In July 2013 Security Explorations discovered a vulnerability in Java by which attackers could elevate their access privileges. Oracle released a patch, but a simple modification was discovered that still makes the attack effective. Once known, Oracle released a patch as part of 8u77. In this article we investigate the little understood class loading process at the heart of the problem.
Massive reductions in cost for flash storage along with new technologies promise to dramatically change how well IT shops can satisfy what's expected of them in the cloud era. John Roese, CTO of EMC lays out a case for why companies need to adopt new technologies in order to out-perform their competitors.
Online harassment is a serious issue, one that the engineers and designers behind the keyboard don't always think about when building software. Machine learning is become more prevalent but as more technology companies take advantage of it, they risk alienating their users even more by presenting content that isn't actually relevant.
Command Query Responsibility Segregation (CQRS) was never meant to be the end goal of what we are trying to achieve, it is a stepping stone towards the ideas of Event sourcing, Greg Young stated in his presentation at the Domain-Driven Design Europe conference earlier this year. He noted though that just applying CQRS is still a valuable pattern.
Microsoft has recently announced the intention to integrate Linux Bash with Windows 10, making it possible to run native Linux ELF64 binaries on their operating system. To avoid incorrect speculation on how this is possible, Deepu Thomas, the Leader of the Windows Subsystem for Linux team, has provided details on how Linux runs on Windows.
On April 19th, 2016 Amazon announced changes to their Elastic Beanstalk service. In this update, Amazon is providing customers with the ability to automatically install platform updates.
Eric Evans' talk at QCon London prescribed Domain Driven Design as a mechanism to successfully handle the "big ball of mud" that can emerge as multiple teams attempt to integrate services from external teams.
This article presents a review of the second day at the O'Reilly Software Architecture conference, held in New York City 12-13th April. Sessions covered include 'Evolving toward microservices: How HomeDepot.com made the transition’, ‘Going cloud native: It takes a platform’, ‘Let's make the pain visible’, ‘Microservices in reverse’, and ‘The architect as coach’.
IBM joins a number of vendors making a play in the emerging paradigm of serverless computing with a new event-driven programming service for their Bluemix platform called OpenWhisk.. InfoQ's Rags Srinivas caught up with Michael Behrendt, one of the architects for Bluemix regarding the IBM Interconnect conference, OpenWhisk and Bluemix in general.
Recently at the 2016 Build Event in San Francisco, Microsoft announced a change to their Power BI offering. The update comes in the form of giving customers and ISVs with the ability to embed Power BI reports within their own applications. Microsoft is calling this service Power BI Embedded and it is currently in preview.
Recently ElectricCloud hosted a panel session on the challenges of microservice deployments and one of the panelists, Usman Ismail summarised the session, covering agreed problems the panelists had discussed as well as some recommendations based on their own experiences.
This article presents a review of the first day at the O'Reilly Software Architecture conference, held in New York City 12-13th April. Sessions summarised include, ‘blah, blah... microservices...blah, blah’, ‘the evolution of evolutionary architecture’, ‘Death Star Security’, ‘Twelve Patterns for Hypermedia Architecture’, ‘Architecture Without an End State’ and 'Leading Simplicity'.
Version 1.0 is "a major milestone in the evolution of Apache Storm", writes Apache Software Foundation VP for Apache Storm P. Taylor Goetz, and it includes many new features and improvements. In particular, Goetz claims a 3x–16x boost in performance.
On April 5th, 2016 Amazon announced an update to its API Management service known as Amazon API Gateway. In this update, Amazon API Gateway now supports a direct way of importing Swagger 2.0 definitions.
QCon NY: 4 Confirmed Keynotes, Google/NASA/Uber/And More Abstracts Posted, Final Workshops Confirmed
An annual software conference designed for software architects/tech leads/leaders who influence innovation in their teams, QCon NY strives to achieve a mission helping software development teams adopt new technologies and practices. We're expecting 800 attendees and that doesn’t include the over 100 speakers, trackhosts, and committee members who guide and direct the conference.