[$] Two memory-tiering patch sets

Post Syndicated from original https://lwn.net/Articles/898766/

Once upon a time, computers just had one type memory, so memory within
a given system was interchangeable. The arrival of non-uniform
memory access (NUMA) systems complicated the situation significantly; now
some memory was faster to access than the rest, and memory-management
algorithms had to adapt or performance would suffer. But NUMA was just the
start; today’s tiered-memory systems, which may include several tiers of
memory with different performance characteristics, are adding new
challenges. A couple of relevant patch sets currently under review help to
illustrate the types of problems that will have to be solved.

KDE Apps Mid-Year Update (KDE.news)

Post Syndicated from original https://lwn.net/Articles/899167/

Here’s an
update on recent KDE application development on KDE.news:

KStars is probably the most feature-rich free astronomy software around and the 3.5.9
release adds some exciting new features.

HiPS (Hierarchical Progressive Surveys) is a technology that provides
progressive high resolution images of the sky at different zoom
levels. KStars fully supports online HiPS where data is downloaded from
online servers and cached to be displayed on the Sky Map.

Ojeda: Memory Safety for the World’s Largest Software Project

Post Syndicated from original https://lwn.net/Articles/899164/

Miguel Ojeda has posted an
update on the Rust-for-Linux project.

This second year since the RFC we are looking forward to several
milestones which hopefully we will achieve:

  • More users or use cases inside the kernel, including example drivers – this is pretty important to get merged into the kernel.
  • Splitting the kernel crate and managing dependencies to allow better development.
  • Extending the current integration of the kernel documentation, testing and other tools.
  • Getting more subsystem maintainers, companies and researchers involved.
  • Seeing most of the remaining Rust features stabilized.
  • Possibly being able to start compiling the Rust code in the kernel with GCC.
  • And, of course, getting merged into the mainline kernel, which
    should make everything else easier!

API Security: Best Practices for a Changing Attack Surface

Post Syndicated from Ray Cochrane original https://blog.rapid7.com/2022/06/27/api-security-best-practices-for-a-changing-attack-surface/

API Security: Best Practices for a Changing Attack Surface

API usage is skyrocketing. According to the latest State of the API Report, API requests increased by 56% last year to a total of 855 million, and Google says the growth isn’t expected to slow any time soon.

APIs – short for application programming interfaces – are a critical component of how applications are built. They control the type of requests that occur between programs, how requests are made, and the format of those requests.

The huge increase in usage stems from the important role APIs – and web applications more broadly – play in digital transformation. APIs have helped facilitate the transition from monolithic applications to microservices. They’ve enabled businesses to provide user-oriented API-based services for B2B use cases, including automation and integration. And they’re integral to modern web applications, which are no longer just HTML with links but rich user interfaces, built as single-page apps with REST API backends. Nearly every modern application utilizes – or is – an API.

Today, it’s almost impossible to do anything online without interacting with an API. That’s why cyberattacks are increasingly targeting APIs, and they’ve become a large part of the application attack surface.

Why securing APIs is important

APIs are a lucrative target that can allow hackers to gain access to an otherwise secure system and exploit vulnerabilities. Not only do APIs often suffer from the same vulnerabilities as web applications – like broken access controls, injections, security misconfigurations, and vulnerabilities inherited from other dependent code libraries – but they are also more susceptible to resource consumption and rate limiting issues due to the automated nature of their users.

Due to a lack of knowledge in the market, it’s also common that legacy issues from early APIs are carried forward. For example, not all APIs will be fronted by an API gateway, with older APIs sitting in the background with little or no protection simply due to a lack of awareness of them. Many unused APIs will also not have been decommissioned, as newer APIs are produced and replace them as a product evolves, due to a lack of standard process and bad practice. This can leave legacy APIs vulnerable to attacks.

How to secure an API

The first step in securing your APIs is to audit your environment and/or applications to take an inventory of what APIs you have and which ones you’re actually utilizing. Then, you must understand the purpose of each individual API to allow you to validate that it is working as expected. You must also understand the expected behavior of the API to allow identification of threats more readily by being able to capture abnormal activity. Once you have a firm understanding of what the API’s functionality is and what expected behavior is, you can then both manage and test your API more effectively and efficiently.

API management is a key element for API security. APIs not only require the same controls as web apps but also additional controls specific to the API’s unique function. Documentation and version control of APIs is of vital importance, as one product can have multiple APIs – even hundreds or thousands.

Poor management can lead to issues with legacy and defunct APIs, as you will often find that only a small portion of APIs pass through an API gateway. Meanwhile, older APIs – which haven’t been decommissioned, or which teams simply aren’t aware of – can sit in the background with no protection. The probability of known vulnerabilities with older APIs is also significantly higher, which amplifies the risk profile.

The same legacy issues can also lead to coverage gaps, and calls that are outside of an API gateway could leave a blind spot when it comes to intra-API calls. Publishing and clearly defining your API will simplify users’ understanding of the API, allowing them to connect in the most appropriate and effective way. Ensuring your API is appropriately monitored is a key management technique. Continuously undertaking performance checks will allow you to understand if the API is under stress from being overloaded. It can also provide an indication of traffic volumes to monitor usage, potentially gauge malicious activity (via audit logs), and judge whether you need to scale up your operation. Lastly, having a response plan in place for attacks is a vital control in API security, allowing for a rapid but controlled response to potential threats.

There have been many recent examples of API-based attacks, such as those experienced by WordPress – and even on the dating scene with Bumble’s recent vulnerability issues. Some simple but effective steps you can take to secure your API and reduce the risk of such exposures include:

  • Authentication: Do you have a control in place to understand who’s calling your API?
  • Authorization: Should the person calling be able to access this data?
  • Encryption: Have you encrypted your network traffic?
  • Traffic management: Have you set rate limits or thresholds to keep a customer from pulling too much data or running scripts to tie up an API?
  • Audit logging: Effective logging ensures you can understand what normal traffic looks like and allows you to identify abnormal activity.

How to test your API

API testing is still evolving to keep up with the increase in volume and complexity. While manual API security testing can be done with traditional testing tools, and fully automated API security testing is partially supported by most major DAST solutions, there are many open-source tools written for guided API security testing. API testing used in conjunction with proper API management will increase API security.

API testing is most effective when you have a full risk profile of your business – i.e. you are fully aware of all of your APIs (including legacy or defunct APIs) to ensure you have no blindspots that could be exposed or manipulated. Taking time to identify vulnerabilities in API frameworks, your network, configuration, and policy all enhance your API security.

Anticipating threats by understanding expected behavior and having adequate testing in place will allow for proactive coverage and enhanced protection and threat identification.

Finally, you must continuously test your endpoint to ensure protection is maintained at all times and optimum security is in place. The ability to identify and block security risks before they occur is vital in the fight to provide the best protection against threats to your API.

Additional reading:

NEVER MISS A BLOG

Get the latest stories, expertise, and news about security today.

Orchestrating AWS Glue crawlers using AWS Step Functions

Post Syndicated from Benjamin Smith original https://aws.amazon.com/blogs/compute/orchestrating-aws-glue-crawlers-using-aws-step-functions/

This blog post is written by Justin Callison, General Manager, AWS Workflow.

Organizations generate terabytes of data every day in a variety of semistructured formats. AWS Glue and Amazon Athena can give you a simpler and more cost-effective way to analyze this data with no infrastructure to manage. AWS Glue crawlers identify the schema of your data and manage the metadata required to analyze the data in place, without the need to transform this data and load into a data warehouse.

The timing of when your crawlers run and complete is important. You must ensure the crawler runs after your data has updated and before you query it with Athena or analyze with an AWS Glue job. If not, your analysis may experience errors or return incomplete results.

In this blog, you learn how to use AWS Step Functions, a low-code visual workflow service that integrates with over 220 AWS services. The service orchestrates your crawlers to control when they start, confirm completion, and combine them into end-to-end, serverless data processing workflows.

Using Step Functions to orchestrate multiple AWS Glue crawlers, provides a number of benefits when compared to implementing a solution directly with code. Firstly, the workflow provides an instant visual understanding of the application, and any errors that might occur during execution. Step Functions’ ability to run nested workflows inside a Map state helps to decouple and reuse application components with native array iteration. Finally, the Step Functions wait state lets the workflow periodically poll the status of the crawl job, without incurring additional cost for idol wait time.

Deploying the example

With this example, you create three datasets in Amazon S3, then use Step Functions to orchestrate AWS Glue crawlers to analyze the datasets and make them available to query using Athena.

You deploy the example with AWS CloudFormation using the following steps:

  1. Download the template.yaml file from here.
  2. Log in to the AWS Management Console and go to AWS CloudFormation.
  3. Navigate to Stacks -> Create stack and select With new resources (standard).
  4. Select Template is ready and Upload a template file, then Choose File and select the template.yaml file that you downloaded in Step 1 and choose Next.
  5. Enter a stack name, such as glue-stepfunctions-demo, and choose Next.
  6. Choose Next, check the acknowledgement boxes in the Capabilities and transforms section, then choose Create stack.
  7. After deployment, the status updates to CREATE_COMPLETE.

Create your datasets

Navigate to Step Functions in the AWS Management Console and select the create-dataset state machine from the list. This state machine uses Express Workflows and the Parallel state to build three datasets concurrently in S3. The first two datasets include information by user and location respectively and include files per day over the 5-year period from 2016 to 2020. The third dataset is a simpler, all-time summary of data by location.

To create the datasets, you choose Start execution from the toolbar for the create-dataset state machine, then choose Start execution again in the dialog box. This runs the state machine and creates the datasets in S3.

Navigate to the S3 console and view the glue-demo-databucket created for this example. In this bucket, in a folder named data, there are three subfolders, each containing a dataset.

The all-time-location-summaries folder contains a set of JSON files, one for each location.

The daily-user-summaries and daily-location-summaries contain a folder structure with nested folders for each year, month, and date. In addition to making this data easier to navigate via the console, this folder structure provides hints to AWS Glue that it can use to partition this dataset and make it more efficient to query.

Crawling

You now use AWS Glue crawlers to analyze these datasets and make them available to query. Navigate to the AWS Glue console, select Crawlers to see the list of Crawlers that you created when you deployed this example. Select the daily-user-summaries crawler to view details and note that they have tags assigned to indicate metadata such as the datatype of the data and whether the dataset is-partitioned.

Now, return to the Step Functions console and view the run-crawlers-with-tags state machine. This state machine uses AWS SDK service integrations to get a list of all crawlers matching the tag criteria you enter. It then uses the map state and the optimized service integration for Step Functions to execute the run-crawler state machine for each of the matching crawlers concurrently. The run-crawler state machine starts each crawler and monitors status until the crawler completes. Once each of the individual crawlers have completed, the run-crawlers-with-tags state machine also completes.

To initiate the crawlers:

  1. Choose Start execution from the top of the page when viewing the run-crawlers-with-tags state machine
  2. Provide the following as Input
    {"tags": {"datatype": "json"}}
  3. Choose Start execution.

After 2-3 minutes, the execution finishes with a Succeeded status once all three crawlers have completed. During this time, you can navigate to the run-crawler state machine to view the individual, nested executions per crawler or to the AWS Glue console to see the status of the crawlers.

Querying the data using Amazon Athena

Now, navigate to the Athena console where you can see the database and tables created by your crawlers. Note that AWS Glue recognized the partitioning scheme and included fields for year, month, and date in addition to user and usage fields for the data contained in the JSON files.

If you have not used Athena in this account before, you see a message instructing you to set a query result location. Choose View settings -> Manage -> Browse S3 and select the athena-results bucket that you created when you deployed the example. Choose Save then return to the Editor to continue.

You can now run queries such as the following, to calculate the total usage for all users over 5 years.

SELECT SUM(usage) all_time_usage FROM “daily_user_summaries”

You can also add filters, as shown in the following example, which limit results to those from 2016.

SELECT SUM(usage) all_time_usage FROM “daily_user_summaries” WHERE year = ‘2016’

Note this second query scanned only 17% as much data (133 KB vs 797 KB) and completed faster. This is because Athena used the partitioning information to avoid querying the full dataset. While the differences in this example are small, for real-world datasets with terabytes of data, your cost and latency savings from partitioning data can be substantial.

The disadvantage of a partitioning scheme is that new folders are not included in query results until you add new partitions. Re-running your crawler identifies and adds the new partitions and using Step Functions to orchestrate these crawlers makes that task simpler.

Extending the example

You can use these example state machines as they are in your AWS accounts to manage your existing crawlers. You can use Amazon S3 event notifications with Amazon EventBridge to trigger crawlers based on data changes. With the Optimized service integration for Amazon Athena, you can extend your workflows to execute queries against these crawled datasets. And you can use these examples to integrate crawler execution into your end-to-end data processing workflows, creating reliable, auditable workflows from ingestion through to analysis.

Conclusion

In this blog post, you learn how to use Step Functions to orchestrate AWS Glue crawlers. You deploy an example that generates three datasets, then uses Step Functions to start and coordinate crawler runs that analyze this data and make it available to query using Athena.

To learn more about Step Functions, visit Serverless Land.

Security updates for Monday

Post Syndicated from original https://lwn.net/Articles/899158/

Security updates have been issued by Debian (openssl), Fedora (dotnet6.0, mediawiki, and python2.7), Mageia (389-ds-base, chromium-browser-stable, exo, and libtiff), Oracle (httpd:2.4 and microcode_ctl), SUSE (dbus-broker, drbd, kernel, liblouis, mariadb, openssl, openssl-1_1, openSUSE kernel modules, oracleasm, php7, php72, python39, salt, and wdiff), and Ubuntu (linux, linux-hwe, mozjs91, and vim).

New partner program for SMB agencies & hosting partners now in closed beta

Post Syndicated from Dan Hollinger original https://blog.cloudflare.com/self-serve-partners-beta/

New partner program for SMB agencies & hosting partners now in closed beta

A fundamental principle here at Cloudflare has always been that we want to serve everyone – from individual developers to small businesses to large corporations. In the earliest days, we provided services to hosting partners and resellers around the globe, who helped bring Cloudflare to thousands of domains with free caching and DDoS protection for shared infrastructures.

Today, we want to reinforce our commitment to our hosting ecosystem and small business partners that leverage Cloudflare to help bring a better Internet experience to their customers. We’ve been building a robust multi-tenant partner platform that we will begin to open up to everyone searching for a faster, safer, and better Internet experience. This platform will come in the form of a Self Serve Partner program that will allow SMB agencies & hosting partners to create accounts for all their customers under one dashboard, consolidate billing, and provide discounted plans to our partners.

Deprecation of our legacy APIs

To make way for the new, we first must discuss the end-of-life of some of Cloudflare’s earliest APIs. Built and launched in 2011, our Hosting and Optimized Partner Programs allowed our initial CDN and DDoS solutions to expand to brand-new audiences around the globe. These APIs were essential for fueling growth in the earliest days of Cloudflare supporting reseller partners, hosting partners, and external plugins that helped make implementing Cloudflare easier than ever.
On November 1, 2022 – Cloudflare will be discontinuing support for our Host and Reseller APIs. After this date:

  • Management of zones, users, and configurations via the Host or Reseller API will be disabled.
  • Any plugins leveraging these APIs will no longer be functional. This includes our legacy cPanel, Plesk and WHMCS plugins. We recommend partners and users begin to work directly within the Cloudflare dashboard for any future configuration management.
  • Any domains created by these APIs will continue to function and traffic will not be impacted after the depreciation period. Customer traffic will not be impacted during the deprecation, and we’ve been working closely with our partners to ensure these domains are transitioned to customer-management where preferred or migrated when appropriate to the new partner platform.
  • Any active specialized subscriptions will be mapped to our current zone plans.
    We are grateful for all of our earliest partners that trusted Cloudflare to increase the security and improve performance for their customer’s domains. All of our partners still leveraging our APIs should have received a communication with our deprecation schedule and next steps. And if there are any additional questions, they can be directed to [email protected].
New partner program for SMB agencies & hosting partners now in closed beta

Our New Partner Platform

As our solution offering and network grew, these early APIs were not well-equipped to scale with them. Cloudflare has continued to grow its network to over 275 cities and expand well beyond just web performance and security. With a full portfolio of Application Services, Zero Trust Services, Developer and Network solutions, our specialized plans and APIs quickly began to limit our partners instead of empowering them. Cloudflare announced our revamped partner platform a few years ago, and it has since been used with some of our largest integration and service partners supporting our newest SASE and Zero Trust offerings.

Self-serve partnerships in closed beta

With the deprecation of our legacy APIs, we are opening up our Partner Platform to a broader base of partners with a Self-Serve Partner program. Working in tandem with our Self-Serve teams, we’ve been ramping up initial test partners since late last year. Now, we’re excited to announce a path forward for agencies, regional MSPs, and hosting providers that still rely on Cloudflare to help their customers experience a better, faster, and safer Internet:

  • Multi-Tenant Account Support
    • Partners will have the ability to create individual customer accounts and manage individual user access to each one from our dashboard or via our Tenant API.
  • Centralized Self-Serve Billing
    • Partners will have the ability to own self-serve billing across each account with a single billing profile, ensuring subscription management is seamless across every account.

New partner program for SMB agencies & hosting partners now in closed beta

  • Access to full catalog of Cloudflare Self-Serve Products & Add-Ons
    • Every feature and add-on that Cloudflare has built will now be available to self-serve partners via the dashboard and API. End-customers will be able to implement load-balancing, Spectrum for TCP/UDP applications, and Workers for deploying code at the edge. Our partner platform ensures partners and customers are getting the most of their Cloudflare solution.
  • Self-Service Plan Discounting
    • We want to reward our partners for working with us and developing expertise across our solution. As part of our program commitments, we are offering volume discounts across all subscription renewals.
  • No Upfront Commitments
    • We’ve heard from many of you that you enjoy working with Cloudflare, but cannot support some minimums for our Enterprise partner programs. This program is built to help you get started, with no upfront commitments for qualified partners.

Comparing our partner programs

Self-Serve Partner Program New Cloudflare One Partner Program Enterprise Reseller & Services Program
Status Closed Beta Early Access General Access
Tiers N/A N/A Select Advanced Elite
Discount Beta Discount – 20% 25-50% 30-40%
Revenue Commitment No No Yes
Training & Enablement Self-Serve Cloudflare University Specialized Training Cloudflare University Specialized Training In-Person Training
Partner Account Resources No – Self Serve Yes – Tier Dependent Yes – Tier Dependent

Sign Up Now

If you want to start using our partner platform, sign up for the closed beta: we plan to start enabling access throughout this year. We’re looking forward to collecting feedback from each of you and learning how we can improve your end-customers experience with our global platform.

Ain’t seen nothing yet…

Cloudflare’s mission is to help build a better Internet. We know we cannot do that alone, and we treasure all of our partners that have worked with us to accomplish that mission across our technical, channel and alliance relationships. Throughout 2022 and 2023, we look to continue to grow our Partner Platform across a few key areas to make it easier to use and seamless to integrate into your current offering across CDN, DDoS, Zero Trust, Workers and more.

  • Enhanced Partner Dashboard
  • Expanded Zero Trust Bundles for Partners
  • Additional Partner Service Opportunities
  • Select training and other Partner-only benefits

More Information:

Become an Enterprise Partner: Partner Portal

Sign Up for the Self-Serve Partner Program

Reach out to [email protected]

Network performance update: Cloudflare One Week June 2022

Post Syndicated from David Tuber original https://blog.cloudflare.com/network-performance-update-cloudflare-one-week-june-2022/

Network performance update: Cloudflare One Week June 2022

Network performance update: Cloudflare One Week June 2022

In September 2021, we shared extensive benchmarking results of 1,000 networks all around the world. The results showed that on a range of tests (TCP connection time, time to first byte, time to last byte), and on different measures (p95, mean), Cloudflare was the fastest provider in 49% of the top 1,000 networks around the world.

Since then, we’ve expanded our testing to cover not just 1,000 but 3,000 networks, and we’ve worked to continuously improve performance, with the ultimate goal of being the fastest everywhere and an intermediate goal to grow the number of networks where we’re the fastest by at least 10% every Innovation Week. We met that goal Platform Week May 2022), and we’re carrying the work over to Cloudflare One Week (June 2022).

We’re excited to share that Cloudflare has the fastest provider in 1,290 of the top 3,000 most reported networks, up from 1,280 even one month ago during Platform Week.

Measuring what matters

To quantify global network performance, we have to get enough data from around the world, across all manner of different networks, comparing ourselves with other providers. We use Real User Measurements (RUM) to fetch a 100kB file from different providers. Users around the world report the performance of different providers.

The more users who report the data, the higher fidelity the signal is. The goal is to provide an accurate picture of where different providers are faster, and more importantly, where Cloudflare can improve. You can read more about the methodology in the original Speed Week blog post here.

Latest data on network performance

Here’s how the breakdown of the fastest networks looked during Platform Week (May 2022):

Network performance update: Cloudflare One Week June 2022

Here’s how that graph looks now during Cloudflare One Week (June 2022):

Network performance update: Cloudflare One Week June 2022

In addition to being the fastest across popular networks, Cloudflare is also committed to being the fastest provider in every country.

Here’s how the map of the fastest provider by country looked during Platform Week (May 2022):

Network performance update: Cloudflare One Week June 2022

And here’s how that map looks during Cloudflare One Week (June 2022):

Network performance update: Cloudflare One Week June 2022

Cloudflare became faster in more Eastern European countries during this time specifically.

Network performance in a Zero Trust world

A zero trust provider needs to not only secure your users on the public Internet, but it also needs to optimize the public Internet. Moving to Zero Trust doesn’t just reduce the need for corporate networks, it also allows user traffic to flow to resources more naturally.

However, given your Zero Trust provider is going to be the gatekeeper for all your users and all your applications, performance is a critical aspect to evaluate Cloudflare is constantly improving our network to ensure that users always have the best experience, and this comes not just from routing fixes, but also through expanding peering arrangements and adding new locations.

This tireless effort helps make us faster in more networks than anyone else, and allows us to deliver all of our services with high performance that customers expect. We know many organizations are just starting their Zero Trust journey, and that a priority of that project is to improve user experience, and we’re excited to keep obsessing over the performance in our network to make sure your teams have a seamless experience in any location.

Interested in learning more about how our Zero Trust products benefit from these improvements? Check out the full roster of our announcements from Cloudflare One Week.

Identifying content gaps in our documentation

Post Syndicated from Cloudflare original https://blog.cloudflare.com/identifying-content-gaps/

Identifying content gaps in our documentation

Identifying content gaps in our documentation

If you’ve tuned into this blog for long enough, you’ll notice that we’re pretty big on using and stress-testing our own products (“dogfooding”) at Cloudflare.

That applies to our security team, product teams, and – as my colleague Kristian just blogged about – even our documentation team. We’re incredibly excited to be on the Pages platform, both because of the performance and workflow improvements and the opportunity to help the platform develop.

What you probably haven’t heard about is how our docs team uses dogfooding – and data – to improve our documentation.

Dogfooding for docs

As a technical writer, it’s pretty common to do the thing you’re documenting. After all, it’s really hard to write step-by-step instructions if you haven’t been through those steps. It’s also a great opportunity to provide feedback to our product teams.

What’s not as common for a writer, however, is actually using the thing you’re documenting. And it’s totally understandable why. You’re already accountable to your deadlines and product managers, so you might not have the time. You might not have the technical background. And then there’s the whole problem of a real-world use case. If you’re really dedicated, you can set up a personal project… but it’s hard to replicate real-world situations and even harder to simulate real-world motivation.

And that brings me to one of the coolest parts of our docs team. We actually manage the Cloudflare settings for our docs website, developers.cloudflare.com. There’s technical oversight from other teams as needed, but that means we’ve directly been involved in:

When we use our own products, it makes us part of the user journey. We know quite viscerally what it’s like when you accidentally break an internal tool with Bot management… because we’ve done it (and profusely apologized!). We know what it’s like to spend a few hours crafting a Transform Rule and realize that – for a specific use case involving search engine crawlers – we needed a Forwarding Page Rule instead.

Identifying content gaps in our documentation

Using our own products gives us a chance to dogfood our docs as well. We realized that we needed to add a page to the 1.1.1.1 docs because several of us set it up on our home devices and didn’t know whether it was working or not. Same thing with the Cloudflare Tunnel docs. When we use the thing, it’s easier for us to help others use it too.

Data for docs

Beyond our own experience – and even beyond the feedback we get through our open-source content strategy – we also look at quantitative data to identify gaps and potential improvements in our docs.

One of the easiest ways to identify gaps is to look at internal search data. When folks are searching from within our docs, are they leaving to view pages within other Cloudflare content sources (Community, Learning Center, etc.)? And does that page conceptually belong in our docs? We’ve used those two questions to identify and correct several gaps in our documentation, such as new pages on creating subdomain records, Cloudflare Ray IDs, and more.

External search data also informs our content strategy. When folks are coming into Cloudflare content domains, where are they going? And what keywords are they using? Using that data, we noticed some confusion between our newer Bulk Redirects feature and Forwarding Page Rules. Even though both features let you forward URLs – and Bulk Redirects is easier and more flexible – very few searches using “url forwarding” reached the Bulk Redirects page. To address that, we tweaked our keywords and added a section to our Forwarding Page Rules article breaking down the differences between the features.

Though internal and external searches tend to provide the most actionable data, we also look at broader trends in other metrics (pageviews, documentation maintenance cost, support tickets, and more). We can’t use these metrics to exactly “measure success”, because it’s hard to attribute any changes to the quality of our docs. For example, if there’s suddenly a spike in traffic to our DNS docs, does that mean that our docs are doing well? Or maybe we just blogged about a new feature? Or more customers might be onboarding their domains within a specific timeframe?

We can, however, use these metrics to broadly look at our relative effort across different products and adjust priorities accordingly. To use DNS as an example, it’s towards the top in terms of support tickets, but we actually have a comparatively small percentage of our content dedicated towards it. That means that, if we see more opportunities to improve those docs, those opportunities will likely get a higher priority.

Identifying content gaps in our documentation

Conclusion

When we take all these inputs together – the qualitative experience of dogfooding our documentation and our products, the broad outlines of our user-focused content journey, the community feedback from our open-source ecosystem, and the quantitative data points from our analytics – they help us treat our content as a product.

It’s part of what makes this team so fun to be a part of! Speaking of, we’re hiring!

Kernel prepatch 5.19-rc4

Post Syndicated from original https://lwn.net/Articles/899108/

The 5.19-rc4 kernel prepatch is out for
testing.

So we’ve had a couple of fairly small rc releases, and here we finally
start to see an uptick in commits in rc4. Not what I really want to
see in the middle of the release cycle, but not entirely surprising
considering how quiet it’s been so far.

Седмицата (20–25 юни)

Post Syndicated from Йоанна Елми original https://toest.bg/editorial-20-25-june-2022/

Добре дошли в края на поредната бурна политическа седмица. Надявам се, че сте оцелели по пътя – да поспрем за секунда на това стъпало на спираловидната стълба на историята и да си кажем защо нищо не е същото въпреки всеобщото усещане, че всичко се повтаря отново.

Хронологията накратко: разбрахме за корупционните схеми на ГКПП Капитан Андреево, благодарение на които повече от 10 години няколко частни фирми държат монопола върху най-печелившите дейности на границата. „Договорите са дългогодишни, подписани на тъмно. Опитът на държавата да спре потока на пари доведе до реакция, която напомня на война“, пише Генка Шикерова в обстойния си текст за „Свободна Европа“. Междувременно, както се очакваше, „македонският въпрос“ се разду до пълна нелогичност в най-уязвимия за правителството момент, когато ИТН използваха Северна Македония като предлог за излизане от властта.

Емилия Милчева

„Четирийсет и седмият парламент се записа в историята – не успя да преодолее политическото противопоставяне, но събра политическите противници, за да вдигнат ветото за Северна Македония“, пише Емилия Милчева в политическия си анализ тази седмица. Какво обаче следва? Всичко сочи, че България е изправена пред четвърти избори за година и половина. Възможно ли е да бъдат предотвратени от компромиси? Какво ще успее да свърши парламентът, преди да се разпусне след близо месец?

Северна Македония е напомняне, че вътрешнополитическите проблеми се намират в контекста на външнополитическите, най-сериозният от които остава руската инвазия в Украйна. Европейският съюз има сериозната задача да намали зависимостта си от руския газ и това е една от основните теми, разисквани при посещението на председателката на Европейската комисия Урсула фон дер Лайен в Израел и Египет.

Мирослав Зафиров

В своя материал по темата дипломатът Мирослав Зафиров пише: „Процесът на постигане на нулева зависимост от руските енергийни източници вече е в ход, но неговото успешно приключване няма да е в мандата на настоящата Комисия, a пътя към тази независимост ЕС ще трябва да извърви заедно с партньорите си от Източното Средиземноморие. Един регион, който е доказал, че може да бъде крайно непредсказуем и зависещ често от обстоятелства, които нямат нищо общо с европейските приоритети и дневен ред.“

Непредсказуемостта пък на източноевропейския регион и в частност на България се дължи не само на вътрешно- и външнополитическите особености, но и на експлоатирането на важни теми от манипулативни медии и източници, които подкопават общественото доверие в институциите и размиват дебата. В „Тоест“ посветихме специална поредица за изследване на темата за манипулативното съдържание и тази седмица публикувахме втората част, в която проследяваме местата и механизмите на неговото разпространение.

Подобна сериозно експлоатирана тема е „София прайд“. Сега обаче ситуацията беше различна, разказва ни Светла Енчева. „В сравнение с предишните години едно отсъствие се набива на очи – тази година нямаше масирани анти-ЛГБТИ кампании в навечерието на събитието, телевизионните студиа не преливаха от „дискусии“ между хомофоби и ЛГБТИ активисти, нямаше разлепени хомофобски стикери по уличните стълбове и превозните средства на градския транспорт. Нямаше актове на насилие срещу събития, включени в културната програма на прайда. Нито медийно демонизиране на книги или филми от програмата“. Според Светла това се дължи на нажежената политическа обстановка в страната. „Когато няма дирижирана кампания, омразата рязко намалява“, коментира тя.

Зорница Христова

Между текста на Светла и първата препоръка на Зорница Христова в рубриката „По буквите“ има тематична връзка, защото става въпрос за романа „Самотен мъж“ на Кристофър Ишъруд (ключов писател за гей общността в англосферата), който според Зорница отказва да влезе в много от днешните рамки на дискусията: „Впрочем Ишъруд – ако вярваме на героя му Джордж – се интересува не толкова от разликата между расите, нито от сексуалната ориентация. Интересува го повече разликата между поколенията, и по-точно онова, което си представяме, когато мислим за по-старите или по-младите от нас.“

Другите ѝ две препоръки са албумът „Деца на въображението“ на художника Греди Асса и книгата „Раковски супергерой“ на Марин Бодаков, особено важна и актуална днес, когато много политици се представят за национални герои в общество, което сякаш не си е отговорило на въпроса какво всъщност означава да бъдеш герой.

За завършек на този бюлетин ми се иска да ви кажа нещо неформално, все едно разговаряме помежду си – вероятно защото именно в такива тежки лични разговори тази седмица усетих умора и отчаяние от ситуацията в страната, едно чувство на обречена повторяемост. В рамките на същата седмица властта в САЩ прие взаимно противоречащи си закони в отговор на зачестилите масови убийства с огнестрелни оръжия. Паралелно текат изслушвания, които доказват, че бившият президент Доналд Тръмп активно се е опитвал да използва системата, за да получи втори мандат неправомерно. А в петък решение на Върховния съд на САЩ елиминира конституционното право на аборт, което ще доведе до почти пълна забрана на абортите в приблизително половината щати. До редакционното приключване на този бюлетин девет щата – Алабама, Арканзас, Кентъки, Луизиана, Мисури, Оклахома, Южна Дакота, Юта и Уисконсин – вече въведоха незабавни закони, които криминализират абортите.

В същото време крайната десница във Франция спечели рекорден брой места в Парламента, което ще постави сериозно предизвикателство пред управлението на Еманюел Макрон, спечелил преди два месеца втория си президентски мандат. В този контекст политическата ситуация във Франция става все по-поляризирана. Това не са нови явления, а по-скоро хронични тенденции, които тормозят дадено общество и като лош рецидив се проявяват с вариации през годините.

Дори двете най-стари демокрации не са имунизирани срещу абсурда, жаждата за власт, корупцията. Най-важната характеристика на демократичната форма на управление – която я прави и най-ефективна за момента – не е липсата на препятствия, а свободата да ги преодоляваме заедно. Тази свобода е крехка и не може да бъде подарена – както показа и Украйна. Тя се отвоюва, понякога на висока цена.

България, за щастие, не е Украйна. С течение на годините страната ни се е присъединила към геополитически сфери, които не са съвършени, но всячески се стремят да гарантират именно свободата за отвоюване на свобода. С взаимно съгласие, без кръв. Затова и в демокрацията най-важни са не партиите и политиците, а гражданите. Ако някой отнеме гражданската роля, ако някой реши да упражнява гражданската власт вместо гражданите – тогава има проблем. Защото ако властта не е у гражданите, значи над тях се властва. Такава централна роля в политиката идва с много отговорност. Въпреки умората, въпреки привидните крачки назад.

За пръв път България е от правилната страна на историята. И това, скъпи читатели, не е никак малко. Заслужаваме още повече. И от нас зависи.

Източник

The collective thoughts of the interwebz