September 10, 2019
Plantuml + Gitlab is risky
For a plantuml nice and simple diagrams text generation tool integration with the gitlab server setup, the plantuml server needs to be exposed to external network. Which is not good. Although some of security risks can be mitigated with running plantuml in docker but definitely not all (such as data exposure, DoS attacks) and mitigating them requires lots of careful manual tuning. Gitlab needs plantuml integration to host rendered images on its side. Maybe aa a plugin. I definitely want to investigate this.
Labels: devops, diagram, docker, git, gitlab, plantuml, security, uml, work process
September 8, 2019
On Facebook user data leaks
Some thoughts after recent Facebook user data leak.
I know no evidence of the following, so not stating it's true at all. Though in a light of user data usage restrictions and depersonalisation the real user data would definitely help those who buy ads on Facebook. To put it straight: leaks lead to rise of ad sales!
What I believe is true is that until companies like Facebook is punished really hard for user data leaks, the data leaks incidents will continue to happen.
I know no evidence of the following, so not stating it's true at all. Though in a light of user data usage restrictions and depersonalisation the real user data would definitely help those who buy ads on Facebook. To put it straight: leaks lead to rise of ad sales!
What I believe is true is that until companies like Facebook is punished really hard for user data leaks, the data leaks incidents will continue to happen.
Labels: ads, data leaks, facebook, security, user data
