Last week, the story of LinkedIn’s security breach broke – data of more than 700 million users was released online. The number accounts for 92% of the total profiles on the site. While the systems were not hacked, a hostile agent managed to scrape hundreds of millions of pages. This story should have never happened, and generally there are few good practices on how to avoid such unpleasantries. As Marcin Dąbrowski, ITMAGINATION’s CIO, points out:
A report on Kubernetes (K8s) expenditure shows that the really popular container orchestration system might become cost inefficient. Over the last 12 months (the report came out in June 2021) 67%of respondents reported an increase in costs of 20% or more. 10% of surveyees also reported spending of more than $1 million dollars over the same time.
To better control your Kubernetes spending, Maciej Gos, Cloud Architect, Team Leader, and DevOps Competence Leader at ITMAGINATION, suggests to:
To end with, there are two things to consider when it comes to this particular report by the Cloud Native Computing Foundation (CNCF). The report might not be statistically significant, since the overall number of surveyed is 195. On top of that, calling K8s “a black hole” does not make sense if “[t]he vast majority of respondents…either do not monitor Kubernetes spending at all (24 per cent), or they rely on monthly estimates(44 per cent).” If you don’t carefully monitor your spending, you are bound to be in for a surprise.
Last weekend, American technology firm Kaseya was hacked. Their products? Network management and remote control software. This in turn allowed malicious actors to disrupt the daily work of businesses by spreading ransomware to businesses’ computers via Kaseya’s compromised software. The total number of affected parties varies in estimates – it is believed that there are between 800, and 1,500 businesses that got hit in the process.
The series of disruptions is attributed to a Russian group called “REvil”, that previously crippled the US Operations of meat processor JBS. On Sunday, the president of the USA, Joe Biden, stated that he has “directed the full resources of the government to investigate this incident.” Some say, the attack could be an effect of recent talks between the presidents of the US and Russia; however, there is no hard evidence to confirm that.
As we move into the remote-first world (or perhaps digital-first is a more fitting name), how we secure ourselves, and how companies secure their systems is key. If there was ever a time when we could get away with lax security systems, this time has passed, as attacks in the cyberspace have consequences“in real life.” Just to mention, that one of the enterprises hit was a chain of supermarkets in Sweden. Their cash registers were inoperative, leading to store closures all across the country.
In last week’s 360° IT Check, we mentioned Microsoft’s (MSFT) cooperation with OpenAI, the creators of GPT-3. We only mentioned a couple of announced use cases of the advanced language model.
It remains to be seen how effective Copilot will be, however its potential is truly groundbreaking for most if not all. It is not available to the public, yet, as you can only sign up for the technical preview right now.
The tool raises some important questions from the community, though. First of all, people are concerned about the licensing issues. To be more specific – whether the autofilled code will not violate any licensing terms & conditions. For example, the GNU Public License (GPL) allows you to reuse code shared with you only if you make it open source as well. In case you have not, you might get in trouble for doing so.
It is not yet clear if the model was trained only on public repositories on the MIT license. In practice, if the code that gets inserted into your closed-source project is GPL-licensed, and it gets discovered, you might have legal problems. As a matter of fact, one user of Twitter, has performed an experiment – will Copilot suggest code that wouldn’t be usable in a copyrighted project? The answer is…yes.
Furthermore, we don’t know whether the code does not contain any security vulnerabilities. In the project’s FAQs, the creators highlight that “code suggested by GitHub Copilot should be carefully tested, reviewed, and vetted, like any other code.” It is common-sense to do so, though some might forget about it.
Overall, GitHub Copilot is a really promising tool, despite its potential shortcomings. Want to test out Copilot? It’s easy! Simply:
Facebook’s service for creators, “Bulletin” launched last week with the new feature announced by no other than Mark Zuckerberg. Interestingly, the new platform will not take a fee (at launch at least), and writers retain full ownership of their work and subscriber list.
This move should be seen as an attempt at grabbing a piece of the creators’ economy cake, which is already huge, and it’s only getting bigger, with some reports estimating the market size to be $104.2 billion. More importantly, it’s Facebook’s answer to Twitter’s acquisition of Revue, a paid newsletter platform. Both social media giants are overly dependent on ad revenue, which is why they look for opportunities to diversify their revenue structure.
The tech giant from Redmond, USA, just made it easier to develop apps to run in the whole Windows 11 ecosystem. Their newest creation, ARM64EC (EC stands for Emulation Compatible), makes devs’ lives easier - one does not have to fully rewrite an app to target devices with the new (new for Windows) ARM architecture.
Up until this point, a developer had to recompile their whole app, and even then, it could have dependencies or plugins that would not run on this particular architecture. Now, developers can rebuild their app with ARM64EC and make their code work – in an emulator or natively.
To get started, download the latest Windows Insider SDK and Visual Studio Preview.
Make sure to subscribe to our newsletter! 360° IT Check is a weekly publication where we bring you the latest and greatest in the world of tech. We cover topics like emerging technologies & frameworks, news about innovative startups, and other topics which affect the world of tech directly or indirectly.