Skip to content

Author: kris

Pandamonium and other attacks

From the HHOS-Dept: The Verizon Data Breach Digest is a thing that exists. This issue (PDF) reports a Botnet built from drink dispensers and other Internet of Trash things at a University that have been badly protected, but were indispensable enough that they could not be simply disconnected and wiped.

Apparently the embedded trash united to run a DNS DDoS attack against some domains, but the Botnet was luckily written so badly that it could be taken over and disabled, regaining some semblance of control over the devices – mostly because the Botnets C&C did not use SSL and also did not encrypt passwords. So that was salvageable mostly due to incompetence on the side of the botnet operators.

1 Comment

Theft of solar modules on the rise

Die Klimaretter are reporting: Theft of solar modules on the rise (article in German).

The article makes and supports the claim that solar modules are being stolen by organized crime in Germany, and explains ways to make that harder to perform and the goods easier to track. Solutions include marking and registration of all modules, GPS/GSM combos in components and special screws that require specific tools to remove panels without damaging them.

Wind turbines are also subject to theft and damage, but here mostly for the copper cables in them.

Leave a Comment

How can MySQL replicate? Let me count the ways

Percona Blog: MySQL Replication Overview

The Percona Blog has an Overview Of Different MySQL Replication Solutions. On top of the regular traditional Async Replication shown above, they also cover SemiSync, Group Replication, and Galera Cluster. Statement and Row Based Replication are contrasted.

Finally, “some misconceptions about replication” are being addressed, with “Replication is not a cluster”, “Replication is a HA solution”, “Replication replaces backups” and “Replication replaces Load Balancing”.

Leave a Comment

Hipsterdoom with Mongobingo

Felix Gessert does a postmortem of the failed Parse startup and product: “The AWS and MongoDB Infrastructure of Parse: Lessons Learned“.

Technical problem II: the real problem and bottleneck was not the API servers but almost always the shared MongoDB database cluster.

And that was with MongoRocks (Mongo on RocksDB) and replacing the initial app in Ruby with a Go implementation of said thing, with WriteConcern = 1, and other horrible presets. All in all, this is like the perfect nightmare of startup architecture decisions.

Felix closes pointing at his current project:

If this idea sounds interesting to you, have a look at Baqend. It is a high-performance BaaS that focuses on web performance through transparent caching and scalability through auto-sharding and polyglot persistence.

Bingo. Also, found the Hipster.

Leave a Comment