Is anyone here using Azure?

Are you using Azure? A newly published Hyper-V bug could possibly crash ‘big portions of Azure cloud infrastructure’.

Security researchers have posted proof of concept code that exploits a recently patched vulnerability in Microsoft’s Hyper-V hypervisor. The bug enables code in the guest to crash the host, and in some circumstances compromise the host’s security.

The Register

Source: Hyper-V bug that could crash ‘big portions of Azure cloud infrastructure’: Code published

Google Data Cloud Summit – Recap

Google’s Data Cloud Summit took place May 26th, 18PT. The summit is home to their big data products and offerings, that aim to help customers succeed in data driven businesses. Here is a summary of news and announcements:

  • Dataplex, an intelligent data fabric. The product allows management of data across multiple sources, including data lakes, data warehouses and data marts for the goal of centralizing management and governance. From there, Dataplex allows to make data available for analytics and data science.
  • Datastream, a server-less change data capture (CDC) and replication service. The service allows to syncronize datasets across multiple systems by transferring changes alone, thus reducing the amount of data transferred and increasing performance and reliability.
  • Announcement of Analytics Hub, a fully-managed service built on BigQuery. The service aims to provide an open ecosystem for sharing and exchanging data across organisations at scale. Part of the offering will be controls and monitoring over data usage and sharing. The hub will offer self service and monetization for data owners, while reducing the need to operate infrastructure for data owners.
  • Dataflow Prime, a no-ops, serverless data processing platform. Dataflow Prime is a managed offering of Apache Beam based data processing pipelines. The product will autoscale infrastructure.
  • Cloud Spanner will allow more flexible and granular instance sizing
  • Key Visualizer, an interactive monitoring tool to analyze usage patterns in Cloud Spanner
  • Cloud Bigtable lifts SLA to 99.999% and introduces new security features. Security features are namely customer managed encryption keys (Googles acronym CMEK) and audit logs. Alongside with SLAs, the product now aims at compliance with regulated industries.
  • Sessions are available on demand
Google Data Cloud Summit

Join us to learn how leading companies are powering innovation with our data solutions. Attend sessions, demos, and live Q&As to discover how data can help you make smarter business decisions and solve your organization’s most complex challenges.

Google Data Cloud Summit

Source: Home – Data Cloud Summit

Multiplayer Doom on Cloudflare Workers

“Does it run Doom?” is the ultimate nerd test for technology. CloudFlare passed today running multiplayer Doom on their edge worker network:

So, if a developer wants to run their next hit, say a real-time multiplayer game, using nothing but their app and Workers, without any servers or traditional infrastructure, can they? Let’s prove they can. Here’s Doom Multiplayer running on top of Cloudflare Workers.

Source: Multiplayer Doom on Cloudflare Workers

New Splunk Observability Cloud

Splunk announced beta availability of their new Observability Cloud at last years .conf20 already. The product became GA this week and offers Infrastructure Monitoring, Application Performance Monitoring, a Log Observer, Real User Monitoring (RUM), Synthetic Monitoring and On-Call for incident response and collaboration:

Image from the announcement

Announcing the new Splunk Observability Cloud, bringing together the world’s best-in-class solutions for infrastructure monitoring, application performance management, digital experience monitoring, synthetic monitoring, log investigation and incident response.

Source: Conquer Complexity at Any Scale With the New Splunk Observability Cloud | Splunk

That makes a total of 3 clouds in Splunk’s portfolio, notes ConstellationR’s Holger Müller:

Django Model-Owner

The option to make a model owned by a user is actually documented for the Django Admin app. However, for reference, here are the steps:

First, the model you want to have an owner needs to reference “User” as a foreign key: (in models.py)

class Website(models.Model):
    submitted_by = models.ForeignKey(User, on_delete=models.CASCADE)
    url = models.URLField()

Provided you want to use this model in Django-Admin, there is an explicit method the app provides when defining admin models: (in admin.py)

@admin.register(Website)
class WebsiteAdmin(ModelAdmin):
    model = Website
    list_display = ('url', )
    exclude = ('submitted_by', )

    def save_model(self, request, obj, form, change):
      if not change:
        # only add owner if not changed object
        obj.owner = request.user
      super().save_model(request, obj, form, change)

A heads-up: Django documentation is explicit that both save_model and delete_model have to call the corresponding super()-method in order to actually save the modified model. Reasoning here is these methods are meant to interact with the process and add extra steps, they are not meant to veto.

Additional thoughts: For a model having an owner is really convenient in plenty of situations, in particular when managing permission. The field can e.g. be matched when viewing details of an object.

There are other, potentially more flexible approaches to the problem. In particular when solving in custom views, the field has to be set manually. The same is true when using more complete solutions like “django-guardian”.

Auth0: Log in to BTP with your social accounts.

BTP Trial

The recent acquisition of Okta (Auth0) caught my attention. Until last week, I didn’t know Auth0 beyond the libraries they provide for JWT. Upon further investigation, I was pleasantly surprised to discover that they are a company that was born in Argentina in 2013 and that their founders are passionate developers (When was the last time you saw a CEO of a $6.5B company pushing his codes to Github and blogging about his hobbyist Arduino projects?

Source: Auth0: Log in to BTP with your social accounts.

DuckDuckGo calls out Google for spying on users.

When Apple introduced labels in their app store to indicate which data an app would link to user information it created transparency for many. Only Google seemed to stop on moving forward and did not publish new versions of its apps. Until recently. Now that they are updated, DuckDuckGo, a search engine advocating privacy in the digital age, calls out the abundant use of personal data.