Post Syndicated from Explosm.net original https://explosm.net/comics/no-fart-february
New Cyanide and Happiness Comic
pearl diver
Post Syndicated from Oglaf! -- Comics. Often dirty. original https://www.oglaf.com/pearl-diver/
Improve search results for AI using Amazon OpenSearch Service as a vector database with Amazon Bedrock
Post Syndicated from Jon Handler original https://aws.amazon.com/blogs/big-data/improve-search-results-for-ai-using-amazon-opensearch-service-as-a-vector-database-with-amazon-bedrock/
Artificial intelligence (AI) has transformed how humans interact with information in two major ways—search applications and generative AI. Search applications include ecommerce websites, document repository search, customer support call centers, customer relationship management, matchmaking for gaming, and application search. Generative AI use cases include chatbots with Retrieval-Augmented Generation (RAG), intelligent log analysis, code generation, document summarization, and AI assistants. AWS recommends Amazon OpenSearch Service as a vector database for Amazon Bedrock as the building blocks to power your solution for these workloads.
In this post, you’ll learn how to use OpenSearch Service and Amazon Bedrock to build AI-powered search and generative AI applications. You’ll learn about how AI-powered search systems employ foundation models (FMs) to capture and search context and meaning across text, images, audio, and video, delivering more accurate results to users. You’ll learn how generative AI systems use these search results to create original responses to questions, supporting interactive conversations between humans and machines.
The post addresses common questions such as:
- What is a vector database and how does it support generative AI applications?
- Why is Amazon OpenSearch Service recommended as a vector database for Amazon Bedrock?
- How do vector databases help prevent AI hallucinations?
- How can vector databases improve recommendation systems?
- What are the scaling capabilities of OpenSearch as a vector database?
How vector databases work in the AI workflow
When you’re building for search, FMs and other AI models convert various types of data (text, images, audio, and video) into mathematical representations called vectors. When you use vectors for search, you encode your data as vectors and store those vectors in a vector database. You further convert your query into a vector and then query the vector database to find related items by minimizing the distance between vectors.
When you’re building for generative AI, you use FMs such as large language models (LLMs), to generate text, video, audio, images, code, and more from a prompt. The prompt might contain text, such as a user’s question, along with other media such as images, audio, or video. However, generative AI models can produce hallucinations—outputs that appear convincing but contain factual errors. To solve for this challenge, you employ vector search to retrieve accurate information from a vector database. You add this information to the prompt in a process called Retrieval-Augmented Generation (RAG).
Why is Amazon OpenSearch Service the recommended vector database for Amazon Bedrock?
Amazon Bedrock is a fully managed service that provides FMs from leading AI companies, and the tools to customize these FMs with your data to improve their accuracy. With Amazon Bedrock, you get a serverless, no-fuss solution to adopt your selected FM and use it for your generative AI application.
Amazon OpenSearch Service is a fully managed service that you can use to deploy and operate OpenSearch in the AWS Cloud. OpenSearch is an open source search, log analytics, and vector database solution, composed of a search engine and vector database; and OpenSearch Dashboards, a log analytics, observability, security analytics, and dashboarding solution. OpenSearch Service can help you to deploy and operate your search infrastructure with native vector database capabilities, pre-built templates, and simplified setup. API calls and integration templates streamline connectivity with Amazon Bedrock FMs, while the OpenSearch Service vector engine can deliver as low as single-digit millisecond latencies for searches across billions of vectors, making it ideal for real-time AI applications.
OpenSearch is a specialized type of database technology that was originally designed for latency- and throughput-optimized matching and retrieval of large and small blocks of unstructured text with ranked results. OpenSearch ranks results based on a measure of similarity to the search query, returning the most similar results. This similarity matching has evolved over time. Before FMs, search engines used a word-frequency scoring system called term frequency/inverse document frequency (TF/IDF). OpenSearch Service uses TF/IDF to score a document based on the rarity of the search terms in all documents and how often the search terms appeared in the document it’s scoring.
With the rise of AI/ML, OpenSearch added the ability to compute a similarity score for the distance between vectors. To search with vectors, you add vector embeddings produced by FMs and other AI/ML technologies to your documents. To score documents for a query, OpenSearch computes the distance from the document’s vector to a vector from the query. OpenSearch further provides field-based filtering and matching and hybrid vector and lexical search, which you use to incorporate terms in your queries. OpenSearch hybrid search performs a lexical and a vector query in parallel, producing a similarity score with built-in score normalization and blending to improve the accuracy of the search result compared with lexical or vector similarity alone.
OpenSearch Service supports three vector engines: Facebook AI Similarity (FAISS), Non-Metric Space Library (NMSLib), and Apache Lucene. It supports exact nearest neighbor search, and approximate nearest neighbor (ANN) search with either hierarchical navigable small world (HNSW), or Inverted File (IVF) engines. OpenSearch Service supports vector quantization methods, including disk-based vector quantization so you can optimize cost, latency, and retrieval accuracy for your solution.
Use case 1: Improve your search results with AI/ML
To improve your search results with AI/ML, you use a vector-generating ML model, most frequently an LLM or multi-modal model that produces embeddings for text and image inputs. You use Amazon OpenSearch Ingestion, or a similar technology to send your data to OpenSearch Service with OpenSearch Neural Plugin to integrate the model, using a model ID, into an OpenSearch ingest pipeline. The ingest pipeline calls Amazon Bedrock to create vector embeddings for every document during ingestion.
To query OpenSearch Service as a vector database, you use an OpenSearch neural query to call Amazon Bedrock to create an embedding for the query. The neural query uses the vector database to retrieve nearest neighbors.
The service offers pre-built CloudFormation templates that construct OpenSearch Service integrations to connect to Amazon Bedrock foundation models for remote inference. These templates simplify the setup of the connector that OpenSearch Service uses to contact Amazon Bedrock.
After you’ve created the integration, you can refer to the model_id when you set up your ingest and search pipelines.
Use case 2: Amazon OpenSearch Serverless as an Amazon Bedrock knowledge base
Amazon OpenSearch Serverless offers an auto-scaled, high-performing vector database that you can use to build with Amazon Bedrock for RAG, and AI agents, without having to manage the vector database infrastructure. When you use OpenSearch Serverless, you create a collection—a collection of indexes for your application’s search, vector, and logging needs. For vector database use cases, you send your vector data to your collection’s indices, and OpenSearch Serverless creates a vector database that provides fast vector similarity and retrieval.
When you use OpenSearch Serverless as a vector database, you pay only for storage for your vectors and the compute needed to serve your queries. Serverless compute capacity is measured in OpenSearch Compute Units (OCUs). You can deploy OpenSearch Serverless starting at just one OCU for development and test workloads for about $175/month. OpenSearch Serverless scales up and down automatically to accommodate your ingestion and search workloads.
With Amazon OpenSearch Serverless, you get an autoscaled, performant vector database that is seamlessly integrated with Amazon Bedrock as a knowledge base for your generative AI solution. You use the Amazon Bedrock console to automatically create vectors from your data in up to five data stores, including an Amazon Simple Storage Service (Amazon S3) bucket and store them in an Amazon OpenSearch Serverless collection.
When you’ve configured your data source, and selected a model, select Amazon OpenSearch Serverless as your vector store, and Amazon Bedrock and OpenSearch Serverless will take it from there. Amazon Bedrock will automatically retrieve source data from your data source, apply the parsing and chunking strategies you have configured, and index vector embeddings in OpenSearch Serverless. An API call will synchronize your data source with OpenSearch Serverless vector store.
The Amazon Bedrock retrieve_and_generate() runtime API call makes it straightforward for you to implement RAG with Amazon Bedrock and your OpenSearch Serverless knowledge base.
Conclusion
In this post, you learned how Amazon OpenSearch Service and Amazon Bedrock work together to deliver AI-powered search and generative AI applications and why OpenSearch Service is the AWS recommended vector database for Amazon Bedrock. You learned how to add Amazon Bedrock FMs to generate vector embeddings for OpenSearch Service semantic search to bring meaning and context to your search results. You learned how OpenSearch Serverless provides a tightly integrated knowledge base for Amazon Bedrock that simplifies using foundation models for RAG and other generative AI. Get started with Amazon OpenSearch Service and Amazon Bedrock today to enhance your AI-powered applications with improved search capabilities with more reliable generative AI outputs.
About the author
Jon Handler is Director of Solutions Architecture for Search Services at Amazon Web Services, based in Palo Alto, CA. Jon works closely with OpenSearch and Amazon OpenSearch Service, providing help and guidance to a broad range of customers who have search and log analytics workloads for OpenSearch. Prior to joining AWS, Jon’s career as a software developer included four years of coding a large-scale ecommerce search engine. Jon holds a Bachelor of the Arts from the University of Pennsylvania, and a Master’s of Science and a PhD in Computer Science and Artificial Intelligence from Northwestern University.
Friday Squid Blogging: New Squid Fossil
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2025/02/friday-squid-blogging-new-squid-fossil.html
A 450-million-year-old squid fossil was dug up in upstate New York.
Metasploit Weekly Wrap-Up 02/21/2025
Post Syndicated from Diego Ledda original https://blog.rapid7.com/2025/02/21/metasploit-weekly-wrap-up-46/
BeyondTrust and Fetch Payload
This Metasploit release includes an exploit module that chains two vulnerabilities, one exploited in the wild by APT groups and another one, a 0-day discovered by Rapid7 during the vulnerability analysis.
In addition to that, a significant improvement was made to Fetch-Payloads by adding support for the ppc, mips and arm architectures. This allows the payloads to be used in exploits that commonly target embedded systems.
New module content (3)
BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) unauthenticated Remote Code Execution
Author: sfewer-r7
Type: Exploit
Pull request: #19877 contributed by sfewer-r7
Path: linux/http/beyondtrust_pra_rs_unauth_rce
AttackerKB reference: CVE-2025-1094
Description: The module exploits two bugs CVE-2024-12356 and CVE-2025-1094, an argument injection in BeyondTrust code base and SQL injection in PostgreSQL code base, respectively.
InvokeAI RCE
Authors: Takahiro Yokoyama and jackfromeast
Type: Exploit
Pull request: #19883 contributed by Takahiro-Yoko
Path: linux/http/invokeai_rce_cve_2024_12029
AttackerKB reference: CVE-2024-12029
Description: This adds an exploit module for InvokeAI unauth RCE (CVE-2024-12029).
Fetch Payload Update
Authors: Adam Cammack [email protected], Brendan Watters, and Spencer McIntyre
Type: Payload
Pull request: #19850 contributed by bwatters-r7
Description: This extends the fetch-payload support for aarch64, armbe, armle, mipsbe, mipsle, ppc, ppc64 and ppc64le payloads.
Enhancements and features (3)
- #19884 from adfoster-r7 – Add OSVDB search functionality to msfconsole e.g.
search osvdb:67241. - #19885 from adfoster-r7 – Improve msfconsole’s module search performance by caching search regexes.
- #19887 from adfoster-r7 – Updates the
reload_libcommand to ignore Gemfiles.
Bugs fixed (3)
- #19810 from h00die – Adds a verification to the file content checks so that we don’t crash when trying to open files that do not exist and adds proper CVE to references section now that a CVE exists.
- #19871 from bwatters-r7 – This fix the ELF template file for Linux aarch64 payloads.
- #19875 from dledda-r7 – Adds a fix for the odd behavior of the
readsyscall on Raspberrypi 4b. For some reason, on the Raspberry Pi 4B, the data read from the socket is not present immediately after thereadsyscall, so we added asyncsyscall. This behavior is not present in Raspberry Pi 3, Raspberry Pi 5, emulators, or Microsoft’s AARCH64 Devkit.
Documentation
You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.
Get it
As always, you can update to the latest Metasploit Framework with msfupdate
and you can get more details on the changes since the last blog post from
GitHub:
If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
commercial edition Metasploit Pro
Going 800Gbps at up to 1000km with the Marvell COLORZ 800
Post Syndicated from Patrick Kennedy original https://www.servethehome.com/going-800gbps-at-up-to-1000km-with-the-marvell-colorz-iii-800g-zr-osfp/
We take a look at how the Marvell COLORZ 800 can transmit data at 800Gbps across 1000km and get behind the scenes lab access
The post Going 800Gbps at up to 1000km with the Marvell COLORZ 800 appeared first on ServeTheHome.
DOGE & USAID
Post Syndicated from LastWeekTonight original https://www.youtube.com/watch?v=qLuIDXlwoEc
From log analysis to rule creation: How AWS Network Firewall automates domain-based security for outbound traffic
Post Syndicated from Mary Kay Sondecker original https://aws.amazon.com/blogs/security/from-log-analysis-to-rule-creation-how-aws-network-firewall-automates-domain-based-security-for-outbound-traffic/
When it comes to controlling incoming (ingress) and outgoing (egress) network traffic, organizations typically focus heavily on inbound traffic controls—carefully restricting what traffic can enter their network perimeter. However, this approach addresses only inbound security challenges. Modern applications rely heavily on third-party code through operating systems, libraries, and packages. This dependency can create potential security vulnerabilities. If these components are compromised, affected workloads might attempt to connect to unauthorized command and control servers or send sensitive data to unauthorized destinations on the internet.
This is why implementing strong outbound traffic controls—particularly through domain-based allowlisting—has become a critical security best practice. Rather than allowing unrestricted outbound access or maintaining an ever-growing denylist of low-reputation domains, many organizations are shifting to domain-based allowlisting. This approach restricts outbound communications to explicitly trusted domains, reduces potential risk surfaces, and helps to protect against both known and unknown threats. However, manually identifying and maintaining these allowlists has traditionally been a complex and time-consuming process.
AWS Network Firewall automated domain lists improve visibility into network traffic patterns and simplify outbound traffic control management. This feature provides analytics for HTTP and HTTPS network traffic, helping organizations understand domain usage patterns. It also automates firewall log analysis to create rules based on your network traffic. By combining increased visibility with automation, this feature enhances your security awareness and helps to improve the effectiveness of your firewall rules.
In this blog post, we’ll guide you through the implementation of the AWS Network Firewall automated domain list feature, providing a detailed overview, step-by-step instructions, and best practices to optimize your network security.
Overview of automated domain lists and traffic insights
Domain-based security allows you to control network traffic based on the domain names that your applications and users are trying to access. This approach offers a more intuitive and flexible way to create firewall rules, focusing on the destinations your network is trying to reach rather than just IP addresses. However, effectively configuring and managing firewall rules remains challenging for some customers, especially in large environments where connected devices, applications, and traffic patterns are continuously growing and changing. Organizations might struggle to keep up with these changes, leading to outdated or ineffective firewall rules and policies that are either too permissive, exposing the network to risks, or too restrictive, blocking legitimate traffic.
Let’s explore how automated domain lists address these challenges through various use cases and benefits:
Preventive and detective security controls
- Domain control through allowlisting – Establishing domain allowlists aligns with the security principle of least privilege for network traffic. A least-privilege model adjusts the scope of what a workload can do across the network, from infinite and undefined to scoped-down and well-defined, enabling better insight into potentially risky behaviors. By limiting outbound connections to only approved domains, organizations can more effectively control and monitor workload communications.
- Rule audit and compliance – Domain allowlisting makes it clear which domains are allowed, supporting alignment with standards like the Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), Cybersecurity Maturity Model Certification (CMMC), and General Data Protection Regulation (GDPR).
- Preventive controls enable detection – Preventive controls also act as detective controls, establishing a baseline for normal domain access patterns. With a domain allowlist in place, security teams can better detect workloads that show signs of unauthorized activity.
- Incident response support – Domain reporting provides the latest list of workload domains accessed, enabling quick identification of potentially malicious domains during security incidents. This information helps teams prioritize which workloads may need immediate attention.
Operational value
- Initial firewall setup and management – Automated allowlisting involves analyzing existing traffic patterns and recommending domain-based rules, which simplifies the process of establishing baseline firewall rules. This helps organizations quickly deploy effective security policies, potentially reducing the time and expertise needed for initial firewall configuration and ongoing management.
- Application modernization – Allowlisting supports adjusting firewall rules to accommodate rapidly changing traffic patterns in microservices and containerized environments, helping security to keep pace with evolving architectures.
- Cross-environment consistency – Allowlisting enables consistent firewall rule creation and management across multi-cloud and hybrid environments, regardless of where applications or data reside.
How the automated domain list feature works
Automated domain lists work by analyzing your HTTP and HTTPS traffic, generating reports on frequently accessed domains, and providing a convenient way to create rules based on actual network traffic patterns. To begin using automated domain lists in AWS Network Firewall, sign in to the AWS Management Console, access the Network Firewall service, and either work with an existing firewall or create a new one. Then follow the rest of the steps in this post.
Step 1: Enable traffic analysis mode to capture HTTP and HTTPS traffic domain logs
After you’ve selected a firewall, in the left navigation pane, choose Configure advanced settings. Select the Enable traffic analysis mode checkbox to enable it, as shown in Figure 1. Network Firewall uses this logging mode to collect data on observed domains for HTTP and HTTPS traffic to create domain reports.
Figure 1: Enabling traffic analysis mode for a firewall
To stop collecting data on frequently accessed domains in your network traffic, clear the checkbox to disable traffic analysis mode, as shown in Figure 2. Note that if you disable traffic analysis mode, you won’t be able to generate domain reports.
Figure 2: Disabling traffic analysis mode
Once traffic analysis mode is enabled, you’re ready to generate a domain report based on observed network traffic. Next, you can go to the Monitoring and observability tab and choose Create report.
Figure 3: Traffic analysis mode enabled: Now you’re ready to generate domain-based reports
Step 2: Create a domain report
The domain report summarizes the HTTP and HTTPS traffic observed by your firewall for up to 30 days (or for the duration since firewall activation if less than 30 days). Select the checkbox next to each traffic analysis type you want to include in the report—HTTP, HTTPS, or both.
Important: Use your monthly domain report to examine 30 days of traffic behavior. Each report type (HTTP, HTTPS) is available once every 30 days at no additional cost.
Figure 4: Create a domain report that includes traffic analysis types HTTP, HTTPS, or both
To see the status of your domain report, go to the Reports section in the console for your specific firewall. When the report is ready, you can review the report directly in the console or download it, as shown in Figure 5.
Figure 5: The list of domain reports in the Reports section of the console for your specific firewall
Step 3: Review the report details
The report details include the traffic type (HTTP or HTTPS) and the observation period (start and end dates). By default, the report covers the last 30 days, or the entire period since traffic analysis was enabled if that is less than 30 days. The report also shows these details:
- The Domain list shows domains that are a fully qualified domain name (FQDN) observed in the network traffic, such as aws.com or subdomain.aws.com.
- The Access attempt count refers to the overall count of connection requests to the domain, including both successful and failed attempts.
- The Unique sources field shows the number of distinct source IP addresses connected to the domain, indicating its popularity. For example, if one workload connects to aws.com, then count = 1; if 1000 workloads connect to aws.com, then count = 1,000.
- The First accessed field shows when the domain was first seen in your traffic, while Last accessed shows when it was most recently seen. This includes both successful and failed attempts to access the domain.
- The Protocol field indicates how the domain was observed—through either HTTP or HTTPS traffic (in other words, HTTP headers or a TLS handshake).
An example report is shown in Figure 6.
Figure 6: Example domain report details: 30-day analysis
Step 4: (Optional) Create a domain list rule group
You can copy the list of observed domains from the report to a stateful domain list rule group and update your firewall policy. To do so, in the Report details section, choose Create domain list group to use the firewall policy wizard to create or update your firewall rules. The selected domains are automatically copied to a domain list rule group, as shown in Figure 7. For detailed instructions, see the AWS Network Firewall documentation.
Figure 7: Option to copy over the observed domain lists and create a domain list rule group using the firewall policy wizard
Best practices for implementing domain allowlists
When you implement domain allowlisting, consider the following guidelines for operational success. We recommend that you also consult your own internal compliance and security policies.
- Start with a strategy of generous allowlisting:
- Begin with broader and more generous allowlist rules rather than a more refined list, initially, to reduce the risk of accidently blocking legitimate domains.
- Focus on getting to a Default Deny policy so that you can benefit from its risk surface reduction.
- Create flexible rules for trusted domains, including second-level domains and top-level domains, such as allowing access to subdomains under your registered second-level domain. Or allow access to second-level domains under top-level domains that your organization trusts—for example, .mil, .gov, or .edu.
- Use custom Suricata rules with regex capabilities to handle complex traffic efficiently. See Examples of stateful rules for Network Firewall.
- Remember that even a broad allowlist provides better security than having no allowlist at all.
- Make iterative improvements:
- After you establish an initial generous allowlist and Default Deny rules, evaluate the rules to determine which areas you might want to start narrowing down further. Use alert rules before pass rules in order to log the specific domains a pass rule might be allowing access to.
- Adjust logging levels based on domain trust levels and monitoring requirements.
- Review and update rules based on operational insights and changing requirements.
- Take a pragmatic and iterative approach to rule refinement rather than attempting to make the ruleset very strict.
- Set up robust logging:
- Enable Network Firewall alert logs to maintain visibility into traffic patterns.
- Use tools like Amazon CloudWatch Logs Contributor Insights for log analysis.
- Consider setting up proactive alerts for denied domains accessed by critical workloads.
- Monitor logs to identify potential allowlist additions or changes.
- Additional considerations:
- After you enable traffic analysis mode, the automated domain lists feature provides visibility into your network traffic, reporting on observed connections. Although it doesn’t distinguish between allowed and blocked traffic, the domain list report can help you identify the most critical domains to include in your firewall rules.
- The domain traffic data used to generate the list of domain recommendations is available for up to the last 30 days after traffic analysis has been enabled. This allows you to focus on the most relevant and recent network activity when optimizing your firewall policies.
- Data collection for automated domain lists is opt-in and performed independently of the firewall policy and logging configuration. Enabling the feature doesn’t impact the performance of the firewall itself.
Conclusion
With AWS Network Firewall automated domain lists, you can simplify your firewall management process, create more effective rules based on actual traffic patterns, and maintain a strong security posture with less manual effort. This feature helps you address common challenges such as keeping up with rapidly changing application landscapes, managing security across complex environments, and adhering to compliance requirements. To learn more about Network Firewall and its features, see the product page and service documentation.
If you have feedback about this post, submit comments in the Comments section below. If you have questions about this post, start a new thread on the AWS Network Firewall re:Post forum or contact AWS Support.
[$] Multi-host testing with the pytest-mh framework
Post Syndicated from jzb original https://lwn.net/Articles/1007724/
The pytest-mh
project is a plugin that provides a multi-host test framework for the
popular pytest
unit-testing framework and test runner. Work on pytest-mh
started in 2023 to solve a multitude of issues that
cropped up for developers and testers when testing the SSSD project, which is a client for
enterprise identity management. I was not happy with the state of
testing of the SSSD project and wanted to create something that would
increase test readability, remove duplication, eliminate errors, and
provide multi-host testing capabilities, while having the flexibility
to build a new API around it. Finally, I also wanted something that
can be used by anyone to test their projects as well.
2025-02-21 разни openfest-овски
Post Syndicated from Vasil Kolev original https://vasil.ludost.net/blog/?p=3497
Още се освестявам от FOSDEM, но вече можем да движим някакви неща около OpenFest – имаме си дати (17-18 октомври), имаме разни забавни идеи и малко по малко време да ги правим.
Едното нещо е, че си сменяме системата за submit-ване на лекции към pretalx. След като дълги години изборът беше pentabarf (чиито сайт даже вече го няма) или да си пишем нещо (както имахме clarion за OpenFest), сега вече има нормално работеща система, която CCC и FOSDEM са проходили доста добре, и успява да свърши работа. Тази година ползвах pretalx-а на FOSDEM и бях приятно изненадан колко човешко е като интерфейс и функционалност.
Та, ако на някой му е скучно, сме започнали превод в translate.pretalx.com. Има 1500 неща за превод, от които в последните дни сме превели около 150.
(а няма начин да пуснем системата за самия фест без български без да бъда линчуван)
Има и разни интересни нововъведения за CfP-то и програмата, но тях ще ги разкажа като ги случим 🙂
DIY Power Monitoring with Home Assistant 2025
Post Syndicated from digiblur DIY original https://www.youtube.com/watch?v=JlQ16FEl4zI
How to debug code with GitHub Copilot
Post Syndicated from Jeimy Ruiz original https://github.blog/ai-and-ml/github-copilot/how-to-debug-code-with-github-copilot/
Debugging is an essential part of a developer’s workflow—but it’s also one of the most time consuming. What if AI could streamline the process, helping you analyze, fix, and document code faster? Enter GitHub Copilot, your AI-powered coding assistant.
GitHub Copilot isn’t just for writing code—it’s also a powerful tool for debugging. Whether you’re troubleshooting in your IDE, using Copilot Chat’s slash commands like /fix, or reviewing pull requests (PR) on github.com, GitHub Copilot offers flexible, intelligent solutions to speed up your debugging process. And with the free version of GitHub Copilot, available to all personal GitHub accounts, you can start exploring these features today.
In this guide, we’ll explore how to debug code with GitHub Copilot, where to use it in your workflow, and best practices to get the most out of its capabilities. Whether you’re new to GitHub Copilot or looking to deepen your skills, this guide has something for you.
Debugging code with GitHub Copilot: surfaces and workflows
Debugging code with GitHub Copilot can help you tackle issues faster while enhancing your understanding of the codebase. Whether you’re fixing syntax errors, refactoring inefficient code, or troubleshooting unexpected behavior, GitHub Copilot can provide valuable insights in your debugging journey.
So, how exactly does this work? “GitHub Copilot is recognizing patterns and suggesting solutions based on what it has learned,” says Christopher Harrison, Senior Developer Advocate. “Once you’ve identified the problem area, you can turn to GitHub Copilot and ask, ‘I’m giving this input but getting this output—what’s wrong?’ That’s where GitHub Copilot really shines.”
Let’s explore how GitHub Copilot can help you debug your code across different surfaces, from your IDE to github.com and even pull requests.
1. In Copilot Chat
Copilot Chat acts as an interactive AI assistant, helping you debug issues with natural language queries. And with Copilot Free, you get 50 chat messages per month. With Copilot Chat, you can:
- Get real-time explanations: Ask “Why is this function throwing an error?” and Copilot Chat will analyze the code and provide insights.
- Use slash commands for debugging: Try
/fixto generate a potential solution or/explainfor a step-by-step breakdown of a complex function. (More on this later!) - Refactor code for efficiency: If your implementation is messy or inefficient, Copilot Chat can suggest cleaner alternatives. Christopher explains, “Refactoring improves the readability of code, making it easier for both developers and GitHub Copilot to understand. And if code is easier to understand, it’s easier to debug and spot problems.”
- Walk through errors interactively: Describe your issue in chat and get tailored guidance without ever having to leave your IDE.
2. In your IDE
When working in popular IDEs like VS Code or JetBrains, GitHub Copilot offers real-time suggestions as you type. It helps by:
- Flagging issues: For example, if you declare a variable but forget to initialize it, GitHub Copilot can suggest a correction.
- Code fixes: Encounter a syntax error? GitHub Copilot can suggest a fix in seconds, ensuring your code stays error-free.
- Contextual assistance: By analyzing your workspace, GitHub Copilot provides solutions tailored to your codebase and project structure.
3. On github.com
GitHub Copilot extends beyond your IDE, offering debugging assistance directly on github.com via Copilot Chat, particularly in repositories and discussions. With this feature, you can:
- Troubleshoot code in repositories: Open a file, highlight a problematic section, and use Copilot Chat to analyze it.
- Generate test cases: If you’re unsure how to verify a function, GitHub Copilot can suggest test cases based on existing code.
- Understand unfamiliar code: Reviewing an open-source project or a teammate’s PR? Ask GitHub Copilot to summarize a function or explain its logic.
4. For pull request assistance
GitHub Copilot can also streamline debugging within PRs, ensuring code quality before merging.
- Suggest improvements in PR comments: GitHub Copilot can review PRs and propose fixes directly in the conversation.
- Generate PR summaries: Struggling to describe your changes? Greg Larkin, Senior Service Delivery Engineer, says, “I use GitHub Copilot in the PR creation process to generate a summary of the changes in my feature branch compared to the branch I’m merging into. That can be really helpful when I’m struggling to figure out a good description, so that other people understand what I did.”
- Explain diffs: Not sure why a change was made? Ask GitHub Copilot to summarize what’s different between commits.
- Catch edge cases before merging: Use
/analyzeto identify potential issues and/teststo generate missing test cases. - Refactor on the fly: If a PR contains redundant or inefficient code, GitHub Copilot can suggest optimized alternatives.
By integrating Copilot into your PR workflow, you can speed up code reviews while maintaining high-quality standards. Just be sure to pair it with peer expertise for the best results.
5 slash commands in GitHub Copilot for debugging code
Slash commands turn GitHub Copilot into an on-demand debugging assistant, helping you solve issues faster, get more insights, and improve your code quality. Here are some of the most useful slash commands for debugging:
1. Use /help to get guidance on using GitHub Copilot effectively
The /help slash command provides guidance on how to interact with GitHub Copilot effectively, offering tips on structuring prompts, using slash commands, and maximizing GitHub Copilot’s capabilities.
- How it works: Type
/helpin Copilot Chat to receive suggestions on your current task, whether it’s debugging, explaining code, or generating test cases. - Example: Need a refresher on what GitHub Copilot can do? Use
/helpto access a quick guide to slash commands like/fixand/explain.
2. Use /fix to suggest and apply fixes
The /fix command is a go-to tool for resolving code issues by allowing you to highlight a block of problematic code or describe an error.
- How it works: Select the code causing issues, type
/fix, and let Copilot Chat generate suggestions. - Example: If you have a broken API call, use
/fixto get a corrected version with appropriate headers or parameters.
3. Use /explain to understand code and errors
The /explain command breaks down complex code or cryptic error messages into simpler, more digestible terms.
- How it works: Highlight the code or error message you want clarified, type
/explain, and Copilot Chat will provide an explanation. It will explain the function’s purpose, how it processes the data, potential edge cases, and any possible bugs or issues. - Example: Encounter a “NullPointerException”? Use
/explainto understand why it occurred and how to prevent it.
4. Use /tests to generate tests
Testing is key to identifying bugs, and the /tests command helps by generating test cases based on your code.
- How it works: Use
/testson a function or snippet, and Copilot Chat will generate relevant test cases. - Example: Apply
/teststo a sorting function, and Copilot Chat might generate unit tests for edge cases like empty arrays or null inputs.
5. Use /doc to generate or improve documentation
There are long-term benefits to having good text documentation—for developers and GitHub Copilot, which can draw context from it—because it makes your codebase that much more searchable. By using the /doc command with Copilot Free, you can even ask GitHub Copilot to write a summary of specific code blocks within your IDE.
The /doc command helps you create or refine documentation for your code, which is critical when debugging or collaborating with others. Clear documentation provides context for troubleshooting, speeds up issue resolution, and helps fellow developers understand your code faster.
- How it works: Highlight a function, class, or file, type
/docand right-click to see the context menu, and Copilot Chat will generate comprehensive comments or documentation. - Example: Apply
/docto a function, and Copilot Chat will generate inline comments detailing its purpose, parameters, and expected output.
By mastering these commands, you can streamline your debugging workflow and resolve issues faster without switching between tools or wasting time on manual tasks.
Best practices for debugging code with GitHub Copilot
Provide clear context for better results
Providing the right context helps GitHub Copilot generate even more relevant debugging suggestions. As Christopher explains, “The better that Copilot is able to understand what you’re trying to do and how you’re trying to do it, the better the responses are that it’s able to give to you.”
Since GitHub Copilot analyzes your code within the surrounding scope, ensure your files are well structured and that relevant dependencies are included. If you’re using Copilot Chat, reference specific functions, error messages, or logs to get precise answers instead of generic suggestions.
💡 Pro tip: Working across multiple files? Use the @workspace command to point GitHub Copilot in the right direction and give it more context for your prompt and intended goal.
Ask, refine, and optimize in real time
Instead of treating GitHub Copilot as a one-and-done solution, refine its suggestions by engaging in a back-and-forth process. Greg says, “I find it useful to ask GitHub Copilot for three or four different options on how to fix a problem or to analyze for performance. The more detail you provide about what you’re after—whether it’s speed, memory efficiency, or another constraint—the better the result.”
This iterative approach can help you explore alternative solutions you might not have considered, leading to more robust and efficient code.
Master the art of specific prompts
The more specific your prompt, the better GitHub Copilot’s response. Instead of asking “What’s wrong with this function?” try “Why is this function returning undefined when the input is valid?” GitHub Copilot performs best when given clear, detailed queries—this applies whether you’re requesting a fix, asking for an explanation, or looking for test cases to verify your changes.
By crafting precise prompts and testing edge cases, you can use GitHub Copilot to surface potential issues before they become production problems.
Try a structured approach with progressive debugging
Next, try a step-by-step approach to your debugging process! Instead of immediately applying fixes, use GitHub Copilot’s commands to first understand the issue, analyze potential causes, and then implement a solution. This structured workflow—known as progressive debugging—helps you gain deeper insights into your code while ensuring that fixes align with the root cause of the problem.
For example:
- Start with the slash command
/explainon a problematic function to understand the issue. - Use the slash command
/startDebuggingto help with configuring interactive debugging. - Finally, apply the slash command
/fixto generate possible corrections.
📌 Use case: If a function in your React app isn’t rendering as expected, start by running /explain on the relevant JSX or state logic, then use /debug to identify mismanaged props, and finally, apply /fix for a corrected implementation.
Combine commands for a smarter workflow
Some issues require multiple levels of debugging and refinement. By combining commands, you can move from diagnosis to resolution even faster.
For example:
- Use
/explain + /fixto understand and resolve issues quickly. - Apply
/fixTestFailure + /teststo find failing tests and generate new ones.
📌 Use case:
- Fixing a broken function: Run the slash command
/explainto understand why it fails, then use the slash command/fixto generate a corrected version. - Improving test coverage: Use the slash command
/fixTestFailureto identify and fix failing tests, then use the slash command/teststo generate additional unit tests for the highlighted code.
Remember, slash commands are most effective when they’re used in the appropriate context, combined with clear descriptions of the problem, are part of a systematic debugging approach, and followed up with verification and testing.
Better together: AI tools with a developer in the pilot’s chair
GitHub Copilot is a powerful tool that enhances your workflow, but it doesn’t replace the need for human insight, critical thinking, and collaboration. As Greg points out, “GitHub Copilot can essentially act as another reviewer, analyzing changes and providing comments. Even so, it doesn’t replace human oversight. Having multiple perspectives on your code is crucial, as different reviewers will spot issues that others might miss.”
By combining GitHub Copilot’s suggestions with human expertise and rigorous testing, you can debug more efficiently while maintaining high-quality, reliable code.
Ready to try the free version of GitHub Copilot?
Start using GitHub Copilot today >
You can keep the learning going with these resources:
* Debug your app with GitHub Copilot in Visual Studio
* Example prompts for GitHub Copilot Chat
* GitHub Copilot and VS Code tutorials
The post How to debug code with GitHub Copilot appeared first on The GitHub Blog.
Announcing CDK Garbage Collection
Post Syndicated from Kaizen Conroy original https://aws.amazon.com/blogs/devops/announcing-cdk-garbage-collection/
The AWS Cloud Development Kit (CDK) is an open source framework that enables developers to define cloud infrastructure using a familiar programming language. Additionally, CDK provides higher level abstractions (Constructs), which reduce the complexity required to define and integrate AWS services together when building on AWS. CDK also provides core functionality like CDK Assets, which gives users the ability to bundle application assets into their CDK applications. These assets can be local files (main.py), directories (python_app/), or Docker images (Dockerfile). CDK Assets are stored in an Amazon Simple Storage Service (Amazon S3) Bucket or Amazon Elastic Container Registry (Amazon ECR) Repository that is created during CDK bootstrapping.
For CDK developers that leverage assets at scale, they may notice over time that the bootstrapped bucket or repository accumulated old or unused data. If users wanted to clean this data on their own, CDK didn’t provide a clear way of determining which data is safe to delete. To solve this problem, we are excited to announce the preview launch of CDK Garbage Collection, a new feature of the CDK that automatically deletes old assets in your bootstrapped Amazon S3 Bucket and Amazon ECR Repository, saving users time and money. This feature is available starting in AWS CDK version 2.165.0.
We expect CDK Garbage Collection to help AWS CDK customers save on storage costs associated with using the product while not affecting how customers use CDK.
Quickstart
CDK Garbage Collection is exposed as a CDK CLI command named gc. To use CDK Garbage Collection in its default configuration, run the following command on a terminal in your CDK application.
cdk gc --unstable=gcThe --unstable flag is meant to acknowledge that CDK Garbage Collection is in preview mode. This indicates that the scope and API of the feature might still change, but otherwise the feature is generally production ready and fully supported.
Walkthrough
CDK Garbage Collection works at the environment level, so it will attempt to delete isolated assets in the AWS account / region that you call it in. For the purposes of this walkthrough, you will be re-bootstrapping the environment with a custom qualifier so that you do not delete isolated assets before you are ready.
cdk bootstrap --qualifier=abcdef --toolkit-stack-name=CDKToolkitDemoYou now have a new bootstrap template under the name CDKToolkitDemo and bootstrap resources associated with it. Next, set up a CDK application with both Amazon S3 and Amazon ECR assets:
mkdir garbage-collection-demo && cd garbage-collection-demo
cdk init -l typescript app
Your next step is to replace the existing code In lib/garbage-collection-demo-stack.ts with the following CDK Stack:
import * as path from 'path';
import * as cdk from 'aws-cdk-lib';
import { Construct } from 'constructs';
import * as lambda from 'aws-cdk-lib/aws-lambda';
export class GarbageCollectionDemoStack extends cdk.Stack {
constructor(scope: Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
const fn1 = new lambda.Function(this, 'my-function-s3', {
code: lambda.Code.fromAsset(path.join(__dirname, '..', 'lambda')),
runtime: lambda.Runtime.NODEJS_LATEST,
handler: 'index.handler',
});
const fn2 = new lambda.Function(this, 'my-function-ecr', {
code: lambda.Code.fromAssetImage(path.join(__dirname, '..', 'docker')),
runtime: lambda.Runtime.FROM_IMAGE,
handler: lambda.Handler.FROM_IMAGE,
});
}
}This creates two AWS Lambda functions, one which uses an Amazon S3 asset as its source code and one that uses an Amazon ECR image as its source code. You need to add the assets that are referenced to our CDK application. In lambda/index.js add a simple Lambda function:
exports.handler = async function(event) {
const response = require('./response.json');
return response;
};And in docker/Dockerfile add a simple Docker image:
Implementing Cryptography in AI Systems
Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2025/02/implementing-cryptography-in-ai-systems.html
Interesting research: “How to Securely Implement Cryptography in Deep Neural Networks.”
Abstract: The wide adoption of deep neural networks (DNNs) raises the question of how can we equip them with a desired cryptographic functionality (e.g, to decrypt an encrypted input, to verify that this input is authorized, or to hide a secure watermark in the output). The problem is that cryptographic primitives are typically designed to run on digital computers that use Boolean gates to map sequences of bits to sequences of bits, whereas DNNs are a special type of analog computer that uses linear mappings and ReLUs to map vectors of real numbers to vectors of real numbers. This discrepancy between the discrete and continuous computational models raises the question of what is the best way to implement standard cryptographic primitives as DNNs, and whether DNN implementations of secure cryptosystems remain secure in the new setting, in which an attacker can ask the DNN to process a message whose “bits” are arbitrary real numbers.
In this paper we lay the foundations of this new theory, defining the meaning of correctness and security for implementations of cryptographic primitives as ReLU-based DNNs. We then show that the natural implementations of block ciphers as DNNs can be broken in linear time by using such nonstandard inputs. We tested our attack in the case of full round AES-128, and had success rate in finding randomly chosen keys. Finally, we develop a new method for implementing any desired cryptographic functionality as a standard ReLU-based DNN in a provably secure and correct way. Our protective technique has very low overhead (a constant number of additional layers and a linear number of additional neurons), and is completely practical.
Four Friday stable kernels
Security updates for Friday
Post Syndicated from daroc original https://lwn.net/Articles/1011262/
Security updates have been issued by AlmaLinux (bind, bind9.16, and mysql:8.0), Debian (chromium, djoser, libtasn1-6, and postgresql-13), Fedora (python3.12 and vim), Red Hat (libpq, postgresql, postgresql:13, postgresql:15, and postgresql:16), Slackware (ark), SUSE (brise, chromium, emacs, google-osconfig-agent, grafana, grub2, helm, kernel, openssh, openssl-1_1, ovmf, postgresql13, postgresql14, postgresql15, and postgresql17), and Ubuntu (gnutls28, libtasn1-6, openssl, python3.10, python3.12, python3.8, and webkit2gtk).
Linus on Rust and the kernel’s DMA layer
Post Syndicated from corbet original https://lwn.net/Articles/1011197/
At the end of January we ran this article
on the discussions around a set of Rust bindings for the kernel’s
DMA-mapping layer. Many pixels have been expended on the topic since
across the net, most recently in this
sprawling email thread. Linus Torvalds has now made
his feelings known on the topic:
You are not forced to take any Rust code, or care about any Rust
code in the DMA code. You can ignore it.But “ignore the Rust side” automatically also means that you don’t
have any *say* on the Rust side.You can’t have it both ways. You can’t say “I want to have nothing
to do with Rust”, and then in the very next sentence say “And that
means that the Rust code that I will ignore cannot use the C
interfaces I maintain”.
The code in question seems highly likely to be merged for the 6.15 release.
Best of: Airships
Post Syndicated from The History Guy: History Deserves to Be Remembered original https://www.youtube.com/watch?v=08crThX1S-A
Какво става: Бюджет, регулатори, Украйна
Post Syndicated from Емилия Милчева original https://www.toest.bg/kakvo-stava-byudzhet-regulatori-ukrayna/
Коалиционното управление натисна газта с две приоритетни теми – бюджет 2025 и нови състави на ключови регулатори, докато България е изправена пред въпрос с геополитически заряд: ще остане ли в единство с ЕС за Украйна, или ще направи крачка назад?
Пушекът, който се вдига около бюджета, замъглява фигурите на кандидатите за регулаторните и контролни органи, кой ги предлага, кои имат най-големи шансове и чии интереси представляват. Разбираемо, първата тема привлича много по-голям интерес – над 550 000 са заетите в обществения сектор, още 2,04 милиона души са пенсионерите, болниците (държавни, частни и тук-там общински) се финансират от едно място – НЗОК, бизнесът разчита на капиталовата програма.
Що се отнася до регулаторите, които контролират всички процеси и бизнеси за милиарди, предполага се, че мачовете са свирени, предвид скоростно стартираните процедури за избор и едноседмичния срок за номинации, още преди да бъде внесен бюджетът и да са известни управленските намерения. Но и предишните процедури не са се отличавали с прозрачност, дълбочина и стремеж за по-широко обществено обсъждане. Фигурите, които изплуват като номинирани, показват познатия стремеж за овладяване от сили, вече работили и работещи за познати задкулисни интереси. Надежда за обществена полза няма.
Във външнополитически план България е изправена пред ключов тест – ще потвърди ли досегашните си позиции за Украйна, или ще се отметне от заявената европейска солидарност, преминавайки в лагера на Унгария и Словакия. И макар никой да не е поискал от България военна сила за изпращане на фронта в Украйна, президентът Румен Радев побърза да обяви: „Категорично съм против!“, макар че решава Народното събрание, а не държавният глава.
Игрички с пенсиите
Когато едно правителство публикува около полунощ проектобюджета си и след 11 часа промени основен разход, засягащ 1/3 от населението, в създалото се напрежение ли е причината, или в „издърпаните ушички“? Така олигархът и лидер на ДПС – Ново начало Делян Пеевски си приписа заслугите за променената позиция на властта да повиши пенсиите на всичките над 2 милиона пенсионери с 8–9%, вместо само най-ниските.
Бързичко се коригираха и ги поздравявам. Пенсионерите ще имат своите пенсии. Отпушиха ушичките и така трябва да чуват. Ако не – протести до дупка от „Ново начало“ и всеки път ще ги дисциплинирам.
Съпредседателят на „Продължаваме промяната“ Кирил Петков смята, че промяната е тяхна заслуга.
Благодарение на бързата реакция на Асен (Василев – б.а.) и цялата коалиция, нормалното увеличение на пенсиите бе възстановено само за няколко часа. Пенсионерите са защитени.
Акцията обаче е по-скоро реверанс към коалиционния партньор БСП и нейното прясно избрано ръководство, така се уплътнява ролята ѝ в управлението като негов „социален гарант“. В замяна БСП вече говори за еврозоната. Странно е, че проектобюджет, разгледан по-рано същия ден от Съвета за съвместно управление, в който участват представители на четирите формации (ГЕРБ–СДС, БСП–ОЛ, ИТН и ДПС–ДПС), предизвиква напрежение следващата сутрин с разхода за пенсии. После всичко се разви предсказуемо – управляващите обявиха, че от 1 юли всички пенсии ще се повишат по т.нар. швейцарско правило с 8,6%, а Надзорният съвет на НОИ тутакси се събра и го потвърди.
За увеличението от 1 юли на всички пенсии са необходими още 427 млн. лв. освен планираните в бюджета близо 200 млн. Остава министърката на финансите Теменужка Петкова да ги намери, но БНБ вече обяви, че ще внесе 800 млн. лв. в бюджета тази година, което е по-високо от планираната вноска от 550 млн. лв. Според социалния министър Борислав Гуцанов необходимите за увеличението средства най-вероятно „ще дойдат от инфраструктурните проекти“, другият вариант е заем.
Предвид традиционното неизпълнение на капиталовите разходи от няколко години насам – не повече от 50%, предвидените за 2025 г. 13,8 млрд. лв. може да бъдат намалени. (Другият вариант е дълг.) За мащабни проекти работна ръка в България трудно може да се намери – и високо-, и нискоквалифицирана. А ако започне строителството на седми и осми блок на АЕЦ „Козлодуй“, със сигурност ще трябва да се внася отвън.
Едно е ясно – няма да се реже от увеличените разходи за заплати на всички в МВР, които струват над 1,2 млрд. лв. Нито от повишените възнаграждения за военните или държавната администрация.
И всички са доволни. Бюджетът е добър, защото има… бюджет. Реформи няма. Пенсионерите в МВР остават, увеличението на заплатите ще е за всички, не само за редовите полицаи, както предложи ПП–ДБ. А Бойко Борисов, лидерът на партията, с чийто мандат управлява правителството и са излъчени ключовите министри, в това число и премиерът, зададе и хоризонта на властта.
Стоим в това правителство заради еврозоната [очаквана от 1 януари 2026 г. – б.а.].
В превод: разпределяме регулаторите и съдебната система, избират се главен прокурор и председател на ВАС, изхарчва се бюджетът – и избори.
Регулатори на втори план
В шумотевицата около парите за пенсионерите потънаха новините за първите номинации за регулаторите, станали известни тази седмица. Изборът им, с изключение на квалифицираното мнозинство, нужно за ВСС и Инспектората, ще става с половината от гласовете на присъстващите в залата депутати. За втори мандат като подуправител за „Банков надзор“ БНБ предлага Радослав Миленков, който оглавяваше Фонда за гарантиране на влоговете след фалита на КТБ. Неговата лоялност към Пеевски не е тайна – и не само заради ролята му в разпределението на средствата, получени от активите на фалиралата банка.
За управител на НЗОК, която тази година ще разпределя бюджет от 9,45 млрд. лв. (от които 4,1 млрд. са за болниците и 2,5 млрд. – за лекарства), само ГЕРБ–СДС издигна кандидат, което означава и сигурна победа. Това е доскорошният заместник-министър на здравеопазването доц. Петко Стефановски, който заемаше този пост и в правителството на т.нар. сглобка, и в служебния кабинет на Димитър Главчев. Според ПП–ДБ мандатът на настоящия управител на НЗОК изтича през август, не през март, но парламентарната Здравна комисия откри процедурата.
Изглежда, че ГЕРБ ще вземе и председателското място в Комисията по енергийно и водно регулиране (КЕВР) с кандидата си – настоящия директор на Дирекция „Електроенергетика и топлоенергетика“ в регулатора Пламен Младеновски. И макар за втори път най-голямата партия да го предлага за поста, лидерът не го познавал.
Не го познавам, Делян Добрев ги предлага.
Конкурент на Младеновски за поста председател е Меглена Русенова, номинирана от ПП–ДБ и за председател, и за енергиен комисар. Прогнозите са, че и двамата ще влязат в КЕВР, но Русенова, подкрепена от енергийния бранш, като комисар. В момента тя е член на управата на Фонд „Сигурност на електроенергийната система“ и е в борсовия съвет на Българската независима енергийна борса.
Конкуренция на Русенова за енергиен комисар е Таско Ерменков, издигнат от БСП – Обединена левица. Останалите номинации са за воден комисар – на ветерана в политиката Ремзи Осман от ДПС–ДПС и на Александра Богоявленска, подкрепена от ИТН, с опит в „Напоителни системи“. Но и БСП, и партията на Слави Трифонов вече имат по един комисар, така че прогнозите са Доган и сие да получат креслото.
За един от ключовите регулатори, каквато е Комисията за защита на конкуренцията (КЗК), изплува името на Росен Карадимов, последния председател на Комсомола при Живковия режим, шеф на кабинета на премиера Сергей Станишев при Тройната коалиция, който влезе в Българската банка за развитие (ББР) благодарение на служебния кабинет на президента Радев през 2022 г. По-късно стана и министър на иновациите в служебното правителство на Димитър Главчев. Човек на „ти“ с олигарха Делян Пеевски, а изглежда, не само с него, изскача и по делото КТБ в свидетелски показания, че „идвал всеки месец за 10 000 евро на ръка“.
През януари тази година сайтът за разследваща журналистика BIRD.bg съобщи, че братът на министъра на спорта Иван Пешев – Санко Пешев, е в управлението на дружеството „Интернешънъл инвестмънтс“ ЕАД, за което има индиректни връзки, че е свързано с Пеевски и Йордан Цонев, депутат от ДПС – Ново начало. През 2016 г. компанията е получила заем от 115 млн. лв. от ББР за купуването на хотел на Халкидики. Преди месец по bTV Карадимов защити заема – бил редовно обслужван, а на въпрос дали е вярно, че няма обезпечения, заяви, че това не е единственият начин да се обезпечи един кредит.
Издигнат от БСП за шеф на КЗК – органа, който разрешава или отказва сливания и придобивания и следи за картели и нелоялни търговски практики, засега Карадимов изглежда почти сигурен. Един от шефовете на КЗК Петко Николов изкара на поста от 2003 г. до 2016 г., а настоящият – Юлия Ненкова, майка на депутата от ГЕРБ Александър Ненков, кара 9-та година.
Но и ПП–ДБ имат номинации за КЗК – и за председател, и за член, и тя е на доц. д-р Иван Стойнев, преподавател по европейско право в Софийския университет, специалист по конкурентно право, и на доктора по икономика Юлиан Войнов, който има опит в КЕВР и в Министерството на финансите. Стойнев чете лекции и в европейски университети.
Номинациите тепърва ще изненадват, гласуванията по тях – също. На ГЕРБ е единствената номинация за друг голям регулатор, какъвто е Комисията за финансов надзор – издигат дългогодишния директор на Българската фондова борса Васил Големански. Избраният за председател предлага други трима за свои заместници.
За Фискалния съвет ГЕРБ номинира за председател бившия си финансов министър Симеон Дянков, а за членове – бившия зам.-министър на финансите Любомир Дацов, който и сега е в Съвета, и Десислава Калчева, която също е работила там, а сега преподава в Софийския университет. Предложението на ИТН е Атанас Атанасов, сега главен експертен сътрудник във Фискалния съвет. БСП издига Богомил Манов, също университетски преподавател, а ДПС на Доган – бившия депутат Ердоан Ахмедов.
Липсата на кворум попречи да бъде открита процедурата за попълване на 11-членната парламентарна квота във Висшия съдебен съвет. Управляващото мнозинство – ГЕРБ, БСП, ИТН и ДПС–ДПС, не успя да събере мнозинство. Да се чете: още не е постигнато разбирателство зад кулисите за кандидатите. Постигне ли се, кворумът веднага ще се намери. От ГЕРБ обвиниха ПП–ДБ, че заедно с „Възраждане“ са провалили кворума.
Лидерът на ДСБ Атанас Атанасов напомни, че мнозинството отговаря за кворума.
Още едно правило от политиката – че подкрепата се търси, а не се носи на тепсия. Така че тези, които управляват, които набутаха, извинявайте за израза, всички тези точки, бързайки да се окомплектоват регулаторите с техните хора, да си потърсят подкрепата, нали. Ние сме готови за разговори.
България – изгубена за Украйна
Геополитическото напрежение също скрива управленските игри, при които точно определени хора трайно биват намествани на определени места за години напред. На преден план е невъобразимата патаклама около изпращането на български войници в Украйна, без никой да е искал такива. Потвърдиха го министрите на външните работи и на отбраната Георг Георгиев и Ангел Запрянов, извикани на изслушване в парламента.
Никой никъде и по никакъв начин не е подлагал на обсъждане въпроса за изпращане на военни контингенти в Украйна за участие в бойни действия между Русия и Украйна.
Никой не е искал от България участие в операцията по мироопазване, която е бъдеща и евентуално може да се осъществи.
Но преди да се чуят техните обяснения, президентът създаде „факта“ с изявлението си, че е категорично против България да изпраща войници в Украйна. Решението за изпращане на български войски в Украйна е изключителен прерогатив на Народното събрание, а категоричността на държавния глава създаде впечатление, че България отказва участие още преди да има формирана позиция на съюзническо ниво.
Повод за шума станаха въпроси, изпратени до съюзниците в НАТО, в това число и България, за евентуално участие в процеса по гарантиране на сигурността в Украйна от Американското посолство и чрез постоянната делегация в НАТО. Вашингтон сондира мнения кои държави биха могли да допринесат за гаранциите към Киев, готови ли са да участват с войски в Украйна като мироопазващи сили, какъв трябва да бъде размерът на евентуалните сили, ръководени от Европа, и др. Тези въпроси са в контекста на „част от бъдещи мирни договорености в условията на траен мир“, както обясни министърът на външните работи.
Премиерът Росен Желязков обаче прояви гъвкавост, заявявайки, че ЕС трябва да остане единен и предвидим в цялостната си подкрепа за Украйна. Направи го чрез видеоконферентната връзка, с която участва във втората извънредна среща за Украйна, чийто домакин беше френският президент Еманюел Макрон. Европа и Украйна трябва да бъдат на преговорната маса, беше онова, което заяви.
А в петъчния ден единствено ПП–ДБ излезе с декларация, огласена от Явор Божанков, във връзка с третата година от началото на войната на Руската федерация срещу Украйна.
Цивилизационният избор на България ще бъде поставен пред изпитание в следващите месеци. Нашият национален интерес е траен мир, а той се гради само на истината – Украйна е жертва, решение на този конфликт без нея и без Европа е невъзможно.
Изглежда, че всичко си остава постарому: властта „делка“ постове, бюджети и влияние на фона на геополитическо напрежение и не особено ефективен бойкот на търговските вериги по примера на съседните балкански държави. Пенсионерите са доволни, регулаторите – уредени, а големият въпрос за Украйна е удавен в политически шум.
Но поне към еврозоната държавата се движи.
Which Zigbee Coordinator Should You Choose for Your Network? 🤔💡
Post Syndicated from BeardedTinker original https://www.youtube.com/watch?v=5kBKfjmF8-M