Snuba: automating weak supervision to label training data

Snuba: automating weak supervision to label training data Varma & Ré, VLDB 2019

This week we’re moving on from ICML to start looking at some of the papers from VLDB 2019. VLDB is a huge conference, and once again I have a problem because my shortlist of “that looks really interesting, I’d love to read it” papers runs to 54 long at the moment! As a special bonus for me, I’m actually going to be at VLDB this year, where no doubt I’ll learn about even more interesting things! By the time you get to read this, it should be the first (workshop) day of the conference…

The conference may have changed, but to bridge from ICML to VLDB I’m going to start with a paper on very much the same theme as we’ve been dipping into over the past couple of weeks: how to combine and learn from multiple noisy sources of data and labels. Snuba is from the same Stanford line as Snorkel which we looked at last year. It’s tackling the same fundamental problem: how to gather enough labeled data to train a model, and how to effectively use it in a weak supervision setting (supervised learning Continue reading

Recently Published: Azure Networking Demo Videos

Remember my rant about the glacial speed of Azure orchestration system? I decided I won’t allow it to derail yet another event and recorded the demos in advance of the first live session. The final videos are just over an hour long; it probably took me at least three hours to record them.

If you plan to attend the live webinar session on September 12th, you might want to watch at least the first few videos before the live session - I will not waste everyone’s time repeating the demos during the live session.

Top 5 IoT networking security mistakes

Even though Brother International is a supplier of many  IT products, from machine tools to head-mounted displays to industrial sewing machines, it’s best known for printers. And in today’s world, those printers are no longer stand-alone devices, but components of the internet of things.That’s why I was interested in this list from Robert Burnett, Brother’s director, B2B product & solution – basically, the company’s point man for large customer implementations. Not surprisingly, Burnett focuses on IoT security mistakes related to printers and also shares Brother’s recommendations for dealing with the top five.To read this article in full, please click here

Top 5 IoT networking security mistakes

Even though Brother International is a supplier of many  IT products, from machine tools to head-mounted displays to industrial sewing machines, it’s best known for printers. And in today’s world, those printers are no longer stand-alone devices, but components of the internet of things.That’s why I was interested in this list from Robert Burnett, Brother’s director, B2B product & solution – basically, the company’s point man for large customer implementations. Not surprisingly, Burnett focuses on IoT security mistakes related to printers and also shares Brother’s recommendations for dealing with the top five.To read this article in full, please click here

IBM Drives Quantum-Safe Cryptography Into Its Public Cloud

Heavy Networking 467: The Journey To SDN

On today's Heavy Networking we look at one organization's journey to SDN, including pitfalls, triumphs, and lessons learned. Guest Sal Rannazzisi, principal network architect at a global pharmaceuticals company, shares details on dealing with vendors, finding and training engineers, developing internal processes, and more.

The post Heavy Networking 467: The Journey To SDN appeared first on Packet Pushers.

Netflix Discovers Severe Kubernetes HTTP/2 Vulnerabilities

Taking a look at how the internet’s HTTP/2 protocol works, Netflix engineers discovered CVE-2019-9512 Ping Flood. This enables an attacker to send continual ping requests to an HTTP/2 peer, causing the peer to create an internal queue of responses. When this happens a server’s CPU and memory can be consumed, which can lead to a denial of service. already issued patches that are found in the following builds: Continue reading

OCP-Certified Storage Revenue Set to Double

G7 Leaders: Protect Strong Encryption for a Secure World

Encryption protects us every day. It helps secure web browsing, online banking, and critical public services like electricity, elections, hospitals, transportation, and more.

If the G7 countries are truly committed to building a safer and equal world, then it is crucial to recognize the important role that end-to-end encryption plays in securing the Internet, their economies and their citizens.

The Internet Society and more than 30 organizations have signed an open letter calling on the G7 leaders to do just that – prioritize digital security – and not to require, coerce, or persuade device manufacturers, application, and service providers to:

• modify their products or services or delay patching a bug or security vulnerability to provide exceptional access to encrypted content;
• turn off “encryption-on-by-default”;
• cease offering end-to-end encrypted services; or
• otherwise undermine the security of encrypted services.

Digital security is the foundation of our connected economies and societies. And digital security is underpinned by strong encryption! It ensures that data – whether that of law enforcement, banks, or everyday citizens – can only be accessed by its intended recipient. Any attempt to insert “exceptional” or “lawful” access to encrypted content provides a way for others, including criminals, to gain access. This weakens Continue reading

Weekly Wrap: Microsoft, Intel, Red Hat Back Confidential Computing

Tibit Raises $25M in Series B Funding

Verizon Launches Mobile 5G Network in ‘Valley of the Sun’

Measurement Lab: How Do We Know If the Internet Is Open?

An open Internet is the foundation of access and innovation, where users can go where they want, when they want without discrimination. But how do we know if the Internet is truly open? As individuals, our Internet performance experience is mediated by our physical location, infrastructure, government, and Internet service providers. Yet we are largely blind to how our Internet is impacted by these systems. Without that knowledge, innovation stalls, disparity of access grows, and people become isolated from this critical piece of global infrastructure.

Measurement Lab (M-Lab), a fiscally sponsored project of Code for Science & Society, is a consortium of research, industry, and public interest partners focused on fostering, collecting, and publishing open Internet performance data. M-Lab was founded in 2008 to build a global platform designed to enable anyone to measure their Internet service using open source tools. Over ten years later, M-Lab collects over 2 million measurements per day worldwide and has become a trusted source of open data and tools to gather and understand Internet infrastructure from the consumer perspective. Cities and municipal governments; national regulators and government agencies; academics and researchers; ISPs, network operators, and companies; civil society and advocacy organizations; and the Continue reading

VMware Adds Containers to Its Cloud Provider Platform

Stuff The Internet Says On Scalability For August 23rd, 2019

Wake up! It's HighScalability time:

 

Do you like this sort of Stuff? I'd love your support on Patreon. I wrote Explain the Cloud Like I'm 10 for people who need to understand the cloud. And who doesn't these days? On Amazon it has 54 mostly 5 star reviews (125 on Goodreads). They'll learn a lot and likely add you to their will.

Number Stuff:

Don't miss all that the Internet has to say on Scalability, click below and become eventually consistent with all scalability knowledge (which means this post has many more items to read so please keep on reading)...

AnsibleFest Atlanta – Getting Started

On Wednesday we took a closer look at the Networking Automation track. Soon you will be able to start building out your schedule for AnsibleFest, so we want to help you figure out what tracks and sessions will be best for you! We talked with Track Lead Jake Jackson to learn more about the Getting Started track and the sessions within it. 

Who is this track best for? 

This track is best for people who are new to Ansible, whether that is in application or in concept. Many of these breakout sessions are introductory in nature for people who want to learn more about Ansible and how it works.

What topics will this track cover? 

This track will cover several topics. It includes introductions to Ansible and Ansible Tower, and a deeper dive into Ansible inventories. It also discusses bite-size ways to automate and manage Windows the same way you would linux. There will also be a session that introduces using Ansible in CI and analyzing roles.

What should attendees expect to learn from this track? 

Attendees can expect to learn the basics of Ansible and Ansible Tower from this track. They Continue reading

Announcing a New Open Source Service Mesh Interoperation Collaboration

Service mesh is fast becoming such a vital part of the infrastructure underlying microservices and traditional applications alike that every industry player must have an offering in the space. Because a variety of differentiated service meshes and service mesh services are emerging, it has become clear that interoperability between them will be critical for customers seeking to interconnect a wide variety of workloads.

With that in mind, we are excited to share that VMware has partnered with Google Cloud, HashiCorp, and Pivotal on an open source project for service mesh interoperability. This initiative will facilitate federation of service discovery between different service meshes of potentially different vendors. Through an API, service meshes can be interconnected to deliver the associated benefits of observability, control, and security across different organizational unit boundaries, and potentially across different products and vendors. The project will soon be opened to the community, and anyone interested in contributing to this effort can do so on GitHub.

Partnering With Industry Leaders on Service Mesh Interoperation

Enterprises increasingly rely on APIs to coordinate business functions that span departmental, organization or vendor boundaries. This implies reliability, operability, security and access constraints on these API calls to ensure business Continue reading

VMware spends $4.8B to grab Pivotal, Carbon Black to secure, develop integrated cloud world

All things cloud are major topics of conversation at the VMworld user conference next week, ratcheded up a notch by VMware's $4.8 billion plans to acquire cloud development firm Pivotal and security provider Carbon Black.VMware said during its quarterly financial call this week it would spend about $2.7 billion on Pivotal and its Cloud Foundry hybrid cloud development technology, and about $2.1 billion for the security technology of Carbon Black, which includes its Predictive Security Cloud and other endpoint-security software.  Both amounts represent the enterprise value of the deals the actual purchase prices will vary, experts said.To read this article in full, please click here

VMware spends $4.8B to grab Pivotal, Carbon Black to secure, develop integrated cloud world

All things cloud are major topics of conversation at the VMworld user conference next week, ratcheded up a notch by VMware's $4.8 billion plans to acquire cloud development firm Pivotal and security provider Carbon Black.VMware said during its quarterly financial call this week it would spend about $2.7 billion on Pivotal and its Cloud Foundry hybrid cloud development technology, and about $2.1 billion for the security technology of Carbon Black, which includes its Predictive Security Cloud and other endpoint-security software.  Both amounts represent the enterprise value of the deals the actual purchase prices will vary, experts said.To read this article in full, please click here

Technology Short Take 118

Welcome to Technology Short Take #118! Next week is VMworld US in San Francisco, CA, and I’ll be there live-blogging and meeting up with folks to discuss all things Kubernetes. If you’re going to be there, look me up! Otherwise, I leave you with this list of links and articles from around the Internet to keep you busy. Enjoy!

Networking

• Networking guru Ivan Pepelnjak has migrated his online presence to AWS; read more here.

Servers/Hardware

• Interesting (but otherwise not terribly useful) article on how to turn a MacBook into a touchscreen. Lack of a touch screen remains the MacBook line’s second most egregious shortcoming against competing products (the first being the awful keyboard).

Security

• I came across this article on tools and methods for auditing Kubernetes RBAC policies, which had some new tools I hadn’t seen before.
• This web developer security checklist has a nice list of some “current recommended practices” for properly securing web applications/sites.
• Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discuss the KNOB attack (a Bluetooth vulnerability).

Cloud Computing/Cloud Management

• My teammate John Harris has a great post on ensuring least privilege in Kubernetes using impersonation. Good stuff here.
• Alex Brand (also a teammate!) Continue reading