Pull to refresh

All streams

Show first
  • New
  • Top
Rating limit
  • All
  • ≥0
  • ≥10
  • ≥25
  • ≥50
  • ≥100

Enhancing security of containers in Linux

Huawei corporate blog Configuring Linux *Open source *Cloud services Kubernetes *

In any history textbooks, the modern time has already been called the time of the next change of the industrial structure or the fourth industrial revolution (Industry 4.0). The main role, in this case, is given to information and IT systems. In an attempt to reduce the cost of IT infrastructure, unify and accelerate the process of developing IT solutions, humanity first invented "clouds" in order to replace traditional data centers, and then containers to replace virtual machines.

Clearly, containers appear more vulnerable from a security point of view. What are the advantages of containerization over virtualization? In fact, there are quite a lot of them:

the possibility of more flexible use of available resources (no need to backup them as in the case of virtual machines);

the ability to save resources (no need to spend them on many copies of the OS for each virtual machine);

no delays at startup (just start of the process is almost instantaneous compared to the time needed to load the virtual machine);

 the interaction between processes, even if isolated, is much easier to implement when needed than between virtual machines. That is how, by the way, came the concept of microservices, which has recently become very popular.

All of the above led to the very rapid development of container technologies, despite the recurring problems with the security of already deployed container cloud systems, their hacks, and data leaks. Accordingly, the work on strengthening container security is also continuing. This is what will be discussed further in this article.

Read more
Total votes 3: ↑3 and ↓0 +3
Views 109
Comments 0

New botnet with lots of cameras and some routers

Qrator Labs corporate blog Information Security *IT Infrastructure *Network technologies *

DDoS attacks send ripples on the ocean of the Internet, produced by creations of various sizes - botnets. Some of them feed at the top of the ocean, but there also exists a category of huge, deep water monstrosities that are rare and dangerous enough they could be seen only once in a very long time.

November 2021 we encountered, and mitigated, several attacks from a botnet, that seems to be unrelated to one described and/or well-known, like variants of Mirai, Bashlite, Hajime or Brickerbot.

Although our findings are reminiscent of Mirai, we suppose this botnet is not based purely on propagating Linux malware, but a combination of brute forcing and exploiting already patched CVEs in unpatched devices to grow the size of it. Either way, to confirm how exactly this botnet operates, we need to have a sample device to analyze, which isn’t our area of expertise.

This time, we won’t give it a name. It is not 100% clear what we are looking at, what are the exact characteristics of it, and how big this thing actually is. But there are some numbers, and where possible, we have made additional reconnaissance in order to better understand what we’re dealing with.

But let us first show you the data we’ve gathered, and leave conclusions closer to the end of this post.

Read more
Total votes 12: ↑12 and ↓0 +12
Views 129
Comments 0

Even small projects have bugs, or how PVS-Studio checked Blend2D

PVS-Studio corporate blog Open source *C++ *C *

We often check large projects because it's easier to find bugs there. What if we try PVS-Studio on a small project? In this article we analyze Blend2D — a library for vector 2D graphics. Let's look at what we found.


0894_Blend2d/image1.png


Introduction


It's no secret that large projects have fascinating errors. It's not just "the larger the codebase is – the more errors we can find". It's also a known fact that the density of errors grows along with the codebase. That's why we love checking large projects — to treat you with a variety of "yummy" and tricky errors and typos. Besides, it's always interesting to search through a huge project with lots of dependencies, legacy code, and other stuff.


Today I'm moving away from this tradition. I decided to take a small project and see what PVS-Studio can find there. I chose Blend2D — branch master, commit c484790.

Read more →
Total votes 3: ↑2 and ↓1 +1
Views 267
Comments 0

The Dino game from Google Chrome using FPGA

Delirium coding FPGA *Circuit design *Games and game consoles

Many people are familiar with the situation when there is no Internet, and a small dinosaur appears on the Google Chrome screen. Today we will tell you how to implement this game on the Cyclone IV FPGA board.

We are Yegor Blinov, Egor Kuziakov, and Inga Ezhova - the first-year students of Innopolis University. In our program, there was a course "Computer Architecture", where we had labs with FPGA boards Cyclone IV and MAX10. We were inspired by this equipment and decided to implement the project on one of the boards.

Read more
Total votes 5: ↑5 and ↓0 +5
Views 572
Comments 1

Concordance of sense

Search engines *Semantics *Algorithms *Natural Language Processing *
Translation

In [1,2,3] texts (sign sequences with repetitions) were transformed (coordinated) into algebraic systems using matrix units as word images. Coordinatization is a necessary condition of algebraization of any subject area. Function (arrow) (7) in [1]) is a matrix coordinatization of text. One can perform algebraic operations with words and fragments of matrix texts as with integers, but taking into account the noncommutativity of multiplication of words as matrices. Structurization of texts is reduced to the calculation of ideals and categories of texts in matrix form.

Read more
Total votes 1: ↑1 and ↓0 +1
Views 159
Comments 0

CML AT Medical Developed a 3D Printed Knee Joint Endoprosthesis

Top 3D Shop corporate blog 3D printers

In the past, FDM 3D printing solutions have been primarily used for surgical planning. The added benefit is one can perform surgical planning digitally in preparation for surgical procedures, create mock up operations physically with the usage of trustworthy full-scale printed parts and test implants prior to inserting them into the body.

Read more
Total votes 3: ↑3 and ↓0 +3
Views 87
Comments 0

Virtual function calls in constructors and destructors (C++)

PVS-Studio corporate blog Programming *C++ *

Virtual function calls in constructors (C++)
In different programming languages, the behavior of virtual functions differs when it comes to constructors and destructors. Incorrect use of virtual functions is a classic mistake. Developers often use virtual functions incorrectly. In this article, we discuss this classic mistake.

Read more →
Total votes 2: ↑2 and ↓0 +2
Views 445
Comments 0

Raise3D Announced an FDM 3D Printer That Works with Carbon-Filled Polymers

Top 3D Shop corporate blog 3D printers

Raise3D is preparing to receive pre-orders for E2CF — a version of its desktop additive system E2 that is able to print using carbon-fiber-reinforced polymers. The device is optimized for working with carbon-filled filaments. 

Previously, Raise3D was primarily known for its large-format series such as the Raise3D Pro2 Plus (build volume: 305 x 305 x 605 mm), but the manufacturer is certainly planning to expand in the industrial segment with their focus on engineering-grade materials.

Read more
Total votes 4: ↑3 and ↓1 +2
Views 178
Comments 0

Thanks, Mario, but the code needs fixing — checking TheXTech

PVS-Studio corporate blog Open source *C++ *Game development *

It's cool when enthusiastic developers create a working clone of a famous game. It's even cooler when people are ready to continue the development of such projects! In this article, we check TheXTech with PVS-Studio. TheXTech is an open implementation of the game from the Super Mario universe.


0889_TheXTech/image1.png

Read more →
Total votes 3: ↑3 and ↓0 +3
Views 365
Comments 0

How to create bilingual books. Part 2. Lingtrain Alignment Studio

Open source *Programming *Learning languages Natural Language Processing *
Tutorial

title


How to make a parallel book for language learning. Part 1. Python and Colab version


This is a second article on making parallel books. Today we will use the more advanced tool which will bring rich UI functionality. Lingtrain Alignment Studio is a web application written on Vue and Python. The main purpose of it is to extract the parallel corpora from two raw texts and make a bilingual (or even multilingual) parallel book. This is an open-source project and I will be glad to hear all of your bright ideas. Links to the sources and our community contacts can be found below. Los geht's!


Setup


The app is packed into the docker container. It's a simple technology to deploy your stuff anywhere from the server to your local machine. It's available across all the operating systems. So at first, you need a docker installed locally. Then you need to run two simple commands. The first will download the container:


docker pull lingtrain/aligner:v4

And the second one will run the application:


docker run -v C:\app\data:/app/data -v C:\app\img:/app/static/img -p 80:80 lingtrain/aligner:v4

C:\app\data and C:\app\img — your local folders.


The app will be available on the 80th port. Let's open the localhost page in your favorite browser.


Lingtrain app 1


We will make three simple steps: Load, Align, Create

Continue reading
Total votes 7: ↑7 and ↓0 +7
Views 369
Comments 0

How the Carla car simulator helped us level up the static analysis of Unreal Engine 4 projects

PVS-Studio corporate blog Programming *C++ *Game development *Unreal Engine *

One of the mechanisms of static analysis is method annotations of popular libraries. Annotations provide more information about functions during errors detecting. CARLA is an impressive open-source project in C++ that helped us implement this mechanism to our analyzer. Subsequently, the simulator became a test-target for the improved PVS-Studio static analyzer.


0888_Carla/image2.png

Read more →
Total votes 1: ↑1 and ↓0 +1
Views 244
Comments 0