libcurl is the world’s most used and most popular internet transfer library, already used in every imaginable sort of embedded device out there. How did this happen and how do you use libcurl to transfer data to or from your device?
Slides from my talk at FOSDEM 2015 (February 1st 2015 13:00 in the embedded room)
To protect data integrity and identify the source, HTTPS uses symmetric and asymmetric encryption during exchanges. Certificate Authorities issue trusted certificates, though some have concerns about centralized control. Sysadmins can enable HTTPS on servers through protocols like TLS and cipher suites. Developers ensure mixed content and cookies are properly secured. While some older browsers have compatibility issues, HTTPS is becoming essential for privacy, SEO, and new technologies. OVH helps with free SSL certificates and gateways to simplify HTTPS implementation.
HTTP/3 is a new version of the HTTP network protocol that is expected to be finalized in late 2019. It uses QUIC, a new transport protocol built on UDP, to address issues with HTTP/1.1 and HTTP/2 like head-of-line blocking and network ossification. By running at the transport layer in userspace over encrypted connections, QUIC and HTTP/3 provide features like 0-RTT handshakes, stream multiplexing and faster connection establishment compared to TCP. HTTP/3 maintains the HTTP request/response API but delivers it over QUIC's multiplexed streams for improved performance and reliability compared to previous HTTP versions over TCP.
ION Cape Town, 8 September 2015 - Mark Elkins will explore one organization’s technical solution for deploying DNSSEC support within its country code Top Level Domain (ccTLD). With a goal of making it easier for domain name holders to easily add DNSSEC, we will take a quick look at the DNSSEC implementation strategy, the status/progress of signed domains, and lessons learned and challenges for increasing the percentage of signed domain names.
ION Cape Town, 8 September 2015 - If you connect to a “secure” server using TLS/SSL (such as a web server, email server or xmpp server), how do you know you are using the correct certificate? With DNSSEC now being deployed, a new protocol has emerged called “DANE” (“DNS-Based Authentication of Named Entities“), which allows you to securely specify exactly which TLS/SSL certificate an application should use to connect to your site. DANE has great potential to make the Internet much more secure by marrying the strong integrity protection of DNSSEC with the confidentiality of SSL/TLS certificates. In this session, we will explain how DANE works and how you can use it to secure your websites, email, XMPP, VoIP, and other web services.
CloudFlare / ISOC - Are You Ready for IPv6 - Bridging the IPv6 gapTom Paseka
The document discusses bridging the gap between IPv4 and IPv6. It notes that while some networks still need to upgrade to support IPv6, the main issue is lack of IPv6-enabled content. Content delivery networks (CDNs) that can translate between IPv4 and IPv6 are presented as an "easy way out" that allows websites and applications to reach more users before fully upgrading their platforms. However, full native IPv6 support is still encouraged. The document concludes by urging all network participants to do their part in transitioning to IPv6 now rather than waiting for the future.
ION Cape Town, 8 September 2015 - What’s happening at the Internet Engineering Task Force (IETF)? What RFCs and Internet-Drafts are in progress related to IPv6, DNSSEC, Routing Security/Resiliency, and other key topics? We’ll give an overview of the ongoing discussions in several working groups and discuss the outcomes of recent Birds-of-a-Feather (BoF) sessions, and provide a preview of what to expect in future discussions.
libcurl is the world’s most used and most popular internet transfer library, already used in every imaginable sort of embedded device out there. How did this happen and how do you use libcurl to transfer data to or from your device?
Slides from my talk at FOSDEM 2015 (February 1st 2015 13:00 in the embedded room)
To protect data integrity and identify the source, HTTPS uses symmetric and asymmetric encryption during exchanges. Certificate Authorities issue trusted certificates, though some have concerns about centralized control. Sysadmins can enable HTTPS on servers through protocols like TLS and cipher suites. Developers ensure mixed content and cookies are properly secured. While some older browsers have compatibility issues, HTTPS is becoming essential for privacy, SEO, and new technologies. OVH helps with free SSL certificates and gateways to simplify HTTPS implementation.
HTTP/3 is a new version of the HTTP network protocol that is expected to be finalized in late 2019. It uses QUIC, a new transport protocol built on UDP, to address issues with HTTP/1.1 and HTTP/2 like head-of-line blocking and network ossification. By running at the transport layer in userspace over encrypted connections, QUIC and HTTP/3 provide features like 0-RTT handshakes, stream multiplexing and faster connection establishment compared to TCP. HTTP/3 maintains the HTTP request/response API but delivers it over QUIC's multiplexed streams for improved performance and reliability compared to previous HTTP versions over TCP.
ION Cape Town, 8 September 2015 - Mark Elkins will explore one organization’s technical solution for deploying DNSSEC support within its country code Top Level Domain (ccTLD). With a goal of making it easier for domain name holders to easily add DNSSEC, we will take a quick look at the DNSSEC implementation strategy, the status/progress of signed domains, and lessons learned and challenges for increasing the percentage of signed domain names.
ION Cape Town, 8 September 2015 - If you connect to a “secure” server using TLS/SSL (such as a web server, email server or xmpp server), how do you know you are using the correct certificate? With DNSSEC now being deployed, a new protocol has emerged called “DANE” (“DNS-Based Authentication of Named Entities“), which allows you to securely specify exactly which TLS/SSL certificate an application should use to connect to your site. DANE has great potential to make the Internet much more secure by marrying the strong integrity protection of DNSSEC with the confidentiality of SSL/TLS certificates. In this session, we will explain how DANE works and how you can use it to secure your websites, email, XMPP, VoIP, and other web services.
CloudFlare / ISOC - Are You Ready for IPv6 - Bridging the IPv6 gapTom Paseka
The document discusses bridging the gap between IPv4 and IPv6. It notes that while some networks still need to upgrade to support IPv6, the main issue is lack of IPv6-enabled content. Content delivery networks (CDNs) that can translate between IPv4 and IPv6 are presented as an "easy way out" that allows websites and applications to reach more users before fully upgrading their platforms. However, full native IPv6 support is still encouraged. The document concludes by urging all network participants to do their part in transitioning to IPv6 now rather than waiting for the future.
ION Cape Town, 8 September 2015 - What’s happening at the Internet Engineering Task Force (IETF)? What RFCs and Internet-Drafts are in progress related to IPv6, DNSSEC, Routing Security/Resiliency, and other key topics? We’ll give an overview of the ongoing discussions in several working groups and discuss the outcomes of recent Birds-of-a-Feather (BoF) sessions, and provide a preview of what to expect in future discussions.
HTTP/3 over QUIC. All is new but still the same!Daniel Stenberg
HTTP/3 is the designated name for the coming next version of the protocol that is currently under development within the QUIC working group in the IETF. HTTP/3 is designed to improve in areas where HTTP/2 still has some shortcomings, primarily by changing the transport layer. HTTP/3 is the first major protocol to step away from TCP and instead it uses QUIC.
Daniel Stenberg does a presentation about HTTP/3 and QUIC. Why the new protocols are deemed necessary, how they work, how they change how things are sent over the network and what some of the coming deployment challenges will be.
This document provides an overview of securing data in transit using TLS in constrained devices. It begins with introducing the presenters from wolfSSL Inc. and the topics that will be covered, which include an introduction to wolfSSL, an overview of SSL/TLS and cryptography, enabling TLS for a simple HTTP client, emerging ciphers and algorithms, and time for Q&A. It then discusses wolfSSL's history and products. The remainder of the document focuses on explaining SSL/TLS protocols, cipher suites, X.509 certificates, implementing TLS on embedded devices using wolfSSL and the FRDM-K64F board as an example, and emerging ciphers like ChaCha20 and Poly1305.
Henrik Strøm - IPv6 from the attacker's perspectiveIKT-Norge
Henrik Strøm discusses IPv6 security from an attacker's perspective. He outlines 6 points on how attackers can exploit IPv6 vulnerabilities, including using IPv6 to bypass IPv4 access controls when on a local network, spoofing router advertisements to hijack traffic, using tunneling to enable inbound and outbound connectivity, and launching denial of service attacks. He recommends network administrators decide how to implement IPv6 security, monitor for IPv6 traffic, harden clients and servers, and filter all types of IPv6 tunneling. Further reading suggests there is still significant work needed on IPv6 firewalling and many IPv4 issues have been transferred to IPv6.
This document discusses open recursive DNS resolvers and the security issues they pose. It notes that while recursive resolvers are meant to cache and deliver DNS queries, many are not properly secured, allowing them to be abused for large reflection attacks. These attacks work by spoofing the source IP address of the victim in queries to open resolvers, which then send much larger responses to the victim, amplifying the attack traffic. The document shows that open resolvers come from networks all over the world and urges securing resolvers by filtering source addresses and disabling insecure recursive features.
Gabriel Paues - IPv6 address planning + making the case for WHYIKT-Norge
The document discusses planning for IPv6 addressing and deployment, providing tips and examples for allocating IPv6 addresses within a /48 assignment in a hierarchical manner using subnets of /64 to simplify administration and support techniques that rely on a consistent subnet size, as well as enabling IPv6 services gradually on servers without initially exposing them to IPv6 DNS records. It also addresses common objections to IPv6 deployment and provides strategies for getting started with IPv6.
This presentation will be held by Dan Belibov and Daniel Toader, developers in eMAG's Recommendation engine team. Find out how they combined PHP with GoLang, Kafka and Neo4J to achieve a good mix between business requirements and team goals.
This presentation will be held by Dan Belibov and Daniel Toader, developers in eMAG's Recommendation engine team. Find out how they combined PHP with GoLang, Kafka and Neo4J to achieve a good mix between business requirements and team goals.
Apache2 BootCamp : Apache and The Web (1.1)Wildan Maulana
This document provides an overview of key Internet protocols including TCP/IP, DNS, HTTP, URLs, and SSL. It discusses how HTTP requests and responses work, how to view HTTP traffic in the browser, and the history of the Apache web server. Considerations for using Apache are presented such as advantages of stability, flexibility and performance as well as potential disadvantages like open source configuration requirements.
Engineering Presentation for Careers@DirectiDirecti Group
Directi is a company that provides various web services and products including crawling domains, powering websites, and serving ads. They deal with complex challenges at large scale using technologies like Cassandra, Redis, Hadoop and more. As an engineer at Directi, one would work on large networking and collaboration applications, analyze terabytes of data, and design scalable systems.
Maximizing SPDY and SSL Performance (June 2014)Zoompf
Presented at the Atlanta Web Performance Meetup Group on June 2014, Billy Hoffman from Zoompf shows how to improve the performance of your website using SPDY and SSL and discusses SSL issues such as Heartbleed and CRIME
Fluentd: Unified Logging Layer at CWT2014N Masahiro
The document summarizes Masahiro Nakagawa's presentation on Fluentd at the Cloudera World Tokyo conference. Fluentd is an open source log collector written in Ruby that uses a pluggable architecture and JSON format for log messages. It provides unified logging and data processing capabilities. The presentation covered Fluentd's core functionality, related products from Treasure Data, use cases, and the company's roadmap.
2024 Feb AI Meetup NYC GenAI_LLMs_ML_Data Codeless Generative AI PipelinesTimothy Spann
2024 Feb AI Meetup NYC GenAI_LLMs_ML_Data Codeless Generative AI Pipelines
https://www.aicamp.ai/event/eventdetails/W2024022214
apache nifi
llm
generative ai
gen ai
ml
dl
machine learning
apache kafka
apache flink
postgresql
python
AI Meetup (NYC): GenAI, LLMs, ML and Data
Feb 22, 05:30 PM EST
Welcome to the monthly in-person AI meetup in New York City, in collaboration with Microsoft. Join us for deep dive tech talks on AI, GenAI, LLMs and machine learning, food/drink, networking with speakers and fellow developers
Agenda:
* 5:30pm~6:00pm: Checkin, Food/drink and networking
* 6:00pm~6:10pm: Welcome/community update
* 6:10pm~8:30pm: Tech talks
* 8:30pm: Q&A, Open discussion
Tech Talk: Searching and Reasoning Over Multimedia Data with Vector Databases and LMMs
Speaker: Zain Hasan (Weaviate LinkedIn)
Abstract: In this talk, Zain Hasan will discuss how we can use open-source multimodal embedding models in conjunction with large generative multimodal models that can that can see, hear, read, and feel data(!), to perform cross-modal search(searching audio with images, videos with text etc.) and multimodal retrieval augmented generation (MM-RAG) at the billion-object scale with the help of open source vector databases. I will also demonstrate, with live code demos, how being able to perform this cross-modal retrieval in real-time can enables users to use LLMs that can reason over their enterprise multimodal data. This talk will revolve around how we can scale the usage of multimodal embedding and generative models in production.
Tech Talk: Codeless Generative AI Pipelines
Speaker: Timothy Spann (Cloudera LinkedIn)
Abstract: Join us for an insightful talk on leveraging the power of real-time streaming tools, specifically Apache NiFi, to revolutionize GenAI data engineering. In this session, we’ll explore how the integration of Apache NiFi can automate the entire process of prompt building, making it a seamless and efficient task.
Speakers/Topics:
Stay tuned as we are updating speakers and schedules. If you have a keen interest in speaking to our community, we invite you to submit topics for consideration: Submit Topics
Sponsors:
We are actively seeking sponsors to support our community. Whether it is by offering venue spaces, providing food/drink, or cash sponsorship. Sponsors will have the chance to speak at the meetups, receive prominent recognition, and gain exposure to our extensive membership base of 20,000+ local or 300K+ developers worldwide.
Venue:
Microsoft NYC - Times Square, 11 Times Square, New York, NY 10036
Room Name: Central Park West 6501
Community on Slack/Discord
- Event chat: chat and connect with speakers and attendees
- Sharing blogs, events, job openings, projects collaborations
Join Slack (search and join the #newyork channel) | Join Discord
SDN programming and operations requires continuous monitoring of network and application state as well as consistent configuration and update of (forwarding) policies across heterogeneous devices. This is resulting in significant challenges.
Multiple open protocols such as OpenFlow, OF-CONFIG, OnePK , etc. are being adopted by different vendors causing an integration problem for developers.
Internet of Things applications are pushing the size and volume of data handled by SDN systems demanding more efficient and scalable protocols for information distribution and coordination of SDN devices.
This presentation will describe these and other SDN challenges and ways in which various open protocols, such as DDS, XMPP, AMQP, are being used to address them.
- Apache Thrift is a cross-language services framework that allows for the easy definition of data types and remote procedure calls (RPCs).
- It uses an interface definition language (IDL) to define data types and services, and generates code in various languages to implement clients and servers.
- Apache Thrift supports a wide range of languages and transports, making it useful for building high-performance, scalable distributed applications and microservices.
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...apidays
apidays LIVE Australia 2021 - Accelerating Digital
September 15 & 16, 2021
Levelling up database security by thinking in APIs
Lindsay Holmwood, Chief Product Officer at Cipherstash
libcurl, seven SSL libraries and one SSH libraryDaniel Stenberg
This document summarizes Daniel Stenberg's presentation on libcurl and SSL/TLS libraries. It discusses libcurl, which has supported HTTPS since 1998 and now supports many protocols. It also discusses the seven main SSL/TLS libraries - OpenSSL, GnuTLS, NSS, qSSL, yaSSL, PolarSSL, and axTLS - comparing their pros, cons, features, and APIs. It describes how libcurl maintains support for all libraries through a common SSL API, and why there are relatively few SSH libraries, with libssh and libssh2 being the main ones.
MySQL X protocol - Talking to MySQL Directly over the WireSimon J Mudd
The document discusses the MySQL X Protocol, which introduces a new way for clients to communicate directly with MySQL servers over TCP/IP. It provides an overview of how the protocol works, including capabilities exchange, authentication, querying the server for both SQL and noSQL data, pipelining requests, and the need for a formal protocol specification. Building client drivers requires understanding the protocol by reading documentation, source code, and examples as documentation is still incomplete. Pipelining requests can improve performance over high-latency connections. A standard specification would help driver development and ensure compatibility as the protocol evolves.
HTTP/3 over QUIC. All is new but still the same!Daniel Stenberg
HTTP/3 is the designated name for the coming next version of the protocol that is currently under development within the QUIC working group in the IETF. HTTP/3 is designed to improve in areas where HTTP/2 still has some shortcomings, primarily by changing the transport layer. HTTP/3 is the first major protocol to step away from TCP and instead it uses QUIC.
Daniel Stenberg does a presentation about HTTP/3 and QUIC. Why the new protocols are deemed necessary, how they work, how they change how things are sent over the network and what some of the coming deployment challenges will be.
This document provides an overview of securing data in transit using TLS in constrained devices. It begins with introducing the presenters from wolfSSL Inc. and the topics that will be covered, which include an introduction to wolfSSL, an overview of SSL/TLS and cryptography, enabling TLS for a simple HTTP client, emerging ciphers and algorithms, and time for Q&A. It then discusses wolfSSL's history and products. The remainder of the document focuses on explaining SSL/TLS protocols, cipher suites, X.509 certificates, implementing TLS on embedded devices using wolfSSL and the FRDM-K64F board as an example, and emerging ciphers like ChaCha20 and Poly1305.
Henrik Strøm - IPv6 from the attacker's perspectiveIKT-Norge
Henrik Strøm discusses IPv6 security from an attacker's perspective. He outlines 6 points on how attackers can exploit IPv6 vulnerabilities, including using IPv6 to bypass IPv4 access controls when on a local network, spoofing router advertisements to hijack traffic, using tunneling to enable inbound and outbound connectivity, and launching denial of service attacks. He recommends network administrators decide how to implement IPv6 security, monitor for IPv6 traffic, harden clients and servers, and filter all types of IPv6 tunneling. Further reading suggests there is still significant work needed on IPv6 firewalling and many IPv4 issues have been transferred to IPv6.
This document discusses open recursive DNS resolvers and the security issues they pose. It notes that while recursive resolvers are meant to cache and deliver DNS queries, many are not properly secured, allowing them to be abused for large reflection attacks. These attacks work by spoofing the source IP address of the victim in queries to open resolvers, which then send much larger responses to the victim, amplifying the attack traffic. The document shows that open resolvers come from networks all over the world and urges securing resolvers by filtering source addresses and disabling insecure recursive features.
Gabriel Paues - IPv6 address planning + making the case for WHYIKT-Norge
The document discusses planning for IPv6 addressing and deployment, providing tips and examples for allocating IPv6 addresses within a /48 assignment in a hierarchical manner using subnets of /64 to simplify administration and support techniques that rely on a consistent subnet size, as well as enabling IPv6 services gradually on servers without initially exposing them to IPv6 DNS records. It also addresses common objections to IPv6 deployment and provides strategies for getting started with IPv6.
This presentation will be held by Dan Belibov and Daniel Toader, developers in eMAG's Recommendation engine team. Find out how they combined PHP with GoLang, Kafka and Neo4J to achieve a good mix between business requirements and team goals.
This presentation will be held by Dan Belibov and Daniel Toader, developers in eMAG's Recommendation engine team. Find out how they combined PHP with GoLang, Kafka and Neo4J to achieve a good mix between business requirements and team goals.
Apache2 BootCamp : Apache and The Web (1.1)Wildan Maulana
This document provides an overview of key Internet protocols including TCP/IP, DNS, HTTP, URLs, and SSL. It discusses how HTTP requests and responses work, how to view HTTP traffic in the browser, and the history of the Apache web server. Considerations for using Apache are presented such as advantages of stability, flexibility and performance as well as potential disadvantages like open source configuration requirements.
Engineering Presentation for Careers@DirectiDirecti Group
Directi is a company that provides various web services and products including crawling domains, powering websites, and serving ads. They deal with complex challenges at large scale using technologies like Cassandra, Redis, Hadoop and more. As an engineer at Directi, one would work on large networking and collaboration applications, analyze terabytes of data, and design scalable systems.
Maximizing SPDY and SSL Performance (June 2014)Zoompf
Presented at the Atlanta Web Performance Meetup Group on June 2014, Billy Hoffman from Zoompf shows how to improve the performance of your website using SPDY and SSL and discusses SSL issues such as Heartbleed and CRIME
Fluentd: Unified Logging Layer at CWT2014N Masahiro
The document summarizes Masahiro Nakagawa's presentation on Fluentd at the Cloudera World Tokyo conference. Fluentd is an open source log collector written in Ruby that uses a pluggable architecture and JSON format for log messages. It provides unified logging and data processing capabilities. The presentation covered Fluentd's core functionality, related products from Treasure Data, use cases, and the company's roadmap.
2024 Feb AI Meetup NYC GenAI_LLMs_ML_Data Codeless Generative AI PipelinesTimothy Spann
2024 Feb AI Meetup NYC GenAI_LLMs_ML_Data Codeless Generative AI Pipelines
https://www.aicamp.ai/event/eventdetails/W2024022214
apache nifi
llm
generative ai
gen ai
ml
dl
machine learning
apache kafka
apache flink
postgresql
python
AI Meetup (NYC): GenAI, LLMs, ML and Data
Feb 22, 05:30 PM EST
Welcome to the monthly in-person AI meetup in New York City, in collaboration with Microsoft. Join us for deep dive tech talks on AI, GenAI, LLMs and machine learning, food/drink, networking with speakers and fellow developers
Agenda:
* 5:30pm~6:00pm: Checkin, Food/drink and networking
* 6:00pm~6:10pm: Welcome/community update
* 6:10pm~8:30pm: Tech talks
* 8:30pm: Q&A, Open discussion
Tech Talk: Searching and Reasoning Over Multimedia Data with Vector Databases and LMMs
Speaker: Zain Hasan (Weaviate LinkedIn)
Abstract: In this talk, Zain Hasan will discuss how we can use open-source multimodal embedding models in conjunction with large generative multimodal models that can that can see, hear, read, and feel data(!), to perform cross-modal search(searching audio with images, videos with text etc.) and multimodal retrieval augmented generation (MM-RAG) at the billion-object scale with the help of open source vector databases. I will also demonstrate, with live code demos, how being able to perform this cross-modal retrieval in real-time can enables users to use LLMs that can reason over their enterprise multimodal data. This talk will revolve around how we can scale the usage of multimodal embedding and generative models in production.
Tech Talk: Codeless Generative AI Pipelines
Speaker: Timothy Spann (Cloudera LinkedIn)
Abstract: Join us for an insightful talk on leveraging the power of real-time streaming tools, specifically Apache NiFi, to revolutionize GenAI data engineering. In this session, we’ll explore how the integration of Apache NiFi can automate the entire process of prompt building, making it a seamless and efficient task.
Speakers/Topics:
Stay tuned as we are updating speakers and schedules. If you have a keen interest in speaking to our community, we invite you to submit topics for consideration: Submit Topics
Sponsors:
We are actively seeking sponsors to support our community. Whether it is by offering venue spaces, providing food/drink, or cash sponsorship. Sponsors will have the chance to speak at the meetups, receive prominent recognition, and gain exposure to our extensive membership base of 20,000+ local or 300K+ developers worldwide.
Venue:
Microsoft NYC - Times Square, 11 Times Square, New York, NY 10036
Room Name: Central Park West 6501
Community on Slack/Discord
- Event chat: chat and connect with speakers and attendees
- Sharing blogs, events, job openings, projects collaborations
Join Slack (search and join the #newyork channel) | Join Discord
SDN programming and operations requires continuous monitoring of network and application state as well as consistent configuration and update of (forwarding) policies across heterogeneous devices. This is resulting in significant challenges.
Multiple open protocols such as OpenFlow, OF-CONFIG, OnePK , etc. are being adopted by different vendors causing an integration problem for developers.
Internet of Things applications are pushing the size and volume of data handled by SDN systems demanding more efficient and scalable protocols for information distribution and coordination of SDN devices.
This presentation will describe these and other SDN challenges and ways in which various open protocols, such as DDS, XMPP, AMQP, are being used to address them.
- Apache Thrift is a cross-language services framework that allows for the easy definition of data types and remote procedure calls (RPCs).
- It uses an interface definition language (IDL) to define data types and services, and generates code in various languages to implement clients and servers.
- Apache Thrift supports a wide range of languages and transports, making it useful for building high-performance, scalable distributed applications and microservices.
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...apidays
apidays LIVE Australia 2021 - Accelerating Digital
September 15 & 16, 2021
Levelling up database security by thinking in APIs
Lindsay Holmwood, Chief Product Officer at Cipherstash
libcurl, seven SSL libraries and one SSH libraryDaniel Stenberg
This document summarizes Daniel Stenberg's presentation on libcurl and SSL/TLS libraries. It discusses libcurl, which has supported HTTPS since 1998 and now supports many protocols. It also discusses the seven main SSL/TLS libraries - OpenSSL, GnuTLS, NSS, qSSL, yaSSL, PolarSSL, and axTLS - comparing their pros, cons, features, and APIs. It describes how libcurl maintains support for all libraries through a common SSL API, and why there are relatively few SSH libraries, with libssh and libssh2 being the main ones.
MySQL X protocol - Talking to MySQL Directly over the WireSimon J Mudd
The document discusses the MySQL X Protocol, which introduces a new way for clients to communicate directly with MySQL servers over TCP/IP. It provides an overview of how the protocol works, including capabilities exchange, authentication, querying the server for both SQL and noSQL data, pipelining requests, and the need for a formal protocol specification. Building client drivers requires understanding the protocol by reading documentation, source code, and examples as documentation is still incomplete. Pipelining requests can improve performance over high-latency connections. A standard specification would help driver development and ensure compatibility as the protocol evolves.
In Jan 2012, Zynga was kind enough to invite me to speak at their SF office. These are the slides I presented; its much of the same SPDY content, although starting to focus more on mobile.
The document discusses several ways that a large enterprise customer with multiple branch offices can optimize connectivity to Microsoft cloud services like Office 365 and Azure. It provides details on configuring network security devices using published Microsoft endpoint data to identify and route Office 365 traffic efficiently. It also compares approaches like using SD-WAN, ExpressRoute connections, or secure web gateways to provide local internet breakouts or private connections to the cloud.
This document discusses hacking and security issues related to the Robot Operating System (ROS). ROS is a popular robot middleware that is used to build robot applications, but it lacks encryption of data transmitted between nodes. The document demonstrates through examples that packet sniffing of ROS XML-RPC packets is possible, allowing remote control of robots. It is suggested that ROS implement encryption techniques like SSH, IPSec, or SSL/TLS to secure robot control and prevent spoofing of packets since robots now connect to the internet. The document also discusses reverse engineering of the Pepper robot and programming it natively through its Linux-based OS.
Not my problem - Delegating responsibility to infrastructureYshay Yaacobi
Slides for for my talk, appeared on Code-Europe Poznan 12.06.2018
(https://www.codeeurope.pl/en/speakers/yshay-yaacobi)
https://github.com/yshayy/not-my-problem-talk
https://github.com/Yshayy/not-my-problem-talk/blob/master/slides/demo.md
gRPC, GraphQL, REST - Which API Tech to use - API Conference Berlin oct 20Phil Wilkins
The document discusses different API technologies including gRPC, GraphQL, and REST. It provides overviews of each technology, describing their origins, key concepts, pros, and cons. gRPC was developed by Google and uses protocol buffers for messages and HTTP/2 for transport. GraphQL was created by Facebook and uses a query language for clients to specify the exact data they need. REST is the more established standard based on HTTP and uses URIs for identification of resources.
The document discusses SPDY, an evolution of HTTP developed by Google since 2009 that aims to speed up web content delivery. SPDY utilizes a single TCP connection more efficiently through multiplexing and other techniques. It allows for faster page loads, often around 39-55% faster than HTTP. While SPDY adoption is growing, with support in Chrome, Firefox, and Amazon Silk, widespread implementation by servers is still limited. SPDY is expected to influence the development of HTTP 2.0.
This document discusses using libcurl's share API to share data like cookies and DNS caches between multiple easy handles. It explains that some curl state is kept in the easy handle, so transfers using different handles may not be fully independent. The share API allows creating share objects that specify what data to share, such as cookies and DNS caches. Easy handles can then specify which share objects to use to share data between transfers and achieve better performance than using separate handles independently.
This document discusses curl security practices such as continuous integration testing on many platforms, custom test servers, tools used for analysis like Valgrind and Clang sanitizers, and "torture tests" that inject errors. It notes that while testing all combinations is impossible, common setups and architectures are tested. The curl bug bounty program is mentioned as paying $40,900 so far. An upcoming code audit and ensuring decreasing CVEs and fuzzing reports over time are discussed as signs the efforts are working. Recent CVE trends and introductions like "dynbuf" are also summarized.
This document provides an overview of curl, an open source command line tool and library for transferring data with Internet protocols. It discusses curl's history starting in 1998, its widespread usage across operating systems, CPU architectures, and planets. It also outlines curl's many supported features and protocols, large number of contributors and commits, extensive testing, and commitment to security and open development. The future of curl is discussed in the context of the growing Internet of Things and connectivity of everyday devices and appliances.
Daniel Stenberg gave a presentation on using Rust with curl. He discussed how curl has traditionally used C but now supports alternative backends implemented in other languages like Rust. He described challenges in integrating the Hyper, rustls, and quiche Rust crates but curl now supports HTTP/1-2 with Hyper and TLS with rustls in an experimental way. Future work includes improving test coverage when using Rust backends and potentially enabling them by default.
Daniel Stenberg goes through some basic libcurl fundamentals and API design and explain how easily you can get your first transfers going in your own application. libcurl is the defacto standard library for Internet transfers and runs on virtually all platforms. The language focus will be on C/C++ but the concepts are generally applicable even if you use libcurl bindings for other languages.
Daniel Stenberg gave a presentation about security best practices for curl and open source projects. He discussed how curl implements thorough testing, code reviews, fuzz testing, and monitoring of dependencies to minimize vulnerabilities. Stenberg also noted that curl employs a full-time maintainer, responds quickly to issues, and has an active bug bounty program to further improve security.
Daniel Stenberg discusses some of the most common mistakes users are doing when using libcurl and what to do about them.
Video: https://youtu.be/0KfDdIAirSI
Daniel Stenberg discusses the progress being made to enable HTTP/3 support in the curl tool and libcurl library. HTTP/3 uses QUIC as its underlying transport protocol. Several challenges remain, including fallback options, stability testing, and full browser/server support. Stenberg explains how to build curl with various QUIC libraries like Quiche and ngtcp2. HTTP/3 support in curl is still experimental but aims to provide a similar user experience to HTTP/1. Support may be included in future releases as QUIC and HTTP/3 specifications continue development and more servers/browsers are deployed.
Daniel Stenberg takes us through how the curl project is doing today. git activity, contributors, committers, mailing list, growth, money and sponsors, his own role and much more. Video here: https://youtu.be/6ueyZGhtj1Q
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...Alex Pruden
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...Jason Yip
The typical problem in product engineering is not bad strategy, so much as “no strategy”. This leads to confusion, lack of motivation, and incoherent action. The next time you look for a strategy and find an empty space, instead of waiting for it to be filled, I will show you how to fill it in yourself. If you’re wrong, it forces a correction. If you’re right, it helps create focus. I’ll share how I’ve approached this in the past, both what works and lessons for what didn’t work so well.
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
Essentials of Automations: Exploring Attributes & Automation ParametersSafe Software
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
Must Know Postgres Extension for DBA and Developer during MigrationMydbops
Mydbops Opensource Database Meetup 16
Topic: Must-Know PostgreSQL Extensions for Developers and DBAs During Migration
Speaker: Deepak Mahto, Founder of DataCloudGaze Consulting
Date & Time: 8th June | 10 AM - 1 PM IST
Venue: Bangalore International Centre, Bangalore
Abstract: Discover how PostgreSQL extensions can be your secret weapon! This talk explores how key extensions enhance database capabilities and streamline the migration process for users moving from other relational databases like Oracle.
Key Takeaways:
* Learn about crucial extensions like oracle_fdw, pgtt, and pg_audit that ease migration complexities.
* Gain valuable strategies for implementing these extensions in PostgreSQL to achieve license freedom.
* Discover how these key extensions can empower both developers and DBAs during the migration process.
* Don't miss this chance to gain practical knowledge from an industry expert and stay updated on the latest open-source database trends.
Mydbops Managed Services specializes in taking the pain out of database management while optimizing performance. Since 2015, we have been providing top-notch support and assistance for the top three open-source databases: MySQL, MongoDB, and PostgreSQL.
Our team offers a wide range of services, including assistance, support, consulting, 24/7 operations, and expertise in all relevant technologies. We help organizations improve their database's performance, scalability, efficiency, and availability.
Contact us: info@mydbops.com
Visit: https://www.mydbops.com/
Follow us on LinkedIn: https://in.linkedin.com/company/mydbops
For more details and updates, please follow up the below links.
Meetup Page : https://www.meetup.com/mydbops-databa...
Twitter: https://twitter.com/mydbopsofficial
Blogs: https://www.mydbops.com/blog/
Facebook(Meta): https://www.facebook.com/mydbops/
Conversational agents, or chatbots, are increasingly used to access all sorts of services using natural language. While open-domain chatbots - like ChatGPT - can converse on any topic, task-oriented chatbots - the focus of this paper - are designed for specific tasks, like booking a flight, obtaining customer support, or setting an appointment. Like any other software, task-oriented chatbots need to be properly tested, usually by defining and executing test scenarios (i.e., sequences of user-chatbot interactions). However, there is currently a lack of methods to quantify the completeness and strength of such test scenarios, which can lead to low-quality tests, and hence to buggy chatbots.
To fill this gap, we propose adapting mutation testing (MuT) for task-oriented chatbots. To this end, we introduce a set of mutation operators that emulate faults in chatbot designs, an architecture that enables MuT on chatbots built using heterogeneous technologies, and a practical realisation as an Eclipse plugin. Moreover, we evaluate the applicability, effectiveness and efficiency of our approach on open-source chatbots, with promising results.
High performance Serverless Java on AWS- GoTo Amsterdam 2024Vadym Kazulkin
Java is for many years one of the most popular programming languages, but it used to have hard times in the Serverless community. Java is known for its high cold start times and high memory footprint, comparing to other programming languages like Node.js and Python. In this talk I'll look at the general best practices and techniques we can use to decrease memory consumption, cold start times for Java Serverless development on AWS including GraalVM (Native Image) and AWS own offering SnapStart based on Firecracker microVM snapshot and restore and CRaC (Coordinated Restore at Checkpoint) runtime hooks. I'll also provide a lot of benchmarking on Lambda functions trying out various deployment package sizes, Lambda memory settings, Java compilation options and HTTP (a)synchronous clients and measure their impact on cold and warm start times.
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor IvaniukFwdays
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
"NATO Hackathon Winner: AI-Powered Drug Search", Taras KlobaFwdays
This is a session that details how PostgreSQL's features and Azure AI Services can be effectively used to significantly enhance the search functionality in any application.
In this session, we'll share insights on how we used PostgreSQL to facilitate precise searches across multiple fields in our mobile application. The techniques include using LIKE and ILIKE operators and integrating a trigram-based search to handle potential misspellings, thereby increasing the search accuracy.
We'll also discuss how the azure_ai extension on PostgreSQL databases in Azure and Azure AI Services were utilized to create vectors from user input, a feature beneficial when users wish to find specific items based on text prompts. While our application's case study involves a drug search, the techniques and principles shared in this session can be adapted to improve search functionality in a wide range of applications. Join us to learn how PostgreSQL and Azure AI can be harnessed to enhance your application's search capability.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Northern Engraving | Modern Metal Trim, Nameplates and Appliance PanelsNorthern Engraving
What began over 115 years ago as a supplier of precision gauges to the automotive industry has evolved into being an industry leader in the manufacture of product branding, automotive cockpit trim and decorative appliance trim. Value-added services include in-house Design, Engineering, Program Management, Test Lab and Tool Shops.
From Natural Language to Structured Solr Queries using LLMsSease
This talk draws on experimentation to enable AI applications with Solr. One important use case is to use AI for better accessibility and discoverability of the data: while User eXperience techniques, lexical search improvements, and data harmonization can take organizations to a good level of accessibility, a structural (or “cognitive” gap) remains between the data user needs and the data producer constraints.
That is where AI – and most importantly, Natural Language Processing and Large Language Model techniques – could make a difference. This natural language, conversational engine could facilitate access and usage of the data leveraging the semantics of any data source.
The objective of the presentation is to propose a technical approach and a way forward to achieve this goal.
The key concept is to enable users to express their search queries in natural language, which the LLM then enriches, interprets, and translates into structured queries based on the Solr index’s metadata.
This approach leverages the LLM’s ability to understand the nuances of natural language and the structure of documents within Apache Solr.
The LLM acts as an intermediary agent, offering a transparent experience to users automatically and potentially uncovering relevant documents that conventional search methods might overlook. The presentation will include the results of this experimental work, lessons learned, best practices, and the scope of future work that should improve the approach and make it production-ready.
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
"Choosing proper type of scaling", Olena SyrotaFwdays
Imagine an IoT processing system that is already quite mature and production-ready and for which client coverage is growing and scaling and performance aspects are life and death questions. The system has Redis, MongoDB, and stream processing based on ksqldb. In this talk, firstly, we will analyze scaling approaches and then select the proper ones for our system.
20. How does it run?
●
Volunteers
●
Reviews by mail
●
Mailing list driven
●
Test suite and autobuilds
●
Small core team
21. When is it done?
●
How long is a rope?
●
When is the last bug found?
●
When do we stop adding
functionality?
22. New Technology
●
Internet, protocols and file
transfers evolve
●
Curl has to evolve along
●
You can help!
23. Happy Eyeballs
●
Dualstack behaviors
●
RFC6555
●
Basically two connect attempts
at once
24. DANE
●
DNSBased Authentication of
Named Entities (DANE)
●
RFC6698
●
Because SSL's CA system is
broken
●
Resolver dependency
●
Should use a lib
25. SRV/URI records
●
DNS based hints to find (web)
servers
●
In use by nonHTTP protocols
●
Latency penalties
●
Tricky resolver dependencies
26. HTTP pipelining
●
Present in HTTP 1.1, RFC2616
●
Riddled with server problems
●
Circumvents latency issues
●
Coming soon!
27. HTTP2 (SPDY)
●
Discussed in IETF's httpbis WG
●
Based on SPDY/3
●
SCTP and SSH like with multiple
streams within a physical TCP
connection
●
Spindly vs spdylay
28. New HTTP auth
●
Passwords must die
●
Existing auth methods are full of
problems
●
Digest relies on MD5
●
But... browser basically don't do
HTTP auth
29. SSL to proxy
●
SSL over proxy is usually done with
a HTTP CONNECT over plain HTTP
●
Increase privacy within
organizations
●
Supported by Chrome
●
Tricky because of SSL backends
30. … and much much more!
●
It never ends
●
Transports are fundamental to
Internet
●
curl transports the Internet
31. How?
●
Companies fund features
●
Individuals fix problems
●
Join us and help out!