December 1, 2016 brianradio2016

It’s no secret that devops and IT security, like oil and water, are hard to mix. After all, devops is all about going fast, while security is all about proceeding carefully. However, both devops and security serve a higher authority—the business—and the business will be served only if devops and security learn to get along.

Security can (and should) be baked into the devops process, resulting in what is often referred to as devsecops. IT security teams are obliged to understand how applications and data move from development and testing to staging and production, and to address weaknesses along the way. At the same time, devops teams must understand that security is at least partly their responsibility, not merely slapped onto the application at the very end. Done right, security and devops go hand in hand.

Because half of this equation is about making devops more security-aware, I’ve put together a primer on some basic security principles and described their applicability in devops environments. Of course, this list is only a start. Feel free to comment and suggest other terms and examples.

Vulnerabilities vs. exploits

A vulnerability is a weakness that may allow an attacker to compromise a system. Vulnerabilities usually happen due to bad code, design errors, or programming errors. They are basically bugs, albeit bugs that may not interfere with normal operations of the application, except to open a door to a would-be intruder. For a recent example, look at Dirty Cow.

November 29, 2016 brianradio2016

games-newsroomcover.pngSource: Facebook

Get ready to either fall more in love with Facebook Messenger, or start to dislike Facebook game invites on the social platform even more than you already do. Games are now built into Messenger.

Facebook on Tuesday announced an update to its Messenger platform, adding a new service called Instant Games.

What’s Hot on ZDNet

Instead of hiding games — such as basketball or soccer — behind secret emojis as the company has done in the past, Facebook is making games a central part of Messenger. Meaning with just a few taps you can invite a friend in a private conversation, or several friends in a group chat to compete at Pac-Man or Space Invaders.

According to the announcement, Instant Games are available in 30 countries on Android and iOS devices starting today. However, I have yet to see the game controller icon that’s needed to start a gaming session, and don’t seem to have any available updates to the Messenger app.

Facebook posted a video showing users how to invite friends to a game here.

Currently there are 17 titles available:

  • Pac-Man
  • Galaga
  • Arkanoid
  • Space Invaders
  • Track & Field 100M
  • Shuffle Cats Mini
  • Words with Friends: Frenzy
  • Hex
  • Everwing
  • Endless Lake
  • Templar 2048
  • The Tribez: Puzzle Rush
  • 2020 Connect
  • Puzzle Bubble
  • Zookeeper
  • Brick Pop
  • Wordalot Express
November 29, 2016 brianradio2016

Apple’s iPhones and iPads remain the best mobile devices available, and iOS remains the best mobile operating system. All are sophisticated, with many layers of technologies that provide the most cohesive ecosystem of functionality on the market today. Macs remain stylish and high-quality, and they make for great complements to Apple’s mobile gear.

So why are so many people glum or at least unenthusiastic about Apple? Every Apple fan I meet expresses frustration, concern, and puzzlement on the new Apple products—I now rarely hear the wonder and excitement we have long associated with Apple fans. People fret about ports and dongles, and they wonder why anyone invented haptic buttons and the Touch Bar. They start looking at yesteryear’s models when the new ones come out. And they don’t crow about what cool things they can now do.

For several years, Apple has slowed down its pace of mobile innovation, making each new iPhone or iPad model less compelling an upgrade. The iPhone 6s’s 3D Touch is hardly anything to get excited about, for example. There’s also been no meaningful Mac innovation for several years, though 2014’s OS X Yosemite introduced interesting developments in MacOS.

Worse, this year’s iPhone 7 became controversial for removing its audio port, requiring people buy adapters and eliminating their ability to charge their iPhone while listening to music, watching videos, and in some cases making calls. To add insult to injury, the wireless earbuds promised to make the end of the audio jack OK have been delayed indefinitely—suggesting something is very wrong in their design or manufacture.

November 22, 2016 brianradio2016

When I go to practitioner conferences outside Silicon Valley, I’m reminded of the separation between the tech industry’s notions and what IT organizations deal with every day. It’s like they’re living in separate worlds.

But I’ve noticed a few recent Silicon Valley concepts now taking root in the mainstream of IT, after years of being the next big thing within the Valley itself. Both their migration into the real world and the fact that mainstream IT doesn’t jump onto the latest technology bandwagons are good because mainstream IT does need to evolve, but it also needs to be careful about what Silicon Valley notions it adopts.

What cool concepts are making their way into mainstream IT from the current fads in Silicon Valley?

One is devops, the more flexible approach to development testing and deployment that breaks down barriers between developers and IT operations staff. In my admittedly unscientific sample of practitioner conferences, I’m seeing the on-the-ground IT pros begin to try the concept, dealing with the political issues that arise when you break down ownership boundaries while trying to get the pace advantages that devops promises — a pace they need to get to in the modern world where IT projects simply can’t take years any longer.

November 17, 2016 brianradio2016

With the rise of ransomware against hospitals, attacks against the Democratic National Committee (DNC), and even major tech CEOs getting hacked, no one is immune to having their information stolen. Today’s attackers are sophisticated, state sponsored, and armed with advanced techniques to hit specific targets. Despite an estimated $75 billion per year spent on security, adversaries dwell undetected in networks for an average of 146 days—exposing organizations to massive theft and business disruption. Organizations must work to close this gap and thwart advanced threats before damage and loss occur.

Endgame helps organizations close the protection gap with a unified platform for preventing, detecting, hunting, and responding to known and unknown threats at the earliest stages of a cyberattack. Endgame enables Security Operations Center (SOC) and Incident Response (IR) teams to automate the threat hunting process, from asset discovery to response, dramatically reducing the time to detection and remediation. Time ordinarily spent on forensic analysis and compromise assessment can be shifted to attack detection and response, pre-empting advanced attacks, and discovering and eliminating intruders before they cause damage and loss.

The Endgame platform does not depend on signatures or indicators of compromise (IOCs). Rather it draws on machine learning and other advanced analytics to detect not only malware, but patterns and signals of maliciousness. The Endgame platform is built to discover attackers even when they are dormant, as in the case of the DNC attacks, or missed by traditional signature-based tools, reducing the time and cost associated with incident response and compromise assessment.

The hunt for APTs

The DNC attack was attributed to two different groups: APT28, or Fancy Bear, and APT29, or Cozy Bear. APT28 is a Russian-based threat actor that has been active since the mid-2000s. APT29 is the adversary group that last year successfully infiltrated the unclassified networks of the White House, State Department, and U.S. Joint Chiefs of Staff. Both APT28 and APT29 have been responsible for targeted intrusion campaigns against the aerospace, defense, energy, government, and media sectors, among many others.

November 16, 2016 brianradio2016


A simple “G” on the back of the Pixel lets you know it’s made by Google.

Jason Cipriani/ZDNet

Having spent the better part of the past month using Google’s Pixel XL smartphone, I still think Google made one of the best phones of the year.

I have zero hesitation recommending either Pixel phone to a friend, family member, or a complete stranger when asked. In fact, my recommendations as of right now are the iPhone 7 Plus or Pixel XL. You can’t go wrong with either one.

The Pixel’s camera takes crisp photos and is incredibly fast. The phone itself is a workhorse, with long battery life and practically no slowdown even as it’s pushed to its limits.

However, what I find most appealing about the Pixel isn’t something you’ll find on the spec sheet. It’s that, for the first time, there’s an Android phone that’s also the best Google phone money can buy.

That may sound absurd, but hear me out.

Apple hardware, Google software

As someone who is deeply rooted in Apple’s hardware and Google’s software, I’ve long said the best Google phone money can buy is the iPhone.

Google doesn’t shy away from making its software products available on iOS. Look at the list of Google apps in the App Store, and then name one of its major software products that isn’t available for the iPhone. Google Drive, Docs, Sheets, Slides… They’re all there. Chrome, Gmail, Google Maps… They’re all there, too.

Granted, the apps often lack some key functionality, and it feels as if Google has given up on keeping pace with Apple’s latest software features and design guidelines. For example, last week’s update to the Gmail app was the first major update in nearly four years. At the end of the day, however, the apps are available and usable.

With so many variables and inconsistent experiences across Android devices (Samsung pushing its services alongside Google’s; LG still trying to make heavily customized Android skins work; the Nexus line struggling to find a purpose), a true Google phone has never really existed. Android devices up until now have primarily been a mishmash of two different approaches butting heads, hoping to make two companies some money along the way.

Apple’s hardware design and reliable camera combined with Googles’ apps running on iOS made the case all on its own.

Pixelation of Google services

Everything about the Pixel is unapologetically Google.

Starting with the G logo on the back to the startup animation centering around Google and not the familiar green Android robot, Android has taken a backseat to Google when it comes to the Pixel.

Adding to the value of Google’s phone is the fact that Google Assistant is — for the time being — exclusive to the Pixel. Furthermore, Google Photos now offers unlimited video and photo backup for Pixel owners.

Assistant and unlimited Photos storage are two services those who are entrenched in Google services won’t find on the iPhone or another Android device.

More Google

Google somehow persuaded Verizon to treat its phone as an equal to the iPhone by pushing out OS updates at the same time Google does. Monthly security updates are a vast improvement over the past Android experience of hoping you’ll one day, eventually, maybe, if you’re lucky enough, get a software update on a competing Android device. The benefit of regular, timely software updates is something iOS users have long used as a battle cry to denounce Android (and rightfully so).

Google regularly updates the Android version of its core apps — those same apps you can find on iOS — with new features and design tweaks. Instead of waiting four years for meaningful update to Gmail, as iOS users just did, Pixel users will have constant access to the best implementation of Google’s apps and services.

With Apple’s ecosystem, the iPhone is arguably the centerpiece (as well as a gateway product) that ties together the entire Apple experience across the Mac, iPad, and Apple Watch.

As Google continues to push forward its newfound hardware initiative with products like Chromecast, Google Home, and Daydream View, the Pixel’s importance as the centerpiece of the experience will continue to grow.

More Google than Android

Naturally, the operating system that powers the Pixel is Android. It’s not vanilla Android, the version of Android Google had long pushed as a selling point for its Nexus devices, in turn causing device makers such as Motorola to follow suit and start using a basic version of Android as a selling point.

The OS version may say Android 7.1 Nougat, but this is very much Google’s minimalist approach to a proprietary Android skin.

The Pixel launcher breaks away from the traditional app drawer, in favor of adding an extra app icon to the dock. A new search button sits next to a weather widget and the current date on the main home screen. The home button animates slightly at each touch, and the fingerprint sensor doubles as a trackpad to easily reveal notifications.

There are small tweaks and changes throughout the entire Pixel experience, all of which enhance the experience instead of distract from what the phone is capable of.

Nothing to lose

There’s zero doubt in my mind that Google has a clear vision for what Android will become over the next few years; leading that transition is the Pixel.

With the Pixel, Google has matched the iPhone in hardware and software, and surpassed it as the best phone for Google services. For someone who wants the best Google experience possible on a smartphone, you aren’t giving anything up by getting a Pixel over an iPhone. Actually, you have a lot to gain.

November 15, 2016 brianradio2016


Google on Tuesday announced a new PhotoScan app for iOS and Android that will turn old print photos into digital photos at no cost.

PhotoScan detects edges, straightens the image, rotates it to the correct orientation, and removes glare, claims Google. Users can simply launch the PhotoScan app and are guided to snap the print photo with four white dots acting as a guide.

Scanned photos can be saved to your phones internal storage, or Google Photos to be organized, searchable, and shared. Google Photos currently offers unlimited photo storage. PhotoScan doesn’t automatically upload to Google Photos.

“We all have those old albums and boxes of photos, but we don’t take the time to digitize them because it’s just too hard to get it right,” said Jingyu Cui, software engineer at Google Photos. “We don’t want to mail away our original copy, buying a scanner is costly and time consuming, and if you try to take a photo of a photo, you end up with crooked edges and glare.”

The iOS, Android, and web app began rolling out Tuesday.

The Google Photos team also announced improvements to its app, adding a new and improved auto enhance, 12 new filters, and advanced editing tools.

November 15, 2016 brianradio2016

For as long as I can remember, CIOs have obsessed about getting a seat at the executive table, treated as colleagues on corporate strategy, and not merely operations guys whose only reason to talk to the board is to be reminded that IT budgets are too high and need to be shaved every year.

That obsession over getting a seat at the table doesn’t seem to have changed much in reality—most CIOs are still made to focus on continually reducing costs even as they are asked to support more and more technologies. They’ve tried learning the language of business, embedding IT pros into business teams, bringing business expertise into IT, and other forms of “business-IT alignment.” But little has changed.

But now, maybe something can change, and not only at those idiosyncratic companies where an individual CIO has figured out the secret sauce for his or her organization.

Four years ago, a consortium of enterprises was formed, called the TBM Council. (TBM stands for “technology business management.”) It formed around a vendor called Apptio that provided a financial tool for CIOs to understand and manage IT spend, creating what Apptio CEO Sunny Gupta calls a subledger for IT.

November 10, 2016 brianradio2016

As most of us in the developer and IT ops communities know by now, Docker is good. Docker and containers have brought production operations closer to development, given us more freedom in our technology choices, and ushered in microservices as the backbone of a more flexible and aggressive approach to building software, especially in cloud environments.

But as organizations adopt Docker and containerization, life can get complicated. Operationalizing Docker, more often than not, means increased complexity, an abundance of infrastructure and application data, and a commensurate need for additional monitoring and alerting on the production environment.

As Docker and containers make the leap from development into production in your organization, there are three factors to keep in mind when it comes to monitoring a containerized environment. First, monitoring Docker is not a solution unto itself. Second, you need to know which container metrics you should care about. Third, there are multiple options for collecting application metrics. Let’s dive in.

What’s important?

As operations, IT, and engineering organizations coalesce around the value and importance of containers, they often ask the seemingly logical question: “How do I monitor Docker in my production environment?” As it turns out, this question has it backward. Monitoring the Docker daemon, the Kubernetes master, or the Mesos scheduler isn’t especially complicated, and there are, in fact, solutions for each of these.

November 8, 2016 brianradio2016


Google updates Gmail for iOS with “undo” feature to recall mistakenly sent email.

Image: Google

Google has overhauled the look and feel of the Gmail app for iOS, aligning it more closely with the Gmail app for Android.

The new Gmail for iOS offers a cleaner, more colorful look that’s consistent with Google’s Android app — and should be faster to use, thanks to new swipe-to-delete actions, and improved search.

Visually, the update introduces a new red bar at the top of the screen, contact profile images, and Google’s floating action button to initiate a new email. iOS users may recognize some common elements with the Inbox by Gmail app, minus smart suggestions and reminders.

Gmail users on iOS can now recall a mistakenly sent email. The feature previously was only available on Gmail for the desktop and in the Inbox by Gmail app. Gmail will hold off sending an email for a few seconds, in which time users have a chance to hit an ‘undo’ button that appears in a dark grey box at the bottom of the screen. A similar undo option is available when archiving messages in the Gmail app.

Improvements to search include instant results, predictions, and spelling suggestions, aligning it with the faster experience of Google’s web search on mobile.

Google released the new app for iPhone and iPad on Monday as version 5.0.3 of Gmail for iOS. According to Google, it’s the biggest overhaul to the app since 2012.

While it is a major update, the app still remains squarely aimed at Gmail users as opposed to a general email client. For example, the app only supports multiple Google accounts, compared to Microsoft’s popular Outlook for iOS app. Also, the swipe action only supports archiving or deleting, which can be adjusted in settings within the app, whereas Outlook and Apple’s Mail app offer additional features such as reminders.

Google also updated its Calendar app for iOS, which now includes a month view and week view in landscape. It also integrates with Apple’s Spotlight search, meaning that people can use the iPhone’s built-in search to find events, reminders, and goals in Google Calendar.

Read more about Gmail