Bulletin for Friday, 15 Jul 2022
7 days digest
Stay SaaSy (1)
Ravelin Tech Blog - Medium (1)
Future (1)
Computer Things (1)
Pluralistic: Daily links from Cory Doctorow (1)
Instagram Engineering - Medium (1)
Sentry Blog RSS (1)
Julia Evans (1)
High Scalability (1)
Notes on software development (1)
Retool blog (1)
Stratechery by Ben Thompson (1)
The CircleCI Blog Feed - CircleCI (2)
- Automate deployment of ASP.NET Core apps to Heroku
- Configuring a pipeline using multiple CircleCI orbs
- Book review: "Crafting Interpreters" by Robert Nystrom
- Exploring function parameter types with Go tooling
Tech at Meta (2)
- How AI could help make Wikipedia entries more accurate
- Boz to the Future Episode 11: The Future of AI with Guest Yann LeCun
Earthly Blog (3)
- Earthly And Vlad on Open Source Startup Podcast
- Pulumi vs Terraform
- The Slow March of Progress in Programming Language Tooling
Timescale Blog (3)
- How PostgreSQL Views and Materialized Views Work and How They Influenced TimescaleDB Continuous Aggregates
- State of PostgreSQL: How to Contribute to PostgreSQL and the Community
- State of PostgreSQL 2022—First Findings
Simon Willison's Weblog: Blogmarks (3)
- The DALL·E 2 Prompt Book
- Bringing page transitions to the web
- GPT-3 prompt for spotting nonsense questions
Weaveworks (3)
- How Policies Enable Safer And More Predictable Progressive Delivery
- Security & IAM policies in a GitOps world
- How to use GitOps and Progressive Delivery with Flux, Flagger, & Istio
Blog – Hackaday (3)
- This Jet Engine Will See You Through
- A Linux Business Card You Can Build
- Apple AirTags Hacked And Cloned With Voltage Glitching
The Full Feed - All of the Packet Pushers Podcasts (4)
- IPv6 Buzz 105: IPv6 Transition Technology Design Considerations
- Day Two Cloud 154: Can eBPF Replace Sidecar Proxies?
- Network Break 389: Alleged IT Fraudsters Indicted; HPE Floats GreenLake Private Cloud
- Special: Heavy Strategy Ep27 Broadcom And VMware – What’s Gonna Happen?
Google AI Blog (4)
- Towards Reliability in Deep Learning Systems
- Rewriting Image Captions for Visual Question Answering Data Creation
- Revisiting Mask Transformer from a Clustering Perspective
- Deep Hierarchical Planning from Pixels
- North Korean threat actor targets small and midsize businesses with H0lyGh0st ransomware
- Microsoft recognized as a Leader in UEM Software 2022 IDC MarketScape reports
- Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706
- From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
- Introducing security for unmanaged devices in the Enterprise network with Microsoft Defender for IoT
- How Rust manages memory using ownership and borrowing
- Stack Overflow joins Microsoft Azure Marketplace as ChatOps rise in popularity
- Money that moves at the speed of information (Ep. 462)
- Stack Exchange sites are getting prettier faster: Introducing Themes
- The Overflow #133: Introducing the video podcast
- A conversation with Stack Overflow’s new CTO, Jody Bailey (Ep. 461)
- Might Go actually be OOP? (Go Time #238)
- The ops & infra behind Transistor.fm (Ship It! #61)
- Cloning voices with Coqui (Practical AI #184)
- Bun, K8s is a red flag, "critical" open source packages, Rustlings & FP jargon in simple terms (The Changelog)
- Oxide builds servers (as they should be) (The Changelog #496)
- Accidentally testable (JS Party #233)
- Kaizen! Post-migration cleanup (Ship It! #60)
- Why ambient computing needs self-learning
- Joris Kinable wins IISE Transactions 2022 Best Application Award
- Amazon and MIT announce Science Hub gift project awards
- Knowledge distillation for better convergence in multitask learning
- Machine Learning University expands with MLU Explains
- How events like Prime Day helped Amazon navigate the pandemic
- NAACL: Industry track offers reality checks, new directions
- Improving “entity linking” between texts and knowledge bases
- How the James Webb Telescope's cosmic pictures impacted the Internet
- Mantis - the most powerful botnet to date
- 35,000 new trees in Nova Scotia
- Waiting Room Event Scheduling protects your site during online events
- Introducing Location-Aware DDoS Protection
- NIST’s pleasant post-quantum surprise
- Cloudflare’s view of the Rogers Communications outage in Canada
- Automatic Signed Exchanges may dramatically boost your site visitor numbers
Towards Data Science - Medium (8)
- How to Empower Analytics Teams
- Pivot Table Concepts | Report, Analyze, Story Tell
- Getting Started with the Polars DataFrame Library
- Developing Your Own Screen Recording Software with Python
- Statistics in Data Science: Mean, what do you mean?
- Distribute your Pytorch model in less than 20 lines of code
- AWS Lambda Function URLs
- Building a Data Science Team
Cloud Blog (20)
- Debugging cloud spanner latency using OpenCensus and Go client library
- Hear how this Google M&A Lead is helping to build a more diverse Cloud ecosystem
- Get ready to flex this summer: ChromeOS Flex is now ready to scale broadly to PCs and Macs
- Nordic Choice Hotels bounces back from ransomware attack with ChromeOS Flex
- Cloud SQL - SQL Server Performance Analysis and Query Tuning
- Introducing model co-hosting to enable resource sharing among multiple model deployments on Vertex AI
- A Guide to Databases on Google Cloud part 3 - Cloud Spanner! & CRUD it with Spring Boot on Cloud Run
- Moving off CentOS? Introducing Rocky Linux Optimized for Google Cloud
- Expanding the Tau VM family with Arm-based processors
- Run your Arm workloads on Google Kubernetes Engine with Tau T2A VMs
- Introducing Batch, a new managed service for scheduling batch jobs at any scale
- Drive Hockey Analytics uses Google Cloud to deliver pro-level sports tracking performance to youth
- Google Cloud’s innovation-first infrastructure
- Security Monitoring in Google Cloud
- Google Meet and Miro come together to create great collaborative moments
- Track, compare, manage experiments with Vertex AI Experiments
- Making AI more accessible for every business
- Multicloud reporting and analytics using Google Cloud SQL and Power BI
- How to think about threat detection in the cloud
- Multicloud strategy for the public sector: Optimize return, mitigate risk
In my time observing managers, one observation seems to repeat again and again: good managers write well, and bad managers write poorly. In fact, the best managers I’ve ever seen were not just good writers, they were terrific. And the worst managers I’ve ever had were not just bad writers, they were uncommonly bad. I’ve started to reflect more on why this might be the case, as well as the implications of this trend. To be a good manager, you must be able to do the same. Writing is the opposite. (BACK TO TOP)
Image by Marija Zaric from Unsplash This blog continues exploring deep learning methods for tabular data. Previously, we’ve looked at TabNet which was one of the first deep learning models designed specifically for tabular data. This blog is going to focus on VIME (Value Imputation and Mask Estimation) — a self and semi-supervised learning framework for tabular data. You can find all the notebooks and code in this github repo .com/papers/NeurIPS2020_VIME.com/papers/NeurIPS2020_VIME. (BACK TO TOP)
Sales enablement —the strategic use of people, processes, and technology to improve sales productivity and increase revenue — is the (usually) missing key for sales organizations that want to evolve beyond a handful of overachievers and into a well-oiled, agile, and high-performing commercial machine. Along with go-to-market — how an organization engages with customers to... Read More The post Sales Enablement: The Underrated Cog of Enterprise Commercial Engines appeared first on Future . (BACK TO TOP)
https://engineering.linkedin.com/blog.rss.html
Co-authors: Maggie Zhang, Joyce Chen, and Ming Wu What’s my ROI? In every company, there’s a fundamental need to understand the impacts of marketing campaigns. You want to be able to measure how many incremental conversions different channels and touchpoints are successfully driving. The best practice of A/B tests at individual level is not applicable in traditional channels such as TV ads, radios, or billboards. (BACK TO TOP)
https://buttondown.email/hillelwayne
I got 1,000 words into “what, exactly, is software complexity” before remembering that this is supposed to be less effort than the blog. So instead I’m going to list some ideas I had for programming languages. I think all of these are technically doable, so it’s more a “nobody else wants this badly enough” thing. The canonical example is withdrawing from a bank account: method withdraw(amnt: int) requires amnt <= self.balance ensures self.balance >= 0 { self.. Stuff like that. ↩ (BACK TO TOP)
Today's links Finance caused the fall of Rome: A politics of protecting contracts and property is a civilizational suicide pact. Hey look at this: Delights to delectate.tor. Core to Hudson and Graeber's work is the recognition that a society can be divided into "debtors" and "creditors," and, depending on which group is favored by policy, different kinds of enduring, intergenerational social roles emerge. When these occur, the farmer can't make good on their debts.medium." https://pluralistic. (BACK TO TOP)
Sinds een tijdje maak ik grafiekjes van hoe Nederland aan z’n elektriciteit komt. En soms ben ik daar dan enthousiast over, zeker als de wind waait en de zon goed schijnt. Het blijkt dat we nu soms voldoende groene elektriciteit hebben om onszelf een paar uur geheel groen te bedruipen. En vaak hebben we dan ook nog hele gigawatten over om te exporteren naar het buitenland: Mijn enthousiasme leidt dan weleens tot de vraag “maar wat nou als het donker is”. (BACK TO TOP)
https://instagram-engineering.com
In order to streamline our internal blog operations, all future Instagram Engineering content will be posted on the Engineering at Meta blog located here. This will allow us to post more regularly about the novel engineering work being done at Instagram. (BACK TO TOP)
In many critical areas, you can automate the completion of repetitive chores in an efficient and effective manner by using a computer… (BACK TO TOP)
The DynamoDB paper The other database called Dynamo This week at USENIX ATC'22, a group of my colleagues 1 from the AWS DynamoDB team are going to be presenting their paper Amazon DynamoDB: A Scalable, Predictably Performant, and Fully Managed NoSQL Database Service . This paper is a rare look at a real-world distributed system that runs at massive scale. From the paper: In 2021, during the 66-hour Amazon Prime Day shopping event, Amazon systems ... ...75 percent. What's not to love about a 99. (BACK TO TOP)
Hello! I’ve started to run a few more servers recently ( nginx playground , mess with dns , dns lookup ), so I’ve been thinking about monitoring. It wasn’t initially totally obvious to me how to monitor these websites, so I wanted to quickly write up what how I did it. I’m not going to talk about how to monitor Big Serious Mission Critical websites at all, only tiny unimportant websites. So for a while I only made static websites so that I wouldn’t have to think about servers.Println(err) w. (BACK TO TOP)
Being able to distribute large, widely -consumed objects (so-called hot content) efficiently to hosts is becoming increasingly important within Meta’s private cloud. These are commonly distributed content types such as executables, code artifacts, AI models, and search indexes that help enable our software systems. Owl is a new system for high-fanout distribution of large data [...] Read More... The post Owl: Distributing content at Meta scale appeared first on Engineering at Meta . (BACK TO TOP)
In this blog post, we'll deep-dive into X11 Forwarding, explaining what X11 is and how it works under the hood. (BACK TO TOP)
https://www.tbray.org/ongoing/ongoing.atom
http://highscalability.com/blog/
Never fear, HighScalability is here! Every cell a universe. Most detailed image of a human cell to date. @microscopicture Other images considered: one byte of RAM in 1946 ; visual guide on troubleshooting Kubernetes ; Cloudflare using lava lamps to generate cryptographic keys ; 5MB of data looked like in 1966 My Stuff: Love this Stuff? I need your support on Patreon to help keep this stuff going. Explain the Cloud Like I'm 10 . It has 440 mostly 5 star reviews on Amazon. Max Workout . (BACK TO TOP)
A few years ago while interviewing Nelson Elhage for Staff Engineer , he mentioned “estimation” as a particularly valuable skill. I hadn’t thought much about the idea of estimation as a skill, but his comment made me remember one of the best architecture interviews I’ve ever given, where the candidate was able to significantly narrow down the possible solutions by asking for a few details (as best I can remember: queries per second, expected number of rows, and necessary columns).g.g.g.g. (BACK TO TOP)
In this post we'll build a basic jq clone in Go. It will only be able to pull a single path out of each object it reads. It won't be able to do filters, mapping, etc. $ cat large-file.json | head -n2 | ./jqgo '.repo.url' "https://api.github.com/repos/petroav/6.828" "https://api.github.com/repos/rspt/rspt-theme" We'll start by building a "control" implementation that uses Go's builtin JSON library with a JSON path tool on top. Why partial parsing? There are two general reasons.5 GHz/3.18.10-100.. (BACK TO TOP)
This year, we asked over 2,000 developers in companies big and small to weigh in on how much time they spend on internal tools, how they build them (and for whom), and how they measure their impact. (BACK TO TOP)
The Big Ten's recent expansion is being blamed on Fox and ESPN, but it is actually an example of content extracting maximum value through consolidation (BACK TO TOP)
This tutorial covers: Setting up the sample ASP.NET Core project Creating the application on Heroku Configuring your ASP.NET deploy pipeline Known for its cross-platform compatibility and elegant structure, ASP.NET Core is an open-source framework created by Microsoft for building modern web applications. With it, development teams can build monolithic web applications and RESTful APIs of any size and complexity.NET Core application has become even easier.NET Core application to Heroku.1 .NET.b. (BACK TO TOP)
This tutorial covers: What orbs are and how to use them Why you might want to use multiple orbs Setting up a configuration using multiple orbs Continuous integration/continuous delivery (CI/CD) tools give developers the ability to automate the software development process. As soon as developers push code to git, your CI/CD system can build, test, stage, integration test, deploy, and scale. Set-up and installation instructions are available on each project directory.JS command-line application.0. (BACK TO TOP)
https://eli.thegreenplace.net/
A comprehensive introduction to writing an interpreter for a dynamically typed, object-oriented toy programming language (Lox). Throughout the book the author develops two complete interpreters for the language from start to finish, including all the front-end and backend parts. The first is a simple AST walking interpreter implemented in Java, and the second is a moderately optimized VM written in C, including a garbage collector. It will work. First, the book is enormous . Long, large, heavy. (BACK TO TOP)
I enjoy hacking on Go tooling (Go programs that analyze and manipulate other Go programs), and a few weeks ago an interesting Stack Overflow question caught my attention. Given a function with a parameter of some structure type: func foo ( param SomeType ) {} How can we examine the fields of SomeType ? The reason I found this question interesting is because it's very representative of the problems Go tool writers typically face: Find something in the code (e.g. a function) Analyze this thing (e. (BACK TO TOP)
Learn how database indexes work under the hood and how they can be used to speed up queries Read the full story (BACK TO TOP)
Learn how to quickly get up and running with the PlanetScale CLI. Read the full story (BACK TO TOP)
Processors come, roughly, in two large families x64 processors from Intel and AMD, and ARM processors from Apple, Samsung, and many other vendors. For a long time, ARM processors occupied mostly the market of embedded processors (the computer running your fridge at home) with the ‘big processors’ being almost exclusively the domain of x64 processors. … Continue reading Filtering numbers faster with SVE on Graviton 3 processors (BACK TO TOP)
When programming, we often need to write ‘generic’ functions where the exact data type is not important. For example, you might want to write a simple function that sums up numbers. Go lacked this notion until recently, but it was recently added (as of version 1.18). So I took it out for a spin. In … Continue reading Go generics are not bad (BACK TO TOP)
As the most popular encyclopedia of all time — with some 6.5 million articles — Wikipedia is the default first stop in the hunt for research information, background material, or an answer to that nagging question about pop culture. Wikipedia can tell you that scientists named a new species of fungus Spongiforma squarepantsii, after the […] The post How AI could help make Wikipedia entries more accurate appeared first on Tech at Meta . (BACK TO TOP)
Welcome back for the eleventh episode of Boz to the Future, a monthly podcast from Reality Labs (RL). In today’s episode, our host, Head of RL, and Meta CTO Andrew “Boz” Bosworth is joined by Meta’s VP and Chief Scientist of AI Yann LeCun. First, a look at LeCun’s bona fides. In addition to his […] The post Boz to the Future Episode 11: The Future of AI with Guest Yann LeCun appeared first on Tech at Meta . (BACK TO TOP)
Microsoft today released updates to fix at least 86 security vulnerabilities in its Windows operating systems and other software, including a weakness in all supported versions of Windows that Microsoft warns is actively being exploited. The software giant also has made a controversial decision to put the brakes on a plan to block macros in Office documents downloaded from the Internet. (BACK TO TOP)
Twice in the past month KrebsOnSecurity has heard from readers who've had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn't theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts. Research suggests identity thieves were able to hijack the accounts simply by signing up for new accounts at Experian using the victim's personal information and a different email address. (BACK TO TOP)
Vlad was interviewed by the Open Source Startup Podcast . ⚡️Ep 42 of the Open Source Startup Podcast is LIVE⚡️ Ft. @VladAIonescu , Founder of CI/CD Framework @EarthlyTech 💪 https://t.co/U7t5yXwi8F — Open Source Startup Podcast🎙 ( @OssStartup ) July 11, 2022 (BACK TO TOP)
There once was a time when technicians manually provisioned application infrastructure. In recent years, as companies began rapidly expanding their infrastructure stacks, they began to realize the shortcomings of manual provisioning: It’s costly, since hiring a technician is expensive, and manual processes are time-consuming. It’s inconsistent, since human errors are inevitable, and can cause unwanted discrepancies between stacks. If you already know Python, Java, Node.js, Go, or .dynamodb. (BACK TO TOP)
The 2022 Stack Overflow developer survey is out! And what’s fascinating to me is which popular programming languages are either loved or dreaded. 1 The Popular And Loved Programming Languages (2022) Rust, Typescript, Python, Go, C#, Kotlin, JavaScript The Popular And Dreaded Programming Languages (2022) Ruby, C++, Java, PHP, C Last time the developer survey came out, I wrote a post about Green VS Brown languages . But that misses something big: Language tooling is getting better 2 . Rust.rs . ↩︎ (BACK TO TOP)
https://www.timescale.com/blog/
How PostgreSQL Views and Materialized Views Work and How They Influenced TimescaleDB Continuous Aggregates
Continuous aggregates are one of the most popular features in TimescaleDB, but you can’t fully understand them without some context on PostgreSQL views and materialized views. In this blog post, we’re filling that gap and sharing how views and materialized views influenced continuous aggregates. (BACK TO TOP)
Community contribution remains a recurrent theme in the State of PostgreSQL survey. As we prepare to release the full report later this month, we dig into some of the results and leave you tips on how to contribute to PostgreSQL and its community. (BACK TO TOP)
The results of the third State of PostgreSQL survey are almost out! While you wait for the complete report, read some of the survey’s initial findings, including where PostgreSQL users come from, their experience level, and favorite tools. (BACK TO TOP)
Progressive delivery is a long-standing practice that builds on the capabilities of Continuous Integration and Continuous Delivery (CI/CD) to help organizations get more control over software rollout. With it, we are able to limit the potential negative impact on user engagement when releasing new product features. While the idea makes sense, progressive delivery is a complex mechanism if done manually. This can become tedious and error prone. (BACK TO TOP)
Broken Access Control is still the top vulnerability in the list of OWASP Top 10 security risks . This means that proper configuration of access controls can solve a majority of your security concerns. In this post, let’s discuss what a GitOps approach to security and IAM policies looks like in practice, and how it can help improve your cloud-native system’s security posture. Thus, Git becomes the pulse of the system right from the start. (BACK TO TOP)
At the recent GitOps Days 2022 conference Marco Amador, Chapter Lead for Data Engineering and SRE at Anova gave a talk on GitOps and Progressive Delivery with Flux, Flagger, & Istio . Marco describes Anova’s journey into progressive delivery with some hands-on demos and explains why they’ve chosen progressive delivery on their multi-cluster and multi-region Kubernetes cluster. With that came five different platforms and five different ways to build and release software.weave. (BACK TO TOP)
Have you ever wished you could peer inside a complex machine while it was still running? We sort of can with simulations and the CAD tools we have today, but …read more (BACK TO TOP)
It is a sign of the times that one of [Dmitry’s] design criteria for his new Linux on a business card is to use parts you can actually find during …read more (BACK TO TOP)
Apple AirTags are useful little devices. They essentially use iPhones in the wild as a mesh network to tell the owner where the AirTag is. Now, researchers have shown that …read more (BACK TO TOP)
In this episode, the IPv6 Buzz crew talk about IPv6 transition technologies – especially NAT64/DNS64 – and what design considerations come into play when deploying them. The post IPv6 Buzz 105: IPv6 Transition Technology Design Considerations appeared first on Packet Pushers . (BACK TO TOP)
Today's Day Two Cloud turns the nerd knob to eleven as we delve into kernels, eBPF, sidecar proxies, and service meshes. If you're an old-school engineer used to working with load balancers and proxies, this show looks at new ways to do application delivery in the Kubernetes world. The post Day Two Cloud 154: Can eBPF Replace Sidecar Proxies? appeared first on Packet Pushers . (BACK TO TOP)
Take a Network Break! This week we cover two separate indictments against alleged schemers who sold counterfeit Cisco gear and pirated Avaya license keys. We also cover new products from Juniper Networks, VMware, and HPE. Meanwhile Starlink targets maritime vessels with a satellite broadband offering. The post Network Break 389: Alleged IT Fraudsters Indicted; HPE Floats GreenLake Private Cloud appeared first on Packet Pushers . (BACK TO TOP)
Heavy Strategy is a new podcast from Packet Pushers. We look at the strategy and business of IT Infrastrucrure in two-sided debate format. We believe that the questions are more important than the answers since its all your responsibility anyway. The post Special: Heavy Strategy Ep27 Broadcom And VMware – What’s Gonna Happen? appeared first on Packet Pushers . (BACK TO TOP)
Posted by Dustin Tran and Balaji Lakshminarayanan, Research Scientists, Google Research Deep learning models have made impressive progress in vision, language, and other modalities, particularly with the rise of large-scale pre-training. Such models are most accurate when applied to test data drawn from the same distribution as their training set. However, in practice, the data confronting models in real-world settings rarely match the training distribution. Uncertainty — Dog vs.e.e. J. (BACK TO TOP)
Posted by Soravit Beer Changpinyo and Doron Kukliansky, Senior Software Engineers, Google Research Visual Question Answering (VQA) is a useful machine learning (ML) task that requires a model to answer a visual question about an image. What makes it challenging is its multi-task and open-ended nature; it involves solving multiple technical research questions in computer vision and natural language understanding simultaneously. But, creating such data is time consuming and onerous. was .e.g. (BACK TO TOP)
Posted by Qihang Yu, Student Researcher, and Liang-Chieh Chen, Research Scientist, Google Research Panoptic segmentation is a computer vision problem that serves as a core task for many real-world applications . Each sub-task is processed individually, and extra modules are applied to merge the results from each sub-task stage.e., grouping pixels with the same semantic labels together), which better adapts to vision tasks.e.e., applying the argmax operation along the cluster centers).e.1% (-6. (BACK TO TOP)
Posted by Danijar Hafner, Student Researcher, Google Research Research into how artificial agents can make decisions has evolved rapidly through advances in deep reinforcement learning . Compared to generative ML models like GPT-3 and Imagen , artificial agents can directly influence their environment through actions, such as moving a robot arm based on camera inputs or clicking a button in a web browser. The worker policy (red) learns to achieve the goal from future trajectories ( s 1 , ... (BACK TO TOP)
https://www.microsoft.com/security/blog
A group of actors originating from North Korea that MSTIC tracks as DEV-0530 has been developing and using ransomware in attacks since June 2021. This group, which calls itself H0lyGh0st, utilizes a ransomware payload with the same name. The post North Korean threat actor targets small and midsize businesses with H0lyGh0st ransomware appeared first on Microsoft Security Blog . (BACK TO TOP)
Competition for talent has increased pressure to lead in the digital space, and business decisions now weigh user experience for employees heavily among costs and benefits. Workers insist on experiences that mirror their personal experience, often on their own device. The post Microsoft recognized as a Leader in UEM Software 2022 IDC MarketScape reports appeared first on Microsoft Security Blog . (BACK TO TOP)
Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple, and fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates on May 16, 2022. The post Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 appeared first on Microsoft Security Blog . (BACK TO TOP)
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
A large-scale phishing campaign that attempted to target over 10,000 organizations since September 2021 used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and skip the authentication process, even if the user had enabled multifactor authentication (MFA). The post From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud appeared first on Microsoft Security Blog . (BACK TO TOP)
Introducing security for unmanaged devices in the Enterprise network with Microsoft Defender for IoT
Microsoft Defender IoT is generally available to help organizations challenged with securing unmanaged Internet of Things devices connected to the network. The post Introducing security for unmanaged devices in the Enterprise network with Microsoft Defender for IoT appeared first on Microsoft Security Blog . (BACK TO TOP)
Garbage collection? Manual allocation? When it comes to allocating memory for variables, Rust goes its own way. The post How Rust manages memory using ownership and borrowing appeared first on Stack Overflow Blog . (BACK TO TOP)
Stack Overflow for Teams is now available within the Microsoft Azure Marketplace. The post Stack Overflow joins Microsoft Azure Marketplace as ChatOps rise in popularity appeared first on Stack Overflow Blog . (BACK TO TOP)
The home team chats with Devraj Varadhan, SVP of Engineering at Ripple, about crypto companies bracing for economic uncertainty, how Ripple’s solutions might help to expand financial inclusion in underserved markets, and why companies should take the long view rather than getting distracted by hype. The post Money that moves at the speed of information (Ep. 462) appeared first on Stack Overflow Blog . (BACK TO TOP)
Our April Fools joke has a nice side effect: it's easier to make Stack Exchange sites more distinct. The post Stack Exchange sites are getting prettier faster: Introducing Themes appeared first on Stack Overflow Blog . (BACK TO TOP)
The cost of Copilot, replacing a fuse box, and understanding databases The post The Overflow #133: Introducing the video podcast appeared first on Stack Overflow Blog . (BACK TO TOP)
From Pluralsight to AWS Training to Stack Overflow, our new CTO Jody Bailey has a wealth of experience in the world of ed-tech and software. The post A conversation with Stack Overflow’s new CTO, Jody Bailey (Ep. 461) appeared first on Stack Overflow Blog . (BACK TO TOP)
A conversation with Ronna Steinberg, who was an OOP developer for many years, and now is a Go Google Developer Expert. Ronna has been thinking about Go and OOP for awhile, asking herself whether or not Go is an object oriented programming language. Tune in to find out her answer and hear some of the options gophers have for object oriented design. (BACK TO TOP)
Today we talk with two lovely folks from Transistor.fm: Jason Pearl, Senior Software Developer & Jon Buda, co-founder. Gerhard was curious to find out about their setup & how did it change with the launch of the new podcast website builder. After all, you have been hearing us talk about our setup for years, so it was high-time to challenge some assumptions and learn how another team is solving similar problems. TL;DL: keeping it simple is at the root of smooth operations & stable systems. (BACK TO TOP)
Coqui is a speech technology startup that making huge waves in terms of their contributions to open source speech technology, open access models and data, and compelling voice cloning functionality. Josh Meyer from Coqui joins us in this episode to discuss cloning voices that have emotion, fostering open source, and how creators are using AI tech. (BACK TO TOP)
Bun, K8s is a red flag, "critical" open source packages, Rustlings & FP jargon in simple terms (The Changelog)
Jarred Sumner’s Bun comes out of the oven, Jeremy Brown doesn’t want you prematurely optimizing, Armin Ronacher’s not excited about his “critical” Python package, Daniel Thompson from Tauri thinks you should check out Rustlings, and we draw a straight line between Functional Programming jargon and boujee Gen Z slang. (BACK TO TOP)
Today we have a special treat: Bryan Cantrill, co-founder and CTO of Oxide Computer! You may know Bryan from his work on DTrace. He worked at Sun for many years, then Oracle, and finally Joyent before starting Oxide. (BACK TO TOP)
OSS developer Jessica Sachs joins Jerod & Kball to discuss re-launching and maintaining Faker.js after it was abandoned last January, Component Driven Development & Neopets! (BACK TO TOP)
In our 6th Kaizen, we talk with Jerod about all the things that we cleaned up after migrating changelog.com from a managed Kubernetes to Fly.io. We deleted the K8s cluster and moved wildcard cert management to Fastly & all our vanity domain certs to Fly.io. We migrated the Docker Engine that our GitHub Actions is using - PR #416 has all the details. We did a few other things in preparation for our secrets plan. Gerhard’s favourite improvement: the new shipit.show domain. (BACK TO TOP)
To become the interface for the Internet of things, conversational agents will need to learn on their own. Alexa has already started down that path. (BACK TO TOP)
Paper explains the use of constraint programming and mathematical optimization techniques in calculating the best routes for snowplows to clear Pittsburgh’s roads. (BACK TO TOP)
Four MIT professors are the recipients of the inaugural call for research projects. (BACK TO TOP)
Allowing separate tasks to converge on their own schedules and using knowledge distillation to maintain performance improves accuracy. (BACK TO TOP)
Fun visual essays explain key concepts of machine learning. (BACK TO TOP)
The SCOT science team used lessons from the past — and improved existing tools — to contend with “a peak that lasted two years”. (BACK TO TOP)
Industry track chair and Amazon principal research scientist Rashmi Gangadharaiah on trends in industry papers and the challenges of building practical dialogue systems. (BACK TO TOP)
New model sets new standard in accuracy while enabling 60-fold speedups. (BACK TO TOP)
We show how the July 11-12 James Webb Telescope images that were revealed had an impact on DNS traffic in NASA and ESA websites, video and image hosting platforms, and news websites. The ‘cosmic’ results may be surprising (BACK TO TOP)
We named the botnet that launched the 26M rps (requests per second) DDoS attack "Mantis" as it is also like the Mantis shrimp, small but very powerful (BACK TO TOP)
Cloudflare is proud to announce the first 35,000 trees from our commitment to help clean up bad bots (and the climate) have been planted (BACK TO TOP)
With Event Scheduling for Waiting Room, you can protect your servers from being overloaded during your event while delivering a user experience that is unique to the occasion and consistent with your brand (BACK TO TOP)
Location-Aware DDoS Protection is now available in beta for Cloudflare Enterprise customers that are subscribed to the Advanced DDoS service (BACK TO TOP)
On Tuesday, the US National Institute of Standards and Technology (NIST) announced which post-quantum cryptography they will standardize. We were already drafting this post with an educated guess on the choice NIST would make. (BACK TO TOP)
An outage at one of the largest ISPs in Canada, Rogers Communications, started earlier today, July 8, 2022, and is ongoing (eight hours and counting), and is impacting businesses and consumers. (BACK TO TOP)
Automatic Signed Exchanges may dramatically boost your site visitor numbers (BACK TO TOP)
https://towardsdatascience.com
How can businesses reduce analysts attrition? In this post I have identified six straightforward must-haves to make analytics teams successful. Photo by Kelly Sikkema on Unsplash Stories of frustrated analysts [1] are becoming more and more common. In order to improve the added value generated by analytics and to boost the morale and the retention of the analysts, businesses must embrace the following points in their data strategies. (BACK TO TOP)
Python, Spreadsheets, and SQL Continue reading on Towards Data Science » (BACK TO TOP)
Learn how to manipulate tabular data using the Polars dataframe library (and replace Pandas) Continue reading on Towards Data Science » (BACK TO TOP)
Developing a screen recording software using computer vision technologies with Python Continue reading on Towards Data Science » (BACK TO TOP)
Physical understanding of the sample mean Continue reading on Towards Data Science » (BACK TO TOP)
Distribute your PyTorch model in less than 20 lines of code A guide to make parallelization less painful Photo by Nana Dua on Unsplash When you approach Deep Learning for the first time, you learn that you can speed up your training by moving the model and data to the GPU. That’s definitely a significant improvement compared to training on the CPU, as you can now train your models and see results in way less time. Great, but let’s suppose that your model becomes too big (e.g.g.e.g.distributed. (BACK TO TOP)
Serverless made easier than ever Continue reading on Towards Data Science » (BACK TO TOP)
Successful data team: From who to hire first, to how to pick the next projects to work on Continue reading on Towards Data Science » (BACK TO TOP)
https://cloud.google.com/blog/
You may have faced a situation where your client reported high latency while your Cloud Spanner metrics didn't show the corresponding latency. This article describes a case study of increased client side latency caused by session pool exhaustion and how you can diagnose the situation by using OpenCensus features and Cloud Spanner client library for Go. Case study Here's the overview of the experiment. Go Client library version: 1.33. "SELECT * FROM Players p JOIN Scores s ON p.PlayerId = s.go.g. (BACK TO TOP)
Editor's note : Wayne Kimball, Jr. is Principal for Google Cloud's Mergers & Acquisitions business. He is also the founder of Black+TechAmplify, a corporate development initiative to accelerate the growth of traditionally untapped, diverse founders. In both cases, he says, it's about creating empathy around people and processes to create greater value. You're a "boomerang," or returning Googler. How do you view your career? It's been a fun journey, with a lot of excitement, work, and rewards. (BACK TO TOP)
Summer’s here, and it’s time to sit back, relax, and soak up some sun. While others might be bulking up on the beach or showing off their swimming skills, we’ve got the best way you can flex, no matter where you are. Today, we’re excited to announce that ChromeOS Flex , the cloud-first, easy-to-manage, and fast operating system for PCs and Macs, is now ready for your fleet. Just like too much sun, software bloat, clunky hardware, and security vulnerabilities can cause unwanted damage. 1.V. (BACK TO TOP)
Editor’s note: Today’s post is by Kari Anna Fiskvik, VP of Technology at Nordic Choice Hotels, one of the largest hotel companies in Scandinavia. When a ransomware attack shut down operations, Nordic Choice hotels chose ChromeOS Flex to quickly recover by repurposing Windows devices. This enabled the business to sustainably bounce back while providing security against future attacks. Amazingly, this massive security challenge was solved in just one weekend with ChromeOS Flex.7 million). (BACK TO TOP)
The following blog covers popular performance analysis tools and technologies database administrators can use to tune and optimize Cloud SQL for SQL Server. Common performance challenges are described in each section along with tools and strategies to analyze, address and remediate them. We will also publish a follow up blog that will walk you through common performance issues and how to troubleshoot and remediate those using the tools and processes described here. 1. 2. EXEC dbtools.dbo. 3.. (BACK TO TOP)
Introducing model co-hosting to enable resource sharing among multiple model deployments on Vertex AI
When deploying models to the Vertex AI prediction service , each model is by default deployed to its own VM. To make hosting more cost effective, we’re excited to introduce model co-hosting in public preview, which allows you to host multiple models on the same VM, resulting in better utilization of memory and computational resources. Models can share a VM if they share an endpoint, but also if they are deployed to different endpoints.googleapis.googleapis.wagtailcore.rich_text.Model.pkg. (BACK TO TOP)
A Guide to Databases on Google Cloud part 3 - Cloud Spanner! & CRUD it with Spring Boot on Cloud Run
In this blog We are going to experiment with CRUD on a Java Spring Boot application using Cloud Spanner’s DML API deployed on Cloud Run, without using a Dockerfile (yes, too good to be true, but it is!). For this experiment, I have taken the use case of the Badminton Court Reservation for a residential community. I have my reasons (happy to share). I have encountered this problem in my community where the same bunch of people occupy all available courts daily. I am on it. Create an Instance e.1. (BACK TO TOP)
As CentOS 7 reaches end of life, many enterprises are considering their options for an enterprise-grade, downstream Linux distribution on which to run their production applications. Rocky Linux has emerged as a strong alternative that, like CentOS, is 100% compatible with Red Hat Enterprise Linux. Today we’re excited to announce the general availability of Rocky Linux Optimized for Google Cloud . And of course, we’ll offer support with CIQ for both these images, per our partnership... (BACK TO TOP)
Organizations that are developing ever larger, scale-out applications will leave no stone unturned in their search for a compute platform that meets their needs. For some, that means looking to the Arm® architecture . Known for delivering excellent performance per watt efficiency, Arm-based chips are already ubiquitous in mobile devices, and have proven themselves for supercomputing workloads. Below is what few of them have to say about T2A VMs.” - Khawaja Shams, CEO, Momento. 1. https://www. (BACK TO TOP)
At Google Kubernetes Engine (GKE), we obsess over customer success. One major way we continue to meet the evolving demands of our customers is by driving innovations on the underlying compute infrastructure. We are excited to now give our customers the ability to run their containerized workloads using the Arm® architecture ! Earlier today, we announced Google Cloud’s virtual machines (VMs) based on the Arm architecture on Compute Engine . See the ‘Key GKE features’ below for more details.24... (BACK TO TOP)
Today, we’re excited to announce the Preview release of our fully managed service, Batch , which provides easy access to Google Cloud’s computing power and scale. Batch processing is as old as computing itself, with the term 'batch' dating back to the punchcards used by early mainframes. Batch uses resources very efficiently and remains the preferred way of running jobs that don’t need much human interaction. Enterprise workloads very often include some batch processing elements... Read Article (BACK TO TOP)
In ice hockey’s earlier days, National Hockey League (NHL) coaches made their most important decisions based on gut instincts. Today, experience and instincts are still vital, but NHL coaches now have another essential tool at their disposal: powerful data analytics. Before and after every game, coaches and even players meticulously pore over game data and review detailed statistics to improve performance and strategy. Google Cloud solutions make everything easier to build, scale, and secure. (BACK TO TOP)
Organizations are driving the complete transformation of their business by inventing new ways to accomplish their objectives using the cloud; from making core processes more efficient, to improving how they reach and better serve their customers, to achieving insights through data that fuel innovation. Cloud infrastructure belongs at the center of every organization’s transformation strategy. Their workloads should just run better on Google Cloud. We have heard you loud and clear. (BACK TO TOP)
Moving to the cloud comes with the fundamental question of how to effectively manage security and risk posture. From a Security Operations (SecOps) perspective, there are few core requirements that you may need for effective security and risk management in the cloud. What is Security Command Center? Security Command Center is a native security and risk management platform for Google Cloud.g. Security Command Center also ties those findings to the industry standard and compliance benchmarks. (BACK TO TOP)
A great meeting experience is one that allows everyone to fully participate, whether they’re in the conference room or joining remotely. Ideally, we all have a clear understanding of the meeting’s objective, have access to the same collaboration tools, and walk away with a clear action plan and timeline. For me, that’s meeting nirvana. These new Meet features are designed to make great, inclusive meetings the standard, not the exception. Read Article (BACK TO TOP)
Managing experiments is one of the main challenges for data science teams. Finding the best modeling approach that works for a particular problem requires both hypothesis testing and trial-and-error. Tracking development and outcomes using docs and spreadsheets is neither reliable nor easy to share. Consequently the process of ML development is severely affected. Indeed, not having a tracking service leads to manual copy/pasting of the parameters and metrics. Figure 1.data. Figure 2.Artifact. (BACK TO TOP)
Alphabet CEO Sundar Pichai has compared the potential impact of artificial intelligence (AI) to the impact of electricity—so it may be no surprise that at Google Cloud, we expect to see increased AI and machine learning (ML) momentum across the spectrum of users and use cases. Some are more concrete, like mortgage servicer Mr. We see our customers’ accomplishments as validation of this philosophy and a sign that we are taking away the right things from our conversations with business leaders.g. (BACK TO TOP)
After migrating databases to Google Cloud, Cloud SQL developers and business users can use familiar business intelligence tools and services like Microsoft Power BI to connect to and report from Cloud SQL MySQL, PostgreSQL, and SQL Server databases. The ability to quickly migrate databases to GCP without having to worry about refactoring or developing new reporting and BI tools is a key capability for businesses migrating to CloudSQL. Postgres: https://www.postgresql.mysql. Examples follow.. (BACK TO TOP)
As your organization transitions from on-premises to hybrid cloud or pure cloud, how you think about threat detection must evolve as well—especially when confronting threats across many cloud environments. A new foundational framework for thinking about threat detection in public cloud computing is needed to better secure digital transformations. Because these terms have had different meanings over time, here’s what we mean by threat detection and detection and response. (BACK TO TOP)
Government organizations are starting to realize that no single cloud can meet their wide range of needs. According to the Nutanix 2022 Enterprise Cloud Index 1 , 75% of public sector organizations agree that multicloud is ideal, and more public sector organizations than average have adopted multicloud as a primary IT operating model (outpacing the global average). Furthermore, global public sector multicloud adoption is expected to nearly double from 39% to 67% in the next three years 2 . (BACK TO TOP)
Bulletin by Jakub Mikians