投稿時間:2021-11-25 05:24:14 RSSフィード2021-11-25 05:00 分まとめ(31件)

カテゴリー等	サイト名等	記事タイトル・トレンドワード等	リンクURL	頻出ワード・要約等/検索ボリューム	登録日
AWS	AWS Architecture Blog	Field Notes: Monitor IBM Db2 for Errors Using Amazon CloudWatch and Send Notifications Using Amazon SNS	https://aws.amazon.com/blogs/architecture/field-notes-monitor-ibm-db2-for-errors-using-amazon-cloudwatch-and-send-notifications-using-amazon-sns/	Field Notes Monitor IBM Db for Errors Using Amazon CloudWatch and Send Notifications Using Amazon SNSMonitoring a is crucial function to be able to detect any unanticipated or unknown access to your data in an IBM Db database running on AWS nbsp You also need to monitor any specific errors which might have an impact on the system stability and get notified immediately in case such an event occurs Depending on …	2021-11-24 19:11:11
AWS	AWS Government, Education, and Nonprofits Blog	How to prepare for re:Invent 2021 for public sector attendees	https://aws.amazon.com/blogs/publicsector/how-to-prepare-for-reinvent-2021-for-public-sector-attendees/	How to prepare for re Invent for public sector attendeesFrom November to December Amazon Web Services AWS is hosting the th annual re Invent conference in Las Vegas Nevada Attendees can deepen their cloud knowledge and gain new skills to accelerate their missionsーas well as network chat with AWS experts and have fun with thousands of other cloud enthusiasts With so much content available how can you make the most of the event Whether you re attending in person or virtually here s what public sector attendees need to know to prepare	2021-11-24 19:27:52
海外TECH	Ars Technica	Acer Swift 5 review: The grass is always greener	https://arstechnica.com/?p=1808665	traits	2021-11-24 19:14:52
海外TECH	MakeUseOf	Bring One of Windows 11’s Best Features to Windows 10 With PowerToys FancyZones	https://www.makeuseof.com/control-your-windows-and-organize-your-desktop-with-powertools-fancyzones/	Bring One of Windows s Best Features to Windows With PowerToys FancyZonesWindows s window snapping is a handy tool but you don t need to upgrade your copy of Windows to get the feature on your PC too	2021-11-24 19:15:22
海外TECH	MakeUseOf	What Are the Smart Home Benefits for Seniors?	https://www.makeuseof.com/smart-home-benefits-for-seniors/	technology	2021-11-24 19:00:26
海外TECH	DEV Community	Understanding User Authentication from Scratch	https://dev.to/propelauth/understanding-user-authentication-from-scratch-3pl2	Understanding User Authentication from ScratchAuthentication is a broad topic that can be both very simple and very complicated In this series we ll describe what it is and different approaches to implement it starting from older less secure methods and ending with modern more secure methods What is Authentication Authentication is the process of determining who someone or something is In the real world when you give someone your ID or passport that s a form of authentication Online when you enter an email password that s a form of authentication While authentication processes can also be for machine to machine communication in this post we ll focus on users identifying themselves to a web server a k a user authentication To simplify the problem we need two processes Some way to create new usersSome way to identify existing usersLet s look at a few approaches to do these and point out what s good and bad about each approach Let s assume we are building a web app and we have both a server to handle requests and a database to store data Implementing User Authentication Attempt Creating new usersWhen a new user wants to sign up we ll ask for their email address and password and save those to the DB Typically we also create a user ID so that users can change their email address but their user ID won t change Identifying existing usersA user wants to make a request to our server The only pieces of information we have are their email address user ID and password What if we just ask them to send us their email address and password again on each request When we get a request we verify the email address exists in our database and the password is correct This is called Basic Authentication technically basic authentication requires the email password to be sent in a specific format in the header but the idea is still the same the request contains the email and password Pros and ConsOn the plus side this system is very simple one might even call it basic That being said every time a user wants to do anything they need to specify their email address and password It s bad practice to save a user s password somewhere in the browser like localStorage and asking the user to re enter their password every single time they want to do anything is a terrible user experience This approach isn t completely worthless though Remember authentication is a broad topic and while I wouldn t implement a system where users are constantly passing in their email password in a browser if I was building a service where the requests primarily come from a terminal instead saving someone s email and password to a file or keychain and passing it along on every request is definitely more reasonable Implementing User Authentication Attempt We don t want to ask our users to keep entering their password so we need something else they can send to us to prove they are who they say they are We do also have a user id and we can make that user id as random as we like What if we keep our signup method the same but return the user id to the client and ask them to return it on each request Assuming user ids are generated with a cryptographically secure pseudorandom number generator they should be unguessable and we should be fine here right ConsThis approach is actually worse than our first attempt One reason why is user ids aren t supposed to change If a user s id is leaked we have no way to prevent attackers from accessing that users account forever In our last attempt if someone s password was stolen they could have changed it Now however they need a new account with a different user ID We did say that user IDs were unguessable but there are unfortunately ways where it could get leaked Maybe the user used an insecure password and someone guessed it and therefore got their user id Maybe they logged in on a shared computer with malware on it We have unfortunately no good ways to protect our users once their user ID is out Implementing User Authentication Attempt Ok so we don t want to send passwords on each request and we don t want to send a user ID on each request because we can t easily revoke it What if instead of asking the user to send us a user ID we create a new unguessable token and map it to the user s ID If someone steals our token we can delete it from our database and our user would have to log in again We can even add an expiration time after which the token is considered invalid These tokens are often called session tokens and they are typically stored in cookies These tokens are also called opaque tokens because the string itself has no meaning outside our database Pros and ConsThis a way more reasonable approach After a user logs in they have an unguessable token which only they have It s not sensitive like a password If a user wants to log out or if their phone laptop gets stolen we can just delete the token from our database The main con is that this is a stateful approach Verifying a session token requires us to do a database lookup Some platforms like Vercel have solutions like Next js API Routes which boast that they can be run globally at the edge meaning as close to the user as possible If you need to do a database lookup in a database in a fixed location you can lose some of the latency advantages you gain by globally hosting Alternative Approach JWTsIf we want to avoid the database lookup instead of issuing tokens that are saved to our database we can issue JWTs We have a separate article dedicated to understanding JWTs here Why is User Authentication hard So far everything we ve mentioned is hopefully pretty straightforward The difficulty in user authentication doesn t come from the approach it comes from all the tiny details For example When you store passwords you need to make sure they are stored securely See our article about that here Best practice for user authentication is to deny commonly used passwords and passwords seen in previous data breaches It s easy to introduce subtle timing attack vulnerabilities either in verifying the password or in supplementary workflows like forgotten password flows There are guidelines about the error messages you display to avoid leaking email addresses of your users There have been multiple vulnerabilities in JWT libraries themselves If you are using cookies they should be HTTP only and secure And the list goes on Services like PropelAuth exist so you can avoid wasting time worrying about user authentication and get back to just building your product In future posts in this series we ll look at how things like social logins and two factor authentication work	2021-11-24 19:09:16
海外TECH	DEV Community	Visual Studio Code Lifehack that saved me a ton of time!	https://dev.to/harsvnc/visual-studio-code-lifehack-that-saved-me-a-ton-of-time-23b1	Visual Studio Code Lifehack that saved me a ton of time Do you know that situation when you have a huge file with a lot of lines in vs code and you jump from one line to another and lose your orientation where you where last Don t worry i got you By simply pressingAlt ️on Windows or control minus letter on Mac you will navigate to the last courser position Thanks and i hope i could save you some time If you likes this post you may will like some of my other posts too like that one chrome extension you didn t know of ‍Or just follow me onTwitter	2021-11-24 19:01:59
Apple	AppleInsider - Frontpage News	Shazam for iOS will listen to songs for longer before giving up	https://appleinsider.com/articles/21/11/24/shazam-for-ios-will-listen-to-songs-for-longer-before-giving-up?utm_medium=rss	Shazam for iOS will listen to songs for longer before giving upShazam Apple s music recognition app has been updated to version with the app now able to spend more time listening to tougher to determine songs Available as an update via the App Store on Wednesday Shazam version s update notes explain that the milestone update adds in a change to the way the feature functions Now the app can spend more time listening to a particular song Shazam now finds more songs by trying harder for longer advises the notes Tap to Shazam to give it a go Read more	2021-11-24 19:46:17
Apple	AppleInsider - Frontpage News	Best Buy's Black Friday sale has big discounts on OLED TVs, soundbars & much more	https://appleinsider.com/articles/21/11/24/best-buys-black-friday-sale-has-big-discounts-on-oled-tvs-soundbars-much-more?utm_medium=rss	Best Buy x s Black Friday sale has big discounts on OLED TVs soundbars amp much moreThe Black Friday sales event has begun and Best Buy is offering up to off OLED K TVs discounted soundbars and low prices on popular vacuums The Best Buy Black Friday saleBlack Friday may not be for two more days but Best Buy is already offering steep discounts on high demand electronics and gadgets Check out these discounted products and act fast because sales will end soon Read more	2021-11-24 19:14:08
海外TECH	Engadget	Pentagon forms new task force to investigate UFO sightings	https://www.engadget.com/pentago-aoimsg-annoucement-193100761.html?src=rss	Pentagon forms new task force to investigate UFO sightingsThe Pentagon has established a new group to investigate UFO sightings The Airborne Object Identification and Management Synchronization Group AOIMSG will succeed the US Navy s Unidentified Aerial Phenomena Task Force According to the Defense Department “AOIMSG will synchronize efforts across the Department and the broader US government to detect identify and attribute objects of interest in Special Use Airspace SUA and to assess and mitigate any associated threats to safety of flight and national security The formation of the task force follows the release of a report in June in which the Office of the Director of National Intelligence ODNI examined sightings of “unidentified aerial phenomenon Only in one instance were officials able to determine what caused a sighting For every other incident detailed in that report ODNI said there was too little data for it to conclude what happened If the US government were to have any chance at better understanding UFOs ODNI said it would need to deploy more resources and a standardized approach across various agencies It would appear the Defense Department has taken that recommendation to heart	2021-11-24 19:31:00
海外TECH	Network World	BrandPost: Architecting Edge Computing Infrastructure Is Simplified With New Vertiv Report and Digital Configuration Tool	https://www.networkworld.com/article/3642289/architecting-edge-computing-infrastructure-is-simplified-with-new-vertiv-report-and-digital-configu.html#tk.rss_all	BrandPost Architecting Edge Computing Infrastructure Is Simplified With New Vertiv Report and Digital Configuration Tool Edge computing is a simple concept Move processing and storage closer to devices and users to better manage the tsunami of data being generated and consumed across your enterprise and enable new digital applications But it s not so simple in execution Edge use cases have different requirements that must be factored into your edge strategy And edge computing sites are deployed in very different physical environments While some edge use cases may be supported by IT racks in a regional colocation facility others require putting IT in the back of a store on the factory floor or on a city street corner This complexity is compounded by the de centralized nature of edge computing Organizations that embark on an edge computing strategy ーand our research indicates about half currently are ーwill typically need to deploy multiple edge sites to achieve their goals increasing the importance of standardized and intelligent edge infrastructure To read this article in full please click here	2021-11-24 19:05:00
海外TECH	CodeProject Latest Articles	Choose the Right Model: Comparing Relational, Document, and Graph Databases	https://www.codeproject.com/Articles/5318480/Choose-the-Right-Model-Comparing-Relational-Docume	Choose the Right Model Comparing Relational Document and Graph DatabasesThere are major types of database models in use today Learn about their differences and what applications they are good for	2021-11-24 19:39:00
海外TECH	CodeProject Latest Articles	Don’t Build Games from Scratch Part 2: Adding Player Login Authentication with Azure PlayFab	https://www.codeproject.com/Articles/5318306/Don-t-Build-Games-from-Scratch-Part-2-Adding-Playe	authentication	2021-11-24 19:25:00
医療系	医療介護 CBnews	全産業並みの収入アップ求む-快筆乱麻！masaが読み解く介護の今（71）	https://www.cbnews.jp/news/entry/20211124205342	介護福祉	2021-11-25 05:00:00
金融	金融庁ホームページ	中小企業・小規模事業者に対する金融の円滑化について公表しました。	https://www.fsa.go.jp/news/r3/ginkou/20211124.html	中小企業	2021-11-24 20:00:00
金融	金融庁ホームページ	「コロナ克服・新時代開拓のための経済対策」を踏まえた事業者支援の徹底等について金融機関に要請しました。	https://www.fsa.go.jp/news/r3/20211124/20211124.html	金融機関	2021-11-24 20:00:00
ニュース	BBC News - Home	Migrants die in biggest loss of life in Channel	https://www.bbc.co.uk/news/uk-59406355?at_medium=RSS&at_campaign=KARANGA	calais	2021-11-24 19:40:33
ニュース	BBC News - Home	Angry Murphy says 'amateurs should not be allowed in pro tournaments' - and Robertson agrees	https://www.bbc.co.uk/sport/snooker/59392405?at_medium=RSS&at_campaign=KARANGA	Angry Murphy says x amateurs should not be allowed in pro tournaments x and Robertson agreesShaun Murphy said amateurs should not be allowed in professional tournaments after suffering a shock first round exit from the UK Championship and defending champion Neil Robertson agrees	2021-11-24 19:04:34
ビジネス	ダイヤモンド・オンライン - 新着記事	キリン・アサヒ・サッポロ、ビール3社がそろって減収となった三者三様の事情 - ダイヤモンド 決算報	https://diamond.jp/articles/-/288563	三者三様	2021-11-25 05:00:00
ビジネス	ダイヤモンド・オンライン - 新着記事	富裕層が「言行不一致」な投資を絶対にしない納得の理由 - 絶対やってはいけないお金の話	https://diamond.jp/articles/-/288411	判断基準	2021-11-25 04:55:00
ビジネス	ダイヤモンド・オンライン - 新着記事	医薬品卸で再び談合疑惑！ささやかれていた「公取委の狙いは国病機構」 - 医薬経済ONLINE	https://diamond.jp/articles/-/287914	online	2021-11-25 04:50:00
ビジネス	ダイヤモンド・オンライン - 新着記事	アサヒビールの物流が車両台数を半減しても、実車走行距離を倍にできた理由 - 物流専門紙カーゴニュース発	https://diamond.jp/articles/-/288335	アサヒビールの物流が車両台数を半減しても、実車走行距離を倍にできた理由物流専門紙カーゴニュース発メーカーと卸による物流共同化の取り組みが本格化してきた。	2021-11-25 04:45:00
ビジネス	ダイヤモンド・オンライン - 新着記事	伊藤忠商事の「100年以上変わらぬ営業スタイル」とは - 伊藤忠 財閥系を凌駕した野武士集団	https://diamond.jp/articles/-/283338	伊藤忠商事	2021-11-25 04:40:00
ビジネス	ダイヤモンド・オンライン - 新着記事	【クイズ】遺言書を書いたものの、保管場所に困った！最適な場所とは？ - 「お金の達人」養成クイズ	https://diamond.jp/articles/-/288086	養成	2021-11-25 04:35:00
ビジネス	ダイヤモンド・オンライン - 新着記事	価格が上昇した「駅近タワマン」ランキング【広島市】2位グランクロスタワー広島、1位は？ - DIAMONDランキング＆データ	https://diamond.jp/articles/-/287403		2021-11-25 04:30:00
ビジネス	ダイヤモンド・オンライン - 新着記事	岸田政権初の経済対策、規模は過去最大もGDP押し上げ効果は限定的 - 政策・マーケットラボ	https://diamond.jp/articles/-/288594	押し上げ	2021-11-25 04:27:00
ビジネス	ダイヤモンド・オンライン - 新着記事	CAがワインぶちまけ大失態、それでも怒らない「一流の乗客」の感情コントロール - ファーストクラスに乗る人の共通点	https://diamond.jp/articles/-/287887	感情	2021-11-25 04:25:00
ビジネス	ダイヤモンド・オンライン - 新着記事	外国人労働者受け入れ拡大は亡国の政策、進む先は「国破れてブラック企業あり」 - 情報戦の裏側	https://diamond.jp/articles/-/288562	受け入れ	2021-11-25 04:20:00
ビジネス	ダイヤモンド・オンライン - 新着記事	円安放置で「ガソリン補助金」、政府の輸入物価対策の大愚策 - 野口悠紀雄　新しい経済成長の経路を探る	https://diamond.jp/articles/-/288549	経済成長	2021-11-25 04:15:00
ビジネス	ダイヤモンド・オンライン - 新着記事	「扶養の壁」で働き損は絶対嫌な人必見！事例集で知るあなたの最適年収は？ - 老後のお金クライシス！　深田晶恵	https://diamond.jp/articles/-/288561	「扶養の壁」で働き損は絶対嫌な人必見事例集で知るあなたの最適年収は老後のお金クライシス深田晶恵税金や社会保障の「扶養控除」に関する正しい知識は、家計の損得に直結する重要情報だ。	2021-11-25 04:05:00
ビジネス	東洋経済オンライン	乗車5分､｢世界最短の国際列車｣はなぜ存在するか マレーシア―シンガポール間､近い将来姿消す? | 海外 | 東洋経済オンライン	https://toyokeizai.net/articles/-/471179?utm_source=rss&utm_medium=http&utm_campaign=link_back	国際列車	2021-11-25 04:30:00