November 21, 2013

GitHub bans weak passwords after brute-force attacks
Popular source code repository service GitHub has recently been hit by a brute-force password-guessing attack that successfully compromised some accounts. "We sent an email to users with compromised accounts letting them know what to do," GitHub security engineer Shawn Davenport said in a blog post. "Their passwords have been reset and personal access tokens, OAuth authorizations, and SSH keys have all been revoked."

Communicating Change
Expectations tend to become self-fulfilling prophecies. You need to communicate the expected change your project is creating will be beneficial and good for the majority of the stakeholders. If this message is both true and believed (the two elements are not automatically connected), the experience of the stakeholders is more likely to be positive. Communication often can mean the difference between project success and failure.

Putting the customer first- For real
Insurers face challenges which are in many ways unprecedented: not simply as a result of the crisis, but also in the face of the major changes – the global mega-trends – which are transforming the business and social environment. What will help the winners pull ahead will be genuinely reengineering their business around the customer. However, many insurers have yet to realize the scale of the transformation required. And fewer still are successfully achieving it.

52 Ways To Avoid Giving An Immediate Answer
No one likes being pushed or bullied into making snap decisions. There’s something unnerving about the situation where we’re the demand is “I need an answer, and I need it now!” Of course, if you work as in law enforcement or an emergency room, sometimes immediate decisions are necessary. But most of the time, the imposed urgency is the result of someone else’s poor planning or decisions. ... how do we deal with these “tyrants of urgency”? Here are a few possible responses you might use to buy some time or send

Unlocking SaaS Leadership Skills
A combination of technical skills and business acumen is the minimum expectation organizations have when they try to identify the right person to head a SaaS spinoff. Potential leaders must also be strong communicators and presenters adept at dealing with politics and talking with directors and other stakeholders. They must also be extremely service-oriented in their IT philosophies.

Being Agile: You are Not a Java Developer, You are a Software Engineer
Agile breaks this pattern by working closely together from the beginning of the project. The “end of project” style of coordinated team work in waterfall happens throughout every iteration. This is what makes agile so productive. However, “getting there” can be hard because working where your domain knowledge and skills are the strongest is where you want to work and where you know you will be the most productive.

Evolution of Storage: VM-Aware Storage for Virtualization
Adopting a modular approach to scaling using VMs and virtual disks as the unit for deploying storage is now possible using virtualization functionality such as VMware Storage DRS to load balance across different storage systems. This greatly simplifies how administrators can scale their environment without the complexity of scale-out or scale-up storage solutions. Adding the ability to control and monitor individual storage systems from a centralized administrative interface can further reduce the overhead IT faces with storage.

Hackers reportedly steal 42M customer records from online dating network Cupid Media
Andrew Bolton, Cupid Media's managing director, told Krebs that the information found on the rogue server appears to be related to a security breach that happened in January 2013, which customers had been notified about. Bolton also reportedly said that a large portion of the leaked records correspond to old, inactive or deleted accounts and that the number of active users actually affected by the breach is considerably less than 42 million.

COBOL still not dead yet, taking on the cloud
Conceptually, taking a language that can trace its heritage back into the 1950s onto a modern as-a-service platform may seem like an exercise in futility, but McGill says that it is a transfer that is not as mind-bending as it first sounds. "Believe it or not, it's probably easier to move COBOL into the cloud, than it is to move a C/C++ application into the cloud. It's certainly easier to a COBOL application to the cloud, particularly from a mainframe environment than a client-server, and Microsoft-based client-server [environment]," he says.

Costin Leau on Elasticsearch, BigData and Hadoop
Elasticsearch supports RESTful API using JSON over HTTP for all of its operations, whether it's search, analytics or monitoring. In addition, native clients for different languages like Java, PHP, Perl, Python, and Ruby are available. Elasticsearch is available for use under the Apache 2 license. The first milestone of elasticsearch-hadoop 1.3.M1 was released in early October. InfoQ spoke with Costin Leau from Elasticsearch team about the search and analytics engine and how it integrates with Hadoop and other Big Data technologies.

Quote for the day:

"The secret to success is to start from scratch and keep on scratching" -- Dennis Green