Researchers discovered incompetence when handling AWS RDS database backups, exposing them on the public network for anyone to take
File this under “Disheartening that we are still seeing this“. AWS has this feature where you can make your RDS backups public, making it easy to share them with other AWS accounts to spin up new database instances. Doesn’t mean you should though.
Research team over at MITIGA have published a very exhaustive look at their analysis on how they discovered not only a huge amount of publicly available data backups, but of those, an alarmingly large amount of them that had Personally Identifiable Information (PII) data.
We wouldn’t even call this hacking. Incompetent cloud engineers have packaged up the complete database, and left it out on the doorstep for anyone, passing by, who is interested in it. No need to worry about breaching firewalls, network layers, or even guessing at username/password combinations.
The article’s statistics are demoralizing to anyone in the cloud and security space.
The total number of snapshots seen in this month (Oct 22) was 2,783
Of those 2,783 snapshots, 810 snapshots were exposed during the analyzed timeframe
Additionally, 1,859 snapshots of the 2,783 were exposed for just 1-to-2 days
There simply is no excuse for this sloppy and incompetent practice. It demonstrates a complete lack of respect for security and instead of going down the path of securing with IAM roles, they just thought it easier to make it public. Ease of use I am sure, they said to themselves, convincing themselves no one will know.
As the old saying, with great power comes great responsibility. Learn the tools. We need more name and shaming so people start taking this more serious. Don’t just name the company, but the head of security or cloud that allowed this to happen under their watch.
What makes a great product by AWS guru James Hamilton
James Hamilton, a true computing legend who has architected many revolutionary things over at AWS that us mere mortals can only dream and be in awe of. I have followed him for many years, and have always taken the attitude – when James talks, you listen.
I have come across many product managers in our portfolios over the years, some good, some poor, and some that shouldn’t be anywhere near the product. This is a hard role to get right or even define properly, but you know it, when you see it done right.
James has a great take on what it takes to be a great product manager especially inside of AWS. I would caution though, that I am going to assume he is referring to the great managers that design their core AWS products, and not the ones in charge of the AWS Console (it is getting better, but it still feels like an after thought, a reluctant layer put on top of what is already a great API).
If you ever find yourself with some time on your hands, and would like to get a peak under the covers at AWS, then do a YouTube search for the sessions that James has given at re:Invent over the years. Mind blowing some of the things they have done to get the performance, scale and uptime out of AWS that we all rely on.
Prof G’s latest book details the state of the country through 100 charts, each one powerfully presented and creating a lot of stroky-chin moments.
Scott Galloway’s latest book, “Adrift”, is not really a book in the traditional sense – its longest run of prose is maybe 3 pages. Instead the book is a collection of 100 thought provoking charts, with only the minimal of commentary preceding each one. The reason for this I can imagine is that the charts speak and deliver more of a punch any words could ever muster.
Due to this rather unique format, the book lends itself to being opened up and be instantly consumable no matter what page you land on. Though, for maximum impact, one should really read the charts in each section sequentially as they build the narrative, even though the sections can be read out of order.
The charts themselves are not difficult to digest, presenting data, in a variety of styles and formats to illustrate the growth or decline of the American economy.
Any frequent listener/reader of Prof G’s output will know he doesn’t pull any punches and is not scared to say the things we’re all no doubt thinking, but this time, backed with historical data. Statements such as “social media are enragement platforms” noting then in a number of charts, how our young are getting further isolated from one another, and how this is creating future societal problems. Or how major universities are hedge funds masquerading as educational intuitions, but being taxed as the former.
The book isn’t all doom and gloom, there is much hope and cause for celebration. As he noted “nothing is that wrong in American that can’t be fixed with what is right in America” (quote attributed to President Clinton) but to start the correction, one has to first acknowledge where the system is failing, where the inequalities lay, and how small changes can start to make a difference.
Well worth the read, and given its unique format, makes ideal toilet room material.
Vinyl records are more than just scratchy reproductions of sounds
I grew up in the world of cassettes and vinyl records where the only virtual alternative was the local AM/FM radio station. The logistics of consuming music in that way, was frankly tedious, expensive and fraught with danger; single bump could ruin a perfectly beautiful album.
Yet that is all we had. So when digital music arrived (hands up who went through the LimeWire/Napster period) it was more than a breath of fresh air. It was a revolution, allowing us to not worry about our car stereo chewing up the tape if we played it too often, or to play the track we wanted having to wade through a whole album of content just to get to track 7.
Limewire circa 2000
Yet, as I get older with over 20 years of digital music amassed, I wonder what I really have to pass onto the next generation. Will my son’s look up my old WinAmp (exactly!) playlists and fondly think of their father and his wild tastes? Of course not. Such memories will be lost forever. Spotify/YTMusic/Plex/iTunes playlists are for a moment, not a lasting legacy.
When my mother died a couple of years ago, I found myself a drift a little, like most sons do when they lose such a pivotal figure in their lives. As I was going through boxes, I discovered my old records that I collected as a teenager. In there was a couple of my mothers records and then it hit me. Here I was touching something that connected me with her – it wasn’t just an Elvis Presley album, it was the ACTUAL Elvis album mother would put on, while doing the ironing while we played around her feet. The sounds wasn’t a digital copy, but a result of the actual grooves in the physical format making the needle bounce up and down, reproducing the same sounds she enjoyed so often.
It was recreating a moment in time.
There was more. Records need housing. This packaging, there to secure the core offering, is donned with beautiful artwork, sometimes with notes, or lyrics all to make up an experience. The same experience that is recreated every time you slide out the vinyl record prior to spinning. It is here, I discovered some hidden gems. My mother, who at the time annoyed me she would graffiti my beautiful record, with the date and time.
Queen; A Night at the Opera – Gifted after passing my high school exams July 1998
Yet what my pimpled, testosteronal teenage self couldn’t fathom, was that my mother was creating a legacy for me.
Sitting there going through all my (and her) old records, I noticed all the little notes she left, some have faded forever lost, I finally realized the true value of this medium. Forget all the bullshit about superior fidelity, or richer/fuller sound. It was about packaging up an emotion and feeling that only music can bring someone, in a physical format that can be enjoyed for years to come. Something the digital format can never come close to delivering.
Ed Sheeran + Gifted Christmas 2020
For the first time, I fell in love with vinyl. 30 years ago it was a necessity, now it was emotional. Yet this new love affair was going to be more than just amassing a large collection. Oh no. Each album was going to be carefully curated and chosen based on the feelings it evoked.
When I add a vinyl to my collection, it isn’t a purchase. I see it more as a lease, a temporary hold if you will. I see it as capturing a moment, a sequence of emotions, to package up and pass onto the next generation. I want my sons to know, when they pick it up, that their old man enjoyed not only that song, but that ACTUAL song. Just as I did with my mother.
One Christmas, my son asked what I would like, and seeing how I was building up a collection, records would be an easy win for that year. While I supported this, I did hit him with a couple of conditions. I asked that he only buy a record that he knew that we both enjoyed, and secondly, he sign it personally with the date and the occasion. Upon receiving the gift, I said that I wasn’t taking ownership of it, merely holding onto it, to enjoy listening to it until such times I was no longer walking this planet and he would take it back under his stewardship.
I listen to music every day. Even in a video conference meeting, there will be music playing in the background, only loud enough I can hear. That is digital music.
Often though, I push the keyboard away, and go and make a point of spinning up some vinyl’s, taking the time and effort to truly switch off from the screen and allow myself to be immersed in the sound produced by that needle bouncing around the grooves. Reconnecting with memories and creating new ones along the way.
I love the physical tactile experience that playing records brings me, upon an evening, with a glass of single malt, just enjoying where the mood takes me.
My advice – get yourself a record player and start spinning up some memories.
BTW I make no apology for my Leonard Cohen records 😉
Andrew Chen charts the rise of the some of the larger Internet companies whose value only increases through an increased number of users – the network effect.
The inside track on how the likes of uber, Tinder, eBay and YouTube gained traction to break free of the network effect; where the usefulness of the service grows only by the number of users using the system. Former uber executive and VC investor, Andrew Chen, charts through his first hand experience of the efforts that uber underwent to build up networks of drivers to service an ever growing userbase.
Chen had some interesting insights with respect to mobile deployments noting that “1 in 4 people abandon mobiles apps after only one use” and “Of the users who install an app, 70% of them aren’t active the next day, and by the first three months, 96% of users are no longer active“. This goes to highlight just how hard it is to capture a userbase, and how you have only a few moments to truly capture that first impression into a lasting user inaction.
Given my recent experience with Clubhouse (another Chen is invested in), I can confirm I am one of the 70% who couldn’t quite grasp the user interface to make sense of it. It was canned quickly.
Chen goes into detail on a number of sites, the classic cornerstones of the modern Internet, including eBay and YouTube. I knew the basic history, but I was surprised to learn YouTube started off as a dating site, and when that bombed, the founders, opened their platform to offer any content. Similar eBay, had a crisis of growth, and stepped away from its pure auction style when it introduced the controversial “Buy-It-Now” button, which now accounts for 62% of their total.
One recurring nugget that kept coming over as he went through the backstory of each company, was how often the original goal of what the founders were trying to solve, wasn’t what they ended up building and delivering. Many times, the product they are known and famed for, was an offshoot (Slack for example after a failed photo sharing site; Instagram after a failed online photo editing suite).
The book is packed full of these little anecdotes and ah-ha moments and written in a very accessible manner. As is common with books that attempt to sell a framework “the cold start problem“, it becomes repetitive in places, which allows you to skip over it. Instead if you read the book as an insiders guide to how some of the big players grew their network, then it sits very well as a high-level historical read.
Reviewing the Top 8 movies and TV series that made it to the top of my list during 2021.
Every year, I keep track of everything I watch and then give it a rating. I have been doing this for years on IMDB. 2021 was a slow year for me, only achieving 184 titles compared to my record year previous of 405 titles. While I keep track of my repeat watching, my top movies and tv will only be the ones that were released in 2021.
Top 8 Movies
Nothing this year knocked it out of the park and achieved a 10 out of 10. This was a little unexpected as there was a number of movies I was really looking forward to.
My top 8 movies of 2021 are as follows, with only Belfast (came out of no where), Red Notice (huge surprise) and No Time To Die (could have been better) getting 9/10.
Top 8 TV Series
There was a lot of binging this year of TV series, which does take time away from watching movies. The top one here, that had the whole family roaring with laughter was of course Jeremy Clarkson’s Farm, maybe even better than his Grand Tour series (which had some weak outings of recent). The second surprise hit was Kate Winslet in Mare of Easttown, which didn’t pull any punches. Naturally the BBC had a strong outing this year, with 3 hitting shows making it, each of them as good as the other.
2022 has started, and I have the “classic” Dwayne Johnson Doom playing in the background as I write this – bet you don’t realize just how much top talent there is in this big screen adaptation of the game.
If you don’t track what you are watching, then I advise you give it a whirl. You quickly forget what you watch, and when, and how good it was. I make a rule to never repeat a movie in the same year – unless its really good and I want to enjoy it in the company of others – and keeping track makes it easy to do that.
What is nice, about tracking your viewing habits, is the surprise you get when doing things like this reviewing the year, and what caught your attention.
alan williamson 