A huge scientific discovery concerning gravitational waves and zombie clauses in terms and conditions are the main points of the week, but we round it out with a couple of smaller things.

Gravitational waves

A big event in the astronomical and physics world was made public: the actual detection of gravitational waves. Gravitational waves were first theorized by Einstein over a century ago as part of his theory of General Relativity, but it was believed that they would be almost impossible to detect. This belief was proven wrong by LIGO when in September they discovered the waves created by two black holes colliding a billion light years away.

The sheer distance and time this wave has traveled to be picked up here on Earth is mind boggling, and it’s amazing that they could detect it. While we¹ often focus on the progress made in tools that we can use and discoveries that impact us directly, it’s good to be reminded once in a while that there is a lot more going on in the universe. And of course, the below quote from the article serves as a great reminder of how powerful the forces discussed here are.

Lost in the transformation was three solar masses’ worth of energy, vaporized into gravitational waves in an unseen and barely felt apocalypse. As visible light, that energy would be equivalent to the brightness of a billion trillion Suns.

If you’re not sure what gravitational waves are, this comic (also available as video) has a really good explanation.

The dangers of updates

Updating your applications is usually a good idea, and I recommend you’re always diligent with applying at the very least any security related updates. That said, recently a couple of issues with update frameworks have cropped up.

Several weeks ago, it was reported that a very widely used framework for managing updates for OS X applications², Sparkle, had a rather severe bug. This bug was mainly that it wouldn’t enforce the use of https properly, and thereby it allowed man in the middle attacks. Shortly after this was discovered and reported, it was fixed in many of the affected applications as well as Sparkle itself. Now, while the implications of the bug were rather big, the chances of it being abused aren’t very high and it’s very good to see the quick response to it.

The second problem that happened last week has possibly a more direct influence. Backblaze discovered that an update for Adobe Creative Cloud apparently deleted the alphabetically first (hidden) directory in your root folder. This directly impacted Backblaze as they store information there for backing up that drive in a directory called .bzvol and its disappearance broke backups for their clients. Obviously, this isn’t a stellar job on Adobe’s side, but I’m happy to see that they quickly pulled the affected release and by now have released a new one. Still, if you happened to do a Creative Cloud update last week you’d be advised to check that nothing you care about was deleted in your root.

Do the walking dead dream of using AWS?

As usual, AWS introduced plenty of new stuff to play with in the past week. One very interesting one is the ability to but access resources in your VPC from Lambda, specifically resources that aren’t publicly accessible. This is done by defining the subnets you wish your function to have access to, and it will then get an internal IP address in the specified range.

This is an important and useful functionality especially because it gives you access to your protected databases, and thereby opening up a lot of new functionalities for your Lambda functions.

AWS also introduced a couple new tools named Lumberjack and GameLift, which are to be used for game development. As I have absolutely no clue about game development, I’m not even going to try to judge if these tools are useful or good. If you’re a game developer you will no doubt have better sources for that. What I do wish to point out is a section of the terms and conditions for this, specifically this part of section 57.10.

However, this restriction will not apply in the event of the occurrence (certified by the United States Centers for Disease Control or successor body) of a widespread viral infection transmitted via bites or contact with bodily fluids that causes human corpses to reanimate and seek to consume living human flesh, blood, brain or nerve tissue and is likely to result in the fall of organized civilization.

Any service with a zombie apocalypse clause in it has to be good for something.

Updating articles

Speaking of the risen dead, in the past week I’ve updated several older articles on the site to ensure they reflect the current status of things. Most of these are small changes, but the article about using SSL certificates with ELBs has been updated to explain the process of using the AWS Certificate Manager for getting your SSL certificate. In contrast to my original article about the ACM this demonstrates how to request the certificates using the CLI. As expected it’s an easy, quick, and smooth process³ so check it out if you are interested.