IT |
気になる、記になる… |
Microsoft、「Surface Pro X」のWi-Fiモデルを発売 |
https://taisy0.com/2022/01/11/150613.html
|
microsoft |
2022-01-10 15:10:04 |
IT |
気になる、記になる… |
Microsoft、Android搭載2画面端末「Surface Duo 2」を国内でも販売開始 |
https://taisy0.com/2022/01/11/150616.html
|
android |
2022-01-10 15:04:52 |
IT |
気になる、記になる… |
GRAPHT、伝統工芸「一位一刀彫」の天然木ケース「Real Wood Case for iPhone 13/13 Pro」の受注生産の受付を開始 |
https://taisy0.com/2022/01/11/150619.html
|
oodcaseforiphoneiphonepro |
2022-01-10 15:04:23 |
python |
Pythonタグが付けられた新着投稿 - Qiita |
webカメラを利用した感情分析をしてみた |
https://qiita.com/irohas_gawr/items/1d9fbdbc9bdfcd34671d
|
個人的にはFERとか他のライブラリでも作成してみたいと思ったのと、二画面ではなく一画面でリアルタイム感情分析ができたらなと思っています。 |
2022-01-11 00:33:25 |
python |
Pythonタグが付けられた新着投稿 - Qiita |
PythonプラグラムからOpenLDAPに接続&ユーザ情報を取得する |
https://qiita.com/Blaster36/items/731c102b6419d2e48dc7
|
また、過去の記事※でビルドしたjupyterminimalnotebookeceaMeCabSlumを起動し、Pythonプログラムの実行に利用するものとします。 |
2022-01-11 00:22:32 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
laravelでshowメゾットが表示されない |
https://teratail.com/questions/377543?rss=all
|
laravelでshowメゾットが表示されない前提・実現したいことlaravelで簡単なCRUDアプリを作成しているのですが、showメゾットが表示されません。 |
2022-01-11 00:53:11 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
エラーの解決について |
https://teratail.com/questions/377542?rss=all
|
エラーの解決について前提・実現したいことRubyonrailsでツイッターのようなwebサイトを作っていますが投稿機能を付けるときに以下のエラーメッセージが発生しました。 |
2022-01-11 00:31:28 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
外部APIを使用するWEBアプリケーションの実装方法について |
https://teratail.com/questions/377541?rss=all
|
|
2022-01-11 00:23:40 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
環境変数PATHを編集したい |
https://teratail.com/questions/377540?rss=all
|
|
2022-01-11 00:05:50 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
JavaScriptでボタンの使用可否を決める |
https://teratail.com/questions/377539?rss=all
|
JavaScriptでボタンの使用可否を決めるJavaScriptで英語の問題を作成しているのですが「次へ」と「前へ」のボタンを作成して、問題が切り替わるようにしており最終問題に到達すると「次へ」のボタンが押せなくなるようになっているのですがその状態で前へと押すと次へのボタンが押せない状態が続いてしまいます。 |
2022-01-11 00:02:08 |
GCP |
gcpタグが付けられた新着投稿 - Qiita |
【GCP】VMインスタンスの作成〜GCSとGCEをマウントするまでの備忘録 |
https://qiita.com/naoki-haba/items/070d0c2f8880a8036aec
|
【GCP】VMインスタンスの作成GCSとGCEをマウントするまでの備忘録はじめにGCSとGCEのマウント方法を備忘録として残すやり方ComputeEngineでVMインスタンスを作成ComputeEngineGoogleのインフラストラクチャで仮想マシンを作成して実行できる、安全性の高いカスタマイズ可能なコンピューティングサービスです。 |
2022-01-11 00:23:29 |
海外TECH |
MakeUseOf |
How Do Cyberattacks on Pipelines and Other Industrial Installations Work? |
https://www.makeuseof.com/how-cyberattacks-work/
|
impacts |
2022-01-10 15:46:53 |
海外TECH |
MakeUseOf |
How to Live Stream Mobile Games via Your PC |
https://www.makeuseof.com/how-to-live-stream-mobile-games-via-pc/
|
additional |
2022-01-10 15:30:12 |
海外TECH |
MakeUseOf |
How to Grant Permissions Using ADB in Android |
https://www.makeuseof.com/android-grant-permissions-with-adb/
|
android |
2022-01-10 15:30:12 |
海外TECH |
MakeUseOf |
The 7 Best Motorola Phones |
https://www.makeuseof.com/best-motorola-phones/
|
affordable |
2022-01-10 15:00:36 |
海外TECH |
DEV Community |
Cloud Types (Cloud Sevice Models) |
https://dev.to/ikramulkayes/cloud-types-cloud-sevice-models-30li
|
Cloud Types Cloud Sevice Models There are types of cloud service modelsIaaS Infrastructure as a service PaaS Platform as a service SaaS Software as a service Source Azure webservicesLets know some Baiscs of this modelsIaas Infrastructure as a service On this service you get most of the controls of your cloud but you avoid the expense of buying and operating your own physical servers and other data centre infrastructure which are costly and complicated But you get to manage the operating system storage and networking attributes Uses of IaaS When you want to run multiple application on a single vertual machine testing your application on different OS more control over your website PaaS Platform as a service It is for simple things like website hosting Here you do not need to worry about software licence OS storage and networking attributes Instead you manage the website or application you develop so you are getting less control from IaaS Uses of PaaS Web hosting testing building and updating SaaS Software as a service When you want the least management responsibility When you want to host a cloud based software on the cloud you need to use it subscription based services Uses of SaaS Hosting webservices like office |
2022-01-10 15:43:05 |
海外TECH |
DEV Community |
Supply, Demand, Price and Game Theory |
https://dev.to/____marcell/supply-demand-price-and-game-theory-48an
|
Supply Demand Price and Game TheoryHow price can be determined with game theory How game theory and simple math can be used to calculate the price of something and how this model is super powerful to explain a lot of others interactions Before using game theory to explain the price I m gonna do something that I like to do when I m trying to understand something and that is trying to explain it by myself without reading anything else so let s try to explain how the price of something can be decided first only using our intuition so we can start forming a picture of what we are talking about then it will be easier to understand the math that tries to model the behavior You want to charge for a service or product to simplify let s say it s a service that virtually only takes time to charge for it you need a value that will cover your time spent doing it at least so let s say your cost of living is USD month if you can perform this service times per month then you can charge no less than USD otherwise you can t pay for your cost of living besides that you probably want to have a positive balance meaning that you earn more than you spend so you want to charge more than the price that would be enough for you to survive So one thing that we can say about charging for something is that the cost of doing it time and resources is important because it dictates the minimum price possible time is important here because eventually bills will have to be paid and these bills must cover the time frame that you took to do the work otherwise your would spend more than you earn which is also viable if you have debt hoping that in the future it can be paid but let s simplify things and assume you can t spend more than you earn With just these observations we can say that the amount of times that you do the same service or sell the same product is also important and these two things are related the longer it takes to do something the more you have to charge for it and you re going to be doing that less over a fix amount of time On the contrary the cheaper something is the more times you have to do it those two things balance out here we re talking about a service but it could also be a product so the next question is how can we describe this relation In our case the price is because we think we can do it times over a month and our cost of living is if we can increase the times that we do it we can reduce the price so let s make a table and think about this relation price quantity The product is the same for all these rows p x q because is our minimum We can also think about the advantages and disadvantages of each relation of course this is a much more complicated subject to think about but we can at least intuit that in general something cheaper will be easier to sell that something more expensive demand curve also called the law of demand so increasing the quantity and lowering the price is generally speaking a good idea this also means increasing efficiency that s specially true in a very competitive market So now that we have a pretty good idea of the pieces that make the price of something quantity time cost we can expand our view and start to think about other things that influence the price Until now we only took the point of view of the seller but to sell something you also need a buyer someone willing to pay the price that you re asking assuming this buyer is a rational actor he wants to pay the least amount possible for the product or service everything else being equal We already know how to calculate the minimum price but just selling something for the minimum possible price is not a good idea since you could earn a lot more if your buyer is willing to pay more so now let s try to intuit what influences the upper limit the maximum price that you can sell something assuming two companies c and c both located at the same city and selling the same product what will determined the price of the product in this situation We can say that our buyer being a rational actor and knowing that both product are mostly the same will choose the lowest price but neither company wants to sell for the lowest price possible not only that but since we certainly have multiple potential buyers in the same city the buyers also will compete between themselves to buy the product or service it s a thug of war Now that we have a good intuition about what s happening and the pieces that matter let s define a demand function and think about the interaction between the parties using some game theory Iterated Elimination Of Strictly Dominated Strategies ConvergenceThis long and complicated name is actually not that hard to understand let s break each part and think about it Iterated EliminationWe called iterated elimination because we gonna remove the strategies that the companies will not play since we assume they are rational actors and those strategies will be sub optimal it s iterated because we do it in rounds and each round influences the next Strictly Dominated StrategyAn strictly dominated strategy is an strategy that isn t the best strategy in any situation it can be better than other strategies on a particular situation if you have more than choices but it s never the best strategy We gonna eliminate these strategies in each iteration since there s a better strategy to be played ConvergenceEach strategy elimination which in this case means the quantity that the company should produce will lead to a smaller price window this price window will get smaller as we eliminate more and more strategies until we end up with just one optimal quantity to be produced by the companies Applying the convergenceNow That we have a idea of what we re going to do let s do it Given a demand functiond q q q Where is all meaningful data that influences this function besides the quantity and the price q is the quantity that company c will produce and q is the quantity that company c will produce the objective of each company is to have the highest profit possible We can calculate the profit based on the demand function the quantity being produced and the cost of producing the product The profit payoff function of firm demand function production cost v q q q q q q In a very competitive market two companies being rational actors can only influence the quantity that they produce the demand multiplied by the quantity produced by company c will give us the maximum possible revenue of c removing the cost of production will give us the profit of cwe can rearrange the equation q q qqNow we can use the derivative at to calculate the max profit possible The derivative being q q after rearrangingq q We end up with a function that will tell us the quantity that we need to produce based on the quantity that our competitor produced if our competitor produce units we have q q So is the ideal number of units to maximize our profits if our competitor don t produce anything Now something interesting happens if our competitor knows that we know that is the ideal number if he doesn t produce anything he knows that we ll never produce more than since producing more than will be a dominated strategy S is worst than S Knowing that he can calculate the minimum amount ideal for him he just needs to plug in his equation q q What that means is that the quantity floor is in other words a strategy that produces less than is also a dominated strategy because S is better than S and we know that the upper quantity for company is so that company will never produce more than So now we also have a lower floor we have a quantity window between and anything outside this window is a bad idea But it s not over yet we can now apply the same ideafor the floor now company knows that company will never produce less than we can plug this value in our function and figure out another quantity ceiling q q since we know that company will never produce less than we should never produce more than Do you see where this is going now we can iterate again with a new upper ceiling of q q and again q q If we keep doing this we can see that the value goes to which is the best possible strategy for both companies so the quantity that they should produce to maximize profit assuming both companies are rational actors is exactly let s plug this value in to the profit function and see what happens v v So both companies profit should be and the price of each unit if another company would join the market the profit and price would drop for all of them if we keptadding more competitors eventually the price would drop to the cost of production and nobody would make a profit considering that the demand didn t changeGame Theory is a interesting exercise to think about things that happens in the real world and also serves as a guide line on how things should look but the reality is that the real world is far more complicated for starters there re no rational actors in the real world people and companies act irrationally all the time we usually don t have all the data and when we do it might not be correct so that magic that we considered in the demand functional for all the things that influence demand can be wrong when you apply to a real situation nevertheless none of this should discourage you to try to understand things model them and apply what you know to real life situations you might not have the perfect answer but you can at least understand how things should look in a ideal situation which is usually not very far from the truth |
2022-01-10 15:34:16 |
海外TECH |
DEV Community |
3D CSS Flippy Snaps with React && GreenSock |
https://dev.to/jh3y/3d-css-flippy-snaps-with-react-greensock-2hb5
|
D CSS Flippy Snaps with React amp amp GreenSockOne of Jhey s main mantras is to make learning fun In this article he shows you ways to level up your skills by bringing your ideas to life and not forgetting that you can be playful with code With that mindset every idea is bound to become an opportunity to try something new Naming things is hard right Flippy Snaps was the best thing I could come up with I saw an effect like this on TV one evening and made a note to myself to make something similar Although this isn t something I d look to drop on a website any time soon it s a neat little challenge to make It fits in with my whole stance on Playfulness in Code to learn Anyway a few days later I sat down at the keyboard and a couple of hours later I had this Jhey jhyy D CSS Flippy Snaps Tap to flip for another image ️ reactjs amp amp greensock codepen io jhy pen rNzvo… via CodePen PM Nov My final demo is a React app but we don t need to dig into using React to explain the mechanics of making this work We will create the React app once we ve established how to make things work NOTE Before we get started It s worth noting that performance of this demo is affected by the grid size and the demos are best viewed in Chromium based browsers Let s start by creating a grid Let s say we want a by grid That s cells This is why React is handy for something like this Each cell is going to consist of an element that contains the front and back for a flippable card lt div class flippy snap gt lt of these gt lt div class flippy snap card flippy card gt lt div class flippy card front gt lt div gt lt div class flippy card rear gt lt div gt lt div gt lt div gt The styles for our grid are quite straightforward We can use display grid and use a custom property for the grid size Here we are defaulting to flippy snap display grid grid gap px grid template columns repeat var grid size fr grid template rows repeat var grid size fr We won t use grid gap in the final demo but it s good for seeing the cells easier whilst developing Next we need to style the sides to our cards and display images We can do this by leveraging inline CSS custom properties Let s start by updating the markup We need each card to know its x and y position in the grid lt div class flippy snap gt lt div class flippy snap card flippy card style x y gt lt div class flippy card front gt lt div gt lt div class flippy card rear gt lt div gt lt div gt lt div class flippy snap card flippy card style x y gt lt div class flippy card front gt lt div gt lt div class flippy card rear gt lt div gt lt div gt lt Other cards gt lt div gt For the demo I m using Pug to generate this for me You can see the compiled HTML by clicking “View Compiled HTML in the demo const GRID SIZE const COUNT Math pow GRID SIZE flippy snap for let f f lt COUNT f const x f GRID SIZE const y Math floor f GRID SIZE flippy snap card flippy card style x x y y flippy card front flippy card rearThen we need some styles flippy card current image url next image url height width position relative flippy card front flippy card rear position absolute height width backface visibility hidden background image var current image background position calc var x calc var y background size calc var grid size flippy card rear background image var next image transform rotateY deg rotate deg The rear of the card gets its position using a combination of rotations via transform But the interesting part is how we show the image part for each card In this demo we are using a custom property to define the URLs for two images And then we set those as the background image for each card face But the trick is how we define the background size and background position Using the custom properties x and y we multiply the value by And then we set the background size to grid size multiplied by This gives displays the correct part of the image for a given card You may have noticed that we had current image and next image But currently there is no way to see the next image For that we need a way to flip our cards We can use another custom property for this Let s introduce a count property and set a transform for our cards flippy snap count perspective vmin flippy card transform rotateX calc var count deg transition transform s transform style preserve d We can set the count property on the containing element Scoping means all the cards can pick up that value and use it to transform their rotation on the x axis We also need to set transform style preserve d so that we see the back of the cards Setting a perspective gives us that D perspective This demo lets you update the count property value so you can see the effect it has At this point you could wrap it up there and set a simple click handler that increments count by one on each click const SNAP document querySelector flippy snap let count const UPDATE gt SNAP style setProperty count count SNAP addEventListener click UPDATE Remove the grid gap and you d get this Click the snap to flip it Now we have the basic mechanics worked out it s time to turn this into a React app There s a bit to break down here const App gt const snaps setSnaps useState const disabled setDisabled useState true const gridSize setGridSize useState const snapRef useRef null const grabPic async gt const pic await fetch return pic url useEffect gt const setup async gt const url await grabPic const nextUrl await grabPic setSnaps url nextUrl setDisabled false setup const setNewImage async count gt const newSnap await grabPic setSnaps count current newSnap snaps snaps newSnap setDisabled false const onFlip async count gt setDisabled true setNewImage count if snaps length return lt h className loader gt Loading lt h gt return lt FlippySnap gridSize gridSize disabled disabled snaps snaps onFlip onFlip snapRef snapRef gt Our App component handles grabbing images and passing them to our FlippySnap component That s the bulk of what s happening here For this demo we re grabbing images from Unsplash const grabPic async gt const pic await fetch return pic url Initial effect grabs two snaps to be used by FlippySnapuseEffect gt const setup async gt const url await grabPic const nextUrl await grabPic setSnaps url nextUrl setDisabled false setup If there aren t two snaps to show then we show a Loading message if snaps length return lt h className loader gt Loading lt h gt If we are grabbing a new image we need to disable FlippySnap so we can t spam click it lt FlippySnap gridSize gridSize disabled disabled Toggle a disabled prop to stop spam clicks snaps snaps onFlip onFlip snapRef snapRef gt We re letting App dictate the snaps that get displayed by FlippySnap and in which order On each flip we grab a new image and depending on how many times we ve flipped we set the correct snaps The alternative would be to set the snaps and let the component figure out the order const setNewImage async count gt const newSnap await grabPic Grab the snap setSnaps count current newSnap snaps snaps newSnap Set the snaps based on the current count which we get from FlippySnap setDisabled false Enable clicks again const onFlip async count gt setDisabled true Disable so we can t spam click setNewImage count Grab a new snap to display How might FlippySnap look There isn t much to it at all const FlippySnap disabled gridSize onFlip snaps gt const CELL COUNT Math pow gridSize const count useRef const flip e gt if disabled return count current count current if onFlip onFlip count const buttonStyle grid size gridSize count count current current image url snaps next image url snaps return lt button className flippy snap ref containerRef style buttonStyle gt new Array CELL COUNT fill map cell index gt const x index gridSize const y Math floor index gridSize const cellStyle x x y y return lt span key index className flippy card style cellStyle gt lt span className flippy card front gt lt span gt lt span className flippy card rear gt lt span gt lt span gt lt button gt The component handles rendering all the cards and setting the inline custom properties The onClick handler for the container increments the count It also triggers the onFlip callback If the state is currently disabled it does nothing That flip of the disabled state and grabbing a new snap triggers the flip when the component re renders We have a React component that will now flip through images for as long as we want to keep requesting new ones But that flip transition is a bit boring To spice it up we re going to make use of GreenSock and it s utilities In particular the distribute utility This will allow us to distribute the delay of flipping our cards in a grid like burst from wherever we click To do this we re going to use GreenSock to animate the count value on each card It s worth noting that we have a choice here We could opt to apply the styles with GreenSock Instead of animating the count property value we could animate rotateX We could do this based on the count ref we have And this also goes for any other things we choose to animate with GreenSock in this article It s down to preference and use case You may feel that updating the custom property value makes sense The benefit being that you don t need to update any JavaScript to get a different styled behavior We could change the CSS to use rotateY for example Our updated flip function could look like this const flip e gt if disabled return const x parseInt e target parentNode getAttribute data snap x const y parseInt e target parentNode getAttribute data snap y count current count current gsap to containerRef current querySelectorAll flippy card count count current delay gsap utils distribute from x gridSize y gridSize amount gridSize base grid gridSize gridSize ease power inOut duration onComplete gt At this point update the images if onFlip onFlip count Note how we re getting an x and y value by reading attributes of the clicked card For this demo we ve opted for adding some data attributes to each card These attributes communicate a cards position in the grid We re also using a new ref called containerRef This is so we reference only the cards for a FlippySnap instance when using GreenSock new Array CELL COUNT fill map cell index gt const x index gridSize const y Math floor index gridSize const cellStyle x x y y return lt span className flippy card data snap x x data snap y y style cellStyle gt lt span className flippy card front gt lt span gt lt span className flippy card rear gt lt span gt lt span gt Once we get those x and y values we can make use of them in our animation Using gsap to we want to animate the count custom property for every flippy card that s a child of containerRef To distribute the delay from where we click we set the value of delay to use gsap utils distribute The from value of the distribute function takes an Array containing ratios along the x and y axis To get this we divide x and y by gridSize The base value is the initial value For this we want delay on the card we click The amount is the largest value We ve gone for gridSize but you could experiment with different values Something based on the gridSize is a good idea though The grid value tells GreenSock the grid size to use when calculating distribution Last but not least the ease defines the ease of the delay distribution gsap to containerRef current querySelectorAll flippy card count count current delay gsap utils distribute from x gridSize y gridSize amount gridSize base grid gridSize gridSize ease power inOut duration onComplete gt At this point update the images if onFlip onFlip count As for the rest of the animation we are using a flip duration of seconds And we make use of onComplete to invoke our callback We pass the flip count to the callback so it can use this to determine snap order Things like the duration of the flip could get configured by passing in different props if we wished Putting it all together gives us this Those that like to push things a bit might have noticed that we can still spam click the snap And that s because we don t disable FlippySnap until GreenSock has completed To fix this we can use an internal ref that we toggle at the start and end of using GreenSock const flipping useRef false New ref to track the flipping stateconst flip e gt if disabled flipping current return const x parseInt e target parentNode getAttribute data snap x const y parseInt e target parentNode getAttribute data snap y count current count current gsap to containerRef current querySelectorAll flippy card count count current delay gsap utils distribute from x gridSize y gridSize amount gridSize base grid gridSize gridSize ease power inOut duration onStart gt flipping current true onComplete gt At this point update the images flipping current false if onFlip onFlip count And now we can no longer spam click our FlippySnap Now it s time for some extra touches At the moment there s no visual sign that we can click our FlippySnap What if when we hover the cards raise towards us We could use onPointerOver and use the distribute utility again const indicate e gt const x parseInt e currentTarget getAttribute data snap x const y parseInt e currentTarget getAttribute data snap y gsap to containerRef current querySelectorAll flippy card hovered gsap utils distribute from x gridSize y gridSize base amount grid gridSize gridSize ease power inOut duration Here we are setting a new custom property on each card named hovered This is set to a value from to Then within our CSS we are going to update our card styles to watch for the value flippy card transform translated calc var hovered vmin rotateX calc var count deg Here we are saying a card will move on the z axis at most vmin We then apply this to each card using the onPointerOver prop new Array CELL COUNT fill map cell index gt const x index gridSize const y Math floor index gridSize const cellStyle x x y y return lt span onPointerOver indicate className flippy card data snap x x data snap y y style cellStyle gt lt span className flippy card front gt lt span gt lt span className flippy card rear gt lt span gt lt span gt And when our pointer leaves our FlippySnap we want to reset our card positions const reset gt gsap to containerRef current querySelectorAll flippy card hovered duration And we can apply this with the onPointerLeave prop lt button className flippy snap ref containerRef onPointerLeave reset style buttonStyle onClick flip gt Put that all together and we get something like this Try moving your pointer over it What next How about a loading indicator so we know when our App is grabbing the next image We can render a loading spinner when our FlippySnap is disabled disabled amp amp lt span className flippy snap loader gt lt span gt The styles for which could make a rotating circle flippy snap loader border radius border px solid fff border left color border right color position absolute right bottom height width transform translated vmin rotate deg animation spin s infinite keyframes spin to transform translated vmin rotate deg And this gives us a loading indicator when grabbing a new image That s it That s how we can create a FlippySnap with React and GreenSock It s fun to make things that we may not create on a day to day basis Demos like this can pose different challenges and can level up your problem solving game I took it a little further and added a slight parallax effect along with some audio You can also configure the grid size Big grids affect performance though It s also worth noting that this demo works best in Chromium based browsers Where would you take it next I d like to see if I can recreate it with ThreeJS next That ll address the performance Stay Awesome ʕ•ᴥ•ʔ |
2022-01-10 15:32:33 |
海外TECH |
Engadget |
Honor unveils its first foldable smartphone, the Magic V |
https://www.engadget.com/honor-magic-v-foldable-smartphone-153214121.html?src=rss
|
Honor unveils its first foldable smartphone the Magic VAfter teasing its first foldable smartphone in December Honor has unveiled the Magic V Honor is joining the likes of Huawei which is its former parent company and Xiaomi by stepping into the foldable marketplace Like Samsung s Z Fold devices this is a dual screen smartphone It has a inch PPI external display with a resolution of x Hz refresh rate and aspect ratio Open it up and users can access a inch PPI display which has a x resolution Hz refresh rate and aspect ratio nbsp Both OLED screens are a little larger than the Galaxy Z Fold s respective displays and support a DCI P color gamut Honor claims the Magic V is the first foldable smartphone with IMAX Enhanced certification The company says its water drop hinge helps make the display appear quot creaseless quot Oppo uses a similar style of hinge in its recently announced Find N foldable The Magic V is mm wide and mm thick when folded and when opened those dimensions shift to mm wide and mm thick Its mm tall case houses a mAh battery that supports W charging Honor says you can fully charge the battery in minutes or to percent of its capacity in just minutes The phone has five cameras in total The rear three camera array has a wide camera ultra wide camera and what Honor calls a quot spectrum enhanced camera quot All three are MP sensors There s a MP selfie camera for each screen too The Magic V runs on Qualcomm s new Snapdragon Gen chipset which has a G modem and Adreno GPU built in The Magic V has GB of RAM up to GB of storage dual SIM support and stereo speakers It uses Honor s new Magic UI which is based on Android There s also an independent security chip which stores passwords and biometric data such as fingerprints The device has three color options black space silver and burnt orange At g the silver and black models weigh slightly more than the g orange variant The Magic V will only be available in China at the outset The GB model costs approximately while the GB version is around The Magic V will go on sale on January th |
2022-01-10 15:32:14 |
海外TECH |
The Apache Software Foundation Blog |
Apache Software Foundation Security Report: 2021 |
https://blogs.apache.org/foundation/entry/apache-software-foundation-security-report2
|
Apache Software Foundation Security Report Synopsis This report explores the state of security across all of The Apache Software Foundation projects for the calendar year We review key metrics specific vulnerabilities and the most common ways users of ASF projects were affected by security issues Released January Author Mark Cox Vice President Security The Apache Software FoundationBackgroundThe security committee of The Apache Software Foundation ASF oversees and coordinates the handling of vulnerabilities across all of the Apache projects nbsp Established in and composed of all volunteers we have a consistent process for how issues are handled and this process includes how our projects must disclose security issues Anyone finding security issues in any Apache project can report them to security apache org where they are recorded and passed on to the relevant dedicated security teams or private project management committees PMC to handle nbsp The security committee monitors all the issues reported across all the projects and keeps track of the issues throughout the vulnerability lifecycle nbsp nbsp The security committee is responsible for ensuring that issues are dealt with properly and actively reminds projects of their outstanding issues and responsibilities nbsp As a board committee we have the ability to take action including blocking their future releases or worst case archiving a project if such projects are unresponsive to handling their security issues nbsp This along with the Apache License v are key parts of the ASF s general oversight function around official releases allowing the ASF to protect individual developers and giving users confidence to deploy and rely on ASF software nbsp nbsp The oversight into all security reports along with tools we have developed gives us the ability to easily create metrics on the issues nbsp Our last report covered the metrics for Statistics for In our security email addresses received in total emails After spam filtering and thread grouping there were non spam threads nbsp Unfortunately security reports do sometimes look like spam especially if they include lots of attachments or large videos and so the security team are careful to review all messages to ensure real reports are not missed for too long Diagram Breakdown of ASF security email threads for calendar year Diagram gives the breakdown of those threads nbsp threads were people confused by the Apache License nbsp As many projects use the Apache License not just those under the ASF umbrella people can get confused when they see the Apache License and they don t understand what it is This is most common for example on mobile phones where the licenses are displayed in the settings menu usually due to the inclusion of software by Google released under the Apache License nbsp We no longer reply to these emails This is up from the received in The next of the are email threads with people asking non security usually support type questions The next of those reports were researchers reporting issues in an Apache web site nbsp These are almost always false negatives where a researcher reports us having directory listings enabled source code visible public “ git directories and so on nbsp These reports are generally the unfiltered output of some publicly available scanning tool and often where the reporter asks us for some sort of monetary reward bounty for their report That left reports of new vulnerabilities in which spanned of the top level projects nbsp These reports are a mix of external reporters and internal For example where a project has found an issue themselves and followed the ASF process to assign it a CVE Common Vulnerabilities and Exposures name and address it we d still count it here nbsp We don t keep metrics that would give the breakdown of internal vs external reports The next step is that the appropriate project triages the report to see if it s really an issue or not nbsp Invalid reports and reports of things that are not actually vulnerabilities get rejected back to the reporter nbsp Of the remaining issues that are accepted they are assigned appropriate CVE names and eventually fixes are released As of January st of those reports were still under triage and investigation This is where a project was working on an issue and had not rejected the issue or assigned it a CVE as of the snapshot taken on January st nbsp This number was higher than what we d normally expect and was due to the large influx of reports that came at the end of December The remaining reports led to us assigning CVE names nbsp Some vulnerability reports may include multiple issues some reports are across multiple projects and some reports are duplicates where the same issue is found by different reporters so there isn t an exact one to one mapping of accepted reports to CVE names nbsp The Apache Security committee handles CVE name allocation and is a MITRE Candidate Naming Authority CNA so all requests for CVE names in any ASF project are routed through us even if the reporter is unaware and contacts MITRE directly or goes public with an issue before contacting us Noteworthy eventsDuring there were a few events worth discussing either because they were severe and high risk they had readily available exploits or there was media attention These included January A cross site scripting XSS flaw was found in the default error page of Apache Velocity CVE which affected a number of public visible websites Despite a fix being available it then took several months to produce a new release to include the fix causing the reporter to publicise it early As a consequence the security team did a deeper dive through all the outstanding open issues with the affected PMCs to ensure they were all being handled January A report was published which showed how malware is still exploiting Apache ActiveMQ instances that have not been patched for over years CVE June The Airflow PMC published a blog about how they handle security issues how users are sometimes slow to deploy updates CVE and how flaws in dependencies can affect Airflow July A third party blog explained how threat actors are exploiting mis configured Apache Hadoop YARN servicesAugust A researcher discovered a number of issues in HTTP implementations nbsp The Apache HTTP Server was affected by a moderate vulnerability CVE September A keynote presentation at ApacheCon discussed the security committee the US Executive Order on Improving the Nation s Cybersecurity and third party security projects such as those under the OpenSSF September A flaw in Apache OpenOffice could allow a malicious document to run arbitrary code if opened CVE October A critical issue was found in the Apache HTTP Server The default configuration protected against this vulnerability but in custom configurations without those protections and with CGI support enabled this could lead to remote code execution CVE The issue was fixed in an update days after the issue was reported to the security team however the fix was quickly found to be insufficient and a further update to fully address it was released days after that CVE A MetaSploit exploit exists for this issue October The Internet Bug Bounty from HackerOne extended their program to include Apache Airflow the Apache HTTP Server and Apache Commons nbsp Unlike many other programs this program relies on vulnerability finders following the standard ASF notification process and allows finders to claim a reward for eligible issues after the fix is available and the issue is public December A vulnerability in LogJ CVE “LogShell a popular and common Java logging library allowed remote attackers to achieve remote code execution in a default and likely installation nbsp The issue was widely exploited starting the day before a release with a fix was published nbsp There is a MetaSploit exploit module for this issue After the fixed release a few subsequent LogJ vulnerabilities were also fixed but none had the same impact or default conditions nbsp nbsp December The ASF is invited to a forum in around open source security White House Extends Invitation to Improve Open Source Security nbsp We produced a position paper in advance of the meeting Other RCE exploits were also released in for vulnerabilities fixed in Apache OFBiz CVE CVE Apache Airflow in examples CVE Apache Druid CVE Apache Tapestry CVE and Apache Storm CVE TimescalesOur security teams and project management teams are all volunteers and so we do not give any formal SLA on the handling of issues nbsp However we can break down our aims and goals for each part of the process Triage Our aim is to handle incoming mails to the security apache org alias within three working days nbsp We do not measure or report on this because we assess the severity of each incoming issue and apply the limited resources we have appropriately nbsp The alias is staffed by a very small number of volunteers taken from the different project PMCs nbsp After the security team forwards a report to a PMC the PMC will reply to the reporter nbsp Sometimes reporters send reports attaching large PDF files or even movies of exploitation that don t make it to us due to size restrictions on incoming email so please ensure any follow ups are a simple plain text email Investigation Once a report is sent to the private list of the projects management committee the process of triage and investigation varies in time depending on the project availability of resources and number of issues to be assessed nbsp As security issues are dealt with in private we send reports to a private list made up only of the PMC Therefore these reports do not reach every project committer so there is a smaller set of people in each project able to investigate and respond nbsp As a general guideline we try to ensure projects have triaged issues within days of the report nbsp The ASF security team follow up on any untriaged issues over days old Fix Once a security issue is triaged and accepted the timeline for the fixing of issues depends on the schedules of the projects themselves nbsp Issues of lower severity are most often held to pre planned releases nbsp nbsp Announcement Our process allows projects up to a few days between a fix release being pushed and the announcement of the vulnerability nbsp All vulnerabilities and mitigating software releases are announced via the announce apache org list nbsp We now aim to have them appear in the public CVE project list within a day of that announcement and even quicker for critical issues ConclusionThe Apache Software Foundation projects are highly diverse and independent nbsp They have different languages communities management and security models nbsp However one of the things every project has in common is a consistent process for how reported security issues are handled nbsp The ASF Security Committee works closely with the project teams communities and reporters to ensure that issues get handled quickly and correctly nbsp This responsible oversight is a principle of The Apache Way and helps ensure Apache software is stable and can be trusted This report gave metrics for calendar year showing from the emails received we triaged over vulnerability reports relating to ASF projects leading to fixing CVE issues nbsp The number of non spam threads dealt with was up from with the number of actual vulnerability reports up and assigned CVE up While the ASF often gets updates for critical issues out quickly reports show that users are being exploited by old issues in ASF software that have failed to be updated for years and vendors and thus their users still make use of end of life versions which have known unfixed vulnerabilities This will continue to be a big problem and we are committed to engaging on this industry wide problem to figure out what we can do to help If you have vulnerability information you would like to share please contact us or for comments on this report see the public security discuss mailing list |
2022-01-10 15:51:57 |
Cisco |
Cisco Blog |
Why ESLs fuel the imagination of retailers looking to transform digitally |
https://blogs.cisco.com/retail/why-esls-fuel-the-imagination-of-retailers-looking-to-transform-digitally
|
Why ESLs fuel the imagination of retailers looking to transform digitallyThanks to ESLs retail administrators can control prices of items in their stores offer deals and even act as beacons for customers looking for specific items in large stores all without any manual intervention or chance of human error That is of significant importance to anyone in the retail industry |
2022-01-10 15:32:10 |
ニュース |
BBC News - Home |
Cladding: Developers told to act on lower-height buildings |
https://www.bbc.co.uk/news/business-59935333?at_medium=RSS&at_campaign=KARANGA
|
action |
2022-01-10 15:03:47 |
ニュース |
BBC News - Home |
Ikea cuts sick pay for unvaccinated staff forced to self-isolate |
https://www.bbc.co.uk/news/business-59930206?at_medium=RSS&at_campaign=KARANGA
|
absences |
2022-01-10 15:06:06 |
ニュース |
BBC News - Home |
Sarah Everard: First phase of independent inquiry to conclude this year |
https://www.bbc.co.uk/news/uk-england-london-59939676?at_medium=RSS&at_campaign=KARANGA
|
murder |
2022-01-10 15:07:01 |
ニュース |
BBC News - Home |
La Liga: Angel Correa scores incredible goal from halfway line for Atletico Madrid |
https://www.bbc.co.uk/sport/av/football/59943462?at_medium=RSS&at_campaign=KARANGA
|
La Liga Angel Correa scores incredible goal from halfway line for Atletico MadridWatch as Angel Correa scores a brilliant goal from the halfway line for Atletico Madrid during their draw against Villarreal in La Liga |
2022-01-10 15:43:02 |
サブカルネタ |
ラーブロ |
小烏@赤坂(福岡県) 「鶏スープ(素麺入り)、ほか」 |
http://ra-blog.net/modules/rssc/single_feed.php?fid=195438
|
続きを読む |
2022-01-10 15:01:34 |
北海道 |
北海道新聞 |
EXIT兼近さんがコロナ感染 りんたろー。さんも濃厚接触者 |
https://www.hokkaido-np.co.jp/article/631894/
|
兼近大樹 |
2022-01-11 00:02:00 |
コメント
コメントを投稿