Welcome!

If everyone is thinking the same, someone isn't thinking

Lori MacVittie

Subscribe to Lori MacVittie: eMailAlertsEmail Alerts
Get Lori MacVittie via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Lori MacVittie

Shellshock, appropriately and of course punnily named, is ravaging the Internet right now. Active exploits continue to grow in number and in complexity. While there are multiple avenues through which this vulnerability can be exploited, the most active one at the moment appears to be via vulnerable Internet-facing systems running web applications. Register For DevOps Summit FREE (before Friday) ▸ Here These attacks take advantage of the lax constraints on HTTP headers that allow strings of nearly limitless length to be passed not just to the web server, but on to the system via CGI. Once passed, a 22 year old GNU Bash vulnerability allows the code embedded in the HTTP header to be executed. That code can be just about anything. A quick GIS will net you hundreds of sites documenting actual attempts at exploits including complete shell scripts designed to download and... (more)

The Internet of Things and DNS

JANUARY 8, 2014 02:00 PM EST When we talk about the impact of BYOD and BYOA and the Internet of Things, we often focus on the impact on data center architectures. That's because there will be an increasing need for authentication, for access control, for security, for application delivery as the number of potential endpoints (clients, devices, things) increases. That means scale in the data center. What we gloss over, what we skip, is that before any of these "things" ever makes a request to access an application it had to execute a DNS query. Every. Single. Thing. Maybe that's ... (more)

Changing App Delivery Strategy? by @LMacVittie | @DevOpsSummit [#DevOps]

One of the more popular methods of dealing with not just with the explosion of devices but the growing challenge of dealing with growth of compute devices under management in general is virtual desktop infrastructure (VDI). While VDI has been overshadowed of late by newer and shinier TLAs like SDN and IoT, it remains nonetheless a critical component of most organizations growth strategy. As the technology behind VDI has matured, many organizations have begun to reconsider their initial, early decisions to go with one technology over another. That's natural, as it often takes tim... (more)

HTTP 1.x is the New TCP | @DevOpsSummit [#DevOps]

#HTTP #HTTP2.0 Why that version number is so very important .... It's no surprise that HTTP is the new TCP. Inarguably, more applications are delivered via HTTP than any other. That's including mobile apps, by the way, which are more often than not using HTTP to talk to REST-based APIs on the app side. But what we don't often say is that HTTP 1.x is the new TCP. That distinction is important (some might say imperative) as HTTP 2.0 moves toward becoming the official, ratified standard. You see, backwards compatibility is not something that's part and parcel of HTTP 2.0 any more t... (more)

F5 Synthesis: Your Gateway to the Future (of HTTP)

#SDAS #HTTP #webperf #SSL De facto standards can be as difficult to transition off of as official ones If you haven't heard about HTTP 2.0 it's time to start paying attention. It is anticipated that in November the latest version of the specification will become "the standard" for applications. It includes enhancements designed to improve the security and performance of web applications, which have become critical strategic components to just about every organization on the planet. Go ahead, name an organization that doesn't rely on at least one web-based application to conduct b... (more)