Development

Attackers and defenders to face off in digital metropolis security challenge featuring real-world critical infrastructure and technologies.



Cybersecurity experts at Positive Technologies and Hack In The Box are inviting red and blue team security specialists to test their skills attacking and defending a full-scale modern city at The Standoff Cyberbattle held during HITB+ CyberWeek. This mock digital metropolis with full IT and OT infrastructure including traffic systems, electrical plants, and transportation networks will feature all the latest technologies used in actual critical infrastructure installations, allowing players to expose security issues and the impact they might have on the real world.

This is an official tutorial published earlier on Ontology Medium blog
Excited to publish it for Habr readers. Feel free to ask any related questions and suggest a better format for tutorial materials

Foreword

In this article, we will begin to introduce the smart contract API of Ontology. The Ontology’s smart contract API is divided into 7 modules:

• Part 1: Blockchain & Block API
• Part 2: Storage API
• Part 3: Runtime API
• Part 4: Native API
• Part 5: Upgrade API
• Part 6: Execution Engine API
• Part 7: Static & Dynamic Call API

In this article, we will introduce the Blockchain & Block API, which is the most basic part of the Ontology smart contract system. The Blockchain API supports basic blockchain query operations, such as obtaining the current block height, whereas the Block API supports basic block query operations, such as querying the number of transactions for a given block.

Let’s get started!

First, create a new contract in SmartX and then follow the instructions below.

1. How to Use Blockchain API

References to smart contract functions are identical to Python’s references. Developers can introduce the appropriate functions as needed. For example, the following statement introduces GetHeight, the function to get the current block height, and GetHeader, the function to get the block header.

If you want to start your career in web development then learning Bootstrap is the way to go. Bootstrap is basically a framework used for front-end development of web apps. Its front-end component library is widely used to create interactive and responsive web apps and websites that we are used to today.

If you don’t already know, you must be wondering what responsive websites are? In simple terms, the responsiveness of a website means that when the size of the screen on which the website is being seen changes, the layout of the website responds to that and change. This makes the websites look good no matter what screen size it is being viewed on.

How does Bootstrap work?

There are two ways you can use Bootstrap. You can either import the Bootstrap into your code or you can download a sample Bootstrap project and build your website on that.

Bootstrap uses a 12-column model for website display, which is called a Bootstrap grid. On this grid, you can define different breakpoints to layout different components like headings, paragraphs, and buttons to make your website look visually appealing. When the screen size scales down, the components on the grid change layout to fit the smaller screen. This means that viewing the same website looks great on a normal size screen of your laptop and a smaller screen of your smartphone.

Bootstrap has become one of the most popular front-end development frameworks today. If you are a beginner who wants to start learning Bootstrap then you are on the right blog. Because here are the top 10 tips to learn and master Bootstrap!

A few days ago 0xd34df00d has published the translation of the article, describing the possible information about some function if we use it as a "black box", not trying to read its implementation. Of course, this information is quite different from language to language; in the original article, four cases were considered:

• Python — dynamic typing, almost no information from signature, some hints are gained by the tests;
• C — weak static typing, a little more information;
• Haskell — strong static typing, with pure functions by default, a lot more information;
• Idris — dependent typing, compiler can prove the function correctness.

"Here's C and there's Haskell, and what about Rust?" — this was the first question in the following discussion. The reply is here.

With the advent of mobile phones with high-quality cameras, we started making more and more pictures and videos of bright and memorable moments in our lives. Many of us have photo archives that extend back over decades and comprise thousands of pictures which makes them increasingly difficult to navigate through. Just remember how long it took to find a picture of interest just a few years ago.

One of Mail.ru Cloud’s objectives is to provide the handiest means for accessing and searching your own photo and video archives. For this purpose, we at Mail.ru Computer Vision Team have created and implemented systems for smart image processing: search by object, by scene, by face, etc. Another spectacular technology is landmark recognition. Today, I am going to tell you how we made this a reality using Deep Learning.

At the last Tech Train IT festival, we met the legendary John Romero, who designed and developed the iconic Wolfenstein 3D, Doom, and Quake. We talked about whether game developers need soft skills, which working tools to pay attention to, and which co-founder of Id Software's favorite toys are. Questions were asked by Nikita Tsaplin, the founder of RUVDS.


→ Text and video in Russian

We welcome any chatting on code quality. Our clients, students, and other users from all corners of the Internet write to us. Regardless of the country, time zone or language. Well, speaking language, not programming. Among programming languages, we are so far interested in a limited set. Right now, it's C, C++, C# and Java. There are many benefits from communication. We implement some users' suggestions immediately, because they are really useful. Often we just lend a hand with someone's project by explaining analyzer warnings, which end up being errors. This note is about such case.

This is a second article, which focuses on usage of the PVS-Studio analyzer in cloud CI-systems. This time we'll consider the platform Azure DevOps — a cloud CI\CD solution from Microsoft. We'll be analyzing the ShareX project.

Talking to people at conferences and in comments to articles, we face the following objection: static analysis reduces the time to detect errors, but takes up programmers' time, which negates the benefits of using it and even slows down the development process. Let's get this objection straightened out and try to show that it's groundless.

The PVS-Studio 7.04 release coincided with the release of the Warnings Next Generation 6.0.0 plugin for Jenkins. Right in this release Warnings NG Plugin added support of the PVS-Studio static code analyzer. This plugin visualizes data related to compiler warnings or other analysis tools in Jenkins. This article will cover in detail how to install and configure this plugin to use it with PVS-Studio, and will describe most of its features.

This article is a brief explanation about how using a common language keywords might have an influence on the budget of IT-infrastructure of a project or help to achieve some limitations/restrictions of hosting infrastructure and, moreover, will be a good sing of the quality and maturity of the source code.

This article is the story how we once decided to improve our internal SelfTester tool that we apply to test the quality of the PVS-Studio analyzer. The improvement was simple and seemed to be useful, but got us into some troubles. Later it turned out that we'd better gave up the idea.

This article focuses on the specifics of checking Unreal Engine projects with the PVS-Studio static analyser on the Windows operating system: how to install the analyser, check a project, where and how to view an error report.

It is a new selection of tips and tricks about Python and programming from my Telegram-channel @pythonetc.

← Previous publications


If an instance of a class doesn’t have an attribute with the given name, it tries to access the class attribute with the same name.

>>> class A:
...     x = 2
...
>>> A.x
2
>>> A().x
2

Summer is not only a holiday season, but also time of fruitful work. Sunny days are so inspiring that there's enough energy both for late walks and large code commits. The second summer PVS-Studio 7.04 release turned out to be quite large, so we suggest for your attention this press release, in which we'll tell you about everything.

There is a good practice to make your application beautiful and live, and nowadays there are a lot of tools and ways to achieve this. One of them is Shared Element Transition.

In this article I’ll cover a few mistakes which have cost me a lot of time; I’ll show how to avoid them if you decide to implement this kind of transitions with Fragments on application.

Apache Dubbo is one of the most popular Java projects on GitHub. It's not surprising. It was created 8 years ago and is widely applied as a high-performance RPC environment. Of course, most of the bugs in its code have long been fixed and the quality of the code is maintained at a high level. However, there is no reason to opt out of checking such an interesting project using the PVS-Studio static code analyzer. Let's see how it turned out.

For the past two years, there’s been a lot of buzzing about the Internet of Things (IoT). This has to lead to the rapid selection of connected devices over industries and is determined to pass the 11 billion mark by the end of the year. Major Companies including IoT software development as their major services.

All these “things” are now creating their things, namely, lots and lots of data. This data will be at the core of commercial and industrial digital transformation (which is essentially the underlying force behind the fourth industrial revolution).

In other words, life as we know it is about to change forever! How is it going to change? Let’s take a look.

1. AI (Artifical Intelligence) can Effectively Manage Oceans of information

We can’t talk about IoT without AI as the latter has the power to make IoT a whole lot smarter and more efficient.

In fact, consultants believe that AI is the brains behind IoT systems that may facilitate build them run power tool.

For example, as more and more connected devices start communicating with each other, enterprises will need to leverage deep learning, image recognition, natural language processes, and neural-network driven decisions to help them understand each other (and us humans) better.

So far, we can say that IoT has felt like an isolated experience where it was just about simple data. Going forward, businesses will strive to achieve highly integrated experiences by using AI to better understand their employees, customers, and the general public living in smart cities.

Travis CI is a distributed web service for building and testing software that uses GitHub as a source code hosting service. In addition to the above scripts, you can add your own, thanks to the extensive configuration options. In this article we will set up Travis CI for working with PVS-Studio by the example of PPSSPP code.

Surely you've heard the expression «bug hunting» many times. I dare to assume, you won't mind earning one or two hundred (or even thousand) dollars by finding a potential vulnerability in someone's program. In this article, I'll tell you about a trick that will help analyzing open source projects in order to find such vulnerabilities.