Alex Hudson

Thoughts on Technology, Product, & Strategy

Encryption-at-rest under question: SSDs, hardware support and Bitlocker

Many of us deal with personal and sensitive data these days. Best practice in computing circles is to make use of “encryption at rest”: ensuring data remains secure by encrypting it on a device (whether it’s a laptop, mobile phone or USB key). Some researchers at Radboud University in the Netherlands have discovered that widely used data storage devices with self-encrypting drives don’t do the job very well. Worse, they weaken the security of the popular Bitlocker solution.

Read More

UK High St in is cascade failure

For those who aren’t from the UK, the “High Street” is what we call the shopping parade in a typical town or city. It lies at the heart of the town, quite different to a mall, and is more of a European concept. “Cascade failure” is what we say when one part of a system causes another part of the system to fail, often like a set of dominoes falling. Putting two and two together: I believe that the UK High St is in such a failure mode right now, and that over the next five years we’re going to see some very rapid changes.

Read More

Simple software can cost lives

No doubt many people will have read the story about how an error in a piece of software has prevented a number of women being invited to a standard screening. The current estimate is that this could have led to as many as 270 lives being lost or curtailed, although it will be difficult to say for some time. As a ex-CTO in a healthcare business, this is the type of problem that used to keep me awake at nights – a small mistake leading to tragic results. How did this happen?

Read More

C[IT]O’s Guide to Serverless Costs

My estimable Twitter-pal Paul Johnson has put together a very reasonable thread about his thinking on serverless costs (ie. AWS Lambda, in this case). He makes a great case for the design of functions being done in such a way as to allow cost efficiency improvements, and I think the point on architecture is generally well-made. However, there are a few aspects of this which I think are generally not well understood, and Twitter is much too short a form to get them in. Hence this post.

Read More

Don’t ship the microservices

Steven Sinofsky of a16z (previously Microsoft) probably first coined the phrase, “Don’t ship the org chart”. I think there’s a new variant of this worth discussing: shipping the microservices. I’ve been reviewing a few products in depth recently for different reaasons, and once you see it, it actually becomes really obvious.

Read More

Trying AliCloud

There are few options in the cloud that are really worth investing time in. Amazon (AWS) is clearly important as the market leader, and Google Cloud (GCP) offers a variety of very interesting technology. Microsoft (Azure) has some remarkable technology, especially for Windows-oriented shops. After that, options are much smaller scale: there are big names like IBM (BlueMix) to much newer startups (such as Digital Ocean). None of them are very distinct. However, if we’re willing to take a slightly less western-centric approach, there is another: AliCloud.

Read More

Spectre attack: why is it unpatchable?

Everyone is now talking about the CPU security problems that are now being fully disclosed: they’re dubbed Meltdown and Spectre. Meltdown is a problem that mainly or entirely affects Intel CPUs, but Spectre is a problem that affects all designs.

I haven’t seen any “explain it like I’m 5” on the Spectre paper yet, so here’s my take. Sadly, it’s not 5-year-old level, but I’ve tried to make it a bit more accessible. If you want a lot more detail, the Google blog has code.

Read More

“Troubleshooting Agile”, a new podcast, and some notes about Ownership

I just listened to “Troubleshooting Agile”, a new audio series from CTO Craft contributor Douglas Squirrel and his podcast partner Jeffrey Fredrick. The first edition is on blameless culture, which I think is a great starting point: it’s very difficult to develop, and taking baby steps toward that in a team which doesn’t have it often feels wrong.

Read More

We’re not in The Merge

Sam Altman has published a thoughtful piece about what was previously called the Singularity, which he now refers to as The Merge. I’m not sure these concepts are quite the same – the traditional Singularity was less a statement about humanity than a theory that, at some point, the improvement of intelligence of machines is sufficiently fast that it becomes pointless to predict the future. “The Merge” for Altman is about the point at which human intelligence might start accelerating – which assumes the machines will want to bring us with them. Not quite the same.

However, Altman believes The Merge has already started. I’m pretty convinced it hasn’t, but I think what is interesting is identifying which signs might be indicative or not.

Read More

The CTO’s guide to containers/serverless changes – re:Invent 2017

Gosh, I wish I was at re:Invent. Personally, I don’t like the States much (the place is great; getting through the airports is an exercise in frustration) and while I’ve never been to Las Vegas there isn’t much that ordinarily attracts me to the place. But, to have so many incredible people in one place – amazing.

For those – like me – not there, what do the announcements today mean? I’m not going to focus on the tech so much, but more on the additional options and architecture that is becoming available. Let’s look at a strategic level.

Read More

Page 1 of 19