Serverless ICYMI Q4 2022

Post Syndicated from Marcia Villalba original https://aws.amazon.com/blogs/compute/serverless-icymi-q4-2022/

Welcome to the 20th edition of the AWS Serverless ICYMI (in case you missed it) quarterly recap. Every quarter, we share all the most recent product launches, feature enhancements, blog posts, webinars, Twitch live streams, and other interesting things that you might have missed!In case you missed our last ICYMI, check out what happened last quarter here.

AWS Lambda

For developers using Java, AWS Lambda has introduced Lambda SnapStart. SnapStart is a new capability that can improve the start-up performance of functions using Corretto (java11) runtime by up to 10 times, at no extra cost.

To use this capability, you must enable it in your function and then publish a new version. This triggers the optimization process. This process initializes the function, takes an immutable, encrypted snapshot of the memory and disk state, and caches it for reuse. When the function is invoked, the state is retrieved from the cache in chunks, on an as-needed basis, and it is used to populate the execution environment.

The ICYMI: Serverless pre:Invent 2022 post shares some of the launches for Lambda before November 21, like the support of Lambda functions using Node.js 18 as a runtime, the Lambda Telemetry API, and new .NET tooling to support .NET 7 applications.

Also, now Amazon Inspector supports Lambda functions. You can enable Amazon Inspector to scan your functions continually for known vulnerabilities. The log4j vulnerability shows how important it is to scan your code for vulnerabilities continuously, not only after deployment. Vulnerabilities can be discovered at any time, and with Amazon Inspector, your functions and layers are rescanned whenever a new vulnerability is published.

AWS Step Functions

There were many new launches for AWS Step Functions, like intrinsic functions, cross-account access capabilities, and the new executions experience for Express Workflows covered in the pre:Invent post.

During AWS re:Invent this year, we announced Step Functions Distributed Map. If you need to process many files, or items inside CSV or JSON files, this new flow can help you. The new distributed map flow orchestrates large-scale parallel workloads.

This feature is optimized for files stored in Amazon S3. You can either process in parallel multiple files stored in a bucket, or process one large JSON or CSV file, in which each line contains an independent item. For example, you can convert a video file into multiple .gif animations using a distributed map, or process over 37 GB of aggregated weather data to find the highest temperature of the day. 

Amazon EventBridge

Amazon EventBridge launched two major features: Scheduler and Pipes. Amazon EventBridge Scheduler allows you to create, run, and manage scheduled tasks at scale. You can schedule one-time or recurring tasks across 270 services and over 6.000 APIs.

Amazon EventBridge Pipes allows you to create point-to-point integrations between event producers and consumers. With Pipes you can now connect different sources, like Amazon Kinesis Data Streams, Amazon DynamoDB Streams, Amazon SQS, Amazon Managed Streaming for Apache Kafka, and Amazon MQ to over 14 targets, such as Step Functions, Kinesis Data Streams, Lambda, and others. It not only allows you to connect these different event producers to consumers, but also provides filtering and enriching capabilities for events.

EventBridge now supports enhanced filtering capabilities including:

  • Matching against characters at the end of a value (suffix filtering)
  • Ignoring case sensitivity (equals-ignore-case)
  • OR matching: A single rule can match if any conditions across multiple separate fields are true.

It’s now also simpler to build rules, and you can generate AWS CloudFormation from the console pages and generate event patterns from a schema.

AWS Serverless Application Model (AWS SAM)

There were many announcements for AWS SAM during this quarter summarized in the ICMYI: Serverless pre:Invent 2022 post, like AWS SAM ConnectorsSAM CLI Pipelines now support OpenID Connect Protocol, and AWS SAM CLI Terraform support.

AWS Application Composer

AWS Application Composer is a new visual designer that you can use to build serverless applications using multiple AWS services. This is ideal if you want to build a prototype, review with others architectures, generate diagrams for your projects, or onboard new team members to a project.

Within a simple user interface, you can drag and drop the different AWS resources and configure them visually. You can use AWS Application Composer together with AWS SAM Accelerate to build and test your applications in the AWS Cloud.

AWS Serverless digital learning badges

The new AWS Serverless digital learning badges let you show your AWS Serverless knowledge and skills. This is a verifiable digital badge that is aligned with the AWS Serverless Learning Plan.

This badge proves your knowledge and skills for Lambda, Amazon API Gateway, and designing serverless applications. To earn this badge, you must score at least 80 percent on the assessment associated with the Learning Plan. Visit this link if you are ready to get started learning or just jump directly to the assessment. 

News from other services:

Amazon SNS

Amazon SQS

AWS AppSync and AWS Amplify

Observability

AWS re:Invent 2022

AWS re:Invent was held in Las Vegas from November 28 to December 2, 2022. Werner Vogels, Amazon’s CTO, highlighted event-driven applications during his keynote. He stated that the world is asynchronous and showed how strange a synchronous world would be. During the keynote, he showcased Serverlesspresso as an example of an event-driven application. The Serverless DA team presented many breakouts, workshops, and chalk talks. Rewatch all our breakout content:

In addition, we brought Serverlesspresso back to Vegas. Serverlesspresso is a contactless, serverless order management system for a physical coffee bar. The architecture comprises several serverless apps that support an ordering process from a customer’s smartphone to a real espresso bar. The customer can check the virtual line, place an order, and receive a notification when their drink is ready for pickup.

Serverless blog posts

October

November

December

Videos

Serverless Office Hours – Tuesday 10 AM PT

Weekly live virtual office hours: In each session, we talk about a specific topic or technology related to serverless and open it up to helping with your real serverless challenges and issues. Ask us anything about serverless technologies and applications.

YouTube: youtube.com/serverlessland

Twitch: twitch.tv/aws

October

November

December

FooBar Serverless YouTube Channel

Marcia Villalba frequently publishes new videos on her popular FooBar Serverless YouTube channel.

October

November

December

Still looking for more?

The Serverless landing page has more information. The Lambda resources page contains case studies, webinars, whitepapers, customer stories, reference architectures, and even more Getting Started tutorials. If you want to learn more about event-driven architectures, read our new guide that will help you get started.

You can also follow the Serverless Developer Advocacy team on Twitter and LinkedIn to see the latest news, follow conversations, and interact with the team.

For more serverless learning resources, visit Serverless Land.

A Security Issue in Android That Remains Unfixed – Pull-down Menu On Lock Screen

Post Syndicated from Bozho original https://techblog.bozho.net/a-security-issue-in-android-that-remains-unfixed-pull-down-menu-on-lock-screen/

Having your phone lying around when your kids are playing with everything they find is a great security test. They immediately discover new features and ways to go beyond the usual flow.

This is the way I recently discovered a security issue with Android. Apparently, even if the phone is locked, the pull-down menu with quick settings works. Also, volume control works. Not every functionality inside the quick settings menu works fully while unlocked, but you can disable mobile data and Wi-Fi, you can turn on your hotspot, you can switch to Airplane mode.

While this has been pointed out on Google Pixel forums, on reddit and Stack Exchange, it has not been fixed in stock Android. Different manufacturers seem to have acknowledged the issue in their custom ROMs, but that’s not a reliable long-term solution.

Let me explain why this is an issue. First, it breaks the assumption that when the phone is locked nothing works. Breaking user assumptions is bad by itself.

Second, it allows criminals to steal your phone and put in in Airplane mode, thus disabling any ability to track the phone – either through “find my phone” services, or by the police through mobile carriers. They can silence the phone, so that it’s not found with “ring my phone” functionality. It’s true that an attacker can just take out the SIM card, but having the Wi-Fi on still allows tracking using wifi networks through which the phone passes.

Third, the hotspot (similar issues go with Bluetooth). Allowing a connection can be used to attack the device. It’s not trivial, but it’s not impossible either. It can also be used to do all sorts of network attacks on other devices connected to the hotspot (e.g. you enable the hotspot, a laptop connects automatically, and you execute an APR poisoning attack). The hotspot also allows attackers to use a device to commit online crimes and frame the owner. Especially if they do not steal the phone, but leave it lying where it originally was, just with the hotspot turned on. Of course, they would need to get the password for the hotspot, but this can be obtained through social engineering.

The interesting thing is that when you use Google’s Family Link to lock a device that’s given to a child, the pull-down menu doesn’t work. So the basic idea that “once locked, nothing should be accessible” is there, it’s just not implemented in the default use-case.

While the things described above are indeed edge-cases and may be far fetched, I think they should be fixed. The more functionality is available on a locked phone, the more attack surface it has (including for the exploitation of 0days).

The post A Security Issue in Android That Remains Unfixed – Pull-down Menu On Lock Screen appeared first on Bozho's tech blog.

How to Install an Intel E810 100GbE Network Adapter in Windows 11

Post Syndicated from Rohit Kumar original https://www.servethehome.com/how-to-install-an-intel-e810-100gbe-network-adapter-in-windows-11/

Although it is not supported, there is an unintuitive workaround to install the Intel E810 100GbE adapters in Windows 11. We show you how

The post How to Install an Intel E810 100GbE Network Adapter in Windows 11 appeared first on ServeTheHome.

[$] Welcome to 2023

Post Syndicated from original https://lwn.net/Articles/918790/

Yet another new year is upon us, and that can only mean one thing: the time
has come for your editor to look into his crystal ball and make some
predictions for what 2023 will hold. Said crystal ball is known to suffer
from speculative-execution problems and parity errors, but it’s the best
that LWN’s budget will afford. Read on for a highly unreliable look at
what’s to come.

20 Years of DistroWatch

Post Syndicated from original https://lwn.net/Articles/918885/

DistroWatch Weekly celebrates its
1000th issue and 20 years of publication.

How much material is in two decades of Weekly editions? It’s in the
ballpark of 2,500 articles or approximately 5,600,000 words. It’s
an overview of a few thousand news announcements, more than 13,000
screenshots, over 6,500 stable open source operating system
releases summarized, and more than 2,800 torrents seeded. We’ve
published answers to over 470 questions from curious community
members and over 80 Tips & Tricks articles. You could say we’ve
been busy over the past 20 years!

Nightly PyTorch builds compromised

Post Syndicated from original https://lwn.net/Articles/918884/

Anybody who installed a nightly release from the PyTorch machine-learning library between
December 25 and 30 will
want to uninstall it immediately:

At around 4:40pm GMT on December 30 (Friday), we learned about a
malicious dependency package (torchtriton) that was uploaded to the
Python Package Index (PyPI) code repository with the same package
name as the one we ship on the PyTorch nightly package index. Since
the PyPI index takes precedence, this malicious package was being
installed instead of the version from our official repository. This
design enables somebody to register a package by the same name as
one that exists in a third party index, and pip will install their
version by default.

This malicious package has the same name torchtriton but added in
code that uploads sensitive data from the machine.

Security updates for Monday

Post Syndicated from original https://lwn.net/Articles/918883/

Security updates have been issued by Debian (cacti, emacs, exuberant-ctags, libjettison-java, mplayer, node-loader-utils, node-xmldom, openvswitch, ruby-image-processing, webkit2gtk, wpewebkit, and xorg-server), Fedora (OpenImageIO, systemd, w3m, and webkit2gtk3), Mageia (curl, freeradius, libksba, libtar, python-ujson, sogo, thunderbird, and webkit2), Red Hat (bcel), and SUSE (ffmpeg, ffmpeg-4, mbedtls, opera, saphanabootstrap-formula, sbd, vlc, and webkit2gtk3).

Kernel prepatch 6.2-rc2

Post Syndicated from original https://lwn.net/Articles/918833/

The second 6.2 kernel prepatch is out for
testing — but there isn’t a lot there.

So the week started so slow due to the holidays that I thought I
might not have any reason to do an rc2 at all, but by the end of
the week I did end up getting a smattering of pull requests, so
here we are. It’s tiny, even smaller than usual for an rc2, and
honestly, I’d expect that trend to continue for rc3.

2023-01-01 равносметъчно

Post Syndicated from original https://vasil.ludost.net/blog/?p=3463

> Отказвам да имам очаквания за идващата година. Някои хора казват, че поне supply chain проблема може да почне да се пооправя към края ѝ, а дано.

(аз, в началото на годината)

Явно решението да нямам очаквания е било съвсем правилно.

От по-интересните неща, които се случиха:

– Малките зверове растат – весели, здрави и все толкова опасни 🙂

– Направихме пак online FOSDEM, и ще е последния такъв. Имам билети, подготвили сме се, идващия ще е на живо, в гадния студен и мокър Брюксел, в кривия университет. И съм сигурен, че много ще му се радваме.

– Направихме един хубав OpenFest на живо, на който дори успях да изнеса една лекция (още ми е трудно да повярвам колко хора гласуваха за нея, въпреки малоумното заглавие). Следващия OpenFest ще се случва без мен, както писах, от всички органиизрани досега не съм бил в организацията само на 4-5…

– Успяхме да си попълним екипа тая година, изглежда, че ходенето по разни конференции помага. Даже имах време да посъбера нов списък от “мотики”, та със сигурност в момента има материал поне за една лекция. Ако имам възможност, ще драсна една-две тук.

– Започнахме да си организираме (в екипа) сбирка на всички в офиса да работим заедно, за по една седмица на около два месеца. Аз, както не съм особено социален все пак го намирам за много полезно и приятно, и определено ще се запази.

– ИББ изглежда се възстановява.

Имам голямото желание (и) тази година да пиша малко повече, например отдавна се каня да напиша нещо за наемането на хора, да видим докъде ще стигна.

За много години!

Post Syndicated from original https://dni.li/2023/01/01/za-mnogo-godini/

2022 беше предизвикателна. Опитахме нови неща, които не винаги ни се получаваха, но бяха интересни. И ни научиха. Че можем преспокойно да живеем 5 месеца в държава, чийто език не знаем, че морето ни е в сърцето ама наистина, че не харесваме българското образование и валенсианския пазар на недвижими имоти, че ако внимаваме – всичко можем да постигнем. Или поне почти всичко. Защото понякога просто не зависи от нас.

Викам 2023 да е малко по-недраматична ако може.


via

Launch Event for 4th Gen Intel Xeon Scalable Sapphire Rapids Scheduled

Post Syndicated from Cliff Robinson original https://www.servethehome.com/launch-event-for-4th-gen-intel-xeon-scalable-sapphire-rapids-scheduled/

As a quick reminder the 4th Gen Intel Xeon Scalable, codenamed “Sapphire Rapids”, and Xeon Max launch is set for January

The post Launch Event for 4th Gen Intel Xeon Scalable Sapphire Rapids Scheduled appeared first on ServeTheHome.

Vanilla OS 22.10 released

Post Syndicated from original https://lwn.net/Articles/918810/

Vanilla OS is a new, Ubuntu-based
distribution with an immutable(ish) core and a focus on containers. Version
22.10, the first stable release, is out.

Vanilla OS is not an ordinary Linux distribution, it is a project
that sets itself many goals and is not afraid to put itself out
there, proudly displaying its unique technologies such as the Apx
sub-system, its own automatic update system, and ABRoot
transactions.

LineageOS 20 released

Post Syndicated from original https://lwn.net/Articles/918809/

Version 20 of the
Android-based LineageOS distribution has been released.

We have been working extremely hard since Android 13’s release last
October to port our features to this new version of Android. Thanks
to our hard work adapting to Google’s largely UI-based changes in
Android 12, and Android 13’s dead-simple device bring-up
requirements, we were able to rebase our changes onto Android 13
much more efficiently. This led to a lot of time to spend on cool
new features such as our awesome new camera app, Aperture, which
was written in large part by developers SebaUbuntu, LuK1337, and
luca020400.

The collective thoughts of the interwebz