eng.age

Vulnerabilities Addressed in OpenSSL 1.1.1l

OpenSSL 1.1.1l was released yesterday, fixing CVE-2021-3711 and CVE-2021-3712.

We do not believe there was any impact from CVE-2021-3711 on the CDN, which is an exploit in OpenSSL’s implementation of SM2. OpenSSL does not provide support for SM2 in TLS, and we do not currently support its usage via other mechanisms.

Continue Reading

Evaluating an Adaptive CDN Request Load Balancing System

As traffic volumes delivered by our CDN continue to increase, we continue to expand the footprint of our CDN both in terms of number and size of Points of Presence (PoP). As the sizes of PoPs grow, it is important to distribute load across their servers, in order to maintain their health and stability and to guarantee resilience to ephemeral traffic spikes.

Continue Reading

Reducing latency at CDNs with Bidirectional Anycast/Unicast Probing

Anycast is widely used by Content Delivery Networks (CDNs) and for the Domain Name System (DNS) to efficiently route service to clients from multiple physical points-of-presence (PoPs).

Anycast depends on Border Gateway Protocol (BGP) routing to map users to PoPs. Therefore, its efficiency depends on both the CDN operator and the routing policies of ISPs on the path. Such a distributed environment makes detecting and diagnosing inefficiency challenging.

Continue Reading

Bindable: Open Source Themeable Design System Built in Aurelia JS for Faster and Easier Web Development

As part of the Media Platform Video Team we build and maintain a set of web applications that allow customers to manage their video content. We needed a way to be consistent with how we build these applications. Creating consistent layouts and interfaces can be a challenge. There are many areas that can cause bloat or duplication of code. Some examples of this are, coding multiple ways to build the same layout in the app, slight variations of the same red color scattered all over, multiple functions being used to capitalize data returned from the database. To avoid cases like this we built Bindable.

Continue Reading