Wednesday, 29 January 2025

Fluent Assertions

Posted by at No comments:

BDD

Posted by at No comments:

Tuesday, 28 January 2025

So-called "Safe" Kernel Programming with eBPF

eBPF technology has roots in the Linux kernel. It is software designed to run programs in a privileged context within an operating system kernel in a sandboxed environment.  This is done without touching kernel source code or loading kernel modules.  A more complete description can be found on ebpf.io.

The use of the acronym eBPF is historic. BPF stood for Berkeley Packet Filter and eBPF was the extended version. eBPF now does lots more than packet filtering so the appropriateness of this meaning is defunct. The original BPF, mostly obsolete, is sometimes now called cBPF (classic BPF) to distinguish it from the eBPF concept.

A more technical guide to the technology can be found here on the Cilium website. Cilium is a tool built on eBPF used in Google Kubernetes Engine (GKE) and in EKS Anywhere on AWS (for on premise container management).

Posted by at No comments:
Labels: , , ,

Friday, 24 January 2025

GitHub Desktop

GitHub Desktop enables you to work with projects hosted on GitHub. It is an open source application based on Electron (software framework to create desktop applications with web technologies: HTML, CSS and JavaScript with a Chromium browser engine front end and a Node.js backend, used in Visual Studio Code). Roughly speaking it is a visual version of the CLI. 

Posted by at No comments:
Labels: , , , , , , , ,

Wednesday, 22 January 2025

Collaborative Email Authentication with DMARC

DMARC is an email authentication policy covered by RFC7489.

It stands for "Domain-based Message Authentication, Reporting and Conformance" and builds on SPF and DKIM protocols.  SPF and DKIM were invented for email authentication - the problem of validating whether this email that claims to come Jack really came from Jack. More details on why DKIM was needed and the threats it is intended to protect from are detailed in RFC4686. DKIM stands for DomainKeys Identified Mail.

DMARC improves on DKIM and other protocols in the way described emphasising collaboration between senders and receivers.

Some documents may describe DMARC as a replacement for ADSP. ADSP is an optional extension of DKIM and stands for Author Domain Signing Practices where a domain can publish the signing practices it utilizes when relaying mail on behalf of authors. It did not have much adoption.
Posted by at No comments:
Labels: , , , , , ,

Tuesday, 21 January 2025

SSDP (Simple Service Discovery Protocol)

You may have encountered SSDP (Simple Service Discovery Protocol) in the context of the Services tab in Task Manager in the form of SSDPSRV (SSDP Discovery Service). 

It is a HTTPU (HTTP UDP) text based protocol i.e. relies on UDP underneath.

The SSDP protocol can discover Plug and Play devices, with uPnP (Universal Plug and Play).

The SSDP protocol has been found to be used in DDoS attacks also known as SSDP Reflection Attack with Amplification.

Vulnerabilities also arise from widespread proliferation of certain open source libraries e.g. pupnp.
Posted by at No comments:
Labels: , , , , ,

Saturday, 11 January 2025

The Helm Package Manager for Kubernetes

Helm is the package manager for Kubernetes. It was developed at Deis in 2015 and later acquired by Microsoft.
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)