Crypto background for the Assimilation project

Since its inception, the open source Assimilation project has been concerned with security, and paranoid at every opportunity. Like a lot of software, it has serious security concerns. On the one hand, our nanoprobes run on every server in the enterprise and exercise root privileges – creating a potentially dangerous attack surface. On the other hand, we incrementally create a high-value database which has fine-grained and up-to-date information about everything in the environment – software versions, ports, services, IP addresses and MAC addresses, known security vulnerabilities – a veritable treasure map for an attacker. This article details why cryptography is essential for communication in this environment, and some unique aspects of the problem we’re solving that affect how we use it. It is our hope our readers (this means you!) will give us a thorough flogging^H^H^H^H^H^H^H review of how we use cryptography in our software in this article and the next.

Announcing Assimilation version 0.1.4

We are proud to announce the latest in our series of releases of the Assimilation software which will culminate in an incredibly useful production release. This release is eminently suitable for trials in an environment where the caveats are acceptable. We have quite a few pre-built Ubuntu packages, and a few CentOS/RHEL packages – so go forth, download and subdue the galaxy!

Welcome to Assimilation Systems Limited

I’m Alan Robertson, founder of Assimilation Systems Limited – this is my first blog post about the company. Let’s start this first post with a little history of the project and the company.

I founded the Assimilation Project back in 2010, as a result of thinking about a really big supercomputer (over 2 million cores) I was working with which had a very unusual networking architecture. It was a very cool and odd computer. Along the way, I puzzled over how one could effectively monitor it in the presence of this non-traditional networking topology – without using the built-in monitoring hardware (which would be like cheating). After a while, I realized I knew how to make monitoring on normal computers scale in a way that seemed really interesting. Being a techie at heart, I was really jazzed and decided I had to implement it…