I’ve recently seen a number of articles on the internet regarding products related to hyperconvergence - but after reading them, I still had no idea what hyperconvergence was. I therefore did some research and made a few notes.
According to the TIOBE 2018 list, the four most popular programming languages are:
I’ve used the top three for many many years. However until now I have not got around to looking seriously at the fourth (just the occasional dabbling). In the final months of 2018, I finally got serious about Python - and here are some notes I made about:
One of the nice things about Python is the huge amount of helpful information available on the internet (ie the active community). One of the ugly things about Python is the huge amount of poor-quality information available on the internet :-). I’ll let you judge which category my articles fall into …
BTW, I do have my doubts about the TIOBE index: it is hard to believe that Delphi/Object Pascal is really on the rise (from 16th last year to 12th this year)!
(Languages next on my list: Lua, Rust, Kotlin, and Julia)
In 2017, a large amount of data was stolen from Equifax, a US-based company specializing in online creditworthiness checks. In September 2018, a report on the issue from the US Goverment Accountability Office (GAO) was finally released.
One good news article on the subject is from The Register. It is typical in that the emphasis is placed on two issues:
The failure of a system-monitoring tool to detect unusual behaviour within the company network, due to an expired SSL cert.
The failure of internal processes intended to detect software packages with known security holes (Struts in this case)
In 2018 I have been involved in a number of datawarehousing projects, and did a lot of background reading on the topic. I have now written a series of articles summarizing the information I have read, together with my own thoughts on the topic:
Managing passwords is one of the less pleasant parts of modern computing. I recently discovered the Bitwarden password manager, which has a very nice feature-set and good security design. The most interesting features are:
data encrypted on client; server never has access to passwords or the URLs they are associated with
passwords can be sharing between accounts
all code is open-source
You can use the official hosted service (free for individual accounts, very reasonable pricing for teams), or host your own server for free.
As I wrote in my recent look at the Yubikey, it seemed to me that the rather primitive approach to backups taken by the Yubikey so far was just not going to be sufficient for the FIDO2/WebAuthn world, where the number of distinct credentials is going to be far larger.
Now that the Yubikey5 is out, with support for FIDO2/WebAuthn, I checked their documentation again - but couldn’t find any updated recommendations. As there is no apparent customer forum, I filed a support ticket asking about this. Unfortunately, the response was disappointing.