Lucid Software's lessons learned about architecture at the Utah Java User Group. 15 minute presentation by Derrick Isaacson, Director of Engineering, on sharding, session state, typed JavaScript, and ORMs.
Azure Table Storage: The Good, the Bad, the Ugly (10 min. lightning talk)Sirar Salih
This document discusses Azure Table Storage, including its pros and cons. It provides examples of how to connect to Azure Table Storage, insert, query, update and delete entities from tables, as well as upload, download and delete blobs. It also discusses performance tests showing it can handle high volumes of data insertion and querying. While easy to set up and use, it lacks some database operations and may not be optimal for all mobile apps compared to Azure Easy Tables.
The presentation describes how to do Oracle ATG Queries
Please find more details in my article: software-engineering-101.com/2016/07/12/atg-repository-queries
This document provides an overview of AJAX (Asynchronous JavaScript and XML), including its history, how it works, examples of request and response phases, and advantages and disadvantages. AJAX allows for asynchronous updating of parts of a web page without reloading the entire page. It uses technologies like JavaScript, XML, DOM, and CSS to speed up interactions and provide a more responsive user experience similar to desktop applications.
This document provides tips and hints for working with various ATG components, including Form Handlers, Droplets, Repositories, Services, and more. It discusses best practices for using these components, common issues that may arise, and examples of how to implement the components correctly. The document is meant to help developers optimize and troubleshoot their use of ATG.
MongoDB is popular choise for data persistence which had no support for ACID transactions up until v4. Even having such support, transactions incurs higher performance cost and can lead to deadlocks.
In this talk I will explain challenges of achieving data consistency in systems that does not support AСID transactions, how to communicate state changes in a reliable manner and the approach to ensure eventual consistency of data with examples in C#.
The document discusses Entity Framework, an ORM tool from Microsoft. It provides an agenda that will cover what Entity Framework is, how to create an entity model, how to query the model using LINQ and Entity SQL, examples of insert, update and delete operations, and benefits and drawbacks of Entity Framework. Key topics include mapping objects to a relational database, generating entity classes from an existing database, and performing CRUD operations through LINQ queries or Entity SQL.
Azure Table Storage: The Good, the Bad, the Ugly (10 min. lightning talk)Sirar Salih
This document discusses Azure Table Storage, including its pros and cons. It provides examples of how to connect to Azure Table Storage, insert, query, update and delete entities from tables, as well as upload, download and delete blobs. It also discusses performance tests showing it can handle high volumes of data insertion and querying. While easy to set up and use, it lacks some database operations and may not be optimal for all mobile apps compared to Azure Easy Tables.
The presentation describes how to do Oracle ATG Queries
Please find more details in my article: software-engineering-101.com/2016/07/12/atg-repository-queries
This document provides an overview of AJAX (Asynchronous JavaScript and XML), including its history, how it works, examples of request and response phases, and advantages and disadvantages. AJAX allows for asynchronous updating of parts of a web page without reloading the entire page. It uses technologies like JavaScript, XML, DOM, and CSS to speed up interactions and provide a more responsive user experience similar to desktop applications.
This document provides tips and hints for working with various ATG components, including Form Handlers, Droplets, Repositories, Services, and more. It discusses best practices for using these components, common issues that may arise, and examples of how to implement the components correctly. The document is meant to help developers optimize and troubleshoot their use of ATG.
MongoDB is popular choise for data persistence which had no support for ACID transactions up until v4. Even having such support, transactions incurs higher performance cost and can lead to deadlocks.
In this talk I will explain challenges of achieving data consistency in systems that does not support AСID transactions, how to communicate state changes in a reliable manner and the approach to ensure eventual consistency of data with examples in C#.
The document discusses Entity Framework, an ORM tool from Microsoft. It provides an agenda that will cover what Entity Framework is, how to create an entity model, how to query the model using LINQ and Entity SQL, examples of insert, update and delete operations, and benefits and drawbacks of Entity Framework. Key topics include mapping objects to a relational database, generating entity classes from an existing database, and performing CRUD operations through LINQ queries or Entity SQL.
Kick your database_to_the_curb_reston_08_27_19confluent
This document discusses using Kafka Streams interactive queries to enable powerful microservices by making stream processing results queryable in real-time. It provides an overview of Kafka Streams, describes how to embed an interactive query server to expose stateful stream processing results via HTTP endpoints, and demonstrates how to securely query processing state from client applications.
This document provides an overview of the AutoCAD 2006 API and how developers can transition applications to use the new .NET interface. It discusses porting existing code, leveraging new features, and the advantages of the .NET platform. Key topics include using transactions instead of Open/Close, nesting transactions, and interoperability between .NET, COM, ObjectARX, and LISP. The document also provides guidance on .NET programming concepts, settings for managed C++ extensions, and accessing unmanaged code via platform invoke.
The document discusses various topics related to Entity Framework (EF) and ORM usage in .NET development. It provides a brief history of ORM tools for .NET, examines common developer opinions on EF, discusses some performance and other technical issues with EF, and provides tips and examples for optimizing EF usage and queries. The document aims to help .NET developers understand both the benefits and challenges of using an ORM like EF in their projects.
Scaling with Scala: refactoring a back-end service into the mobile ageDragos Manolescu
Services built with 20th century programming languages are reaching their scalability limits. The global interpreter lock and the lack of an asynchronous programming model are becoming barriers to accommodating the numbers of users typical of today's mobile as well as web worlds. In this talk I cover the transition of a back-end service to Scala and the changes associated with it. The improved performance and cost savings of the Scala implementation free up resources that could be better leveraged elsewhere.
V8 is Google's open source JavaScript engine that is used in Chrome and Node.js. It uses several optimization techniques like hidden classes, inline caching, and TurboFan to improve JavaScript performance. V8 first parses JavaScript into an AST, then compiles it into bytecode which is executed by the Ignition bytecode interpreter or optimized by TurboFan into machine code using techniques like hidden classes to optimize property access and inline caching to optimize function calls.
Using the Tooling API to Generate Apex SOAP Web Service ClientsDaniel Ballinger
Presentation from Dreamforce 2014 on using the Tooling API to create increased support for calling SOAP based web services using WSDLs to generate Apex.
The document discusses using Ajax and XML to build a weather widget. It explains the basic anatomy of an Ajax pattern involving a trigger, operation, and update. It then covers using the XMLHttpRequest object to make requests to a weather.com REST service and parse the XML response to display weather data.
Cache is King: Get the Most Bang for Your Buck From RubyMolly Struve
Sometimes your fastest queries can cause the most problems. I will take you beyond the slow query optimization and instead zero in on the performance impacts surrounding the quantity of your datastore hits. Using real world examples dealing with datastores such as Elasticsearch, MySQL, and Redis, I will demonstrate how many fast queries can wreak just as much havoc as a few big slow ones. With each example I will make use of the simple tools available in Ruby to decrease and eliminate the need for these fast and seemingly innocuous datastore hits.
HyperBatch is a new interface that allows batch jobs in Salesforce to run much faster by processing jobs in parallel instead of serially. Using HyperBatch, three example batch jobs that previously took a total of 88 minutes to complete were able to finish in just 4 minutes, an over 90% reduction. HyperBatch leverages browser orchestration, parallel remote actions, and JavaScript polling to chunk batch jobs into parallel executions that can complete over 20 times faster than the traditional Apex Database.Batchable interface.
HyperBatch is a new interface that allows batch jobs in Salesforce to run much faster by processing jobs in parallel instead of serially. Using HyperBatch, three example batch jobs that previously took a total of 88 minutes to complete were able to finish in just 4 minutes, an over 90% reduction. HyperBatch leverages browser orchestration, parallel remote actions, and JavaScript polling to chunk batch jobs into parallel executions that can complete over 20 times faster than the traditional Apex Database.Batchable interface.
This presentation gives a small but concrete glimpse of reverse engineering and the overview of immunity Dbg is small as it is a practical thing the more you use it the more you will be familiar with it.
Here's an example of how to code with Riak using cURL and ruby to do a basic PUT, GET and more. We then index the data using Apache Solr integration.
No matter what platform we’re discussing, we’re beyond the view of rows and columns. Data is more diverse than ever. More difficult to parse. Here is some of that story.
Scripting and Automation within the MAX Platform - Mark Petrie MAXfocus
The document discusses scripting and automation capabilities in GFI MAX RemoteManagement. It provides an overview of scripting concepts, how scripts can be used for monitoring checks and automated maintenance tasks, and examples of built-in and custom scripts. The document also covers best practices for writing scripts, including using command line arguments, interacting with the file system, registry, applications, and returning results.
Cassandra Day Chicago 2015: Building Java Applications with Apache CassandraDataStax Academy
Speaker(s): Tim Berglund, Global Director of Training at DataStax
So you’re a JVM developer, you understand Cassandra’s architecture, and you’re on your way to knowing its data model well enough to build descriptive data models that perform well. What you need now is to know the Java Driver.
What seems like an inconsequential library that proxies your application’s queries to your Cassandra cluster is actually a sophisticated piece of code that solves a lot of problems for you that early Cassandra developers had to code by hand. Come to this session to see features you might be missing and examples of how to use the Java driver in real applications.
OrigoDB is an in-memory database toolkit that allows writing and data to exist in the same process. It uses write-ahead command logging and snapshots for persistence. The document discusses OrigoDB's architecture, data modeling approaches, testing strategies, hosting options, and configuration capabilities like different persistence modes and kernels. It provides examples of using OrigoDB for various applications and demonstrates its immutability and server capabilities.
Join us as we build a complete streaming application with KSQL. There will be plenty of hands-on action, plus a description of our thought process and design choices along the way. Look out for advice on best practices and handy tips and tricks as we go. This is part 2 out of 3 in the Empowering Streams through KSQL series.
The code from the talk is available here: https://gist.github.com/rmoff/7efa882dfd808dbab4eb7b8e6f9eda16.
"JS: the right way" by Mykyta SemenistyiBinary Studio
The document discusses various topics related to JavaScript including vanilla JS, frameworks, performance, object-oriented programming, functional programming, and web workers. Some key points include:
- Vanilla JS refers to plain JavaScript without any frameworks or libraries. It discusses variable hoisting and coercion.
- Frameworks like jQuery were introduced to improve cross-browser compatibility but newer browsers support many DOM methods directly.
- Performance optimization includes caching loop variables, using forEach instead of for-in, and avoiding premature optimization.
- Functional programming concepts like currying, memoization and pure functions are discussed along with array methods and utility libraries.
- Web workers allow long-running scripts without blocking the UI thread and
«ReactiveCocoa и MVVM» — Николай Касьянов, SoftWeare-Legion
В докладе расскарывается тема использования функционально-реактивного подхода для разработки iOS- и Mac-приложений, его достоинства и недостатки. Также рассказано об использовании паттерна Model-View-View Model для улучшения архитектуры и повышения тестируемости GUI-кода.
Device-specific Clang Tooling for Embedded SystemsemBO_Conference
This document discusses using Clang tooling to refactor raw memory accesses in embedded C code to be type-safe and readable. It involves parsing a CMSIS SVD file to get the device memory map, writing AST matchers to find raw memory accesses, and generating fix-its to refactor the accesses. The tool is implemented as a Clang-tidy check for static analysis and refactoring at compile-time. Challenges include handling cases where register offsets cannot be evaluated statically and designing the tools to work with existing code patterns.
The document discusses several technical topics related to threads, performance, and craftsmanship. It provides details on the CAP theorem, space-time tradeoffs, and balancing throughput versus latency. It also examines the differences between heavy, medium, and light weight processes and threads. The document summarizes the key components of Java threads, discusses when threads should wait, and provides tips on getting promoted such as solving your boss's biggest challenges. It encourages developing simpler code, using parallel I/O operations, and not assuming that older technologies are not still useful.
This document discusses common security anti-patterns and cargo cult programming practices related to cryptography. It describes how using cryptographic primitives incorrectly or for the wrong purposes can significantly weaken security. For example, using non-cryptographic random number generators, reusing initialization vectors, or rolling your own encryption when libraries are available. The document advocates identifying true security goals, using the correct cryptographic primitive, and relying on proven libraries instead of writing custom crypto code whenever possible.
More Related Content
Similar to UJUG 2013 Architecture Roundup with Lucid Software
Kick your database_to_the_curb_reston_08_27_19confluent
This document discusses using Kafka Streams interactive queries to enable powerful microservices by making stream processing results queryable in real-time. It provides an overview of Kafka Streams, describes how to embed an interactive query server to expose stateful stream processing results via HTTP endpoints, and demonstrates how to securely query processing state from client applications.
This document provides an overview of the AutoCAD 2006 API and how developers can transition applications to use the new .NET interface. It discusses porting existing code, leveraging new features, and the advantages of the .NET platform. Key topics include using transactions instead of Open/Close, nesting transactions, and interoperability between .NET, COM, ObjectARX, and LISP. The document also provides guidance on .NET programming concepts, settings for managed C++ extensions, and accessing unmanaged code via platform invoke.
The document discusses various topics related to Entity Framework (EF) and ORM usage in .NET development. It provides a brief history of ORM tools for .NET, examines common developer opinions on EF, discusses some performance and other technical issues with EF, and provides tips and examples for optimizing EF usage and queries. The document aims to help .NET developers understand both the benefits and challenges of using an ORM like EF in their projects.
Scaling with Scala: refactoring a back-end service into the mobile ageDragos Manolescu
Services built with 20th century programming languages are reaching their scalability limits. The global interpreter lock and the lack of an asynchronous programming model are becoming barriers to accommodating the numbers of users typical of today's mobile as well as web worlds. In this talk I cover the transition of a back-end service to Scala and the changes associated with it. The improved performance and cost savings of the Scala implementation free up resources that could be better leveraged elsewhere.
V8 is Google's open source JavaScript engine that is used in Chrome and Node.js. It uses several optimization techniques like hidden classes, inline caching, and TurboFan to improve JavaScript performance. V8 first parses JavaScript into an AST, then compiles it into bytecode which is executed by the Ignition bytecode interpreter or optimized by TurboFan into machine code using techniques like hidden classes to optimize property access and inline caching to optimize function calls.
Using the Tooling API to Generate Apex SOAP Web Service ClientsDaniel Ballinger
Presentation from Dreamforce 2014 on using the Tooling API to create increased support for calling SOAP based web services using WSDLs to generate Apex.
The document discusses using Ajax and XML to build a weather widget. It explains the basic anatomy of an Ajax pattern involving a trigger, operation, and update. It then covers using the XMLHttpRequest object to make requests to a weather.com REST service and parse the XML response to display weather data.
Cache is King: Get the Most Bang for Your Buck From RubyMolly Struve
Sometimes your fastest queries can cause the most problems. I will take you beyond the slow query optimization and instead zero in on the performance impacts surrounding the quantity of your datastore hits. Using real world examples dealing with datastores such as Elasticsearch, MySQL, and Redis, I will demonstrate how many fast queries can wreak just as much havoc as a few big slow ones. With each example I will make use of the simple tools available in Ruby to decrease and eliminate the need for these fast and seemingly innocuous datastore hits.
HyperBatch is a new interface that allows batch jobs in Salesforce to run much faster by processing jobs in parallel instead of serially. Using HyperBatch, three example batch jobs that previously took a total of 88 minutes to complete were able to finish in just 4 minutes, an over 90% reduction. HyperBatch leverages browser orchestration, parallel remote actions, and JavaScript polling to chunk batch jobs into parallel executions that can complete over 20 times faster than the traditional Apex Database.Batchable interface.
HyperBatch is a new interface that allows batch jobs in Salesforce to run much faster by processing jobs in parallel instead of serially. Using HyperBatch, three example batch jobs that previously took a total of 88 minutes to complete were able to finish in just 4 minutes, an over 90% reduction. HyperBatch leverages browser orchestration, parallel remote actions, and JavaScript polling to chunk batch jobs into parallel executions that can complete over 20 times faster than the traditional Apex Database.Batchable interface.
This presentation gives a small but concrete glimpse of reverse engineering and the overview of immunity Dbg is small as it is a practical thing the more you use it the more you will be familiar with it.
Here's an example of how to code with Riak using cURL and ruby to do a basic PUT, GET and more. We then index the data using Apache Solr integration.
No matter what platform we’re discussing, we’re beyond the view of rows and columns. Data is more diverse than ever. More difficult to parse. Here is some of that story.
Scripting and Automation within the MAX Platform - Mark Petrie MAXfocus
The document discusses scripting and automation capabilities in GFI MAX RemoteManagement. It provides an overview of scripting concepts, how scripts can be used for monitoring checks and automated maintenance tasks, and examples of built-in and custom scripts. The document also covers best practices for writing scripts, including using command line arguments, interacting with the file system, registry, applications, and returning results.
Cassandra Day Chicago 2015: Building Java Applications with Apache CassandraDataStax Academy
Speaker(s): Tim Berglund, Global Director of Training at DataStax
So you’re a JVM developer, you understand Cassandra’s architecture, and you’re on your way to knowing its data model well enough to build descriptive data models that perform well. What you need now is to know the Java Driver.
What seems like an inconsequential library that proxies your application’s queries to your Cassandra cluster is actually a sophisticated piece of code that solves a lot of problems for you that early Cassandra developers had to code by hand. Come to this session to see features you might be missing and examples of how to use the Java driver in real applications.
OrigoDB is an in-memory database toolkit that allows writing and data to exist in the same process. It uses write-ahead command logging and snapshots for persistence. The document discusses OrigoDB's architecture, data modeling approaches, testing strategies, hosting options, and configuration capabilities like different persistence modes and kernels. It provides examples of using OrigoDB for various applications and demonstrates its immutability and server capabilities.
Join us as we build a complete streaming application with KSQL. There will be plenty of hands-on action, plus a description of our thought process and design choices along the way. Look out for advice on best practices and handy tips and tricks as we go. This is part 2 out of 3 in the Empowering Streams through KSQL series.
The code from the talk is available here: https://gist.github.com/rmoff/7efa882dfd808dbab4eb7b8e6f9eda16.
"JS: the right way" by Mykyta SemenistyiBinary Studio
The document discusses various topics related to JavaScript including vanilla JS, frameworks, performance, object-oriented programming, functional programming, and web workers. Some key points include:
- Vanilla JS refers to plain JavaScript without any frameworks or libraries. It discusses variable hoisting and coercion.
- Frameworks like jQuery were introduced to improve cross-browser compatibility but newer browsers support many DOM methods directly.
- Performance optimization includes caching loop variables, using forEach instead of for-in, and avoiding premature optimization.
- Functional programming concepts like currying, memoization and pure functions are discussed along with array methods and utility libraries.
- Web workers allow long-running scripts without blocking the UI thread and
«ReactiveCocoa и MVVM» — Николай Касьянов, SoftWeare-Legion
В докладе расскарывается тема использования функционально-реактивного подхода для разработки iOS- и Mac-приложений, его достоинства и недостатки. Также рассказано об использовании паттерна Model-View-View Model для улучшения архитектуры и повышения тестируемости GUI-кода.
Device-specific Clang Tooling for Embedded SystemsemBO_Conference
This document discusses using Clang tooling to refactor raw memory accesses in embedded C code to be type-safe and readable. It involves parsing a CMSIS SVD file to get the device memory map, writing AST matchers to find raw memory accesses, and generating fix-its to refactor the accesses. The tool is implemented as a Clang-tidy check for static analysis and refactoring at compile-time. Challenges include handling cases where register offsets cannot be evaluated statically and designing the tools to work with existing code patterns.
Similar to UJUG 2013 Architecture Roundup with Lucid Software (20)
The document discusses several technical topics related to threads, performance, and craftsmanship. It provides details on the CAP theorem, space-time tradeoffs, and balancing throughput versus latency. It also examines the differences between heavy, medium, and light weight processes and threads. The document summarizes the key components of Java threads, discusses when threads should wait, and provides tips on getting promoted such as solving your boss's biggest challenges. It encourages developing simpler code, using parallel I/O operations, and not assuming that older technologies are not still useful.
This document discusses common security anti-patterns and cargo cult programming practices related to cryptography. It describes how using cryptographic primitives incorrectly or for the wrong purposes can significantly weaken security. For example, using non-cryptographic random number generators, reusing initialization vectors, or rolling your own encryption when libraries are available. The document advocates identifying true security goals, using the correct cryptographic primitive, and relying on proven libraries instead of writing custom crypto code whenever possible.
Prisoner's Dilemma and Service-oriented ArchitecturesDerrick Isaacson
Moving to a service-oriented architecture solves problems like fate sharing, coupling, and scaling. It also brings the complexity of a “partially up/partially down” system, with nodes regularly getting sick or otherwise partitioned.
Learn what the Prisoner’s Dilemma teaches us about building a partition tolerant system. Hear how the CAP theorem (consistency, availability, and partition tolerance) helps the architect make intelligent trade-offs. See real examples from Google, Amazon, and others of building highly available distributed systems.
This document summarizes REST (Representational State Transfer) and some of its key principles. It discusses the simplicity of single component services, distributed system architectures like RPC and distributed file/data stores. It also covers the uniform interface of REST, including methods, headers, status codes, content negotiation, and authentication. The document notes that REST emphasizes a uniform interface between components to distinguish it from other network-based styles.
See common anti-patterns for securing web applications and how to correct them. Learn how to differentiate between authentication, authorization, secrecy, integrity, non-repudiation, and other security goals.
Examples include how:
* a theoretical "secret" banking request is corrupted to pad an attacker's bank account,
* an insecure "session" authentication token is attacked, and
* a "random" XSRF value gives a false sense of security.
Correct principles and patterns are analyzed and compared with common incorrect ones.
Presented at OpenWest 2014
It has been observed that "A distributed system is at best a necessary evil, evil because of the extra complexity." Multiple nodes computing on inconsistent state with regular communication failures present entirely different challenges than those computer science students face in the classroom writing DFS algorithms. The past 30 years have seen some interesting theories and architectures to deal with these complexities in what we now call "cloud computing". Some researchers worked on "distributed memory" and others built "remote procedure calls". More commercially successful architectures of late have popularized ideas like the CAP theorem, distributed caches, and REST.
Using examples from companies like Amazon and Google this presentation walks through some practical tips to evolve your service-oriented architecture. Google's Chubby service demonstrates how you can take advantage of CAP's "best effort availability" options and Amazon's "best effort consistency" services show the other end of the spectrum. Practical lessons learned from Lucidchart's forays into SOA share insight through quantitative analyses on how to make your system highly available.
See common anti-patterns for securing web applications and how to correct them. Learn how to differentiate between authentication, authorization, secrecy, integrity, non-repudiation, and other security goals.
Examples include how:
* a theoretical "secret" banking request is corrupted to pad an attacker's bank account,
* an insecure "session" authentication token is attacked, and
* a "random" XSRF value gives a false sense of security.
Correct principles and patterns are analyzed and compared with common incorrect ones.
Scaling Web Services with Evolvable RESTful APIs - JavaOne 2013Derrick Isaacson
Presentation given at JavaOne 2013 by Derrick Isaacson, Director of Development for Lucid Software, makers of Lucidchart. The presentation explains how the uniform interface of REST creates evolvable, versioned APIs. The presentation includes many examples and code snippets using Scala & Play.
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
Conversational agents, or chatbots, are increasingly used to access all sorts of services using natural language. While open-domain chatbots - like ChatGPT - can converse on any topic, task-oriented chatbots - the focus of this paper - are designed for specific tasks, like booking a flight, obtaining customer support, or setting an appointment. Like any other software, task-oriented chatbots need to be properly tested, usually by defining and executing test scenarios (i.e., sequences of user-chatbot interactions). However, there is currently a lack of methods to quantify the completeness and strength of such test scenarios, which can lead to low-quality tests, and hence to buggy chatbots.
To fill this gap, we propose adapting mutation testing (MuT) for task-oriented chatbots. To this end, we introduce a set of mutation operators that emulate faults in chatbot designs, an architecture that enables MuT on chatbots built using heterogeneous technologies, and a practical realisation as an Eclipse plugin. Moreover, we evaluate the applicability, effectiveness and efficiency of our approach on open-source chatbots, with promising results.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...Alex Pruden
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
Discover top-tier mobile app development services, offering innovative solutions for iOS and Android. Enhance your business with custom, user-friendly mobile applications.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframePrecisely
Inconsistent user experience and siloed data, high costs, and changing customer expectations – Citizens Bank was experiencing these challenges while it was attempting to deliver a superior digital banking experience for its clients. Its core banking applications run on the mainframe and Citizens was using legacy utilities to get the critical mainframe data to feed customer-facing channels, like call centers, web, and mobile. Ultimately, this led to higher operating costs (MIPS), delayed response times, and longer time to market.
Ever-changing customer expectations demand more modern digital experiences, and the bank needed to find a solution that could provide real-time data to its customer channels with low latency and operating costs. Join this session to learn how Citizens is leveraging Precisely to replicate mainframe data to its customer channels and deliver on their “modern digital bank” experiences.
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
Essentials of Automations: Exploring Attributes & Automation ParametersSafe Software
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
"Choosing proper type of scaling", Olena SyrotaFwdays
Imagine an IoT processing system that is already quite mature and production-ready and for which client coverage is growing and scaling and performance aspects are life and death questions. The system has Redis, MongoDB, and stream processing based on ksqldb. In this talk, firstly, we will analyze scaling approaches and then select the proper ones for our system.
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...Jason Yip
The typical problem in product engineering is not bad strategy, so much as “no strategy”. This leads to confusion, lack of motivation, and incoherent action. The next time you look for a strategy and find an empty space, instead of waiting for it to be filled, I will show you how to fill it in yourself. If you’re wrong, it forces a correction. If you’re right, it helps create focus. I’ll share how I’ve approached this in the past, both what works and lessons for what didn’t work so well.
10. Don’t DDOS Yourself
• Use RESTful principles for correct status codes
(5xx vs 4xx) so clients know when to rety.
• Use correct headers:
• Retry-After: 120
12. Typed (JavaScript) Code Pays
Off
• Static type checking
• Unused value detection
• Dead code removal
• Syntax validation
• Style warnings
• JS pitfalls detection
13. Beware ORMs
Anorm is Not an Object Relational Mapper
What does a framework really need?
• Paremeterized queries
• Simpler API than JDBC
• Control over your queries
1. Scaling a global web application: LucidchartSurvey captured data from customers in 107 countries with a combined 3.42 years in the Lucidchart document editor.
http://pstandsfor.blogspot.com/2012/02/house.html
Scala & Play Framework
See AWS Docs & RFC 2104Used by the Play Framework, AWS, IPsec, TLS, and many other protocols, services, and frameworks.
Shard everything. Dbs are almost impossible to scale horizontally when not sharded. You may be going along fine, then one day "bang" you hit a tipping point and your db no longer can handle the load. Sharding gives you options.Pick your shard keys very carefully. Once you have chosen a shard key, it is very difficult to change (sharding on documentid in mongo is an example of where we messed that up and it is killing us right now)
Single page apps make lots of ajax calls. Make sure those calls are done in a way such that if a failure occurs, it doesn't turn around and try again immediately and indefinitely (don't DDOS yourself with your own javascript client).
Actors are a great way to introduce concurrency without introducing tons of bugs. We added a lot of concurrency to the PDF service and haven't had concurrency related issues (not typically the case when adding concurrency by managing threads).
Typed client code pays off (google closure).
Beware of ORMs generally. They tend to create terrible queries that do lots of joins which should be avoided whenever possible. Tools like Anorm allow us to write our own queries. SQL is a domain specific language: do we really need a domain specific language as an abstraction over SQL?
Beware of MVC frameworks that do a lot of magic: while they reduce the amount of code to be written, they can introduce security holes (form binds to a model that saves to the db, but a malicious user can add param to the form, post it and modify other fields in the table that you didn't intend the user to be able to modify)
Beware of MVC frameworks that do a lot of magic: while they reduce the amount of code to be written, they can introduce security holes (form binds to a model that saves to the db, but a malicious user can add param to the form, post it and modify other fields in the table that you didn't intend the user to be able to modify)