Posts
Farewell to the Era of Cheap EC2 Spot Instances
AWS EC2 Spot prices have surged since the start of 2023. In this article I investigate this trend, possible causes, and how AWS customers can improve their deployments to get the maximum discount possible.
The Need for Standardized Secret Scanning
It’s no secret that leaving credentials in source code is risky, especially when tools like GitHub make it easy to share code publicly with a single command. The major players have long had tooling to help prevent this like GitHub Secret Scanning, and GitHub also makes it possible (at least in theory) for third-party providers to join the program. Unfortunately, out of the countless platforms that use secrets for authentication, only 100 or so have partnered with GitHub’s program.
Leveraging Mispriced AWS Spot Instances for Fun and Savings
AWS creates a market for spot instance pricing, but this market is inefficient as customers don’t consider all instance types available. Leveraging this mispricing can save even more than spot pricing already does.
Saving 90% vs. GitHub Codespaces with EC2 Spot Instances
GitHub Codespaces offer convenient hosting for VSCode at a high price. Using EC2 spot instances and Wireguard we can achieve a more flexible setup for nearly 90% less.
Securing Cloud Services against Squatting Attacks
IT organizations must take steps to protect their users against cloud Squatting. This post discusses the root causes of cloud squatting from an IT practitioner’s perspective, and demonstrates the steps companies can take to harden their infrastructure.
Cloud Squatting: The Risk of IP Reuse on Public Clouds
Our new research details a broad class of attacks against services hosted on public clouds.
Broadcast Channels in Go
Go channels implement a simple way to pass data between concurrent processes. Their one-to-one nature makes them great for handling ownership of resources or allocation of work to a pool of workers. However, in some cases it’s useful to have a different type of channel – a channel in which a single message sent can be received by multiple processes simultaneously.
Single-Implementation Interfaces in Go
In Java, classes can be instantiated using the default constructor unless there is a non-default constructor defined. One feature that I’ve often missed in Go is the ability to have such control over struct instantiation. Any exported struct definition can be defined from any other package, and methods on that struct should be written to work with the struct zero values. For example, from my FlowCache project: