Welcome to 2018! If the kids in the back seat have been chanting, ‘Are we there yet?, Are we there yet?’ you can tell them, ‘Yes! Now, Get out the car!’
If, like me, you’ve taken a couple weeks off to enjoy the holidays and New Year, you might be wondering where to start again or what to catch up on.
Let me help you.
First, the biggest ‘industry’ news so far in this early 2018 has got to be the Spectre and Meltdown vulnerabilities found in computer processors and affects almost every chip (mostly Intel) in the world. From operating systems to chip makers to cloud providers, there’s been a massive effort to get the word out and patch things up. Want to understand the situation better? Check out John Wagnon’s Lightboard Lesson Explaining the Spectre and Meltdown Vulnerabilities. And probably one of the best tweets about the vulnerabilities comes from @infosecgoon
According to F5’s David Holmes, Everything old is new again in 2018. And in Return of Bleichenbacher – the ROBOT Attack CVE-2017-6168, David explains the attack, how it affects BIG-IP, how to tell if you are vulnerable and how to mitigate. So, what is the real impact of ROBOT? David notes that the Bleichenbacher attack only affects RSA sessions not protected with the ephemeral keys offered by forward secrecy. All modern browsers and mobile clients have preferred ephemeral keys for several years.
As more organizations migrate to the cloud in 2018 – a hybrid one at that, you’ll want to bookmark Chase Abbott’s Welcome to the F5 BIG-IP Migration Assistant. The F5® BIG-IP® Migration Assistant is a tool freely distributed by F5 to facilitate migrating BIG-IP configurations between different platforms. You can use Migration Assistant when you have an existing BIG-IP instance and you want to replace the current hardware with new hardware. Chase gives a great overview of the tool including What can go wrong. Lots of engaging comments on this one and Chase always tells it like it is!
Lastly, as we open 2018, DevCentral wants to recognize our 2017 MVPs! The DevCentral MVP Program shines a spotlight on the best, brightest and most active members of our community. We got some new contributors mixed with some old favorites and they are always willing to help with expertise, examples and war stories. Many of the new faces were Featured Members last year so check out their stories like December’s Kevin Davies.
We got a lot coming in 2018 including more #Basics, Lightboards, Posts of the Week, articles and our always active Q/A forums and Code Share. If you’re a DevCentral member, we appreciate the contributions, if not a DevCentral member, sign up and join one of the most active communities in tech.
Welcome to the first DC Chronicles and btw, 2018 will be Year of the Dog, in case you were wondering.
This is a Security Bloggers Network syndicated blog post authored by psilva. Read the original post at: psilva's prophecies