Today's Tech Digest
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | BU Soft Tech | itTrident | Former Sr. VP & CTO of MF Utilities
AMD lands Dell as its latest Epyc server processor customer
AMD scored a significant win in its efforts to retake ground in the data center with Dell announcing three new PowerEdge servers aimed at the usual high-performance workloads, like virtualized storage-area networks (VSAN), hybrid-cloud applications, dense virtualization, and big data analytics. The servers will run AMD's Epyc 7000 series processors. What’s interesting is that two of the three new Dell servers, the PowerEdge R6415 and R7415, are single-socket systems. Usually a single-socket server is a small tower stuck in a closet or under a desk and running as a file and print server or departmental server, not something running enterprise workloads. The R7425 is the only dual-socket server being introduced. AMD said the reason is simple. With up to 32 cores and 64 threads on one CPU, up to 4TB of memory capacity, 128 lanes of PCI Express interconnects, and support for up to 24 direct NVMe SSD drives, the servers can do with one processor what would normally require a dual-socket system.
Security vs. Speed: The Risk of Rushing to the Cloud
There's a lot of assumption when it comes to cloud responsibility. "Some businesses think the whole security issue is something you put into the provider's realm," says Jim Reavis, CEO of the Cloud Security Alliance. "The cloud provider may have security services and capabilities, which you can order as an extra, but a lot of responsibilities shift to the cloud." Cloud providers typically own the hardware, network, host operator, and virtual machines, says Dan Hubbard, senior security architect at Lacework. The customer owns everything above that: operating systems, containers, applications, and all of the related access controls. "This is where things get a little muddy from a corporate perspective," he explains. Most companies have parameters in traditional data centers, and their core principles and rules don't apply in the public cloud.
Identity and the smart city
Once the smart city blossoms, our smart identity will move out of our homes, into our cars, and onwards through the city walls. Identity is the backbone of digital transactions. And smart innovations can use the power of identity to enable online transactions. Our smart identity will allow us to interact with our smart cars, send money to our partner with a click, use remote patient care by sharing patient-generated data, and secure our entry into the smart airport. Of course, all of this could come with a heavy price – our privacy. All of the transactions are based on sharing identity data of some sort. It is inevitable that our digital identity will be drawn into the machinery of the smart city, but it has to be done with privacy respectful implementation. And, privacy of data and IoT security are intrinsically linked, here is some further reading on the security concerns around IoT devices. But privacy has its own special place in the smart city and our identity may hold the key to the solution.
Six ways by which hackers can crack your password
While you might think of Rainbow Table as eclectic colorful furniture but it is a sinister form of stealing your credentials. The Rainbow Table that we are talking about are used to crack passwords and are yet another tool in the hacker’s evergrowing arsenal. This method requires a good knowledge of computers and coding. Rainbow Tables are basically huge sets of precomputed tables filled with hash values that are pre-matched to possible plaintext passwords. The Rainbow Tables essentially allow hackers to reverse the hashing function to determine what the plaintext password might be. It’s possible for two different passwords to result in the same hash so it’s not important to find out what the original password was, just as long as it has the same hash. The plaintext password may not even be the same password that was created by the user, but as long as the hash is matched, then it doesn’t matter what the original password was.
Oracle’s cloud bravado masks its database despair
Originally the biggest threat to Oracle’s database dominance seemed to come from the NoSQL crowd, given how data has changed over the past ten years. For decades, the traditional relational database, with its assembly of data into neatly ordered rows and columns, served us well. As data volumes, variety, and velocity changed, the venerable RDBMS seemed outdated. Perhaps it is, but that doesn’t mean enterprises can afford a rush to the exits in favor of the flexible schema that NoSQL offers. As Adrian puts it, “When someone has invested in the schema design, physical data placement, network architecture, etc. around a particular tool, that doesn’t get lifted and shifted easily, something that Gartner calls ‘entanglement.’” As nice as “rip and replace” may sound, once an enterprise has bolted dozens of systems to a particular database, replacing that database may also mean replacing some or many of those interconnected systems.