It was all over the web on June 18: Code Spaces went off the air, as we discussed during the Virtualization Security Podcast on 6/19. The reasons are fairly normal in the world of IT and the cloud. They were hacked. Not by subverting the Amazon cloud, but in ways considered more traditional—even mundane. An account password was discovered, either by hacking using one of the seven SSL attacks that exist today or by guessing with the help of inside knowledge gained through social engineering. However the account was hacked, the damage was total. While we may all ask why Code Spaces was attacked, we may never know the answer. Nevertheless, in general such attacks are all about the Benjamins. What lessons can we learn about this attack? How can we improve our usage of clouds to protect our own data, systems, and more from similar attacks?
Articles Tagged with Amazon
The DaaS (Desktop as a Service) market is maturing, and more great products are being released every day to facilitate DaaS functionality. But just like the foundation of a house affects what you can build on it, Microsoft’s unwillingness to offer VDI licensing for the desktop operating system still presents a major challenge to the stability and growth of this market.
Have you taken any time answering this question? Who runs what hypervisor? Is it just me, or do there seem to be a lot of articles and posts about OpenStack recently, so many that one almost gets the feeling that everything is running on OpenStack? It looks like there’s a push to help keep OpenStack on the path to becoming more mainstream, and the new partnership with Red Hat might just be the ticket. For now, OpenStack is still going through its adolescence, but it has great potential to go out and really make a difference in this world. Until then, have you ever stopped to consider which underlying hypervisors are supporting the clouds we all know and love?
Cloud Technology Partners has just released its new PaaSLane for AWS, a software solution that analyses codebases and pinpoints issues that would likely cause problems if the code were to be deployed to Amazon Web Services or other elastic environments.
How good an idea is it to virtualize XenApp? Way back in 2010, when more of the poles were ice, we asked is virtualizing Citrix XenApp a waste of time and effort? There were a number of benefits identified: hardware abstraction allowing easier image management and OS upgrades; options for higher availability and faster recovery, even failover; virtualization-enabled silo consolidation; and importantly, better management of user capacity on servers.
Yet, with XenApp running on Windows 2008 R2 memory limitations are of far less issue. Introducing a hypervisor has an overhead which can impact user density and can change Microsoft server license costs per physical server. Do these considerations outweigh other benefits? Hypervisor technology and performance has moved on considerably – what is the impact of that? What other services can virtualized XenApp drive?
When enterprises consider putting business-critical workloads in public clouds, many of them overlook, at least in part, critical issues of economics and over what portion of their cloud software stack the cloud vendor has full control. This leads to a situation where sometimes relatively inexpensive offerings where the vendor has full control of their software stack (like Amazon EC2) are improperly compared to an offering from a vendor like Savvis or Terramark who is building a cloud out of either VMware-provided components or OpenStack components. This gives rise to important issues that drive both the cost of the respective offerings and the degree to which the cloud vendor can both enhance the offerings with rapid agility and quickly address service level issues.