2017 at Cossack Labs

存储架构 2017-12-31

Stats

This was an eventful year for Cossack Labs! According to our GitHub stats, in 2017 we:

  • made 1200 commits into master branches;

  • merged 260 PRs ;

  • accumulated 444 new stars .

Products and releases

We picked a weird, but hopefully auspicious habit of releasing stuff on holidays or 13th days of the month (preferably Fridays 🙂 or Mercury retrograde periods:

Acra

  • Acra’spublic release took place on the 8th of March.

Acra is data encryption proxy aimed specifically at web apps backed by modern databases. Acra helps you easily secure your databases in distributed, microservice-rich environments. It allows you to selectively encrypt sensitive records with strong multi-layer cryptography , detect potential intrusions and SQL injections and cryptographically compartmentalize data stored in large sharded schemes. Acra's security model guarantees that if your database or your application become compromised, they will not leak sensitive data, or keys to decrypt them.

After the initial release and talking to a number of early adopters, we’re on the roadmap to the next, more feature-rich and integration-friendly release. By the way, here is an incomplete list of the features to come in the upcoming year.

Themis

  • Themis0.9.5 &0.9.6 were released on September 13 and December 14:

These releases contain important core updates, on which all our other products rely. The main core of Themis is ready, now we’re adding convenient methods to it:

  • Now you can build Themis with OpenSSL or BoringSSL on most platforms;

  • OpenSSL 1.1 support was added;

  • Secure Comparator became convenient to use.

Themis wrappers are also being updated according to the plan – small fixes were added for every wrapper, including significant ones like:

  • Support of dynamic frameworks and bitcode, Themis is working on both Swift3/Swift4;

  • Fixed Secure Cell in token protect mode;

  • Support of both old and new versions of Go (starting from v1.2).

Infrastructure fixes included:

  • Predictable and simplified building process for Debian 9.x and macOS;

  • Pre-built Themis packages can now be downloaded from our package server;

  • Documentation and examples were updated to make them easier to understand.

Hermes

  • One of our proudest moment of the year was releasing the scientific PoC version ofHermes, accompanied by ascientific and implementation papers (on December 13th:).

Hermes is a cryptography-based method of providing protected data storage and sharing that allows enforcing cryptographically checked CRUD permissions to data blocks and doesn't let server that's running Hermes do anything worse than DoS. In other words, Hermes enables collaboration and distributed data sharing through enforcing access control with the help of cryptographic methods.

The most exciting thing is that you can use Hermes on almost any platform because the core is written on C. We’ve prepared many tutorials and examples in C, Go, and Python to help you start using Hermes-core.

Publications

We wrote a number of cool articles and these were the most popular – so if you haven’t read them yet, do it now!

Serious stuff:

Fun stuff:

Social

We’re growing and expanding – for instance, @vixentael turned from a core iOS contributor into our full-blown Product Engineer and we’ve welcomed more people on board as contributors and full-time employees.

In 2017, members of our team gave talks at a number of local and international conferences:

Unleashing the Chameleon

Our mascot – Professor Felix – is steadily marching from online (in blog posts) to offline in various forms – if you approach any of us at a conference or other social meetup, chances are you won’t leave empty-handed.

Happy New Year! Happy 2018!

您可能感兴趣的

If a thread interrupts a mid-run spring transactio... I have a thread that is executing a series of instructions, including sql updates against my database. I want to be able to protect the databases data...
Uploading Avatar Images with Spatie’s Media Librar... By default, the Laravel registration form contains only the name, email, and password, but often it’s useful to allow the user to upload a photo or a...
Python操作主流数据库 编辑推荐: 本文来自于博客,本文详细介绍了如何使用Python操作MySQL、使用Python操作Redis及项目实战。 操作MySQL 1)Windows中安装python和pycharm 2)ubuntu...
7个原因告诉你为什么要选择ArangoDB “多模型” 数据库?... ArangoDB 是一个开源的分布式原生多模型数据库 (Apache 2 license)。 其理念是: 利用一个引擎,一个 query 语法,一项数据库技术,以及多个数据 模型,来最大力度满足项目的灵活性,简化技术堆栈,简化数据库运维,降低运营成本。 Find ArangoDB...
项目驱动学Python编程,一箭双雕【据说不会Python的都不是好SEOer】... 最近需要对聚合页面SEO做研究,为了对比分析需要记录各同行网站的关键词排名情况。 手工记录的话效率太低,样本数量也有限。 于是要把这部分工作自动化,因为自学过PHP编程,实现这个需求没问题。 但我打算使用Python,给自己一天的时间边学边写代码,用项目来驱动Python学习。...