Twilio Signal 2016 - Infrastructure & Security
Saw two great talks on this topic at Signal this year.
A wonderful talk by Joyce Jang and Kate Heddleston about how to make system architecture more usable, in order to promote scalability - not just of software, but of teams. Some gems from this talk:
“If your system is too complex for your whole team to use safely, it is too complex. Period.” - building out systems that don’t have to be barricaded from developers in order to protect themselves just means everyone can contribute more code, and that it’s easier to understand what’s going on.
The question “How do you deploy code?” Their recommendation: a single deploy button. If you build your tests and architecture correctly, then by the time it reaches the deploy stage it should be easily ready to go. It’s better to setup a build system with well-rounded tests and then just have things automatically deployed if they pass tests. This is hard for many companies, because it requires thorough testing.
The question “How do you know where you are in your system?” This is especially an issue in a microservices architecture. It’s something worth paying attention to.
Containers. They sure are all the buzz lately. But the main point they made is that containers are great for usability for two reasons: 1. Changing the system installations requires the same workflow as changing code; 2. System installations are linked to Git commits.
Overall, a really enlightening talk. Really enjoyed their insight into building usable web infrastructure.
Really enjoyed hearing Eileen Uchitelle from Basecamp talk about common security vulnerabilities and how to avoid them. Always good to have that extra reminder for taking care of CSRF and XSS attacks on your web applications, and it was great learning about XXE attacks, which I hadn’t known much about.
CSRF attacks, for those who don’t know, are Cross-Site Request Forgery attacks. They’re a bit spooky, because they require little to no user action - by hijacking a user’s active session, the attacked can appear almost indistinguishable from the victim. Luckily with modern frameworks, there is often built-in protection using authenticity tokens. Still, it’s important to check that the version and framework you use is actually doing something about this.
XSS, Cross-Site Scripting attacks, can be seriously damaging if you don’t sanitize all user input coming into your site. Best thing you can do is always sanitize user data (a sanitizing library, liked Yahoo’s [xss-filters](https://github.com/yahoo/xss-filters], is a good idea), or just minimize direct user input strings wherever possible.
XXE attacks are so interesting! XXE stands for XML eXternal Entity (nice job with the abbreviations, guys...). Basically, there is a way to load a file into an XML file in order to create extensible XML. Seems like a great idea? Well, it’s actually terrible! Apparently, if external entities are allowed in your XML, an attacker can request any file on your DB (assuming they can figure out it’s name). So they can steal all your secrets, including important infrastructure information, and can literally hijack your application. Moral of the story: XML, why. Also, don’t allow (if you simply must use XML) external entities ever. Or if you do, make sure to whitelist that biz!
Check out my posts about Signal 2016:
Twilio Signal 2016 (overview)
Twilio Signal 2016 - Hiring in Tech
Twilio Signal 2016 - Bots