“Worst cloud vulnerability you can imagine” discovered in Microsoft Azure

Discussion in 'Networking and Security' started by themickey, Aug 28, 2021.

  1. virtusa


    I don't save these essential things on a PC. They are on unconnected drives that are kept in a safe place. 1000 times more difficult to lay your hand on then hacking the cloud.

    Passwords, log ins and source code are never on my PC's. I have a seperate PC for trading.
    #11     Aug 29, 2021
  2. Only CosmosDB was affected, and CosmosDB already had a terrible reputation internally in the Azure organization...

    Do you love MongoDB, but wish it was slower, more expensive, and even less reliable? Then CosmosDB may be the database for you!
    #12     Aug 29, 2021
  3. d08


    But your trading PC must be going online. Are you saying your compiled versions are in your trading PC? That helps but compiled code isn't a magic solution either.
    I don't keep the source in the cloud either for this exact reason and files I deem critical are encrypted. That said, a minimal cloud machine with a firewall and ports closed (only SSH + trading platofrm) is very safe. For example if your live trading machine is running Windows, it's already quite vulnerable.
    #13     Aug 29, 2021
  4. Is a home Linux or Windows machine with firewall and all ports (except for platform) closed/stealthed anymore vulnerable than a cloud based one?
    #14     Aug 30, 2021
  5. d08


    Probably less vulnerable in that you're the only one with physical access. Then again most cloud providers have additional security measures as far as I know, stuff like limiting SSH password attacks from the same IP. A home PC running Windows is more vulnerable than a cloud VPS running Linux IMHO. I don't hold Microsoft products in high regard when it comes to security.
    #15     Aug 30, 2021
  6. @d08
    Thanks. Im not very tech savvy, could you advise me on what else could be done to improve security of automated trading system?
    I was thinking about setup of two PCs: one (A) connected to internet, another (B) connected to A by LAN or parralel port, communicating with each other by Winsock or whatever. A gets data, sends to B to analyze and receives orders back from B to send to broker. Both A and B are behind firewalls and all ports except one are closed. Would this setup add any more security than just doing it all on a single pc?
    #16     Aug 30, 2021