Announcing Cloudflare Image Resizing: Simplifying Optimal Image Delivery

Announcing Cloudflare Image Resizing: Simplifying Optimal Image Delivery
Announcing Cloudflare Image Resizing: Simplifying Optimal Image Delivery

In the past three years, the amount of image data on the median mobile webpage has doubled. Growing images translate directly to users hitting data transfer caps, experiencing slower websites, and even leaving if a website doesn’t load in a reasonable amount of time. The crime is many of these images are so slow because they are larger than they need to be, sending data over the wire which has absolutely no (positive) impact on the user’s experience.

To provide a concrete example, let’s consider this photo of Cloudflare’s Lava Lamp Wall:

Announcing Cloudflare Image Resizing: Simplifying Optimal Image Delivery Announcing Cloudflare Image Resizing: Simplifying Optimal Image Delivery

On the left you see the photo, scaled to 300 pixels wide. On the right you see the same image delivered in its original high resolution, scaled in a desktop web browser. They both look exactly the same, yet the image on the right takes more than twenty times more data to load. Even for the best and most conscientious developers resizing every image to handle every possible device geometry consumes valuable time, and it’s exceptionally easy to forget to do this resizing altogether.

Today we are launching a new product, Image Resizing, to fix this problem once and for all.

Announcing Image Resizing

With Image Resizing, Cloudflare Continue reading

4 vulnerabilities and exposures affect Intel-based systems; Red Hat responds

Four vulnerabilities were publicly disclosed related to Intel microprocessors. These vulnerabilities allow unprivileged attackers to bypass restrictions to gain read access to privileged memory. They include these common vulnerabilities and exposures (CVEs): CVE-2018-12126 - a flaw that could lead to information disclosure from the processor store buffer CVE-2018-12127 - an exploit of the microprocessor load operations that can provide data to an attacker about CPU registers and operations in the CPU pipeline CVE-2018-12130 - the most serious of the three issues and involved the implementation of the microprocessor fill buffers and can expose data within that buffer CVE-2019-11091 - a flaw in the implementation of the "fill buffer," a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache [ Also read: Linux hardening: a 15-step checklist for a secure Linux server ] Red Hat customers should update their systems Security updates will degrade system performance, but Red Hat strongly suggests that customers update their systems whether or not they believe themselves to be at risk.To read this article in full, please click here

4 vulnerabilities and exposures affect Intel-based systems; Red Hat responds

Four vulnerabilities were publicly disclosed related to Intel microprocessors. These vulnerabilities allow unprivileged attackers to bypass restrictions to gain read access to privileged memory. They include these common vulnerabilities and exposures (CVEs): CVE-2018-12126 - a flaw that could lead to information disclosure from the processor store buffer CVE-2018-12127 - an exploit of the microprocessor load operations that can provide data to an attacker about CPU registers and operations in the CPU pipeline CVE-2018-12130 - the most serious of the three issues and involved the implementation of the microprocessor fill buffers and can expose data within that buffer CVE-2019-11091 - a flaw in the implementation of the "fill buffer," a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache [ Also read: Linux hardening: a 15-step checklist for a secure Linux server ] Red Hat customers should update their systems Security updates will degrade system performance, but Red Hat strongly suggests that customers update their systems whether or not they believe themselves to be at risk.To read this article in full, please click here

Heavy Networking 449: Web Application Firewall Fundamentals

Today's Heaving Networking episode delves into Web application firewalls (WAFs) with guest Scott Hogg. We examine how WAFs differ from typical firewalls, the security problems they're trying to solve, how attackers try to bypass them, operational challenges, WAFs and cloud applications, and more.

The post Heavy Networking 449: Web Application Firewall Fundamentals appeared first on Packet Pushers.

Seer: leveraging big data to navigate the complexity of performance debugging in cloud microservices

Seer: leveraging big data to navigate the complexity of performance debugging in cloud microservices Gan et al., ASPLOS’19

Last time around we looked at the DeathStarBench suite of microservices-based benchmark applications and learned that microservices systems can be especially latency sensitive, and that hotspots can propagate through a microservices architecture in interesting ways. Seer is an online system that observes the behaviour of cloud applications (using the DeathStarBench microservices for the evaluation) and predicts when QoS violations may be about to occur. By cooperating with a cluster manager it can then take proactive steps to avoid a QoS violation occurring in practice.

We show that Seer correctly anticipates QoS violations 91% of the time, and avoids the QoS violation to begin with in 84% of cases. Finally, we show that Seer can identify application level design bugs, and provide insights on how to better architect microservices to achieve predictable performance.

Seer uses a lightweight RPC-level tracing system to collect request traces and aggregate them in a Cassandra database. A DNN model is trained to recognise patterns in space and time that lead to QoS violations. This model makes predictions at runtime based on real-time streaming trace inputs. When a Continue reading

Las Vegas targets transport, public safety with IoT deployments

The city of Las Vegas’ pilot program with NTT and Dell, designed to crack down on wrong-way driving on municipal roads, is just part of the big plans that Sin City has for leveraging IoT tech in the future, according to the city's director of technology Michael Sherwood., who sat down with Network World at the IoT World conference in Silicon Valley this week.The system uses smart cameras and does most of its processing at the edge, according to Sherwood. The only information that gets sent back to the city’s private cloud is metadata – aggregated information about overall patterns, for decision-making and targeting purposes, not data about individual traffic incidents and wrong-way drivers.To read this article in full, please click here

Sponsored Post: PerfOps, InMemory.Net, Triplebyte, Etleap, Stream, Scalyr

Who's Hiring? 


  • Triplebyte lets exceptional software engineers skip screening steps at hundreds of top tech companies like Apple, Dropbox, Mixpanel, and Instacart. Make your job search O(1), not O(n). Apply here.

  • Need excellent people? Advertise your job here! 

Fun and Informative Events

  • Join Etleap, an Amazon Redshift ETL tool to learn the latest trends in designing a modern analytics infrastructure. Learn what has changed in the analytics landscape and how to avoid the major pitfalls which can hinder your organization from growth. Watch a demo and learn how Etleap can save you on engineering hours and decrease your time to value for your Amazon Redshift analytics projects. Register for the webinar today.

  • Advertise your event here!

Cool Products and Services

  • PerfOps is a data platform that digests real-time performance data for CDN and DNS providers as measured by real users worldwide. Leverage this data across your monitoring efforts and integrate with PerfOps’ other tools such as Alerts, Health Monitors and FlexBalancer – a smart approach to load balancing. FlexBalancer makes it easy to manage traffic between multiple CDN providers, API’s, Databases or any custom endpoint helping you achieve better performance, ensure the availability Continue reading

WhatsApp: How a Bug Relates to the G7

On 13 May, more than a billion users saw the messaging application WhatsApp being updated. At the same time reports appeared that a vulnerability had been used in attacks that targeted an unknown but select number of users and was orchestrated by an advanced cyber actor.

Facebook, the owner of WhatsApp, reported it fixed a vulnerability – a buffer overflow, a fairly well known type of vulnerability – that was, according to media (see references  below), used in the spyware product Pegasus from the NSO Group, an Israeli company that sells spyware to governments and intelligence agencies all around the world.

Two observations:

  • Despite best efforts, bugs in software exist – if critical bugs in global communication systems are found they can have a global impact. There are two additional observations that come with that:
    • WhatsApp is a valuable target, if bugs exist they will be found and exploited.
    • A process that allows for bugs to be reported, promptly fixed, and automatically rolled out are crucial elements to maintain (or restore) trust in this sort of software. There are sectors of the industry (anybody listening in IoT land?) that can learn from how this is handled by Facebook.
  • The Continue reading

On the ‘net: Dial Banks

In the early 1990’s, several large network equipment vendors sold equipment targeted at large scale dial banks, including Cisco, ADTRAN, and Cabletron. These servers were often tied to banks of modems on one side, and to servers of some sort on the other, creating a dial bank. Dial banks grew in scale and sophistication on the back of Bulletin Board Systems (BBSs), run by dedicated system operators (SYSOPs) for the support of individual communities. At one time, there were tens of thousands, potentially even hundreds of thousands, of these systems in the United States alone, serving large communities of users. @ECI LighTALK

Parallel streaming of progressive images

Parallel streaming of progressive images
Parallel streaming of progressive images

Progressive image rendering and HTTP/2 multiplexing technologies have existed for a while, but now we've combined them in a new way that makes them much more powerful. With Cloudflare progressive streaming images appear to load in half of the time, and browsers can start rendering pages sooner.

In HTTP/1.1 connections, servers didn't have any choice about the order in which resources were sent to the client; they had to send responses, as a whole, in the exact order they were requested by the web browser. HTTP/2 improved this by adding multiplexing and prioritization, which allows servers to decide exactly what data is sent and when. We’ve taken advantage of these new HTTP/2 capabilities to improve perceived speed of loading of progressive images by sending the most important fragments of image data sooner.

This feature is compatible with all major browsers, and doesn’t require any changes to page markup, so it’s very easy to adopt. Sign up for the Beta to enable it on your site!

What is progressive image rendering?

Basic images load strictly from top to bottom. If a browser has received only half of an image file, it can show only the top Continue reading

BrandPost: Brillio and Blue Planet Partner to Bring Network Automation to the Enterprise

Rick Hamilton, Senior Vice President, Blue Planet Software Rick Hamilton, senior vice president of Blue Planet, a division of Ciena, explains how partnering with Brillio brings the next generation of network capabilities to enterprises—just when they need it most.In February 2019, we announced that Blue Planet was evolving into a more independent division, helping us increase our focus on innovative intelligent automation solutions that help our enterprise and service provider customers accelerate and achieve their business transformation goals. To read this article in full, please click here

1 1,225 1,226 1,227 1,228 1,229 3,832