Using Mikko Koppanen's PHP ZMQ extension we will look at how you can easily distribute work to background processes, provide flexible service brokering for your next service oriented architecture, and manage caches efficiently and easily with just PHP and the ZeroMQ libraries. Whether the problem is asynchronous communication, message distribution, process management or just about anything, ZeroMQ can help you build an architecture that is more resilient, more scalable and more flexible, without introducing unnecessary overhead or requiring a heavyweight queue manager node.
Sécurisation de vos applications web à l’aide du composant Security de SymfonyVladyslav Riabchenko
L'authentification et l’autorisation sont omniprésents dans les applications web. Cependant la sécurisation des applications Symfony semble assez compliquée surtout pour les débutants. Je vous propose d'examiner le composant Security de Symfony pour comprendre comment la couche d'authentification est organisée et comment les règles d'autorisation sont implémentées. Nous verrons les classes qui se cachent derrière la configuration dans votre security.yml.
Suricata: A Decade Under the Influence (of packet sniffing)Jason Williams
Having just celebrated it's 10th birthday, Suricata has learned a lot about monitoring network traffic during the past decade. Suricata today is more than IDS/IPS— it is also a metadata creating, lua scripting, multi threaded, json logging, rule alerting, network security monitoring beast. Development for Suricata is funded by the non-profit Open Information Security Foundation which, along with feedback and support from the community, has made Suricata what it is today. In this talk we will discuss various aspects of modern Suricata, such as deployment, alerting, rule writing, compilation, protocols, lua, and more. Join us for a look into where Suricata has been, what it does today, and where it's going to go in the future.
The document discusses Inter-Integrated Circuit (I2C) drivers in Linux. It provides an overview of I2C, describing its conditions, transactions and popular uses. It also describes the I2C subsystem in Linux, including I2C adapters, clients and drivers. It explains how to write an I2C client driver, covering initialization, cleanup and registration both with and without a device tree. The document aims to cover all aspects of developing I2C drivers and interfacing with I2C devices in Linux.
Using Mikko Koppanen's PHP ZMQ extension we will look at how you can easily distribute work to background processes, provide flexible service brokering for your next service oriented architecture, and manage caches efficiently and easily with just PHP and the ZeroMQ libraries. Whether the problem is asynchronous communication, message distribution, process management or just about anything, ZeroMQ can help you build an architecture that is more resilient, more scalable and more flexible, without introducing unnecessary overhead or requiring a heavyweight queue manager node.
Sécurisation de vos applications web à l’aide du composant Security de SymfonyVladyslav Riabchenko
L'authentification et l’autorisation sont omniprésents dans les applications web. Cependant la sécurisation des applications Symfony semble assez compliquée surtout pour les débutants. Je vous propose d'examiner le composant Security de Symfony pour comprendre comment la couche d'authentification est organisée et comment les règles d'autorisation sont implémentées. Nous verrons les classes qui se cachent derrière la configuration dans votre security.yml.
Suricata: A Decade Under the Influence (of packet sniffing)Jason Williams
Having just celebrated it's 10th birthday, Suricata has learned a lot about monitoring network traffic during the past decade. Suricata today is more than IDS/IPS— it is also a metadata creating, lua scripting, multi threaded, json logging, rule alerting, network security monitoring beast. Development for Suricata is funded by the non-profit Open Information Security Foundation which, along with feedback and support from the community, has made Suricata what it is today. In this talk we will discuss various aspects of modern Suricata, such as deployment, alerting, rule writing, compilation, protocols, lua, and more. Join us for a look into where Suricata has been, what it does today, and where it's going to go in the future.
The document discusses Inter-Integrated Circuit (I2C) drivers in Linux. It provides an overview of I2C, describing its conditions, transactions and popular uses. It also describes the I2C subsystem in Linux, including I2C adapters, clients and drivers. It explains how to write an I2C client driver, covering initialization, cleanup and registration both with and without a device tree. The document aims to cover all aspects of developing I2C drivers and interfacing with I2C devices in Linux.
The document provides an overview of new features in C++20, including small language and library improvements. Some key points summarized:
1. Aggregate initialization allows initialization of aggregates using designated initializers (e.g. {.a = 3, .c = 7}) and direct initialization syntax (e.g. Widget w(1,2)).
2. Structured bindings allow capturing initialized variables from aggregates into auto variables (e.g. auto [a,b] = getWidget()).
3. Lambdas can be used in more contexts like static/thread_local variables and allow capturing initialized variables. Templates see expanded use of generic lambdas, non-type template parameters, and class
GDC Europe 2014: Unreal Engine 4 for Programmers - Lessons Learned & Things t...Gerke Max Preussner
A high-level overview of Unreal Engine 4, its game framework, the Slate user interface library, Unreal Motion Graphics, and Editor and Engine extensibility. Presented at GDC Europe in Cologne, Germany.
Also includes bonus slides on concurrency and parallelism features, general tips for programmers and Epic's build and automation infrastructure.
XXE Exposed: SQLi, XSS, XXE and XEE against Web ServicesAbraham Aranguren
XXE Exposed Webinar Slides:
Brief coverage of SQLi and XSS against Web Services to then talk about XXE and XEE attacks and mitigation. Heavily inspired on the "Practical Web Defense" (PWD) style of pwnage + fixing (https://www.elearnsecurity.com/PWD)
Full recording here:
NOTE: (~20 minute) XXE + XEE Demo Recording starts at minute 25
https://www.elearnsecurity.com/collateral/webinar/xxe-exposed/
This document provides an overview of kernel debugging on Solaris systems using the modular debugger Mdb and dynamic tracing framework DTrace. It discusses debugging live kernels with Mdb, analyzing system crash dumps with Mdb, and using DTrace to monitor the kernel at runtime by enabling probes published by different providers. The document outlines the key tools, techniques, and challenges involved in kernel debugging and crash analysis on Solaris.
ØMQ was created to address the need for cheaper and more efficient connectivity between distributed systems as hardware capabilities increased. It is an intelligent socket library that provides various connection patterns for messaging between processes. ØMQ aims to be fast, small, multiplatform, and multilingual. It uses common patterns like request-reply and publish-subscribe to allow processes to communicate simply and efficiently over in-process, inter-process, and network connections. The ØMQ community continues to enhance and support the open source library.
The document provides an overview of techniques for penetrating OS X environments externally, including using the EmPyre remote access Trojan, phishing with OS X payloads, privilege escalation, persistence mechanisms like login hooks and crontab, host and network reconnaissance tools, and lateral movement options like SSH. The challenges of operating in an OS X environment and adapting typical Windows tactics are also discussed.
Killzone Shadow Fall: Threading the Entity Update on PS4jrouwe
This document discusses Guerrilla Games' approach to multi-threading entity updates in Killzone Shadow Fall on the PlayStation 4. It covers defining entities and their dependencies, a job-based system where one entity update is one job, scheduling algorithms to balance jobs across frames, and performance results showing a 4x speedup versus the PlayStation 3 version. Debug tools like yEd are used to visualize complex dependency graphs. The system allows most of the game to be programmed sequentially while exploiting multi-core performance on PS4.
This document discusses how Qemu works to translate guest binaries to run on the host machine. It first generates an intermediate representation called TCG-IR from the guest binary code. It then translates the TCG-IR into native host machine code. To achieve high performance, it chains translated blocks together by patching jump targets. Key techniques include just-in-time compilation, translation block finding, block chaining, and helper functions to emulate unsupported guest instructions.
Project ACRN Device Model architecture introductionProject ACRN
The document provides an overview of the ACRN Device Model (DM) architecture. DM is responsible for creating UOS VMs and emulating devices based on command line configurations. It initializes by parsing options, creating the VM, setting up I/O, and loading the OVMF firmware. It then performs device emulation through virtual PCI devices, interrupt handling, and ACPI table virtualization. Device emulation involves registering devices, emulating configuration space, BARs, and interrupts. ACPI tables are virtualized to provide power management and configuration to the guest VM.
Let'Swift 2019 컨퍼런스에서 RxSwift to Combine 이라고 발표한 자료입니다. 자료 내에 언급되는 코드 링크는 다음과 같습니다.
[BringMyOwnBeer]
• RxSwift/RxCocoa: https://github.com/fimuxd/BringMyOwnBeer-
• Combine/SwiftUI: https://github.com/fimuxd/BringMyOwnBeer-Combine
This document discusses hierarchical level of detail (HLOD) techniques for improving graphics performance and optimization in large 3D scenes. HLOD allows grouping different 3D objects based on distance from the camera and rendering them as a single batch to reduce draw calls. The document explains how HLOD works, provides examples of baking HLOD trees, and compares the performance and memory usage of HLOD to traditional static batching and level of detail techniques.
This document provides an overview of the libuv library. Libuv is a cross-platform asynchronous I/O and event loop library written in C. It is used by Node.js and many other projects. The document discusses libuv's architecture, features like the event loop, handles, and requests. It also covers libuv's use in Node.js and the current state and future plans for libuv.
The document provides an overview of new features in C++20, including small language and library improvements. Some key points summarized:
1. Aggregate initialization allows initialization of aggregates using designated initializers (e.g. {.a = 3, .c = 7}) and direct initialization syntax (e.g. Widget w(1,2)).
2. Structured bindings allow capturing initialized variables from aggregates into auto variables (e.g. auto [a,b] = getWidget()).
3. Lambdas can be used in more contexts like static/thread_local variables and allow capturing initialized variables. Templates see expanded use of generic lambdas, non-type template parameters, and class
GDC Europe 2014: Unreal Engine 4 for Programmers - Lessons Learned & Things t...Gerke Max Preussner
A high-level overview of Unreal Engine 4, its game framework, the Slate user interface library, Unreal Motion Graphics, and Editor and Engine extensibility. Presented at GDC Europe in Cologne, Germany.
Also includes bonus slides on concurrency and parallelism features, general tips for programmers and Epic's build and automation infrastructure.
XXE Exposed: SQLi, XSS, XXE and XEE against Web ServicesAbraham Aranguren
XXE Exposed Webinar Slides:
Brief coverage of SQLi and XSS against Web Services to then talk about XXE and XEE attacks and mitigation. Heavily inspired on the "Practical Web Defense" (PWD) style of pwnage + fixing (https://www.elearnsecurity.com/PWD)
Full recording here:
NOTE: (~20 minute) XXE + XEE Demo Recording starts at minute 25
https://www.elearnsecurity.com/collateral/webinar/xxe-exposed/
This document provides an overview of kernel debugging on Solaris systems using the modular debugger Mdb and dynamic tracing framework DTrace. It discusses debugging live kernels with Mdb, analyzing system crash dumps with Mdb, and using DTrace to monitor the kernel at runtime by enabling probes published by different providers. The document outlines the key tools, techniques, and challenges involved in kernel debugging and crash analysis on Solaris.
ØMQ was created to address the need for cheaper and more efficient connectivity between distributed systems as hardware capabilities increased. It is an intelligent socket library that provides various connection patterns for messaging between processes. ØMQ aims to be fast, small, multiplatform, and multilingual. It uses common patterns like request-reply and publish-subscribe to allow processes to communicate simply and efficiently over in-process, inter-process, and network connections. The ØMQ community continues to enhance and support the open source library.
The document provides an overview of techniques for penetrating OS X environments externally, including using the EmPyre remote access Trojan, phishing with OS X payloads, privilege escalation, persistence mechanisms like login hooks and crontab, host and network reconnaissance tools, and lateral movement options like SSH. The challenges of operating in an OS X environment and adapting typical Windows tactics are also discussed.
Killzone Shadow Fall: Threading the Entity Update on PS4jrouwe
This document discusses Guerrilla Games' approach to multi-threading entity updates in Killzone Shadow Fall on the PlayStation 4. It covers defining entities and their dependencies, a job-based system where one entity update is one job, scheduling algorithms to balance jobs across frames, and performance results showing a 4x speedup versus the PlayStation 3 version. Debug tools like yEd are used to visualize complex dependency graphs. The system allows most of the game to be programmed sequentially while exploiting multi-core performance on PS4.
This document discusses how Qemu works to translate guest binaries to run on the host machine. It first generates an intermediate representation called TCG-IR from the guest binary code. It then translates the TCG-IR into native host machine code. To achieve high performance, it chains translated blocks together by patching jump targets. Key techniques include just-in-time compilation, translation block finding, block chaining, and helper functions to emulate unsupported guest instructions.
Project ACRN Device Model architecture introductionProject ACRN
The document provides an overview of the ACRN Device Model (DM) architecture. DM is responsible for creating UOS VMs and emulating devices based on command line configurations. It initializes by parsing options, creating the VM, setting up I/O, and loading the OVMF firmware. It then performs device emulation through virtual PCI devices, interrupt handling, and ACPI table virtualization. Device emulation involves registering devices, emulating configuration space, BARs, and interrupts. ACPI tables are virtualized to provide power management and configuration to the guest VM.
Let'Swift 2019 컨퍼런스에서 RxSwift to Combine 이라고 발표한 자료입니다. 자료 내에 언급되는 코드 링크는 다음과 같습니다.
[BringMyOwnBeer]
• RxSwift/RxCocoa: https://github.com/fimuxd/BringMyOwnBeer-
• Combine/SwiftUI: https://github.com/fimuxd/BringMyOwnBeer-Combine
This document discusses hierarchical level of detail (HLOD) techniques for improving graphics performance and optimization in large 3D scenes. HLOD allows grouping different 3D objects based on distance from the camera and rendering them as a single batch to reduce draw calls. The document explains how HLOD works, provides examples of baking HLOD trees, and compares the performance and memory usage of HLOD to traditional static batching and level of detail techniques.
This document provides an overview of the libuv library. Libuv is a cross-platform asynchronous I/O and event loop library written in C. It is used by Node.js and many other projects. The document discusses libuv's architecture, features like the event loop, handles, and requests. It also covers libuv's use in Node.js and the current state and future plans for libuv.
El documento habla sobre la seguridad en comunicaciones SIP y RTP. Explica varios mecanismos como TLS, SRTP, ZRTP y DTLS-SRTP para cifrar las señales. Recomienda usar siempre cifrado cuando sea posible, utilizar mecanismos que ofrezcan "Forward Secrecy" y mantenerse actualizado con los últimos avances en criptografía. Además, advierte que no se debe confiar ciegamente en nadie y que es importante verificar la identidad de los participantes.
The document discusses the future of the private branch exchange (PBX) system and outlines key aspects of the SylkServer 3 product. It emphasizes simplicity through zero configuration, provisioning, and a seamless user interface. Security is ensured through secure defaults, encryption of SIP and RTP protocols, and end-to-end encryption of chat. Sharing capabilities allow for multi-party conferencing with audio, video, file transfers and screen sharing. Standards compliance and use of domains instead of phone numbers aim to future proof the system.
El documento describe el proyecto OP^2, el cual tiene como objetivo desarrollar un dispositivo de hardware SIP abierto llamado Open Pi Phone utilizando una Raspberry Pi. El proyecto usa el SIP SIMPLE Client SDK como núcleo y provee una interfaz web y API REST para configurar el dispositivo. Se han creado dos prototipos (Falcon y FalconPlus) y el proyecto busca mejorar el audio, provisionamiento y otras funcionalidades en el futuro.
Este documento presenta a AG Projects, una empresa especializada en infraestructura SIP para operadores. AG Projects ha desarrollado software desde 2002, incluyendo Blink, OpenSIPS y Sylk WebRTC. El documento también describe algunas de las necesidades clave de un operador como el enrutamiento de llamadas, la portabilidad y la facturación. Además, introduce SIPThor, una infraestructura SIP distribuida horizontalmente capaz de escalar a más de 9000 solicitudes por segundo de manera resiliente y tolerante a fallos.
SylkServer is a state-of-the-art RTC application server that provides traditional SIP support as well as conferencing via SIP, XMPP, IRC, and WebRTC gateways. The latest version, SylkServer 4.0, was released for ElastixWorld 2016 and made the Sylk WebRTC client and a desktop application based on Electron open source. SylkServer offers zero configuration video conferencing and the developers are currently hiring and looking for questions.
WebRTC is an API that enables real-time communication directly in web browsers without plugins. The document discusses using WebRTC to build a "call roulette" application in Python with asyncio and aiohttp that randomly connects two users in real-time video/audio calls. It describes the WebRTC APIs getUserMedia, RTCPeerConnection, and RTCDataChannel and outlines a signaling protocol to connect users. The application architecture uses asyncio for asynchronous I/O and aiohttp for HTTP/WebSocket support.
A journey through the wonderful world of Node.js C++ addons. This talk was given at the September 8, 2015 NodeMN meetup.
Code: https://github.com/cb1kenobi/nodemn
Ninja Build: Simple Guide for BeginnersChang W. Doh
Ninja is a build system that focuses solely on speed. It aims to have the fastest possible build times by keeping things very simple - it has almost no built-in functionality and relies on external meta-build systems like GYP or CMake to generate the build specification files (ninja files). Ninja files describe dependencies between targets but don't include complex build logic. This keeps the overhead of the build system very low and allows builds to be highly parallelized.
This document discusses asyncio and asynchronous programming in Python. It begins by introducing the author and their experience with asyncio. It then covers topics like using yield from to write asynchronous code, how yield from works under the hood, debugging asynchronous code, task cancellation, timeouts, and more. Magic methods and third-party libraries for asyncio are also mentioned. In summary, asyncio provides a convenient API for asynchronous networking in Python using TCP/UDP sockets, Unix pipes, and processes, though the ecosystem is still growing.
NYC* 2013 - "Advanced Data Processing: Beyond Queries and Slices"DataStax Academy
The ColumnFamily data model and wide-row support provides the ability to store and access data efficiently in a de-normalized state. Recent enhancements for CQL's spare tables and built-in indexing provide the capability to store data in a manner similar to that of relational databases. For many use cases hybrid approaches are needed, because complete de-normalization is appropriate for some access patterns whereas more structured data is appropriate for others. At times a single logical event becomes multiple insertions across multiple column families. Likewise a user request might require a several reads across different column families. This talk describes some of these scenarios and demonstrates how advanced operations such multiple step procedures, filtering, intersection, and paging can be implemented client side or server side with the help of the IntraVert plugin.
Intravert Server side processing for CassandraEdward Capriolo
The document provides examples of using CQL (Cassandra Query Language) to create and query tables in Cassandra. It shows how to create tables to store user and video data, insert sample records, and perform queries. It then discusses using the IntraVert library to execute more complex queries directly against Cassandra, such as joins, filters, and multi-table operations, in order to reduce network traffic and processing compared to doing everything on the client side.
fog or: How I Learned to Stop Worrying and Love the CloudWesley Beary
Learn how to easily get started on cloud computing with fog. If you can control your infrastructure choices, you’ll make better choices in development and get what you need in production. You'll get an overview of fog and concrete examples to give you a head start on your provisioning workflow.
fog or: How I Learned to Stop Worrying and Love the Cloud (OpenStack Edition)Wesley Beary
The document discusses how to use the Fog library to interact with cloud services. Fog allows interacting with multiple cloud providers like AWS, Rackspace, etc in a portable way. It provides models, collections, and methods to manage resources like servers, storage, DNS etc. in an abstracted way across providers. The document demonstrates how to boot a server, install SSH keys, run commands via SSH, and ping a target using the Fog and Ruby APIs in just a few lines of code.
This document provides an overview of the Pig Latin data flow language for Hadoop. It discusses why Pig is useful for increasing productivity and insulating users from complexity when working with MapReduce. The document provides examples of simple Pig Latin scripts for common tasks like filtering, joining, grouping and aggregation. It also covers performance considerations, user defined functions, common pitfalls, and recommendations.
Thrift and PasteScript are frameworks for building distributed applications and services. Thrift allows defining data types and interfaces using a simple definition language that can generate code in multiple languages. It uses a compact binary protocol for efficient RPC-style communication between clients and servers. PasteScript builds on WSGI and provides tools like paster for deploying and managing Python web applications, along with reloading and logging capabilities. It integrates with Thrift via server runners and application factories.
The document discusses Node.js and provides instructions for installing Node.js via different methods:
1) Homebrew can be used to install Node.js on OSX by running "brew install node.js".
2) nDistro allows creating and installing Node.js distributions within seconds by specifying module and Node binary version dependencies in a .ndistro file.
3) Node.js can be compiled from source by cloning the Node.js repository via git or downloading the source, running configuration, make, and make install commands.
This document provides an overview of the basic function call flow for OpenSSL to establish a secure TCP connection. It discusses initializing the OpenSSL library, creating an SSL_CTX object, generating randomness, creating an SSL object for a connection, performing the TLS/SSL handshake, and reading and writing data over the encrypted connection. It also provides examples of OpenSSL code for a client application.
This document provides an introduction and overview of a Node.js tutorial presented by Tom Hughes-Croucher. The tutorial covers topics such as building scalable server-side code with JavaScript using Node.js, debugging Node.js applications, using frameworks like Express.js, and best practices for deploying Node.js applications in production environments. The tutorial includes exercises for hands-on learning and demonstrates tools and techniques like Socket.io, clustering, error handling and using Redis with Node.js applications.
nuclio is iguazio's open source serverless project. nuclio is 100x faster, brings significant new functionality and works with data and event sources to accelerate performance and development.
Talk given at DomCode meetup in Utrecht (August 2014) on different frameworks to do asynchronous I/O y Python, with a strong focus on asyncio (PEP-3156).
This document provides an introduction to NodeJS for beginners. It discusses what NodeJS is, how it uses non-blocking I/O and event-driven architecture, and how to set up NodeJS. It also covers global objects, modules, asynchronous vs synchronous code, core NodeJS modules like filesystem and events, and how to create a basic "Hello World" NodeJS application.
How I Built a Power Debugger Out of the Standard Library and Things I Found o...doughellmann
Smiley demonstrates how to use Python's native tracing capabilities to monitor not just what parts of your program run, but the data flowing through the program as it runs. All of the data is recorded for study after the program exits, which means you can pass different inputs and then compare the results of the runs. In this presentation, I describe the evolution of Smiley, from concept through internal API changes as I worked on the implementation. I also talk about tracing Python programs in general, and explain how the trace code in Smiley can be used to send trace data to different output destinations.
The document outlines the four steps in a typical design process: 1) identifying a problem, 2) people recognizing the problem, 3) attempting DIY solutions, and 4) the designer's solution. It then discusses various multitasking capabilities on iOS like fast app switching, push notifications, background audio and location services, and more. Code snippets are provided to illustrate implementing some of these features.
Ansible is a configuration management and orchestration tool that is agentless, uses SSH for connections, and is designed to be easy to use. It allows users to define infrastructure by writing playbooks that describe configurations, deployments, and orchestrations. Playbooks can install software, copy files, execute commands, and more on remote servers. Ansible playbooks provide an idempotent and predictable way to configure and manage infrastructure and applications.
Original slides from Ryan Dahl's NodeJs intro talkAarti Parikh
These are the original slides from the nodejs talk. I was surprised not find them on slideshare so adding them. The video link is here https://www.youtube.com/watch?v=ztspvPYybIY
Node.js is an asynchronous JavaScript runtime that allows for efficient handling of I/O operations. The presentation discusses developing with Node.js by using modules from NPM, debugging with node-inspector, common pitfalls like blocking loops, and best practices like avoiding large heaps and offloading intensive tasks. Key Node.js modules demonstrated include Express for web frameworks and Socket.io for real-time applications.
The document is a presentation about Node.js, a JavaScript runtime built on Chrome's V8 JavaScript engine. It discusses how Node.js uses an event-driven, non-blocking I/O model that makes it particularly suited for real-time web applications and I/O-intensive applications compared to traditional threaded server models. It provides examples of Node.js features like asynchronous I/O, event loops, modules and the npm package manager.
Python has been adding more and more async features to the language and the standard library. Starting with asyncio in python 3.4 and including the new async/await keywords in python 3.5, it’s difficult to understand how all these pieces fit together. More importantly, it’s hard to envision how to use these new language features in a real world application. In this talk we’re going to move beyond the basic examples of TCP echo servers and example servers that can add number together. Instead I’ll show you a realistic asyncio application. This application is a port of redis, a popular data structure server, written in python using asyncio. In addition to basic topics such as handling simple redis commands (GET, SET, RPUSH, etc), we’ll look at notifications using pub/sub, and how to implement blocking queues.
Similar to libuv, NodeJS and everything in between (20)
This document summarizes the challenges of scaling Jitsi Meet to meet increased demand during the COVID-19 pandemic. Key issues included overloaded signaling nodes causing errors, mobile users unable to join, and new users confused by the tool. Solutions involved raising file descriptor limits, optimizing client/server messaging, enabling bridge cascading, and improving security and user interfaces. The community also helped through forums, guides and word of mouth. Looking ahead, Jitsi aims to improve efficiency and sustainability through new products while keeping meet.jit.si free.
Jitsi Meet is an open-source video conferencing solution that focuses on user privacy. It discusses various privacy threats like eavesdropping, user fingerprinting, and compromised devices/environments. It recommends muting video when unnecessary, hosting meetings in private spaces, and self-hosting the Jitsi software which is open-source and can be built without Google libraries. Features like background blurring and voice obfuscation are in development to further protect user privacy during video calls.
Este documento resume los objetivos y logros del proyecto de código abierto Jitsi. Jitsi busca facilitar comunicaciones privadas y basadas en estándares abiertos a través del desarrollo de proyectos y SDKs fáciles de usar e integrar. Jitsi es un conjunto de proyectos para la creación de sistemas de videoconferencia escalables y seguros. El documento luego detalla mejoras recientes en el chat, audio, compartir pantalla y video, así como nuevas integraciones y modos para dispositivos móviles.
Slides from the talk given at FOSDEM 2019 on how Jitsi Meet was brought from the web to mobile and how we built a native SDK using React Native.
Video: https://fosdem.org/2019/schedule/event/jitsi_mobile_webrtc/
Jitsi es una solución de videoconferencia de código abierto que permite llamadas seguras y escalables. El documento describe las actualizaciones recientes de Jitsi, incluyendo mejoras en las aplicaciones móviles y de escritorio, integraciones con calendarios y Slack, optimizaciones en el uso de ancho de banda, y planes futuros para cifrado de extremo a extremo y una comunidad en crecimiento. Jitsi ofrece características completas con poco esfuerzo de integración y una licencia de código abierto.
Jitsi: state-of-the-art video conferencing you can self-hostSaúl Ibarra Corretgé
Jitsi is an open source project that allows users to easily deploy secure and scalable video conferencing solutions. It provides high quality audio and video calling through mobile apps, web interfaces and APIs. The project uses adaptive technology to optimize video quality based on available bandwidth. It has a large community of contributors helping to improve the software and is licensed under Apache 2.
Slides from my talk at OpenSIPS Summit 2017 and KamailioWorld 2017, showing the capabilities of Jitsi Meet, and a novel way for doing SIP video room integration.
Video at KamailioWorld: https://www.youtube.com/watch?v=TGloLKOrvmo
Dangerous Demo at KamailioWorld: https://www.youtube.com/watch?v=d0zHiLkHDyY&feature=youtu.be&t=3589
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...Zilliz
Join us to introduce Milvus Lite, a vector database that can run on notebooks and laptops, share the same API with Milvus, and integrate with every popular GenAI framework. This webinar is perfect for developers seeking easy-to-use, well-integrated vector databases for their GenAI apps.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Building RAG with self-deployed Milvus vector database and Snowpark Container...Zilliz
This talk will give hands-on advice on building RAG applications with an open-source Milvus database deployed as a docker container. We will also introduce the integration of Milvus with Snowpark Container Services.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
20 Comprehensive Checklist of Designing and Developing a WebsitePixlogix Infotech
Dive into the world of Website Designing and Developing with Pixlogix! Looking to create a stunning online presence? Look no further! Our comprehensive checklist covers everything you need to know to craft a website that stands out. From user-friendly design to seamless functionality, we've got you covered. Don't miss out on this invaluable resource! Check out our checklist now at Pixlogix and start your journey towards a captivating online presence today.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
2. LIBUV, NODE AND EVERYTHING IN BETWEEN
HIYA!
▸ @saghul
▸ Bilbao — Amsterdam — Liverpool
▸ libuv core janitor
▸ Nodejs collaborator
▸ Recently obsessed with 3D printing
▸ AMA!
4. LIBUV, NODE AND EVERYTHING IN BETWEEN
ASYNC I/O 101
from __future__ import print_function
import socket
server = socket.socket(family=socket.AF_INET, type=socket.SOCK_STREAM)
server.bind(('127.0.0.1', 1234))
server.listen(10)
print("Server listening on: {}".format(server.getsockname()))
client, addr = server.accept()
print("Client connected: {}".format(addr))
while True:
data = client.recv(4096)
if not data:
print("Client has disconnected")
break
client.send(data.upper())
server.close()
5. LIBUV, NODE AND EVERYTHING IN BETWEEN
CRAP, IT BLOCKS!
▸ Only one client at a time!
▸ Scaling up
▸ Threads
▸ I/O multiplexing
▸ http://www.kegel.com/c10k.html
▸ http://www.slideshare.net/saghul/how-do-eventloops-
work-in-python
6. LIBUV, NODE AND EVERYTHING IN BETWEEN
THREADS?
▸ Overhead: stack size, scheduling
▸ Synchronisation
▸ It’s still a good solution in some cases
7. LIBUV, NODE AND EVERYTHING IN BETWEEN
I/O MULTIPLEXING TO THE RESCUE
▸ Single thread
▸ Examine and wait for i/o in multiple sockets at once
▸ When a socket is ready the operation won’t block
▸ Good for i/o bound tasks, bad for CPU intensive tasks
8. LIBUV, NODE AND EVERYTHING IN BETWEEN
I/O MULTIPLEXING 101
1. Put the fd in non-blocking mode
2. Add the fd to the i/o multiplexor
3. Wait for some time
4. Perform read / writes on the fd, it won’t block!
5. Profit?
9. LIBUV, NODE AND EVERYTHING IN BETWEEN
I/O MULTIPLEXING APIS
▸ Different APIs: select, poll, epoll, kqueue, …
▸ Unix shares a common model: readiness
▸ Windows uses a completion model
▸ IOCP is The Good Stuff
11. LIBUV, NODE AND EVERYTHING IN BETWEEN
LIBUV
▸ Small (relatively) C library: ~30K LOC (without tests)
▸ Extensive test suite
▸ Designed for C programs that miss the joy of JavaScript
callback hell
▸ Used by Node and many other projects:
https://github.com/libuv/libuv/wiki/Projects-that-use-libuv
12. LIBUV, NODE AND EVERYTHING IN BETWEEN
LIBUV: FEATURES
▸ Event loop backed by epoll,
kqueue, IOCP, event ports,
etc.
▸ Timers
▸ Async TCP / UDP sockets
▸ Async named pipes
▸ Async filesystem operations
▸ Async signal handling
▸ Child processes
▸ ANSI escaped TTY
▸ Threading utilities
▸ Coolest logo ever
15. LIBUV, NODE AND EVERYTHING IN BETWEEN
LIBUV: FILESYSTEM APIS
▸ Follow the Unix style
▸ Executed in a thread pool
▸ http://blog.libtorrent.org/2012/10/asynchronous-disk-io/
16. LIBUV, NODE AND EVERYTHING IN BETWEEN
LIBUV: A WORD ON THREADS
▸ We only use threads for file i/o and getaddrinfo
▸ Default thread pool size is 4
(runtime env var: UV_THREADPOOL_SIZE)
▸ NOT FOR NETWORK I/O
▸ NOT FOR NETWORK I/O
▸ NOT FOR NETWORK I/O
▸ NOT FOR NETWORK I/O
17. THE LIBUV EVENT LOOP IS
SINGLE THREADED. THE THREAD
POOL IS ONLY USED FOR FILE I/O.
The libuv police
LIBUV, NODE AND EVERYTHING IN BETWEEN
19. LIBUV, NODE AND EVERYTHING IN BETWEEN
A LIBUV CHAT APPLICATION
▸ Simple TCP server application
▸ A twist on libuv-chat by Ben Noordhuis in 2011
▸ Multiple users, single “chat room”
▸ Pokemon, because why not?
▸ https://github.com/saghul/libuv-chat
20. THE MAKEFILE
all: build
deps/libuv:
git clone --depth 1 https://github.com/libuv/libuv deps/libuv
build/gyp:
git clone --depth 1 https://chromium.googlesource.com/external/gyp build/gyp
out/Makefile: deps/libuv build/gyp
build/gyp/gyp -Duv_library=static_library --depth=$(PWD) --generator-output=$(PWD)/out -Goutput_dir=$(PWD)/out -f make build.gyp
build: out/Makefile
$(MAKE) -C out
clean:
rm -rf out
distclean:
rm -rf build deps out
.PHONY: clean distclean
21. THE GYP BUILD FILE
# Copyright (c) 2016, Saúl Ibarra Corretgé <saghul@gmail.com>
# Copyright (c) 2012, Ben Noordhuis <info@bnoordhuis.nl>
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# gyp -Duv_library=static_library --depth=$PWD --generator-output=$PWD/out -Goutput_dir=$PWD/out -f make build.gyp
{
'targets': [
{
'target_name': 'chat-server',
'type': 'executable',
'dependencies': ['deps/libuv/uv.gyp:libuv'],
'sources': ['src/main.c', 'src/queue.h', 'src/pokemon_names.h'],
}
]
}
22. INITIALISE AND RUN SERVER
struct user
{
QUEUE queue;
uv_tcp_t handle;
char id[32];
};
static QUEUE users;
int main(void)
{
QUEUE_INIT(&users);
srand(1234);
int r;
uv_tcp_t server_handle;
uv_tcp_init(uv_default_loop(), &server_handle);
struct sockaddr_in addr;
uv_ip4_addr(SERVER_ADDR, SERVER_PORT, &addr);
r = uv_tcp_bind(&server_handle, (const struct sockaddr*) &addr, 0);
if (r < 0)
fatal("uv_tcp_bind", r);
const int backlog = 128;
r = uv_listen((uv_stream_t*) &server_handle, backlog, on_connection);
if (r < 0)
fatal("uv_listen", r);
printf("Listening at %s:%dn", SERVER_ADDR, SERVER_PORT);
uv_run(uv_default_loop(), UV_RUN_DEFAULT);
return 0;
}
23. HANDLE INCOMING CONNECTIONS
static void on_connection(uv_stream_t* server_handle, int status)
{
assert(status == 0);
int r;
// hurray, a new user!
struct user *user = xmalloc(sizeof(*user));
uv_tcp_init(uv_default_loop(), &user->handle);
r = uv_accept(server_handle, (uv_stream_t*) &user->handle);
if (r < 0)
fatal("uv_accept", r);
// add him to the list of users
QUEUE_INSERT_TAIL(&users, &user->queue);
make_user_id(user);
// now tell everyone, including yourself (to know your name!)
broadcast(NULL, "* A wild %s appeared from %sn", user->id, addr_and_port(user));
// start accepting messages from the user
uv_read_start((uv_stream_t*) &user->handle, on_alloc, on_read);
}
28. LIBUV, NODE AND EVERYTHING IN BETWEEN
NODEJS
▸ Server side JavaScript
▸ V8 JavaScript engine
▸ Web inspired async model
▸ Auxiliary libraries: libuv, OpenSSL, c-ares, http_parser, …
29. LIBUV, NODE AND EVERYTHING IN BETWEEN
PLATFORM LAYER REQUIREMENTS
▸ ASYNC ALL THE THINGS
▸ Completion based (callbacks)
▸ Consistent API for asynchronous network i/o
▸ Filesystem operations
▸ Basic name resolution (getaddrinfo / getnameinfo)
30. LIBUV, NODE AND EVERYTHING IN BETWEEN
ARCHITECTURE IN NODE 0.4
BINDINGS / WRAPS
JS STANDARD LIBRARY
USER APPLICATIONS
V8 OPENSSL LIBEV LIBEIO …
31. LIBUV, NODE AND EVERYTHING IN BETWEEN
ARCHITECTURE IN NODE 0.6
BINDINGS / WRAPS
JS STANDARD LIBRARY
USER APPLICATIONS
V8 OPENSSL LIBUV …
LIBEV LIBEIO
32. LIBUV, NODE AND EVERYTHING IN BETWEEN
ARCHITECTURE IN NODE 0.10 AND ONWARDS
BINDINGS / WRAPS
JS STANDARD LIBRARY
USER APPLICATIONS
V8 OPENSSL LIBUV …
34. LIBUV, NODE AND EVERYTHING IN BETWEEN
LIBUV: THE EVENT LOOP
REMEMBER?
35. LIBUV, NODE AND EVERYTHING IN BETWEEN
NODE EVENT LOOP
COALESCED, 1 NODE
TIMER != 1 LIBUV
TIMER
RUN
ON A CHECK + IDLE
HANDLE
NEXT TICK CALLBACKS RUN FROM
NODE::MAKECALLBACK
36. LIBUV, NODE AND EVERYTHING IN BETWEEN
ONION ARCHITECTURE (TM)
net.Socket
TCPWrap
uv_tcp_t
Socket._handle
TCPWrap.handle_
fd / HANDLE