Here are the random links of interest for this week. Have a good weekend.
Another great post by Lori MacVittie. Cloud is all about shifting to “service” mindset. “Service” is also the foundational concept behind SOA. Every cloud service model (IaaS, PaaS, SaaS) abstracts and decouples certain aspects from the layers below, resulting in a flexibility never seen before. Take the case of IaaS. By abstracting and virtualizing compute, storage and network, we are decoupling applications from underneath physical resources. This ultimately results in the unprecedented flexibility to move applications/workloads (VMWare’s vMotion, Cisco’s OTV etc) across machines in data center and across data centers – for load balancing, availability etc. However, this shouldn’t affect how the services (applications) are consumed. SOA’s way of achieving this is via WSDLs and service registries. At the code level, programmers would immediately recall Martin Fowler’s Dependency Injection and Inversion of Control principles achieving similar objectives.
By looking at applications as “services” and adopting SOA principles, ITaaS can achieve benefits beyond IaaS.
Must read. This articles ends with the following quote 🙂
“The details of web product design had led to the pants being pulled down on a promising political career.”
To me, the interesting part of the story is not how a promising politician’s career was put to an abrupt ending but the key product decisions that twitter team made early in the process and how those decisions changed lives of everyone in the last few years.
While twitter has more issues (here are some I face in my daily use of twitter) to solve, clearly the ability to follow someone without requiring his explicit permission has been the winner from the day one.
That’s a cheesy title, but one should read it. I have been following the @LulzSec twitter stream for the last one week as they are hacking sites (Sony, CIA, etc) and posting plain text user ids and passwords extracted from site’s internal databases for everyone to see. In the beginning, I thought hacking sites that ignore basic security mechanisms (SQL Injection, Stronger passwords, Not storing plain text passwords of users in the DB etc) would send a messages to companies and IT organizations across to re-look at their web applications. And to some extent, @LulzSec may have achieved this purpose. In the recent past, we have not seen such consistent and systematic hacking of sites and it got everyone’s attention about the continued ignorance of basic security practices in web applications.
But the subsequent act of @LulzSec posting the extracted usernames and passwords on public sites for everyone to see and download is a disastrous step. You cannot blame and punish naive internet users for having simple and same passwords across several sites when the so called “expert” application and system developers are not doing a good job in applying basic security practices to begin with. Look at what is happening now: These publicly available usernames and passwords are tempting many normal folks to try and access the same username and passwords on several other sites (facebook, paypal, gmail etc) and see if it just works.
Here is another who user went one step ahead and created a script to automate this process and posted the script itself on the github for everyone to use and try. Too bad.
Given that @LulzSec is so active on twitter, how long is it before they get caught ?
BitCoin, The New Money
If you haven’t heard of BitCoin, here is your hance to mint your own money, virtual money for free 🙂 Read more about here, here, wikipedia link and of course yours truly quora link, answers for all your questions.
I came across BitCoin on the hackernews.com. After that so many people are posting links to news about bitcoin, one impatient guy couldn’t bear it any longer and wrote a safari extension to hide all bitcoin news on hackernews.com 🙂