Bulletin for Friday, 15 Apr 2022
7 days digest
allegro.tech (1)
Computer Things (1)
Eugene Yan (1)
Julia Evans (1)
Metadata (1)
Mozilla Hacks – the Web developer blog (1)
Notes on software development (1)
Project Zero (1)
Seph (1)
Stratechery by Ben Thompson (1)
Tech at Meta (1)
- Boz to the Future Episode 8: The Future of Avatars and Identity in the Metaverse with Aigerim Shorman
Think Fast, Talk Smart: Communication Techniques (1)
Timescale Blog (1)
- Message durability and quality of service across a large-scale distributed system
- Ably launch Kafka Connector at Kafka Summit 2022 - London
- Dutch Electrical Power Numbers part 2
- De Tijdelijke Wet op Inlichtingen- en Veiligheidsdiensten 2022
jacobian.org (2)
- Professionalism: What is “professionalism” and why am I writing about it?
- Is my advice too mercenary?
- Open sourcing Feathr – LinkedIn’s feature store for productive machine learning
- Load-balanced Brooklin Mirror Maker: Replicating large-scale Kafka clusters at LinkedIn
Schibsted engineering - Medium (2)
- Temperature sensor library for Raspberry Pi written in Go
- Flutter of many flavors — preparing a project for multiple environments
Weaveworks (2)
- The GitOps Guide to Building & Managing Internal Platforms
- ADAPT AND THRIVE: The Importance of Locking Down Your Software Development Pipeline
Earthly Blog (3)
- Using Conditionals in Bash
- Watch People Doing the Thing
- Vagrant vs. Docker: Are Virtual Machines Ever the Right Option Anymore?
Future (3)
- The Marketplace 100: 2022
- How to Drive Business Growth By Fostering Your Community
- Why China’s Version of Email Marketing Is So Effective
- Microsoft Patch Tuesday, April 2022 Edition
- RaidForums Gets Raided, Alleged Admin Arrested
- Double-Your-Crypto Scams Share Crypto Scam Host
Sentry Blog RSS (3)
- How to Surface Relevant Performance Data
- Improved visibility for Issue Alerts
- How We Run Successful Beta Tests with Error Reporting
- Cloudflare partners with Kentik to enhance on-demand DDoS protection
- DDoS Attack Trends for 2022 Q1
- The 2022 French Presidential election leaves its mark on the Internet
- Amazon Scholar contributes to best student paper award
- Luciana Buriol’s quest for scientific joy
- New method for "editing" fabricated chips enables more-efficient designs
- At Amazon Robotics, simulation gains traction
Google AI Blog (4)
- Locked-image Tuning: Adding Language Understanding to Image Models
- Simple and Effective Zero-Shot Task-Oriented Dialogue
- Lidar-Camera Deep Fusion for Multi-Modal 3D Detection
- Large-Scale Matrix Factorization on TPUs
- A clearer lens on Zero Trust security strategy: Part 1
- Dismantling ZLoader: How malicious ads led to disabled security tools and ransomware
- Tarrask malware uses scheduled tasks for defense evasion
- Learn the latest cybersecurity techniques at the Microsoft Security Summit
The CircleCI Blog Feed - CircleCI (4)
- An update on CircleCI's reliability
- Build cloud infrastructure from your CI pipeline with Pulumi
- How the Insights team uses Insights to optimize our own pipelines
- Using OpenID Connect identity tokens to authenticate jobs with cloud providers
The Full Feed - All of the Packet Pushers Podcasts (4)
- Day Two Cloud 142: OpenZiti Serves Up Zero Trust For Applications (Sponsored)
- Tech Bytes: An Introduction To Nokia’s Edge Network Controller (Sponsored)
- Network Break 377: AMD Buys Pensando; IBM Mainframe Marches On With z16
- Heavy Networking 625: Home IoT Networking At Scale
Pluralistic: Daily links from Cory Doctorow (5)
- Pluralistic: 13 Apr 2022
- Pluralistic: 12 Apr 2022
- Pluralistic: 11 Apr 2022
- Pluralistic: 09 Apr 2022
- Pluralistic: 08 Apr 2022
Blog – Hackaday (6)
- Engineering on a Deadline for Squid Game
- The Simplest Electro-Mechanical Telephone Exchange That Actually Works
- 2022 Sci-Fi Contest: Nixie Calculator is Resplendent in Walnut Enclosure
- Remoticon 2021 // Jeroen Domburg [Sprite_tm] Hacks the Buddah Flower
- 3D Printing Pills All At Once
- Less Is More — Or How To Replace a $25,000 Bomb Sight for 20 Cents
- Go code organization best practices (Go Time #225)
- This is JS Party! (JS Party)
- Launching Dagger (Ship It! #48)
- The story of Vitess (The Changelog #485)
- The Docker Swarm story (Ship It! #47)
- Headlines and HeadLIES! (JS Party #220)
- The Authorization Code grant (in excruciating detail) Part 2 of 2
- Will chatbots ever live up to the hype?
- “Your salary shouldn’t be dictated by how good a negotiator you are.” (Ep. 432)
- The complete guide to protecting your APIs with OAuth2 (part 1)
- The Overflow #120: Human laziness is the ultimate security threat
- Words of wisdom for self-taught developers (Ep. 431)
Towards Data Science - Medium (9)
- How to Select Loss Function and Activation Function for Classification Problems
- Cross-Validation
- Measure A/B Testing Platform Health with Simulated A/A and A/B Tests
- Coding an Intelligent Battleship Agent
- Comprehensive Guide to Writing Python Functions Others Can Use
- Apache Spark for Data Science — How to Work with Spark RDDs
- 8 Best Practices for Writing Top Tier SQL Code
- Documenting Python code with Sphinx
- Visualize The Invisible SO2 with NASA Data and Python
Cloud Blog (20)
- The definitive guide to databases on Google Cloud: Part 1 - Data modeling basics
- Your ultimate guide to Speech on Google Cloud
- Running Spark on Kubernetes with Dataproc
- Google Cloud launches Optimization AI: Cloud Fleet Routing API to help customers make route planning easier
- Moloco handles 5 million+ ad requests per second with Cloud Bigtable
- BigQuery Omni innovations enhance customer experience to combine data with cross cloud analytics
- Introducing the Google SRE Prodcast
- Automatic data risk management for BigQuery using DLP
- A policy roadmap for 24/7 carbon-free energy
- Follow the pink pony: A story of CSRF, managed services, and unicorns
- What’s new with Google Cloud
- Some beans and gems, some snakes and elephants, with Java 17, Ruby 3, Python 3.10 and PHP 8.1 in App Engine and Cloud Functions
- Designing TIC 3.0 compliant solutions on Google Cloud
- Meet the people of Google Cloud: Grace Mollison, solutions architect and professional problem solver
- Ucraft builds global website-builder business with the help of Google Cloud
- Broad Institute speeds scientific research with Cloud SQL
- The journey to the cloud mitigates enterprise risk
- Picture this: How the U.S. Forest Service uses Google Cloud tools to analyze a changing planet
- Report: What it will take for CEOs to fund a sustainable transformation
- Using Memorystore for Redis to cache your Django applications
This blogpost is the result of a research collaboration between the Allegro Machine Learning Research team and the Institute of Mathematics of the Polish Academy of Sciences (IMPAN), Warsaw. Introduction Imagine the following scenario: you work in a company as a Research Engineer, and your manager is asking you to design a state-of-the-art algorithm to control a robot arm that should perform a critical task. Then, suppose you have access to the target environment for a limited period of time.e. (BACK TO TOP)
You can do many things with computers. Some of them are more productive than others. My recent blog post shows how to authenticate to any service, such as Grafana . Some people took the idea of using Tailscale for authenticating to any service as a neat fact. Others took this as a challenge to come up with even more creative applications of Tailscale for authentication. This is the story of one of the latter cases. Your Minecraft server will show up on your tailnet like any other machine.beta.0. (BACK TO TOP)
https://buttondown.email/hillelwayne
(Sorry this is late! Dealing with COVID.) I have mild ADHD. I can focus on strenuous mental tasks, but I can’t handle boring or repetitive work. Even something like “manually navigating to a folder” is enough to make procrastinate. I’m always looking for ways to aggressively optimize my workflow. For example, one thing I have to do a lot is type my address into emails and chats and the like. For most people that isn’t a big deal, but for me it’s disruptive. That’s an efficiency gain of 0.org ... (BACK TO TOP)
In programming languages like JavaScript or Python, numbers are typically represented using 64-bit IEEE number types (binary64). For these numbers, we have 15 digits of accuracy. It means that you can pick a 15-digit number, such as 1.23456789012345e100 and it can be represented exactly: there exists a floating-point number that has exactly these 15-most significant … Continue reading Floats have 15-digit accuracy in their normal range (BACK TO TOP)
Thinking about recsys as interventional vs. observational, and inverse propensity scoring. (BACK TO TOP)
Recently I got an interesting question from someone looking for resources for Engineering Directors, as distinct from general engineering management: I was wondering if you’ve written any posts geared towards engineering directors or have any recs for posts others have written I’m mainly looking for advice on how to manage projects from two layers away. They setup you, as a Director, to actually diagnose what’s happening on a team.g.g. (BACK TO TOP)
Hello! Today I asked on twitter about newer command line tools, like ripgrep and fd and fzf and exa and bat . I got a bunch of replies with tools I hadn’t heard of, so I thought I’d make a list here. A lot of people also pointed at the modern-unix list. You can use xclip to do the same thing on Linux. JSON/YAML/CSV things: jq (a great JSON-wrangling tool) jc (convert various tools’ output into JSON) jo (create JSON objects) yq (like jq , but for YAML). (BACK TO TOP)
Simple Simulations for System Builders Even the most basic numerical methods can lead to surprising insights. It's no secret that I'm a big fan of formal methods. I use P and TLA+ often. I like these tools because they provide clear ways to communicate about even the trickiest protocols, and allow us to use computers to reason about the systems we're designing before we build them 1 . Safety and liveness are crucial properties of systems, but far from being all the properties we care about.... (BACK TO TOP)
http://muratbuffalo.blogspot.com/
The Calvin paper appeared in Sigmod 2012. I had read this paper before, and seen it covered in a reading group, but I never got to write a post about it, and I'm remedying that today. I think the name Calvin comes as a pun on the predestination doctrine in Calvinism . Calvin is all about pre-ordering transactions in logs in batches, and then deterministically executing this log in the same order in replicas. System architecture Calvin does full replication. Each replica is a full replica. (BACK TO TOP)
https://monzo.com/blog/technology
Everyone at Monzo gets involved in testing new features and versions of the app before we release them. In this post Sarah, part of our Quality Assurance team, explains the different types of tests we use and how we run them. (BACK TO TOP)
We’re pleased to announce that we have partnered with Center for Humane Tech, a nonprofit organization that radically reimagines the digital infrastructure. Its mission is to drive a comprehensive shift toward humane technology that supports the collective well-being, democracy and shared information environment. The post Mozilla partners with the Center for Humane Technology appeared first on Mozilla Hacks - the Web developer blog . (BACK TO TOP)
By Alex Hutter , Falguni Jhaveri and Senthil Sayeebaba Over the past few years Content Engineering at Netflix has been transitioning many of its services to use a federated GraphQL platform. GraphQL federation enables domain teams to independently build and operate their own Domain Graph Services (DGS) and, at the same time, connect their domain with other domains in a unified GraphQL schema exposed by a federated gateway .). For simplicity, let’s assume each title is a Movie object.g. a. 2. a. (BACK TO TOP)
This is an external post of mine. Click here if you are not redirected. (BACK TO TOP)
https://www.tbray.org/ongoing/ongoing.atom
https://googleprojectzero.blogspot.com/
@import url('https://themes.googleusercontent.com/fonts/css?kit=lhDjYqiy3mZ0x6ROQEUoUw');ol{margin:0;padding:0}table td,table th{padding:0}.BGLtzooHlW-c3{color:#000000;font-weight:400;text-decoration:none;vertical-align:baseline;font-size:10pt;font-family:Consolas,"Courier New";font-style:normal}.BGLtzooHlW-c10{color:#000000;font-weight:400;text-decoration:none;vertical-align:baseline;font-size:11pt;font-family:"Arial";font-style:normal}.5;page-break-after:avoid;text-align:left}... recipe ...... (BACK TO TOP)
A modest proposal Another week, another npm supply chain attack . Yikes! People on hacker news are wringing their hands about what should be done. The problem seems dire. Apparently I couldn't help myself. At 2am the other night I woke up, staring at the ceiling. I couldn't stop thinking about (BACK TO TOP)
Machine-learning generated content has major implications on the Metaverse, because it brings the marginal cost of production to zero. (BACK TO TOP)
Boz to the Future Episode 8: The Future of Avatars and Identity in the Metaverse with Aigerim Shorman
Welcome back for the eighth episode of Boz to the Future, a podcast from Reality Labs (RL). In today’s episode, our host, Head of RL and Meta CTO Andrew “Boz” Bosworth is joined by Aigerim Shorman, General Manager, Avatars & Identity within the Metaverse Product Group at Meta. The founder and former CEO of a […] The post Boz to the Future Episode 8: The Future of Avatars and Identity in the Metaverse with Aigerim Shorman appeared first on Tech at Meta . (BACK TO TOP)
https://www.hackerfactor.com/blog/
Initial disclaimer and content warning : This blog entry discusses the reporting of child pornography. It does not go into details about any pictures or descriptions. In the United States, the National Center for Missing and Exploited Children (NCMEC) is the clearing house that handles reports of lost children, child exploitation, and child pornography (CP). Federal law ( 18 U.S. Code § 2258A ) makes it mandatory for online service providers to report child exploitation. According to 18 U.S.08%. (BACK TO TOP)
https://blog.pragmaticengineer.com/
I'm a full-time creator. With remote work becoming more common in tech, I get more messages from people asking: how can they do what I do? This is a content summary only. Click on the blog title to continue reading this post and browse The Pragmatic Engineer blog. (BACK TO TOP)
https://www.gsb.stanford.edu/insights/think-fast-talk-smart-podcast
“Anyone can make a complicated thing sound complicated. It takes real skill to make it sound simple.” This episode of Think Fast, Talk Smart features Steve Blank , seasoned entrepreneur, marketer, and Stanford adjunct professor in the Department of Management Science and Engineering . “Messages need to be memorable,” he tells podcast host and strategic communications lecturer Matt Abrahams. “The more memorable the message, the greater its ability to create change. (BACK TO TOP)
https://www.timescale.com/blog/
In this introduction to the different open-source metrics standards, we focus on the Prometheus metric types. This post is the first of a three-part series on all things metrics. (BACK TO TOP)
Ably is mathematically modeled to ensure message ordering and exactly-once delivery, even when a connection breaks and resumes. This article explains how it works. (BACK TO TOP)
As proud Silver sponsors of the Kafka Summit London 2022. We are excited to announce the launch of the Ably Kafka Connector. A seamless way to extend Kafka over the internet and reliably stream data to millions of simultaneously connected devices. (BACK TO TOP)
In an earlier post I presented a naive model for estimating Dutch electrical solar power generation numbers. It turns out that the Dutch electrical power generation numbers are an even bigger mess than I appreciated. It appears that “everyone knows” that the numbers are confusing, incomplete and perhaps even wrong. But somehow this state of confusion isn’t written down anywhere. So I’ll give it a shot. (BACK TO TOP)
Het kabinet heeft een wetsvoorstel gepubliceerd wat het toezicht en de bevoegdheden van de inlichtingen- en veiligheidsdiensten ingrijpend verandert. Tot 17 april is het mogelijk online een reactie in te dienen, dus er zijn nog maar een paar dagen. Als toezichthouder van de AIVD en MIVD kan ik hier niet inhoudelijk gaan bloggen wat ik persoonlijk vind van deze wijziging. Wel heeft de Toetsingscommissie Inzet Bevoegdheden vandaag een formele reactie gepubliceerd, en die raad ik van harte aan! (BACK TO TOP)
I’m starting a new series on professionalism: the set of workplace behaviors that are generally expected at work. These behaviors are largely unspoken, but they do exist: there are consequences for violating them. In this series, I aim to write down some of these rules and explore their implications. Eventually, I hope to have a solid list of what “professional behavior” really means. (BACK TO TOP)
A criticism of some of my writing is that it’s too mercenary. Some see my advice as coldly calculating, too focused on individual outcomes over collective ones, and implicitly distrustful of others. I think this is fair criticism! It’s not exactly what I’m going for, but it’s a fair reading. However, there’s more to it than that, I want to address it (and defend myself, just a little bit). (BACK TO TOP)
https://engineering.linkedin.com/blog.rss.html
We are open sourcing Feathr – the feature store we built to simplify machine learning (ML) feature management and improve developer productivity. At LinkedIn, dozens of applications use Feathr to define features, compute them for training, deploy them in production, and share them across teams. The problem with scaling feature pipelines At LinkedIn, we have hundreds of ML […] (BACK TO TOP)
At LinkedIn, Apache Kafka is used heavily to store all kinds of data, such as member activity, log storage, metrics storage, and a multitude of inter-service messaging. LinkedIn maintains multiple data centers with multiple Kafka clusters per data center, each of which contains an independent set of data. Mirroring (i.e. Additionally, […] (BACK TO TOP)
https://medium.com/schibsted-engineering
This article explains how to build a simple Go library for the Ds18b20 temperature sensor without using any external repositories besides Go built-in libraries. Project components This small project comprises: Devices and components: Ds18b20 temperature sensor (more details: https://bit.ly/3IWEhn0 ) 4. It is not as popular as Python though. GitHub shows that the number of Go based libraries makes up only 10% of the Python based libraries for the Raspberry Pi platform.txt file .7k Ohm.3*C). (BACK TO TOP)
Flutter of many flavors — preparing a project for multiple environments Flutter of many flavors — preparing project for multiple environments Flutter is a great framework to create mobile apps for iOS and android systems. There are lots of examples and an awesome community that help you to start your brand new project. You are not left alone in the darkness of a new framework, especially when you are just starting with a new technology. Starting from Flutter 1.env.<environment-name>, e.g.env.g. (BACK TO TOP)
According to the State of DevOps report in 2020 and 2021, in high maturity DevOps organizations, a standout trait is the presence of two types of teams: 1. Stream-aligned teams, and 2. Platform teams. Stream-aligned is another term for application development teams. Platform teams, on the other hand, exist to support application development teams and make resources available to them whenever needed. However, this is a new concept that many organizations need to learn before they master. (BACK TO TOP)
Compliance, unlike its cousin, cybersecurity, is a contender for the least sexy subject in business. But when it comes to the speed at which you can introduce new software features, getting them both right is critical. Updates to your apps make their way from developers’ keyboards to live production environments via increasingly complex pipelines – and at every stage of these pipelines, security and compliance issues can arise. Implementing automated policies (policy as code) can stop this. (BACK TO TOP)
Bash (bourne again shell) has been around since 1989 and owes its longevity to its usefulness and flexibility. While it’s the default login and command shell for most Linux distros, its value extends beyond that. Bash can be used as a fully-fledged programming language and as a tool to automate repetitive and complex computational tasks. However, as with any other programming language, you need to understand how to manage Bash’s control flow to truly get the most out of it.txt .txt . (BACK TO TOP)
I’ve learned so much from watching other people code. It’s never a thing I’m specifically trying to learn. It’s more like someone is walking me through a problem, and they do something I didn’t know could be done. Maybe they just have a low friction way to exploratory test some set of services, where I could only test things by deploying to staging, or they use some shortcut I didn’t know about, and I have to ask them how they did that. I added a fmt.Print("here") and then a fmt.S. ↩︎ (BACK TO TOP)
There’s a modern trend for enterprise applications to either be containerized or deployed in virtual machines (VMs). As a result, software engineers must ensure that their local development environments closely resemble the target infrastructure to ensure that code runs smoothly in production. This in turn requires a fleet of consistent development environments to minimize dependency failures and facilitate system testing. Two technologies— Vagrant and Docker —are particularly popular solutions. (BACK TO TOP)
2022 marks our third year releasing the Marketplace 100, a ranking of the largest consumer-facing marketplace startups and private companies. When we started this series in early 2020 (based on data from 2019), we had no way of knowing how volatile the next few years would be. Many businesses were temporarily shuttered by covid, especially... Read More The post The Marketplace 100: 2022 appeared first on Future . (BACK TO TOP)
Everyone’s familiar with the concept of a go-to-market (GTM) plan, but in the world of bottom-up adoption and product-led growth, a go-to-community (GTC) plan is equally as important. As the name suggests, go-to-community is the process of operationalizing and optimizing your community-building efforts to align them with business outcomes. Growing a healthy community can create... Read More The post How to Drive Business Growth By Fostering Your Community appeared first on Future . (BACK TO TOP)
When it comes to ecommerce, last year in China often means this year (or next) in the U.S. Numerous online shopping trends have swept China before landing stateside one or two years later. This is happening now with super apps (e.g., WeChat and Doordash), meaning platforms that customers initially use for one purpose (like ordering food... Read More The post Why China’s Version of Email Marketing Is So Effective appeared first on Future . (BACK TO TOP)
Microsoft on Tuesday released updates to fix roughly 120 security vulnerabilities in its Windows operating systems and other software. Two of the flaws have been publicly detailed prior to this week, and one is already seeing active exploitation, according to a report from the U.S. National Security Agency (NSA). (BACK TO TOP)
The U.S. Department of Justice (DOJ) said today it seized the website and user database for RaidForums, an extremely popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the world's largest data breaches since 2015. The DOJ also charged the alleged administrator of RaidForums -- 21-year-old Diogo Santos Coelho, of Portugal -- with six criminal counts, including conspiracy, access device fraud and aggravated identity theft. (BACK TO TOP)
Online scams that try to separate the unwary from their cryptocurrency are a dime a dozen, but a great many seemingly disparate crypto scam websites tend to rely on the same dodgy infrastructure providers to remain online in the face of massive fraud and abuse complaints from their erstwhile customers. Here's a closer look at hundreds of phony crypto investment schemes that are all connected through a hosting provider which caters to people running crypto scams. (BACK TO TOP)
Your applications most likely consist of multiple components. These components could be written in different languages, with each… (BACK TO TOP)
As most developers know, alert-fatigue is real, and the last thing you want is another feed of notifications. Read on to learn how the new… (BACK TO TOP)
In this post, Dennis Gurock of Testmo walks through how his team uses Sentry to identify errors during beta tests. (BACK TO TOP)
We are excited to announce that as of today, network security teams can procure and use Magic Transit, Cloudflare’s industry-leading DDoS mitigation solution, and Kentik’s network observability as an integrated solution (BACK TO TOP)
Welcome to our first DDoS report of 2022, and the ninth in total so far. This report includes new data points and insights both in the application-layer and network-layer sections — as observed across the global Cloudflare network between January and March 2022 (BACK TO TOP)
What happens to the Internet trends in France when an election like the 2022 French presidential happens? Here are some answers. (BACK TO TOP)
Paper proposes a method to better and more equitably place COVID vaccine clinics to encourage more vaccinations. (BACK TO TOP)
The principal research scientist shares lessons learned during her life journey from a small farm to working on optimizing Amazon’s distribution network. (BACK TO TOP)
Reducing the energy of ion beams used for editing eliminates the need for “sacrificial” areas between electrical components and improves precision. (BACK TO TOP)
Scientists and engineers are developing a new generation of simulation tools accurate enough to develop and test robots virtually. (BACK TO TOP)
Posted by Andreas Steiner and Basil Mustafa, Research Software Engineers at Google Research, Brain team The ability to classify images into categories has been transformed by deep learning. It has also been significantly accelerated by transfer learning , whereby models are first pre-trained on large datasets, like ImageNet , to learn visual representations that are then transferred via fine-tuning to a new task with less data (e.g., classifying animals).g.k.a.4% . LiT-tuned models achieve 84.g. (BACK TO TOP)
Posted by Jeffrey Zhao and Raghav Gupta, Software Engineers, Google Research Modern conversational agents need to integrate with an ever-increasing number of services to perform a wide variety of tasks, from booking flights and finding restaurants, to playing music and telling jokes. Adding this functionality can be difficult — for each new task, one needs to collect new data and retrain the models that power the conversational agent.g.g., the date of the flight, the name of a song, and so on). (BACK TO TOP)
Posted by Yingwei Li, Student Researcher, Google Cloud and Adams Wei Yu, Research Scientist, Google Research, Brain Team LiDAR and visual cameras are two types of complementary sensors used for 3D object detection in autonomous vehicles and robots . LiDAR, which is a remote sensing technique that uses light in the form of a pulsed laser to measure ranges, provides low-resolution shape and depth information, while cameras provide high-resolution shape and texture information.g.g.g.).g.g.g.g. (BACK TO TOP)
Posted by Harsh Mehta, Software Engineer, Google Research Matrix factorization is one of the oldest, yet still widely used, techniques for learning how to recommend items such as songs or movies from user ratings. In its basic form, it approximates a large, sparse (i.e., mostly empty) matrix of user-item interactions with a product of two smaller, denser matrices representing learned item and user features. Hence, this algorithm is very well suited for large-scale challenges.e.g. (BACK TO TOP)
https://www.microsoft.com/security/blog
Today's world is flooded with definitions and perspectives on Zero Trust, so we are kicking off a blog series to bring clarity to what Zero Trust is and means. This first blog will draw on the past, present, and future to bring a clear vision while keeping our feet planted firmly on the ground of reality. The post A clearer lens on Zero Trust security strategy: Part 1 appeared first on Microsoft Security Blog . (BACK TO TOP)
Microsoft took action against the ZLoader trojan by working with telecommunications providers around the world to disrupt key ZLoader infrastructure. In this blog, we detail the various characteristics for identifying ZLoader activity, including its associated tactics, recent campaigns, and affiliated payloads, such as ransomware. The post Dismantling ZLoader: How malicious ads led to disabled security tools and ransomware appeared first on Microsoft Security Blog . (BACK TO TOP)
Microsoft Detection and Response Team (DART) researchers have uncovered malware that creates “hidden” scheduled tasks as a defense evasion technique. In this post, we will demonstrate how threat actors create scheduled tasks, how they cover their tracks, and how the malware's evasion techniques are used to maintain and ensure persistence on systems. The post Tarrask malware uses scheduled tasks for defense evasion appeared first on Microsoft Security Blog . (BACK TO TOP)
On May 12, 2022, at the Microsoft Security Summit digital event, join other cybersecurity professionals in exploring how a comprehensive approach to security can empower organizations to innovate fearlessly—even in the face of evolving cyberthreats. The post Learn the latest cybersecurity techniques at the Microsoft Security Summit appeared first on Microsoft Security Blog . (BACK TO TOP)
At CircleCI, our mission is to manage change so software teams can innovate faster. But lately, we know that our reliability hasn’t met our customers’ expectations. As the heart of our customers’ delivery pipelines, we know that when we go down, your ability to ship grinds to a halt as well. We’re sorry for the disruptions to your work and apologize for the inconvenience to you and your team. What’s been happening No single part of our platform or infrastructure is at fault for recent outages. (BACK TO TOP)
Modern software systems are complex, with services distributed across data centers, in many zones, all around the world. Gone are the days when we managed individual servers dedicated to our organization, comfortable with the knowledge of the unique quirks of our setup. Now we rely on others to manage massive data centers where we borrow small slices of virtual space on shared hardware, traveling over shared networks, all in a system we call the cloud.com/nimbinatus/circleci-pulumi-sample .1.4. (BACK TO TOP)
Here on the CircleCI Insights team we don’t just develop stuff for CircleCI users, we are CircleCI users. Really, there’s no better way to get to know your product than to use it, and the Insights team is no exception. A few months ago, we realized that our pipeline configuration for the Insights UI left much to be desired. For a team that deploys multiple times a day, these numbers really add up. We spent a couple of days rewriting our pipeline, and we were ruthlessly efficient...*. The Next. (BACK TO TOP)
Introducing OpenID Connect identity tokens in CircleCI jobs! This token enables your CircleCI jobs to authenticate with cloud providers that support OpenID Connect like AWS, Google Cloud Platform, and Vault. In this blog post, we’ll introduce you to OpenID Connect, explain its usefulness in a CI/CD system, and show how it can be used to authenticate with AWS, letting your CircleCI job securely interact with your AWS account, without any static credentials. It adds an identity layer to OAuth2. (BACK TO TOP)
Today's Day Two Cloud episode bites into OpenZiti, an open-source project that brings zero trust principles to networks and applications. OpenZiti builds an overlay network to enforce zero trust. It has several moving parts including edge routers, a controller, and SDKs. OpenZiti was created by NetFoundry, our sponsor for this episode. Guest Clint Dovholuk takes us through the nitty-gritty of how it works. (BACK TO TOP)
Today on the Tech Bytes podcast we talk with sponsor Nokia about its Edge Network Controller, a Kubernetes-based application that lets you configure switch hardware in edge cloud locations and support a NetOps environment for edge deployments. The post Tech Bytes: An Introduction To Nokia’s Edge Network Controller (Sponsored) appeared first on Packet Pushers . (BACK TO TOP)
This week's Network Break discusses AMD's $1.9 billion bid for Pensando, why Juniper is partnering with Synopsys on silicon photonics, a new application access control feature from Cato Networks, and a new mainframe from IBM and a new lawsuit against it. Plus more tech news! The post Network Break 377: AMD Buys Pensando; IBM Mainframe Marches On With z16 appeared first on Packet Pushers . (BACK TO TOP)
Today's Heavy Networking dives into home IoT at scale. We’re going to get into the weeds with two network engineers who’ve gone way beyond lighting and a few smart plugs in their home automation setup. We'll talk devices, protocols, security, and more. The post Heavy Networking 625: Home IoT Networking At Scale appeared first on Packet Pushers . (BACK TO TOP)
Today's links America's 400 top earners pay less tax than you: Propublica continues to mine the IRS Files. Hey look at this: Delights to delectate.net/2021/06/15/guillotines-and-taxes/#carried-interest The initial reporting described how, for example, private equity raiders were able to debt-finance acquisitions of productive businesses, run them into the ground, pocket hundreds of millions of dollars, and avoid tax as they sprinted away from the wreckage. https://pluralistic.bloomberg.usatoday. (BACK TO TOP)
Today's links Daniel Pinkwater's "Crazy in Poughkeepsie": Another Pinkwater masterpiece, in which we sojourn to whale heaven. Hey look at this: Delights to delectate. https://pluralistic.net/2020/09/25/dwergish-girl/#you-are-a-pickle If that sounds like a lot, it would be, but not for Pinkwater, whose 100+ books revel in eccentricity, excess, compassion and surrealism. In "Crazy," Pinkwater introduces us to Mick, who's just come home from his first overnight camp experience.jwz.youtube.tor.zoom. (BACK TO TOP)
Today's links Podcasting "When Automation Becomes Enforcement": Are disappearing messages part of end-to-end encryption, or are they just DRM? The "algospeak" dialect: An emerging vocabulary designed to evade machine censorship. Hey look at this: Delights to delectate.medium.com/when-automation-becomes-enforcement-677461a78e62 When I first encountered the idea of disappearing messages, I thought they were stupid, but I was wrong. Obviously, this is stupid. We understand that we're both fallible. (BACK TO TOP)
Today's links John M Ford's "Aspects": An unfinished masterpiece by a legend of science fiction and fantasy. Hey look at this: Delights to delectate. This day in history: 2002, 2012, 2017 Colophon: Recent publications, upcoming/recent appearances, current writing projects, current reading John M Ford's "Aspects" (permalink) John M Ford's sudden death in 2006 – a heart attack – left his legion of friends and fans bereft and reeling. Robert Jordan called him "the best writer in America, bar none. (BACK TO TOP)
Today's links The Ed Sheeran problem, or, how the record industry got what it asked for: A dog that caught the bus wheel. Hey look at this: Delights to delectate.com/edsheeran/status/1511631955238047751 Sheeran's statement makes two critical points: first, that there are only so many ways of arranging English words and musical phrases, and 60,000 new songs being released to Spotify every day, there will inevitably be some coincidental duplications of words and melodies.spiderrobinson.wikipedia. (BACK TO TOP)
If you asked us for an epic tale of designing and building under a deadline, one of the last places we would think to look is a MrBeast video. Yet …read more (BACK TO TOP)
While rarely seen by users, the technology behind telephone exchanges is actually quite interesting. In the first hundred or so years of their existence they evolved from manually-operated switchboards to …read more (BACK TO TOP)
The Nixie tube is one of the most popular display technologies amongst the hacker and maker set. Glowing numerals can warm even the coldest heart, particularly when they’re energized with …read more (BACK TO TOP)
Nobody likes opening up a hacking target and finding a black epoxy blob inside, but all hope is not lost. At least not if you’ve got the dedication and skills …read more (BACK TO TOP)
To the uninitiated, it might seem like a gimmick to 3D print pharmaceuticals. After all, you take some kind of medicine, pour it in a mold, and you have a …read more (BACK TO TOP)
Depending on who you ask, the Norden bombsight was either the highest of high tech during World War II, or an overhyped failure that provided jobs and money for government …read more (BACK TO TOP)
We often have code that’s similar between projects and we find ourselves copying that code around. In this episode we discuss what to do with this common code, how to organize it, and what code qualifies as this common code. (BACK TO TOP)
JS Party is a weekly celebration of JavaScript and the web so fun is at the heart of every episode. We play games like Frontend Feud… (clip from episode #192) Discuss and analyze the news… (clip from episode #213) Explain technical concepts to each other like we’re 5… (clip from episode #195) Debate hot topics like should websites work without JS? (clip from episode #87) Interiew amazing devs like Rich Harris and Una Kravets… (clip from episode #167) This is JS Party! Listen and subscribe today. (BACK TO TOP)
In this episode we talk about launching Dagger with all four founders: Andrea, Eric, Sam & Solomon. While you may remember Sam & Solomon from episode 23, this time we assembled all four superheroes in this story and went deeper, covering nearly three years of refinements, the launch, as well as the world-class team & community that is coming together to solve the next problem of shipping software. You can use Dagger to run your CI/CD pipelines locally, without needing to commit and push. (BACK TO TOP)
This week we’re joined by Deepthi Sigireddi, Vitess Maintainer and engineer at PlanetScale — of course we’re talking about all things Vitess. We talk about its origin inside YouTube, how Vitess handles sharding, Deepthi’s journey to Vitess maintainer, when you should begin using it, and how it fits into cloud native infra. (BACK TO TOP)
This episode was requested by Tyler Smith who feels that he may not need Kubernetes just yet. Tyler has a few questions about Docker & Docker Swarm, so Andrea Luzzardi, former Docker Swarm Lead, joins us today to answer them. We talk about Docker Swarm beginnings, some of the challenges that it faced, and what Andrea’s recommendation is for Tyler’s journey with Docker Swarm. And guess what, the same thing happened now as it did at KubeCon 2015: Sam pointed to Andrea. This one is going to be fun! (BACK TO TOP)
KBall and Jerod digest and disect recent JS community news (React 18, Redwood 1.0, MDN Plus) then sit down for yet another game of HeadLIES! Can KBall fare better than Nick Nisi did last April Fools?! (BACK TO TOP)
Previously, I examined OAuth at a high level, including the standards and the grants outlined in the specifications. If you haven’t you may want to read that article. In this post, you’ll learn the nuts and bolts of integrating OAuth to protect resources like APIs. While there are a number of different ways to do… The post The Authorization Code grant (in excruciating detail) Part 2 of 2 appeared first on Stack Overflow Blog . (BACK TO TOP)
Chatbots held so much promise as a software tool. But near-future NLP advances will bring them more in line with their hype. The post Will chatbots ever live up to the hype? appeared first on Stack Overflow Blog . (BACK TO TOP)
The home team discusses pay equity at New Relic, Okta’s security SNAFU, and the AI creating “wildly good” generative art. The post “Your salary shouldn’t be dictated by how good a negotiator you are.” (Ep. 432) appeared first on Stack Overflow Blog . (BACK TO TOP)
OAuth2 is one of the most popular specifications for API authentication today, though wrapping your head around it can be a challenge. The post The complete guide to protecting your APIs with OAuth2 (part 1) appeared first on Stack Overflow Blog . (BACK TO TOP)
This week: best practices for speeding up Next.js apps, why human laziness is the ultimate security threat, and creating gorgeous art with CSS. The post The Overflow #120: Human laziness is the ultimate security threat appeared first on Stack Overflow Blog . (BACK TO TOP)
The home team chats with Jon Chan, Stack Overflow’s Director of Engineering, Public Platform, about his path from self-taught developer to director of engineering, why his management mantra is “Delegate and elevate,” the profound value of a diverse and inclusive workplace, and the Neopets-to-frontend-development pipeline. Plus, Jon gives excellent advice to all the self-taught developers out there. The post Words of wisdom for self-taught developers (Ep. (BACK TO TOP)
https://towardsdatascience.com
Understanding how to choose activation function in the final layer and loss function for neural network Continue reading on Towards Data Science » (BACK TO TOP)
What is it and why use it? Photo by Jeroen den Otter on Unsplash Regression and classification Machine Learning models aim to predict a value or class from the variables contained in the data. Each model has its own algorithm to try to identify the patterns contained in the data that allow an accurate prediction to be made. The models, in addition to being accurate, must be generalist, with the ability to interpret data never seen before and reach an adequate result. (BACK TO TOP)
How we ensure the reliability of our A/B testing platform with simulations Contributors: Max Li , Eric Jia Photo by William Warby on Unsplash A/B testing plays a critical role in decision-making in data-driven companies. It is typically the final say of go or no-go for a new product design, business strategy, machine learning model, etc. Inaccuracies in the A/B testing platform degrade all business decisions derived from A/B tests. With the nominal p -value threshold at 0. Fig 1. Fig 2.e.e. (BACK TO TOP)
Developing a strategy from random guessing to superhuman performance Example Battleship game using probabilistic search. Image by author. Battleship seems to be a pretty popular format to test a variety of AI strategies. Online you can find a wide array of approaches, from reinforcement learning to genetic algorithms to Monte Carlo methods. One of the most viewed pieces of media on the topic is a Youtube video by the channel Vsauce2. For those who want it, everything is available at my Github . (BACK TO TOP)
Function writing is a skill — take the first step to master it Continue reading on Towards Data Science » (BACK TO TOP)
Spark is based on Resilient Distributed Datasets (RDD) — Make sure you know how to use them Continue reading on Towards Data Science » (BACK TO TOP)
Introduction Continue reading on Towards Data Science » (BACK TO TOP)
Photo by Patrik Fore from U nsplash When working on a project that needs to be completed within a certain time frame, apart from code reviews, automation tests, unit tests, and many more things, rarely do we’ve time left for documentation. And no matter what you’re developing, sooner or later you and your colleagues are going to visit that piece of code again. Now, it’s our turn to use it, let’s dive in. 📦sphinx_basics ┣ 📂docs ┗ 📂maths ┃ ┣ 📜add.py ┃ ┣ 📜divide.py ┃ ┣ 📜multiply.py ┃ ┣ 📜subtract.. (BACK TO TOP)
Plotting the movement of SO2 after a volcanic eruption. The first picture: Screenshot of a satellite animation of the eruption on Hunga Tonga–Hunga Haʻapai on Jan 15, 2022. Image from Wikipedia . The second picture: Heat map shows the amount of SO2 on Jan 17, a few days after the eruption. Using data from GES DISC made with Folium. Image by the author. In mid-January 2022, there was a volcanic eruption on Hunga Tonga– Hunga Haʻapai, a volcanic island of the Tongan archipelago. list(dataset[0]... (BACK TO TOP)
https://cloud.google.com/blog/
The next best thing since sliced bread! As I wake up to the smell of tea and freshly ground cardamom every morning, all I could think of is how nice it would be with some soft buttery sliced bread! Hmm... if only it wasn't for the gluten allergy. Yup exactly 52 years ago, E.F. Codd, the father of Database Management Systems (DBMS) propounded and formalized these as 12 commandments that are in fact 13 in number (starting from 0. I know! right?) that make up a DBMS. 2. a. 3. c.e. Not quite.g. (BACK TO TOP)
Thanks to AI, speaking out loud has become a primary way of not only communicating with machines (like when you tell your smartphone to send a text or ask your smart speaker about the weather), but also enriching human interactions (such as generating captions in near real-time during a video meeting). In this post, we’ll explore some of the most interesting and practical applications of speech technology, as well as the Google Cloud tools that make building these sorts of apps possible.e.g.e. (BACK TO TOP)
Apache Spark is now the de facto standard for data engineering, data exploration and machine learning. Just likeKubernetes (k8s), is for automating containerized application deployment, scaling, and management. The open source ecosystem is now converging towards utilizing k8s as the compute platform in addition to YARN. Today, we are announcing the general availability of Dataproc on Google Kubernetes Engine (GKE), enabling you to leverage k8s to manage and optimize your compute platforms... (BACK TO TOP)
Google Cloud launches Optimization AI: Cloud Fleet Routing API to help customers make route planning easier
Increased customer demands, climate concerns, and higher delivery expectations from the consumer market are just a few of the emerging macro trends that retail, logistics, and consumer packaged goods industries face. To stay competitive in this environment, businesses need to improve execution, both to serve customers and to address the onslaught of logistical and environmental factors that go into delivery.1 million shipments per month. Read Article (BACK TO TOP)
Editor’s note : Here we explore how the machine learning firm, Moloco, uses Google Cloud database services and AI platform to help mobile app advertisers create targeted ad campaigns using ML-based predictions and win ad placement bids all in under 100 milliseconds. Moloco is a machine learning company that currently works with customers who need solutions for online advertising and ecommerce. Our company runs a mobile audience platform for user acquisition, engagement, and monetization.g. (BACK TO TOP)
IT leaders pick different clouds for many reasons, but the rest of the company shouldn’t be left to navigate the complexity of those decisions. For data analysts, that complexity is most immediately felt when navigating between data silos. Google Cloud has invested deeply in helping customers break down these barriers inherent in a disparate data stack. Back in October 2021, we launched BigQuery Omni to help data analysts access and query data across the barriers of multi cloud environments. (BACK TO TOP)
We're excited to announce the launch of the Google SRE Prodcast, an interview-style podcast where Site Reliability Engineers at Google discuss key SRE concepts and share their experiences, advice, and strong opinions along the way. Since early 2016, SREs at Google have been producing and listening to an internal version of the Prodcast. This year, we decided to think bigger and share insights from Google SREs with the wider SRE community. Check the SRE Prodcast out at https://sre... Read Article (BACK TO TOP)
Protecting sensitive data and preventing unintended data exposure is critical for businesses. However, many organizations lack the tools to stay on top of where sensitive data resides across their enterprise. It’s particularly concerning when sensitive data shows up in unexpected places – for example, in logs that services generate, when customers inadvertently send it in a customer support chat, or when managing unstructured analytical workloads. Read Article (BACK TO TOP)
In 2020, Google set its most ambitious sustainability goal to date: By 2030, we aim to operate entirely on carbon-free energy (CFE) — around the clock — at our data centers and offices worldwide. This means matching each hour of our electricity consumption with carbon-free electricity sources on every grid where we operate. Securing round-the-clock carbon-free energy isn’t just important for Google - it’s also critical for the world to successfully tackle the urgent challenge of climate change. (BACK TO TOP)
With the release of Django 4.0 , there was a minor change to how Django handles CSRF protections: the Origin header is now checked, if present. Specifically, the URL scheme is now checked . Now, this seems like an innocuous change, something that shouldn't affect many users. However, this change would break Django 4.0 deployments to Cloud Run using our tutorial . But not deployments to App Engine. But, by design, that means you don't have access to parts of the stack. Ever. Django 4.org".0.0.1 . (BACK TO TOP)
Want to know the latest from Google Cloud? Find it here in one handy location. Check back regularly for our newest updates, announcements, resources, events, learning opportunities, and more. Tip : Not sure where to find what you’re looking for on the Google Cloud blog? Start here: Google Cloud blog 101: Full list of topics, links, and resources . Week of April 11 - April 15, 2022 The Broad Institute of MIT and Harvard speeds scientific research with Cloud SQL . Learn more and sign up today . (BACK TO TOP)
Some beans and gems, some snakes and elephants, with Java 17, Ruby 3, Python 3.10 and PHP 8.1 in App Engine and Cloud Functions
Time to spill the beans and show the gems, to our friendly snakes and elephants: we’ve got some great news for Java, Ruby, Python and PHP serverless developers today. Google App Engine and Cloud Functions are adding new modern runtimes, allowing you to update to the major version release trains of those programming languages. In short, here’s what’s new: Access to App Engine legacy bundled services for Java 11/17, Python 3 and Go 1.12+ runtimes, is Generally Available The Java 17, Ruby 3... (BACK TO TOP)
Trusted Internet Connections (TIC) is a federal cybersecurity initiative established in 2007 to enhance network and boundary security across the federal government. The initial versions of the TIC initiative established a network security baseline by requiring agencies to consolidate and monitor their external network connections. The TIC 2. In 2017, the report to the President on Federal Information Technology Modernization identified the TIC initiative as a barrier to cloud adoption.S.google. (BACK TO TOP)
Meet the people of Google Cloud: Grace Mollison, solutions architect and professional problem solver
What’s your role? I lead the EMEA team of Cloud Solutions Architects, a team responsible for supporting & scaling the efforts of hundreds of customer sales engineers, specialists, partners and customers, across a range of industries. The goal is not simply to figure out technical solutions that have others stumped, but to share complex new initiatives with a range of stakeholders. Tell us about your path to Google. After a brief period as a licensed arsonist for the U.K. Read Article (BACK TO TOP)
Ucraft is an easy-to-use website builder for anyone who wants to create a unique and powerful website. We currently have around 1 million users in total, 450K active users and online business owners, bloggers, startups, designers, freelancers, and entrepreneurs grow their brands. And Google Cloud has been there to help us grow our brand every step of the way. Establishing a foothold in the website-builder market is a major undertaking for a startup like Ucraft. Read Article (BACK TO TOP)
Editor’s note : The Broad Institute of MIT and Harvard, a nonprofit biomedical research organization that develops genomics software, needs to keep pace with the latest scientific discoveries. Here’s how they use managed database services from Google Cloud to move fast and stay on the cutting edge. The Broad Institute of MIT and Harvard is a nonprofit biomedical research organization that focuses on advancing the understanding and treatment of human disease. Our ability to move fast is critical. (BACK TO TOP)
Over the past decade, cybersecurity has posed an increasing risk for organizations. In fact, cyber incidents topped the recent Allianz Risk Barometer for only the second time in the survey’s history. The challenges in combating these risks only continue to grow. Adversaries tend to be agile and are consistently looking for new ways to land within your digital environments. Public cloud was the answer to ongoing IT challenges: scale, resources, security capabilities, and budget cycle limitations. (BACK TO TOP)
For 117 years, the U.S. Department of Agriculture’s Forest Service has been a steward of America's forests, grasslands, and waterways. It directly manages 193 million acres and supports sustainable management on a total of 500 million acres of private, state, and tribal lands. Its impact reaches far beyond even that, offering its research and learning freely to the world. At Google, we’re big admirers of the Forest Service’s mission. This is only the start.g. (BACK TO TOP)
Climate-induced wildfires, massive storms, and deadly heat waves, along with the complexities around managing sustainable supply chains and emissions reduction, have awoken the corporate world to the planet's stark realities of climate change. Sustainability and environmental impact have become top of mind for executives across the world, with many starting to prioritize sustainable changes to how they operate. To read the highlights, check out the infographic ... Read Article (BACK TO TOP)
As you start scaling up your serverless applications, caching is one of elements that can greatly improve your site's performance and responsiveness. With the release of Django 4.0, Redis is now a core supported caching backend . Redis is available as part of Memorystore , Google Cloud's managed in-memory data store. A note on costs : While Cloud Run has a generous free tier, Memorystore and Serverless VPC have a base monthly cost.x.x. This article will opt to use the default network.8.0.core. (BACK TO TOP)
Bulletin by Jakub Mikians