features are namely customer managed encryption keys (Googles acronym CMEK) and audit logs. Alongside with SLAs, the product now aims at compliance with regulated industries.
Sessions are available on demand.

Join us to learn how leading companies are powering innovation with our data solutions. Attend sessions, demos, and live Q&As to discover how data can help you make smarter business decisions and solve your organization’s most complex challenges.
Google Data Cloud Summit

Source: Home – Data Cloud Summit

Privacy on the Net

As advertised by Apple. The company introduced a feature called “App tracking transparency”, that defaults to “do not allow tracking” as of version 14.5, that was released earlier this year. The feature allows device-owners to control which apps can track user behaviour across multiple websites.

Apple App Tracking Transparency Ad

Reality is more complex, as always, but it’s still a great ad.

Amazon Buys MGM Studios

MGM Logo

Apple will regret they didn’t snap up MGM. Today Amazon buys MGM Studios for US$9 billion. There are only few other content outlets of this quality, and prices for all others will go up.

Amazon now owns James Bond **Photo: Mladen Antonov/AFP (Getty Images)**

It’s official folks— Jeff Bezos now owns James Bond . After murmurs earlier this week, Amazon announced today that it had acquired MGM in an $8.45 billion deal that will bolster the e-commerce giant’s Hollywood ambitions.
Gizmodo on Amazon buying MGM

Source: Amazon Buys MGM Studios for $9 Billion

The news also appeared on lots of other channels, like The Verge or TechCrunch.

Snap acquires WaveOptics

Snap acquires AR display supplier behind its new Spectacles for $500 million

Source: Snap acquires AR display supplier behind its new Spectacles for $500 million – Protocol — The people, power and politics of tech

Styra Raises $40 Million in Series B

The company behind Open Policy Agent, Styra, announced they raised $40 Million in funding today. The software, OPA for short, is capable of controlling access and managing authorization in complex environments. Among others, it comes with integration for Kubernetes environments, and allows to centrally control multiple aspects of access control.

Styra has raised a $40 million Series B funding round to continue driving the reinvention of policy and authorization for cloud-native applications.

Source: Styra Raises $40 Million in Series B Funding to Drive Access, Security and Compliance in Cloud-Native Applications