Connect with us

Technology

Debunking the myths around cloud-native architectures

Voice Of EU

Published

on

Avanade’s Tarun Arora explains what cloud-native engineering is and, more importantly, what it isn’t.

Click here to view the full Cloud Week series.

The move to the cloud has been growing for several years now, but the pandemic has undoubtedly accelerated this trend even further, with cloud market spend reaching new heights last year.

However, while it’s important for companies to embrace this element of digital transformation, they need to have a strong understanding of what cloud-native applications are and how exactly they can be of benefit.

Tarun Arora is the director of engineering and head of app modernisation and cloud transformation at Avanade in Ireland and the UK.

He said that when a new trend emerges every few years, it’s common for organisations to feel the urge to jump on the bandwagon.

“We all witnessed this with agile – organisations adapted their big waterfall processes into iterative design phases and classed themselves as agile.”

‘Cloud-native technologies and human-centric design isn’t just for tech unicorns anymore’
– TARUN ARORA

However, adopting agile processes takes time and careful consideration, just like a migration to the cloud. Arora said in order to understand what cloud native is, it’s important to understand what it isn’t.

“It isn’t running a server in the cloud. Renting a virtual machine from a public cloud provider does not make your infrastructure cloud native. The processes to manage these virtual machines is often no different to managing them if they were in a data centre,” he said.

“It isn’t running a workload in a container. While containerisation offers isolation from the operating system, on its own it causes more overheads than benefits.”

Arora said being cloud native also isn’t just about infrastructure as code, continuous integration or continuous deployment pipelines. “While this is a big step in terms of mindset for the infrastructure team, and can bring huge benefits, it still falls short of being cloud native. Often the use of configuration tools is dependent on humans, which is a huge limitation in terms of scale.”

According to the Cloud Native Computing Foundation, cloud-native technologies empower organisations to build and run scalable applications in modern, dynamic environments, while containers, service meshes, microservices, immutable infrastructure and declarative APIs exemplify this approach.

“Cloud-native architectures are all about dynamism,” said Arora. “This type of application architecture is open and extensible. It can be changed easily and quickly by updating its microservices, and thanks to containers, it can move from cloud to cloud with ease, as well as scale in or out rapidly.”

Creating a human-centric approach

Arora also spoke about the need for a human-centred design when it comes to cloud adoption.

“Systems written in the last decade came with user manuals because they delivered requirements that needed the user to learn the platform before it could be used. Today, we navigate through applications that learn our preferences, allow us to switch between devices offering a seamless uninterrupted experience,” he said.

“The human-centred design comes with an organising strategy to solve problems corresponding to either usability or business conversion or fulfilling the context-based needs.”

The human-centred approach has been widely heralded as the best way to tackle most things, from technology and product design to education and the future of work.

“Businesses are powered by applications and advanced by your ability to simplify the experiences for your users. You have to think a few levels above the platform, think about the user, the user journeys and user interactions,” Arora added.

He said it’s important to think who the users are, what they expect from a product, how they interact with it and whether or not it addresses their needs.

“User experience can’t be an afterthought! Technology leaders often confuse design and user experience with a user interface, often leaving a front-end developer to figure this out,” he said. “Approaching the solution through a design-led thinking approach allows you to put design in the priority for taking control of the user interactions with a digital solution.”

Cloud adoption

Arora said cloud adoption has followed an S-curve, meaning adoption was slow in the early days while businesses learned about its viability. And once that occurred, adoption accelerated dramatically.

“Cloud computing has hit the steep part of the S curve. The significance of this tipping point is profound. The discussion with clients is less about why to use the cloud, but more about how to unlock its full value,” he said.

“Event-driven architectures, cloud-native technologies and human-centric design isn’t just for tech unicorns anymore. Data has truly become the new currency and cloud the means to mine it. As more businesses globally tap into the opportunity the cloud offers, it has become table stakes in any transformation programme.”

Source link

Technology

Apple’s new lockdown mode to protect from spyware such as Pegasus

Voice Of EU

Published

on

Coming to devices this autumn, the new lockdown mode aims to make Apple devices ultra-secure at the expense of functionality.

Apple has developed a new ‘lockdown mode’ for its devices to give extra security to users who are more susceptible to targeted spyware cyberattacks.

Individuals such as journalists, lawyers, government officials and human rights activists have been reportedly targeted by authoritarian governments and criminals using spyware such Pegasus by Israel’s NSO Group or, more recently, Italian spyware Hermit.

The new lockdown mode will be made available on the iPhone, iPad and Mac devices later this year, when Apple – known to make some of the most secure devices and software in the market – is expected to release a suite of software updates.

Apple describes lockdown mode as “an extreme, optional protection for the very small number of users who face grave, targeted threats to their digital security”. Turning it on secures the device’s defences, but comes at the cost of functionality.

Once turned on, lockdown mode blocks most message attachment types other than images and disables features such as link previews. Web browsing technologies such as just-in-time JavaScript compilation are disabled except for sites trusted by the user.

Incoming invitations and service requests, including FaceTime calls, are also blocked if the user has not previously interacted with the person initiating the call or request. Wired connections with a computer or accessory are also blocked when the iPhone is locked.

Lockdown mode is not compatible with the kinds of device management software often used by larger organisations.

“Lockdown mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks,” said Ivan Krstić, Apple’s head of security engineering and architecture.

Krstić noted that the “vast majority of users” will never be victims of highly targeted cyberattacks. But for the ones who may be at risk, Apple will work “tirelessly” to protect them.

“That includes continuing to design defences specifically for these users, as well as supporting researchers and organisations around the world doing critically important work in exposing mercenary companies that create these digital attacks.”

Last November, Apple sued the NSO Group behind Pegasus spyware in a bid to “hold it accountable for the surveillance and targeting of Apple users”, two months after it had to issue an urgent security patch for a Pegasus backdoor on all devices.

NSO Group develops surveillance technology that can be used to track targeted iOS and Android users. It claims its products are only used by government intelligence and law enforcement agencies to prevent and investigate serious crime and terror incidents.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Source link

Continue Reading

Technology

Bridie Connell: the 10 funniest things I have ever seen (on the internet) | Comedy

Voice Of EU

Published

on

Ah, the internet. My reliable friend. I turn to it when I need to smile (cute pet videos), when I need to cry (war veterans being reunited with their kids), and when I need to destroy what’s left of my self-esteem (Instagram). There are plenty of arguments about why life would be better without it, and honestly? It probably would be. But it also wouldn’t be as funny. Here’s a bunch of things from the world wide web that never fail to make me laugh.

There’s nothing I enjoy more than people trying to make the world a better place. Particularly when they make the world better in a way they’d never intended. I can just imagine the conversations that took place in the drafting process for this campaign:

“We need a catchy and educational campaign to tackle the horrors of addiction.”

“Yes, one that shows we’re in this together, as a community.”

“One that doesn’t stereotype addicts.”

“I’ve got it!”

The result is what I believe they call a “swing and a miss.” A+ for effort, though.

If there was an award for best award acceptance speech, this would win. Julia Louis-Dreyfus is brilliantly funny (while accepting an award for being brilliantly funny) and she remains my hero.

Allow TikTok content?

This article includes content provided by TikTok. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. To view this content, click ‘Allow and continue’.

Here’s one for my fellow theatre kids. This pitch perfect sketch is from comedian and writer Jacob Kaplan. Does it make me laugh? Yes. Does it make me tense every single muscle in my body and hold my breath while I try not to think about the time that 14-year-old Bridie wrote a play about the dangers of DRINK-DRIVING and also DRUGS, which inexplicably culminated in a peppy dance routine? … No comment.

Amber Ruffin is one of the most versatile and talented comedians around. I love a lot of what she does, but this song is a special favourite. Hilarious, a little creepy and downright catchy: a winning combo!

This sketch from the late 1990s sketch group Big Train still delights me. Short, sharp, silly. Please and thank you!

Allow TikTok content?

This article includes content provided by TikTok. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. To view this content, click ‘Allow and continue’.

Adrian Bliss, Certified Internet Star™, is a go-to for inventive sketches (and a seemingly endless supply of costumes). Many of his skits feature historical characters, like this one about a Greek soldier inside the Trojan horse. That layer of awkwardness that the Brits do well drives this skit, and now that I’ve seen it I can only hear The Aeneid being read in Bliss’s voice: “I sing of arms and a man, innit.”

Now this, THIS is some relatable content. Don’t pretend you’ve never tied one on and woken up on a golf course/boat/gold lame suit, because I won’t believe you. Perfectly encapsulating the delight of a great night-turned great story, I give you this hungover Scotsman who woke up in the wrong house. Of course, it’s made all the better by the Glaswegian accent.

*Assumes elderly wizard voice* I have been studying and performing improv since I was knee-high to a grasshopper, so the Whose Line crew are some of my longtime heroes. This game is one of my faves, not just because it’s so funny and clever, but because the “mistake” that happens around the 2:20 mark encapsulates the joy and collaboration that good improv is all about. Oh dear, this got more earnest than I intended. Just watch it!

A masterclass in physical comedy, from one of the greats.

Last but not least, here’s a video to save for a day where you need a bit of a pick-me-up. This is my favourite of all “laughing baby” videos, a classic in a crowded genre. And sure, if we’re measuring “funny” by incisive satirical commentary or well crafted punchlines, then this is a fail – but no other video fires up my mirror neurons and makes me laugh as much as this one.

Seriously, if you watch this and don’t feel at least a little bit better, then call a cardiologist because you have NO HEART.



Source link

Continue Reading

Technology

North Korean ransomware dubbed Maui active since May 2021 • The Register

Voice Of EU

Published

on

For the past year, state-sponsored hackers operating on behalf of North Korea have been using ransomware called Maui to attack healthcare organizations, US cybersecurity authorities said on Wednesday.

Uncle Sam’s Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the Treasury Department issued a joint advisory outlining a Pyongyang-orchestrated ransomware campaign that has been underway at least since May, 2021.

The initial access vector – the way these threat actors break into organizations – is not known. Even so, the FBI says it has worked with multiple organizations in the healthcare and public health (HPH) sector infected by Maui ransomware.

“North Korean state-sponsored cyber actors used Maui ransomware in these incidents to encrypt servers responsible for healthcare services – including electronic health records services, diagnostics services, imaging services, and intranet services,” the joint security advisory [PDF] reads. “In some cases, these incidents disrupted the services provided by the targeted HPH Sector organizations for prolonged periods.”

The Feds assume the reason HPH sector organizations have been targeted is that they will pay ransoms rather than risk being locked out of systems, being denied data, or having critical services interrupted.

Maui, according to Silas Cutler, principal reverse engineer at security outfit Stairwell, is one of the lesser known families of ransomware. He says it stands out for its lack of service-oriented tooling, such as an embedded ransom note with recovery instructions. That leads him to believe Maui is operated manually by individuals who specify which files should be encrypted and exfiltrated.

The advisory, based on Stairwell’s research [PDF], indicates that the Maui ransomware is an encryption binary that a remote operator manually executes through command line interaction. The ransomware deploys AES, RSA, and XOR encryption to lock up target files. Thereafter, the victim can expect a ransom payment demand.

According to SonicWall, there were 304.7 million ransomware attacks in 2021, an increase of 151 percent. In healthcare, the percentage increase was 594 percent.

CrowdStrike, another security firm, in its 2022 Global Threat Report said North Korea has shifted its focus to cryptocurrency entities “in an effort to maintain illicit revenue generation during economic disruptions caused by the pandemic.” For example, consider the recent theft of $100 million of cryptocurrency assets from Harmony by the North Korea-based cybercrime group Lazarus. But organizations that typically transact with fiat currencies aren’t off the hook.

Sophos, yet another security firm, said in its State of Ransomware Report 2022 that the average ransom payment last year was $812,360, a 4.8X increase from the 2020 when the average payment was $170,000. The company also said more victims are paying ransoms: 11 percent in 2021 compared to 4 percent in 2020.

The advisory discourages the payment of ransoms. Nonetheless, the FBI is asking any affected organization to share information related to ransomware attacks, such as communication with foreign IP addresses, Bitcoin wallet details, and file samples. The advisory goes on to suggest ways to mitigate ransomware attacks and minimize damage.

Last month, the US Justice Department outlined its Strategic Plan for the next four years and cited enhancing cybersecurity and fighting cybercrime among its objectives. One of its key metrics for success will be the “percent of reported ransomware incidents from which cases are opened, added to existing cases, or resolved or investigative actions are conducted within 72 hours.” ®

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!