The Open Cloud and Other Musings

KNX Association Response

In December 2013 I was able to abuse the insecurity of the KNX/IP protocol in a large home automation setting: The St. Regis Hotel in ShenZhen. The KNX Association responded to the incident with a brief statement on their webpage. The response seems odd, as it is half an apology for being an old standard that failed to keep with the security requirements of a connected world, half defending their security because they provide security through obscurity (ironically, it is supposed to be an “open “standard”)

Read more...

Learn How To Control A Luxury Hotel Remotely: Updated Talk Materials

Thank you very much to all of you that attended my talks at BlackHat and Defcon. If you are interested in the supporting materials of the talk, I am providing a local mirror for download:

Read more...

OpenStack is not the Linux of Cloud - From Linux Enlightened Absolutism to the OpenStack Republic

This blog post is not a troll against OpenStack. It started as a response to a twitter post, and transitioned to a reflection on the governance of Open Source projects and its impact on the code. And I am not implying Openstack is worse than Linux, just that it is a different form of open source, is not the Linux for cloud and I will tell you why. Linux was created with a vision, to provide a free and open operating system while OpenStack is just a tool to pool resources between companies to create an open cloud ecosystem. This reflects in several aspects of OpenStack, but the more glaring difference is Governance.

Read more...

Openstack vs. CloudStack A Tale of Two Conferences

OpenStack and CloudStack are open source software to create infrastructure as a service (IaaS) clouds. Both are under the Apache License, which allows creating derivative projects, and even close sourcing them as long as you maintain the copyright notices. They represent a new wave of open software, where companies open their code to pool resources to other interested parties (another relevant example of that trend is CloudFoundy to create PaaS). I recently attended the respective conferences for these software packages. More than the contents, the dynamics of each conference provided a very representative insight of the software.

Read more...

Latest Tweets

Latest Posts