Tag Archives: COVID-19

Introducing Project Fair Shot: Ensuring COVID-19 Vaccine Registration Sites Can Keep Up With Demand

Post Syndicated from Matthew Prince original https://blog.cloudflare.com/project-fair-shot/

Introducing Project Fair Shot: Ensuring COVID-19 Vaccine Registration Sites Can Keep Up With Demand

Introducing Project Fair Shot: Ensuring COVID-19 Vaccine Registration Sites Can Keep Up With Demand

Around the world government and medical organizations are struggling with one of the most difficult logistics challenges in history: equitably and efficiently distributing the COVID-19 vaccine. There are challenges around communicating who is eligible to be vaccinated, registering those who are eligible for appointments, ensuring they show up for their appointments, transporting the vaccine under the required handling conditions, ensuring that there are trained personnel to administer the vaccine, and then doing it all over again as most of the vaccines require two doses.

Cloudflare can’t help with most of that problem, but there is one key part that we realized we could help facilitate: ensuring that registration websites don’t crash under load when they first begin scheduling vaccine appointments. Project Fair Shot provides Cloudflare’s new Waiting Room service for free for any government, municipality, hospital, pharmacy, or other organization responsible for distributing COVID-19 vaccines. It is open to eligible organizations around the world and will remain free until at least July 1, 2021 or longer if there is still more demand for appointments for the vaccine than there is supply.

Crashing Registration Websites

The problem of vaccine scheduling registration websites crashing under load isn’t theoretical: it is happening over and over as organizations attempt to schedule the administration of the vaccine. This hit home at Cloudflare last weekend. The wife of one of our senior team members was trying to register her parents to receive the vaccine. They met all the criteria and the municipality where they lived was scheduled to open appointments at noon.

When the time came for the site to open, it immediately crashed. The cause wasn’t hackers or malicious activity. It was merely that so many people were trying to access the site at once. “Why doesn’t Cloudflare build a service that organizes a queue into an orderly fashion so these sites don’t get overwhelmed?” she asked her husband.

A Virtual Waiting Room

Turns out, we were already working on such a feature, but not for this use case. The problem of fairly distributing something where there is more demand than supply comes up with several of our clients. Whether selling tickets to a hot concert, the latest new sneaker, or access to popular national park hikes it is a difficult challenge to ensure that everyone eligible has a fair chance.

The solution is to open registration to acquire the scarce item ahead of the actual sale. Anyone who visits the site ahead of time can be put into a queue. The moment before the sale opens, the order of the queue can be randomly (and fairly) shuffled. People can then be let in in order of their new, random position in the queue — allowing only so many at any time as the backend of the site can handle.

At Cloudflare, we were building this functionality for our customers as a feature called Waiting Room. (You can learn more about the technical details of Waiting Room in this post by Brian Batraski who helped build it.) The technology is powerful because it can be used in front of any existing web registration site without needing any code changes or hardware installation. Simply deploy Cloudflare through a simple DNS change and then configure Waiting Room to ensure any transactional site, no matter how meagerly resourced, can keep up with demand.

Recognizing a Critical Need; Moving Up the Launch

We planned to release it in February. Then, when we saw vaccine sites crashing under load and frustration of people eligible for the vaccine building, we realized we needed to move the launch up and offer the service for free to organizations struggling to fairly distribute the vaccine. With that, Project Fair Shot was born.

Government, municipal, hospital, pharmacy, clinic, and any other organizations charged with scheduling appointments to distribute the vaccine can apply to participate in Project Fair Shot by visiting: projectfairshot.org

Giving Front Line Organizations the Technical Resources They Need

The service will be free for qualified organizations at least until July 1, 2021 or longer if there is still more demand for appointments for the vaccine than there is supply. We are not experts in medical cold storage and I get squeamish at the sight of needles, so we can’t help with many of the logistical challenges of distributing the vaccine. But, seeing how we could support this aspect, our team knew we needed to do all we could to help.

The superheroes of this crisis are the medical professionals who are taking care of the sick and the scientists who so quickly invented these miraculous vaccines. We’re proud of the supporting role Cloudflare has played helping ensure the Internet has continued to function well when the world needed it most. Project Fair Shot is one more way we are living up to our mission of helping build a better Internet.

Cloudflare Waiting Room

Post Syndicated from Brian Batraski original https://blog.cloudflare.com/cloudflare-waiting-room/

Cloudflare Waiting Room

Cloudflare Waiting Room

Today, we are excited to announce Cloudflare Waiting Room! It will first be available to select customers through a new program called Project Fair Shot which aims to help with the problem of overwhelming demand for COVID-19 vaccinations causing appointment registration websites to fail. General availability in our Business and Enterprise plans will be added in the near future.

Wait, you’re excited about a… Waiting Room?

Most of us are familiar with the concept of a waiting room, and rarely are we excited about the idea of being in one. Usually our first experience of one is at a doctor’s office — yes, you have an appointment, but sometimes the doctor is running late (or one of the patients was). Given the doctor can only see one person at a time… the waiting room was born, as a mechanism to queue up patients.

While servers can handle more concurrent requests than a doctor can, they too can be overwhelmed. If, in a pre-COVID world, you’ve ever tried buying tickets to a popular concert or event, you’ve probably encountered a waiting room online. It limits requests inbound to an application, and places these requests into a virtual queue. Once the number of users in the application has reduced, new users are let in within the defined thresholds the application can handle. This protects the origin servers supporting the application from being inundated with too many requests, while also ensuring equity from a user perspective — users who try to access a resource when the system is overloaded are not unfairly dropped and forced to reconnect, hoping to join their chance in the queue.

Why Now?

Given not many of us are going to live concerts any time soon, why is Cloudflare doing this now?

Well, perhaps we aren’t going to concerts, but the second order effects of COVID-19 have created a huge need for waiting rooms. First of all, given social distancing and the closing of many places of business and government, customers and citizens have shifted to online channels, putting substantially more strain on business and government infrastructure.

Second, the pandemic and the flow-on consequences of it have meant many folks around the world have come to rely on resources that they didn’t need twelve months earlier. To be specific, these are often health or government-related resources — for example, unemployment insurance websites. The online infrastructure was set up to handle a peak load that didn’t foresee the impact of COVID-19. We’re seeing a similar pattern emerge with websites that are related to vaccines.

Historically, the number of organizations that needed waiting rooms was quite small. The nature of most businesses online usually involve a more consistent user load, rather than huge crushes of people all at once. Those organizations were able to build custom waiting rooms and were integrated deeply into their application (for example, buying tickets).  With Cloudflare’s Waiting Room, no code changes to the application are necessary and a Waiting Room can be set up in a matter of minutes for any website without writing a single line of code.

Whether you are an engineering architect or a business operations analyst, setting up a Waiting Room is simple. We make it quick and easy to ensure your applications are reliable and protected from unexpected spikes in traffic.  Other features we felt were important are automatic enablement and dynamic outflow. In other words, a waiting room should turn on automatically when thresholds are exceeded and as users finish their tasks in the application, let out different sized buckets of users and intake new ones already in the queue. It should just work. Lastly, we’ve seen the major impact COVID-19 has made on users and businesses alike, especially, but not limited to, the health and government sectors. We wanted to provide another way to ensure these applications remain available and functional so all users can receive the care that they need and not errors within their browser.

How does Cloudflare’s Waiting Room work?

We built Waiting Room on top of our edge network and our Workers product. By leveraging Workers and our new Durable Objects offerings, we were able to remove the need for any customer coding and provide a seamless, out of the box product that will ‘just work’. On top of this, we get the benefits of the scale and performance of our Workers product to ensure we maintain extremely low latency overhead, keep estimated times presented to end users accurate as can be and not keep any user in the queue longer than needed. But building a centralized system in a decentralized network is no easy task. When requests come into an application from around the world, we need to be able to get a broad, accurate view of what that load looks like inbound and outbound to a given application.

Cloudflare Waiting Room
Request going through Cloudflare without a Waiting Room

These requests, as fast as they are, still take time to travel across the planet. And so, a unique edge case was presented. What if a website is getting reasonable traffic from North America and Europe, but then a sudden major spike of traffic takes place from South America – how do we know when to keep letting users into the application and when to kick in the Waiting Room to protect the origin servers from being overloaded?

Thanks to some clever engineering and our Workers product, we were able to create a system that almost immediately keeps itself synced with global demand to an application giving us the necessary insight into when we should and should not be queueing users into the Waiting Room. By leveraging our global Anycast network and over 200+ data centers, we remove any single point of failure to protect our customers’ infrastructure yet also provide a great experience to end-users who have to wait a small amount of time to enter the application under high load.

Cloudflare Waiting Room
Request going through Cloudflare with a Waiting Room

How to setup a Waiting Room

Setting up a Waiting Room is incredibly easy and very fast! At the easiest side of the scale, a user needs to fill out only five fields: 1) the name of the Waiting Room, 2) a hostname (which will already be pre-populated with the zone it’s being configured on), 3) the total active users that can be in the application at any given time, 4) the new users per minute allowed into the application, and 5) the session duration for any given user. No coding or any application changes are necessary.

Cloudflare Waiting Room

We provide the option of using our default Waiting Room template for customers who don’t want to add additional branding. This simplifies the process of getting a Waiting Room up and running.

Cloudflare Waiting Room

That’s it! Press save and the Waiting Room is ready to go!

Cloudflare Waiting Room

For customers with more time and technical ability, the same process is followed, except we give full customization capabilities to our users so they can brand the Waiting Room, ensuring it matches the look and feel of their overall product.

Cloudflare Waiting Room

Lastly, managing different Waiting Rooms is incredibly easy. With our Manage Waiting Room table, at a glance you are able to get a full snapshot of which rooms are actively queueing, not queueing, and/or disabled.

Cloudflare Waiting Room

We are very excited to put the power of our Waiting Room into the hands of our customers to ensure they continue to focus on their businesses and customers. Keep an eye out for another blog post coming soon with major updates to our Waiting Room product for Enterprise!

Скандализирано ми е, Съби!

Post Syndicated from original https://bivol.bg/scandal-sabi.html

неделя 10 януари 2021

Може и да помните, дето преди десетина дена ви разказвах как отидох за кренвирши до кварталния магазин, а се прибрах вкъщи като един от първите ваксинирани срещу ковид. Точно така,…

How COVID-19 Reinforced the Need for Mobile Device Management

Post Syndicated from Justin Turcotte original https://blog.rapid7.com/2021/01/07/how-covid-19-reinforced-the-need-for-mobile-device-management/

How COVID-19 Reinforced the Need for Mobile Device Management

How many of you got that call at the beginning of the pandemic to make your company’s workforce 100% capable for remote work? How many of you had no idea how to make that happen, seemingly (and sometimes literally) overnight? How many of you were already prepared for such an event?

Remote workforces and mobile device management (MDM) are more important than ever in 2020’s pandemic reality. Unmanaged remote endpoints are one of the biggest risks to an organization’s cybersecurity posture today.

Don’t think of remote endpoints solely from the isolated ransomware/malware infection standpoint. Instead, think of them from a MITRE ATT&CK matrix perspective. Ask yourself these questions:

  • Can attackers gain access to the endpoint?
  • Can attackers establish persistence?
  • Can attackers perform data collection and exfiltration?
  • What could an attacker achieve by compromising an unmanaged remote endpoint?
  • What can that endpoint bring back to the enterprise network with it when it returns to the office?

While working with Rapid7 customers over the past several months of quarantine and lockdown, it’s evident to me that many companies were caught completely off guard when facing the reality of being unable to work from their corporate offices.

Many customers have no ability to manage their endpoints remotely without them being connected to the company VPN, or in many cases, are unable to manage them at all. Many times, these VPN connections are unreliable, or the company had not planned for the network overhead required for a thousand employees connecting to the company VPN at the same time.

Companies have spent large amounts of money over the past several months rolling out more robust VPN solutions and mobile devices (like laptops and tablets) for users to be able to perform their jobs remotely. And security has seemingly taken a backseat to these larger efforts to keep workforces employed and productive.

Here are a few solutions we’ve seen many of our customers using for remote productivity and connectivity:

  • VPN: Company-controlled VPN service installed and configured on remote endpoints for users to connect as necessary.
  • Always-On VPN: A VPN connection that is “always on,” whenever the endpoint is connected to the internet. This configuration is more secure, as users are forced to connect to the company network in order to perform any work that requires the internet or network resources. This can help ensure users are not surfing dangerous websites or using other unapproved services such as personal email or file-sharing sites to perform official work.
  • Bring-Your-Own-Device (BYOD): BYOD scenarios include installing a company-controlled VPN client and configuration on an employee-owned device. This configuration is less than desirable due to the inability to control the remote endpoint in any capacity due to the lack of ownership.
  • Loose Controls: Some customers have even relaxed security measures that were in place prior to the pandemic. Due to the speed with which companies were forced to loosen security measures—such as removing multi-factor authentication requirements and disabling password rotation requirements—these actions have left some companies at great risk of being compromised.

Cloud-based remote management and security solutions are the key to beating remote work requirements imposed by federal and local governments.

There are still a large number of companies that seem to be cloud-averse when it comes to anything to do with endpoints or security, but this new reality makes it necessary to start adopting cloud-based solutions to manage your enterprise network.


Get the latest stories, expertise, and news about security today.

Cloud managed services to consider for a completely remote or mostly remote workforce


A cloud-based antivirus solution that does not require connectivity to the enterprise network in order to receive signature or software updates is crucial in this new dynamic. Users are taking their systems to their home wireless networks, which have notoriously weak security.

Anti-malware and endpoint detection and response (EDR)

Having an EDR and anti-malware solution that is able to report to a cloud-based management console is also important to prevent malware infections and alert on suspicious or anomalous activity.

Vulnerability management

Having a cloud-based vulnerabaility management solutionsystem in place that can report back to a centrally managed vulnerability management system is important for assessing the overall level of risk that an organization has in regard to remote endpoints.

Asset management

An effective asset management solution is crucial for an effective vulnerability management program. You cannot patch or secure what you do not know you have on your network. Asset management systems also help with remote support and resource planning.

Patch and software deployment

Are you able to patch or update software on remote endpoints easily and effectively? Is your current patch management solution able to reach remote endpoints reliably? Having a cloud-based patch and software deployment solution is key to ensuring your endpoints are kept up-to-date with the latest patches and version updates.

Data loss prevention

Are you able to see company data flowing across the enterprise network? Can you monitor the types of data flowing through VPN connections, personal emails, or cloud-based file sharing solutions?

These areas are just a few of the most important MDM or RMM solutions needed in today’s pandemic toolbox for the IT security professional.

Future considerations

If you already have some of these areas covered, can your tools integrate with one another to provide a single pane of glass administration console that enables your IT and security teams to perform day-to-day tasks?

Where can you consolidate tools into one platform? Can your patching solution act as your asset management solution as well? Can your endpoint detection and response system be a remote SIEM solution or a User Behavior Analytics system?

COVID-19 has altered the attack landscape forever. Work from home is likely not going anywhere and will only become more necessary as lockdowns continue. Some organizations have even opted to close offices and work remotely on a permanent basis after discovering how well their teams were able to work from the house. The need for mobile device management and the ability to detect and remediate vulnerabilities on remote endpoints is now a necessity rather than a convenience.

Explore Our Cloud-Based Security Solutions Today

Learn More

Менте-маските купени от България стигнаха и до Германия с фалшиви сертификати

Post Syndicated from Атанас Чобанов original https://bivol.bg/ryzur-masks-spiegel.html

вторник 29 декември 2020

Некачествени китайски респиратори от производителя Ryzur са раздадени на учителите в провинция Баден-Вюртемберг, пише Шпигел. Според проучване на авторитетното немско издание тези маски са с фалшиви сертификати от лабораторията DEKRA и трябва веднага да бъдат изтеглени от употреба. Немските власти обаче не знаели за тази измама.

В България един милион бройки от същите маски бяха закупени от правителството с европейски средства през месец май. Тогава Биволъ разкри, че тези маски са с най-ниската оценка за филтрация от референтна американска лаборатория. Маските на Ryzur се представят най-зле сред 92 изследвани модела /виж тук/. Максималната ефективност на филтъра на тази маска е едва 33,9%! Това е скандално ниско спрямо заявените 95% за този клас респиратори. На практика тази маска не предпазва изобщо от вдишване на коронавируса.  Пълният доклад от проучването може да бъде видян тук.

Как България купи с европари китайски маски-менте

Същите маски-менте са стигнали до немските учители тази есен и на тях се вижда печат за тест от авторитетната лаборатория DEKRA. Директорът на DEKRA Йорг-Тим Килиш обаче е заявил, че тези маски не са тествани от неговата лаборатория и “не трябва да се раздават при никакви обстоятелства”.

“Раздадените вече маски трябва да бъдат изтеглени веднага” – казва Килиш.

Шпигел са потърсили коментар от компетентните регионални министерства на социалните грижи и културата, които са отрекли, че раздават некачествени маски. Чиновниците обаче не знаели, че печатите на DEKRA са фалшифицирани.

Българският опит с тези маски е още по-скандален, тъй като те бяха рекламирани като медицински изделия и това е записано и в договора за покупката им, с който Биволъ разполага. Доставените със самолети маски обаче не бяха медицински по стандарта GB19083-2010 /виж тук/, а обикновени респиратори по стандарта GB2626 /виж тук/. Те не ставаха за употреба от здравните работници.

На поръчаните от България маски също имаше фалшиви печати от американската агенция за безопасност на лекарствата FDA и за европейско качество CE.  Това не попречи пратката да бъде усвоена. Маските бяха раздадени на служители на МВР, Агенция “Митници” и в други институции на “първа линия”. въпреки установените факти за тяхната неефективност и фалшивата документация.


Ваксинирано ми е, Съби!

Post Syndicated from original https://bivol.bg/vaccines-leki.html

понеделник 28 декември 2020

Тия празници определено ще ги запомня. Такова нещо нито ми се е случвало, нито съм подозирал, че е възможно да ми се случи. Нека първо се представя набързо. Съби, 72-годишен самотен пенсионер, със 45 години стаж в колбасарския бранш.

Отивам вчера да дебна доставката на кренвирши. Някой би попитал как може да съм работил сума ти петилетки по саламджийските цехове и въпреки това да търся кренвирши, но отговорът е много прост – вярвам, че за всичките тия години съм придобил имунитет към де що има „е“-та и други знайни и незнайни съставки на ситно мляната соя.

Все пак иде Нова година, а аз още по Коледа нулирах пенсията (320 лева) и щедрите добавки от премиера. Ама, празници са, трябва да сложа нещо на самотната си маса, та взех трийсет лева заем от комшията Христо. Той е от богатите пенсионери – дава стария си апартамент в Кючука под наем на някакви строители, помачета от родопските села.

И та, бях започнал да ви разправям, че седя на кръстовището до магазина и чакам да дойде бусът с кренвиршите, майна. Що си губя времето, ще питате. Нищо не си губя. Вече ви казах, че съм самотен, вирусът отнесе бабата още пролетта, а аз го изкарах на крак, да му се не види. По-добре да беше завлякъл и мене, за да не се мъча, ама айде. Не ми се висеше сам вкъщи, още повече, че по всички телевизии дават „Сам вкъщи“, а пък и в Пловдив зимата не е студена, та рекох да почакам навън. Тъкмо ще съм сигурен, че ще си набавя пресни кренвирши за новогодишната трапеза. Иначе няма гаранция. Ако знаете колко само са такива като мен… Самотни, бедни пенсионери, които си броят стотинките и търсят промоции по магазините. Случвало се е дори да се посдърпаме на някоя опашка.

Но сега съм сам. Явно ще ми провърви. Ето го, бусът идва. Отпред и отзад го провождат някакви коли със сини буркани на покривите, но не обръщам внимание. В нашата страна отдавна сме свикнали да се случват странни неща. Бусът намалява на кръстовището и аз изтичвам към него, подпирайки се на бастуна, за да питам шофьора кара ли пресни кренвирши. Имаме си приказка. Досаждам му почти всеки път, когато зарежда.

Подвиквам отдалече „Имате ли кренвирши, майна?“, размахвайки ръце. За най-голямо мое учудване двете коли с бурканите на покривите внезапно спират, от тях изскачат едни бабаити с униформи, сграбчват ме под мишниците, без да дават каквито и да било обяснения и ме отнасят до тротоара. Докато се усетя, съм обграден от камери, микрофони и светкавици. Някакви жени се надпреварват да се блъскат и да ми крещят нещо в лицето. Добре, че са яките момчета, за да ги удържат да не ме смажат.

Като насън ми е, ама се стряскам още повече, когато отнякъде се появява и премиерът. Дръжките на микрофони и камери му правят почетен шпалир, за да стигне до мен. И здравеняците с униформите се отдръпват да му направят място. Той ме поглежда за миг смръщено, после поставя голямата си лапа на рамото ми, от което капачките на коленете ми почти се превръщат в сол. Леко ме повдига за врата, за да се изпъча и почва едно снимане… Тия репортери едва не ме заслепяват. Първо си помислям, че се разиграва някаква томбола и най-сетне в живота си ще спечеля нещо, но думите на премиера ме убеждават, че не съм прав:

–        Ето, всички можете да видите, че народът няма търпение да се ваксинира. Човекът едва ходи, но тича да ни пресрещне и да се имунизира пръв. Това се казва буден гражданин! Имаме нужда от такива, че много тулупи се навъдиха.

–        Ама аз… Не за ваксина… За кренвирши дойдох… – поглеждам буса, за да се уверя, че не съм се объркал. Не, никакви ваксини. Брандиран е с логото на марка колбаси.

–        Хаха! – тупва ме приятелски по рамото премиерът така, че почти ми изкарва въздуха – Виждате ли? Бай…

–        Съби… – едва събирам сили да промълвя.

–        Бай Съби не само е съвестен гражданин, но и е запазил чувството си за хумор до дълбоки старини. Вика на ваксините кренвирши. Хаха! – идва ми да му обясня, че всъщност не съм чак толкова дърт, но като повечето набори изглеждам амортизиран заради тежкия живот и немотията, ама вече нямам сили да говоря – Айде, кво чакаме? Ваксинирайте бай Съби! Заслужи си го с упоритост и предприемчивост, с каквито са били известни българите по цял свят в миналото. Това изречение ми се получи отлично! Мисирки, да си го запишете и да го включите в репортажите, ясно ли е?

Аз обаче нямам време да мисля за репортажи. Отнякъде изскача медицинска сестра, пред която момчетата с униформите изглеждат като хилави лапета, замята ми вехтата канадка на тротоара, разкъсва копчетата на ризата ми чак до пъпа и преди да се усетя, забива иглата в рамото ми. Всички медии пак снимат, а аз почти губя съзнание. Не от болка, просто имам фобия от инжекции.

Когато все пак се свестявам, отново съм сам на тротоара, а от премиера, мисирките, колите с бурканите на покрива и буса няма ни вест, ни кост. Въртя се известно време и се почесвам по врата, после вдигам рамене (болката от инжекцията е единственият спомен от случилото се), навеждам се за канадката, привеждам ризата си в прилично състояние, доколкото е възможно, и тръгвам към дома.

Съседите обаче ме чакат пред входа. Нали и те като мен няма какво да правят, та висят по цял ден на терасите. Видели данданията и започват да ме разпитват. Някой ми подава чаша ракия, друга ръка държи под носа ми чиния царска туршия. Отпивам юнашка глътка, преди да се замисля, че по телевизията май казаха, че след ваксиниране не бива да се пие. „Какво пък толкова!?“ – помислям си, преди да отпия пак. И без това ваксината ми е аванта, ако хване – хване. Сега съм звездата на входа.

101 текста на Торлака за Биволъ

Поръчайте книгата “101 текста на Торлака за Биволъ”. Специално издание по случай десетата годишнина на сайта Биволъ. Цената е 15 лв. за екземпляр. Можете да поръчате също 2, 3, 5 или 10 екземпляра за приятели и познати. Доставка до адрес в България или в чужбина. Цената на доставката в България се заплаща на куриерската компания при получаване на пратката на личен адрес или в нейния офис. За доставка в чужбина ще се свържем с Вас, за да уточним подробностите. Можете да поръчате също и с лично съобщение до фейсбук страницата на Торлака.



The current exchange rate is 1.00 EUR equals 0 BGN.

Възможности за плащане

Информация за Вас

Информация за банковата карта

Плащането е защитено със SSL криптиране

Обща сума:

15,00 лв.

Нужни са ни по-добри данни за COVID-19

Post Syndicated from Bozho original https://blog.bozho.net/blog/3664

Смятам за нужно е да се направят две уточнения относно данните за COVID-19 у нас, тъй като напоследък се разпространяват алтернативни тълкувания.

  1. Броят заразени НЕ е достигнал плато и не намалява. Да, това казва официалната статистика за брой заразени, но тук има два фактора. Първият е, че сме на 40% позитивни тестове. Това прави статистиката безполезна – препоръката на СЗО е до 3% позитивни, за да имаш някакво адекватно проследяване на заразата. Също така общият брой тестове намалява, тъй като са скъпи, държавата до съвсем скоро не ги покриваше (а сега ги покрива при определени условия) и хората спряха да си ги правят – не им се изискват за пътуване, за какво да ги правят, като има безплатни антигенни, които обаче не влизат в статистиката. Така че – не, няма спад на заразените, но нямаме реална картина колко са всъщност.
  2. Броят смъртни случаи от COVID също не е достигнал плато. Тук е много важна методиката за отчитане на тези данни, а такава публично достъпна аз поне не намерих. Но допускането ми (и информация, която получавам от различни места) е, че методиката е доста консервативна – т.е. за починал с COVID се счита само ако имаш положителен PCR и си починал скоро след това. Това не включва починали вкъщи, починали в спешна помощ преди да е направен (и излязъл?) PCR. А при това натоварване на болниците, там отиват само спешните случаи, останалите си стоят вкъщи, защото няма места.

И в двата случая (а и при всички данни в реалния свят) и важно какъв е контекстът и какво значат данните в него, а не просто изсипани в ексел.

Единствената статистика, на която можем да разчитаме в момента, е тази, която излиза от НСИ всеки вторник – на общата смъртност в страната. Тя не разграничава по причина на смъртта, но дава доста ясна картина колко много се е повишила смъртността спрямо спрямо минали години.

Какво може да се направи, чисто от гледна точка на данните, защото каквото виждаме ние, вероятно това вижда и властта, а то е много подвеждащо и съответно се разчита на разкази и възприятия:

  • да се регистрират (отделно) и позитивните антигенни тестове. Тук се надявам процесът и интерфейсът да са удобни, за да не създава това голяма административна тежест
  • да се публикува методиката за отчитане на смъртни случаи с COVID и тя да се ревизира, така че да включи категория с предполагаемо починали от COVID (т.е. такива, които преди смъртта са имали симптоми или позитивен антигенен тест). Може в отделна графа да се публикува, за да е ясно кое какво е.
  • в периода на епидемичната обстановка, НСИ да публикува данните за смъртността всеки ден или на три дни – данните се вземат от смъртните актове, регистрирани от ГД ГРАО, така че там няма поле за тълкуване, извън факта, че при натоварването на системата, смъртни актове могат да излизат със закъснение. НСИ може да отичта и това – дата на вписване на смъртния акт спрямо дата на смъртта, като по този начин се отчита увеличеното натоварване.

Защо трябва да се занимаваме с числа, вместо да се фокусираме върху лекуването на хората? Не е „вместо“. Но без адекватна картина, всяка управленска мярка е стреляне в тъмното.

И по-важното – създават се алтернативни реалности дори сред над средно интелигентни хора, които не са попаднали още в света на конспирациите с „чипиране с 5G и ваксини“, но не са влезли навътре в естеството на данните. Ако гледаме данните за заразяване и за смъртност от COVID, от локдаун няма нужда – всичко е точно. Само че на тях изобщо не може да се разчита. Това пък е фактор за хората – доколко мотивирани да спазват мерките или да вярват на алтернативните факти, че „то нещата не са толкова тежки“.

Материалът Нужни са ни по-добри данни за COVID-19 е публикуван за пръв път на БЛОГодаря.

A Virtual Product Management Internship Experience

Post Syndicated from Selina Cho original https://blog.cloudflare.com/a-virtual-product-management-internship-experience/

A Virtual Product Management Internship Experience

A Virtual Product Management Internship Experience

In July 2020, I joined Cloudflare as a Product Management Intern on the DDoS (Distributed Denial of Service) team to enhance the benefits that Network Analytics brings to our customers. In the following, I am excited to share with you my experience with remote working as an intern, and how I acclimatized into Cloudflare. I also give details about what my work entailed and how we approached the process of Product Management.

Onboarding to Cloudflare during COVID19

As a long-time user of Cloudflare’s Free CDN plan myself, I was thrilled to join the company and learn what was happening behind the scenes while making its products. The entering internship class consisted of students and recent graduates from various backgrounds around the world – all with a mutual passion in helping build a better Internet.

The catch here was that 2020 would make the experience of being an intern very different. As it was the case with many other fellow interns, it was the first time I had taken up work remotely from scratch. The initial challenge was to integrate into the working environment without ever meeting colleagues in a physical office. Because everything took place online, it was much harder to pick up non-verbal cues that play a key role in communication, such as eye contact and body language.

To face this challenge, Cloudflare introduced creative and active ways in which we could better interact with one another. From the very first day, I was welcomed to an abundance of knowledge sharing talks and coffee chats with new and existing colleagues in different offices across the world. Whether it was data protection from the Legal team or going serverless with Workers, we were welcomed to afternoon seminars every week on a new area that was being pursued within Cloudflare.

Cloudflare not only retained the summer internship scheme, but in fact doubled the size of the class; this reinforced an optimistic mood within the entering class and a sense of personal responsibility. I was paired up with a mentor, a buddy, and a manager who helped me find my way quickly within Cloudflare, and without which my experience would not have been the same. Thanks to Omer, Pat, Val and countless others for all your incredible support!

Social interactions took various forms and were scheduled for all global time zones. I was invited to weekly virtual yoga sessions and intern meetups to network and discover what other interns across the world were working on. We got to virtually mingle at an “Intern Mixer” where we shared answers to philosophical prompts – what’s more, this was accompanied by an UberEats coupon for us to enjoy refreshments in our work-from-home setting. We also had Pub Quizzes with colleagues in the EMEA region to brush up on our trivia skills. At this uncertain time of the year, part of which I spent in complete self-isolation, these gatherings helped create a sense of belonging within the community, as well as an affinity towards the colleagues I interacted with.

Product Management at Cloudflare

My internship also offered a unique learning experience from the Product Management perspective. I took on the task of increasing the value of Network Analytics by giving customers and internal stakeholders improved  transparency in the traffic patterns and attacks taking place. Network Analytics is Cloudflare’s packet- and bit-oriented dashboard that provides visibility into network- and transport-layer attacks which are mitigated across the world. Among various updates I led in visibility features is the new trends insights. During this time the dashboard was also extended to Enterprise customers on the Spectrum service, Cloudflare’s L4 reverse-proxy that provides DDoS protection against attacks and facilitates network performance.

I was at the intersection of multiple teams that contributed to Network Analytics from different angles, including user interface, UX research, product design, product content and backend engineering, among many others. The key to a successful delivery of Network Analytics as a product, given its interdisciplinary nature, meant that I actively facilitated communication and collaboration across experts in these teams as well as reflected the needs of the users.

I spent the first month of the internship approaching internal stakeholders, namely Customer Support engineers, Solutions Engineers, Customer Success Managers, and Product Managers, to better understand the common pain points. Given their past experience with customers, their insights revealed how Network Analytics could both leverage the existing visibility features to reduce overhead costs on the internal support side and empower users with actionable insights. This process also helped ensure that I didn’t reinvent wheels that had already been explored by existing Product Managers.

I then approached customers to enquire about desired areas for improvements. An example of such a desired improvement was that the display of data in the dashboard was not helping users infer any meaning regarding next steps. It did not answer questions like: What do these numbers represent in retrospect, and should I be concerned? Discussing these aspects helped validate the needs, and we subsequently came up with rough solutions to address them, such as dynamic trends view. Over the calls, we confirmed that – especially from those who rarely accessed the dashboard – having an overview of these numbers in the form of a trends card would incentivize users to log in more often and get more value from the product.

A Virtual Product Management Internship Experience
Trends Insights

The 1:1 dialogues were incredibly helpful in understanding how Network Analytics could be more effectively utilized, and guided ways for us to better surface the performance of our DDoS mitigation tools to our customers. In the first few weeks of the internship, I shadowed customer calls of other products; this helped me gain the confidence, knowledge, and language appropriate in Cloudflare’s user research. I did a run-through of the interview questions with a UX Researcher, and was informed on the procedure for getting in touch with appropriate customers. We even had bilingual calls where the Customer Success Manager helped translate the dialogues real-time.

In the following weeks, I synthesized these findings into a Product Requirements Document and lined up the features according to quarterly goals that could now be addressed in collaboration with other teams. After a formal review and discussion with Product Managers, engineers, and designers, we developed and rolled out each feature to the customers on a bi-weekly basis. We always welcomed feedback before and after the feature releases, as the goal wasn’t to have an ultimate final product, but to deliver incremental enhancements to meet the evolving needs of our customers.

Of course, all my interactions, including customer and internal stakeholder calls, were all held remotely. We all embraced video conferencing and instant chat messengers to make it feel as though we were physically close. I had weekly check-ins with various colleagues including my managers, Network Analytics team, DDoS engineering team, and DDoS reports team, to ensure that things were on track. For me, the key to working remotely was the instant chat function, which was not as intrusive as a fully fledged meeting, but a quick and considerate way to communicate in a tightly-knit team.

Looking Back

Product Management is a growth process – both for the corresponding individual and the product. As an individual, you grow fast through creative thinking, problem solving and incessant curiosity to better understand a product in the shoes of a customer. At the same time, the product continues to evolve and grow as a result of synergy between experts from diverse fields and customer feedback. Products are used and experienced by people, so it is a no-brainer that maintaining constant and direct feedback from our customers and internal stakeholders are what bolsters their quality.

It was an incredible opportunity to have been a part of an organization that represents one of the largest networks. Network Analytics is a window into the efforts led by Cloudflare engineers and technicians to help secure the Internet, and we are ambitious to scale the transparency across further mitigation systems in the future.

The internship was a successful immersive experience into the world of Network Analytics and Product Management, even in the face of a pandemic. Owing to Cloudflare’s flexibility and ready access to resources for remote work, I was able to adapt to the work environment from the first day onwards and gain an authentic learning experience into how products work. As I now return to university, I look back on an internship that significantly added to my personal and professional growth. I am happy to leave behind the latest evolution of Network Analytics dashboard with hopefully many more to come. Thanks to Cloudflare and all my colleagues for making this possible!

Bot Attack trends for Jan-Jul 2020

Post Syndicated from Ricardo Pacheco original https://blog.cloudflare.com/bot-attack-trends-for-jan-jul-2020/

Bot Attack trends for Jan-Jul 2020

Bot Attack trends for Jan-Jul 2020

Now that we’re a long way through 2020, let’s take a look at automated traffic, which makes up almost 40% of total Internet traffic.

This blog post is a high-level overview of bot traffic on Cloudflare’s network. Cloudflare offers a comprehensive Bot Management tool for Enterprise customers, along with an effective free tool called Bot Fight Mode. Because of the tremendous amount of traffic that flows through our network each day, Cloudflare is in a unique position to analyze global bot trends.

In this post, we will cover the basics of bot traffic and distinguish between automated requests and other human requests (What Is A Bot?). Then, we’ll move on to a global overview of bot traffic around the world (A RoboBird’s Eye View, A Bot Day and Bots All Over The World), and dive into North American traffic (A Look into North American Traffic).  Lastly, we’ll finish with an overview of how the coronavirus pandemic affected global traffic, and we’ll take a deeper look at European traffic (Bots During COVID-19 In Europe).

On average, Cloudflare processes 18 million HTTP requests every second. This is a great opportunity to understand how bots shape the Internet, how much infrastructure is dedicated to these automated requests, and why our customers need a great bot management solution.

What Is A Bot?

Bot Attack trends for Jan-Jul 2020

Cloudflare groups traffic into four bot-related categories:

1. Verified
2. Definitely automated
3. Likely automated
4. Likely human

Our goal is to stop malicious and unwanted bots from harming our customers, while giving customers the opportunity to control how other automated traffic is managed.

We label each request that comes into Cloudflare with a “bot score” 1 through 99, where a lower score means that a request probably came from a bot. A higher score means that a request probably came from a human. This score is available in our Firewall, logs, and Workers, giving customers the flexibility to act on any score.

Cloudflare also maintains a challenge platform that customers can choose to deploy on suspected bots. You’ll recognize these as CAPTCHA challenges or JavaScript challenges. In fact, having the score available in Firewall Rules means that customers can take any action they choose. This platform can be used for mitigation, ensuring that unwanted traffic is stopped in its tracks.

To learn more about how Bot Management interacts with our firewall, check out our support page.

We track successes and failures during these challenges, which ultimately allows us to improve our detection systems. Assuming that our challenges are solvable by humans, effective detections should have low solve rates, given that they are usually presented to bots.

Bot Attack trends for Jan-Jul 2020

Verified bots are registered in an internal verified bot directory. These good bots power search engines and monitoring tools. Good bots enable our customers’ web pages to be found by search engines, for example.

For known non-verified bots (such as a scraper using a simple curl library), we keep a similar directory that is managed by our heuristics engine. If not otherwise verified, we consider requests caught by this engine to be definitely automated.

Our machine learning engine provides another way to identify potential bots. This engine identifies requests with a high probability of automation and marks them as likely automated. This detection mechanism benefits from models built on data from our global network.

If a request is not marked as automated, we mark it as likely human and pass along the bot score from our machine learning system.

We also have a behavioral analysis engine and a JavaScript detections engine. You can learn more about these systems by checking out Alex Bocharov’s previous post on Cloudflare Bot Management.

The two bot definitions for automated traffic are somewhat complementary. Requests caught by heuristic detections will not count towards machine learning detections. Requests that are reliably caught by our machine learning detections won’t need to be registered in our known heuristics bot directory. Because of this, we combine these two together when we discuss “automated traffic” in general.

A RoboBird’s Eye View

Data from this piece comes from information about Cloudflare’s customers, analyzed between January 15, 2020 and July 31, 2020.

First, let’s get a basic understanding of the traffic on our network.

Bot Attack trends for Jan-Jul 2020
Figure 1.1 Traffic type on Cloudflare’s network.

Figure 1.1 has a global breakdown regarding classification; 60.6% of traffic is likely human, 19.3% is likely automated, 18.1% is definitely automated and only 2.1% is from verified bots. In total, 39.5% of requests we score come from some kind of bot.

A Bot Day

Regular traffic fluctuates throughout the day. Do bots follow suit? Let’s check. Figure 2.1 represents traffic deviation from the average hourly traffic. An increase of 10% would mean that the hour is 10% busier than the average hour (measuring requests per hour). We include the total overall traffic in this chart to serve as a comparison to other types of traffic.

Bot Attack trends for Jan-Jul 2020
Figure 2.1 Hourly traffic as a deviation from the average hour.
Bot Attack trends for Jan-Jul 2020
Figure 2.2 Bot classification over an average day. 

We can clearly see a difference between human traffic and bot traffic. Human traffic varies heavily, but predictably, throughout the day. We can see a 15% decrease in human traffic early in the day, between midnight and 05:00 UTC, corresponding to the end of business hours in the Americas, and up to a 25% increase during business hours, 14:00 to 17:00 UTC, where traffic is highest. Conversely, bot traffic is more consistent. Slow hours still see a smaller drop than overall traffic, and busy hours are less busy. The difference between good and bad bots is also apparent: good bots are even more consistent, with small fluctuations in hourly traffic.

But why would this happen? A large portion of bots, good and bad, perform the same task across the Internet. Bad bots may be scraping websites or looking to infect unprotected machines, and they will do this with little intervention from human operators. Good bots could be doing some of these operations, but less frequently and in a more targeted fashion. A good bot scraping a website may be doing so to add it to a search engine, while a bad bot will do the same thing at a much higher rate, for other reasons.

A lot of bots follow business hours. For example, sneaker bots—focused on nabbing exclusive items from sneaker stores—will naturally be active when new products launch.

This difference in volume does not mean that our classifications are affected: our scores remain consistent throughout the day, as Figure 2.1 shows.

Bot Attack trends for Jan-Jul 2020
Figure 2.3 Daily traffic as a deviation from the average day. Grouped by day of week.
Bot Attack trends for Jan-Jul 2020
Figure 2.4 Bot classification over an average week.

We can also see that good bots don’t take weekends off. Weekdays and weekends have fairly marked differences for most traffic, but good bots keep a consistent schedule. Whereas a typical weekday is slightly above average, we can see a drop of about 4% in overall traffic. This does not fully apply to verified bots, which only see a small 1% drop in traffic.

Bots All Over The World

Now that we’ve taken a look at global traffic, let’s dig a little deeper.

Different regions have distinct traffic landscapes regarding automated traffic.

Bot Attack trends for Jan-Jul 2020
Figure 3.1 Traffic type by region.

Figure 3.1 breaks down traffic by region, letting us peek into where each type of traffic comes from. North America stands out as a major automated traffic source; over 50% of definitely automated traffic comes from there, and they also contribute almost 80% of all verified bot traffic. Europe makes up the second largest chunk of traffic, followed by Asia.

Bot Attack trends for Jan-Jul 2020
Figure 3.2 Traffic classification within each region.

Looking at regional breakdown of traffic in Figure 3.2, we can see just how much North American traffic is automated, well above the global average.

A Look into North American Traffic

As the largest source of automated traffic, North America deserves a closer look.

First, we’ll start with a breakdown of each country.

Bot Attack trends for Jan-Jul 2020
Figure 3.3 Percentage of traffic within North America.

Most of our requests in North America come from just three countries—the United States, Canada and Mexico. These account for 98% of all requests from North America, 97% of all requests from likely human sources and 100% of requests from verified bots. The United States alone accounts for 88% of total requests, 82% of requests from likely human sources, 96% of requests from definitely automated sources, 88% of requests from likely automated traffic sources and  98% of requests from verified bot.

However, this alone does not mean that the United States has an unusual amount of activity. These countries have a combined population of roughly 497 million people. The United States accounts for 66.5% of that, Mexico 25.9% and Canada 7.6%. With this context, we can see that the United States is overrepresented in terms of raw requests, but underrepresented in terms of how much of that traffic is likely to be human. Conversely, Canadian traffic is more likely to be human.

Let’s take another look at each country.

Bot Attack trends for Jan-Jul 2020
Figure 3.4 Percentage of traffic within each country.

Over half of the traffic from the United States is automated in some way, which is a clear departure from trends in Mexico and Canada.

American Bots

So far, we’ve seen how much the United States contributes to automated traffic. If we want to go deeper, a good place to start is by understanding how these bots get online. We can do this by examining the networks from which the traffic originates. Networks are identified by Autonomous System Numbers, or ASNs. These form the backbone of the Internet infrastructure.

Think of these as Internet Service Providers, but facing inward towards the network instead of outward towards end consumers. ISPs like Comcast and Verizon are examples of residential ASNs, where we expect mostly human traffic. Cloud providers such as Google and Amazon are also ASNs, but targeted towards cloud services. We expect most of these requests to be automated in some way.

Looking at traffic on the ASN level is important because we can identify cloud-based traffic, or traffic using residential proxies, among others.

Let’s take a look at which ASNs are associated with visitors in the United States. We’ll restrict ourselves to “eyeball” traffic, which is the term we use for requests coming from site visitors.

Bot Attack trends for Jan-Jul 2020
Figure 4.1 Top ASN in the United States.

From figure 4.1 we can clearly see the impact that cloud services have on traffic; 11.5% of all eyeball traffic comes from Amazon and Google.

Bot Attack trends for Jan-Jul 2020
Figure 4.2 Top ASN in the United States for verified bot traffic.

Verified bots operate in a different landscape, coming from cloud providers such as Amazon, Google, Microsoft, Advanced Hosting and Wowrack.

Bot Attack trends for Jan-Jul 2020
Figure 4.3 Top ASN in the United States for likely and definitely automated traffic.

Automated traffic has a variety of ASNs. Cloud providers such as Amazon, Google and Microsoft make up the 30% of automated traffic. Comcast also makes up a significant portion of traffic at 4.8%, indicating that some bots come from residential services.

Bots During COVID-19 In Europe

Lockdowns and limits on public events came as a consequence of the ongoing coronavirus pandemic. Many people have been working from home, and even those who do not have this option are using the Internet in new ways. Overall, this has meant that Cloudflare’s network has grown tremendously.

But how does this impact bot traffic? First let’s get an idea of how it impacted traffic in general. Countries were impacted by the virus at different times, so we expect to see differences, right?

Bot Attack trends for Jan-Jul 2020
Figure 5.1 Total traffic across all regions.

Figure 5.1 has just the traffic increase. Globally, we are seeing an average increase of 10%, while North America saw an increase of over 40% compared to the beginning of the year. Some regions did not change much, such as Africa and Asia, while others, such as Europe saw an increased period, but has since normalized to previous levels.

Let’s look at a few countries, so we can understand what this looks like.

Bot Attack trends for Jan-Jul 2020
Figure 5.2 Daily traffic evolution for Italy, the United Kingdom and Portugal, overlaid with Europe.

Figure 5.2 shows daily traffic relative to January 15, when data collection started. For comparison, we have overall European traffic, and three selected countries: Italy, the United Kingdom and Portugal. Italy was picked because it was one of the first countries in Europe to face the worst of the coronavirus and enact lockdown measures. The United Kingdom took another strategy, with an initial focus on herd immunity, and enacted measures later than the others. Portugal is somewhere in between, locking down later than Italy, in slightly different circumstances.

At the beginning of the year, traffic kept stable and fluctuations kept in line with the European average. As lockdown measures began, traffic increased. Italy was first out of these countries, rising a few weeks before the others, and keeping well above average. Eventually, all countries saw a growth in traffic, followed by a stabilization. Italy seems to have adjusted to a normal, with its growth in line with the European average. Portugal has also stabilized, but with busier weekdays. Conversely, the United Kingdom showed no signs of stopping, exceeding a growth of 40% compared to the beginning of the year.

Bot Attack trends for Jan-Jul 2020
Figure 5.3 Daily definitely automated traffic evolution for Italy, the United Kingdom and Portugal, overlaid with Europe.

Definitely automated traffic did not have that much of a pronounced variation. Italian traffic kept steady throughout, and Portugal had a rather large increase. The biggest one, however, was the United Kingdom, which tripled its initial count.

Bot Attack trends for Jan-Jul 2020
Figure 5.4 Verified bot traffic evolution for Italy, the United Kingdom and Portugal, overlaid with Europe. 

Verified bot traffic is steady, except in Italy, with a massive increase between March and May. What could be the cause of this? Are these a few zones, getting a massive number of requests?

Bot Attack trends for Jan-Jul 2020
Figure 5.5 Verified bot traffic in Italy for the top 10 000 zones, relative to January 15th 2020.

Well, no. If we only examine the top 10,000 zones (by total verified bot requests), we can still see a massive increase in traffic for other zones. So, what’s happening?

Let’s look at user agents. We can separate the top 10 user agents during the bump, and see how they evolve over time.

Bot Attack trends for Jan-Jul 2020
Figure 5.6 Verified bot traffic in Italy for the top 10 user agents, relative to January 15th 2020.

We can see that these 10 user agents are responsible for the majority of verified traffic coming from Italy.

Bot Attack trends for Jan-Jul 2020
Figure 5.7 Verified bot traffic in Italy for the top user agent, relative to January 15 2020.

In fact, most of this increase is from a single user agent. This instance of Google image proxy anonymizes image requests from Gmail, which explains its popularity.

Where does this increase come from? Did this bot suddenly appear and disappear?

Not quite. One thing to keep in mind when dealing with bots is that they cross borders easily. As a proxy service, this bot is making calls on behalf of the end user – people opening emails. These requests will originate from a data center, which can be anywhere in the world. To see this in action, let’s take a look at traffic for this bot in a few select countries.

Bot Attack trends for Jan-Jul 2020
Figure 5.8. Countries of origin for GoogleImageProxy.

We can see that the global average barely budges. It appears that Google may be moving image proxy traffic between data centers and during the period we observed above that traffic was coming from Italy.


With Cloudflare’s global reach, we’re in a position to understand how bots behave.

The first half of 2020 saw a massive increase in web traffic of around 35% since the beginning of the year, driven by the ongoing coronavirus pandemic, and some bots have taken advantage of it.

We explained how bot management works for our customers, and how we distinguish between likely automated and human traffic.

We showed an overview of how much of our global traffic is automated, and how bots change their behavior throughout the day and the week. Notably, 39.4% of all traffic Cloudflare processes comes from a suspected automated source.

A regional overview of automated traffic lets us know which regions were the source of traffic from likely automated agents. North America, Europe and Asia were the primary sources of traffic, and also of automated traffic in particular.

We then focused on North America, where the majority of automated traffic originates. The United States alone accounted for the majority of requests, over half of which come from automated sources.

To explore this further, we briefly dived into ASN traffic in the United States, so we could see where these requests were coming from. ASNs like Comcast and AT&T were the top ASNs for overall traffic, but unsurprisingly, data centers like Google and Amazon AWS were the main drivers of automated traffic.

Finally, we examined how the coronavirus has impacted traffic in Europe, with a deeper dive on Italian traffic. This led to some interesting insights on verified bot traffic, which saw a massive increase in Italy for a few months.

This post is a small peek into bot management at Cloudflare. In the future, we hope to expand this series of blog posts on bot management, exposing even more insights about bots on the Internet.

COVID-19 and Acedia

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2020/10/covid-19-and-acedia.html

Note: This isn’t my usual essay topic. Still, I want to put it on my blog.

Six months into the pandemic with no end in sight, many of us have been feeling a sense of unease that goes beyond anxiety or distress. It’s a nameless feeling that somehow makes it hard to go on with even the nice things we regularly do.

What’s blocking our everyday routines is not the anxiety of lockdown adjustments, or the worries about ourselves and our loved ones — real though those worries are. It isn’t even the sense that, if we’re really honest with ourselves, much of what we do is pretty self-indulgent when held up against the urgency of a global pandemic.

It is something more troubling and harder to name: an uncertainty about why we would go on doing much of what for years we’d taken for granted as inherently valuable.

What we are confronting is something many writers in the pandemic have approached from varying angles: a restless distraction that stems not just from not knowing when it will all end, but also from not knowing what that end will look like. Perhaps the sharpest insight into this feeling has come from Jonathan Zecher, a historian of religion, who linked it to the forgotten Christian term: acedia.

Acedia was a malady that apparently plagued many medieval monks. It’s a sense of no longer caring about caring, not because one had become apathetic, but because somehow the whole structure of care had become jammed up.

What could this particular form of melancholy mean in an urgent global crisis? On the face of it, all of us care very much about the health risks to those we know and don’t know. Yet lurking alongside such immediate cares is a sense of dislocation that somehow interferes with how we care.

The answer can be found in an extreme thought experiment about death. In 2013, philosopher Samuel Scheffler explored a core assumption about death. We all assume that there will be a future world that survives our particular life, a world populated by people roughly like us, including some who are related to us or known to us. Though we rarely or acknowledge it, this presumed future world is the horizon towards which everything we do in the present is oriented.

But what, Scheffler asked, if we lose that assumed future world — because, say, we are told that human life will end on a fixed date not far after our own death? Then the things we value would start to lose their value. Our sense of why things matter today is built on the presumption that they will continue to matter in the future, even when we ourselves are no longer around to value them.

Our present relations to people and things are, in this deep way, future-oriented. Symphonies are written, buildings built, children conceived in the present, but always with a future in mind. What happens to our ethical bearings when we start to lose our grip on that future?

It’s here, moving back to the particular features of the global pandemic, that we see more clearly what drives the restlessness and dislocation so many have been feeling. The source of our current acedia is not the literal loss of a future; even the most pessimistic scenarios surrounding COVID-19 have our species surviving. The dislocation is more subtle: a disruption in pretty much every future frame of reference on which just going on in the present relies.

Moving around is what we do as creatures, and for that we need horizons. COVID-19 has erased many of the spatial and temporal horizons we rely on, even if we don’t notice them very often. We don’t know how the economy will look, how social life will go on, how our home routines will be changed, how work will be organized, how universities or the arts or local commerce will survive.

What unsettles us is not only fear of change. It’s that, if we can no longer trust in the future, many things become irrelevant, retrospectively pointless. And by that we mean from the perspective of a future whose basic shape we can no longer take for granted. This fundamentally disrupts how we weigh the value of what we are doing right now. It becomes especially hard under these conditions to hold on to the value in activities that, by their very nature, are future-directed, such as education or institution-building.

That’s what many of us are feeling. That’s today’s acedia.

Naming this malaise may seem more trouble than its worth, but the opposite is true. Perhaps the worst thing about medieval acedia was that monks struggled with its dislocation in isolation. But today’s disruption of our sense of a future must be a shared challenge. Because what’s disrupted is the structure of care that sustains why we go on doing things together, and this can only be repaired through renewed solidarity.

Such solidarity, however, has one precondition: that we openly discuss the problem of acedia, and how it prevents us from facing our deepest future uncertainties. Once we have done that, we can recognize it as a problem we choose to face together — across political and cultural lines — as families, communities, nations and a global humanity. Which means doing so in acceptance of our shared vulnerability, rather than suffering each on our own.

This essay was written with Nick Couldry, and previously appeared on CNN.com.

Войната на думи: Trump vs платформите 3

Post Syndicated from nellyo original https://nellyo.wordpress.com/2020/08/07/trump3/

След известно време на колебания как да се процедира със съобщенията на президента Тръмп в социалните мрежи, Twitter u Facebook  започнаха да прилагат политиките си и към президента. Мярките бяха ралични – от маркиране на съобщението като невярно до заличаване. Тръмп не остана безучастен – отговори с правен акт (order), с който поиска “да се преразгледа финансирането  с публичен ресурс на платформи, които ограничават свободното слово”.

Войната на думи 1

Войната на думи 2

През август има нов епизод – този път по темата с коронавируса, която е особено чувствителна и където се очаква най-висока защита от дезинформация.

Facebook и Twitter са санкционирали Доналд Тръмп и неговата кампания за съобщения, в които президентът твърди, че децата са “почти имунизирани” срещу коронавирус. В телефонно интервю за Fox  News Тръмп казва, че е време всички училища в цялата страна да се отворят отново, защото „Ако погледнете децата, децата са почти – и почти бих казал определено – почти имунизирани от тази болест”.

  • Какво заличава Facebook – клип от интервю за  Fox News. Мотиви:  „вредна дезинформация за COVID“, “това видео включва неверни твърдения, че група хора са имунизирани от COVID-19, което е нарушение на нашите политики около вредната дезинформация COVID.”
  • Какви са мерките на Twitter:  изисква от кампанията на Тръмп @TeamTrump заличаване на туит със същия клип. Мотиви: туитът на  @TeamTrump “нарушава Правилата на Twitter за дезинформация на COVID-19”.  Туитът е заличен. 

Историята във WP.

YouTube   също е свалил видеоклипове  за нарушаване на  политиките на платформата  за противодействие на дезинформацията по време на  COVID-19. Оригиналното интервю обаче остава достъпно на страницата на Fox News в платформата. YouTube не отговори веднага на искания за изясняване кои видеоклипове са свалени, пише Reuters.

Network-layer DDoS attack trends for Q2 2020

Post Syndicated from Vivek Ganti original https://blog.cloudflare.com/network-layer-ddos-attack-trends-for-q2-2020/

Network-layer DDoS attack trends for Q2 2020

Network-layer DDoS attack trends for Q2 2020

In the first quarter of 2020, within a matter of weeks, our way of life shifted. We’ve become reliant on online services more than ever. Employees that can are working from home, students of all ages and grades are taking classes online, and we’ve redefined what it means to stay connected. The more the public is dependent on staying connected, the larger the potential reward for attackers to cause chaos and disrupt our way of life. It is therefore no surprise that in Q1 2020 (January 1, 2020 to March 31, 2020) we reported an increase in the number of attacks—especially after various government authority mandates to stay indoors—shelter-in-place went into effect in the second half of March.

In Q2 2020 (April 1, 2020 to June 30, 2020), this trend of increasing DDoS attacks continued and even accelerated:

  • The number of L3/4 DDoS attacks observed over our network doubled compared to that in the first three months of the year.
  • The scale of the largest L3/4 DDoS attacks increased significantly. In fact, we observed some of the largest attacks ever recorded over our network.
  • We observed more attack vectors being deployed and attacks were more geographically distributed.

The number of global L3/4 DDoS attacks in Q2 doubled

Gatebot is Cloudflare’s primary DDoS protection system. It automatically detects and mitigates globally distributed DDoS attacks. A global DDoS attack is an attack that we observe in more than one of our edge data centers. These attacks are usually generated by sophisticated attackers employing botnets in the range of tens of thousand to millions of bots.

Network-layer DDoS attack trends for Q2 2020

Sophisticated attackers kept Gatebot busy in Q2. The total number of global L3/4 DDoS attacks that Gatebot detected and mitigated in Q2 doubled quarter over quarter. In our Q1 DDoS report, we reported a spike in the number and size of attacks. We continue to see this trend accelerate through Q2; over 66% of all global DDoS attacks in 2020 occurred in the second quarter (nearly 100% increase). May was the busiest month in the first half of 2020, followed by June and April. Almost a third of all L3/4 DDoS attacks occurred in May.

In fact, 63% of all L3/4 DDoS attacks that peaked over 100 Gbps occurred in May. As the global pandemic continued to heighten around the world in May, attackers were especially eager to take down websites and other Internet properties.

Network-layer DDoS attack trends for Q2 2020

Small attacks continue to dominate in numbers as big attacks get bigger in size

A DDoS attack’s strength is equivalent to its size—the actual number of packets or bits flooding the link to overwhelm the target. A ‘large’ DDoS attack refers to an attack that peaks at a high rate of Internet traffic. The rate can be measured in terms of packets or bits. Attacks with high bit rates attempt to saturate the Internet link, and attacks with high packet rates attempt to overwhelm the routers or other in-line hardware devices.

Similar to Q1, the majority of L3/4 DDoS attacks that we observed in Q2 were also relatively ‘small’ with regards to the scale of Cloudflare’s network. In Q2, nearly 90% of all L3/4 DDoS attacks that we saw peaked below 10 Gbps. Small attacks that peak below 10 Gbps can still easily cause an outage to most of the websites and Internet properties around the world if they are not protected by a cloud-based DDoS mitigation service.

Network-layer DDoS attack trends for Q2 2020

Similarly, from a packet rate perspective, 76% of all L3/4 DDoS attacks in Q2 peaked up to 1 million packets per second (pps). Typically, a 1 Gbps Ethernet interface can deliver anywhere between 80k to 1.5M pps. Assuming the interface also serves legitimate traffic, and that most organizations have much less than a 1 Gbps interface, you can see how even these ‘small’ packet rate DDoS attacks can easily take down Internet properties.

Network-layer DDoS attack trends for Q2 2020

In terms of duration, 83% of all attacks lasted between 30 to 60 minutes. We saw a similar trend in Q1 with 79% of attacks falling in the same duration range. This may seem like a short duration, but imagine this as a 30 to 60 minute cyber battle between your security team and the attackers. Now it doesn’t seem so short. Additionally, if a DDoS attack creates an outage or service degradation, the recovery time to reboot your appliances and relaunch your services can be much longer; costing you lost revenue and reputation for every minute.

Network-layer DDoS attack trends for Q2 2020

In Q2, we saw the largest DDoS attacks on our network, ever

This quarter, we saw an increasing number of large scale attacks; both in terms of packet rate and bit rate. In fact, 88% of all DDoS attacks in 2020 that peaked above 100 Gbps were launched after shelter-in-place went into effect in March. Once again, May was not just the busiest month with the most number of attacks, but also the greatest number of large attacks above 100 Gbps.

Network-layer DDoS attack trends for Q2 2020

From the packet perspective, June took the lead with a whopping 754 million pps attack. Besides that attack, the maximum packet rates stayed mostly consistent throughout the quarter with around 200 million pps.

Network-layer DDoS attack trends for Q2 2020

The 754 million pps attack was automatically detected and mitigated by Cloudflare. The attack was part of an organized four-day campaign that lasted from June 18 to the 21. As part of the campaign, attack traffic from over 316,000 IP addresses targeted a single Cloudflare IP address.

Cloudflare’s DDoS protection systems automatically detected and mitigated the attack, and due to the size and global coverage of our network, there was no impact to performance. A global interconnected network is crucial when mitigating large attacks in order to be able to absorb the attack traffic and mitigate it close to the source, whilst also continuing serving legitimate customer traffic without inducing latency or service interruptions.

The United States is targeted with the most attacks

When we look at the L3/4 DDoS attack distribution by country, our data centers in the United States received the most number of attacks (22.6%), followed by Germany (4.4%), Canada (2.7%) and Great Britain (2.6%).

Network-layer DDoS attack trends for Q2 2020

However when we look at the total attack bytes mitigated by each Cloudflare data center, the United States still leads (34.9%), but followed by Hong Kong (6.6%), Russia (6.5%), Germany (4.5%) and Colombia (3.7%). The reason for this change is due to the total amount of bandwidth that was generated in each attack. For instance, while Hong Kong did not make it to the top 10 list due to the relatively small number of attacks that was observed in Hong Kong (1.8%), the attacks were highly volumetric and generated so much attack traffic that pushed Hong Kong to the 2nd place.

When analyzing L3/4 DDoS attacks, we bucket the traffic by the Cloudflare edge data center locations and not by the location of the source IP. The reason is when attackers launch L3/4 attacks they can ‘spoof’ (alter) the source IP address in order to obfuscate the attack source. If we were to derive the country based on a spoofed source IP, we would get a spoofed country. Cloudflare is able to overcome the challenges of spoofed IPs by displaying the attack data by the location of Cloudflare’s data center in which the attack was observed. We’re able to achieve geographical accuracy in our report because we have data centers in over 200 cities around the world.

57% of all L3/4 DDoS attacks in Q2 were SYN floods

An attack vector is a term used to describe the attack method. In Q2, we observed an increase in the number of vectors used by attackers in L3/4 DDoS attacks. A total of 39 different types of attack vectors were used in Q2, compared to 34 in Q1. SYN floods formed the majority with over 57% in share, followed by RST (13%), UDP (7%), CLDAP (6%) and SSDP (3%) attacks.

Network-layer DDoS attack trends for Q2 2020

SYN flood attacks aim to exploit the handshake process of a TCP connection. By repeatedly sending initial connection request packets with a synchronize flag (SYN), the attacker attempts to overwhelm the router’s connection table that tracks the state of TCP connections. The router replies with a packet that contains a synchronized acknowledgment flag (SYN-ACK), allocates a certain amount of memory for each given connection and falsely waits for the client to respond with a final acknowledgment (ACK). Given a sufficient number of SYNs that occupy the router’s memory, the router is unable to allocate further memory for legitimate clients causing a denial of service.

No matter the attack vector, Cloudflare automatically detects and mitigates stateful or stateless DDoS attacks using our 3 pronged protection approach comprising of our home-built DDoS protection systems:

  1. Gatebot – Cloudflare’s centralized DDoS protection systems for detecting and mitigating globally distributed volumetric DDoS attacks. Gatebot runs in our network’s core data center. It receives samples from every one of our edge data centers, analyzes them and automatically sends mitigation instructions when attacks are detected. Gatebot is also synchronized to each of our customers’ web servers to identify its health and triggers accordingly, tailored protection.
  2. dosd (denial of service daemon) – Cloudflare’s decentralized DDoS protection systems. dosd runs autonomously in each server in every Cloudflare data center around the world, analyzes traffic, and applies local mitigation rules when needed. Besides being able to detect and mitigate attacks at super fast speeds, dosd significantly improves our network resilience by delegating the detection and mitigation capabilities to the edge.
  3. flowtrackd (flow tracking daemon) – Cloudflare’s TCP state tracking machine for detecting and mitigating the most randomized and sophisticated TCP-based DDoS attacks in unidirectional routing topologies. flowtrackd is able to identify the state of a TCP connection and then drops, challenges or rate-limits packets that don’t belong to a legitimate connection.

In addition to our automated DDoS protection systems, Cloudflare also generates real-time threat intelligence that automatically mitigates attacks. Furthermore, Cloudflare provides its customers firewall, rate-limiting and additional tools to further customize and optimize their protection.

Cloudflare DDoS mitigation

As Internet usage continues to evolve for businesses and individuals, expect DDoS tactics to adapt as well. Cloudflare protects websites, applications, and entire networks from DDoS attacks of any size, kind, or level of sophistication.

Our customers and industry analysts recommend our comprehensive solution for three main reasons:

  • Network scale: Cloudflare’s 37 Tbps network can easily block attacks of any size, type, or level of sophistication. The Cloudflare network has a DDoS mitigation capacity that is higher than the next four competitors—combined.
  • Time-to-mitigation: Cloudflare mitigates most network layer attacks in under 10 seconds globally, and immediate mitigation (0 seconds) when static rules are preconfigured. With our global presence, Cloudflare mitigates attacks close to the source with minimal latency. In some cases, traffic is even faster than over the public Internet.
  • Threat intelligence: Cloudflare’s DDoS mitigation is powered by threat intelligence harnessed from over 27 million Internet properties on it. Additionally, the threat intelligence is incorporated into customer facing firewalls and tools in order to empower our customers.

Cloudflare is uniquely positioned to deliver DDoS mitigation with unparalleled scale, speed, and smarts because of the architecture of our network. Cloudflare’s network is like a fractal—every service runs on every server in every Cloudflare data center that spans over 200 cities globally. This enables Cloudflare to detect and mitigate attacks close to the source of origin, no matter the size, source, or type of attack.

Network-layer DDoS attack trends for Q2 2020

To learn more about Cloudflare’s DDoS solution contact us or get started.

You can also join an upcoming live webinar where we will be discussing these trends, and strategies enterprises can implement to combat DDoS attacks and keep their networks online and fast. You can register here.

My living room intern experience at Cloudflare

Post Syndicated from Kevin Frazier original https://blog.cloudflare.com/my-living-room-intern-experience-at-cloudflare/

My living room intern experience at Cloudflare

My living room intern experience at Cloudflare

This was an internship unlike any other. With a backdrop of a pandemic, protests, and a puppy that interrupted just about every Zoom meeting, it was also an internship that demonstrated Cloudflare’s leadership in giving students meaningful opportunities to explore their interests and contribute to the company’s mission: to help build a better Internet.

For the past twelve weeks, I’ve had the pleasure of working as a Legal Intern at Cloudflare. A few key things set this internship apart from even those in which I’ve been able to connect with people in-person:

  • Communication
  • Community
  • Commingling
  • Collaboration

Ever since I formally accepted my internship, the Cloudflare team has been in frequent and thorough communication about what to expect and how to make the most of my experience. This approach to communication was in stark contrast to the approach taken by several other companies and law firms. The moment COVID-19 hit, Cloudflare not only reassured me that I’d still have a job, the company also doubled down on bringing on more interns. Comparatively, a bunch of my fellow law school students were left in limbo: unsure of if they had a job, the extent to which they’d be able to do it remotely, and whether it would be a worthwhile experience.

This approach has continued through the duration of the internship. I know I speak for my fellow interns when I say that we were humbled to be included in company-wide initiatives to openly communicate about the trying times our nation and particularly members of communities of color have experienced this summer. We weren’t left on the sidelines but rather invited into the fold. I’m so grateful to my manager, Jason, for clearing my schedule to participate in Cloudflare’s “Day On: Learning and Inclusion.” On June 18, the day before Juneteenth, Cloudflare employees around the world joined together for transformative and engaging sessions on how to listen, learn, participate, and take action to be better members of our communities. That day illustrated Cloudflare’s commitment to fostering communication as well as to building community and diversity.

The company’s desire to foster a sense of community pervades each team. Case in point, members of the Legal, Policy, and Trust & Safety (LPT) team were ready and eager to help my fellow legal interns and me better understand the team’s mission and day-to-day activities. I went a perfect 11/11 on asks to LPT members for 1:1 Zoom meetings — these meetings had nothing to do with a specific project but were merely meant to create a stronger community by talking with employees about how they ended up at this unique company.

From what I’ve heard from fellow interns, this sense of community was a common thread woven throughout their experiences as well. Similarly, other interns shared my appreciation for being given more than just “shadowing” opportunities. We were invited to commingle with our teammates and encouraged to take active roles in meetings and on projects.

In my own case, I got to dive into exciting research on privacy laws such as the GDPR and so much more. This research required that I do more than just be a fly on the wall, I was invited to actively converse and brief folks directly involved with making key decisions for the LPT. For instance, when Tilly came on in July as Privacy Counsel, I had the opportunity to brief her on the research I’d done related to Data Privacy Impact Assessments (DPIAs). In the same way, when Edo and Ethan identified some domain names that likely infringed on Cloudflare’s trademark, my fellow intern, Elizabeth, and I were empowered to draft WIPO complaints per the Uniform Domain Name Dispute Resolution Policy. Fingers crossed our work continues Cloudflare’s strong record before the WIPO (here’s an example of a recent favorable division). These seemingly small tasks introduced me to a wide range of fascinating legal topics that will inform my future coursework and, possibly, even my career goals.

Finally, collaboration distinguished this internship from other opportunities. By way of example, I was assigned projects that required working with others toward a successful outcome. In particular, I was excited to work with Jocelyn and Alissa on research related to the intersection of law and public policy. This dynamic duo fielded my queries, sent me background materials, and invited me to join meetings with stakeholders. This was a very different experience from previous internships in which collaboration was confined to just an email assigning the research and a cool invite to reach out if any questions came up. At Cloudflare, I had the support of a buddy, a mentor, and my manager on all of my assignments and general questions.

When I walked out of Cloudflare’s San Francisco office back in December after my in-person interview, I was thrilled to potentially have the opportunity to return and help build a better Internet. Though I’ve yet to make it back to the office due to COVID-19 and, therefore, worked entirely remotely, this internship nevertheless allowed me and my fellow interns to advance Cloudflare’s mission.

Whatever normal looks like in the following weeks, months, and years, so long as Cloudflare prioritizes communication, community, commingling, and collaboration, I know it will be a great place to work.

ЕС: Оперативна съвместимост на мобилните приложения за проследяване

Post Syndicated from nellyo original https://nellyo.wordpress.com/2020/06/16/apps/

Съобщение на ЕК от днес – по темата за  оперативна съвместимост на мобилните приложения за проследяване на случаите на заразяване с коронавирус. 
Държавите членки с подкрепата на Комисията се споразумяха за набор от технически спецификации за гарантиране на безопасен обмен на информация между националните приложения за проследяване на контактите, които се основават на децентрализирана архитектура. Това се отнася за по-голямата част от приложенията за проследяване, които вече функционират или предстои да започнат да функционират в ЕС. След внедряването на техническото решение тези национални приложения ще функционират безпроблемно, когато ползвателите им пътуват в друга държава от ЕС, която също следва децентрализирания подход.
Повечето държави членки взеха решение да въведат в употреба мобилни приложения в допълнение към ръчното проследяване на контактите и разпространението на коронавируса. Голямата част от одобрените национални приложения се основават на децентрализирана архитектура, което означава, че произволните идентификатори на ползвателите, които са били засечени в близост в рамките на определен период от време, остават в телефона и ще бъдат проверени от него за съответствие с идентификаторите на ползвателите, за които е докладвано, че са заразени. Техническата спецификация за оперативна съвместимост ще позволи тези проверки да бъдат извършвани и по отношение на ползватели, които пристигат от други държави членки, без да е необходимо изтеглянето на няколко национални приложения.
Споделяната между приложенията информация за потребители в непосредствена близост ще се обменя в криптирана форма, така че да се възпрепятства идентифицирането на отделните лица, в съответствие със строгите насоки на ЕС относно защитата на данните в приложенията. Няма да се използват данни за географско позициониране.


Field Notes: Using Agile/EDF to Work Remotely with Distributed Teams

Post Syndicated from Steve Shen original https://aws.amazon.com/blogs/architecture/field-notes-using-agile-edf-to-work-remotely/

Field Notes provides hands-on technical guidance from AWS Solutions Architects, consultants, and technical account managers, based on their experiences in the field solving real-world business problems for customers.

In this case study, we share our experience delivering results for remote customer engagements during the COVID-19 outbreak in China in Q1 2020.

We reduced two months of expected COVID-19 delay to two weeks’ delay by deploying a distributed remote Agile/AWS Engagement Delivery Framework (AWS EDF). We share three major takeaways in this blog post:

  1. Invest in your distributed team. Remote delivery costs more and requires preparation and setup effort, especially during your first remote sprint.
  2. Respond to challenges and adapt your setup accordingly. Don’t just stick to a playbook.
  3. Be diligent with your sprint ceremonies. This helps eliminate any communication overhead that could derail your progress.


In August 2019, we engaged one of the largest joint venture commercial banks in the Greater China Region and began to modernize their Merchant Service System into a microservice-based system. We also began to enable the customer team to be self-sufficient on microservices, using the two-pizza Agile/EDF working model. Our consultants’ main job was to work out tech spike stories, share our findings, and teach customer development teams, while also coaching Agile/EDF at the sprint and program level to the whole project team.

The customer’s team members were distributed across three cities (HangZhou, ChengDu, ShenZhen) and four offices. They were organized around three microservice teams, including customer PgM/PO/BA, UI, frontend, backend, SysTest, UAT, and various other customer teams specializing in spring-boot-like framework, PaaS, or CI/CD pipeline, etc. The backend Developer and program-level Product Owner (PO) led the entire development progress and process.

When COVID-19 broke out in China, it had a two-month impact on the engagement and introduced several constraints. For example, all team members were required to work from home (WFH), we had no access to the customer’s Dev/IT environment, we had no remote collaboration tools, and one consultant’s hometown was locked down. We had to find a solution to work around these constraints. Otherwise, we would have been forced to bring the engagement to a halt. Additionally, the customer tightened the guidance that the engagement delivery date could not be changed, and that no one was to return to the office until the government lifted its COVID-19 regulations.


We decided to change our delivery model from onsite to remote. This changed how we engaged with the customer, how we collaborated internally, and how we augmented our team to ensure that our remote work was effective.

Methodology adaptation: deploying remote and distributed agile and EDF

Before COVID-19, we were using Agile/EDF for delivery and enablement. After COVID-19, we enhanced and evolved our existing sprint ceremonies, and added more interactions for remote and distributed teams. Refer to Table 1 for a quick reference.

  1. Daily morning standup: For whole-project members to discuss key tasks, progress, and blockers. Not for the backend-specific tech tasks. Started at 40 minutes at the beginning of the WFH period, and evolved to 15-20 minutes.
  2. Added one daily late afternoon standup: Only for the backend team, focusing on more details about the backend specific tasks, progress, blockers, and AWS consultants’ tech support progress. Started at 30 minutes at the beginning of WFH, and evolved to <15 minutes.
  3. Sprint day-6 for Sprint+1’s replenish/grooming: (DoR start, took about 60 minutes) and enforced with quick check (DoR check ~ 15 min on Day-10) for Sprint+1’s requirement’s readiness. DoR = Definition of Done, referring to requirements’ definition readiness in Agile terminology.
  4. Sprint day-10 for review/retrospective: This included: (a) Review in turn by each microservice team for sprint incremental, and (b) Retrospective including every backend dev and proxy for each other functional role. Took around 1.5 hours.
  5. Sprint +1 day-1 for planning: This includes: (a) Sprint +1 scope confirmation at Acceptance Criteria level and other supporting material; (b) Each story had its subtasks broken down with deadline planning, especially on key handover tasks, for example, backend API definition (Day-2), Front/Backend completion (Day-5), ST complete (Day-10); and (c) Late on day-1, sprint planning result check and take follow-up actions offline. Took around 1 hour.
  6. Regular remote AWS consultants’ internal sync-up: (a) Daily sync-up right after the morning standup < 15 minutes; (b) Biweekly AWS tech tasks replenish ~30 minutes; (c) Biweekly AWS tech task planning ~1 hour. All these were supplemented by ad hoc Instant Messaging group sync-ups.
  7. Remote weekly enablement meeting for the customer: 1-hour meeting on Fridays, one tech topic at a time, focusing on the most critical and short-term topics.
  8. AWS standby for unplanned asks: Used for code review and dev-related consulting. After the meeting, one developer documented the consulting key points.

Engagement setup changes

  1. Remote Access: We used the customer’s own VPN tool – it took about one week to get it up and running. It was slightly less efficient than onsite direct access.
  2. Collaboration Setup: ZXXM/ running on AWS was chosen for the team’s collaboration platform. We also used Wiki/Jira as the Agile PM tool and to document key project information.
  3. Rotating the customer’s Proxy Project Manager (PjM) role to assist Project Manager: With the rotating proxy PjM(s), the customer PjM could focus more on the responsibility as a chief BA for the project and dependencies on external teams, allowing the proxy PjM(s) to load-balance.
  4. Rapid response for development blockers: No tasks should be self-studied for over 1 hour. Quicker consulting with AWS consultants, triggered when customer developer is blocked on dev task around 1 hour. We used instant messaging to raise requests, and the responses were recorded in Jira/Wiki.

AWS team changes

  1. Added +1 consultant: Because we had to put more effort into remote communication/access and the chief tech consultant’s home city was locked down, we decided to augment the team with one consultant (80% time) to increase AWS capacity.
  2. More focused consultant dedication: One consultant for each microservice team, with one chief tech consultant covering cross-team items.


The first remote sprint velocity was half that of a normal sprint before COVID-19. However, by the end of the third sprint, we recovered completely and managed to reduce two months of expected COVID-19 impact to one sprint time (two weeks) when compared to our pre-COVID-19 schedule.

If you have questions or feedback, contact AWS Professional Services.

Table 1: Enhanced sprint ceremonies for a remote sprint

Newly added remote ceremonies are in bold and underlined.

Enhanced sprint ceremonies for a remote sprint

Топ десет каунтдаун от периода на короМката

Post Syndicated from Екип на Биволъ original https://bivol.bg/coronatopten.html

понеделник 1 юни 2020

Макар и да ги подбрах много трудно от новинарския потоп, четете, ако ви се чете. Предупреждавам, че са преразказани, защото иначе звучат още по-нелепо.

10. Това е сравнително познато на всички ни, така че няма да му отделяме много внимание, а и поради тази причина сме го оставили на десето място. Лекар, който бил добър коремен хирург оглавява кризисен щаб за вирус, ходи с военна униформа и всеки ден дава брифинги. Преглъщаме го, много хора се кефят. Ама, като каже в ефир „Очаквам да измрат много хора! Яко да измрат! Ей ще видиш!” и си тръгне от интервюто обиден, вече почваш поне малко да се замисляш дали като не можеш да контролираш себе си, можеш да опазиш държава от пандемия. Между другото, за щастие, не измряха много хора. Камо ли пък яко.

9. Милен Цветков беше журналист. Кой каквото иска да мисли, аз личното си мнение не съм длъжен да споделям, защото искам да съм обективен. Прохождащо наркоманче, на което мама е дала джипче и то се е помислило за голямата работа, защото мама не е случайна в структурите на гарантиращата сигурност партия, го отнася на кръстовище. Не на някой завой на междуселски път. На кръстовище в столицата. Прохождащото наркоманче няма представа какви ги плещи (може би заради абстиненцията), но казва, че не е знаело, че в джипа на Милен Цветков е имало човек. Блъскаш някакъв автомобил на софийско кръстовище, защото може и да няма човек в него. Това е мъдро. Ама не само прохождащото наркоманче е за зад решетките, и мама е за Сливенския затвор. Там ще я научат на много алтернативни сексуални практики.

8. Така. Тук вече има и сантиментален момент. Познавам няколко човека от село Златия, защото съм от Северозапада. Николай Петров обаче не го познавам, дали за щастие, дали за нещастие. Четиридесет килограма кокаин в багажника на колата и още триста и двадесет у вас… Стига бе, пич! Ти ми отвинти главата! Запознати със ситуацията казват, че това са минимум 70-80 милиона лева. Една десета от дълга на Божков към хазната. Лошата новина е, че големите играчи никога не прощават на такива като теб. Наакал си се яко и дано намериш начин да… Абе, айде да си мълча.

7. Тъй като споменах Божков, да му обърна малко внимание и на него, че толкова мача не ми излязоха в последната минута. Даже от няколко месеца тотално спрях залаганията от разочарование. Каскета е щастие не му се занимавало да чете какво са си писали с Влади Горанов и готово. Няма проблем. Аз, примерно, като собственик на фирма, бивам предупреждавам по пет пъти седмично от НАП, че им дължа Х лева, а Горанката си пише с „най-богатият и най-опасният българин“ (по думите на Каскета) закачливи съобщенийца за разни моми и същевременно никой не забелязал, че дължи седемстотин милиона на хазната. Това пък е към една петнайста от годишния БВП на страната. Не съм икономист, поне така си го смятам наум. Е, честито, писарушки!

6. За Божков ми е много по-важно друго обаче. Из историческите среди се носи една приказка, която знам, но не мога да обявя за доказана, защото, макар и да съм дипломиран, не съм се занимавал достатъчно с доказване на автентичност на артефакти. По комунистическо време всички тракийски съкровища били продадени и заменени със съвременни копия. Разбира се, това най-вероятно е градска легенда, но го споменавам само като увод. Ами, ритона с глава на „рогат бозайник“ го няма, бе! От колекцията на Божков, дето отиде в Историческия музей. Както се казва „Тука беше, ама изчезна някъде“. Да, Божков си плямпа от Дубай, че го карали да го купува втори път, което, ако е вярно, си е тътърата-тътърата майката, ама институциите не знаят къде е. Стабилност!

5. Задържаме заместник министър на околната среда и водите. Красимир Живков. Не знам кой е, признавам си чистосърдечно. Може би само роднините и колегите му знаят. Заместник министрите са за това. За да не ги знае никой и да опират пешкира, когато стане напечено. На снимките изглеждаше, че от министерството го изкарват двама-трима от охраната на Че Гевара, но казват, че били от службите по сигурност. И за това не знам, пак не мога да споря. Само едно знам. Тънката червена линия с горенето на италианския (и не само) боклук у нас отнесе бушон. Значи, заместник министърът е виновен, министърът не знае, премиерът не знае, а цялата държава знае? На каква стръв точно ни ловите, бе!? Всички сте в кюпа и рано или късно нещата ще лъснат, не се бойте!

4. И покрай горенето на боклук. Аз съм от Монтана, но не живея отдавна там. Ходя си по десетина пъти в годината, за да видя майка си и бягам в Северозападния Балкан или се връщам в Търново. Но, това не е особено важно за драгия читател. Не градът, целият регион е наясно колко вредно за околната среда е производството на братя Бобокови. Става въпрос за поне три петилетки, ако не и повече. Широко затворени очи от всички власти. Сума ти хора на 30-40 години, които бяха работили там, излязоха без зъби, с увредена периферна нервна система, канцерогенни образувания, белодробни, чернодробни проблеми, умряха… Каквото се сетите. И сега изведнъж! Като за Божков. Сещаме се какво се случва. Там се гори боклук! Боклукът трябва да се изгори на жълтите павета, защото вие не осъзнавате, че „държава“ идва от „държа“ и сте изпуснали козите да си пасат където си искат, а само искате да ги издоите надвечер. Така и с Божков, и с Бобокови, и с хиляди други бизнеси. Само да видите, че нещо работи успешно, съсипвате го и го давате на ваши хора.

3. Пожарникарят – Слънце изпадна в паника и започна да обижда ония, дето преди време искаха да му пипнат бицепса на „мисирки“, а потенциалните си гласоподователи да нарича „тулупи“. Не съм политически анализатор, ама тоя само гледа да отнесе каквото даде ЕС за короМката и да зачезва за БарЦелоната или друга произволно избрана дестинация. Пари е събрал бол, може да си го позволи. Както е казал един друг Слънце „След мен и потоп“.

2. Пет кила ракия, три буркана туршия и осемнайсе‘ кутии цигари иззел Каскета от осемнайсе‘ къщи при внезапна специализирана акция на Прокуратурата в село Полско планинище. Айде, спрете се най-после, бе! Да, явно сме били прекалено прости и доверчиви, за да се стигне дотук, ама вие вече се надскачате. Едни милиарди се въртят, тонове кокаин минават през България, изнася се жива плът, внасят се тонове и тонове боклук, журналисти загадъчно се давят по време на разследване, тераси се строят, къщи за гости и за любовници се купуват с недоказани пари, нашият ми взел на дедо Пенко вечерната доза за икиндия. Все си мислех, че по-голямо посмешище от Цацата няма да видя на тоя иначе най-важен пост за стабилността на държавата, но тук вече не става въпрос да дълбаем дъното. Трябва да почнем да мятаме пълни лопати пръст години наред, за да се изравним с дъното.

1. Може да не изглежда чак толкова опасно за света, но според мен една държава се крепи на три неща – яка съдебна система, независими медии и будно гражданско общество. Оттук нататък всички институции започват да работят, икономиката цъфва, раждат се идеи, иновации, здравеопазване, образование, социални системи, всичко тръгва в положителна посока. А Генка Шикерова, която имах за сравнително приличен журналист, била подала сигнал в ония малоумни комисии СЕМ ли, не знам си друга безсмислица ли, дето нищо не вършат. Биволъ били правели “ерозия на доверието в журналистите и медиите”. Заради това, че награда, дадена от фондация „Радостина Костадинова“ на колежката й Теодора Трифонова (уф, колкото и да е хубавка, така и не мога да й запомня името) просто не е заслужена. Тъй като разследването не е нейно, а е на Биволъ. И това може много ясно да се провери по хронологията на събитията, публикациите, репортажите, всичките неща, които са видими и неоспорими. Но, Генка избухнала да сезира комисията срещу Биволъ.

Харесва ли Ви статията? Почерпете автора Торлака и гарантирайте така неговата авторска мотивация, нашата редакционна независимост и Вашето читателско право на честна и обективна журналистика. Всички суми дарени специално за него чрез този формуляр ще му бъдат изплатени от редакцията.

Почерпете Торлака и гарантирайте така неговата авторска мотивация, нашата редакционна независимост и Вашето читателско право на честна и обективна журналистика. Всички суми дарени конкретно за него чрез този формуляр ще му бъдат изплатени от редакцията. Извършвайки плащане Вие се съгласявате с Общите условия, които предварително сте прочели тук.


Възможности за плащане

Информация за Вас

Информация за банковата карта

Плащането е защитено със SSL криптиране

Обща сума:


{amount} donation plus {fee_amount} to help cover fees.

Заради това тая държава го е докарала дотук. Заради такива крадливи журналисти, които взаимно си раздават награди, заради председатели на писателски клубове, които награждават сами себе и заради прокурори, борещи могъщия собственик на 3-4 кила ракия от не знам си кое село.

Но, да си знаете, ние сме си виновни. Докато чакаме, все така ще е…

P.S. Бих включил и министър Ангелкова с дотациите за чадърите и карантините за не-родолюбците, ама викам „Айде, от мене да мине, нея и без това я е утрепал Господ!“

Изпитанието Covid-19 Ограниченията падат, но рисковете остават

Post Syndicated from Екип на Биволъ original https://bivol.bg/covid-risks-after-lockdown.html

четвъртък 28 май 2020

Светът постепенно излиза от карантината и ние се завръщаме в социалната среда, и към обичайните си занимания. Но рискът от заразяване и и разпространение на коронавируса нараства. Това предизвиква страх от втора вълна на епидемията.
Имунологът доц.д-р Ерин Бромидж от Масачузетския университет в Дартмут обяснява как да намалим опасността от заразяването. Той чете лекции по епидемиология на инфекциозните заболявания и стриктно следи развитието на сегашната пандемия от самото й начало. И е не само експерт по конкретната болест, а и изключителен популяризатор на научните знания.
Около 16 милиона души са прочели блога му за рисковете, свързани с Covid-19. Ето съветите му за това какво да правим, макар частично да се завръщаме към нормалния живот:

Къде можем да пипнем инфекцията?

Д-р Бромидж казва, че мнозинството от хората се заразяват у дома от друг член на семейството, който предава инфекцията на всички останали по време на постоянните контакти.
А извън дома? Не се ли подлагаме на риск по време на всекидневната разходка в парка? Този лекомислен бегач без маска може ли да ми лепне болестта? Едва ли. На открито вирусът се разпръсква във въздуха в неограничен обем. Издишването на човека се разсейва много бързо. Това означава, че вирусната доза по-скоро ще се окаже недостатъчна, за да се заразите.
За да се разболеете, в организма ви трябва да попадне т.нар. инфекционна доза – от порядъка на хиляди частици от вируса SARS-CoV-2. Тази оценка се базира на изследванията на съответни дози, приложени към MERS и SARS. Конкретното число остава все още предмет на дискусии и трябва да бъде потвърдено експериментално, но дава полезна обща картина на това как се заразява човек.
Главното тук е, че вие можете да се сдобиете с необходимата доза по различни пътища. Хиляда вирусни частици за едно вдишване, или по 100 за 10 вдишвания, или по 10 за 100. Всяка от тези ситуации може да доведе до заразяване. Това означава, че при много кратък контакт с инфектиран човек – със същия онзи бегач, който не се съобразява с нуждата от дистанция, вие едва ли ще получите необходимата доза. В какви ситуации трябва да се безпокоим силно?

Хора със симптоми

Кашлицата и кихането наистина разпространяват инфекцията, но много различно.
При едно изкашляне човек изпръсква във въздуха около 3 000 миниатюрни капчици със скорост 80 км/ч. Повечето от тях са достатъчно големи, за да паднат на земята от собствената си тежест, но някои могат да останат във въздуха и до стигнат до отсрещния край на стаята.
Ако човекът в асансьора до вас не кашля, а киха, рискът се увеличава 10 пъти. Една кихавица излъчва около 30 000 частици със скорост 320 км/ч, при това те са далеч по-малки и така лесно долитат дори до най-отдалечения край на помещението.
Ако човек е заразен, при всяко кашляне и кихане отделя 200 милиона вирусни частици. Ако вие разговаряте с него лице в лице и този човек кашля или киха право във вас, ясно е, че можете да получите инфектиращата доза от 1 000 вирусни частици.
Но дори да не сте там в момента на кашлицата и кихането, вие сте в опасност. Някои капчици могат да витаят във въздуха няколко минути и когато влезете в стаята, ще ги вдишате достатъчно.

Безсимптомни разпространители

Знаем, че първите 5 дни след заразяването хората боледуват без симптоми, а у някои те не се проявяват дори и по-късно. Вирусните частици попадат в атмосферата и при обичайното дишане. Но много ли?
При едно издишване се отделят 50 до 5 000 капчици. Повечето от тях се движат бавно и почти веднага падат на земята. Ако човек диша през носа, количеството капки силно намалява. Носът е допълнителен филтър и въздухът се насочва вертикално долу. По този начин числото на отделяните патогени – вирусни частици е сравнително малко. Важно е и това, че при обичайното дишане въздухът излиза без усилия, така вирусните частици от долните дихателни пътища не попадат в него.
Това е важно, тъй като концентрацията на коронавируса в дробовете и трахеята на заразения човек е по-висока от тази в гърлото и устата. Не е известно колко частици от вируса SARS-CoV-2 /сегашният коронавирус, предизвикал Covid-19/ се отделят при дишането. Според някои изследвания при обикновения грип болният разпространява от 3 до 20 вирусни частици в минута.
Ако тези данни са верни и за причинителя на Covid-19, то в присъствието на заразен човек вие трябва да вдишате абсолютно всички отделяни от него частици в продължение на 50 минути, за да получите инфектиращата доза от 1 000 частици /всички данни обаче са оценъчни и приблизителни/.
Така може да се каже, че вероятността да се разболеете, докато се намирате в една стая с носителя на инфекцията, е сравнително малка – ако той не киха и не кашля. Но по-голямата част от заразяванията извън дома вероятно стават в резултат на контакти с безсимптомни болни. Рискът се увеличава 10 пъти, ако вие разговаряте. При пеене и викове количеството на постъпващите в атмосферата капчици се увеличава драстично.
Ако закрещите или запеете, капките започват буквално да обстрелват пространството пред вас, при това те излитат от дълбочините на дробовете, където тъканите са инфектирани по-силно. Всяко усилие при издишването рязко увеличава заразяването на въздуха.

Кои места са особено опасни?

Разбира се, на най-голям риск са изложени тези, които заради професията си имат работа със заразени хора.
Известни са случаи на масово заболяване на хора в определени места. Всички помнят круизните кораби. Но такава е средата и в откритите офисни пространства, спортните и развлекателни прояви, погребения и хорови репетиции.
При всички тях рискът от заразяване е огромен, тъй като хората прекарват значително време в закрито помещение в общността на други хора, сред които може да се окажат носители на инфекцията.
Дори ако конкретен болен се намира на 15 метра от вас, както по време на хорова репетиция или в кол-център и количеството на достигащите до вас вирусни частици да не е голямо, за продължително време вие можете да получите дозата инфекция.
При завръщането на хората на работните места особено безпокойство будят някои професии. Най-големият проблем са откритите офисни пространства с лоша вентилация. В Южна Корея в голямо открито помещение работят 216 служители, а 94 от тях са заболели.
Стоматолозите са в групата под особен риск. В хода на работата им, при пробиване или вадене на зъб и т.н. се образува голямо количество аерозолни вещества. Трябва да се помисли как да се организира работното пространство така, че да се осигури защита – защото опасността е преди всичко за стоматолозите, а не за пациентите.
Друга рискова група са учителите и преподавателите. Те основно са не млади хора, но трябва да бъдат дълго време в едно помещение с младежи. Необходимо е задълбочено да се помисли как тези работни места могат да се обезопасят.

На въздух и в помещение

Сред известните епизоди на масовото заразяване не са много онези, които са станали на открито. Вятърът и пространството разсейват концентрацията на вируса, а слънчевите лъчи, горещината и влажността могат да съкратят времето на живота му. Като спазвате дистанция и съкращавате продължителността на контактите, вие намалявате още повече риска.
Но някои затворени пространства са потенциално много опасни, особено при многолюдни прояви, където струпаните хора разговарят, пеят и крещят, и където спазването на дистанцията е трудно. Проблемни са помещенията с лоша вентилация и климатизация.
Магазините, в крайна сметка, са далеч по-безопасни за купувачите, ако не се застояват по-дълго на едно място.

Оценка на риска

Ограниченията, свързани с коронавируса, постепенно се вдигат, но ние сме длъжни критично да оценяваме степента на опасност на едно или друго занимание.
Ако ще ходите някъде в закрито пространство, преценете кубатурата, броя на едновременно пребиваващите там хора и продължителността на вашия престой там. Ако сте седнали в добре проветрявано помещение с малко хора, рискът не е голям. Ако работите в открит офис, трябва да се оцени обемът му, броят на хората и вентилацията. Ако вашата работа предполага контакти лице в лице, или гръмки разговори и викове, хубавичко си помислете.
Например, за посетител в големия търговски център, който няма да стои дълго там, а хората са малко, рискът не е голям. За складовия работник, който е цял ден там обаче опасността е значително по-голяма.
Инфектирането навън е много по-малко, тъй като заразните капки се разсейват бързо, но не забравяйте за дозата и времето. Досега говорихме за предаването на вируса по въздушно-капков път, но не трябва да забравяме и за повърхностите. Инфектиращите капки се задържат, където им е удобно. Мийте често ръцете и не докосвайте лицето си.
А вероятно ще дойде моментът да се откажем и от духането на свещичките на тортата за рождения ден.

Автор: Ерин Бромидж

Превод от руския сайт на BBC: Екип на Биволъ

Водеща снимка: Gurumed.org

Test your home network performance

Post Syndicated from Achiel van der Mandele original https://blog.cloudflare.com/test-your-home-network-performance/

Test your home network performance

With many people being forced to work from home, there’s increased load on consumer ISPs. You may be asking yourself: how well is my ISP performing with even more traffic? Today we’re announcing the general availability of speed.cloudflare.com, a way to gain meaningful insights into exactly how well your network is performing.

We’ve seen a massive shift from users accessing the Internet from busy office districts to spread out urban areas.

Although there are a slew of speed testing tools out there, none of them give you precise insights into how they came to those measurements and how they map to real-world performance. With speed.cloudflare.com, we give you insights into what we’re measuring and how exactly we calculate the scores for your network connection. Best of all, you can easily download the measurements from right inside the tool if you’d like to perform your own analysis.

We also know you care about privacy. We believe that you should know what happens with the results generated by this tool. Many other tools sell the data to third parties. Cloudflare does not sell your data. Performance data is collected and anonymized and is governed by the terms of our Privacy Policy. The data is used anonymously to determine how we can improve our network, both in terms of capacity as well as to help us determine which Internet Service Providers to peer with.

Test your home network performance

The test has three main components: download, upload and a latency test. Each measures  different aspects of your network connection.


For starters we run you through a basic download test. We start off downloading small files and progressively move up to larger and larger files until the test has saturated your Internet downlink. Small files (we start off with 10KB, then 100KB and so on) are a good representation of how websites will load, as these typically encompass many small files such as images, CSS stylesheets and JSON blobs.

For each file size, we show you the measurements inside a table, allowing you to drill down. Each dot in the bar graph represents one of the measurements, with the thin line delineating the range of speeds we’ve measured. The slightly thicker block represents the set of measurements between the 25th and 75th percentile.

Test your home network performance

Getting up to the larger file sizes we can see true maximum throughput: how much bandwidth do you really have? You may be wondering why we have to use progressively larger files. The reason is that download speeds start off slow (this is aptly called slow start) and then progressively gets faster. If we were to use only small files we would never get to the maximum throughput that your network provider supports, which should be close to the Internet speed your ISP quoted you when you signed up for service.

The maximum throughput on larger files will be indicative of how fast you can download large files such as games (GTA V is almost 100 GB to download!) or the maximum quality that you can stream video on (lower download speed means you have to use a lower resolution to get continuous playback). We only increase download file sizes up to the absolute minimum required to get accurate measurements: no wasted bandwidth.


Upload is the opposite of download: we send data from your browser to the Internet. This metric is more important nowadays with many people working from home: it directly affects live video conferencing. A faster upload speed means your microphone and video feed can be of higher quality, meaning people can see and hear you more clearly on videoconferences.

Measurements for upload operate in the same manner: we progressively try to upload larger and larger files up until the point we notice your connection is saturated.

Speed measurements are never 100% consistent, which is why we repeat them. An easy way for us to report your speed would be to simply report the fastest speed we see. The problem is that this will not be representative of your real-world experience: latency and packet loss constantly fluctuates, meaning you can’t expect to see your maximum measured performance all the time.

To compensate for this, we take the 90th percentile of measurements, or p90 and report that instead of the absolute maximum speed that we measured. Taking the 90th percentile is a more accurate representation in that it discounts peak outliers, which is a much closer approximation of what you can expect in terms of speeds in the real world.

Latency and Jitter

Download and upload are important metrics but don’t paint the entire picture of the quality of your Internet connection. Many of us find ourselves interacting with work and friends over videoconferencing software more than ever. Although speeds matter, video is also very sensitive to the latency of your Internet connection. Latency represents the time an IP packet needs to travel from your device to the service you’re using on the Internet and back. High latency means that when you’re talking on a video conference, it will take longer for the other party to hear your voice.

But, latency only paints half the picture. Imagine yourself in a conversation where you have some delay before you hear what the other person says. That may be annoying but after a while you get used to it. What would be even worse is if the delay differed constantly: sometimes the audio is almost in sync and sometimes it has a delay of a few seconds. You can imagine how often this would result into two people starting to talk at the same time. This is directly related to how stable your latency is and is represented by the jitter metric. Jitter is the average variation found in consecutive latency measurements. A lower number means that the latencies measured are more consistent, meaning your media streams will have the same delay throughout the session.

Test your home network performance

We’ve designed speed.cloudflare.com to be as transparent as possible: you can click into any of the measurements to see the average, median, minimum, maximum measurements, and more. If you’re interested in playing around with the numbers, there’s a download button that will give you the raw results we measured.

Test your home network performance

The entire speed.cloudflare.com backend runs on Workers, meaning all logic runs entirely on the Cloudflare edge and your browser, no server necessary! If you’re interested in seeing how the benchmarks take place, we’ve open-sourced the code, feel free to take a peek on our Github repository.

We hope you’ll enjoy adding this tool to your set of network debugging tools. We love being transparent and our tools reflect this: your network performance is more than just one number. Give it a whirl and let us know what you think.

Mediapart: Нови научни изследвания сочат по-нисък праг на колективен имунитет срещу коронавируса

Post Syndicated from Екип на Биволъ original https://bivol.bg/herd-immunity-threshold-20.html

събота 23 май 2020

Прагът на колективния имунитет срещу Covid-19 може да е между 10 и 20% само, много по-нисък от първоначалните оценки, според научни публикации все още слабо известни във Франция. Това е добра новина. Но при условие да се идентифицират и държат затворени входните точки на вируса, уточняват учените.

Докато 60-70% от населението не бъде имунизирано, епидемията ще продължи своя болезнен ход, твърдят научни публикации и статии в печата от единия край на планетата до другия. От началото на епидемията тази прогноза изглежда консенсусна. Проблемът е, че моделите, използвани за определяне на този праг, се основават на епидемия, която прилича на грип, където приблизително всички имаме еднаква вероятност да заразим всеки друг индивид. Това, което наблюдаваме в момента, е твърде далеч от тази картина. Използвайки нови модели, изследователите понижават този праг за колективен имунитет. Той е оценен толкова ниско, че публикациите им са като паве в блатото.

Колективният имунитет е идеята, че в населението има някакъв вид имунна система. За индивида не е необходимо всички негови клетки да са се сблъсквали с патоген, за да се развият антитела, които да защитят целия организъм. Точно същото е и в мащаба на „популацията” – не е необходимо всеки индивид да се среща с този микроб, за да бъде защитена цялата група.

Ако приемем, че инфекцията води до трайна форма на имунитет (което остава да се докаже), тогава с напредването на епидемията броят на имунизираните хора нараства. При това нараства така, че за заразения човек става все по-трудно да премине пътя на неимунизиран човек, на когото да предаде своите вируси. Неминуемо ще дойде време, в което, ако вирусът няма други гостоприемници освен човешкия вид, той ще приключи съществуванието си в няколко “задънени улици”, от които вече няма да може да се пренася и възпроизвежда в други индивиди. Това ще подпише края на епидемията.

Целият въпрос е следователно какъв процент от имунизирани индивиди трябва да бъдат достигнат, за да се стигне до “точката на прегъване” и да бъде защитена цялата популация (така наречения HIT или herd immunity threshold б.прев.) „Повечето от моделите, използвани в общественото здравеопазване за оценка на този праг са на повече от петдесет години и се основават на средностатистическия индивид. Но днес знаем, че не можем да вземем предвид средния индивид за този вид изчисление, още по-малко, когато има толкова много хетерогенности в една епидемия “, изтъква Лоран Ебер-Дюфрен, изследовател в интердисциплинарната лаборатория на Vermont Complex Systems Center, САЩ, и специалист по „мрежова епидемиология“.

Всъщност хетерогенността (разнородност б.прев.) несъмнено е водещата дума в настоящата епидемия. Географска хетерогенност (вирусът е концентриран в определени области и подминава други), но и индивидуална хетерогенност (някои индивиди са по-склонни да бъдат заразени и да предават вируса от други), като двете несъмнено са свързани. В Китай изследванията, проведени върху повече от 1500 души, показват, че само 8,9% от заразените индивиди са отговорни за 80% от случаите на вторично заразяване. Неотдавнашно математическо моделиране води до същия порядък. Накратко, много малко хора допринасят за разпространението на епидемията. В допълнение, тези лица, известни като “свръхразпространители”, не заразяват “който и да било” индивид: те заразяват предимно хората, с които са имали близък и продължителен контакт, най-вече в затворена зона.

В условията на ограничителни мерки често това са хора, които споделят един и същи апартамент, или обитателите на един и същи старчески дом. Извън периода на ограниченията това може да включва например певците от един и същи хор, участниците в един и същ същия клас по фитнес, поклонници от едно и също място за поклонение, колеги по месторабота (кланици, рибни заводи и др.), купонджии от един и същ нощен клуб и т.н. По този начин, епидемията напредва по рязък и локализиран начин, от клъстер в клъстер.

Въпреки това, моделите не успяват да отчетат този нехомогенен начин на разпространение. Те се основават на средна заразност на вируса, известния R₀, наричан още коефициент на заразяване. Той представлява броя на индивидите, които един заразен човек заразява средно. Дори по-сложните модели, които стратифицират населението по възрастова категория, например, все още предполагат хомогенно разпространение на вируса във всяка от категориите. „Една от основните им хипотези е, че вероятността някой да се зарази е същата като вероятността той да зарази други хора, а това без съмнение е непълнота“, коментира Антоан Флао, епидемиолог и директор на Института по глобално здравеопазване в Университета в Женева.

Легенда: Отляво, хомогенно заразяване: всеки заразен човек заразява двама други (R0 = 2). Вдясно, верига на предаване на вируса Sars-Cov-2, изчислена от Австрийския департамент по епидемиология и наблюдение на инфекциите (AGES). Този път само определени индивиди причиняват нови случаи на инфекция (по абсцисата: продължителността на веригата на предаване в дни).

В условия на спешност често правим най-простото, за да бъдем бързи и полезни. Най-простото е да се вземе предвид хомогенната заразност, обяснява Габриела Гомес, математик от Школата по тропическа медицина в Ливърпул. Но колкото по-дълго трае епидемията, толкова повече време трябва да прецизираме изчисленията си и да включим различните източници на хетерогенност в нашите модели.” С този подход експертът по моделиране на епидемиологията и нейните съавтори са определили прага на колективен имунитет между 10 и 20% (прочетете публикацията им тук). Това е до шест пъти по-малко от общоприетото число от 65%.

„Ние също получаваме подобен резултат с праг около 14%, веднага щом вземем предвид тези силни хетерогенности“, добавя Лоран Ебер-Дюфрен (прочетете публикациите тук и тук).

Логиката е следната: по естествен път вирусът ще удари първо хората, които са най-изложени на най-голям риск от заразяване. Веднага след като тези хора придобият имунитет,  вирусът губи възможните си за входни точки и епидемията започва да намалява. Всъщност повечето вторични случаи няма да предадат вируса толкова ефективно или дори изобщо няма да го предадат. Всичко се случва така, сякаш вирусът взривява основните си боеприпаси в началото на епидемията. А повечето от искрите, получени по време на тези първи огнища, не успяват да запалят други пожари.

„Нашето проучване не заключава, че ограниченията са безполезни“

Dans ce contexte, la question est donc moins de savoir quel pourcentage de la population sera infecté avant d’atteindre l’immunité collective que de comprendre quelles sont ces portes d’entrée favorites du virus. Or, pour l’heure, on manque encore cruellement de données pour les identifier. Ces portes d’entrée sont-elles la propriété de certains individus, qui seraient des « superspreaders » par nature ? Une étude a par exemple montré que certains individus émettaient beaucoup plus de postillons en parlant que d’autres : ils seraient donc plus susceptibles d’infecter leur entourage.

De nombreuses publications (comme celle-ci) révèlent également que la durée de contagiosité n’est pas la même chez tous les malades. Un autre article scientifique suggère que l’infection pourrait s’établir préférentiellement dans les voies respiratoires supérieures chez certains individus, les rendant ainsi plus contagieux.

Plus récemment, une étude suggère aussi que certains individus déjà exposés à d’autres coronavirus seraient partiellement immunisés contre le SARS-Cov-2, contrairement à ceux qui n’auraient jamais croisé d’autres pathogènes de cette famille de virus. Autre hypothèse : cette variabilité individuelle dépendrait de la souche du virus, certaines mutations pouvant entraîner une meilleure réplication du virus à l’intérieur des voies respiratoires.

В този контекст въпросът не е толкова да се знае какъв процент от населението ще бъде заразено, преди да достигне колективен имунитет, отколкото да се разбере кои са тези любими входни точки на вируса. В момента обаче все още има сериозна липса на данни за идентифицирането им. Дали тези входни точки са характерни при определени личности, които по природа са „свръхразпространители“? Едно проучване например показа, че някои хора произвеждат много повече пръски при говорене, отколкото други, което прави по-голяма вероятността те да заразят хората около тях.

Многобройни публикации (като тази) разкриват също, че продължителността на заразността не е еднаква при всички пациенти. Друга научна статия предполага, че при определени индивиди инфекцията предпочита да се засели в горните дихателни пътища , като по този начин ги направи по-заразни.

Едно съвсем ново проучване излага хипотезата, че някои индивиди, които вече са били изложени на други коронавируси, биха били частично имунизирани срещу SARS-Cov-2, за разлика от тези, които никога не са се сблъсквали с други патогени от същото семейство вируси. Друга хипотеза: тази индивидуална променлива зависи от щама на вируса, като някои мутации могат да доведат до по-добро възпроизвеждане на вируса вътре в дихателните пътища.

Toutefois, il se pourrait bien que les propriétés des individus ou des virus n’y soient finalement pas pour grand-chose dans cette hétérogénéité. « Les données actuelles mettent surtout en avant l’importance du contexte de l’infection et le rôle de chacun dans notre société », souligne Laurent Hébert-Dufresne. Ainsi, plus un individu reçoit une forte dose virale, plus il pourrait lui-même devenir contaminant. Et plus cet individu est en contact étroit avec de nombreuses personnes, dans des lieux confinés, plus son pouvoir contaminant fera des victimes.

On pense évidemment aux personnels soignants, mais aussi à ceux qui travaillent dans les transports publics, dans les salles de fitness, aux barmans, aux caissiers, aux hôtesses de l’air… Ce qui pose un vrai problème organisationnel, car si l’on remplace ces individus dès qu’ils tombent malades, on laisse les portes d’entrée du virus grandes ouvertes en continu, remarque le chercheur québécois.

Възможно е обаче свойствата на индивидите или вирусите да не са толкова важни в тази хетерогенност. “Настоящите данни най-вече подчертават важността на контекста на инфекцията и ролята на всеки от нас в нашето общество“, казва Лоран Еберт-Дюфрен. По този начин, колкото по-висока е вирусната доза, която даден човек получава, толкова повече той самият може да стане заразен. И колкото повече този човек е в близък контакт с много хора, на затворени места, толкова повече ще са заразените от него жертви.

Очевидно мислим за медицинския персонал, но и за тези, които работят в градския транспорт, във фитнес залите, барманите, касиерките, стюардесите… Това създава истински организационен проблем, защото ако ние заместим тези хора веднага, щом се разболеят, то входните точки за вируса ще са непрекъснато широко отворени, отбелязва изследователят от Квебек.

Друга голяма неизвестна е еволюцията във времето на това неравномерно предаване на риска. „Мрежата ни днес може да е разнородна, защото основните работници са на фронта, докато повечето от нас са вкъщи“, казва Натали Дийн, биостатистик в университета във Флорида. Но какво се случва в “мирно време”? „Няма ли нашата мрежова структура да стане по-хомогенна?“ Това би било много лоша новина. Всеки от нас би се превърнал в отворена врата за вируса, който след това би могъл да навлезе в гигантския организъм на населението от всички страни. Това би довело до втора катастрофална вълна.

Легенда: Приемайки, че физическата дистанция постепенно намалява, за да се върне към нормално ниво през есента, прилаганите във Франция хомогенни модели дават висока втора вълна наесен. Хетерогенният модел от изследването от Габриела Гомес (плътната оранжева линия) предсказва много по-плоска втора вълна. © Габриела Гомес

Резултатът от нашите модели е обусловен от физическото дистанциране, признава Каетано Суто-Майор, съавтор с Габриела Гомес от проучването, обявяващо праг на колективен имунитет от 10%. В този смисъл нашето изследване не заключава за безполезността на мерките за сдържане“, настоява този изследовател от Националния здравен институт в Бетесда, щата Мериленд, като така прекъсва полемиката, която последва публикуването им. Някои виждаха в тези публикации обосноваване на подходите за оставяне на вируса да върши своята работа и залога върху колективния имунитет.

Освен това този прочут праг на колективен имунитет съответства на момента, след който епидемията започва да се забавя. “Без превантивни мерки веригите на предаване продължават известно време и крайният процент от населението, което ще бъде заразено, надвишава този праг“, казва Габриела Гомес. При средна степен на смъртност от вируса, колебаеща се около 0,7%, дори ако епидемията зарази само 20% от населението, това неизбежно би довело до много смъртни случаи…

От Лиз Барнеу, Mediapart, 22 май 2020

Превод Биволъ

Изданието Mediapart е водеща медия за журналистически разследвания във Франция

Network-Layer DDoS Attack Trends for Q1 2020

Post Syndicated from Omer Yoachimik original https://blog.cloudflare.com/network-layer-ddos-attack-trends-for-q1-2020/

Network-Layer DDoS Attack Trends for Q1 2020

Network-Layer DDoS Attack Trends for Q1 2020

As we wrapped up the first quarter of 2020, we set out to understand if and how DDoS attack trends have shifted during this unprecedented time of global shelter in place. Since then, traffic levels have increased by over 50% in many countries, but have DDoS attacks increased as well?

Traffic increases are often observed during holiday seasons. During holidays, people may spend more time online; whether shopping, ordering food, playing online games or a myriad of other online activities. This higher usage translates into higher revenue per minute for the companies that provide those various online services.

Downtime or service degradation during these peak times could result in user churn and loss of significant revenue in a very short time. ITIC estimates that the average cost of an outage is $5,600 per minute, which extrapolates to well over $300K per hour. It is therefore no surprise that attackers capitalize on the opportunity by launching a higher number of DDoS attacks during the holiday seasons.

The current pandemic has a similar cause and effect. People are forced to stay home. They have become more reliant on online services to accomplish their daily tasks which has generated a surge in the Internet traffic and DDoS attacks.

The Rise of Smaller, Shorter Attacks

Most of the attacks that we observed in Q1 2020 were relatively small, as measured by their bit rates. As shown in the figure below, in Q1 2020, 92% of the attacks were under 10 Gbps, compared to 84% in Q4 2019.

Diving deeper, an interesting shift can be observed in the distribution of attacks below 10 Gbps in Q1, as compared to the previous quarter. In Q4, 47% of network-layer DDoS attacks peaked below 500 Mbps, whereas in Q1 they increased to 64%.

Network-Layer DDoS Attack Trends for Q1 2020

From a packet rate perspective, the majority of the attacks peaked below 1 million packets per second (pps). This rate, along with their bit rate, indicates that attackers are no longer focusing their efforts and resources to generate high-rate floods — bits or packets per second.

Network-Layer DDoS Attack Trends for Q1 2020

However, it’s not only the packet and bit rates that are decreasing, but also the attack durations. The figure below illustrates that 79% of DDoS attacks in Q1 lasted between 30 to 60 minutes, compared to 60% in Q4, which represents a 19% increase.

Network-Layer DDoS Attack Trends for Q1 2020

These three trends could be explained by the following:

  • Launching DDoS attacks is cheap and you don’t need much technical background. DDoS-as-a-service tools have provided a possible avenue for bad actors with little to no technical expertise to launch DDoS attacks quickly, easily, in a cost-effective manner and with limited bandwidth. According to Kaspersky, DDoS attack services can cost as little as $5 for a 300-second attack (5 minutes). Additionally, amateur attackers can also easily leverage free tools to generate floods of packets. As we’ll see in the next section, 13.5% of all DDoS attacks in Q1 were generated using variations of the publicly available Mirai code.
  • While an attack under 10 Gbps might seem small, it can still be enough to affect underprotected Internet properties. Smaller and quicker attacks might prove to deliver a high ROI for attackers to extort a ransom from companies in lieu of not disrupting the availability of the Internet property.

Larger Attacks Still Persist, Albeit in Smaller Numbers

While the majority of the attacks were under 10 Gbps, larger attacks are still prevalent. The below graph shows a trend in the largest bit-rate of network-layer DDoS attacks that Cloudflare has observed and mitigated in Q4 2019 and Q1 2020. The largest attack for the quarter was observed during March and peaked just above 550 Gbps.

Network-Layer DDoS Attack Trends for Q1 2020

If At First You Don’t Succeed, Try, Try Again

A persistent attacker is one that does not give up when their attacks fail; they try and try again. They launch multiple attacks on their target, often utilizing multiple attack vectors. In the Q4 2019 holiday season, attackers persisted and launched as many as 523 DDoS attacks in one day against a single Cloudflare IP. Each Cloudflare IP under attack was targeted by as many as 4.6 DDoS attacks every day on average.

During Q1, as the world entered COVID-19 lockdown, we observed a significant increase in the number of attacks compared to the monthly average. The last time we saw such an increase was in the Q4 2019 holiday season. However, an interesting difference is that attackers seem less persistent now than during the holidays. In Q1 2020, the average persistence rate dropped as low as 2.2 attacks per Cloudflare IP address per day, with a maximum of 311 attacks on a single IP; 40% less than the previous holiday quarter.

Network-Layer DDoS Attack Trends for Q1 2020

Throughout the past two quarters, the average number of attack vectors employed in DDoS attacks per IP per day has been mostly steady at approximately 1.4, with a maximum of 10.

Network-Layer DDoS Attack Trends for Q1 2020

Over the past quarter, we’ve seen over 34 different types of attack vectors on L3/4. ACK attacks formed the majority (50.1%) in Q1, followed by SYN attacks with 16.6%, and in third place, Mirai, which still represents a significant portion of the attacks (15.4%). Together, SYN & ACK DDoS attacks (TCP) form 66% of all L3/4 attack vectors in Q1.

Top Attack Vectors

Network-Layer DDoS Attack Trends for Q1 2020

All Attack Vectors

Attack Vector Percent in Q1
ACK 50.121%
SYN 16.636%
Mirai 15.404%
UDP 5.714%
LDAP 2.898%
SSDP 2.833%
DNS 2.677%
Other 0.876%
QUIC 0.527%
NTP 0.373%
RST 0.353%
Memcached 0.296%
ChargeGen 0.236%
WS Discovery 0.221%
ACK-PSH 0.208%
SNMP 0.159%
VSE 0.081%
MSSQL 0.079%
ICMP 0.072%
Bittorrent 0.056%
OpenVPN 0.046%
Dahua 0.032%
GRE 0.022%
TFTP 0.014%
LOIC 0.014%
STUN 0.011%
Lantronix 0.009%
CoAP 0.008%
Jenkins 0.006%
VXWorks 0.005%
Ubiquity 0.005%
TeamSpeak 0.004%
XMAS 0.003%
SPSS 0.001%

A Crisis is Unfortunately Sometimes a Malevolent Opportunity

The number of DDoS attacks in March 2020 increased as compared to January and February. Attackers found the crisis period to be an opportune time to launch an increased number of DDoS attacks, as illustrated below.

Network-Layer DDoS Attack Trends for Q1 2020

Furthermore, as various government authorities started mandating lockdowns and shelter-in-place orders, attackers resorted to increasing the number of large-sized attacks in the latter half of March. There were 55% more attacks observed in the second half of month (March 16-31) as compared to the first half (March 1-15). Additionally, 94% of attacks peaking at 300-400 Gbps were launched in the month of March.

Stop DDoS attacks, Large or Small, Closer To The Source

With the ever shifting DDoS landscape, it is important to have a DDoS protection solution which is comprehensive and adaptive. In context with the attack insights illustrated above, here’s how Cloudflare stays ahead of these shifts to protect our customers.

  • As attacks shrink in rate and duration, Time To Mitigate SLAs as long as 15 minutes provided by legacy vendors are just not practical anymore. Cloudflare mitigates network layer DDoS attacks under 10 seconds in most cases, which is especially critical for the increasingly shorter attacks. Read more about the recent enhancements to our DDoS detection and mitigation systems that allow us to automatically detect and mitigate DDoS attacks so quickly at scale.
  • An increasing number of DDoS attacks are localized, which implies that legacy DDoS solutions which adopt a scrubbing center approach are not a feasible solution, as they are limited in their global coverage as well as act as a choke point, as DDoS traffic needs to be hauled back and forth from them. Cloudflare’s unique distributed architecture empowers every one of its data centers, spanning across 200 cities globally, to provide full DDoS mitigation capabilities.
  • Large distributed volumetric attacks still exist and are employed by resourceful attackers when the opportunity is rife. An attack exceeding 1 Tbps can be expected in the future, so the ability to mitigate large DDoS attacks is a key aspect of today’s DDoS solution. Cloudflare has one of the most interconnected networks in the world with a capacity of over 35 Tbps which allows it to mitigate even the largest DDoS attacks. This massive network capacity concomitant with the globally distributed architecture allows Cloudflare to mitigate attacks, both small and large, closer to the source.

To learn more about Cloudflare’s DDoS solution contact us or get started.