Post Syndicated from Cliff Robinson original https://www.servethehome.com/pfsense-ce-2-7-2-and-pfsense-plus-23-09-1-released-to-fix-zfs/
Two new dot releases, pfSense CE 2.7.2 and pfSense Plus 23.09.1 are out this week to fix issues related to ZFS and a few other features
The post pfSense CE 2.7.2 and pfSense Plus 23.09.1 Released to Fix ZFS appeared first on ServeTheHome.
Post Syndicated from Vasil Kolev original https://vasil.ludost.net/blog/?p=3471
Голяма лудница ми е, та все не стигам да напиша тия няколко реда (и щяха да останат за равносметката), но държа да кажа:
OpenFest 2023 се случи без мен.
Правих някакви дребни неща, но не съм бил в организацията, нещата се случиха някакси, аз бях там само за да си тествам setup-а за FOSDEM. Да съм честен, най-трудното ми беше да не давам нареждания, щото навикът е страшна работа…
Та, по някое време догодина като направим събрание на фондацията да я предам, ще съм приключил с тая си част от живота. Екип се намира да движи нещата, та съм спокоен 🙂
п.с. по предишната тема за junior администраторите ще пиша отделно.
Post Syndicated from Techmoan original https://www.youtube.com/watch?v=eZHYoBWjEdg
Post Syndicated from Йовко Ламбрев original https://www.toest.bg/sedmitsata-4-9-dekemvri/
Най-важната и тъжна новина от отминаващата седмица е, че според последните резултати от Програмата за международно оценяване на учениците (PISA) вече над 50% от 15-годишните ученици са функционално неграмотни в областите математика и четене. Иначе казано, повече от половината от българските ученици нямат аналитично и критично мислене, не могат да четат с разбиране и да правят логически взаимовръзки, срещат трудности при осмислянето на събития и при решаването на ежедневни проблеми.
Изследването е направено през 2022 г., тоест
Негативната тенденцията е факт от години насам, но последните резултати са най-лошите досега. Контрамерките отдавна са спешни и неотложни, ако не искаме съвсем да задълбаем в дъното.
Във връзка с тази тема навреме идва новият текст на Донка Дойчева-Попова в рубриката ни „Възможното образование“. Когато целият свят е в телефона ни, може би е много по-важно да си зададем въпроса не какво учим, а как. Донка тръгва по стъпките на ученето и как то се превръща в реално знание. Прочетете статията ѝ „Уча се да уча“.
Понеже започнахме с темата „образование и четене“, нека продължим с две книжни събития от столицата. От 5 до 10 декември в НДК се провежда 50-тото юбилейно издание на Софийския международен панаир на книгата, а паралелно с него и 11-тият Софийски международен литературен фестивал. По този повод Антония Апостолова разговаря с проф. Амелия Личева, програмен директор на фестивала. Едно чудесно интервю, което излиза далеч извън рамките на заглавието си „За фестивалите, скандалите и шаблоните в литературата“.
Като стана дума за Коледния панаир на книгата в НДК и съпътстващия го литературен фестивал, да споменем, че кутиите с шоколади в подкрепа на „Тоест“ от специалната ни съвместна серия с „Гайо“ могат да бъдат открити на щанд №432 на FOX book café, а също и на постоянния адрес на тази уютна кафе-книжарница на ул. „Уилям Гладстон“ 32 в София. Отделно може да си купите кутия с шоколади и от чудесното пространство за събития Launchee на партера на ЦУМ, както и директно от онлайн магазина и в рамките на няколко дни тя ще ви бъде доставена до всяка точка на България. Припомняме, че 20 лв. от цената на всяка кутия директно подпомага усилията на „Тоест“ да създава качествена и независима журналистика.
Но да се върнем към статиите в „Тоест“ от тази седмица.
В четвъртата част от поредицата ни за бизнеса ще разгледаме една не съвсем позната, но все по-важна част от българската икономика – финтех. Какво значи финтех, какви проблеми решават финтех компаниите и с какви предизвикателства се сблъскват? Търсим отговорите на тези въпроси заедно с директора на Българската финтех асоциация – Георги Пенев, с когото разговаря Александър Нуцов.
Николета Атанасова се завърна от Украйна преди два месеца, но спомените от преживяното и видяното продължават да вълнуват мислите ѝ. Макар и вече отново в България, тя не спира разговорите си с тамошните си украински познати, не спира и да споделя с читателите на „Тоест“ тревогите им за все по-неясното бъдеще. Не пропускайте чудесния ѝ нов текст от поредицата „Откъси от Украйна“, за да разберете кое е „по-страшно от ракетите“.
И новият материал на Светла Енчева, макар и косвено, е свързан със същата война. В това интервю две бежанки от Русия – ЛГБТ двойка с артистични професии и силна политическа ангажираност – разказват за добрите и лошите последствия от решението си да се установят в България, опитвайки се да се спасят от преследване в своята родина. Държавната агенция за бежанците обаче двукратно отхвърля молбите им за убежище. Въпреки това двете жени вярват, че именно тук, в България, те могат да бъдат свободни.
Почти седем години след основаването си „Да, България!“, една от партиите в „Демократична България“, реши да изостави рефрена „няма ляво, няма дясно“ и най-накрая да се определи – като дясноцентристка. А в европейски план поглежда към ЕНП.
Темата е важна по две причини. Едната е, че партията прави впечатление на определяща посоката на коалицията и това нейно решение скъсява идеологическите отстояния както от единия ѝ коалиционен партньор ДСБ, така и от ЕНП и ГЕРБ. Що се отнася до третата партия в „Демократична България“ – „Зелено движение“, предвид последните промени в лидерството ѝ не е ясно дали тя ще продължава да открива достатъчно допирни точки със своите партньори.
Втората причина е интересна стратегически – обикновено идеологическата оцветка се определя ясно преди формирането на нов политически субект, защото това е основен ориентир за привличане на членска маса. Рискът сега е част от привлечените от 2017 г. насам хора да не припознаят „новата“ посока вдясно. В по-лошия сценарий – дори да се почувстват подведени. Макар в по-голямата си част тези хора вече да са наясно с тенденциите. Но предстои да видим какви вреди и ползи носи това закъсняло самоопределяне.
За по-либерално настроения електорат отдавна е ясно, че в българската политическа палитра няма субект, който истински да се позиционира в този сегмент. Движението за права и свободи само злоупотребява със заглавието си, а на „Продължаваме промяната“ още им е трудно да не изглеждат като случайни политически опортюнисти, особено на фона на недостатъчните усилия за дълготрайно и устойчиво развитие на структури и влияние извън столицата и на национално ниво. Сега и колебливата в либерално отношение „Да, България!“ вече официално изоставя този терен.
Решението може би е прицелено дългосрочно, с поглед в бъдещето, когато лидер на ГЕРБ няма да бъде Бойко Борисов. Иначе, в българската политическа палитра остават белите петна както в либералния център, така и малко вляво от него.
Корабът на властта в новия си троен не-коалиционен вариант минава през някои политически плитчини. И ако не заседне в тях, цялата сглобка ще се закали още повече. Въпросът е в чия полза. По тази тема размишлява Емилия Милчева в тазседмичния си политически анализ, озаглавен „Златните ябълки, партиите стомаси и триъгълникът на властта“.
Само ще цитираме заглавието на колегите от „Дневник“ и ще ви оставим да прочетете цялата статия: „Едно наум: Илияна Йотова бе провъзгласена за „Рицар на годината“ от организация, подражаваща на тамплиерите“.
Приятно четене (и услаждане с шоколади „Гайо & Тоест“, разбира се)!
Post Syndicated from Matt Granger original https://www.youtube.com/watch?v=SoDgLfmAJ88
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2023/12/friday-squid-blogging-influencer-accidentally-posts-restaurant-table-qr-ordering-code.html
Another rare security + squid story:
The woman—who has only been identified by her surname, Wang—was having a meal with friends at a hotpot restaurant in Kunming, a city in southwest China. When everyone’s selections arrived at the table, she posted a photo of the spread on the Chinese social media platform WeChat. What she didn’t notice was that she’d included the QR code on her table, which the restaurant’s customers use to place their orders.
Even though the photo was only shared with her WeChat friends list and not the entire social network, someone—or a lot of someones—used that QR code to add a ridiculous amount of food to her order. Wang was absolutely shocked to learn that “her” meal soon included 1,850 orders of duck blood, 2,580 orders of squid, and an absolutely bonkers 9,990 orders of shrimp paste.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
Post Syndicated from Talks at Google original https://www.youtube.com/watch?v=cxOWEWnUxpk
Post Syndicated from Patrick Kennedy original https://www.servethehome.com/simplynuc-onyx-v9-review-an-intel-core-i9-13900h-nuc/
SimplyNUC has organized a NUC comeback. The SimplyNUC Onyx v9 brings a powerful Intel Core i9-13900H to the familiar NUC form factor
The post SimplyNUC Onyx v9 Review An Intel Core i9-13900H NUC appeared first on ServeTheHome.
Post Syndicated from Brendan Watters original https://blog.rapid7.com/2023/12/08/metasploit-wrap-up-12-8-2023/
Our very own adfoster-r7 has added a new feature that adds module actions, targets, and aliases to the search feature in Metasploit Framework. As we continue to add modules with diverse goals or targets, we’ve found ourselves leaning on these flags more and more recently, and this change will help users better locate the modules that let them do what they want.
Right now, the feature is behind a feature flag as we work out how to make it as user-friendly as possible. If you would like to use it, turn on the feature by running features set hierarchical_search_table true. Please let us know how it works for you!
Authors: Christian Fischer, Ron Bowes, creacitysec, h00die, and random-robbie
Type: Auxiliary
Pull request: #18591 contributed by h00die
Path: gather/owncloud_phpinfo_reader
Description: This adds an auxiliary module for CVE-2023-49103 which can extract sensitive environment variables from ownCloud targets including ownCloud, DB, Redis, SMTP, and S3 credentials.
Authors: Kevin Wang, T1erno, Yiqi Sun, and h00die
Type: Exploit
Pull request: #18578 contributed by h00die
Path: linux/local/docker_cgroup_escape
Description: This adds a new module to exploit CVE-2022-0492, a docker escape for root on the host OS.
linux/upnp/dlink_upnp_msearch_exec exploit module to be more generic and adds an advanced detection logic (check method). The module leverages a command injection vulnerability that exists in multiple D-Link network products, allowing an attacker to inject arbitrary command to the UPnP via a crafted M-SEARCH packet. This also deprecates the modules/exploits/linux/upnp/dlink_dir859_exec_ssdpcgi module, which uses the same attack vector and can be replaced by this updated module.features set hierarchical_search_table true.auxiliary/scanner/snmp/snmp_enum and auxiliary/scanner/snmp/snmp_login module metadata to include metadata references to CVE-1999-0516 (guessable SNMP community string) and CVE-1999-0517 (default/null/missing SNMP community string).You can always find more documentation on our docsite at docs.metasploit.com.
As always, you can update to the latest Metasploit Framework with msfupdate and you can get more details on the changes since the last blog post from GitHub:
If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
commercial edition Metasploit Pro
Post Syndicated from Talks at Google original https://www.youtube.com/watch?v=Uhty3X3_uM8
Post Syndicated from Atulsing Patil original https://aws.amazon.com/blogs/security/2023-iso-and-csa-star-certificates-now-available-with-iso-27001-transition-from-2013-to-2022-version/
Amazon Web Services (AWS) successfully completed a surveillance audit for ISO 9001:2015, 27001:2022, 27017:2015, 27018:2019, 27701:2019, 20000-1:2018, and 22301:2019, and Cloud Security Alliance (CSA) STAR Cloud Controls Matrix (CCM) v4.0. Ernst and Young Certify Point auditors conducted the audit and reissued the certificates on Nov 22, 2023. The objective of the audit was to assess the level of compliance for AWS services and Regions with the requirements of the applicable international standards.
For ISO 27001, we updated our ISO 27001:2013 certification to the 27001:2022 version.
For ISO 9001:2015, 27001:2022, 27017:2015, 27018:2019, 27701:2019, and 22301:2019, we added seven additional AWS services to the scope of this surveillance audit since the last certification issued on May 23, 2023. The seven additional services are:
For 20000-1:2018, we added additional 65 services (including the seven noted previously) to the scope of this surveillance audit since the last certification issued on Dec 13, 2022.
For a full list of AWS services that are certified under ISO and CSA STAR, please see the AWS ISO and CSA STAR Certified page. Customers can also access the certifications in the AWS Management Console through AWS Artifact.
If you have feedback about this post, submit comments in the Comments section below.
Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.
Post Syndicated from BeardedTinker original https://www.youtube.com/watch?v=f5JAO4ruKI0
Post Syndicated from corbet original https://lwn.net/Articles/954018/
It can be instructive to pull down the dog-eared copy of the first edition
of The C Programming Language that many of us still have on our
bookshelves; the language has changed considerably since that book was
published. Many “features” of early C have been left behind, usually for
good reasons, but there is still a lot of code in the wild that is still
using those features. A concerted effort is being made in both the Fedora
and GCC communities to fix that old code and enable some new errors in the
GCC 14 release (which is in
stage 3 of its development cycle and likely to be released by
mid-2024), but a fair amount of work remains to be done.
Post Syndicated from Matt Granger original https://www.youtube.com/watch?v=FoNwAN5ZSmk
Post Syndicated from Geographics original https://www.youtube.com/watch?v=G2JYxuOKruQ
Post Syndicated from Sreenivasa Munagala original https://aws.amazon.com/blogs/big-data/how-fanduel-adopted-a-modern-amazon-redshift-architecture-to-serve-critical-business-workloads/
This post is co-written with Sreenivasa Mungala and Matt Grimm from FanDuel.
In this post, we share how FanDuel moved from a DC2 nodes architecture to a modern Amazon Redshift architecture, which includes Redshift provisioned clusters using RA3 instances, Amazon Redshift data sharing, and Amazon Redshift Serverless.
Part of Flutter Entertainment, FanDuel Group is a gaming company that offers sportsbooks, daily fantasy sports, horse racing, and online casinos. The company operates sportsbooks in a number of US and Canadian states. Fanduel first carved out a niche in the US through daily fantasy sports, such as their most popular fantasy sport: NFL football.
As FanDuel’s business footprint grew, so too did the complexity of their analytical needs. More and more of FanDuel’s community of analysts and business users looked for comprehensive data solutions that centralized the data across the various arms of their business. Their individual, product-specific, and often on-premises data warehouses soon became obsolete. FanDuel’s data team solved the problem of creating a new massive data store for centralizing the data in one place, with one version of the truth. At the heart of this new Global Data Platform was Amazon Redshift, which fast became the trusted data store from which all analysis was derived. Users could now assess risk, profitability, and cross-sell opportunities not only for piecemeal divisions or products, but also globally for the business as a whole.
FanDuel’s first Redshift cluster was launched using Dense Compute (DC2) nodes. This was chosen over Dense Storage (DS2) nodes in order to take advantage of the greater compute power for the complex queries in their organization. As FanDuel grew, so did their data workloads. This meant that there was a constant challenge to scale and overcome contention while providing the performance their user community needed for day-to-day decision-making. FanDuel met this challenge initially by continuously adding nodes and experimenting with workload management (WLM), but it became abundantly obvious that they needed to take a more significant step to meet the needs of their users.
In 2021, FanDuel’s workloads almost tripled since they first started using Amazon Redshift in 2018, and they started evaluating Redshift RA3 nodes vs. DC2 nodes to take advantage of the storage and compute separation and deliver better performance at lower costs. FanDuel wanted to make the move primarily to separate storage and compute, and evaluate data sharing in the hopes of bringing different compute to the data to alleviate user contention on their primary cluster. FanDuel decided to launch a new RA3 cluster when they were satisfied that the performance matched that of their existing DC2 architecture, providing them the ability to scale storage and compute independently.
In 2022, FanDuel shifted their focus to using data sharing. Data sharing allows you to share live data securely across Redshift data warehouses for read and write (in preview) purposes. This means that workloads can be isolated to individual clusters, allowing for a more streamlined schema design, WLM configuration, and right-sizing for cost optimization. The following diagram illustrates this architecture.
To achieve a data sharing architecture, the plan was to first spin up consumer clusters for development and testing environments for their data engineers that were moving key legacy code to dbt. FanDuel wanted their engineers to have access to production datasets to test their new models and match the results from their legacy SQL-based code sets. They also wanted to ensure that they had adequate compute to run many jobs concurrently. After they saw the benefits of data sharing, they spun up their first production consumer cluster in the spring of 2022 to handle other analytics use cases. This was sharing most of the schemas and their tables from the main producer cluster.
FanDuel saw a lot of benefits from the data sharing architecture, where data engineers had access to real production data to test their jobs without impacting the producer’s performance. Since splitting the workloads through a data sharing architecture, FanDuel has doubled their query concurrency and reduced the query queuing, resulting in a better end-to-end query time. FanDuel received positive feedback on the new environment and soon reaped the rewards of increased engineering velocity and reduced performance issues in production after deployments. Their initial venture into the world of data sharing was definitely considered a success.
Given the successful rollout of their first consumer in a data sharing architecture, they looked for opportunities to meet other users’ needs with new targeted consumers. With the assistance of AWS, FanDuel initiated the development of a comprehensive strategy aimed at safeguarding their extract, load, and transform (ELT) jobs. This approach involved implementing workload isolation and allocating dedicated clusters for these workloads, designated as the producer cluster within the data sharing architecture. Simultaneously, they planned to migrate all other activities onto one or more consumer clusters, apart from the existing cluster utilized by their data engineering team.
They spun up a second consumer in the summer of 2022 with the hopes of moving some of their more resource-intensive analytical processes off the main cluster. In order to empower their analysts over time, they had allowed a pattern in which users other than data engineers could create and share their own objects.
As the calendar flipped from 2022 to 2023, several developments changed the landscape of architecture at FanDuel. For one, FanDuel launched their initial event-based streaming work for their sportsbook data, which allowed them to micro-batch data into Amazon Redshift at a much lower latency than their previous legacy batch approach. This allowed them to generate C-Suite revenue reports at a much earlier SLA, which was a big win for the data team, because this was never achieved before the Super Bowl.
FanDuel introduced a new internal KPI called Query Efficiency, a measure to capture the amount of time users spent waiting for their queries to run. As the workload started increasing exponentially, FanDuel also noticed an increase in this KPI, specifically for risk and trading workloads.
Working with AWS Enterprise Support and the Amazon Redshift service team, FanDuel soon realized that the risk and trading use case was a perfect opportunity to move it to Amazon Redshift Serverless. Redshift Serverless offers scalability across dimensions such a data volume changes, concurrent users and query complexity, enabling you to automatically scale compute up or down to manage demanding and unpredictable workloads. Because billing is only accrued while queries are run, it also means that you no longer need to cover costs for compute you’re not utilizing. Redshift Serverless also manages workload management (WLM) entirely, allowing you to focus only on the query monitoring rules (QMRs) you want and usage limits, further limiting the need for you to manage your data warehouses. This adoption also complimented data sharing, where Redshift Serverless endpoints can read and write (in preview) from provisioned clusters during peak hours, offering flexible compute scalability and workload isolation and avoiding the impact on other mission-critical workloads. Seeing the benefits of what Redshift Serverless offers for their risk and trading workloads, they also moved some of their other workloads like business intelligence (BI) dashboards and risk and trading (RT) to a Redshift Serverless environment.
Through a combination of data sharing and a serverless architecture, FanDuel could elastically scale their most critical workloads on demand. Redshift Serverless Automatic WLM allowed users to get started without the need to configure WLM. With the intelligent and automated scaling capabilities of Redshift Serverless, FanDuel could focus on their business objectives without worrying about the data warehouse capacity. This architecture alleviated the constraints of a single predefined Redshift provisioned cluster and reduced the need for FanDuel to manage data warehouse capacity and any WLM configuration.
In terms of cost, Redshift Serverless enabled FanDuel to elegantly handle the most demanding workloads with a pay-as-you-go model, paying only when the data warehouse is in use, along with complete separation of compute and storage.
Having now introduced workload isolation and Redshift Serverless, FanDuel is able to achieve a more granular understanding of each team’s compute requirements without the noise of ELT and contending workloads all in the same environment. This allowed comprehensive analytics workloads to be conducted on consumers with vastly minimized contention while also being serviced with the most cost-efficient configuration possible.
The following diagram illustrates the updated architecture.
FanDuel’s re-architecting efforts for workload isolation with risk and trading (RT) workloads using Redshift data sharing and Redshift Serverless resulted in the most critical business SLAs finishing three times faster, along with an increase in average query efficiency of 55% for overall workloads. These SLA improvements have resulted into an overall saving of tenfold in business cost, and they have been able to deliver business insights to other verticals such as product, commercial, and marketing much faster.
By harnessing the power of Redshift provisioned clusters and serverless endpoints with data sharing, FanDuel has been able to better scale and run analytical workloads without having to manage any data warehouse infrastructure. FanDuel is looking forward to future Amazon partnerships and is excited to embark on a journey of new innovation with Redshift Serverless and continued enhancements such as machine learning optimization and auto scaling.
If you’re new to Amazon Redshift, you can explore demos, other customer stories, and the latest features at Amazon Redshift. If you’re already using Amazon Redshift, reach out to your AWS account team for support, and learn more about what’s new with Amazon Redshift.
Sreenivasa Munagala is a Principal Data Architect at FanDuel Group. He defines their Amazon Redshift optimization strategy and works with the data analytics team to provide solutions to their key business problems.
Matt Grimm is a Principal Data Architect at FanDuel Group, moving the company to an event-based, data-driven architecture using the integration of both streaming and batch data, while also supporting their Machine Learning Platform and development teams.
Luke Shearer is a Cloud Support Engineer at Amazon Web Services for the Data Insight Analytics profile, where he is engaged with AWS customers every day and is always working to identify the best solution for each customer.
Dhaval Shah is Senior Customer Success Engineer at AWS and specializes in bringing the most complex and demanding data analytics workloads to Amazon Redshift. He has more then 20 years of experiences in different databases and data warehousing technologies. He is passionate about efficient and scalable data analytics cloud solutions that drive business value for customers.
Ranjan Burman is an Sr. Analytics Specialist Solutions Architect at AWS. He specializes in Amazon Redshift and helps customers build scalable analytical solutions. He has more than 17 years of experience in different database and data warehousing technologies. He is passionate about automating and solving customer problems with cloud solutions.
Sidhanth Muralidhar is a Principal Technical Account Manager at AWS. He works with large enterprise customers who run their workloads on AWS. He is passionate about working with customers and helping them architect workloads for cost, reliability, performance, and operational excellence at scale in their cloud journey. He has a keen interest in data analytics as well.
Post Syndicated from LGR original https://www.youtube.com/watch?v=wUw2fpJmY8I
Post Syndicated from jake original https://lwn.net/Articles/954092/
Security updates have been issued by Fedora (chromium), Mageia (firefox, thunderbird, and vim), SUSE (kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools- container, virt-operator-container), and Ubuntu (freerdp2, glibc, and tinyxml).
Post Syndicated from The History Guy: History Deserves to Be Remembered original https://www.youtube.com/watch?v=1DJntjY3PPA
By continuing to use the site, you agree to the use of cookies. more information
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.