Week 9 2017 - Cloudflare security bug; TensorFlow 1.0; 7 planets

By (3 minutes read)

Cloudflare had a security bug reminiscent of Heartbleed, TensorFlow is now 1.0, and 7 Earth-sized planets are circling a single star.

Cloudflare security bug

Cloudflare wrote a post-mortem of a serious bug that was recently discovered. If, like me, you’re using Cloudflare’s services you most likely got an email about it. In short, the issue was that since September 2016 using a certain combination of features that Cloudflare offers would cause it to leak memory fragments that might then show up on other websites or be cached by search engines. These fragments could contain passwords and other sensitive data.

Others have written about the impact of the bug, so I’m not going into any details on that. Suffice to say that it wasn’t a good thing and you’ll probably want to update your password for a number of services1.

As any developer knows, errors do happen. No matter how hard you try to prevent it sometimes you miss something. Unfortunately in a case like this that has big consequences. On the other hand Cloudflare seems to have acted properly on this. Once it was discovered and reported by a Google security researcher2 Cloudflare reacted quickly with an initial mitigation within the hour. After that there was a lot of work from various parties to have a complete fix in place and ensuring any search engine caches of this data were removed.

All of this is also explained in more detail at their post mortem, which Cloudflare obviously also did a good job on. So I’m the end, a nasty bug with severe consequences that was well handled once discovered.

Tensorflow goes 1.0

TensorFlow, Google’s open source machine learning tool has released version 1.0. It comes with a number of improvements, including two new APIs3 for Java and Go and the Python API is now stable. It’s also good to see that they’ve made the installation easier with Docker images or even just running pip install tensorflow.

TensorFlow is used by Google internally as well, and in a video on the announcement they show off some of these. This gives me a good feeling about the future of TensorFlow as that makes it less likely they’ll scrap the project at some point. It is Google after all.

An announcement like this obviously comes with a bunch of statistics about how great it is, but they’ve also put videos from the TensorFlow Developer Summit online. I haven’t gone through most of those yet, but they’re certainly interesting.

7 planets

A star has been found that has 7 Earth-sized planets around it. As they are relatively close to Earth (“only” 39 light years away) that makes them good research material. Which to me is quite amazing. These planets are so far away that what we see of them is nearly 40 years old, but at the same time we have technology that is so advanced we can study their atmospheres.

Now, we4 can’t actually see the planets in visible light, which means that any depictions of them are artist renderings. Which is a shame, but already impressive enough. With all of these planets having the possibility of water on their surface it sounds like plenty of opportunities for research that will hopefully teach us more about the universe and even our little corner in it.

  1. Isn’t that fun? ↩︎

  2. Who did a great job in discovering this. ↩︎

  3. Experimental only for now. ↩︎

  4. Obviously this is a very generic “we” that represents humanity and not just me. ↩︎

comments powered by Disqus