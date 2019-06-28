Language Selection

Programming Leftovers

Tuesday 2nd of July 2019 02:32:54 PM
Development
  • Jupyter Notebook 101

    Last year, I released a book entitled Jupyter Notebook 101. In celebration of a successful launch, I have decided to do a little contest.

  • Jupyter and data science in Fedora

    Most modern data scientists use Python. And an important part of their work is EDA (exploratory data analysis). EDA is a manual and interactive process that retrieves data, explores its features, searches for correlations, and uses plotted graphics to visualize and understand how data is shaped and prototypes predictive models.

    Jupyter is a web application perfect for this task. Jupyter works with Notebooks, documents that mix rich text including beautifully rendered math formulas (thanks to mathjax), blocks of code and code output, including graphics.

  • One CI/CD pipeline per product to rule them all

    When I joined the cloud ops team, responsible for cloud operations and engineering process streamlining, at WorkSafeBC, I shared my dream for one instrumented pipeline, with one continuous integration build and continuous deliveries for every product.

    According to Lukas Klose, flow (within the context of software engineering) is "the state of when a system produces value at a steady and predictable rate." I think it is one of the greatest challenges and opportunities, especially in the complex domain of emergent solutions. Strive towards a continuous and incremental delivery model with consistent, efficient, and quality solutions, building the right things and delighting our users. Find ways to break down our systems into smaller pieces that are valuable on their own, enabling teams to deliver value incrementally. This requires a change of mindset for both business and engineering.

  • What makes a good code review in DevOps?

    Improving the software development lifecycle, the speed we deliver software to customers, and the quality of that software are all great premises of DevOps. They are goals that the tools and techniques prescribed by the DevOps movement attempt to achieve. As a developer, I feel freer to make changes rapidly, not just to source code, but also to infrastructure and configuration code. As a DevOps practitioner, my goal is to balance that freedom with quality and security. How? One tool we can use is code reviews.

  • The DataFrame Object in Pandas

    DataFrame Object in Pandas is used to plot the data table as well as to keep the data for the later usage. Let us look at a few examples below.

    Hello and welcome back, in this article we will take a look at the DataFrame object and its usages. We will continue to look at the usage of other Objects before we will actually start to create this new web analytics project.

    Before anything, let us create the DataFrame object.

Experience the Ubuntu system on the new tiny CHUWI MiniBook

In just one week, the crowd-funding target of CHUWI MiniBook, launched by this chinese OEM manufacturer has went over the set goal by 1632% with the crowdfunding amount exceeding $410,000. It has been backed by 1,458 supporters and this number is still growing. Since a lot of users are asking whether CHUWI MiniBook supports the Linux system. Today we will show you the experience of installing the Ubuntu system on this tiny laptop, which will help more UMPC enthusiasts make purchasing decisions. Read more

What are Symbolic Links in Linux and Why are They Used

This detailed tutorial tells you what are symbolic links, how to create a symbolic links and other important things associated with symlinks. Read more

Backbox Linux Releases Update To Version 6.0

While I was away last month I got an interesting email/request by Backbox Linux Community Staff to release an article covering the release of their latest version; upgraded to version 6.0. Before getting into that however, for those of you whom might be unfamiliar with the product, Backbox Linux is an increasingly popular ethical hacking and penetration testing Linux distro – complete with all of the most modern tools and programs utilized by professionals working in these fields. In fact, Backbox Linux made Rogue Security Labs list of the most popular/widely used hacking-based Operating Systems earlier this year after receiving a review of it from “Al1ne3737” – formerly of “Pryzraky.” Read more

Security and DRM Leftovers

  • GNU Binutils Binary File Descriptor Library Heap-Based Buffer Over-Read Vulnerability [CVE-2019-12972]

    A vulnerability in the Binary File Descriptor (BFD) library, as distributed in GNU Binutils could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.The vulnerability is due to a heap-based buffer over-read condition that exists in the _brd_doprntfunction, as defined in the bfd.c source code file of the affected software. An attacker could exploit this vulnerability by submitting malicious executable and linkable format (ELF) input to the targeted system. A successful exploit could cause the affected software to stop responding or crash, resulting in a DoS condition.Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available.The vendor has confirmed the vulnerability and released software updates.

  • enSilo Endpoint Security Platform 3.1 Product Review

    The collector installers were straightforward, but we found the server to be confusing. We had trouble getting all VMs to report back to the cloud server. Additionally, we were unable to get the Ubuntu machine installed and reporting correctly. We were able to get the CentOS machine online and connected, but when we went back and checked on it, it was in a disconnected state. The reasons for this were unclear to us, and, we concluded, the Linux offerings need some work.

  • Cleaning a broken GNUpg (gpg) key

    I've long said that the main tools in the Open Source security space, OpenSSL and GnuPG (gpg), are broken and only a complete re-write will solve this. And that is still pending as nobody came forward with the funding. It's not a sexy topic, so it has to get really bad before it'll get better. Gpg has a UI that is close to useless. That won't substantially change with more bolted-on improvements. Now Robert J. Hansen and Daniel Kahn Gillmor had somebody add ~50k signatures (read 1, 2, 3, 4 for the glory details) to their keys and - oops - they say that breaks gpg. But does it?

  • Multiple Facebook Pages Caught Spreading Remote Access Trojans Since 2014

    Researchers from cybersecurity firm Check Point have uncovered a Facebook campaign that has been spreading malware since 2014. The campaign was operating under the posts that discussed the political situation in Libya. Notorious Remote Access Trojans (RATs) like SpyNote, Houdini and Remcos were spread through Facebook pages and it is believed that the residents of Libya, the US, China, and Europe have been affected by it.

  • Microsoft is about to shut off its ebook DRM servers: "The books will stop working"

    "The books will stop working": That's the substance of the reminder that Microsoft sent to customers for their ebook store, reminding them that, as announced in April, the company is getting out of the ebook business because it wasn't profitable enough for them, and when they do, they're going to shut off their DRM servers, which will make the books stop working. Almost exactly fifteen years ago, I gave an influential, widely cited talk at Microsoft Research where I predicted this exact outcome. I don't feel good about the fact that I got it right. This is a fucking travesty.

  • Sony, Microsoft, Nintendo Say Trump Tariffs Will Make Game Consoles Hugely More Expensive [Ed: Those are just DRM boxes]

    If you hadn't noticed by now, Trump's efforts to use tariffs to somehow magically improve the country's standing in the world aren't based on much in the way of sound logic or economic theory. And companies who've been forced to reconfigure and relocate their entire supply chains (to countries like Taiwan) to avoid massive penalties are likely to just pass those costs on to American consumers, something said consumers haven't really fully grokked yet. Countless CEOs think the entire gambit is immeasurably stupid, but have been hesitant to be too pointed in their criticism for fear of upsetting administration regulators. As the actual bill comes due however, consumers are likely to wake up from their slumber. Maybe. Case in point: Microsoft, Sony, and Nintendo this week fired off a letter to the Office of the United States Trade Representative, warning the Trump administration's plan to bump Chinese tariffs from 10 to 25 percent will have a profoundly-negative impact on the game industry. With 96 percent of game consoles made in China last year, the act of reconfiguring their entire supply chains will have a massive impact on the sector's bottom line and the numerous connecting companies that tendril out from the big three gaming giants.

