Skip to content

Feed aggregator

iPhone 8's embedded Touch ID may still be causing headaches - CNET

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 22:32
An uncertain future for the upcoming iPhone's fingerprint sensor may result in delayed shipments, according to industry analysts.
Categories: Blogs

Spotify lets you build group playlists on Facebook Messenger - CNET

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 22:30
This seems a lot easier than mixtapes.
Categories: Blogs

What Marvel needs to stay on top at the box office - CNET

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 21:52
No matter how big the MCU gets, it "always comes down to the characters," says Marvel Studios President Kevin Feige.
Categories: Blogs

'Baby Driver' star, director talk about the perfect heist car - CNET

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 21:34
Edgar Wright and Ansel Elgort visit CNET and tell us how to drift, what song to play while getting rid of a body -- and why Barbra Streisand is "gangsta."
Categories: Blogs

Netpicks: Everything coming and going on Netflix for July 2017 - CNET

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 21:33
"Rogue One: A Star Wars Story" and "Castlevania" land on Netflix. Are you ready?
Categories: Blogs

Google Doodle celebrates longest, shortest day of the year - CNET

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 21:31
It's the solstice, the beginning of summer... and winter.
Categories: Blogs

Yes, Bill Gates is still richer than you -- and everyone else - CNET

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 21:24
No surprise, Mark Zuckerberg also makes Forbes' annual list of the richest Americans.
Categories: Blogs

Kia, Genesis, Porsche have highest initial quality, JD Power IQS says - Roadshow

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 21:16
Fiat, Jaguar and Volvo are at the bottom. Womp womp.
Categories: Blogs

The coolest fidget spinners making the rounds - CNET

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 21:09
The fidget spinner, one of 2017's hottest trends, comes in all sorts of unusual varieties, including glow-in-the-dark and Batman-themed toys.
Categories: Blogs

DynamoDB Accelerator (DAX) Now Generally Available

Amazon Web Services Blog - Wed, 06/21/2017 - 20:59

Earlier this year I told you about Amazon DynamoDB Accelerator (DAX), a fully-managed caching service that sits in front of (logically speaking) your Amazon DynamoDB tables. DAX returns cached responses in microseconds, making it a great fit for eventually-consistent read-intensive workloads. DAX supports the DynamoDB API, and is seamless and easy to use. As a managed service, you simply create your DAX cluster and use it as the target for your existing reads and writes. You don’t have to worry about patching, cluster maintenance, replication, or fault management.

Now Generally Available
Today I am pleased to announce that DAX is now generally available. We have expanded DAX into additional AWS Regions and used the preview time to fine-tune performance and availability:

Now in Five Regions – DAX is now available in the US East (Northern Virginia), EU (Ireland), US West (Oregon), Asia Pacific (Tokyo), and US West (Northern California) Regions.

In Production – Our preview customers are reporting that they are using DAX in production, that they loved how easy it was to add DAX to their application, and have told us that their apps are now running 10x faster.

Getting Started with DAX
As I outlined in my earlier post, it is easy to use DAX to accelerate your existing DynamoDB applications. You simply create a DAX cluster in the desired region, update your application to reference the DAX SDK for Java (the calls are the same; this is a drop-in replacement), and configure the SDK to use the endpoint to your cluster. As a read-through/write-through cache, DAX seamlessly handles all of the DynamoDB read/write APIs.

We are working on SDK support for other languages, and I will share additional information as it becomes available.

DAX Pricing
You pay for each node in the cluster (see the DynamoDB Pricing page for more information) on a per-hour basis, with prices starting at $0.269 per hour in the US East (Northern Virginia) and US West (Oregon) regions. With DAX, each of the nodes in your cluster serves as a read target and as a failover target for high availability. The DAX SDK is cluster aware and will issue round-robin requests to all nodes in the cluster so that you get to make full use of the cluster’s cache resources.

Because DAX can easily handle sudden spikes in read traffic, you may be able to reduce the amount of provisioned throughput for your tables, resulting in an overall cost savings while still returning results in microseconds.

Jeff;

 

Categories: Companies

Star Trek-themed 3Doodler pens flying high on Kickstarter - CNET

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 20:30
Travel to the final frontier of creativity with limited-edition Trek-themed 3Doodler pen sets on Kickstarter.
Categories: Blogs

Bask in this glowing new footage from 'Blade Runner 2049' - CNET

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 20:23
Director Denis Villeneuve and cinematographer Roger Deakins look to be putting together one of the best looking sci-fi flicks in years.
Categories: Blogs

Nanotubes could monitor your car's tire tread wear for cheap - Roadshow

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 20:18
Is there anything nanotubes can't do? Aside from pay my student loans, that is.
Categories: Blogs

Samsung's new fleet of Family Hub smart fridges on sale now - CNET

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 19:48
Samsung's family of touchscreen refrigerators just got bigger -- and certain models are already available at a steep discount.
Categories: Blogs

Intel is bringing drones and VR to the Olympics - CNET

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 19:39
The tech giant signs a seven-year deal to use its technologies during the Olympics, starting with the 2018 Winter Games.
Categories: Blogs

The most terrifying Stephen King creations of all time - CNET

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 19:22
The horror legend can scare us with anything from a clown to a dog, so good luck sleeping after viewing these images.
Categories: Blogs

'The Mist' review: Stephen is still King in unnerving new series - CNET

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 19:05
The new Spike TV show does the acclaimed author proud, expanding his 1980 horror novella beyond the supermarket into a 10-episode series. Cleanup on aisle 3!
Categories: Blogs

Cloud Native Data Pipelines

Cloud Computing Software Development - Wed, 06/21/2017 - 18:40
Big Data companies (e.g. LinkedIn, Facebook, Google, and Twitter) have historically built custom data pipelines over bare metal in custom-designed data centers. In order to meet strict requirements on data security, fault-tolerance, cost control, job scalability, network topology, and compute and storage placement, they need to closely manage their core technology. In recent years, many companies with Big Data needs have started migrating to one of the public cloud vendors. How does the public cloud change the game? Specifically, how can companies effectively marry cloud best-practices with big data technology in ...
Categories: Communities

Protect Web Sites & Services Using Rate-Based Rules for AWS WAF

Amazon Web Services Blog - Wed, 06/21/2017 - 18:33

AWS WAF (Web Application Firewall) helps to protect your application from many different types of application-layer attacks that involve requests that are malicious or malformed. As I showed you when I first wrote about this service (New – AWS WAF), you can define rules that match cross-site scripting, IP address, SQL injection, size, or content constraints:

When incoming requests match rules, actions are invoked. Actions can either allow, block, or simply count matches.

The existing rule model is powerful and gives you the ability to detect and respond to many different types of attacks. It does not, however, allow you to respond to attacks that simply consist of a large number of otherwise valid requests from a particular IP address. These requests might be a web-layer DDoS attack, a brute-force login attempt, or even a partner integration gone awry.

New Rate-Based Rules
Today we are adding Rate-based Rules to WAF, giving you control of when IP addresses are added to and removed from a blacklist, along with the flexibility to handle exceptions and special cases:

Blacklisting IP Addresses – You can blacklist IP addresses that make requests at a rate that exceeds a configured threshold rate.

IP Address Tracking– You can see which IP addresses are currently blacklisted.

IP Address Removal – IP addresses that have been blacklisted are automatically removed when they no longer make requests at a rate above the configured threshold.

IP Address Exemption – You can exempt certain IP addresses from blacklisting by using an IP address whitelist inside of the a rate-based rule. For example, you might want to allow trusted partners to access your site at a higher rate.

Monitoring & Alarming – You can watch and alarm on CloudWatch metrics that are published for each rule.

You can combine new Rate-based Rules with WAF Conditions to implement sophisticated rate-limiting strategies. For example, you could use a Rate-based Rule and a WAF Condition that matches your login pages. This would allow you to impose a modest threshold on your login pages (to avoid brute-force password attacks) and allow a more generous one on your marketing or system status pages.

Thresholds are defined in terms of the number of incoming requests from a single IP address within a 5 minute period. Once this threshold is breached, additional requests from the IP address are blocked until the request rate falls below the threshold.

Using Rate-Based Rules
Here’s how you would define a Rate-based Rule that protects the /login portion of your site. Start by defining a WAF condition that matches the desired string in the URI of the page:

Then use this condition to define a Rate-based Rule (the rate limit is expressed in terms of requests within a 5 minute interval, but the blacklisting goes in to effect as soon as the limit is breached):

With the condition and the rule in place, create a Web ACL (ProtectLoginACL) to bring it all together and to attach it to the AWS resource (a CloudFront distribution in this case):

Then attach the rule (ProtectLogin) to the Web ACL:

The resource is now protected in accord with the rule and the web ACL. You can monitor the associated CloudWatch metrics (ProtectLogin and ProtectLoginACL in this case). You could even create CloudWatch Alarms and use them to fire Lambda functions when a protection threshold is breached. The code could examine the offending IP address and make a complex, business-driven decision, perhaps adding a whitelisting rule that gives an extra-generous allowance to a trusted partner or to a user with a special payment plan.

Available Now
The new, Rate-based Rules are available now and you can start using them today! Rate-based rules are priced the same as Regular rules; see the WAF Pricing page for more info.

Jeff;

Categories: Companies

See summer solstice at Stonehenge in glorious time-lapse - CNET

The Wisdom of Clouds - James Urquhart - Wed, 06/21/2017 - 18:30
Experience the magical view of the summer solstice at Stonehenge through a lovely video from English Heritage.
Categories: Blogs