#redis

bkoehn@diaspora.koehn.com

Successfully migrated the #Diaspora pod’s #Redis from 7.4 (which isn’t open source anymore) to #valkey (which is). Redis pulled a sneaky and made the 7.4 file format proprietary in an effort to lock everyone in. I compiled a tool that allows you to generate RESP commands from a 7.4 database, and uploaded that to Valkey. Not super-easy, but I got the job done.

Now I should migrate my other Redis databases before I forget how to do this.

estherschindler@diaspora.glasswings.com

*3 Hackathon Winners Show What Generative AI Can Accomplish *

#Redis has co-sponsored several #AI hackathons. These three winners – from Memoiz, RedAGPT, and SmartHealth – may inspire you to add AI features to your own applications.
https://redis.com/blog/lablab-ai-hackathon-review/

dredmorbius@joindiaspora.com

Meow

#ElasticSearch, one of the database engines targeted by the #MeowDbAttack, has long had ZARRO authentication and security features in its free version.

(Security was added in only release 6.8, in May 2019, the database itself was released in 2010 https://www.elastic.co/guide/en/elasticsearch/reference/6.8/release-notes-6.8.0.html)

Instructions on securing the databse which remains unsecured by default are dated Februarry 2020:
https://www.elastic.co/blog/how-to-prevent-elasticsearch-server-breach-securing-elasticsearch

ElasticSearch is "trusted, used, and loved by" #Bayer, #Adobe, #Lenovo, #WalMart, and #Kroeger (https://www.elastic.co/elasticsearch/) and is the featured search utility on #AmazonAWS (https://aws.amazon.com/elasticsearch-service/)

The (strongly justified IMO) attack has removed nearly 4,000 unsecured databases since July 22:

One of the first publicly known examples of a Meow attack is an Elasticsearch database belonging to a VPN provider that claimed not to keep any logs.

https://arstechnica.com/information-technology/2020/07/more-than-1000-databases-have-been-nuked-by-mystery-meow-attack/

I'd really like to hear from #ElasticNV or founder/CEO #ShayBanon. For now, crickets:

https://twitter.com/kimchy

https://twitter.com/elastic

HN: https://news.ycombinator.com/item?id=23957510

SO: https://stackoverflow.com/questions/63067062/elastic-search-indexes-gets-deleted-frequently

Vendor, service, client, and deployment bullshit like this is a major cause of my frustrations (and worse) with the IT industry.

Other targets include #MongoDB #Cassandra #CouchDB #Redis #Hadoop #Jenkins, and unsecured network-attached storage devices (NAS).

Hats off to Meow's authors.

#sysadmin #dbadmin #netadmin #devops #infosec #schadenfreude