Technology Short Take 136

Welcome to Technology Short Take #136, the first Short Take of 2021! The content this time around seems to be a bit more security-focused, but I’ve still managed to include a few links in other areas. Here’s hoping you find something useful!

Networking

  • Jason Eckert provides an introduction to using WireGuard for VPN connectivity.
  • Who else knew that HAProxy could route SSH connections?
  • This article by Joshua Fox outlines how and when to use each of the various types of firewalls offered by AWS.
  • Rory McCune points out that Kubernetes is a router, and users should not rely on the fact that pods are not accessible from the outside by default as any form of a security barrier.

Servers/Hardware

  • Thinking of buying an M1-powered Mac? You may find this list helpful.

Security

  • UEFI implants and executable PNGs? The (computing) world is getting to be a scary place, my friends. Compute safely.
  • Scott Piper shares some lesser-known techniques for attacking AWS environments.
  • The popular open source cryptography library known as Bouncy Castle has uncovered a severe authentication bypass vulnerability. More details are available in this article.
  • From early December 2020, there’s also this reminder about the security updates released by VMware to address a zero-day vulnerability in several products.
  • Teri Radichel discusses why encryption at rest isn’t necessarily a silver bullet.
  • Dark Reading shares some additional details on the SolarWinds attack.

Cloud Computing/Cloud Management

  • Want to enable logging in every AWS service that exists (as of 2021)? Matt Fuller has you covered.
  • Kief Morris walks readers through why pull requests are not necessary with your team. Although written with infrastructure as code in mind, conceivably his arguments could be applied to other environments as well.
  • Heidi Howard and Ittai Abraham illustrate some of the challenges of the Raft consensus protocol when there is a network partition.
  • Cormac Hogan shares some lessons learned using a Kubernetes Operator to query vSphere resources.
  • Wasmer, a WebAssembly runtime, recently hit 1.0.

Operating Systems/Applications

  • Here’s an explanation on including the Origin header with curl.
  • Ryan Blunden has authored a fairly comprehensive piece on environment variables in Linux and macOS.
  • I found this article on systemd-resolved, split DNS, and VPN configuration to be rather helpful.
  • Linux may be coming to the Apple M1 chip.
  • And speaking of the Apple M1 chip, Ernie Smith shares how he managed to “break” his M1-powered Mac using Dropbox.
  • Here are five lines that should—according to the author—get included in your .vimrc configuration file.
  • After reading this article, I learned two things. First, that there is a CLI for Microsoft 365. Second, that you can run this CLI in a Docker container. Well, there you go.

Career/Soft Skills

  • Have you ever accidentally supported one of these myths of IT?

That’s it this time around! If you have any questions, comments, or corrections, feel free to contact me. I’m a regular visitor to the Kubernetes Slack instance, or you can just hit me on Twitter. Thanks!

Discover more from UBERCLOUD

Subscribe now to keep reading and get access to the full archive.

Continue reading