(Red clouds over the city of El Paso, TX. Photo via Good Free Photos)
Welcome to Mostly Cloudy! Settle in for a quick roundup of everything notable that has happened so far this week in cloud computing.
Around the Cloud
Why Banning 8chan Was So Hard for Cloudflare: ‘No One Should Have That Power’ (New York Times)
Cloudflare CEO Matthew Prince is a thoughtful guy, but the days of the anything-goes internet are rapidly vanishing as we start to take stock of what that laissez-faire attitude has wrought. Decisions about whether or not Cloudflare should provide a lifeline to merchants of online hate like 8chan should not be made after people have been killed (again) by followers of ideologies aired on those sites; there were ample warning signs that 8chan was radicalizing domestic terrorists in service of white supremacy.
Microsoft hikes cost of licensing its software on rival public clouds, introduces Azure 'Dedicated' Hosts (The Register)
It’s not clear how many Windows customers will actually be affected by these new licensing changes, given that they only apply to Windows users who require dedicated servers for their cloud workloads, but it’s still not a great look from Microsoft. There’s a huge land grab on this summer among cloud vendors looking to capture the workloads of companies who face a January end-of-support deadline to upgrade their Windows 2008 servers, and with this change Microsoft made it more expensive for those companies to choose AWS, Google Cloud, or Alibaba for Windows applications that require dedicated servers.
Series A(ggregate) (Techcrunch)
This isn’t a cloudy post per se, but I appreciated this take from Danny Crichton on how all of us who write about startups and fund raising should recognize that a new funding round is a series of small wins, as opposed to a big splash. (You can make a solid argument that Techcrunch did as much as any one publication to establish the breathless startup fund-raising narrative vehicles of our times, but…)
How the Accused Capital One Hacker Stole Reams of Data From the Cloud (Wall Street Journal)
Oregon Senator Ron Wyden is the guy with the hat. (Photo via Instagram/Ron Wyden)
The Capital One story will not go away anytime soon. Bob McMillan had a great look at how a former Amazon Web Services engineer managed to exploit Capital One’s poor cloud security defenses and make off with the personal information of millions. And AWS could have another short-term headache on its hands: Oregon Senator Ron Wyden, easily one of the better-informed U.S. legislators when it comes to technology issues, sent a letter to the company on Monday demanding details on its security practices.
Microsoft launches Azure Security Lab, doubles top bug bounty to $40,000 (Venturebeat)
It’s that time of year again, when the cybersecurity community goes to Las Vegas during the hottest month of the year to sit inside hotel conference rooms and drink too much. Bug bounty programs are one of the most interesting and effective security tactics to emerge in recent years, and Microsoft amped up its program with more money for properly reporting vulnerabilities and a special protected area of Azure separated from customer servers on which security researchers can look for flaws.
Mesosphere changes name to D2IQ, shifts focus to Kubernetes, cloud native (Techcrunch)
It must be getting really hard to find web addresses and trademarks that somebody else hasn’t already claimed. Mesosphere, which has been a bit adrift since it became clear Kubernetes was going to become a de-facto standard for container orchestration, will now try to justify the $250 million that investors have poured into the company by selling an enterprise-friendly distribution of Kubernetes under the name D2IQ.
A History of Amazon Web Services (AWSgeek)
(Via AWSgeek)
This is Official Vendor Content, but I couldn’t resist highlighting this visual representation of every major AWS service the company has announced since 2006. It also reminded me that we haven’t heard anything in a while about the formal release of AWS Outposts, probably the biggest product announcement of re:Invent 2018, although VMworld is just around the corner.
CNCF Open Sources Security Audit of Core Kubernetes Components (The New Stack)
As Kubernetes becomes a more central component of containerized infrastructure, finding and fixing security vulnerabilities will become more and more important. The Cloud Native Computing Foundation conducted a security audit over the last two months with participation from the open-source community, and discovered several vulnerabilities and other insecure ways in which Kubernetes users are applying the software to their environments.
Enterprise vendors increasingly dominate the open source software scene (ZDnet)
Speaking of the open-source community, one thing I’ve been wondering about over the last few years is the shift in that community toward the 1 percent: companies like Google, Microsoft, and IBM. It’s not hard to see that shift identified by CB Insights as playing a large role in the tension between cloud providers, companies built around open-source projects, and those who believe deeply in the open-source philosophies that transformed enterprise computing.