All streams

In any history textbooks, the modern time has already been called the time of the next change of the industrial structure or the fourth industrial revolution (Industry 4.0). The main role, in this case, is given to information and IT systems. In an attempt to reduce the cost of IT infrastructure, unify and accelerate the process of developing IT solutions, humanity first invented "clouds" in order to replace traditional data centers, and then containers to replace virtual machines.

Clearly, containers appear more vulnerable from a security point of view. What are the advantages of containerization over virtualization? In fact, there are quite a lot of them:

• the possibility of more flexible use of available resources (no need to backup them as in the case of virtual machines);

• the ability to save resources (no need to spend them on many copies of the OS for each virtual machine);

• no delays at startup (just start of the process is almost instantaneous compared to the time needed to load the virtual machine);

• the interaction between processes, even if isolated, is much easier to implement when needed than between virtual machines. That is how, by the way, came the concept of microservices, which has recently become very popular.

All of the above led to the very rapid development of container technologies, despite the recurring problems with the security of already deployed container cloud systems, their hacks, and data leaks. Accordingly, the work on strengthening container security is also continuing. This is what will be discussed further in this article.

DDoS attacks send ripples on the ocean of the Internet, produced by creations of various sizes - botnets. Some of them feed at the top of the ocean, but there also exists a category of huge, deep water monstrosities that are rare and dangerous enough they could be seen only once in a very long time.

November 2021 we encountered, and mitigated, several attacks from a botnet, that seems to be unrelated to one described and/or well-known, like variants of Mirai, Bashlite, Hajime or Brickerbot.

Although our findings are reminiscent of Mirai, we suppose this botnet is not based purely on propagating Linux malware, but a combination of brute forcing and exploiting already patched CVEs in unpatched devices to grow the size of it. Either way, to confirm how exactly this botnet operates, we need to have a sample device to analyze, which isn’t our area of expertise.

This time, we won’t give it a name. It is not 100% clear what we are looking at, what are the exact characteristics of it, and how big this thing actually is. But there are some numbers, and where possible, we have made additional reconnaissance in order to better understand what we’re dealing with.

But let us first show you the data we’ve gathered, and leave conclusions closer to the end of this post.

We often check large projects because it's easier to find bugs there. What if we try PVS-Studio on a small project? In this article we analyze Blend2D — a library for vector 2D graphics. Let's look at what we found.

Introduction

It's no secret that large projects have fascinating errors. It's not just "the larger the codebase is – the more errors we can find". It's also a known fact that the density of errors grows along with the codebase. That's why we love checking large projects — to treat you with a variety of "yummy" and tricky errors and typos. Besides, it's always interesting to search through a huge project with lots of dependencies, legacy code, and other stuff.

Today I'm moving away from this tradition. I decided to take a small project and see what PVS-Studio can find there. I chose Blend2D — branch master, commit c484790.

Many people are familiar with the situation when there is no Internet, and a small dinosaur appears on the Google Chrome screen. Today we will tell you how to implement this game on the Cyclone IV FPGA board.

We are Yegor Blinov, Egor Kuziakov, and Inga Ezhova - the first-year students of Innopolis University. In our program, there was a course "Computer Architecture", where we had labs with FPGA boards Cyclone IV and MAX10. We were inspired by this equipment and decided to implement the project on one of the boards.

Hi everyone, today I will tell how I restored a defunct LVM thinpool. Unfortunately I could not find any howtos or manuals on the internet, so maybe this one will help someone in a similar situation.

In [1,2,3] texts (sign sequences with repetitions) were transformed (coordinated) into algebraic systems using matrix units as word images. Coordinatization is a necessary condition of algebraization of any subject area. Function (arrow) (7) in [1]) is a matrix coordinatization of text. One can perform algebraic operations with words and fragments of matrix texts as with integers, but taking into account the noncommutativity of multiplication of words as matrices. Structurization of texts is reduced to the calculation of ideals and categories of texts in matrix form.

We dust off the irregular series of articles about the Chromium project check. Let's look at the code quality in the latest Chromium release and check the new features of the PVS-Studio analyzer.

This article investigates why the standard library needs a way to deduce a common type, how it is implemented and how it works.

Porsche invested money in a German startup called Isar Aerospace that is working on a lightweight launch vehicle with 3D printed parts, including key components of power plants. The initial launch is planned for 2022.

In the past, FDM 3D printing solutions have been primarily used for surgical planning. The added benefit is one can perform surgical planning digitally in preparation for surgical procedures, create mock up operations physically with the usage of trustworthy full-scale printed parts and test implants prior to inserting them into the body.

In different programming languages, the behavior of virtual functions differs when it comes to constructors and destructors. Incorrect use of virtual functions is a classic mistake. Developers often use virtual functions incorrectly. In this article, we discuss this classic mistake.

Raise3D is preparing to receive pre-orders for E2CF — a version of its desktop additive system E2 that is able to print using carbon-fiber-reinforced polymers. The device is optimized for working with carbon-filled filaments. 

Previously, Raise3D was primarily known for its large-format series such as the Raise3D Pro2 Plus (build volume: 305 x 305 x 605 mm), but the manufacturer is certainly planning to expand in the industrial segment with their focus on engineering-grade materials.

Cygnus NG-16 was recently launched into space. It’s an iSS resupply spacecraft that brings materials and equipment needed for 3D printing with lunar regolith simulant to International Space Station.

Structured logging is gaining more and more popularity in the developers' community. In this article I'd like to demonstrate how we can use structured logging with the Microsoft.Extensions.Logging package and show the idea how we can extend it using the new features of C# 10.

Today, we discuss C# code quality and a variety of errors by the example of CMS DotNetNuke. We're going to dig into its source code. You're going to need a cup of coffee...

It's cool when enthusiastic developers create a working clone of a famous game. It's even cooler when people are ready to continue the development of such projects! In this article, we check TheXTech with PVS-Studio. TheXTech is an open implementation of the game from the Super Mario universe.

How to make a parallel book for language learning. Part 1. Python and Colab version

This is a second article on making parallel books. Today we will use the more advanced tool which will bring rich UI functionality. Lingtrain Alignment Studio is a web application written on Vue and Python. The main purpose of it is to extract the parallel corpora from two raw texts and make a bilingual (or even multilingual) parallel book. This is an open-source project and I will be glad to hear all of your bright ideas. Links to the sources and our community contacts can be found below. Los geht's!

Setup

The app is packed into the docker container. It's a simple technology to deploy your stuff anywhere from the server to your local machine. It's available across all the operating systems. So at first, you need a docker installed locally. Then you need to run two simple commands. The first will download the container:

docker pull lingtrain/aligner:v4

And the second one will run the application:

docker run -v C:\app\data:/app/data -v C:\app\img:/app/static/img -p 80:80 lingtrain/aligner:v4

C:\app\data and C:\app\img — your local folders.

The app will be available on the 80th port. Let's open the localhost page in your favorite browser.

We will make three simple steps: Load, Align, Create

The list of materials for additive manufacturing devices Studio System 2 by Desktop Metal now includes a filament filled with titanium alloy Ti-6Al-4V (Ti64), a new step in the field of metal 3D printing.

Ford equipped its new Maverick pickup truck with convenient slots to customize the cars with DIY 3D printed accessories.

One of the mechanisms of static analysis is method annotations of popular libraries. Annotations provide more information about functions during errors detecting. CARLA is an impressive open-source project in C++ that helped us implement this mechanism to our analyzer. Subsequently, the simulator became a test-target for the improved PVS-Studio static analyzer.