Slides of my "Rapid JCR applications development with Sling" at ApacheCon EU 2009. Starts like the US 2008 version but uses a different example for the second part.
The Art of Exploiting Unconventional Use-after-free Bugs in Android Kernel by...CODE BLUE
In this talk, we are going to disclose two unconventional Use-after-free kernel bugs on Android we found last year, and introduce the new techniques we used to make these exploits 100% reliable.
The first bug is CVE-2017-0403, which we used to gain root privilege on almost all devices shipped with 3.10 or earlier Linux kernel last year. So far more than 14 million users have successfully rooted their smartphones with this exploit. With this vulnerability, an attacker only can overwrite the freed object at a fixed offset with a pointer to object itself. How to achieve kernel code execution with this bug can be very challenging.To solve the problem, we propose a new method which is using iovec to re-fill the freed object and compromising the pipe subsystem in kernel.In this way we can covert this unusual memory corruption to arbitrary kernel memory overwriting.
The second bug is CVE-2016-6787. The bug is an UAF due to race condition, may corrupt a critical kernel structure, and lead to the kernel crash when scheduler switched context back to attacker's process. So we'll introduce a way to freeze the attacker's process soon after UAF happened ,stop kernel from crashing, and make the exploit reliable.
In summary, this presentation gives out the new techniques of exploiting use-after-free bugs we just found in Android kernel. The ideas of exploitation are fresh, detail of bugs is also never discussed before.
High-Volume Data Collection and Real Time Analytics Using Rediscacois
In this talk, we describe using Redis, an open source, in-memory key-value store, to capture large volumes of data from numerous remote sources while also allowing real-time monitoring and analytics. With this approach, we were able to capture a high volume of continuous data from numerous remote environmental sensors while consistently querying our database for real time monitoring and analytics.
* See more of my work at http://www.codehenge.net
Spark + Parquet In Depth: Spark Summit East Talk by Emily Curtin and Robbie S...Spark Summit
What if you could get the simplicity, convenience, interoperability, and storage niceties of an old-fashioned CSV with the speed of a NoSQL database and the storage requirements of a gzipped file? Enter Parquet.
At The Weather Company, Parquet files are a quietly awesome and deeply integral part of our Spark-driven analytics workflow. Using Spark + Parquet, we’ve built a blazing fast, storage-efficient, query-efficient data lake and a suite of tools to accompany it.
We will give a technical overview of how Parquet works and how recent improvements from Tungsten enable SparkSQL to take advantage of this design to provide fast queries by overcoming two major bottlenecks of distributed analytics: communication costs (IO bound) and data decoding (CPU bound).
Secrets of Performance Tuning Java on KubernetesBruno Borges
Java on Kubernetes may seem complicated, but after a bit of YAML and Dockerfiles, you will wonder what all that fuss was. But then the performance of your app in 1 CPU/1 GB of RAM makes you wonder. Learn how JVM ergonomics, CPU throttling, and GCs can help increase performance while reducing costs.
Building layers of defense for your applicationVMware Tanzu
SpringOne 2021
Session Title: Building Layers of Defense for Your Application Using Spring Security Framework
Speaker: Neha Sardana, Software Developer at BNY Mellon
The Art of Exploiting Unconventional Use-after-free Bugs in Android Kernel by...CODE BLUE
In this talk, we are going to disclose two unconventional Use-after-free kernel bugs on Android we found last year, and introduce the new techniques we used to make these exploits 100% reliable.
The first bug is CVE-2017-0403, which we used to gain root privilege on almost all devices shipped with 3.10 or earlier Linux kernel last year. So far more than 14 million users have successfully rooted their smartphones with this exploit. With this vulnerability, an attacker only can overwrite the freed object at a fixed offset with a pointer to object itself. How to achieve kernel code execution with this bug can be very challenging.To solve the problem, we propose a new method which is using iovec to re-fill the freed object and compromising the pipe subsystem in kernel.In this way we can covert this unusual memory corruption to arbitrary kernel memory overwriting.
The second bug is CVE-2016-6787. The bug is an UAF due to race condition, may corrupt a critical kernel structure, and lead to the kernel crash when scheduler switched context back to attacker's process. So we'll introduce a way to freeze the attacker's process soon after UAF happened ,stop kernel from crashing, and make the exploit reliable.
In summary, this presentation gives out the new techniques of exploiting use-after-free bugs we just found in Android kernel. The ideas of exploitation are fresh, detail of bugs is also never discussed before.
High-Volume Data Collection and Real Time Analytics Using Rediscacois
In this talk, we describe using Redis, an open source, in-memory key-value store, to capture large volumes of data from numerous remote sources while also allowing real-time monitoring and analytics. With this approach, we were able to capture a high volume of continuous data from numerous remote environmental sensors while consistently querying our database for real time monitoring and analytics.
* See more of my work at http://www.codehenge.net
Spark + Parquet In Depth: Spark Summit East Talk by Emily Curtin and Robbie S...Spark Summit
What if you could get the simplicity, convenience, interoperability, and storage niceties of an old-fashioned CSV with the speed of a NoSQL database and the storage requirements of a gzipped file? Enter Parquet.
At The Weather Company, Parquet files are a quietly awesome and deeply integral part of our Spark-driven analytics workflow. Using Spark + Parquet, we’ve built a blazing fast, storage-efficient, query-efficient data lake and a suite of tools to accompany it.
We will give a technical overview of how Parquet works and how recent improvements from Tungsten enable SparkSQL to take advantage of this design to provide fast queries by overcoming two major bottlenecks of distributed analytics: communication costs (IO bound) and data decoding (CPU bound).
Secrets of Performance Tuning Java on KubernetesBruno Borges
Java on Kubernetes may seem complicated, but after a bit of YAML and Dockerfiles, you will wonder what all that fuss was. But then the performance of your app in 1 CPU/1 GB of RAM makes you wonder. Learn how JVM ergonomics, CPU throttling, and GCs can help increase performance while reducing costs.
Building layers of defense for your applicationVMware Tanzu
SpringOne 2021
Session Title: Building Layers of Defense for Your Application Using Spring Security Framework
Speaker: Neha Sardana, Software Developer at BNY Mellon
How Netflix Tunes EC2 Instances for PerformanceBrendan Gregg
CMP325 talk for AWS re:Invent 2017, by Brendan Gregg. "
At Netflix we make the best use of AWS EC2 instance types and features to create a high performance cloud, achieving near bare metal speed for our workloads. This session will summarize the configuration, tuning, and activities for delivering the fastest possible EC2 instances, and will help other EC2 users improve performance, reduce latency outliers, and make better use of EC2 features. We'll show how we choose EC2 instance types, how we choose between EC2 Xen modes: HVM, PV, and PVHVM, and the importance of EC2 features such SR-IOV for bare-metal performance. SR-IOV is used by EC2 enhanced networking, and recently for the new i3 instance type for enhanced disk performance as well. We'll also cover kernel tuning and observability tools, from basic to advanced. Advanced performance analysis includes the use of Java and Node.js flame graphs, and the new EC2 Performance Monitoring Counter (PMC) feature released this year."
Unirest is lightweight HTTP request client libraries available in multiple languages including Java, .NET, Ruby, Node, Objective-C, etc.
https://interviewbubble.com/unirest-java-tutorial/
[若渴]Study on Side Channel Attacks and Countermeasures Aj MaChInE
[投影片錯誤更正] p.43 中間32數字改成64。右上藍色小框64改成63
原本要整理Meltdown與Spectre,但這兩個所利用的硬體行為之後都跟cache side channel有關係,所以閱讀Meltdown與Spectre之餘,就整理了相關cache side channel攻擊與防禦。
回饋問題:
一: 為什麼LLC要切割成LLC slice?
"Modern Intel processors, starting with the Sandy Bridge microarchitecture, use a more complex architecture for the LLC, to improve its performance. The LLC is divided into per-core slices, which are connected by a ring bus. Slices can be accessed concurrently and are effectively separate caches, although the bus ensures that each core can access the full LLC (with higher latency for remote slices)."
二: flush+reload with shared memory pages,為什麼要 flush+reload? 不是可以直接存取到資料?
討論的是共用shared library,洩漏victim使用shared library的情形。
三: RDTSCP ?
可量測執行指令的cycle數。
四: side channel攻擊需要環境運作的程式不能太複雜?
Kuon: 實際案例 embed運作環境並不複雜,e.g. trustzone上可能只運作openSSL。
AJ: 就算在複雜環境,可以找到觸發Victim的特定運算點,也是可以進行觀測。
The IBM POWER10 processor represents the 10th generation of the POWER family of enterprise computing engines. Its performance is a result of both powerful processing cores and high-bandwidth intra- and inter-chip interconnect. POWER10 systems can be configured with up to 16 processor chips and 1920 simultaneous threads of execution. Cross-system memory sharing, through the new Memory Inception technology, and 2 Petabytes of addressing space support an expansive memory system. The POWER10 processing core has been significantly enhanced over its POWER9 predecessor, including a doubling of vector units and the addition of an all-new matrix math engine. Throughput gains from POWER9 to POWER10 average 30% at the core level and three-fold at the socket level. Those gains can reach ten- or twenty-fold at the socket level for matrix-intensive computations.
Devoxx Fr 2022 - Remèdes aux oomkill, warm-ups, et lenteurs pour des conteneu...Jean-Philippe BEMPEL
Mes conteneurs JVM sont en prod, oups ils se font oomkill, oups le démarrage traîne en longueur, oups ils sont lent en permanence. Nous avons vécu ces situations.
Ces problèmes émergent parce qu’un conteneur est par nature un milieu restreint. Sa configuration a un impact sur le process Java, cependant ce process a lui aussi des besoins pour fonctionner.
Il y a un espace entre la heap Java et le RSS : c’est la mémoire off-heap et elle se décompose en plusieurs zones. À quoi servent-elles ? Comment les prendre en compte ?
La configuration du CPU impacte la JVM sur divers aspects : Quelles sont les influences entre le GC et le CPU ? Que choisir entre la rapidité ou la consommation CPU au démarrage ?
Au cours de cette université nous verrons comment diagnostiquer, comprendre et remédier à ces problèmes.
Join operations in Apache Spark is often the biggest source of performance problems and even full-blown exceptions in Spark. After this talk, you will understand the two most basic methods Spark employs for joining DataFrames – to the level of detail of how Spark distributes the data within the cluster. You’ll also find out how to work out common errors and even handle the trickiest corner cases we’ve encountered! After this talk, you should be able to write performance joins in Spark SQL that scale and are zippy fast!
This session will cover different ways of joining tables in Apache Spark.
Speaker: Vida Ha
This talk was originally presented at Spark Summit East 2017.
Threading Made Easy! A Busy Developer’s Guide to Kotlin CoroutinesLauren Yew
Kotlin Coroutines is a powerful threading library for Kotlin, released by JetBrains in 2018. At The New York Times, we recently migrated our core libraries and parts of our News app from RxJava to Kotlin Coroutines. In this talk we’ll share lessons learned and best practices to understand, migrate to, and use Kotlin Coroutines & Flows.
In this presentation, you will learn:
What Coroutines are and how they function
How to use Kotlin Coroutines & Flows (with real world examples and demos)
Where and why you should use Coroutines & Flows in your app
How to avoid the pitfalls of Coroutines
Kotlin Coroutines vs. RxJava
Lessons learned from migrating to Kotlin Coroutines from RxJava in large legacy projects & libraries
By the end of this talk, you will be able to apply Kotlin Coroutines to your own app, run the provided sample code yourself, and convince your team to give Kotlin Coroutines a try!
Managing an OSGi Framework with Apache Felix Web ConsoleFelix Meschberger
Initially created to aid in the simple maintenance of the OSGi framework and the application during the early development of Apache Sling, the Web Console soon attracted interest from the OSGi community. Three years later, the Apache Felix Web Console 3.0 has just been released and provides an extensible console for Web based management of an OSGi framework. This talk will introduce the functionality of the core Web Console as well as some of its existing plugins and the extension points of the Web Console where developers might want to hook up to. To round it up a simple Web Console plugin will be developed and deployed.
Introduction to Container Storage Interface (CSI)Idan Atias
Among the cool stuff we do at Silk, my colleagues and I develop the Silk CSI Plugin for customers who use our system as the storage layer for their Kubernetes workloads.
Before deep diving into the code and as part of my ramp-up on this subject I prepared some slides that cover some basic and important information on this topic.
These slides start by recapping some basic storage principals in containers and Kubernetes, continues with some more advanced use cases (including an "offline demo" of persisting Redis data on EBS volumes), and ends with a detailed information on the CSI solution itself.
IMHO, reviewing these slides can improve your understanding on this matter and can get you started implementing your own CSI plugin.
The main sources of information I used for preparing these slides are:
* Official CSI docs
* Kubernetes Storage Lingo 101 - Saad Ali, Google
* Container Storage Interface: Present and Future - Jie Yu, Mesosphere, Inc.
Oak, the architecture of Apache Jackrabbit 3Jukka Zitting
Apache Jackrabbit is just about to reach the 3.0 milestone based on a new architecture called Oak. Based on concepts like eventual consistency and multi-version concurrency control, and borrowing ideas from distributed version control systems and cloud-scale databases, the Oak architecture is a major leap ahead for Jackrabbit. This presentation describes the Oak architecture and shows what it means for the scalability and performance of modern content applications. Changes to existing Jackrabbit functionality are described and the migration process is explained.
How Netflix Tunes EC2 Instances for PerformanceBrendan Gregg
CMP325 talk for AWS re:Invent 2017, by Brendan Gregg. "
At Netflix we make the best use of AWS EC2 instance types and features to create a high performance cloud, achieving near bare metal speed for our workloads. This session will summarize the configuration, tuning, and activities for delivering the fastest possible EC2 instances, and will help other EC2 users improve performance, reduce latency outliers, and make better use of EC2 features. We'll show how we choose EC2 instance types, how we choose between EC2 Xen modes: HVM, PV, and PVHVM, and the importance of EC2 features such SR-IOV for bare-metal performance. SR-IOV is used by EC2 enhanced networking, and recently for the new i3 instance type for enhanced disk performance as well. We'll also cover kernel tuning and observability tools, from basic to advanced. Advanced performance analysis includes the use of Java and Node.js flame graphs, and the new EC2 Performance Monitoring Counter (PMC) feature released this year."
Unirest is lightweight HTTP request client libraries available in multiple languages including Java, .NET, Ruby, Node, Objective-C, etc.
https://interviewbubble.com/unirest-java-tutorial/
[若渴]Study on Side Channel Attacks and Countermeasures Aj MaChInE
[投影片錯誤更正] p.43 中間32數字改成64。右上藍色小框64改成63
原本要整理Meltdown與Spectre,但這兩個所利用的硬體行為之後都跟cache side channel有關係,所以閱讀Meltdown與Spectre之餘,就整理了相關cache side channel攻擊與防禦。
回饋問題:
一: 為什麼LLC要切割成LLC slice?
"Modern Intel processors, starting with the Sandy Bridge microarchitecture, use a more complex architecture for the LLC, to improve its performance. The LLC is divided into per-core slices, which are connected by a ring bus. Slices can be accessed concurrently and are effectively separate caches, although the bus ensures that each core can access the full LLC (with higher latency for remote slices)."
二: flush+reload with shared memory pages,為什麼要 flush+reload? 不是可以直接存取到資料?
討論的是共用shared library,洩漏victim使用shared library的情形。
三: RDTSCP ?
可量測執行指令的cycle數。
四: side channel攻擊需要環境運作的程式不能太複雜?
Kuon: 實際案例 embed運作環境並不複雜,e.g. trustzone上可能只運作openSSL。
AJ: 就算在複雜環境,可以找到觸發Victim的特定運算點,也是可以進行觀測。
The IBM POWER10 processor represents the 10th generation of the POWER family of enterprise computing engines. Its performance is a result of both powerful processing cores and high-bandwidth intra- and inter-chip interconnect. POWER10 systems can be configured with up to 16 processor chips and 1920 simultaneous threads of execution. Cross-system memory sharing, through the new Memory Inception technology, and 2 Petabytes of addressing space support an expansive memory system. The POWER10 processing core has been significantly enhanced over its POWER9 predecessor, including a doubling of vector units and the addition of an all-new matrix math engine. Throughput gains from POWER9 to POWER10 average 30% at the core level and three-fold at the socket level. Those gains can reach ten- or twenty-fold at the socket level for matrix-intensive computations.
Devoxx Fr 2022 - Remèdes aux oomkill, warm-ups, et lenteurs pour des conteneu...Jean-Philippe BEMPEL
Mes conteneurs JVM sont en prod, oups ils se font oomkill, oups le démarrage traîne en longueur, oups ils sont lent en permanence. Nous avons vécu ces situations.
Ces problèmes émergent parce qu’un conteneur est par nature un milieu restreint. Sa configuration a un impact sur le process Java, cependant ce process a lui aussi des besoins pour fonctionner.
Il y a un espace entre la heap Java et le RSS : c’est la mémoire off-heap et elle se décompose en plusieurs zones. À quoi servent-elles ? Comment les prendre en compte ?
La configuration du CPU impacte la JVM sur divers aspects : Quelles sont les influences entre le GC et le CPU ? Que choisir entre la rapidité ou la consommation CPU au démarrage ?
Au cours de cette université nous verrons comment diagnostiquer, comprendre et remédier à ces problèmes.
Join operations in Apache Spark is often the biggest source of performance problems and even full-blown exceptions in Spark. After this talk, you will understand the two most basic methods Spark employs for joining DataFrames – to the level of detail of how Spark distributes the data within the cluster. You’ll also find out how to work out common errors and even handle the trickiest corner cases we’ve encountered! After this talk, you should be able to write performance joins in Spark SQL that scale and are zippy fast!
This session will cover different ways of joining tables in Apache Spark.
Speaker: Vida Ha
This talk was originally presented at Spark Summit East 2017.
Threading Made Easy! A Busy Developer’s Guide to Kotlin CoroutinesLauren Yew
Kotlin Coroutines is a powerful threading library for Kotlin, released by JetBrains in 2018. At The New York Times, we recently migrated our core libraries and parts of our News app from RxJava to Kotlin Coroutines. In this talk we’ll share lessons learned and best practices to understand, migrate to, and use Kotlin Coroutines & Flows.
In this presentation, you will learn:
What Coroutines are and how they function
How to use Kotlin Coroutines & Flows (with real world examples and demos)
Where and why you should use Coroutines & Flows in your app
How to avoid the pitfalls of Coroutines
Kotlin Coroutines vs. RxJava
Lessons learned from migrating to Kotlin Coroutines from RxJava in large legacy projects & libraries
By the end of this talk, you will be able to apply Kotlin Coroutines to your own app, run the provided sample code yourself, and convince your team to give Kotlin Coroutines a try!
Managing an OSGi Framework with Apache Felix Web ConsoleFelix Meschberger
Initially created to aid in the simple maintenance of the OSGi framework and the application during the early development of Apache Sling, the Web Console soon attracted interest from the OSGi community. Three years later, the Apache Felix Web Console 3.0 has just been released and provides an extensible console for Web based management of an OSGi framework. This talk will introduce the functionality of the core Web Console as well as some of its existing plugins and the extension points of the Web Console where developers might want to hook up to. To round it up a simple Web Console plugin will be developed and deployed.
Introduction to Container Storage Interface (CSI)Idan Atias
Among the cool stuff we do at Silk, my colleagues and I develop the Silk CSI Plugin for customers who use our system as the storage layer for their Kubernetes workloads.
Before deep diving into the code and as part of my ramp-up on this subject I prepared some slides that cover some basic and important information on this topic.
These slides start by recapping some basic storage principals in containers and Kubernetes, continues with some more advanced use cases (including an "offline demo" of persisting Redis data on EBS volumes), and ends with a detailed information on the CSI solution itself.
IMHO, reviewing these slides can improve your understanding on this matter and can get you started implementing your own CSI plugin.
The main sources of information I used for preparing these slides are:
* Official CSI docs
* Kubernetes Storage Lingo 101 - Saad Ali, Google
* Container Storage Interface: Present and Future - Jie Yu, Mesosphere, Inc.
Oak, the architecture of Apache Jackrabbit 3Jukka Zitting
Apache Jackrabbit is just about to reach the 3.0 milestone based on a new architecture called Oak. Based on concepts like eventual consistency and multi-version concurrency control, and borrowing ideas from distributed version control systems and cloud-scale databases, the Oak architecture is a major leap ahead for Jackrabbit. This presentation describes the Oak architecture and shows what it means for the scalability and performance of modern content applications. Changes to existing Jackrabbit functionality are described and the migration process is explained.
TDWI Solution Summit San Diego 2014 Advanced Analytics at Macys.comDaqing Zhao
Big data analytics and traditional BI
Challenges and solutions of big data predictive modeling
Macy’s Advanced Analytics Team
Our analytics projects
Personalized site recommendations
Response propensity models
Best practices of analysts and modeling
The growth of the amount of medical image data produced on a daily basis in modern hospitals forces the adaptation of traditional medical image analysis and indexing approaches towards scalable solutions. In this work, MapReduce is used to speed up and make possible three large–scale medical image processing use–cases: (i) parameter optimization for lung texture classification using support vector machines (SVM), (ii) content–based medical image indexing, and (iii) three–dimensional directional wavelet analysis for solid texture classification.
Effective Web Application Development with Apache SlingRobert Munteanu
Apache Sling is an innovative web framework built on top of the Java Content Repository (JCR), that uses OSGi for its component model and fosters RESTful application design.
This talk shows how Sling integrates various standard-based technologies, like OSGi and the Content Repository API for Java to create a coherent framework for web application development. We will walk through the development of a simple application with minimal effort and demonstrate how to productize the resulting application.
We will pay special attention to some approaches which are not yet part of mainstream development, such as using OSGi for dependecy injection and JCR for persistence.
Sample code: https://github.com/cqsupport/webinar-dispatchercache
Webinar Recording: http://my.adobeconnect.com/p7th2gf8k43/
Optimizing dispatcher cache covering:
Best practices for using the dispatcher
Tips and tricks for improving performance
Common pitfalls to avoid
How to design your site so you get the most out of your Dispatcher
Lars Trieloff's presentation "The Zero Bullshit Architecture" on how not to design your enterprise content centric application. (And tips on how to do it better)
Presentation I gave at JPoint Meetingpoint (in a slight different version) and GotoCon Amsterdam 2012.
How to get your API or service from using the basic REST principles such as verbs and resources to a complete RESTful service that fully supports "Hypermedia as the engine of application state" (HATEOAS).
More info at www.smartjava.org
AEM (CQ) Dispatcher Security and CDN+Browser CachingAndrew Khoury
This presentation cover Adobe AEM Dispatcher security and CDN and browser caching.
This presentation is the second part of a webinar on AEM Dispatcher:
http://dev.day.com/content/ddc/en/gems/dispatcher-caching---new-features-and-optimizations.html
Visit url above to view the whole presentation. Domique Pfister the primary engineer developing AEM Dispatcher covers the first part on new features.
Presentation held at Web Monday Stockholm in March 2008. I am introducing JCR, Sling and the µjax AJAX-based access layer to a JCR repository. The presentation included a demo of a small Dojo application built using the µjax-Dojo-integration.
Presentation held at Web Montag Stockholm, March 2008. Introduction of JCR, Sling and the µjax AJAX-based access layer to a content repository. The presentation includes the demo of the µjax Dojo integration.
µjax is a lightweight AJAX library for accessing content in a Java Content Repository (JCR) over the web. This presentation was given at Web Montag in Berlin, 01-21-2008.
Valtech Days 2009 Paris Presentation: WCM in 2010 and an intro to CQ5David Nuescheler
A fast paced presentation on the evolution of the WCM industry for the coming year and a brief introduction and demo of CQ5 WCM.
(creative commons credits to http://www.flickr.com/photos/ashleighthompson)
David Nuescheler from Day Communique presents at the Valtech Agile Edge in London March 2010.
David presents on trends for the WCM industry in 2010 with regards to Agile Methods.
Slides of my talk at Very Tech Trip 2023, Paris, on what the Web Platform is and how I think it makes JavaScript Web Frameworks obsolete in many cases.
Surviving large online communities with conciseness and clarity Bertrand Delacretaz
Slides of my FOSS Backstage 2022 (remote) talk, https://pretalx.com/foss-backstage-2022/talk/9S3PJE/ - how conciseness & clarity help communicate efficiently in large online communities.
Repoinit: a mini-language for content repository initializationBertrand Delacretaz
Slides of my adaptTo2021 talk on the Apache Sling Repoinit module, https://adapt.to/2021/en/schedule/repoinit-a-mini-language-for-content-repository-initialization.html
The Moving House Model, adhocracy and remote collaborationBertrand Delacretaz
Slides of my February 2021 talk at FOSS Backstage, https://foss-backstage.de
Moving house with the help of a group of friends is an interesting exercise in collective improvisation and coordination. Everybody can help with most of the jobs at hand, so the challenge is to keep people busy in a meaningful way, to make the best use of the physical and intellectual resources available, while keeping people happy and engaged.
Sounds familiar? The Moving House model does apply to other types of group projects, including software development. Adhocracy, Asynchronous Collaboration and a can-do attitude, as practiced in Open Source communities, are key elements that enable groups that have no formal structure to collaborate efficiently and smoothly - like when helping friends moving house.
GraphQL in Apache Sling - but isn't it the opposite of REST?Bertrand Delacretaz
Slides of my talk at ApacheCon @Home 2020 - code at https://github.com/apache/sling-org-apache-sling-graphql-core/ (look for the "sample website") - video recording at https://youtu.be/KTMObGt0YKU
Slides of my talk in the Community track of the ApacheCon @Home 2020 conference. The video will be available on the "TheApacheFoundation" channel on YouTube, https://www.youtube.com/channel/UCLDJ_V9KUOdOFSbDvPfGBxw
Ma présentation à https://www.blendwebmix.com/ 2019
Video: https://youtu.be/eE7YhQpPdcM?t=4560
Dans un monde qui se numérise toujours plus, les logiciels libres sont partout: dans votre téléphone, votre ascenseur, votre voiture, votre banque, etc… plus que jamais, l’Open Source est au coeur de notre monde numérique.
Au-delà de ces contributions très concrètes au bien-être de nos sociétés, les communautés Open Source ont aussi inventé et mis en pratique des techniques de collaboration innovantes, distribuées, asynchrones. Souvent sans chef clairement identifié, ni planification précise, ces groupes de travail informels produisent des logiciels de grande qualité, qui pour certains ont créé des marchés ou révolutionnés les pratiques numériques. Le succès de ces groupes est étonnant quand on le compare aux nombreux projets informatiques ratés dans des groupes beaucoup plus structurés, entreprises ou organismes d’Etat par exemple.
L’Open Source change le monde…vraiment? Tout en gardant les choses en perspective, nous présenterons plusieurs exemples concrets où cela se vérifie, par la création d’outils partagés, la découverte de talents, la diffusion des connaissances et la création de logiciels d’infrastructure qui sont devenus des standards de l’industrie.
Shared Neurons - the Secret Sauce of Open Source communities?Bertrand Delacretaz
Slides of my talk at ApacheCon EU 2019in Berlin, Germany: Shared Neurons - the Secret Sauce of Open Source communities? See also the video recording at https://www.youtube.com/watch?v=pWG-F3vW24w
Open Source communities sometimes speak of Shared Neurons when great ideas come together as if sparked by a giant collective brain. Can we take inspiration from them and foster such neuron sharing in our teams? We will describe the tools and techniques used by successful Open Source projects to "put their brains together", by communicating openly and often, exposing concrete ideas early in prototype code, collaborating asynchronously and deliberately slowing things down to take advantage of unexpected Eureka moments.
Based on years of experiences in multiple Open Source projects, this talk will help you better understand what makes our communities so powerful and how to transpose this in your own teams.
Slides of my "Sling and Serverless, Best Friends Forever?" presentation at adaptTo() 2019, Berlin. A video recording will be available later at https://adapt.to/2019/en/schedule/sling-and-serverless-best-friends-forever.html
They don't understand me! Tales from the multi-cultural trenchesBertrand Delacretaz
Slides from my FOSS Backstage 2018 talk on the difficulties of collaborating in multicultural environments.
A video recording should be available soon.
https://foss-backstage.de/session/they-dont-understand-me-tales-multi-cultural-trenches
Prise de Décisions Asynchrone, Devoxx France 2018 (avec vidéo)Bertrand Delacretaz
Vidéo: https://www.youtube.com/watch?v=xkC4zjtAyRc - c'est la version française de ma présentation sur la Prise de Décisions Asynchrone, enregistrée à Devoxx France 2018.
Slides of my "Asynchronous Decision Making - why and how?" talk at the http://fossbackstage.de/ micro-summit, November 2017
I also gave this talk at FOSDEM 2018, a video recording (with somewhat poor audio unfortunately) is available at https://fosdem.org/2018/schedule/event/community_decision_making_why_how/
There's also a video recording of the French speaking version at devoxx.fr 2018, https://www.youtube.com/watch?v=xkC4zjtAyRc
See also my opensource.com article on the same topic at https://opensource.com/article/17/12/asynchronous-decision-making and a slightly older blog post at https://blogs.apache.org/foundation/entry/success-at-apache-asynchronous-decision
Slides of my talk at the September 2017 adaptTo() conference, Berlin. https://adapt.to/2017/en/schedule/get-the-cattle-out--let-s-build-a-large-scale-sling-rendering-pr.html
Video of that talk at https://www.youtube.com/watch?v=8bH9envZXik
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Rapid JCR applications development with Sling
1. Rapid JCR applications development
with Apache Sling
Bertrand Delacrétaz
Senior R&D Developer, Day Software, www.day.com
Member and Director, ASF
bdelacretaz@apache.org
blog at http:/
/grep.codeconsult.ch
twitter: @bdelacretaz
Slides revision: 2009-03- 20
Slides theme design: David Nuescheler
Wednesday, March 25, 2009
2. Rapid JCR applications development
with Apache Sling
Bertrand Delacrétaz
Senior R&D Developer, Day Software, www.day.com
Member and Director, ASF
bdelacretaz@apache.org
blog at http:/
/grep.codeconsult.ch
twitter: @bdelacretaz
Slides revision: 2009-03- 20
Slides theme design: David Nuescheler
is thi
busy s slide
enou
gh?
Wednesday, March 25, 2009
3. Intro to JCR
JCR = Java Content Repository API
JSR-170 / JSR283
-
Everything Is Content - and JCR manages it as
trees of Nodes and Properties, using rich data
types.
Wednesday, March 25, 2009
4. Intro to JCR
JCR = Java Content Repository API
JSR-170 / JSR283
-
silve
r
Everything Is Content - and JCR manages it as
trees of Nodes and Properties, using rich data
types.
Wednesday, March 25, 2009
5. What’s JCR?
JSR-170
Content Repository for
JavaTM technology API
Spec-Lead:
Day Software
Status:
Final Release 17-jun-2005
Expert Group:
Wednesday, March 25, 2009
6. What’s JCR?
JSR-170 JSR-283
Content Repository for
JavaTM technology API v2.0
Spec-Lead:
Day Software
Status:
Public Review Closed sep-2007
Expert Group:
Wednesday, March 25, 2009
9. What’s JCR?
“The API should be a standard,
implementation independent, way to
access content bi-directionally on a
granular level to a
content repository.”
Wednesday, March 25, 2009
10. What’s JCR?
“The API should be a standard,
implementation independent, way to
access content bi-directionally on a
granular level to a
content repository.” ?
Wednesday, March 25, 2009
11. What’s JCR?
“The API should be a standard,
implementation independent, way to
access content bi-directionally on a
granular level to a
content repository.” ?
Wednesday, March 25, 2009
12. Best of both worlds.
data base file s ys t e m
hier-
archi
integ
rity re es
structu
read streams
tx write access
query locking control
multi-
value
ning
obser- versio
un-structured
“full-text” sort vation
order
content repo sit or y
Wednesday, March 25, 2009
13. Best of both worlds.
data base file s ys t e m
hier-
archi
integ
rity re es
structu
read streams
tx write access
query locking control
multi-
value
ning
obser- versio
un-structured
“full-text” sort vation
order
content repo sit or y
Wednesday, March 25, 2009
15. Known compliant Repositories
* using third party connector
* *
Apache Exo Microsoft OpenText
Jackrabbit Oracle XML DB ECMS Platform Sharepoint Livelink
*
Xythos
Day CRX IBM FileNet P8 Repository Alfresco ECM Vignette V7
* *
any ors
ow mvendd?
H S e
+hun
dre DBMou ne
R do y
Interwoven EMC TCKsds of
regis
Repository IBM CM Documentum tered
Wednesday, March 25, 2009
21. Sling builds on top of JCR
Scriptable applications layer on top of JCR
OSGi-based industrial-strength framework
Simple, powerful, JCR inside
Runs on Apache Jackrabbit by default
http:/
/incubator.apache.org/sling
Wednesday, March 25, 2009
22. Sling builds on top of JCR
Scriptable applications layer on top of JCR
OSGi-based industrial-strength framework
Simple, powerful, JCR inside
Runs on Apache Jackrabbit by default
http:/
/incubator.apache.org/sling
join t
he
fun!
Wednesday, March 25, 2009
24. Sling == REST over JCR
REST -> Roy T. Fielding
scheler
JCR: David Nue
2005
rele a 1.0 r
v ele ased
sed y
162 p 2k +300 pages
ages
Wednesday, March 25, 2009
25. Reclaiming the web.
Sling URL decomposition.
/cars/audi/s4.details.html
Wednesday, March 25, 2009
26. Reclaiming the web.
Sling URL decomposition.
/cars/audi/s4.details.html
Repository
Wednesday, March 25, 2009
27. Reclaiming the web.
Sling URL decomposition.
/cars/audi/s4.details.html
Content
Repository epository Path
R
Wednesday, March 25, 2009
28. Reclaiming the web.
Sling URL decomposition.
/cars/audi/s4.details.html
Content
Repository epository Path
R
Wednesday, March 25, 2009
29. Reclaiming the web.
Sling URL decomposition.
/cars/audi/s4.details.html
Content ...selects a
Repository epository Path
R particular scrip
t
Wednesday, March 25, 2009
30. Sling architecture
HTTP debugger filesystem browser
standard custom servlets WebDAV Sling OSGi
servlets and components server console
javascript
resource servlet/script OSGi bundles
JSR 223
JSP
Ruby
resolution resolution scripting OSGi framework
Velocity
etc..
(Apache Felix)
OSGi webapp
JSR-170 API
JCR
repository
Wednesday, March 25, 2009
31. Sling architecture
HTTP sling.js debugger filesystem browser
utilit y
POST, V
json GE
T WebDA
access
standard custom servlets WebDAV Sling OSGi
servlets and components server console
javascript
resource servlet/script OSGi bundles
JSR 223
JSP
Ruby
resolution resolution scripting OSGi framework
Velocity
etc..
(Apache Felix)
OSGi webapp ESP
de
se r ver-si t
ip JSR-170 API
javascr
JCR
repository
Wednesday, March 25, 2009
32. A minimalone .esp script blog
Consisting of
Sling
cat /Volumes/localhost/apps/blog/blog.esp | wc -l
54
Wednesday, March 25, 2009
33. from
e code :
ge t th ay.com
dev.d url.com/
/tiny 6
ht tp:/ gblog4
slin
A minimalone .esp script blog
Consisting of
Sling
cat /Volumes/localhost/apps/blog/blog.esp | wc -l
54
Wednesday, March 25, 2009
34. Sling POST servlet
# POST to Sling
curl -F title=hello http://localhost:8888/foo
-> 200 OK
# GET created node in json format
curl http:/ /localhost:8888/foo.tidy.json
{
quot;jcr:primaryTypequot;: quot;nt:unstructuredquot;,
quot;titlequot;: quot;helloquot;
}
Wednesday, March 25, 2009
35. Sling POST servlet
# POST to Sling
curl -F title=hello http://localhost:8888/foo
-> 200 OK
POST se t
e ters s
# GET created node in json format param opertie
curl http:/ /localhost:8888/foo.tidy.json node pr
{
quot;jcr:primaryTypequot;: quot;nt:unstructuredquot;,
quot;titlequot;: quot;helloquot;
}
Wednesday, March 25, 2009
37. blog step 1: create content
! <form method=quot;POSTquot;>
! Title:
! <input type=quot;textquot; name=quot;titlequot; style=quot;width:100%quot;/>
!
! Text:
! <textarea style=quot;width:100%quot; name=quot;textquot;></textarea>
!
! <input type=quot;submitquot; value=quot;savequot;/>
!
! <input type=quot;hiddenquot; name=quot;:redirectquot; value=quot;*quot;/>
! </form>
dri ve
fields t
Form onten
the c el
mod
Wednesday, March 25, 2009
38. blog step 2: retrieve content
<script src=quot;/system/sling.jsquot;></script>!
<form method=quot;POSTquot;>
...
</form>
<!-- initialize form fields from current node values -->
<script>Sling.wizard();</script>
Wednesday, March 25, 2009
39. blog step 2: retrieve content
<script src=quot;/system/sling.jsquot;></script>!
<form method=quot;POSTquot;>
...
</form>
<!-- initialize form fields from current node values -->
<script>Sling.wizard();</script>
U(D)
Inst ant CR
Wednesday, March 25, 2009
40. blog step 3: navigation
<ul>
<li>
<a href=quot;/content/blog/*quot;>
[Create new post]</a>
</li>
! <script>
! var posts = Sling.getContent(quot;/content/blogquot;, 2);
! for(var post in posts) {
! ! document.write(
quot;<li><a href=’” + post + quot;'>quot;
+ posts[post].title + quot;</a></li>quot;);
! }
! </script>
</ul>
Wednesday, March 25, 2009
41. we got a blog!
html form + Sling.wizard() + Sling.getContent()
Wednesday, March 25, 2009
42. The ESP blog sample
ESP scripting + java + javascript
OSGi bundle, initial content, WebDAV, observation, RAD
Wednesday, March 25, 2009
43. The ESP blog sample
ESP scripting + java + javascript
OSGi bundle, initial content, WebDAV, observation, RAD
mples
ng/sa /
der sli rl.com
de un inyu
Co
ht tp:/ t logesp
/
slingb
Wednesday, March 25, 2009
44. ESP blog in action
create
retrieve
thumbnails
update
Wednesday, March 25, 2009
47. ESP blog source files
admin.esp pom.xml
edit.esp ThumbnailGeneratorService.java
html.esp ThumbnailGeneratorServiceImpl.java
list.esp
espblog.css
menu.esp
sling-logo.png
xml.esp (RSS feed)
constants.esp source
log re s to
espb oint
header.esp t ype p ripts
those sc
Wednesday, March 25, 2009
48. ESP blog content structure
JSON dump
WebDAV view
Wednesday, March 25, 2009
50. ESP blog thumbnails: OSGi service
/**
* Observe the espblog content for changes, and generate
* thumbnails when images are added.
*
* maven-scr-plugin uses annotations to generate the OSGi
* Declarative Services XML configuration files
* @scr.service
* @scr.component immediate=quot;truequot;
*
*/
public class ThumbnailGeneratorServiceImpl
implements ThumbnailGeneratorService, EventListener {
Wednesday, March 25, 2009
51. ESP blog thumbnails: observation
/** @scr.reference (framework injects it automatically) */
private SlingRepository repository;
/** called by framework when service is activated */
protected void activate(ComponentContext context) {
Session s = repository.loginAdministrative(null);
/ Listen for nt:file NODE_ADDED repository events
/
ObservationManager m =
s.getWorkspace().getObservationManager();
! String[] types = { quot;nt:filequot; };
! m.addEventListener(
this,
Event.NODE_ADDED,
contentPath, ...);
Wednesday, March 25, 2009
52. ESP blog thumbnails: NODE_ADDED
/** Called by JCR Observation manager for events that this
* EventListener registered for
*/
public void onEvent(EventIterator it) {
while (it.hasNext()) {
Event event = it.nextEvent();
if (event.getType() == Event.NODE_ADDED
&& !(event.getPath().contains(quot;thumbnailsquot;)))
{
String p = event.getPath();
Node n = session.getRootNode().getNode(p);
createThumbnails(addedNode);
}
}
...
Wednesday, March 25, 2009
53. We got a typical Sling application!
JCR features: WebDAV,
observation, nt:unstructured.
Sling goodies: simple script
mappings (BYOL), POST servlet, RESTful
interface.
OSGi bundle, code + initial
content, Maven plugins.
Wednesday, March 25, 2009
54. We got a typical Sling application!
JCR features: WebDAV,
observation, nt:unstructured.
Sling goodies: simple script
mappings (BYOL), POST servlet, RESTful
interface.
ource
blog s under
ESP
found es
ode is ampl
OSGi bundle, code + initial c
sling/s
content, Maven plugins.
Wednesday, March 25, 2009
56. Where is Sling going? (aka conclusion)
First web framework designed for JCR.
Embrace the web, act like a very clever
web server!
Intelligent HTTP/JSON storage?
OSGi, organic app growth.
Growing community, graduate
in 2009?
http://incubator.apache.org/sling
http://dev.day.com
http://contentcentric.org/
Wednesday, March 25, 2009
57. Where is Sling going? (aka conclusion)
First web framework designed for JCR.
Embrace the web, act like a very clever
web server!
Intelligent HTTP/JSON storage?
not a web
OSGi, organic app growth. “Sling is s ation a
applic k, it’s
fram e wor
Growing community, graduate ame work”
in 2009? w eb f r
http://incubator.apache.org/sling
http://dev.day.com
join t
hehttp://contentcentric.org/
fun!
Wednesday, March 25, 2009