databases – Noise

Upgrading GitHub.com to MySQL 8.0

Jiaqi Liu — Thu, 07 Dec 2023 22:00:36 +0000

GitHub uses MySQL to store vast amounts of relational data. This is the story of how we seamlessly upgraded our production fleet to MySQL 8.0.

The post Upgrading GitHub.com to MySQL 8.0 appeared first on The GitHub Blog.

Let’s Architect! Architecting with Amazon DynamoDB

Luca Mezzalira — Wed, 19 Oct 2022 13:23:03 +0000

NoSQL databases are an essential part of the technology industry in today’s world. Why are we talking about NoSQL databases? NoSQL databases often allow developers to be in control of the structure of the data, and they are a good fit for big data scenarios and offer fast performance. In this issue of Let’s Architect!, […]

Leak of Russian Censorship Data

Bruce Schneier — Mon, 14 Mar 2022 11:09:24 +0000

The transparency organization Distributed Denial of Secrets has released 800GB of data from Roskomnadzor, the Russian government censorship organization.

Specifically, Distributed Denial of Secrets says the data comes from the Roskomnadzor of the Republic of Bashkortostan. The Republic of Bashkortostan is in the west of the country.

[…]

The data is split into two main categories: a series of over 360,000 files totalling in at 526.9GB and which date up to as recently as March 5, and then two databases that are 290.6GB in size, according to Distributed Denial of Secrets’ website...

Bunnie Huang’s Plausibly Deniable Database

Bruce Schneier — Thu, 10 Feb 2022 12:13:26 +0000

Bunnie Huang has created a Plausibly Deniable Database.

Most security schemes facilitate the coercive processes of an attacker because they disclose metadata about the secret data, such as the name and size of encrypted files. This allows specific and enforceable demands to be made: “Give us the passwords for these three encrypted files with names A, B and C, or else…”. In other words, security often focuses on protecting the confidentiality of data, but lacks deniability.

A scheme with deniability would make even the existence of secret files difficult to prove. This makes it difficult for an attacker to formulate a coherent demand: “There’s no evidence of undisclosed data. Should we even bother to make threats?” A lack of evidence makes it more difficult to make specific and enforceable demands...

Frictionless hosting of containerized ASP.NET web apps using Amazon Lightsail

Emma White — Thu, 10 Jun 2021 13:57:44 +0000

This post is written by Fahad Mustafa, Cloud Application Architect, AWS Professional Services There are many ways to deploy ASP.NET web apps to AWS. Each with its own use cases and differing pricing models. But what if you have a small website and database that you must deploy rapidly, manage, and scale? What if you […]

Dutch Insider Attack on COVID-19 Data

Bruce Schneier — Wed, 27 Jan 2021 14:59:03 +0000

Insider data theft:

Dutch police have arrested two individuals on Friday for allegedly selling data from the Dutch health ministry’s COVID-19 systems on the criminal underground.

[…]

According to Verlaan, the two suspects worked in DDG call centers, where they had access to official Dutch government COVID-19 systems and databases.

They were working from home:

“Because people are working from home, they can easily take photos of their screens. This is one of the issues when your administrative staff is working from home,” Victor Gevers, Chair of the Dutch Institute for Vulnerability Disclosure, told ZDNet in an interview today. ...

Amazon Has Trucks Filled with Hard Drives and an Armed Guard

Bruce Schneier — Mon, 04 Jan 2021 12:11:20 +0000

From an interview with an Amazon Web Services security engineer:

So when you use AWS, part of what you’re paying for is security.

Right; it’s part of what we sell. Let’s say a prospective customer comes to AWS. They say, “I like pay-as-you-go pricing. Tell me more about that.” We say, “Okay, here’s how much you can use at peak capacity. Here are the savings we can see in your case.”

Then the company says, “How do I know that I’m secure on AWS?” And this is where the heat turns up. This is where we get them. We say, “Well, let’s take a look at what you’re doing right now and see if we can offer a comparable level of security.” So they tell us about the setup of their data centers...