TechSNAP

TechSNAP

Systems, Network, and Administration Podcast. Every two weeks TechSNAP covers the stories that impact those of us in the tech industry, and all of us that follow it. Every episode we dedicate a portion of the show to answer audience questions, discuss best practices, and solving your problems.

https://techsnap.systems

News Tech News
subscribe
share






claim!
report

Episode 362: Rebuilding it Better

It’s a TechSNAP introduction to Terraform, a tool for building, changing, and versioning infrastructure safely and efficiently.

Plus a recent spat of data leaks suggest a common theme, Microsoft’s self inflicted Total Meltdown flaw, and playing around with DNS Rebinding attacks for fun.

Sponsored By:

  • iXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!
  • Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.com
  • Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapocean

Links:

  • The Under Armour Hack Was Even Worse Than It Had To Be — When Under Armour announced that its nutrition app MyFitnessPal had suffered a data breach impacting the information of roughly 150 million users, things actually didn't seem so bad.
  • Panerabread.com Leaks Millions of Customer Records — Panerabread.com, the Web site for the American chain of bakery-cafe fast casual restaurants by the same name, leaked millions of customer records — including names, email and physical addresses, birthdays and the last four digits of the customer’s credit card number — for at least eight months before it was yanked offline earlier today, KrebsOnSecurity has learned.
  • No, Panera Bread Doesn’t Take Security Seriously – PB — This post establishes a canonical timeline so subsequent reporting doesn’t get confused.
  • Total Meltdown — In short - the User/Supervisor permission bit was set to User in the PML4 self-referencing entry. This made the page tables available to user mode code in every process. The page tables should normally only be accessible by the kernel itself.
  • Terraform by HashiCorp — HashiCorp Terraform enables you to safely and predictably create, change, and improve infrastructure. It is an open source tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
  • Terraforming 1Password - AgileBits Blog — Most of the 2 hours and 39 minutes of downtime were related to data migration. The 1Password.com database is just under 1TB in size (not including documents and attachments), and it took almost two hours to complete the snapshot and restore operations.
  • Whonow — A malicious DNS server for executing DNS Rebinding attacks on the fly

fyyd: Podcast Search Engine
share








 April 5, 2018  35m