Microservices Security: All The Questions You Should Be Asking

I spoke earlier in the year at the Sydney Microservices Meetup about the long path we’ve taken at Tyro Payments over the last decade, gradually tending towards a more fine-grained SOA approach – microservices as it’s come to be known recently.

Hacker-looking character sitting at a Mac in a dark room, checking out your microservices securityI covered a lot of ground in that talk, but something I didn’t get around to talking about was security. However, I believe that’s a really important topic to think about in microservice environments. It’s even more important than with a monolith, because in a service-oriented architecture you’re making a lot more of your system’s functionality directly exposed to the network, and that puts it in closer reach of would-be attackers, or “increases the attack surface” as a security pro would say.

So last week I presented another talk entitled “Microservices Security: All the Questions You Should Be Asking”.

Microservices Security: Let’s Share What We Know!

I want to tell people all about what we’ve been doing about security at Tyro lately. Security is incredibly important to the IT community and I think it’s imperative that we help each other improve. I want to share with the world some of the problems we’ve dealt with and some of the great solutions our team has built. Continue reading

Alan Turing: The Enigma by Andrew Hodges (Book Review)

Alan Turing: The EnigmaAlan Turing: The Enigma: The Book That Inspired the Film “The Imitation Game”
by Andrew Hodges

My rating: 3 of 5 stars

If I had to describe this book in one word, it would be: “indulgent”.

The author has obviously spent a lot of time researching many facets of Alan Turing’s life and work. (It seems he even interviewed many people who knew him.) However, he doesn’t appear to have spent much time deciding what not to put in the book. Consequently, it’s very long, and by a third of the way through it, when I was still reading about Turing’s uncomfortable years at boarding school, I seriously considered giving it up.

I didn’t give up, though, and I was glad in the end.

The middle sections of the book, explaining first Alan’s pioneering work as a young mathemetician, then his contribution to cracking the Enigma system, and then his diversion into the design and operation of early computers, were a really interesting read. The author went into quite a lot of mathematical and technical detail in parts which, as a software engineer, I quite enjoyed.

It was very interesting for me to realise that his major achievement was really in his mathematical endeavours rather than in computing. He didn’t do a whole bunch of amazing hardware stuff alone, unlike the film tried to suggest, and the team that eventually built the first working general purpose computer did it in competition with the group Turing was working with, though that project’s lack of progress was not of his making. However, his contribution to mathematics, by proving that there were uncomputable problems, was extremely significant at the time, and Hodges does a good job of setting the scene and describing how Turing’s discovery came about.

During the narrative of these later parts of his life, many of the episodes and observations from Turing’s early life are linked into the story, showing how his upbringing contributed to, and sometimes adversely affected, his pursuits. However, the same links could probably have been drawn with far less detail spent documenting his childhood.

The documentation about his eventual demise leads into some nice, reflective wrapping up about his whole life. This too, though, is probably more long-winded than it needed to be.

All in all, I learnt a lot about the man, about his achievements, about the war, and a few things about maths and computing. I would have preferred it to be a whole lot shorter, though.

PS – I read this book because the movie had come out and I wanted to read the book first. The movie is so far from what is documented as reality in this book that having read the real story actually ruined the movie for me. If you want to both watch and aread, I suggest you watch the movie first, understanding it strays very far from the truth, then read the book afterwards to get the true story.

Alan Turing: The EnigmaBuy it on Amazon

View all my reviews

Notes from YOW! 2014: Simon Brown on ‘Agility and the Essence of Software Architecture’

I attended YOW! Sydney 2014 and thought some people might get something useful out of my notes. These aren’t my complete reinterpretations of every slide, but just things I jotted down that I thought were interesting enough to remember or look into further.

Simon Brown (@simonbrown) spoke on “Agility and the essence of software architecture”. (Slides, Video)

He started with a great Dave Thomas quote:

“Big design up front is dumb.
No design up from is even dumber.”

Whiteboard covered in a circuit diagram, which looks pretty similar to a typical software architectureSoftware Architecture Agility

He went on to tell us…

Delivering software in an agile way doesn’t guarantee that you’ll develop an agile architecture.

A good architecture enables agility.

He asked “Are monolithic architectures agile?” and proposed the answer, “Well, they could be. Just because you have to deploy it all at once doesn’t mean it’s not agile.”

Which naturally lead into a discussion of what does agility mean? Continue reading