投稿時間:2021-07-08 03:25:25 RSSフィード2021-07-08 03:00 分まとめ(27件)

カテゴリー等	サイト名等	記事タイトル・トレンドワード等	リンクURL	頻出ワード・要約等/検索ボリューム	登録日
AWS	AWS Partner Network (APN) Blog	Why a Cloud Automated Operation Model is Key for Enterprises Moving to AWS	https://aws.amazon.com/blogs/apn/why-a-cloud-automated-operation-model-is-key-for-enterprises-moving-to-aws/	Why a Cloud Automated Operation Model is Key for Enterprises Moving to AWSA transformation step is key to achieving the cloud strategy benefits for organizations moving or implementing workloads to the AWS Cloud Organizations that adopt the cloud without transforming their operation model may not realize the full benefits Explore DXC Technology s approach to cloud operation excellence through a Cloud Automated Operation Model and learn how to implement it at scale and purely over managed AWS services	2021-07-07 17:36:24
AWS	AWS Partner Network (APN) Blog	Low Latency Real-Time Cache Updates with Amazon ElastiCache for Redis and Confluent Cloud Kafka	https://aws.amazon.com/blogs/apn/low-latency-real-time-cache-updates-with-amazon-elasticache-for-redis-and-confluent-cloud-kafka/	Low Latency Real Time Cache Updates with Amazon ElastiCache for Redis and Confluent Cloud KafkaFounded by the creators of Apache Kafka Confluent offers a platform for data in motion that enables processing data as real time streams across on premises and AWS Learn how to power a logistics and inventory system with microsecond read performance powered by Amazon ElastiCache for Redis and durable streaming with Kafka powered by Confluent Cloud You can use this pattern for building streaming applications and other broad sets of use cases with asynchronous requirements for low latency reads	2021-07-07 17:17:25
AWS	AWS Big Data Blog	Get started with Flink SQL APIs in Amazon Kinesis Data Analytics Studio	https://aws.amazon.com/blogs/big-data/get-started-with-flink-sql-apis-in-amazon-kinesis-data-analytics-studio/	Get started with Flink SQL APIs in Amazon Kinesis Data Analytics StudioBefore the release of Amazon Kinesis Data Analytics Studio customers relied on Amazon Kinesis Data Analytics for SQL on Amazon Kinesis Data Streams With the release of Kinesis Data Analytics Studio data engineers and analysts can use an Apache Zeppelin notebook within Studio to query streaming data interactively from a variety of sources like Kinesis …	2021-07-07 17:37:39
AWS	AWS Mobile Blog	Configure environment variables and secrets for your Lambda functions with Amplify CLI	https://aws.amazon.com/blogs/mobile/configure-environment-variables-and-secrets-for-your-lambda-functions-with-amplify-cli/	Configure environment variables and secrets for your Lambda functions with Amplify CLIWith the recent release Amplify CLI allows you to set environment variables and secrets for your Lambda functions This feature is available as an advanced setting in Amplify s “Function category and allows you to configure environment variables and secrets interactively The secrets configuration uses AWS Parameter Store backed by a “SecureString parameter In addition this …	2021-07-07 17:42:32
AWS	AWS	Meet Tim & Silvia, from AWS Public Sector New Zealand team | Amazon Web Services	https://www.youtube.com/watch?v=BiuA6O0WmvQ	Meet Tim amp Silvia from AWS Public Sector New Zealand team Amazon Web ServicesMeet Tim Silvia from AWS Public Sector New Zealand team as they share more on how innovation inspires everything that we do here at AWS Come build the future together for our customers partners communities across Australia New Zealand Reinvent your career today Learn about open roles at AWS Subscribe More AWS videos More AWS events videos ABOUT AWSAmazon Web Services AWS is the world s most comprehensive and broadly adopted cloud platform offering over fully featured services from data centers globally Millions of customers ーincluding the fastest growing startups largest enterprises and leading government agencies ーare using AWS to lower costs become more agile and innovate faster AWS AmazonWebServices CloudComputing	2021-07-07 17:11:08
AWS	AWS	Ookla: Speedtest Intelligence Process 4,000 Reports/Second While Providing Near Real-time Insights	https://www.youtube.com/watch?v=kHPGZOpbnok	Ookla Speedtest Intelligence Process Reports Second While Providing Near Real time InsightsLearn how Ookla manages over Speedtest reports they receive every second Ookla s Data Pipeline on AWS allows for enriched reporting data persistence and insights and analysis to share back with their customers Josh and Marie discuss how Ookla s use of a Kinesis Kinesis Firehose and Athena overall allow for a partially serverless architecture to save time and money while processing large amounts of reports and data  Check out more resources for architecting in the AWS​​​​cloud ​ AWS	2021-07-07 17:06:29
Program	[全てのタグ]の新着質問一覧｜teratail（テラテイル）	【docker】docker buildできない。。	https://teratail.com/questions/348289?rss=all	【 docker 】 dockerbuild でき ない 。	2021-07-08 02:52:24
Program	[全てのタグ]の新着質問一覧｜teratail（テラテイル）	Custom Field Suite ループでの関連ポスト利用について	https://teratail.com/questions/348288?rss=all	CustomFieldSuiteループでの関連ポスト利用について前提・実現したいことWordPressでプラグインCustomnbspFieldnbspSuiteを利用しています。	2021-07-08 02:32:00
Program	[全てのタグ]の新着質問一覧｜teratail（テラテイル）	unityで複数のスクリプトからthisキーワードで同じコンポーネントが参照できるのはなぜなのでしょうか？	https://teratail.com/questions/348287?rss=all	unityで複数のスクリプトからthisキーワードで同じコンポーネントが参照できるのはなぜなのでしょうか前提・実現したいこともしかしたら非常に初歩的で馬鹿な質問かもしれないのですが、複数のスクリプトからオブジェクトのコンポーネントをthisキーワードで参照できるのはなぜでしょうか例えばスクリプトAでMonoBihaviourを継承したクラスを作って、スクリプトAをオブジェクトにアタッチしたとします。	2021-07-08 02:11:29
Ruby	Rubyタグが付けられた新着投稿 - Qiita	Rails Consoleなど任意の場所で任意のViewを任意条件でRenderする	https://qiita.com/jerrywdlee/items/ccf447f6698fde84fa25	RailsConsoleなど任意の場所で任意のViewを任意条件でRenderするTLDRclassDebugControllerltActionControllerBasedefrenderfooargvnilfooFoorendertostringtemplatefoosshowendendDebugControllernewrenderfoogtltDOCTYPEhtmlgtnlthtmllangjagtnltheadgtnltmetacharsetUTFgtnlttitlegtFoolttitlegtnltmetagtnltheadgtnltbodygtnlthgtFoolthgtnltbodygtnlthtmlgtn経緯何をしたい仕事上でとある特別のCSVをConsoleで出したいが、該当CSVはViewの中のindexcsvcsvbuilderより作成されていて、RailsConsoleでの再現は極めて難しいでした。	2021-07-08 02:09:41
Ruby	Railsタグが付けられた新着投稿 - Qiita	Rails Consoleなど任意の場所で任意のViewを任意条件でRenderする	https://qiita.com/jerrywdlee/items/ccf447f6698fde84fa25	RailsConsoleなど任意の場所で任意のViewを任意条件でRenderするTLDRclassDebugControllerltActionControllerBasedefrenderfooargvnilfooFoorendertostringtemplatefoosshowendendDebugControllernewrenderfoogtltDOCTYPEhtmlgtnlthtmllangjagtnltheadgtnltmetacharsetUTFgtnlttitlegtFoolttitlegtnltmetagtnltheadgtnltbodygtnlthgtFoolthgtnltbodygtnlthtmlgtn経緯何をしたい仕事上でとある特別のCSVをConsoleで出したいが、該当CSVはViewの中のindexcsvcsvbuilderより作成されていて、RailsConsoleでの再現は極めて難しいでした。	2021-07-08 02:09:41
技術ブログ	Developers.IO	CloudFormation一撃でWeb上のファイル(Python)を指定してLambda関数を作成してみた	https://dev.classmethod.jp/articles/cloudformation-weburl-create-lamba/	cloudformation	2021-07-07 17:12:35
海外TECH	Ars Technica	Why the password isn’t dead quite yet	https://arstechnica.com/?p=1778652	drawbacks	2021-07-07 17:10:20
海外TECH	DEV Community	[JavaScript] Super dangerous, underrated vulnerability impacting JavaScript apps!	https://dev.to/yumatsushima07/javascript-super-dangerous-underrated-vulnerability-impacting-javascript-apps-4dgn	JavaScript Super dangerous underrated vulnerability impacting JavaScript apps In security researchers at Snyk disclosed details of a severe vulnerability in Lodash a popular JavaScript library which allowed hackers to attack multiple web applications The security hole was a prototype pollution bug a type of vulnerability that allows attackers to exploit the rules of the JavaScript programming language and compromise applications in various ways What is prototype pollution JavaScript is prototype based when new objects are created they carry over the properties and methods of the prototype “object which contains basic functionalities such as toString constructor and hasOwnProperty Object based inheritance gives JavaScript the flexibility and efficiency that web programmers have come to love but it also makes it vulnerable to tampering Malicious actors can make application wide changes to all objects by modifying object hence the name prototype pollution Interestingly attackers don t even need to directly modify object they can access it through the proto property of any JavaScript object And once you make a change to object it applies to all JavaScript objects in a running application including those created after tampering Here s a simple example of how prototype pollution works The following code changes the value of the toString function in the prototype to an arbitrary code let customer name person address here console log customer toString output object Object customer proto toString gt alert polluted console log customer toString alert box pops up polluted Now every time toString is called on an object an alert box will pop up with the message “polluted unless an object explicitly overrides Object toString with its own implementation Since toString is widely used in client side JavaScript this will cause disruption in the application s execution Other prototype pollution attacks involve adding properties and methods to object to manipulate the behavior of an application What is the impact of prototype pollution “The impact of prototype pollution depends on the application security researcher MichałBentkowski “In a nutshell every time a JavaScript code accesses a property that doesn t exist on an object which includes checking the existence of the property we can change the outcome of the check with prototype pollution He added “Depending on the exact logic of the application prototype pollution can lead to practically all popular web vulnerabilities remote code execution RCE cross site scripting XSS SQL injection and so on On web browsers prototype pollution commonly leads to XSS attacks see example above In for instance a prototype pollution bug found in JavaScript library jQuery left many web applications vulnerable to such assaults Check my post to understand more about popular vulns Cybersecurity Most common web security vulnerabilities But other vulnerabilities are likely to surface “Client side exploitation of prototype pollution is not currently well covered says Bentkowski who is currently working on a detailed account of how exploits in this category can bypass popular HTML sanitizers such as html sanitize and DOMPurify On the server side the impact of prototype pollution is better known “The impact of the prototype pollution on server side is at least denial of service by causing the Node js server to crash Security researcher Francesco Soncina discovered a prototype pollution vulnerability in the object mapping JavaScript library TypeORM that allowed hackers to stage SQL injection attacks on Node js applications “If the end application depending on the library has dynamic code evaluation or command execution gadgets the attacker can potentially trigger arbitrary command execution on the target machine Soncina wrote How to harden applications against prototype pollution attacksLike many other security vulnerabilities attackers exploit prototype pollution bugs through user input in web applications and sending their malicious code in text fields headers and files “I guess trusting user input is the actual root of the problem so developers should be very careful about which object fields can be influenced by users Aldoub says Another problem is the way many JavaScript applications are written “The coding pattern that leads to prototype pollution is extremely common in JavaScript code Bentkowski points out For instance many JavaScript libraries accept an options object and check the object for the presence of specific properties In case some property is not present they default to some predefined option example below options someOption options someOption default someOption In this case attackers can use prototype pollution to override someOption and manipulate the logic of the application One popular kind of defense it to create blocklists where developers remove risky fields from input strings But this is easier said than done “You have to enumerate all possibilities of risky fields and all permutations to encode such fields which is an immeasurably difficult feat Aldoub says For instance with the aforementioned Lodash vulnerability developers initially checked strings against the field proto but then realized that constructor was also a potential target for prototype pollution “What if another field was then discovered to be exploitable Aldoub says Another important step is checking dependency modules of potential prototype pollution vulnerabilities which presents its own challenges “From an application developer s point of view it is very difficult to check all the modules in use Posix explained “Therefore before use it is necessary to verify that the module is fully validated Thank you for reading Question What do you think about this vulnerability Leave a comment below Credits Yuma Tsushima Yuma Tsushima Readme file Welcome to Yuma Tsushima s Github page Visitor count About Myself Hello my name is Yuma Tsushima frequently shortened to Yuma I am an ambitious coder and I enjoy coding in JavaScript mainly I also love making websites using HTML CSS and of course JS I started programming self taught at the age of Originally I came from the creative field I draw sing animate make music Talents and HobbiesI love drawing I have been drawing all of my life I play strategy games I code and I do CTFs I am also good at animation making AMVs and image editing My favourite game is Mindustry followed by Flow Free and Sudoku I love watching anime I love Code Geass I relate to Lelouch a lot and I aspire to create my own anime Check out my work ❯Soundcloud cavhck ❯Discord CyberArtByte ❯Artwork AcceleratorArts Recent Medium… View on GitHub Follow me Github Medium SoundCloud Discord Servers Bounty Hunters An amazing bug hunting community full of developers and exploiters Link CyberArtByte My server full of bling and joy Link New Soundcloud Track	2021-07-07 17:38:46
海外TECH	DEV Community	CSS inline, block, inline-block	https://dev.to/suprabhasupi/css-inline-block-inline-block-1jl0	CSS inline block inline blockLet s understand the difference between Inline Block Inline Block ️⃣inline ️⃣block️⃣inline block lt p gt Lets checkout how inline block and inline block works You can or can t set the lt span gt width lt span gt or lt span gt height lt span gt for few display properties lt p gt ️⃣inlineInline elements takes there own width and height you can not apply the width and height and if you try to apply then it won t have any effect These are the inline HTML elements spanaimgusmallstrongb many more inline padding px border px dashed ffb It will not work width px It will not work ️⃣blockA block level element always starts on a new line A block level element always takes up the full width available A block level element has a top and a bottom margin whereas an inline element does not These are the block HTML elements hpdivheadermaintablesection block display block padding px border px dashed ffb ️⃣inline blockinline block It s formatted just like the inline element where it doesn t start on a new line It s essentially the same thing as inline except that you can set height and width values inline block display inline block padding px border px dashed ffb width px It will work Reference MDN Docs of InlineMDN Docs of Block Twitter ‍ suprabha me Instagram	2021-07-07 17:38:32
Apple	AppleInsider - Frontpage News	Users report some original HomePods 'bricking' with software version 14.6 update	https://appleinsider.com/articles/21/07/07/users-report-some-original-homepods-bricking-with-software-version-146-update?utm_medium=rss	Users report some original HomePods x bricking x with software version updateThe release version of HomePod s operating system is reportedly bricking some devices in certain configurations ーespecially when paired with an Apple TV HomePods are reportedly failing after the software updateThe user reports follow similar issues being caused by the beta version software Only the original large HomePod is being affected and usually when connected as an Apple TV stereo pair Read more	2021-07-07 17:46:16
Apple	AppleInsider - Frontpage News	Apple Watch, Fitbit could help patients track long-term COVID-19 recovery	https://appleinsider.com/articles/21/07/07/apple-watch-fitbit-could-help-patients-track-long-term-covid-19-recovery?utm_medium=rss	Apple Watch Fitbit could help patients track long term COVID recoveryEarly research suggests that wearables like the Fitbit or Apple Watch could help track patient data as they recover from long term side effects of COVID Credit Andrew O Hara AppleInsiderA study published on Wednesday in the JAMA Network Open seen by The New York Times showed that Fitbit or Apple Watch data displayed physiological and behavioral changes that could last weeks or months after a coronavirus diagnosis Read more	2021-07-07 17:28:30
海外TECH	Engadget	Moderna enters clinical trials for its mRNA-based flu vaccine	https://www.engadget.com/moderna-submits-its-m-rna-based-flu-vaccine-for-clinical-trials-172548543.html?src=rss	Moderna enters clinical trials for its mRNA based flu vaccineModerna has injected its mRNA derived vaccine for the seasonal flu into a human volunteer for the first time as part of a Phase clinical study the company announced on Wednesday nbsp This is a very early test for the new vaccine technology geared primarily towards building a baseline understanding of the treatment s quot safety reactogenicity and immunogenicity quot according to a Moderna release mRNA as the vaccine has been dubbed is designed to be effective against the four most common strains of the virus including A HN HN influenza B Yamagata and influenza B Victoria According to the World Health Organization these strains cause between and million severe cases of flu every year resulting in as many as flu related respiratory deaths annually In the US alone roughly percent of the population comes down with the flu every winter The company hopes this vaccine will prove more potent than the current percent efficacy rate of conventional flu vaccines nbsp nbsp “We are pleased to have begun this Phase study of mRNA our first mRNA seasonal flu vaccine candidate to enter the clinic We expect that our seasonal influenza vaccine candidates will be an important component of our future combination respiratory vaccines Stéphane Bancel Moderna s CEO said “Respiratory combination vaccines are an important pillar of our overall mRNA vaccine strategy We believe that the advantages of mRNA vaccines include the ability to combine different antigens to protect against multiple viruses and the ability to rapidly respond to the evolution of respiratory viruses such as influenza SARS CoV and RSV Our vision is to develop an mRNA combination vaccine so that people can get one shot each fall for high efficacy protection against the most problematic respiratory viruses quot This vaccine has been generated using the same genomic techniques the company utilized to develop its COVID treatment in The technique works by exploiting the human body s own cells to reproduce snippets of viral DNA to instigate an immune response and prime the body against future infection Since this method doesn t require the entire virus either weakened or dead but rather just a birt of its genetic code mRNA vaccines could be applied to any number of deadly modern diseases including malaria TB ーeven cancer nbsp nbsp	2021-07-07 17:25:48
Cisco	Cisco Blog	Cisco Strengthens O-RAN Market Position with Open Fronthaul Gateway Public Demo	https://blogs.cisco.com/sp/cisco-strengthens-o-ran-market-position-with-open-fronthaul-gateway-public-demo	Cisco Strengthens O RAN Market Position with Open Fronthaul Gateway Public DemoCisco has been a pioneer within the O RAN Alliance pushing for open standards and interoperability in all areas of the radio access transport network This multivendor interoperability demonstration showcases the Cisco NCS FH in an O RAN fronthaul use case per the Open Fronthaul Gateway Specification	2021-07-07 17:26:53
海外科学	NYT > Science	Advancements in Space Technology Drive Investor Interest	https://www.nytimes.com/2021/07/07/technology/space-start-ups.html	interest	2021-07-07 17:20:08
ニュース	BBC News - Home	Covid: Cases in UK rise above 30,000 for first time since January	https://www.bbc.co.uk/news/uk-57755733	januarymore	2021-07-07 17:12:46
ニュース	BBC News - Home	Gates Foundation agrees break-up back-up plan	https://www.bbc.co.uk/news/business-57756506	charity	2021-07-07 17:13:24
ニュース	BBC News - Home	Trump sues Twitter, Google and Facebook alleging 'censorship'	https://www.bbc.co.uk/news/world-us-canada-57754435	capitol	2021-07-07 17:18:00
ニュース	BBC News - Home	Man sits on toilet, gets bitten by python in Austria	https://www.bbc.co.uk/news/world-europe-57746804	sewage	2021-07-07 17:10:05
ニュース	BBC News - Home	Federer knocked out in straight sets in Wimbledon quarter-finals	https://www.bbc.co.uk/sport/tennis/57755813	Federer knocked out in straight sets in Wimbledon quarter finalsRoger Federer s bid for a ninth Wimbledon title lies in tatters after he is stunned in straight sets by Hubert Hurkacz in the quarter finals	2021-07-07 17:33:30
Azure	Azure の更新情報	General availability: Transition to Cloud Services (extended support) with new migration tool	https://azure.microsoft.com/ja-jp/updates/cloud-services-arm-migration-ga/	General availability Transition to Cloud Services extended support with new migration toolAccelerate your transition to Cloud Services extended support in Azure Resource Manager ARM using the new tool that provides a seamless and fully orchestrated migration of your Cloud Services classic deployments	2021-07-07 17:00:55
GCP	Cloud Blog	All you need to know about Firestore: A cheatsheet	https://cloud.google.com/blog/topics/developers-practitioners/all-you-need-know-about-firestore-cheatsheet/	All you need to know about Firestore A cheatsheetYour product teams might ask “Why does it take so long to build a feature or application Building applications is a heavy lift due to the technical complexity which includes the complexity of backend services that are used to manage and store data Every moment focused on this technical complexity is a distraction from delivering on core business value Firestore alters this by having Google Cloud manage your backend complexity through a complete backend as a service  Firestore is a serverless NoSQL document database that unlocks application innovation with simplicity speed and confidence  It acts as a glue that intelligently brings together the complete Google Cloud backend ecosystem in app services from Firebase and core UI frameworks amp OS from Google Click to enlargeWhat is Firestore Firestore is a serverless fully managed NoSQL document database that scales from zero to global scale without configuration or downtime Here s what makes Firestore unique Ideal for rapid flexible and scalable web and mobile development with direct connectivity to the database Supports effortless real time data synchronization with changes in your database as they happen  Robust support for offline mode so your users can keep interacting with your app even when the internet isn t available or is unreliable Fully customizable security and data validation rules to ensure the data is always protectedBuilt in strong consistency elastic scaling high performance amp best in class availability Integration with Firebase and Google Cloud services like Cloud Functions and BigQuery serverless data warehouse In addition to a rich set of Google Cloud service integrations Firestore also offers deep one click integrations with a growing set ofrd party partners via Firebase Extensions to help you even more rapidly build applications Document model databaseFirestore is a Document model database All of your data is stored in “documents and then “collections  You can think of a document as a JSON object It s a dictionary with a set of key value mappings where the values can be several different supported data types including strings numbers or binary values These documents are stored in collections Documents can t directly contain other documents but they can point to subcollections that contain other documents which can point to subcollections and so on This structure brings with it a number of advantages For starters all queries that you make are shallow meaning that you can grab a document without worrying about grabbing all the data underneath it And this means that you can structure your data hierarchically in a way that makes sense to you logically without having to worry about grabbing tons of unnecessary data  How to use Firestore Firestore can be used in two modes Firestore in Native Mode  This mode is differentiated by its ability to directly connect your web amp mobile app to Firestore Native Mode supports up to K writes per second and over a million connections  Firestore in Datastore Mode This mode supports only server side usage of Firestore but supports unlimited scaling including writes  ConclusionWhatever your application use case may be if you want to build a feature or an application quickly using Firestore backend as a service For a more in depth look into Firestore check out the documentation For more GCPSketchnote follow the GitHub repo For similar cloud content follow me on Twitter pvergadia and keep an eye out on thecloudgirl dev Related ArticleCloud Firestore explained for users who never used Firestore beforeIn this article I will break down some database basics terms you should know what Firestore is how it works how it stores data and Read Article	2021-07-07 17:30:00