Do we require the cloud now to offer mid-sized consumer-oriented services? View in browser »

ISSUE 250: Parler and the Hidden Politics of Scalability

“Just because there is a lot of talk around the complexity of one tool, it doesn’t mean the entire category is complex. When it comes to service meshes, you’ve got a lot of options. Istio’s complexity is probably due to the additional features it provides. Linkerd, on the other hand, took a minimalistic approach which translates into a lot more simplicity.”

___
Twain Taylor, “Istio’s Complexity Leads Some Users to Linkerd”

Most websites risk disruptions because they rely on a single provider for one or more cloud services. Every website requires a DNS server to route internet traffic based on its domain name, but few have a backup option if the service is denied. Indeed, 85% of the top 100,000 Alexa sites critically depend on a single third-party for DNS according to a recent study by researchers at Carnegie Mellon University. Unfortunately, if that providers’ service goes down, then the site is vulnerable to Distributed Denial of Service (DDoS) attacks and service outages. Having redundant DNS capability with more than one provider addresses the problem.

Overall, 40% of websites in the study are critically dependent on just three DNS services — Amazon Route 53, CloudFlare and DNSMadeEasy. That jumps to 72% when including in-direct dependencies associated with certificate authorities (CAs). CAs support HTTPS security and are a standard requirement for today’s website operators. About half utilize a third-party DNS service themselves, which can make them outsized weak links in the supply chain. For example, 2% of the top 100k sites are critically dependent on DNSMadeEasy because they use the service directly, but that figure rises to 25% when taking into account that Digicert, a leading CA, relies on DNSMadeEasy relies on for DNS.

When Amazon Web Services terminated its terms of service with Parler, AWS in many ways initiated a legal denial of services “attack,” with its Amazon Route 53 DNS service being just one of many cloud services that were turned off, which added to Parler's mounting security woes. The social media service has since picked up DNS services from a Russian firm. As we continue to debate how market power impacts vendor and technology lock-in, please remember to consider the small cloud services along with the others that may get all the headlines.

Data management poses challenges for those organizations seeking to make the shift to Kubernetes and cloud native environments. In this episode of The New Stack Analysts podcast, TNS founder and Publisher Alex Williams virtually shared pancakes and syrup with guests to discuss how Apache Cassandra, gRPC and other tools and platforms that play a role in managing data on Kubernetes.

The podcast featured Mya Pitzeruse, software engineer and OSS contributor from microservices service provider effx; Sam Ramji, chief strategy officer at Datastax; and Tom Offermann, lead software engineer at observability service provider New Relic, as guests offering deep perspectives about the evolution of data management on Kubernetes and the work that remains to be done.

What is Data Management in the Kubernetes Age?

Parler and the Hidden Politics of Scalability

At The New Stack, we stay away from politics, as much as we’d like to weigh in with our opinions (especially during these last four years). But we recognize what brings the readers and listeners to our table is the stellar information we offer about software development and deployment at scale. Add to this the fact that we enjoy a global audience (our largest readership outside of the U.S. is in India), who may not be interested in the turmoil across our soil, and, in fact, who may have vastly different views than ours. So, other than a few cultural exceptions that we feel are (or should be) universally recognized as benefitting society as a whole (such as increasing the diversity and equality of the IT workplace), in the end, we’ll stick with the technology that unites us.

So, like many others, we watched aghast Jan. 6 when a crowd of radicals beset upon the U.S. Capitol building, at the behest of then-U.S. President Donald Trump. But we didn’t see it as news we should cover, at first. But in fact, there were all sorts of cloud native computing angles hidden amidst the mayhem. In the days following, word leaked out that much of the coordination for this attack was done through a popular right-wing oriented social media service Parler. Apple and Google both quickly pulled Parler from their respective app stores. Amazon Web Services dropped the company as a client in the days after.

This move raised many interesting questions about our growing reliance on the cloud native computing world, issues that will surely resonate in other, hopefully, less toxic, cases in the years to come. Now, Parler is trying to rebuild the service in-house. Well, good luck to that (or, rather, not). Our London correspondent Mary Branscombe asked the question if building a global social networking service in-house is even possible any longer. In other words, do we require the cloud now to offer even mid-sized consumer-oriented services? Putting Parler in a data center would require millions in capital investment, where it has to purchase for peak usage, not just regular usage. The service would also need an army of engineers, developers and SREs to put it together and run it.

Parler also raised interesting questions for the service providers, who were caught between neutrality and “doing the right thing.” As TNS Senior Editor Richard MacManus pointed out in his piece:

The key debate is around whether “big tech” companies like Google, Apple and Amazon should be “acting as regulators” (as tech analyst Benedict Evans put it) and unilaterally shutting down controversial services like Parler. That’s a thorny issue, because it comes down to how much power you think internet companies — and particularly ones that operate down the stack, like AWS — should have.

Another cloud native cautionary tale that emerged about Parler was its terrible security, which, for better or worse, severely compromised the privacy of its users. A hacker who goes by the Twitter handle @donk_enby downloaded every Parler post from Jan. 6 on, publicly exposing death threats and other incendiary information that could be easily traced back to the service’s users. It turned out to be quite easy, in fact. According to a post from our security reporter Steven J. Vaughan-Nichols:

Parler’s API didn’t require authentication. Anyone at any time could have used it to see to all its members’ public content. There was also no data throttling. Once the data started flowing through the API pipeline, the only limit was how fast the server could dish out the information and how fast your internet connection.

Now that the din has subdued somewhat, we’ll return to scoping out the best stories about at-scale technologies. But going forward, we’ll also keep an eye out for how these technologies affect the world at large.

Why Tech Is Still Toxic for Women (and What to Do About it)

Why do women still get harassed in online forums such as Twitter, or in workplace communications? In this wide-ranging provocative article, London Correspondent Jennifer Riggins looks at this crippling online epidemic, and what women and men can both do to make our virtual communications more civil.

Why Data Engineering Is Not Just About Data Science

Data engineering, as a distinct field, whose practitioners have a cohesive group identity as data engineers, is fairly new. So new, in fact, that there are many people who don’t seem to understand exactly what data engineering is and what it is not, and where the border exists between data engineering, data science and software engineering. Read here to learn more about what data engineering is, and isn’t.

The First Six Months: CNCF Observations and 2021 Vision

Building on the success of Kubernetes and many associated cloud native technologies, the Cloud Native Computing Foundation is setting its sites for this year and beyond. On the agenda: edge computing, greater ties with telecommunications firms, and support for vendors who make Kubernetes easier to use for the whole ecosystem. “With Kubernetes firmly in place, we are now experiencing a Cambrian explosion of cloud native technology — and every contribution matters,” writes CNCF General Manager Priyanka Sharma in this contributed post.

JAN. 26 // VIRTUAL @ 9AM PST, 10AM GMT, 12PM SGT

Building a Scalable Strategy for Cloud Security

DevSecOps is now an established approach to scaling security in the cloud. Learn how you and your team can use DevSecOps to scale security on cloud services and beyond. Register now!

The New Stack Makers podcast is available on:

SoundCloud — Fireside.fm — Pocket Casts — Stitcher — Apple Podcasts — Overcast — Spotify — TuneIn

Technologists building and managing new stack architectures join us for short conversations at conferences out on the tech conference circuit. These are the people defining how applications are developed and managed at scale.