Peakscale 2014-04-09T22:00:11Z http://www.peakscale.com Over 100 Outage and Security Postmortems Tim Freeman 2013-01-24T15:40:05Z 2013-01-24T15:40:05Z http://www.peakscale.com/postmortems/

There are always things to learn about distributed systems, especially how they can turn against you. Companies that publish postmortems are doing us a great favor, there is a jackpot of system design and operations knowledge to be gleaned from studying as many of these as you can get your hands on.

I've collected over a hundred outage and security related postmortems in this Pinboard feed.

Read more.

Google Compute Engine and Predictable Performance Tim Freeman 2012-07-01T15:09:05Z 2012-07-01T15:09:05Z http://www.peakscale.com/noisyneighbors/

I raised my eyebrows at one statement Google is making about Google Compute Engine:

Read more.

Keep a Small Surface - Webapp Isolation Tim Freeman 2010-11-11T22:09:05Z 2010-11-11T22:09:05Z http://www.peakscale.com/small-surface/

Web application developers, in particular ones on a small team, are usually focused on the next feature or getting MVPs out, not security.

When security does come up, the focus is usually mitigating direct webapp attacks. We rely on Django or RoR's mechanisms for XSS/CSRF protection and password hashing. We turn to App Engine, Heroku, or traditional hosts for DDoS protection. And so on.

All of that is important and worth doing your due diligence on, but what's the plan if/when your webapp gets entirely owned?

Here's a way to mitigate the damages, something that is doable even when you are on a small team or working alone. There are nice side effects, too.

Read more.

Hello Tim Freeman 2010-11-10T21:09:05Z 2010-11-10T21:09:05Z http://www.peakscale.com/hello1/

I am no longer adding anything to gridvm.org, that was probably obvious at some point last year. A young child and increasing work responsibilities will do that to you. But a bigger issue with that site than lack of free time was that the topic did not feel right anymore.

One reason was that the term "cloud computing" solidified and it was hard to tell what "virtualization and grid computing" even meant. But a second, more important reason is that I wanted to write about more general things, too.

I am starting to get meaningful free time again, so here we are.