23 Jan 2020

feedPlanet Grep

Xavier Mertens: [SANS ISC] Complex Obfuscation VS Simple Trick

I published the following diary on isc.sans.edu: "Complex Obfuscation VS Simple Trick":

Today, I would like to make a comparison between two techniques applied to malicious code to try to bypass AV detection. The Emotet malware family does not need to be presented. Very active for years, new waves of attacks are always fired using different infection techniques. Yesterday, an interesting sample was spotted at a customer. The security perimeter is quite strong with multiple lines of defenses based on different technologies/vendors. This one passed all the controls! A malicious document was delivered via a well-crafted email. The document (SHA256:ff48cb9b2f5c3ecab0d0dd5e14cee7e3aa5fc06d62797c8e79aa056b28c6f894) has a low VT score of 18/61 and is not detected by some major AV players… [Read more]

[The post [SANS ISC] Complex Obfuscation VS Simple Trick has been first published on /dev/random]

23 Jan 2020 12:00pm GMT

17 Jan 2020

feedPlanet Grep

FOSDEM organizers: Second set of speaker interviews

We have just published the second set of interviews with our main track and keynote speakers. The following interviews give you a lot of interesting reading material about various topics, from the forgotten history of early Unix to the next technological shift of computing: Daniel Riek: How Containers and Kubernetes re-defined the GNU/Linux Operating System. A Greybeard's Worst Nightmare David Stewart: Improving protections against speculative execution side channel James Bottomley: The Selfish Contributor Explained Jon 'maddog' Hall: FOSSH - 2000 to 2020 and beyond!. maddog continues to pontificate Justin W. Flory and Michael Nolan: Freedom and AI: Can Free Software舰

17 Jan 2020 3:00pm GMT

Mattias Geniar: Dumping specific tables in MySQL using mysqldump

Here's a small little trick when using mysqldump: you don't have to dump an entire database, you can dump individual tables too.

17 Jan 2020 12:00am GMT

15 Jan 2020

feedPlanet Grep

Dries Buytaert: Happy nineteenth birthday, Drupal

Happy nineteenth birthday

Nineteen years ago today, I released Drupal 1.0.0. Every day, for the past nineteen years, the Drupal community has collaborated on providing the world with an Open Source CMS and making a difference on how the web is built and run.

It's easy to forget that software is written one line of code at the time. And that adoption is driven one website at the time. I look back on nearly two decades of Drupal, and I'm incredibly proud of our community, and how we've contributed to a more open, independent internet.

Today, many of us in the Drupal community are working towards the launch of Drupal 9. Major releases of Drupal only happen every 3-5 years. They are an opportunity to bring our community together, create something meaningful, and celebrate our collective work. But more importantly, major releases are our best opportunity to re-engage past users and attract new users, explaining why Drupal is better than closed CMS platforms.

As we mark Drupal's 19th year, let's all work together on a successful launch of Drupal 9 in 2020, including a wide-spread marketing strategy. It's the best birthday present we can give to Drupal.

15 Jan 2020 1:56pm GMT

Wouter Verhelst: Running SReview in minikube

I spent the last week or so building Docker images and a set of YAML files that allows one to run SReview, my 99%-automated video review and transcode system, inside minikube, a program that sets up a mini Kubernetes cluster inside a VM for development purposes.

I wish the above paragraph would say "inside Kubernetes", but alas, unless your Kubernetes implementation has a ReadWriteMany volume that can be used from multiple nodes, this is not quite the case yet. In order to fix that, I am working on adding an abstraction layer that will transparently download files from an S3-compatible object store; but until that is ready, this work is not yet useful for large installations.

But that's fine! If you're wanting to run SReview for a small conference, you can do so with minikube. It won't have the redundancy and reliability things that proper Kubernetes provides you, but then you don't really need that for a conference of a few days.

Here's what you do:

This doesn't explain how to add a schedule to the database. My next big project (which probably won't happen until after the next FOSDEM is to add a more advanced administrator's interface, so that you can just log in and add things from there. For now though, you have to run kubectl port-forward svc/sreview-database 5432, and then use psql to localhost to issue SQL commands. Yes, that sucks.

Having said that, if you're interested in trying this out, give it a go. Feedback welcome!

(many thanks to the people on the #debian-devel IRC channel for helping me understand how Kubernetes is supposed to work -- wouldn't have worked nearly as nice without them)

15 Jan 2020 8:12am GMT

14 Jan 2020

feedPlanet Grep

Ruben Vermeersch: Rust: First Impressions

I've been studying the Rust Programming Language over the holidays, here are some of my first impressions. My main interest in Rust is compiling performance-critical code to WebAssembly for usage in the browser.

Rust is an ambitious language: it tries to eliminate broad categories of browser errors by detecting them during compilation. This requires more help from the programmer: reasoning about what a program does exactly is famously impossible (the halting problem), but that doesn't mean we can't think about some aspects, provided that we give the compiler the right inputs. Memory management is the big thing in Rust where this applies. By indicating where a value is owned and where it is only temporarily borrowed, the compiler is able to infer the life-cycle of values. Similar things apply for type safety, handling errors, multi-threading and preventing null references.

All very cool off-course, but nothing in life is for free: it requires a much higher level of precise input with regards to what exactly you're trying to achieve. So programming in Rust is less careless than other languages, but the end result is guaranteed correctness. I'd say that's worth it.

This very strict mode of compilation also means that the compiler is very picky about what it accepts. You can expect many error messages and much fighting (initially) to even get your program to compile. The error messages are very good though, so usually (but not always) they give a pretty good indication of what to fix. And once it compiles you're rather certain that the result is good.

Another consequence is that Rust is by no means a small language. Compared to the rather succinct Go, there's an enormous amount of concepts and syntax. All needed, but it certainly doesn't make things easier to read.

Other random thoughts:

In all, I'd say Rust is a good addition to the toolbox, for places where it makes sense. But I don't foresee it replacing Go yet as my go-to language on the backend. It all comes down to the situation, finding the right balance between the need for performance/correctness and productivity: the right tool for the job. To be continued.

Comments | More on rocketeer.be | @rubenv on Twitter

14 Jan 2020 8:03pm GMT

Dries Buytaert: Acquia retrospective 2019

Wow, what a year 2019 was for Acquia!

Acquia 2018 business metrics

At the beginning of every year, I like to publish a retrospective to look back and take stock of how far Acquia has come over the past 12 months. I take the time to write these retrospectives because I want to keep a record of the changes we've gone through as a company and how my personal thinking is evolving from year to year.

If you'd like to read my previous retrospectives, they can be found here: 2018, 2017, 2016, 2015, 2014, 2013, 2012, 2011, 2010, 2009. This year marks the publishing of my eleventh retrospective. When read together, these posts provide a comprehensive overview of Acquia's growth and trajectory.

Our product strategy remained steady in 2019. We continued to invest heavily in (1) our Web Content Management solutions, while (2) accelerating our move into the broader Digital Experience Platform market. Let's talk about both.

Acquia's continued focus on Web Content Management

In 2019, for the sixth year in a row, Acquia was recognized as a Leader in the Gartner Magic Quadrant for Web Content Management. Our tenure as a top vendor is a strong endorsement for the "Web Content Management in the Cloud" part of our strategy.

We continued to invest heavily in Acquia Cloud in 2019. As a result, Acquia Cloud remains the most secure, scalable and compliant cloud for Drupal. An example and highlight was the successful delivery of Special Counsel Robert Mueller's long-awaited report. According to Federal Computer Week, by 5pm on the day of the report's release, there had already been 587 million site visits, with 247 million happening within the first hour - a 7,000% increase in traffic. I'm proud of Acquia's ability to deliver at a very critical moment.

Time-to-value and costs are big drivers for our customers; people don't want to spend a lot of time installing, building or upgrading their websites. Throughout 2019, this trend has been the primary driver for our investments in Acquia Cloud and Drupal.

At the end of 2019, Gartner announced it is ending their Magic Quadrant for Web Content Management. We're proud of our six year leadership streak, right up to this Magic Quadrant's end. Instead, Gartner is going to focus on the broader scope of Digital Experience Platforms, leaving stand-alone Web Content Management platforms behind.

Gartner's decision to drop the Web Content Management Magic Quadrant is consistent with the second part of our product strategy; a transition from Web Content Management to Digital Experience Management.

Acquia's expansion into Digital Experience Management

We started our expansion from Web Content Management to the Digital Experience Platform market five years ago, in 2014. We believed, and still believe, that just having a website is no longer sufficient: customers expect to interact with brands through their websites, email, chat and more. The real challenge for most organizations is to drive personalized customer experiences across all these different channels and to make those customer experiences highly relevant.

For five years now, we've been patient investors and builders, delivering products like Acquia Lift, our web personalization tool. In June, we released a completely new version of Acquia Lift. We redesigned the user interface and workflows from scratch, added various new capabilities to make it easier for marketers to run website personalization campaigns, added multi-lingual support and much more. Hands down, the new Acquia Lift offers the best web personalization for Drupal.

In addition to organic growth, we also made two strategic acquisitions to accelerate our investment in becoming a full-blown Digital Experience Platform:

  1. In May, Acquia acquired Mautic, an open marketing automation platform. Mautic helps open up more channels for Acquia: email, push notifications, and more. Like Drupal, Mautic is Open Source, which helps us deliver the only Open Digital Experience Platform as an alternative to the expensive, closed, and stagnant marketing clouds.
  2. In December, we announced that Acquia acquired AgilOne, a leading Customer Data Platform (CDP). To make customer experiences more relevant, organizations need to better understand their customers: what they are interested in, what they purchased, when they last interacted with the support organization, how they prefer to consume information, etc. Without a doubt, organizations want to better understand their customers and use data-driven decisions to accelerate growth.

We have a clear vision for how to redefine a Digital Experience Platform such that it is free of any silos.

A diagram shows how Acquia solutions unify experience creation, content and user data across different platforms.

In 2020, expect us to integrate the data and experience layers of Lift, Mautic and AgilOne, but still offer each capability on its own aligned with our best-of-breed approach. We believe that this will benefit not only our customers, but also our agency partners.


Demand for our Open Digital Experience Platform continued to grow among the world's most well-known brands. New customers include Liverpool Football Club, NEC Corporation, TDK Corporation, L'Oreal Group, Jewelers Mutual Insurance, Chevron Phillips Chemical, Lonely Planet, and GOL Airlines among hundreds of others.

We ended the year with more than 1,050 Acquians working around the globe with offices in 14 locations. The three acquisitions we made during the year added an additional 150 new Acquians to the team. We celebrated the move to our new and bigger India office in Pune, and ended the year with 80 employees in India. We celebrated over 200 promotions or role changes showing great development and progression within our team.

We continued to introduce Acquia to more people in 2019. Our takeover of the Kendall Square subway station near MIT in Cambridge, Massachusetts, in April, for instance, helped introduce more than 272,000 daily commuters to our company. In addition to posters on every wall of the station, the campaign - in which photographs of fellow Acquians were prominently featured - included Acquia branding on entry turnstiles, 75 digital live boards, and geo-targeted mobile ads.

Last but not least, we continued our tradition of "Giving back more", a core part of our DNA or values. We sponsored 250 kids in the Wonderfund Gift Drive (an increase of 50 from 2018), raised money to help 1,000 kids in India to get back to school after the floods in Kolhapur, raised more than $10,000 for Girls Who Code, $10,000 for Cancer Research UK, and more.

Some personal reflections

With such a strong focus on product and engineering, 2019 was one of the busiest years for me personally. We grew our R&D organization by about 100 employees in 2019. This meant I spent a lot of time restructuring, improving and scaling the R&D organization to make sure we could handle the increased capacity, and to help make sure all our different initiatives remain on track.

On top of that, Acquia received a substantial majority investment from Vista Equity Partners. Attracting a world-class partner like Vista involved a lot of work, and was a huge milestone for the company.

It feels a bit surreal that we crossed 1,000 employees in 2019.

There were also some low-lights in 2019. On Christmas, Acquia's SVP of Engineering Mike Aeschliman, unexpectedly passed away. Mike was one of the three people I worked most closely with and his passing is a big loss for Acquia. I miss Mike greatly.

If I have one regret for 2019, it is that I was almost entirely internally focused. I missed hitting the road - either to visit employees, customers or Drupal and Mautic community members around the world. I hope to find a better balance in 2020.

Thank you

2019 was a busy year, but also a very rewarding year. I remain very excited about Acquia's long-term opportunity, and believe we've steered the company to be positioned at the right place at the right time. All of this is not to say 2020 will be easy. Quite the contrary, as we have a lot of work ahead of us in 2020, including the release of Drupal 9. 2020 should be another exciting year for us!

Thank you for your support in 2019!

14 Jan 2020 2:24am GMT

13 Jan 2020

feedPlanet Grep

Mattias Geniar: Auto-restart a crashed service in systemd

Systemd allows you to configure a service so that it automatically restarts in case it's crashed.

13 Jan 2020 12:00am GMT

11 Jan 2020

feedPlanet Grep

FOSDEM organizers: Guided sightseeing tours

If your non-geek partner and/or kids are joining you to FOSDEM, they may be interested in spending some time exploring Brussels while you attend the conference. Like previous years, FOSDEM is organising sightseeing tours.

11 Jan 2020 3:00pm GMT

09 Jan 2020

feedPlanet Grep

FOSDEM organizers: First speaker interviews

We have performed some interviews with main track speakers from various tracks. To get up to speed with the topics discussed in the main track talks, you can start reading the following interviews: Amanda Brock: United Nations Technology and Innovation Labs. Open Source isn't just eating the world, it's changing it Daniel Stenberg: HTTP/3 for everyone. The next generation HTTP is coming Free Ekanayaka: dqlite: High-availability SQLite. An embeddable, distributed and fault tolerant SQL engine Geir Høydalsvik: MySQL Goes to 8! James Shubin: Over Twenty Years Of Automation Joe Conway: SECCOMP your PostgreSQL Ludovic Courtès: Guix: Unifying provisioning, deployment, and舰

09 Jan 2020 3:00pm GMT

08 Jan 2020

feedPlanet Grep

Frank Goossens: Music from ourTube; Jeff Parker – Max Brown

Long time no Tube! Here's Jeff Parker's "Max Brown" as heard on Lefto's Earlybird show on Worldwide FM;

YouTube Video
Watch this video on YouTube.

Possibly related twitterless twaddle:

08 Jan 2020 11:49am GMT

07 Jan 2020

feedPlanet Grep

Wim Leers: JSON:API module version one EOL

On 7 January, 2020, the Drupal module JSON:API 1.x was officially marked unsupported. This date was chosen because it is exactly 1 year after the release of JSON:API 2.0, the version of JSON:API that was eventually committed to core. Since then, the JSON:API maintainers have been urging users to upgrade to the 2.x branch and then to switch to the Drupal core version.

We understand that there are still users remaining on the 1.x branch. We will maintain security coverage of the 8.x-1.x branch for 90 days. That is, on 6 April, 2020, all support for JSON:API, not in Drupal core, will end. Please upgrade your sites accordingly.

Thanks to my fellow maintainers Gabe Sullice and Mateu Aguiló for writing this announcement!

07 Jan 2020 4:18pm GMT

06 Jan 2020

feedPlanet Grep

Dries Buytaert: Caring for old links

I decided to use the holiday break to do a link audit for my personal blog. I found hundreds of links that broke and hundreds of links that now redirect. This wasn't a surprise, as I haven't spent much time maintaining links in the 13 years I've been blogging.

Broken links

Some of the broken links were internal, but the vast majority were external.

"Internal links" are links that go from one page on https://dri.es to a different page on https://dri.es. Fixing broken links feels good so I went ahead and fixed all internal links.

It's a different story for external links. "External links" are links that point to domains not under my control.

For example, in 2007 I thanked Sun Microsystems for donating a Sun Fire X4200 server to the Drupal project. In my post, I linked to http://www.sun.com/servers/entry/x4200, the Sun Fire X4200 product page. Sun has since been acquired by Oracle, the page has been removed, and the link is now dead. I saw the following options: change this particular link to point to (1) a Wikipedia page on the Sun Fire series, (2) an archived copy of the original page on archive.org, or (3) remove the link. In this case, I decided to update the link to point to Wikipedia.

Some sites that I link to have since been hijacked by porn sites. The URL used for Hillary Clinton's 2008 campaign website now points to a porn site, for example. This is unfortunate so I simply removed those links.


Some of the external links now have URL redirects. I found what I call "obvious redirects" and "less obvious redirects".

An example of an "obvious redirect" was a link to Apple's pressroom. In my 2015 Acquia retrospective I linked to an Apple press release, https://www.apple.com/pr/library/2015/12/03Apple-Releases-Swift-as-Open-Source.html, to highlight that large organizations like Apple were starting to embrace Open Source. Today, that link automatically redirects to https://www.apple.com/newsroom/2015/12/03Apple-Releases-Swift-as-Open-Source. A slightly different URL, but ultimately the same content. One day, that redirect might cease to exist, so it felt like a good idea to update my blog post to use the new link instead. I went ahead and updated hundreds of "obvious redirects".

The more interesting case is what I call "less obvious redirects". For example, in 2012 I blogged about how the White House contributed to Drupal. It was the first time in history that the White House contributed to Open Source, and Drupal in particular. It's something that many of us in the Drupal community are very proud of. In my blog post, I linked to http://www.whitehouse.gov/blog/2012/08/23/open-sourcing-we-the-people, a page on whitehouse.gov explaining their decision to contribute. That link now redirects to http://obamawhitehouse.archives.gov/blog/2012/08/23/open-sourcing-we-the-people, a permanent archive of the Obama administration's White House website. For me, it is less obvious what to do about this link: updating the link future proofs my site, but at the cost of losing some of its significance and historic value. For now, I left the original whitehouse.gov link in place.

How to best care for old links?

I'm not entirely sure why I picked the Wikipedia link over archive.org when I updated the Sun Fire X4200 blog post, or why I left the original whitehouse.gov link in place. I also left many broken links in place because I'm undecided about what to do with them.

It is important that we care for old links. Before I continue my link clean up, I'd like to come up with a more structured, and possibly automatable, approach for link maintenance. I'm curious to learn how others care for old links, and if you know of any best practices, guidelines, or even automations.

06 Jan 2020 10:17am GMT

Philip Van Hoof: The Future of Internet Regulation at the European Parliament

This guy (Aral Balkan) seems to know what he is talking about.

06 Jan 2020 9:27am GMT

05 Jan 2020

feedPlanet Grep

Staf Wagemakers: Best wishes 2020!


05 Jan 2020 10:36am GMT

Staf Wagemakers: Lookat utf8 branch created

I finally made some time work on utf8 support in Lookat (the most requested feature), it is still a work in progress… It's available at:

Have fun!

05 Jan 2020 8:00am GMT