Our new backup system is in production and hourly backups are generally available. While focusing on infrastructure our releases included a few security updates and a bunch of fine-tuning.
Read the issue online
NixCon 2015 has been an amazing event for me. So many smart folks around, good talks, interesting discussions. I would like to share some notes about what I took away from the conference. Continue reading Impressions from NixCon Berlin
A new Qemu vulnerability has been discovered recently. We are going to proactively reboot all VMs during the next days.
Update 2015-08-05: The VM restarts will be performed during maintenance windows according to every customers’ schedule tonight. We decided to skip the regular lead time due to the importance of this update and to speed up another important update to our storage and backup infrastructure. We are paying close attention to keep your applications and your data safe, especially after the events in recent months. The current and upcoming changes belong to the promised updates, upgrades, and improvements to our infrastructure in response to those outages.
Continue reading VENOM’s little brother is here – another Qemu security upgrade required
Our July airmail issue covers recent improvements in log processing, the customer UI, our new API, the autumn sprint and open positions here at Flying Circus. A lot of hot stuff indeed.
In case your are not already receiving the Monthly Airmail right into your inbox, consider subscribing.
We are currently rolling out an updated version of Qemu which includes a bugfix for the VENOM vulnerability. To activate it, we have to reboot all VMs.
Continue reading VENOM: We need to reboot all VMs
Our third issue announces previews for logstash/kibana and Flying Circus environments in Vagrant, as well as improvements to our managed mail server components.
Read the issue online or subscribe.
A few days ago details about of the Logjam attack have been published. This attack allows to trick Internet servers into using a weak TLS cipher suite. After doing so, traffic encryption can easily be broken. What is the Flying Circus doing against it? To protect against the problem, several steps need to be taken: Continue reading Logjam attack
Unimposing, less-than-fashionable, often hacked together without passion—yet, these little periodic data import jobs are still ubiquitous in any sizable datacenter. They often provide the glue that make data flow from one system to another. If they break, important stuff may get stuck. It’s time to pay them the attention they deserve. Continue reading Improving periodic data import jobs in 3 steps
A severe security issue in the bash shell dubbed ShellShock has been published on last Wednesday and has been mentioned in mainstream media. The bash version running at Flying Circus was vulnerable, but we have rolled out a security patch on Thursday. This means that our systems are reasonably safe again. Continue reading How we protect against the ShellShock bug