Todas las entradas hechas por Bobby Hellard

Office meetings hit by chaos due to Google Calendar outage


Bobby Hellard

19 Jun, 2019

Google G Suit suffered an outage to its Calendar and Hangouts Meets services on Tuesday, locking desktop users out of meetings.

The Calendar tool, which is used by busy offices around the world, was down for more than three hours, disrupting UK users in the afternoon.

Google said the problem with its Calendar and Hangouts Meet should be resolved, but it didn’t offer up any more information about what exactly the problem was.

«We apologise for the inconvenience and thank you for your patience and continued support. Please rest assured that system reliability is a top priority at Google, and we are making continuous improvements to make our systems better.» a Google spokesperson told Cloud Pro.

According to Down Detector, the issue impacted users in parts of North America, South America, Europe, Africa and Asia but it only affected the web versions of the service. The Google Calendar app for iOS and Android, as well as some third-party mobile apps, appeared to be working properly.

This latest outage came two days after a report from Wired that exposed how hackers are exploiting a calendar setting to place event invites in another person’s calendar and essentially scam unsuspecting users into entering personal and financial information.

It also follows a similar outage in March that affected Google Drive, Google Maps and also Hangouts, all of which were down for seven hours. On that occasion people in Europe, the US, Australia and Asia were affected by the outage.

While many struggled with the disruption, some saw the bright side and took to Twitter to make jokes about the outage.

«GCal is down – no idea what I should be doing or where I should be. Can’t decide if I should embrace my new freedom or wander the office halls asking coworkers if we’re supposed to be meeting now,» wrote Thomas McCorkle, who works for SaaS management platform Zylo.

Even the platform itself had some fun at Google’s expense, tweeting: «Is today cancelled, @googlecalendar?»

VMware to acquire cloud startup Avi Networks


Bobby Hellard

14 Jun, 2019

VMware has signed a «definitive agreement» to acquire Avi Networks, a startup that helps companies deliver cloud-based applications.

The software virtualisation company said it plans to introduce the Avi platform to VMware customers and partners to help enterprises adopt software-defined application delivery across data centres and clouds.

Once the deal is closed, the VMware and Avi Networks teams will work together to advance its Virtual Cloud Network vision, build out full stack L2-7 services and deliver the public cloud experience for on-prem environments.

The VMware vision, according to Tom Gillis, SVP and general manager of the network and security business unit, is to deliver the «public cloud experience» to developers regardless of what underlying infrastructure they are running, meaning agility – the ability to quickly deploy new workloads, try new ideas and to «iterate».

This seems like a key driver behind the deal as VMware said that modern infrastructure needs to provide agility wherever it executes, either on premises, in hybrid cloud deployments, or in native public clouds.

«Application Delivery Controllers (ADCs) are a critical pillar of a software-defined data centre,» he said «Many workloads cannot be deployed without one. For many customers, this means writing their application to bespoke and proprietary APIs that are tied to expensive hardware appliances.

«The Avi Networks team saw this problem and solved it in the right way. They built a software architecture that is truly scale-out, with a centralised controller. This controller manages not just the configuration of the individual load balancers but also manages their state. This architecture mirrors the approach of our groundbreaking software-defined networking solution VMware NSX.»

VMware called Avi Networks a «pioneering» startup, due to its software-defined ADC architecture that is fully distributed, auto scalable, and intrinsically more secure. The Avi Platform enables elastic load balancing, application acceleration and security services combined with centralised management and orchestration for consistent policies and operations.

Unlike traditional ADCs, it does not require custom appliances and can be consumed on-prem, in public clouds, or as a service, enabling new flexibility and faster time to value at lower costs.

AWS would spin out from Amazon if «forced» by US regulators


Bobby Hellard

11 Jun, 2019

AWS CEO Andy Jassy has said that the cloud giant would spin off from parent company Amazon if regulators forced it too.

During a chat with Recode editor-at-large Kara Swisher at the 2019 Code Conference, Jassy responded to a question about a recent Washington Post report on an agreement between two federal agencies that put Amazon under the jurisdiction of the Federal Trade Commission.

The report follows calls for the breakup of large technology companies from Senator Elizabeth Warren, a Democratic presidential candidate who has Facebook and Google in her sights.

Amazon and AWS often come up in discussions about tech breakups and Jassy said that he didn’t see the benefits of it, but the company would follow regulatory action if it seeks to split the world’s largest cloud provider from its parent.

«I think that when you’re able to build multiple customer experience in different business segments that people really respond to, your business is going to get larger,» he said. «I think as your business gets larger, there’s going to be more scrutiny. We expect it and you have to run the business to be comfortable with that, which is the way we’ve tried to do it.

«I would never say never about anything, but I just don’t see it. Typically, when companies spin off subsidiaries, it’s either because they want to get that company off the financial statements or they just can’t afford to fund the business the way it used to be funded. Neither of those is the case so I just don’t see it.»

Jassy said that spinning off the business wouldn’t be in its customer’s interests because of the extra admin and financial infrastructure it would have to add and deal with would be a «distraction» and potentially disrupt the company’s ability to deploy new services. But, he added, that they wouldn’t have much choice if they were forced.

«I can’t speak to what the government is thinking, or will do, but at the end of the day, we operate in the United States and we will follow the United States laws,» he said. «If we were forced to do it, I guess we would have to.»

Having been with Amazon for more than 20 years, Jassy has insight into how both AWS and Amazon interact, along with AWS’ position in the cloud an IT market, which is significant given roughly half of Amazon’s latest reported operating income came from AWS. 

Microsoft and Oracle team up on multi-cloud service


Bobby Hellard

6 Jun, 2019

Microsoft and Oracle have announced a partnership that will see them offer a combined service for customers wanting to migrate their workloads to the cloud.

The combined services will allow users of Oracle’s autonomous databases to connect with Microsoft services such as Azure analytics and AI. Users will be able to log on to services from either firm with a single joint user name.

According to Oracle, the majority of the worlds largest enterprises use its databases along with Microsoft services, running them side-by-side in their on-premises data centres. But migrating these workloads to the cloud can often leave them stranded on multiple cloud islands, with little ability to share data between the two.

With this alliance, both companies are aiming to give customers the ability to seamlessly use multiple clouds with much greater effectiveness. It promises nimble apps that can shift from cloud to cloud easily that can even deploy individual apps that span multiple clouds.

«With Oracle’s enterprise expertise, this alliance is a natural choice for us as we help our joint customers accelerate the migration of enterprise applications and databases to the public cloud,» said Scott Guthrie, head of Microsoft’s cloud unit.

Oracle’s vision for the partnerships is that customers can run applications in separate clouds with consistent controls and that these applications span clouds, typically with the database layer in one cloud and the app and web tiers in another. This is a low-latency connection between the clouds that lets customers choose preferred components for each application.

«Oracle is tremendously excited to give our customers the ability to leverage our technology alongside that of another industry leader with dramatically reduced friction,» said Vinay Kumar, VP of product management at Oracle.

«We see this as a first step down the path of greater choice, flexibility, and effectiveness for enterprise cloud usage. We’re eager to see what our customers will build with this new capability and where this alliance will take us and the industry.»

Currently, that industry is dominated by AWS, which has started a process of moving away from using Oracle databases. Back in August 2018, it was reported that this transition could take up to two years.

G Suite passwords stored in plain text for 14 years


Bobby Hellard

22 May, 2019

Google has revealed that some G Suite passwords have been stored in plaintext, meaning without encryption, for 14-years.

The tech giant said it had recently discovered a bug that’s been around since 2005 and has begun resetting any passwords that might be affected, as well as alerting G Suite administrators about the issue.

«We recently notified a subset of our enterprise G Suite customers that some passwords were stored in our encrypted internal systems unhashed,» said Suzanne Frey, VP of Google’s engineering and cloud trust division.

«This is a G Suite issue that affects business users only–no free consumer Google accounts were affected–and we are working with enterprise administrators to ensure that their users reset their passwords.»

Frey added that Google has been conducting a thorough investigation and, so far, hasn’t seen any evidence of improper access or misuse of these affected G Suite credentials.

The blog post goes into great detail about Google’s policy on storing passwords with cryptographic hashes that mask them. Cryptography is a one-way system, as in only seen at Google’s end, where it scrambles user passwords with a hash function – so it becomes something like «72i32hedgqw23328». This is then stored with the relevant user name, encrypted and saved to disk. The next time the user signs in, the password is scrambled in the same way to see if it matches what Google has stored.

But this wasn’t the case back in 2005 for one particular feature. In the enterprise version of G Suite, Google allowed domain administrators with tools to set and recover passwords; supposedly because this was highly requested. This tool was located in the admin console and let administrators upload or manually set user passwords.

The idea was to help administrators load on new users but the function would inadvertently store a copy of the unhashed password in the admin console. Google stressed that these passwords remained in its secure encrypted infrastructure and that the issue had been fixed, but 2005 was a long time ago.

While that’s bad enough, further password encryption flaws were found by the company as it was troubleshooting new G Suite customer sign-up flows. It discovered that from in January 2019 it had inadvertently stored a subset of unhashed passwords in its secure encrypted infrastructure. These passwords were only stored for a maximum of 14 days and once again, Google said the issue has been fixed.

This is one of a number of incidents reported by tech companies in recent times, where password encryption has been hampered by a bug or fault. Last year, Twitter warned its users to update their passwords after the company identified a flaw in its systems that could have allowed staff at the company to view them in plaintext form. Twitter sent an email to users explaining that the bug had been fixed and the resulting internal investigation «showed no indication of a breach of misuse by anyone».

In Google’s defence, despite how long the bug has been in G Suite, its notification has not tried to mask anything. Unlike Facebook, which earlier this year notified users that «some» passwords had been stored in plaintext, only explaining much further down its blog post that actually hundreds of millions of passwords for Facebook, Instagram and Facebook Lite were stored without encryption.

Adobe sends out a legal warning to creative cloud users


Bobby Hellard

14 May, 2019

Adobe has sent creative cloud users a legal warning that they could be at risk of potential claims of infringement by third parties if they continue using the outdated versions of the apps.

Adobe Creative Cloud is a set of applications and services that gives subscribers access to graphic design, video editing, web development, and photography software, such as Photoshop and Lightroom. It comes along with a set of mobile applications, and also some optional cloud services, with a monthly or annual subscription.

Last week, Adobe said that older versions of Creative Cloud apps would no longer be available to subscribers, which it has explained in a blog post.

«We recommend all customers use the latest release of Creative Cloud for optimal performance and benefits,» it said. «Please note that going forward, Creative Cloud customers will only have direct download access (from the Creative Cloud Desktop app and Adobe.com) to the two most recent major versions of Creative Cloud desktop applications.»

Now, however, the company is warning users of legal infringements from third parties and saying that they are no longer licensed to use its older apps if they chose too.

«Adobe recently discontinued certain older versions of Creative Cloud applications. Customers using those versions have been notified that they are no longer licensed to use them and were provided guidance on how to upgrade to the latest authorised versions,»  it said in a statement to Gizmodo.

«Unfortunately, customers who continue to use or deploy older, unauthorised versions of Creative Cloud may face potential claims of infringement by third parties. We cannot comment on claims of third-party infringement, as it concerns ongoing litigation.»

While most might just shrug their shoulders and think «why not just update?» it is important to note the many reasons users chose to stick with legacy software. Some might be using older hardware and as such might not have the specs to run increasingly bloated software.

There are also those who like what they have and have some scepticism about updates – such as those people still using Windows 7. While cloud-based services definitely have their benefits, it does highlight the issue that you essentially do not own the software you’re paying for.

AWS helps Ministry of Justice pursue legal aid for all


Bobby Hellard

8 May, 2019

It’s a sad fact of life that people only interact with the justice systems when something has gone really, badly wrong in their lives. They’ve been the victim of a crime, they’ve been accused of one, or something more complex, such as seeking legal help when you are on the verge of homelessness after being illegally evicted.

These are some of the most fundamental parts of many peoples life, users of the website for the Ministry of Justices (MoJ), so it’s of high importance that those users can engage with a service that runs efficiently and without outages or delays.

The MoJ runs 500 courts and tribunals across England and Wales. It has around 70,000 employees operating in 800 plus buildings. It also looks after 83,000 people in its prison service – around 121 prisons – so it has quite a considerable scale. But, most importantly, it also supports millions of citizens who access online legal services, such as the Legal Aid Agency, every day.

The Legal Aid Agency is effectively there to make sure that justice is available for everyone in society, not just those who can afford it. It runs systems for around 30,000 legal firms and has around 1,300 legal staff who make the decisions around who should get legal aid and who shouldn’t.

«Despite the importance of legal aid service, a few years ago we were in a bad state from a technology perspective,» says Tom Read, the chief digital and information office for the MoJ. «We had an old on-premise data centre that was fairly aged, we had a mixed Oracle estate, a full stack Oracle application and we had frequent outages.

«And, crucially, we could only deploy a few times a year – some services monthly, some quarterly – and that meant it was very difficult to make our services more easily accessible as more people started to access service through their mobile phone rather than going to a physical building.»

Read gave an example of the kind of problems the MoJ deals with. Lucy lives with her three children, she’s in her mid-twenties and she’s lived in the same flat for ten years – since her parents kicked her out for getting pregnant. Her boyfriend is long gone and she tries to work but it’s difficult to juggle three children and work at the same time; it’s a situation many people in the UK are going through.

But, in the ten years that Lucy has lived in her flat, the area around her has transformed, going from run down to a vibrant hub of trendy shops and cafes. It’s suddenly in-demand.

At the end of last year, her landlord decided to get more money and decided to evict her. So, Lucy who has no money, no savings and plenty of debts had three weeks to get out of her house and the most likely outcome in that situation is that she would be homeless and her children would be taken into care as a result.

«Now, somebody in that situation, they probably don’t know about legal aid and the Legal Aid Agency, all they know is that they need help,» Read explains. «These are our users, so we don’t innovate for competitive advantage, we’re a monopoly service, people have to use us.

«These people that access these services are at a sensitive point in their lives, we can’t just have days of delays while our caseworkers can’t access their applications.»

Before it moved to AWS, the MoJ used its own databases and data centre through other suppliers, which meant it didn’t have the ability to change things rapidly. There was also no expertise within the government to designs these datacentres for their specific needs.

Around 2013, the MoJ created the Ministry of Justice Digital aiming to implement agile methods and cloud technologies into the service.

At a very early stage, it looked to bring in software developers who had not previously worked within government, along with ensuring the tools that those engineers wanted to use were the most modern tools available at the time. One of those tools was AWS.

The AWS services the MoJ is now using include Amazon Elastic Compute Cloud (Amazon EC2), Amazon Simple Storage Service (Amazon S3), and Amazon Route 53. With these, the MOJ has been able to turn technology into an enabler for more fair and effective justice. And the public cloud model has also come with financial benefits.

«We’ve made major savings on hosting,» adds Read. «It’s been really good for our fragile public sector budgets.»

AWS aims to get more girls into tech with ‘Get IT’


Bobby Hellard

8 May, 2019

Amazon Web Services has revealed an initiative designed to encourage more girls into the technology industry.

‘AWS Get IT’, which was introduced during the cloud giant’s London Summit on Wednesday, is a programme to attract 12-13-year-olds, specifically female students, to consider careers in cloud computing and digital roles.

The programme has been developed together with non-profit organisation Future Foundations and will educate students on cloud computing technology and then invite them to create an application to solve a real-world issue faced by their school or community.

Darren Mowry, the business development director at AWS, made the announcement during his keynote speech at the start of the event at London’s ExCel saying that AWS was “completely convicted” that it needed more diverse, skilled and motivated people.

“The way that we’re going to do that is not to just attract those people from all around the world, we’re gonna go build this workforce,” he said. “And the way that we’re doing that is by capitalising on a programme that we’ve already piloted in the UK, that’s focused on inspiring, training and developing year eight young ladies, in UK schools to come and consider technology jobs.

“We’re doing that by actually forming partnerships with schools, providing some AWS specialists from the business and technology, to come and spend some time with these groups of young people, to help them understand the opportunity they have ahead.”

AWS will shortlist ten teams to present to an expert panel of judges at the AWS Summit London 2020, where a winning team will be selected. The most innovative application idea will be developed and maintained for the school by AWS.

The Get IT programme is explained as a sort of digital skills boot camp, where students can learn about the different stages of developing software, such as how to identify a target audience for their application. Each attendee will learn about problem-solving, brainstorming, research techniques, prototyping and test and development methods.

What’s more, students will spend time at AWS’s offices learning about Amazon’s approach to innovation and receive guidance from the company and industry experts about application development.

For further inspirations, the students will also be introduced to female leaders within AWS and other organisations to show them the different types of career paths available in technology and learn about the positive impact that women are having on the industry.

Microsoft unveils preset services for AI and Blockchain


Bobby Hellard

3 May, 2019

Microsoft has announced a slew of developer technologies and services for Azure ahead of next week’s Build conference in Seattle.

The company will roll out preset services for AI, IoT, mixed reality and blockchain with the aim of putting advanced capabilities into the hands of developers.

«It’s an incredible time to be a developer,» said Scott Guthrie, executive VP at Microsoft’s cloud and AI group. «From building AI and mixed reality into apps to leveraging blockchain for solving commercial business problems, developers skillsets and impact are growing rapidly.»

«Today we’re delivering innovative Azure services for developers to build the next generation of apps. With 95% of Fortune 500 customers running on Azure, these innovations can have a far-reaching impact.»

The Azure services start with a set of AI technology packages aimed to help developers and data scientists apply AI to any workload. There’s a new service being launched for Azure Cognitive Services called «decision». It delivers users a specific recommendation for more informed and efficient decision-making.

This category includes Content Moderator, the recently announced anomaly detector, and a new service called «Personaliser», which uses reinforcement learning to provide users with a specific recommendation to enable quick and informed decision-making.

AI is also being added to Azure Search with the general availability of the cognitive search capability. Microsoft said this will enable customers to apply Cognitive Services algorithms to extract new insights from their structured and unstructured content. On top of this, there is a new capability to store AI insights gained from cognitive search to make it easier to create visualisation or machine learning models.

Machine learning services have also been tweaked with an Azure DevOps integration, automated advancements and a visual machine learning interface that provides a «no-code» model creation and deployment service with drag-and-drop capabilities.

Last year Microsoft announced Azure Blockchain Workbench, which is a UI for developers to create blockchain application on a preconfigured Azure-supported network. Adding to that, the company is launching Azure Blockchain Service which is a fully managed consortium network that offers built-in governance for common management tasks, such as adding new members, setting permissions and authenticating user applications. This follows the announcement that JP Morgan’s Ethereum platform, Quorum, will be the first ledger available in Azure Blockchain Service.

While it sounds great, there’s also a touch of déjà vu about it; in April, Google announced very similar preset AI services for developers, which itself, followed Amazon Web Services launching similar at AWS Re:invent in November. AWS also announced blockchain services back in November.

While Microsoft is still far behind AWS, the biggest cloud company around, it is one of the fastest growing cloud providers; recently the company reached the $1 trillion mark thanks in part to its cloud growth.

Looking to further that growth the company also announced services to address emerging markets such as hybrid cloud and edge computing. These include an Azure SQL Database Edge, which is an engine optimised for lower compute requirements with built-in AI. There was also IoT Plug and Play, a service to connect IoT device to the cloud to deploy them at scale.

For mixed-reality development, the company is making it easier to create for HoloLens 2 with a HoloLens 2 Developer bundle, which provides the community of mixed- reality developers with access to tools to help them build and run mixed-reality experiences across a range of devices.

Google to offer ‘auto-delete’ for web tracking history


Bobby Hellard

2 May, 2019

Google has said it will offer its users an option to automatically delete their search and location history after three months.

The company already allows users to manually delete data from products such as YouTube, Maps and Search, but it will soon provide a tool that automatically deletes it after a minimum of three months.

Users will be able to increase the time range to 18 months and any data older than that will be automatically deleted from their accounts on an ongoing basis. These controls will be for location history and web and app activity and will be available «in the coming weeks» according to Google.

«We work to keep your data private and secure and we’ve heard your feedback that we need to provide simpler ways for you to manage or delete it,» Google said on its blog.

These new data management tools comes a day after both Microsoft and Facebook announced features for users to have greater control over their personal data. It highlights a growing trend of companies that offer digital services making an effort to show responsibility with data privacy.

But, as many will point out, these same companies have come under greater scrutiny recently for the way they collect and use personal data. From data breaches to violations of their own data privacy policies, each company has a large rap sheet when it comes to vague terms and conditions or the collection of data without user knowledge.

In August, Google claimed that Chrome’s incognito feature allowed users to browse privately, but a study from Vanderbilt University in Nashville, Tennessee, found that the company could still monitor and record the sites a user visited.

When it comes to controversial data policies, however, Google isn’t the worst offender. After the Cambridge Analytica scandal revealed the extent of Facebook’s improper data sharing policy, the company has gone from one data related issue to the next.

Currently, the social network is under investigation from the Irish Data Protection Commission, the US FTC and has already been fined £500,000 by the ICO – which it has appealed.