投稿時間:2021-07-10 14:18:17 RSSフィード2021-07-10 14:00 分まとめ(24件)

カテゴリー等 サイト名等 記事タイトル・トレンドワード等 リンクURL 頻出ワード・要約等/検索ボリューム 登録日
TECH Engadget Japanese PS5向け「デス・ストランディング ディレクターズカット」が9月24日に発売。ドロップキックも追加 https://japanese.engadget.com/ps5-death-stranding-remaster-043534536.html eathstrandingdirectorscut 2021-07-10 04:35:34
python Pythonタグが付けられた新着投稿 - Qiita 【モリメモ】DjangoHerokuデプロイ Error対応-03 https://qiita.com/YuYaMoRiMoTo/items/8a8fc93946ed634adb14 【モリメモ】DjangoHerokuデプロイError対応実行例実行コマンドherokurunbash実行コマンドpythonmanagepymigrateエラー内容ModuleNotFoundErrorNomodulenamedpsycopg対策Djangoでpostgresqlを使用するのに必要なpsycopgがありませんと言われています。 2021-07-10 13:57:54
js JavaScriptタグが付けられた新着投稿 - Qiita [Node, npm] Missing write access to /usr/local/lib/node_modules でグローバルインストール(npm i -g)ができない時の対処法 https://qiita.com/iron-smri/items/51257b32ff251c489c2e 同じく新しいPCで環境構築する人の役に立てればエラー概要新しいPCに移行して、とりあえずnodeのインストールだとnodeの公式からインストーラをダウンロードしてインストール。 2021-07-10 13:02:59
Program [全てのタグ]の新着質問一覧|teratail(テラテイル) 運動方程式をPythonで解きたいです https://teratail.com/questions/348699?rss=all 2021-07-10 13:52:14
Program [全てのタグ]の新着質問一覧|teratail(テラテイル) Virtualbox が権限エラーで実行できません https://teratail.com/questions/348698?rss=all Virtualboxが権限エラーで実行できませんエラー内容EffectivenbspUIDnbspisnbspnotnbsprootnbspeuidnbspegidnbspuidnbspgidnbsprcPleasenbsptrynbspreinstallingnbspVirtualBoxwherenbspSUPRHardenedMainnbspwhatnbspnbspVERRPERMISSIONDENIEDnbspnbspnbspPermissionnbspdenied質問上記したようなエラーが出てしまい、Virtualboxの仮想マシンを開始できません。 2021-07-10 13:48:04
Program [全てのタグ]の新着質問一覧|teratail(テラテイル) AttributeError: module 'streamlit' has no attribute 'session_state'が出る https://teratail.com/questions/348697?rss=all AttributeErrormodulexstreamlitxhasnoattributexsessionstatexが出る概要streamlitnbsprunnbspmainpyを実行すると、AttributeErrornbspmodulenbspaposstreamlitaposnbsphasnbspnonbspattributenbspapossessionstateaposというエラーになる問題で困っています。 2021-07-10 13:46:46
Program [全てのタグ]の新着質問一覧|teratail(テラテイル) Rails binaryの画像データ meta_tag ogp https://teratail.com/questions/348696?rss=all 2021-07-10 13:40:10
Program [全てのタグ]の新着質問一覧|teratail(テラテイル) .htaccessでサーバーへrefererを送らない設定はできますか? https://teratail.com/questions/348695?rss=all htaccess 2021-07-10 13:16:06
Ruby Rubyタグが付けられた新着投稿 - Qiita formオブジェクト(ActiveModel)を用いたタグ機能(編集、削除編) https://qiita.com/kanounba77/items/855e84a1b77145af1ade 今回は続きの記事になります前提条件この記事は一つ前の複数投稿編を閲覧していただいている前提の解説となります。 2021-07-10 13:57:19
Docker dockerタグが付けられた新着投稿 - Qiita phpとLaravelいじっているときに、しょうもない理由で詰まった話。 https://qiita.com/j1403239/items/b06ba97ef7a73872f910 phpとLaravelいじっているときに、しょうもない理由で詰まった話。 2021-07-10 13:05:31
GCP gcpタグが付けられた新着投稿 - Qiita Firebaseプロジェクトの削除が出来ない時にやったこと https://qiita.com/sy250f/items/ebd32732b876ef90749f リーエンの一覧を表示CloudShellを起動して、gcloudコマンドを使ってプロジェクトに接続されているリーエンの一覧を表示して確認します。 2021-07-10 13:46:47
GCP gcpタグが付けられた新着投稿 - Qiita Next.jsでGoogle SpreadsheetをHeadlessCMSとして使う https://qiita.com/suzuki_sh/items/7de6a93a87fa21e3e773 環境ChromeOSCrostiniLinuxDebianDockerversionNextjsGCPでサービスアカウントの準備Nodejsでスプレッドシートに接続する方法はいくつかありますが、今回はGCPのサービスアカウントを使います。 2021-07-10 13:32:58
Git Gitタグが付けられた新着投稿 - Qiita 【モリメモ】DjangoHerokuデプロイ Error対応-03 https://qiita.com/YuYaMoRiMoTo/items/8a8fc93946ed634adb14 【モリメモ】DjangoHerokuデプロイError対応実行例実行コマンドherokurunbash実行コマンドpythonmanagepymigrateエラー内容ModuleNotFoundErrorNomodulenamedpsycopg対策Djangoでpostgresqlを使用するのに必要なpsycopgがありませんと言われています。 2021-07-10 13:57:54
Ruby Railsタグが付けられた新着投稿 - Qiita formオブジェクト(ActiveModel)を用いたタグ機能(編集、削除編) https://qiita.com/kanounba77/items/855e84a1b77145af1ade 今回は続きの記事になります前提条件この記事は一つ前の複数投稿編を閲覧していただいている前提の解説となります。 2021-07-10 13:57:19
海外TECH DEV Community So what exactly are AWS Nitro Enclaves? https://dev.to/oblivious/so-what-exactly-are-aws-nitro-enclaves-11jf So what exactly are AWS Nitro Enclaves Secure enclaves and trusted execution environments are becoming ever more popular AWS recently released their AWS Nitro Enclaves But what are they and do I really need them Secure enclaves and trusted execution environments are becoming ever more popular AWS recently released their AWS Nitro Enclaves But what are they and do I really need them Nitro enclaves by AWS are Amazon s approach to creating trusted execution environments TEEs which are intended to support functions on sensitive data Amazon by no means invented the concept and TEEs or secure enclaves have been growing in popularity over the past number of years Hardware players like Intel and AMD have created physical chips which support TEEs while cloud platforms like Google and AWS have developed theirs based on virtual machines The latter is our focus today Assumptions we re going to assume the reader is familiar with AWS ECs and Docker Nitro Enclaves are Trusted Execution EnvironmentsOK but how exactly do Nitro Enclaves give trust to their users Let s start by explaining what exactly they do and then we can dig into how they are useful If you are familiar with EC you are likely familiar with the idea of running a virtual machine When you spin up an EC instance from your perspective Amazon gives you a server that you can access configure and run programs on via ssh However they don t actually give you a full physical computer unless you are using a bare metal instance they actually give you a virtual machine VM running on a server with other VMs In essence they carve out a number of CPUs and some RAM for your virtual machine to use Their hypervisor runs under the hood and manages the VMs running on each server providing security and access to the network and PCI devices like GPUs volume memory etc Say you are running an EC with cores CPUs and GB of RAM Nitro Enclaves allow you to give back to Amazon cores and GBs of RAM for example More specifically you tell AWS to take these resources and run a docker container with them The docker container can run anything you like but when you hand it over to Nitro you lose access to it other than a single socket connection using Virtual Sockets You can t see any internal console messages logs anything Only the input and output of the sockets Further only the parent instance ie the EC that created the enclave can communicate with the docker container running inside the enclave So basically this is just a worse EC instance inside an instance Not quite The enclave itself has two superpowers that make it exceptionally useful The enclave can speak directly to Amazon s KMS key management service over TLS So if you encrypt data of any kind and the code running inside the enclave needs to decrypt then it can do so without talking explicitly via the parent instance The enclave creates a hash of the docker container called an attestation inside the enclave when it communicates to the KMS This allows you to create access rules within the KMS so only enclaves with a particular hash ie a specific pre agreed docker container running pre agreed code get to decrypt data This can actually be used to talk to custom KMS or equivalent too proving what s running in the enclave Admittedly neither of these superpowers sounds that impressive at first glance But give it a minute or two and you begin to see the power it creates Traditionally when we use a KMS we create rules about who can encrypt and decrypt data based on IAM roles in Amazon Basically you can say Alice is allowed to encrypt and decrypt data with some key or the EC instance with ID XYZ can use the key and so forth The problem with this is that you are trusting Alice or the specified EC instance to only use the data for a particular use You don t have any guarantees they will actually do that though Alice may be malicious and the EC you chose may have been corrupted You also don t really have any reasonable verifiable log of what the data was used for Perhaps the EC is running some code from GitHub but which version was it running on June th Not always an easy question to answer You may have tried to solve this with logs throughout your CI CD pipeline but you don t actually have any guarantees Now you do with Nitro Enclaves because only the version of code and every other minute detail of how it runs in a docker container will have the attestation hash that is required to decrypt the data using the KMS So what does this empower me to do There are two main categories of benefits from Nitro enclaves verified assurance of how data is used and multiparty computation Let s discuss each in a little bit more detail Verified Usage of DataWe ve kind of alluded to this already but suppose you have some sensitive data that you need to keep safe and you want to ensure that it is only used for pre agreed purposes then Nitro is your friend You can keep your data encrypted at all times and only allow it to be decrypted within enclaves that are running a particular pre approved program This really helps to achieve internal standards towards GDPRs Data Minimization philosophy Multiparty ComputationThis is one of our big focuses at Oblivious Multiparty computation is any computation that requires input from multiple parties which they are unwilling to share in plain text ie they won t let the other parties see their data or software There are typically three approaches to performing multiparty computation find a trusted third party to facilitate the joint computation apply a specific cryptographic handshake typically the most robust but often very resource intensive or use a secure enclave In the context of Nitro enclaves multiparty computation can be performed provided all parties have access to the Amazon KMS Each party encrypts their data and sends it to the party who is hosting the enclave A pre agreed docker image is running in that party s EC and the enclave attests this when requesting the keys to decrypt the data within the enclave This is a game changer for secure SaaS whereby you trust the security of AWS but not necessarily the counterparty you are working with Are there any drawbacks I should know at this point Yes more than a couple Amazon Nitro is a great step forward for AWS users but there are a few things you should probably also know The security model is very much tied to that of Amazon s ECs This is pretty robust and has more certifications than you can count nevertheless Nitro Enclaves are still a new technology and you should be aware that new technologies always bring some potential unforeseen risks Enclaves generally albeit Intel s chips through to Nitro enclaves don t protect against many obvious side channel attacks For example imagine we used it to make predictions to say if an image contained a picture of a cat or a dog Hypothetically it took s to run whenever there was a dog in it and s whenever there was a cat then the parent instance could simply log the run times and know exactly what was contained on encrypted images being sent in Memory is in RAM To keep the enclave extra safe all of the resources required by the docker container need to be stored in RAM and RAM is expensive You can of course pass larger chunks of data in and out of the enclave as required but encryption and decryption must be performed in each direction to keep that data safe No PCI device access If you were hoping to start crunching lots of data on a NVIDIA GPU you ll be a little frustrated as you cant use any compute other than the CPUs delegated to the enclave at build time Debugging can be a real pain too As we ve been working a lot with Nitro we ve developed some tools that make our life a lot easier but at the very beginning of our journey with Nitro the debugging was a right pain If security is your number one concern there are a lot of ways to break the security of the code contained in the docker image is insecure in the first place All the enclave guarantees is the container specified is what s running not that it s in any way safe The enclaves only have that direct connection to Amazon s KMS not Google s or Azure s for example So if you are hoping to do multiparty computation you need all parties to be using the Amazon KMS to encrypt their data So why has Oblivious been tinkering with AWS Nitro Enclaves Multiparty computation MPC and privacy technologies are what we build at Oblivious We started the company focussing on building very specific MPC cryptography protocols but as we began to engage with a larger number of customers we realized there was an ever more pressing challenge to balance security privacy and flexibility Enclave technologies offer a different set of trade offs to purely cryptographic protocols Not better or worse just different We found that while large organizations can afford to pay for bespoke crypto of businesses cannot Enclaves offer a very flexible alternative approach for mainstream companies especially those who already have the software they wish to secure as prototypes or which leverage other larger frameworks and libraries Unfortunately it is still not trivial to implement software on enclaves manage access to the enclaves and assign roles and users to code running within enclaves in the context of multiparty computation That s why we built Ignite an enclave management system EMS for AWS Nitro This allows every AWS user to take advantage of Nitro enclaves for data analysis machine learning and differentially private data access control Today Ignite is available to early access users only but if you are interested in becoming an early access member or getting a notification when it goes live for public use drop us a line at ignite at oblivious ai 2021-07-10 04:08:31
海外ニュース Japan Times latest articles Heavy rain pounds southwest Japan, prompting highest alert level for 245,000 residents https://www.japantimes.co.jp/news/2021/07/10/national/rain-kyushu-flooding-evacuation/ Heavy rain pounds southwest Japan prompting highest alert level for residents Residents need to be highly cautious over mudslides and river overflow in Kagoshima in particular a Meteorological Agency official said at a news conference 2021-07-10 13:45:00
ニュース BBC News - Home Chris Eubank's son Sebastian dies in Dubai https://www.bbc.co.uk/news/uk-57786230 boxer 2021-07-10 04:28:02
ニュース BBC News - Home The Papers: 'Let's bring it home!' and 'one game from glory' https://www.bbc.co.uk/news/blogs-the-papers-57786442 italy 2021-07-10 04:16:57
LifeHuck ライフハッカー[日本版] サッカー×ビリヤードの楽しさが合体したボードゲームが上陸 https://www.lifehacker.jp/2021/07/238275-machi-ya-binhoboardclassic-start.html binhoboard 2021-07-10 14:00:00
北海道 北海道新聞 はしごから転落か、70歳男性死亡 月形の消防署 https://www.hokkaido-np.co.jp/article/565579/ 空知管内 2021-07-10 13:10:00
北海道 北海道新聞 前田は5回2安打無失点 タイガース戦 https://www.hokkaido-np.co.jp/article/565578/ 無失点 2021-07-10 13:03:00
北海道 北海道新聞 釜石で子ども復興五輪 地元ラグビー選手と交流 https://www.hokkaido-np.co.jp/article/565577/ 復興五輪 2021-07-10 13:02:03
ビジネス 東洋経済オンライン エヴァの「マリ」TV版にはいなかったキャラの正体 新劇場版から登場、既存のエヴァ世界を壊す役割 | ゲーム・エンタメ | 東洋経済オンライン https://toyokeizai.net/articles/-/439251?utm_source=rss&utm_medium=http&utm_campaign=link_back 新劇場版 2021-07-10 14:00:00
ニュース Newsweek 「バイデン・習近平」会談への準備か?──台湾問題で軟化するアメリカ https://www.newsweekjapan.jp/stories/world/2021/07/post-96673.php 何度も例に引いて申し訳ないが、前述した月日のコラムで私は、アメリカが「米軍は中国軍より弱い」とか「年以内に中国は台湾を武力攻撃するだろう」などと発信し続けるのは、「台湾有事の時には、日本が矢面に立って下さいね」ということを暗示しているに過ぎないと書いたが、今般の「キャンベル発言と麻生発言」は、まさにその予測をそのまま見せてくれたような対比を成しているように思われる。 2021-07-10 13:35:42

コメント

このブログの人気の投稿

投稿時間:2021-06-17 22:08:45 RSSフィード2021-06-17 22:00 分まとめ(2089件)

投稿時間:2021-06-20 02:06:12 RSSフィード2021-06-20 02:00 分まとめ(3871件)

投稿時間:2021-06-17 05:05:34 RSSフィード2021-06-17 05:00 分まとめ(1274件)