Swift is Apple's language for the future, and in this presentation we'll cover a brief history of the Swift language, what advantages Swift has for today's microprocessors, and where it is going in the future.
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/1GHc3rO.
Alex Blewitt introduces the history behind Swift, why it was created, how it differs from Objective-C and how Swift is compiled and executed under the covers. Alex goes into details about how LLVM is used, the way that memory is managed, how objects are laid out, and a prediction of the way Swift and Objective-C will evolve over time. Filmed at qconlondon.com.
Dr Alex Blewitt has over 20 years of experience in Objective-C and has been using Apple frameworks since NeXTSTEP 3.0. He upgraded his NeXTstation for a TiBook when Apple released Mac OS X in 2001 and has been developing on it ever since. He is author of the recently published Swift Essentials.
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/1SJ7PSV.
Alex Blewitt talks about Swift, the open source released in December 2015 and available on Linux as well as OSX and iOS. He looks at the open-source project, how applications and libraries can be built for both platforms, the differences between the different builds and how Swift works under the hood. Filmed at qconlondon.com.
Alex Blewitt has over 20 years of experience in Objective-C and has been using Apple frameworks since NeXTSTEP 3.0. He currently works for a financial company in London and writes for the online technology news site InfoQ, as well as other books for Packt Publishing. He also has a number of apps on the App Store through Bandlem Limited.
Walking the Bifrost: An Operator's Guide to Heimdal & Kerberos on macOSCody Thomas
Kerberos on macOS with and without Active Directory (AD). Where are attacks possible in Kerberos and how does the LKDC (Local Key Distribution Center) come into play.
Presented at Objective By The Sea (OBTS) 3.0 in Maui, Hawaii March 2020
Bash-ing brittle indicators: Red teaming mac-os without bash or pythonCody Thomas
Objective by the Sea v2.0 2019
How to do red team operations without relying on bash or python. Introduces a few new tools along-side the Apfell framework:
HealthInspector: https://github.com/its-a-feature/HealthInspector
Orchard: https://github.com/its-a-feature/Orchard
KeytabParser: https://github.com/its-a-feature/KeytabParser
Apfell: https://github.com/its-a-feature/Apfell
Real time applications are here and users expecting that Real time data is part of UX. What are your options for building RTA with Symfony2/PHP? Slides from Symfony Camp Ukraine.
"WTF is Twisted? (or; owl amongst the ponies)" is a talk that introduces the Twisted asynchronous programming framework, how it works, and what uses it.
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/1GHc3rO.
Alex Blewitt introduces the history behind Swift, why it was created, how it differs from Objective-C and how Swift is compiled and executed under the covers. Alex goes into details about how LLVM is used, the way that memory is managed, how objects are laid out, and a prediction of the way Swift and Objective-C will evolve over time. Filmed at qconlondon.com.
Dr Alex Blewitt has over 20 years of experience in Objective-C and has been using Apple frameworks since NeXTSTEP 3.0. He upgraded his NeXTstation for a TiBook when Apple released Mac OS X in 2001 and has been developing on it ever since. He is author of the recently published Swift Essentials.
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/1SJ7PSV.
Alex Blewitt talks about Swift, the open source released in December 2015 and available on Linux as well as OSX and iOS. He looks at the open-source project, how applications and libraries can be built for both platforms, the differences between the different builds and how Swift works under the hood. Filmed at qconlondon.com.
Alex Blewitt has over 20 years of experience in Objective-C and has been using Apple frameworks since NeXTSTEP 3.0. He currently works for a financial company in London and writes for the online technology news site InfoQ, as well as other books for Packt Publishing. He also has a number of apps on the App Store through Bandlem Limited.
Walking the Bifrost: An Operator's Guide to Heimdal & Kerberos on macOSCody Thomas
Kerberos on macOS with and without Active Directory (AD). Where are attacks possible in Kerberos and how does the LKDC (Local Key Distribution Center) come into play.
Presented at Objective By The Sea (OBTS) 3.0 in Maui, Hawaii March 2020
Bash-ing brittle indicators: Red teaming mac-os without bash or pythonCody Thomas
Objective by the Sea v2.0 2019
How to do red team operations without relying on bash or python. Introduces a few new tools along-side the Apfell framework:
HealthInspector: https://github.com/its-a-feature/HealthInspector
Orchard: https://github.com/its-a-feature/Orchard
KeytabParser: https://github.com/its-a-feature/KeytabParser
Apfell: https://github.com/its-a-feature/Apfell
Real time applications are here and users expecting that Real time data is part of UX. What are your options for building RTA with Symfony2/PHP? Slides from Symfony Camp Ukraine.
"WTF is Twisted? (or; owl amongst the ponies)" is a talk that introduces the Twisted asynchronous programming framework, how it works, and what uses it.
Reid Wightman's presentation at AppSec DC 2012. Reid provides background and the lates on Digital Bond's Project Basecamp. New PLC exploit modules include a Stuxnet-type attack on the Modicon Quantum.
ISTIO is one of big trends these days. Red Hat will support Service Mesh from OpenShift 4.0. This presentation contains interactive demo using chat application.
Alberto Maria Angelo Paro - Isomorphic programming in Scala and WebDevelopmen...Codemotion
Scala is the only language that can be used to produce code that can be "trans/compiled" for the JVM, in Javascript and in native binary. This allows to write libraries that are usable in JVM and JS using the power of functional programming (i.e. cats, scalaz), generic programming (i.e. shapeless) and macro/scalameta available in Scala. In this talk, we will see how to write a Scala application backend and a SPA (scala.js/scala-js-react) that share the same code as a business logic, datamodels and transparent API call (JVM/JS) in Scala (via autowire/akka-http/circe).
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...Hackito Ergo Sum
Today most networks present one “gateway” to the whole network – The SSL-VPN. A vector that is often overlooked and considered “secure”, we decided to take apart an industry leading SSL-VPN appliance and analyze it to bits to thoroughly understand how secure it really is. During this talk we will examine the internals of the F5 FirePass SSL-VPN Appliance. We discover that even though many security protections are in-place, the internals of the appliance hides interesting vulnerabilities we can exploit. Through processes ranging from reverse engineering to binary planting, we decrypt the file-system and begin examining the environment. As we go down the rabbit hole, our misconceptions about “security appliances” are revealed.
Using a combination of web vulnerabilities, format string vulnerabilities and a bunch of frustration, we manage to overcome the multiple limitations and protections presented by the appliance to gain a remote unauthenticated root shell. Due to the magnitude of this vulnerability and the potential for impact against dozens of fortune 500 companies, we contacted F5 and received one of the best vendor responses we’ve experienced – EVER!
https://www.hackitoergosum.org
One Shellcode to Rule Them All: Cross-Platform ExploitationQuinn Wilton
As the internet of things becomes less a buzzword, and more a reality, we're noticing that it's growing increasingly common to see embedded software which runs across different architectures -whether that's the same router firmware running across different models, or the operating system for a smart TV being used by different manufacturers. In a world where even your toaster might have internet access, we suspect that the ability to write cross-platform shellcode is going transition from being a merely neat trick, to a viable tool for attackers.
Writing cross-platform shellcode is tough, but there's a few techniques you can use to simplify the problem. We discuss one such method, which we used to great success during the DEFCON CTF qualifiers this year.
Presented by Tinfoil Security founder Michael Borohovski and engineer Shane Wilton at Secuinside 2014, in Seoul.
https://www.tinfoilsecurity.com/blog/cross-platform-exploitation
Reid Wightman's presentation at AppSec DC 2012. Reid provides background and the lates on Digital Bond's Project Basecamp. New PLC exploit modules include a Stuxnet-type attack on the Modicon Quantum.
ISTIO is one of big trends these days. Red Hat will support Service Mesh from OpenShift 4.0. This presentation contains interactive demo using chat application.
Alberto Maria Angelo Paro - Isomorphic programming in Scala and WebDevelopmen...Codemotion
Scala is the only language that can be used to produce code that can be "trans/compiled" for the JVM, in Javascript and in native binary. This allows to write libraries that are usable in JVM and JS using the power of functional programming (i.e. cats, scalaz), generic programming (i.e. shapeless) and macro/scalameta available in Scala. In this talk, we will see how to write a Scala application backend and a SPA (scala.js/scala-js-react) that share the same code as a business logic, datamodels and transparent API call (JVM/JS) in Scala (via autowire/akka-http/circe).
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...Hackito Ergo Sum
Today most networks present one “gateway” to the whole network – The SSL-VPN. A vector that is often overlooked and considered “secure”, we decided to take apart an industry leading SSL-VPN appliance and analyze it to bits to thoroughly understand how secure it really is. During this talk we will examine the internals of the F5 FirePass SSL-VPN Appliance. We discover that even though many security protections are in-place, the internals of the appliance hides interesting vulnerabilities we can exploit. Through processes ranging from reverse engineering to binary planting, we decrypt the file-system and begin examining the environment. As we go down the rabbit hole, our misconceptions about “security appliances” are revealed.
Using a combination of web vulnerabilities, format string vulnerabilities and a bunch of frustration, we manage to overcome the multiple limitations and protections presented by the appliance to gain a remote unauthenticated root shell. Due to the magnitude of this vulnerability and the potential for impact against dozens of fortune 500 companies, we contacted F5 and received one of the best vendor responses we’ve experienced – EVER!
https://www.hackitoergosum.org
One Shellcode to Rule Them All: Cross-Platform ExploitationQuinn Wilton
As the internet of things becomes less a buzzword, and more a reality, we're noticing that it's growing increasingly common to see embedded software which runs across different architectures -whether that's the same router firmware running across different models, or the operating system for a smart TV being used by different manufacturers. In a world where even your toaster might have internet access, we suspect that the ability to write cross-platform shellcode is going transition from being a merely neat trick, to a viable tool for attackers.
Writing cross-platform shellcode is tough, but there's a few techniques you can use to simplify the problem. We discuss one such method, which we used to great success during the DEFCON CTF qualifiers this year.
Presented by Tinfoil Security founder Michael Borohovski and engineer Shane Wilton at Secuinside 2014, in Seoul.
https://www.tinfoilsecurity.com/blog/cross-platform-exploitation
Blocks is a cool concept and is very much needed for performance improvements and responsiveness. GCD helps run blocks effortlessly by scheduling on a desired queue, priority and lots more.
Игорь Фесенко "Direction of C# as a High-Performance Language"Fwdays
There are a lot of upcoming performance changes in .NET. Starting from code generation (JIT, AOT) and optimizations that can be performed by the compiler (inlining, flowgraph & loop analysis, dead code elimination, SIMD, stack allocation and so on). In this talk we will cover some features of C# 7 are going towards making low level optimization.
I will share not only how we can improve performance with the next version of .NET, but how we can do it today using different techniques and tools like Roslyn analyzers, Channels (Push based Streams), System.Slices, System.Buffers and System.Runtime.CompilerServices.Unsafe.
Infinit's C++ coroutine-based asynchronous framework has been the fundamental brick on top of which the peer-to-peer POSIX-compliant file system has been built.
Swift Install Workshop - OpenStack Conference Spring 2012Joe Arnold
OpenStack Swift is a highly-available distributed object storage
system which supports highly concurrent workloads. Swift is the
backbone behind Cloud Files, Rackspace's storage-as-a-service
offering.
In this workshop, which will be hosted by members of SwiftStack, Inc.,
we'll walk you through deployment and use of OpenStack Swift. We'll
begin by showing you how to install Swift from the ground up.
You'll learn:
- what you should know about Swift's architecture
- how to bootstrap a basic Swift installation
After that, we'll cover how to use Swift, including information on:
- creating accounts and users
- adding, removing, and managing data
- building applications on top of Swift
Bring your laptop (with virutalization extensions enabled in the BIOS)
and we will walk through setting up Swift in a virtual machine. We'll
also build an entire application on top of Swift to illustrate how to
use Swift as a storage service. This is a workshop you won't want to
miss!
Agenda:
The Linux kernel has multiple "tracers" built-in, with various degrees of support for aggregation, dynamic probes, parameter processing, filtering, histograms, and other features. Starting from the venerable ftrace, introduced in kernel 2.6, all the way through eBPF, which is still under development, there are many options to choose from when you need to statically instrument your software with probes, or diagnose issues in the field using the system's dynamic probes. Modern tools include SystemTap, Sysdig, ktap, perf, bcc, and others. In this talk, we will begin by reviewing the modern tracing landscape -- ftrace, perf_events, kprobes, uprobes, eBPF -- and what insight into system activity these tools can offer. Then, we will look at specific examples of using tracing tools for diagnostics: tracing a memory leak using low-overhead kmalloc/kfree instrumentation, diagnosing a CPU caching issue using perf stat, probing network and block I/O latency distributions under load, or merely snooping user activities by capturing terminal input and output.
Speaker:
Sasha is the CTO of Sela Group, a training and consulting company based in Israel that employs over 400 developers world-wide. Most of Sasha's work revolves around performance optimization, production debugging, and low-level system diagnostics, but he also dabbles in mobile application development on iOS and Android. Sasha is the author of two books and three Pluralsight courses, and a contributor to multiple open-source projects. He blogs at http://blog.sashag.net.
Custom CI/CD pipelines often don’t adapt well to existing platforms. OCluster is a cluster management system that’s currently deployed on thousands of cores powering various CI systems for the OCaml community. It composes recognized software components, from snapshotting filesystems to containers and virtualization management, in order to provide a lightweight and highly portable execution environment across operating systems and architectures. In this talk, we’ll present OCluster use cases, and how it fits into the OCurrent framework.
I think this presentation about Adapteva's Parallella is one of the most comprehensive till now. Feel free to use it. I gave this talk on 10th Dec 2014 at Cloud Research Lab, Ericsson AB, Lund, Sweden.
For the full video of this presentation, please visit:
https://www.embedded-vision.com/platinum-members/intel/embedded-vision-training/videos/pages/may-2017-embedded-vision-summit-pisarevsky
For more information about embedded vision, please visit:
http://www.embedded-vision.com
Vadim Pisarevsky, Software Engineering Manager at Intel, presents the "Making OpenCV Code Run Fast" tutorial at the May 2017 Embedded Vision Summit.
OpenCV is the de facto standard framework for computer vision developers, with a 16+ year history, approximately one million lines of code, thousands of algorithms and tens of thousands of unit tests. While OpenCV delivers decent performance out-of-the-box for some classical algorithms on desktop PCs, it lacks sufficient performance when using some modern algorithms, such as deep neural networks, and when running on embedded platforms. Pisarevsky examines current and forthcoming approaches to performance optimization of OpenCV, including the existing OpenCL-based transparent API, newly added support for OpenVX, and early experimental results using Halide.
He demonstrates the use of the OpenCL-based transparent API on a popular CV problem: pedestrian detection. Because OpenCL does not provide good performance-portability, he explores additional approaches. He discusses how OpenVX support in OpenCV accelerates image processing pipelines and deep neural network execution. He also presents early experimental results using Halide, which provides a higher level of abstraction and ease of use, and is being actively considered for future support in OpenCV.
Infinit's reactor C++ framework allows developers to program in a natural way without having to deal with complex thread-based flows that decrease maintainability and efficiency.
Static PIE, How and Why - Metasploit's new POSIX payload: MettleBrent Cook
This talk discusses methods for building and injecting position-independent payloads into ELF processes. It also introduces Metasploit's new POSIX payload 'mettle' and outlines goals and future directions for Unix and Linux exploitation with Metasploit.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Swift 2 Under the Hood - Gotober 2015
1. Dr Alex Blewitt @alblueSwift 2 Under the Hood
Swift 2 Under the Hood
2. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
▸ About This Talk
• Overview
• Where did Swift come from?
• What makes Swift fast?
• Where is Swift going?
• Alex Blewitt @alblue
• NeXT owner and veteran Objective-C programmer
• Author of Swift Essentials http://swiftessentials.org
Based on Swift 2.1,
the public release in
December 2015
3. Dr Alex Blewitt @alblueSwift 2 Under the Hood
Where did Swift
come from?
4. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Pre-history
• Story starts in 1983 with Objective-C
• Created as a Smalltalk like runtime on top of C
• NeXT licensed Objective-C in 1988
• NextStep released in 1989 (and NS prefix)
• Apple bought NeXT in 1996
• OSX Server in 1999
• OSX 10.0 Beta in 2000, released in 2001
5. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Objective-C
• Originally implemented as a pre-processor for C
• Rewrote Objective-C code as C code
• Enhanced and merged into GCC
• Compiler integrated under GPL
• Runtime libraries open source (and GNUStep)
http://www.opensource.apple.com/source/
objc4/objc4-208/runtime/objc.h
/*
* Copyright (c) 1999 Apple Computer, Inc. All rights reserved.
* objc.h
* Copyright 1988-1996, NeXT Software, Inc.
*/
6. Dr Alex Blewitt @alblueSwift 2 Under the Hood
Timeline
C
1972
Objective-C
1983
Smalltalk
1972
Objective-C
2.0 2007
C++
1983
C++07
2007
C++11
2011
C++14
2014
LLVM 1.0
2003
Clang 1.0
2009
Swift 1.0
2014
Static dispatch
Dynamic dispatch
Swift 2.1
2015
7. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
A lot has changed …
• CPU speed has risen for most of the prior decades
• Plateaued about 3GHz for desktops
• Mobile devices still rising; around 1-2GHz today
• More performance has come from more cores
• Most mobiles have dual-core, some have more
• Mobiles tend to be single-socket/single CPU
• Memory has not increased as fast
8. Dr Alex Blewitt @alblueSwift 2 Under the Hood
CPU speed
"Computer Architecture: A Quantitive Approach"
Copyright (c) 2011, Elsevier Inc
http://booksite.elsevier.com/9780123838728/
[[objc alloc] init]
9. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Memory latency
• Memory latency is a significant bottleneck
• CPU stores near-level caches for memory
• L1 - per core 64k instruction / 64k data (~1ns)
• L2 - 1-3Mb per CPU (~10ns)
• L3 - 4-8Mb shared with GPU (~50-80ns)
• Main memory 1-2Gb (~180ns)
Numbers based on
the iPhone 6 and
iPhone 6s (A8 and A9)
Core
L1i
L1d
L2
Core
L1i
L1d
L3
10. Dr Alex Blewitt @alblueSwift 2 Under the Hood
Memory latency
AnandTech review of iPhone 6s
http://www.anandtech.com/show/9686/the-apple-iphone-6s-and-
iphone-6s-plus-review/4
L1 Cache
L2 Cache
L3 Cache
Main memory
12. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Why Swift?
• Language features
• Namespaces/Modules
• Reference or Struct value types
• Functional constructs
• Importantly
• Interoperability with Objective-C
• No undefined behaviour or nasal daemons
13. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Modules
• Modules provide a namespace and function partition
• Objective-C
• Foundation, UIKit, SpriteKit
• C wrappers
• Dispatch, simd, Darwin
• Swift
• Swift (automatically imported), Builtin
Builtin provides bindings
with native types e.g.
Builtin.Int256
Darwin provides
bindings with native C
libraries e.g. random()
14. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Types
• Reference types: class (either Swift or Objective-C)
• Value types: struct
• Protocols: provides an interface for values/references
• Extensions: add methods/protocols to existing type
Any
AnyObjectclassstruct
@objc class
NonObjective
CBase
NSObject
15. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Numeric values
• Numeric values are represented as structs
• Copied by value into arguments
• Structs can inherit protocols and extensions
public struct Int : SignedIntegerType, Comparable {
public var value: Builtin.Int64
public static var max: Int { get }
public static var min: Int { get }
}
public struct UInt: UnsignedIntegerType, Comparable {
public var value: Builtin.Int64
public static var max: Int { get }
public static var min: Int { get }
}
sizeof(Int.self) == 8
sizeof(UInt.self) == 8
16. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Protocols
• Most methods are defined as protocols on structs
Any
struct
Int8 UInt8
Comparable
Equatable
Int32 UInt32
IntegerType
Signed
IntegerType
Unsigned
IntegerType
Int UInt
typealias Any protocol<>
17. Dr Alex Blewitt @alblueSwift 2 Under the Hood
What makes
Swift fast?
18. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Memory optimisation
• Contiguous arrays of data vs objects
• NSArray
• Diverse
• Memory fragmentation
• Limited memory load benefits for locality
• Array<…>
• Iteration is more performant over memory
19. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Static and Dynamic?
• Static dispatch (used by C, C++, Swift)
• Function calls are known precisely
• Compiler generates call/callq to direct symbol
• Fastest, and allows for optimisations
• Dynamic dispatch (used by Objective-C, Swift)
• Messages are dispatched through objc_msgSend
• Effectively call(cache["methodName"])
Swift can generate
Objective-C classes
and use runtime
20. Dr Alex Blewitt @alblueSwift 2 Under the Hood
Static Dispatch
a() -> b() -> c()
a b c
Dynamic Dispatch
[a:] -> [b:] -> [c:]
a b c
objc_msgSend objc_msgSend
Optimises
to abc
Cannot be
optimised
21. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
objc_msgSend
• Every Objective-C message calls objc_msgSend
• Hand tuned assembly – fast, but still overhead
40
50
60
70
80
90
100
110
Leopard Snow Leopard Lion Mountain Lion Mavericks Yosemite
107
104
47 47
44
50
Removal of special-
case GC handling
CPU, registers
(_cmd, self),
energy🔋
Non-pointer isa
22. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Optimisations
• Most optimisations rely on inlining
• Instead of a() -> b(), have ab() instead
• Reduces function prologue/epilog (stack/reg spill)
• Reduces branch miss and memory jumps
• May unlock peephole optimisations
• func foo(i:Int) {if i<0 {return}…}
• foo(-1) foo(negative) can be
optimised away completely
Increases code size
23. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Whole Module Optimisation
• Whole Module Optimisation/Link Time Optimisation
• Instead of writing out x86_64 .o files, writes LLVM
• LLVM linker reads all files, optimises
• Can see optimisations where single file cannot
• final methods and data structures can be inlined
• Structs are always final (no subclassing)
• private (same file) internal (same module)
24. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Swift and LLVM
• Swift and clang are both built on LLVM
• Originally stood for Low Level Virtual Machine
• Family of tools (compiler, debugger, linker etc.)
• Abstract assembly language
• Intermediate Representation (IR), Bitcode (BC)
• Infinite register RISC typed instruction set
• Call and return convention agnostic
Bad name, wasn't
really VMs
25. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Swift compile pipeline
• AST - Abstract Syntax Tree representation
• Parsed AST - Types resolved
• SIL - Swift Intermediate Language, high-level IR
• Platform agnostic (Builtin.Word abstracts size)
• IR - LLVM Intermediate Representation
• Platform dependencies (e.g. word size)
• Output formats (assembly, bitcode, library output)
26. Dr Alex Blewitt @alblueSwift 2 Under the Hood
Swift compile pipeline
print("Hello World")
ASTParse Sema AST' SILGen SIL SILOpt IRGen IR LLVM
.o .dylib
27. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Example C based IR
• The ubiquitous Hello World program…
#include <stdio.h>
int main() {
puts("Hello World")
}
@.str = private unnamed_addr constant [12 x i8] ⤦
c"Hello World00", align 1
define i32 @main() #0 {
%1 = call i32 @puts(i8* getelementptr inbounds
([12 x i8]* @.str, i32 0, i32 0))
ret i32 0
}
clang helloWorld.c -emit-llvm -c -S -o -
28. Dr Alex Blewitt @alblueSwift 2 Under the Hood
@.str = private unnamed_addr constant [12 x i8] ⤦
c"Hello World00", align 1
define i32 @main() #0 {
%1 = call i32 @puts(i8* getelementptr inbounds
([12 x i8]* @.str, i32 0, i32 0))
ret i32 0
}
clang helloWorld.c -emit-assembly -S -o -
_main
pushq %rbp
movq %rsp, %rbp
leaq L_.str(%rip), %rdi
callq _puts
xorl %eax, %eax
popq %rbp
retq
.section __TEXT
L_.str: ## was @.str
.asciz "Hello World"
stack management
rdi = &L_.str
puts(rdi)
eax = 0
return(eax)
L_.str = "Hello World"
main function
29. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Advantages of IR
• LLVM IR can still be understood when compiled
• Allows for more accurate transformations
• Inlining across method/function calls
• Elimination of unused code paths
• Optimisation phases that are language agnostic
30. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Example Swift based IR
• The ubiquitous Hello World program…
print("Hello World")
@0 = private unnamed_addr constant [12 x i8] ⤦
c"Hello World00"
define i32 @main(i32, i8**) {
…
call void
@_TFSs5printFTGSaP__9separatorSS10terminatorSS_T_(
%swift.bridge* %6, i8* %17, i64 %18, i64 %19,
i8* %21, i64 %22, i64 %23)
ret i32 0
}
swiftc helloWorld.swift -emit-ir —o -
31. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Name Mangling
• Name Mangling is source → assembly identifiers
• C name mangling: main → _main
• C++ name mangling: main → __Z4mainiPPc
• __Z = C++ name
• 4 = 4 characters following for name (main)
• i = int
• PPc = pointer to pointer to char (i.e. char**)
32. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Swift Name Mangling
• With the Swift symbol
_TFSs5printFTGSaP__9separatorSS10terminatorSS_T_
• _T = Swift symbol
• F = function
• Ss = "Swift" (module, as in Swift.print)
• 5print = "print" (function name)
• TGSaP___ = tuple containing generic array protocol ([protocol<>])
• 9separator = "separator" (argument name)
• SS = Swift.String (special case)
• T_ = empty tuple () (return type)
33. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Swift Name Mangling
• With the Swift symbol
_TFSs5printFTGSaP__9separatorSS10terminatorSS_T_
• _T = Swift symbol
• F = function
• Ss = "Swift" (module, as in Swift.print)
• 5print = "print" (function name)
• TGSaP___ = tuple containing generic array protocol ([protocol<>])
• 9separator = "separator" (argument name)
• SS = Swift.String (special case)
• T_ = empty tuple () (return type)
$ echo "_TFSs5printFTGSaP__9separatorSS10terminatorSS_T_" |
xcrun swift-demangle
Swift.print ([protocol<>],
separator : Swift.String,
terminator : Swift.String) -> ()
34. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Swift Intermediate Language
• Similar to IL, but with some Swift specifics
print("Hello World")
sil_stage canonical
import Builtin
import Swift
import SwiftShims
// main
sil @main : $@convention(c) (Int32,
UnsafeMutablePointer<UnsafeMutablePointer<Int8>>) ->
Int32 {
// function_ref Swift.print (Swift.Array<protocol<>>,
separator : Swift.String, terminator : Swift.String) ->
swiftc helloWorld.swift -emit-sil —o -
35. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Swift vTables
• Method lookup in Swift is like C++ with vTable
class World { func hello() {…} }
sil_stage canonical
import Builtin; import Swift; import SwiftShims
…
sil_vtable World {
// main.World.hello (main.World)() -> ()
#World.hello!1: _TFC4main5World5hellofS0_FT_T_
// main.World.__deallocating_deinit
#World.deinit!deallocator: _TFC4main5WorldD
// main.World.init (main.World.Type)() -> main.World
#World.init!initializer.1: _TFC4main5WorldcfMS0_FT_S0_
}
swiftc helloWorld.swift -emit-sil —o -
36. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
SIL Inspector
• Allows Swift SIL to be inspected
• Available at GitHub
• https://github.com/alblue/SILInspector
37. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
SwiftObject and ObjC
• Swift objects can also be used in Objective-C
• Swift instance in memory has an isa pointer
• Objective-C can call Swift code with no changes
• Swift classes have @objc to use dynamic dispatch
• Reduces optimisations
• Automatically applied when using ObjC
• Protocols, Superclasses
38. Dr Alex Blewitt @alblueSwift 2 Under the Hood
Where is Swift going?
39. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Is Swift swift yet?
• Is Swift as fast as C?
• Wrong question
• Is Swift as fast, or faster than Objective-C?
• As fast or faster than Objective-C
• Can be faster for data/struct processing
• More optimisation possibilities in future
40. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Swift
• Being heavily developed – 3 releases in a year
• Provides a transitional mechanism from ObjC
• Existing libraries/frameworks will continue to work
• Can drop down to native calls when necessary
• Used as replacement language in LLDB
• Future of iOS development?
• Future of server-side development?
41. @alblueDr Alex Blewitt @alblueSwift 2 Under the Hood
Summary
• Swift has a long history coming from LLVM roots
• Prefers static dispatch but also supports objective-c
• Values can be laid out in memory efficiently
• In-lining leads to further optimisations
• Whole-module optimisation will only get better
• Modular compile pipeline allows for optimisations