| AWS |
AWS Compute Blog |
Orchestrating high performance computing with AWS Step Functions and AWS Batch |
https://aws.amazon.com/blogs/compute/orchestrating-high-performance-computing-with-aws-step-functions-and-aws-batch/
|
Orchestrating high performance computing with AWS Step Functions and AWS BatchThis blog post describes several challenges common to orchestrating HPC workloads I describe how Step Functions with AWS Batch can solve many of these challenges I provide a project that contains several sample patterns and show how to deploy and test this in your account |
2022-04-12 16:53:18 |
| AWS |
AWS |
Kacific on AWS: Customer Story | Amazon Web Services |
https://www.youtube.com/watch?v=kwgJPyMNe5w
|
Kacific on AWS Customer Story Amazon Web ServicesIn this episode of AWS Community Chats Aley Hammer is joined with John Loke Deputy CTO of Kacific John shares how the AWS Leadership principle Customer Obsession translates into Kacific s mission and why Kacific decided to move all in on AWS Kacific recently won multiple awards at the Pacific Telecommunications Council in January and John shares more about these outstanding achievements Finally John gives insight into how AWS helps Kacific day to day and the relationship between AWS and Kacific Learn more at Subscribe More AWS videos More AWS events videos ABOUT AWSAmazon Web Services AWS is the world s most comprehensive and broadly adopted cloud platform offering over fully featured services from data centers globally Millions of customers ーincluding the fastest growing startups largest enterprises and leading government agencies ーare using AWS to lower costs become more agile and innovate faster Kacific Satellite KacificInternet AWS AmazonWebServices CloudComputing |
2022-04-12 16:18:03 |
| AWS |
AWS |
AWS Glue DataBrew & Data Lineage | Amazon Web Services |
https://www.youtube.com/watch?v=lhM5n66_uLs
|
AWS Glue DataBrew amp Data Lineage Amazon Web ServicesThis video explains the basic concepts of AWS Glue DataBrew and includes a demo showcasing its usecase and its data lineage feature AWS Glue DataBrew Workshop Subscribe More AWS videos More AWS events videos ABOUT AWSAmazon Web Services AWS is the world s most comprehensive and broadly adopted cloud platform offering over fully featured services from data centers globally Millions of customers ーincluding the fastest growing startups largest enterprises and leading government agencies ーare using AWS to lower costs become more agile and innovate faster Glue S Databrew Data Lineage ETL AWS AmazonWebServices CloudComputing |
2022-04-12 16:13:11 |
| python |
Pythonタグが付けられた新着投稿 - Qiita |
CSVファイルと同じ名前のディレクトリを作成しCSVファイルを格納 |
https://qiita.com/akkiii/items/7feb902049f61edc61f5
|
ospathsplitextfcsvdirname |
2022-04-13 01:47:37 |
| python |
Pythonタグが付けられた新着投稿 - Qiita |
昨日の日付をURIに含むS3のディレクトリ内のファイルを一括でダウンロード |
https://qiita.com/akkiii/items/47a628ba3ae0452987a6
|
medeltadaysdateyesterday |
2022-04-13 01:29:36 |
| python |
Pythonタグが付けられた新着投稿 - Qiita |
昨日の日付をディレクトリ名にしてファイルをセット |
https://qiita.com/akkiii/items/f494c924f418a52e125b
|
ydatetimetimedeltadays |
2022-04-13 01:22:49 |
| python |
Pythonタグが付けられた新着投稿 - Qiita |
Python+Windows10でMeCabをインストール (2022/4/13) |
https://qiita.com/stringthread/items/1503373a0840f025e6d3
|
mecab |
2022-04-13 01:19:14 |
| js |
JavaScriptタグが付けられた新着投稿 - Qiita |
コピペでOK! 0円LINEチャットボットを作ろう! #LINEDC #GAS #クイックリプライ |
https://qiita.com/okinakamasayoshi/items/50aaa3212c2279bc761e
|
linedcgas |
2022-04-13 01:11:33 |
| js |
JavaScriptタグが付けられた新着投稿 - Qiita |
yarnでcreate-react-appをするには? |
https://qiita.com/RyosukeSomeya/items/974d4308c194a804162a
|
createreactapp |
2022-04-13 01:08:34 |
| AWS |
AWSタグが付けられた新着投稿 - Qiita |
Error refreshing state: BucketRegionError: incorrect region, the bucket is not in 'ap-northeast-1' region at endpoint '' status code: 301, request id: , host id:に沼った |
https://qiita.com/ymktmk/items/429013a6b277d6831434
|
|
2022-04-13 01:25:38 |
| AWS |
AWSタグが付けられた新着投稿 - Qiita |
AWS公式資料で挑むSCS認定(39)-こんな時どうする(全分野その16) |
https://qiita.com/mingchun_zhao/items/11956c3652a311ab0d2e
|
資料 |
2022-04-13 01:06:11 |
| Docker |
dockerタグが付けられた新着投稿 - Qiita |
Laravel + Docker + PHPUnit + GitHubActions テストカバレッジをPRに出力する |
https://qiita.com/naoki-haba/items/7b753ca94115210bf3dc
|
docker |
2022-04-13 01:27:17 |
| Azure |
Azureタグが付けられた新着投稿 - Qiita |
Azure DatabricksのML Quickstartやーる |
https://qiita.com/SatoshiGachiFujimoto/items/eeea90f347967f2afd1b
|
azure |
2022-04-13 01:08:58 |
| Git |
Gitタグが付けられた新着投稿 - Qiita |
【Git】【GitHub】コミット履歴を引き継がずgit cloneする方法 後半無駄に丁寧に解説しています |
https://qiita.com/nmwkhl/items/fab5a72e13626b804f11
|
gitclone |
2022-04-13 01:26:49 |
| Ruby |
Railsタグが付けられた新着投稿 - Qiita |
【Git】【GitHub】コミット履歴を引き継がずgit cloneする方法 後半無駄に丁寧に解説しています |
https://qiita.com/nmwkhl/items/fab5a72e13626b804f11
|
gitclone |
2022-04-13 01:26:49 |
| 海外TECH |
Ars Technica |
DuckDuckGo announces a new privacy-focused Mac web browser |
https://arstechnica.com/?p=1847388
|
extension |
2022-04-12 16:36:55 |
| 海外TECH |
Ars Technica |
Stranger Things goes full-on Lovecraft in S4 trailer, and we’re here for it |
https://arstechnica.com/?p=1847283
|
lovecraft |
2022-04-12 16:20:51 |
| 海外TECH |
MakeUseOf |
7 Tips to Set Your Freelance Rates the Right Way |
https://www.makeuseof.com/tips-to-set-freelance-rates-right-way/
|
freelance |
2022-04-12 16:30:14 |
| 海外TECH |
MakeUseOf |
8 Ways to Fix the “PowerShell Has Stopped Working” Error on Windows |
https://www.makeuseof.com/windows-powershell-has-stopped-working-error-fix/
|
messages |
2022-04-12 16:16:14 |
| 海外TECH |
DEV Community |
NodeJS for Beginners - Practical Guide (With Samples) |
https://dev.to/sm0ke/nodejs-for-beginners-practical-guide-with-samples-345c
|
NodeJS for Beginners Practical Guide With Samples Hello Coders In this article we will set up a simple NodeJS application that will serve a nice web page styled with Bootstrap In the end we will use Docker to make the project deployable in production without any configuration hassle For newcomers NodeJS is a popular technology that uses JavaScript to implement performant backend features like authentication database queries and static assets management Thanks for reading Content provided by App GeneratorJavaScript Short IntroductionSetting up the environmentChoose a code editorCode a simple NodeJS ProjectIntegrate Docker for deployment Popular NodeJS ModulesFree NodeJS Starters Berry Datta Able Purity Chakra UI Free Resources amp Links What is JavaScriptJavaScript has become a really hot topic in the programming language At the moment this article is written JavaScript is known to be the most popular language in the world with over of use in software development JavaScript is well known for the development of web apps but JavaScript can be used for a variety of purposes also for native Mobile Applications we can use frameworks like React Native or Ionic for Back end Web Development we can use NodeJS or Machine Learning For more information regarding this popular programming language feel free to access these free resources JavaScript concepts for React BeginnersJavaScript and Vue Intro for Beginners Setting UP the environmentTo get started please head to the Node js official website and download the stable version of Node js that is recommended for most users As of now the recommended version is as seen in the figure below highlighted with a red border Once downloaded click on the installation file to install it on your PC To ensure that Node js is installed on your PC open a terminal window and type node vIf it is installed correctly the above command would return the version of the Node js that you just installed which in my case would be Choose a Code EditorThere are many code editors IDEs like IntelliJ IDEA and Sublime Text that you can use for developing applications in NodeJS and it all comes down to personal preference to a great extent However Visual Studio Code VS Code is the most famous among developers according to the official StackOverflow survey For the purpose of this tutorial I would also be using VS code not only because it is well known but because it is my personal favorite as well VsCode official websiteVsCode download page Code a simple NodeJS ProjectFirst thing is first we name our project Go to file explorer on your PC and create a folder with the name of the project that you want You can create this folder anywhere For this example I have created a folder and named it blog sample nodejs introduction as seen in the figure below Now open VS code kindly install it if you already haven t by heading to and downloading the stable build In the VS code open the folder that you just created and now this will act as your workspace All the files and code will be written inside this workspace Before we start creating files and begin coding we need to perform one more step And that step is to run the following command npm initThis command will create a file called package json and it is a file that is used to set up new or existing npm packages You can think of an npm package as a module that provides several functions and methods to ease our development process When you will run the command npm init it will ask for your input on various metadata like the name of the package etc which you can give according to your personal preference except for the attribute main as shown in the figure below For the “main attribute you need to enter the name of the entry file from where our backend server will begin running We haven t created that file yet but I have named it server js as the name should clearly reflect the purpose of the file and the code inside it Here is how my package json looks name nodejs article version description main server js scripts test echo Error no test specified amp amp exit start node server js author license ISC dependencies express Installing the packageBefore we can begin writing our first lines of code for our NodeJS backend server we need to install a module called Express which is a minimal and flexible NodeJS web application framework that provides a robust set of features for web and mobile applications Writing the codeCreate a new file called server js in the same directory in which you just created package json In the server js paste the following code const express require express const app express const port app get api request response gt response send Hello World app listen port req res gt console log Listening at port port The above code simply responds with Hello World when we try to access the URL localhost api Once you have pasted the code run the following command in VS code terminal to run the server node server jsIn the terminal you should be able to see the following output node server js Listening at port You should see the following result on your web browser You have just managed to set up your first NodeJS Backend server but hey what if you want to show some beautiful web page to your users using your NodeJS This is exactly what we will be doing next The express static is a function inside express that enables the server to serve static files like HTML images CSS JavaScript etc In our case we are serving the index html and the assets folder together the most simple case possible The final code of your server js file should look like this const express require express const app express const port app use express static public lt NEWapp get api request response gt response send Hello World app listen port req res gt console log Listening at port port Restart the server and open localhost in the browser You shall see a sophisticated and eye catching web page as shown in the figure below Once this design is integrated we can move forward and add Docker support Integrate DockerDocker is a service that uses OS level virtualization to package software into an isolated environment called containers In other words Docker is a containerization platform that combines application source code with OS libraries and dependencies and packages it into a single unit that can be run in any environment Running the project with DockerThe prerequisite for running the application with Docker is that first you need to install Docker Desktop on your PC Head to and install Docker according to your PC environment Once installed verify the installation by typing the following command into your terminal docker vIf the above command runs without errors that means the Docker was installed successfully and we can use it to start the NodeJS sample via a single command docker compose up buildThe main advantage of using Docker is the isolated environment execution for the project and also the fact that we ve executed a single command Of course under a Docker set up we can execute more commands and complex deployment scripts but this is not the case for our super simple project Popular NodeJS ExtensionsOur NodeJS project is fairly simple but once the projects are getting bigger and more features are required to be implemented we might need more modules and libraries that make our life easier during the coding phase Well this section mentions a few popular NodeJS libraries widely used in almost every NodeJS project multerMulter is a NodeJS Middleware for handling multipart form data which is primarily used for uploading files mysqlThe official NodeJS driver for MySql It is written in JavaScript does not require compiling and is MIT licensed dotenvdotenv is a zero dependency module that loads environment variables from a env file into process env mongooseMongoose is a MongoDB object modeling tool designed to work in an asynchronous environment Mongoose supports both promises and callbacks nodemonnodemon is a tool that helps develop NodeJS based applications by automatically restarting the node application when file changes in the directory are detected Those that patiently follow up on the content can play with a few open source Starters and Templates crafted on top of NodeJS and Express React Node JS BerryBerry is a creative React Dashboard built using the Material UI It is meant to be the best User Experience with highly customizable feature riched pages It is a complete game changer React Dashboard with an easy and intuitive responsive design on retina screens or laptops React Node JS Berry product pageReact Node JS Berry LIVE DemoThe product comes with a simple JWT authentication flow login register logout powered by an open source Node JS API Backend via Passport Library React NodeJS Datta AbleDatta Able is a colorful free React Admin Dashboard crafted by CodedThemes It comes with high feature rich pages and components with fully developer centric code React Node JS Datta Able product pageReact Node JS Datta Able LIVE DemoThe product comes with a simple JWT authentication flow login register logout powered by an open source Node JS API Backend via Passport Library React NodeJS PurityA colorful free React Admin Dashboard crafted by Creative Tim on top of Chakra UI Designed for those who like modern UI elements and beautiful websites React Purity Dashboard product pageReact Purity Dashboard LIVE DemoMade of hundred of elements designed blocks and fully coded pages Purity UI Dashboard is ready to help you create stunning websites and web apps Thanks for reading For more resources feel free to access The Sample Project can be downloaded from GithubMore Free Dashboards crafted in Django Flask and ReactMore Admin Dashboards a huge index with products |
2022-04-12 16:46:07 |
| 海外TECH |
DEV Community |
Unable to Login Django Admin after Update : Giving Error Forbidden (403) CSRF verification failed. Request aborted. |
https://dev.to/shriekdj/unable-to-login-django-admin-after-update-giving-error-forbidden-403-csrf-verification-failed-request-aborted-36g9
|
Unable to Login Django Admin after Update Giving Error Forbidden CSRF verification failed Request aborted ProblemUnable to Login Django Admin after Update Giving Error Forbidden CSRF verification failed Request aborted This Issue Can happened suddenly after updating to Newer Version Of Django DetailsDjango Project Foundation team made some changes in security requirements for all Django Version and Above In Which they made mandatory to create an list of urls getting any type of form upload in project settings named as CSRF TRUSTED ORIGINS They did not updated the details in latest tutorial documentation but they published the Changes Notes at csrf trusted origins changes First SolutionFor localhost or Goto settings py of your django project and create a new list of urls at last like given belowCSRF TRUSTED ORIGINS http https if Your running an project in localhost then you should open all urls here symbol means all urls also there is http is mandatory Second SolutionThis is Also for Localhost and for DEBUG True Copy the list of ALLOWED ORIGINS into CSRF TRUSTED ORIGINS like given below ALLOWED ORIGINS http https CSRF TRUSTED ORIGINS ALLOWED ORIGINS copy Third SolutionWhen Deploying you have to add urls to allow form uploading making any POST request I Know this maybe tricky and time consuming but it s now mandatory Also this is Mandatory to Online IDEs also like Replit Glitch and Many More Give an reaction if any solutions helped you for algorithm boost to my content bye |
2022-04-12 16:40:29 |
| 海外TECH |
DEV Community |
Serverless Testing Pyramid |
https://dev.to/prozz/serverless-testing-pyramid-21f7
|
Serverless Testing PyramidThe most common question about serverless I get lately is how to test applications in a local environment In this post I ll try to explore an updated version of the testing pyramid and present my approach to testing serverless solutions SPOILER I do not encourage rebuilding the cloud from scratch for local testing purposes quite the opposite Use the cloud to reliably test your apps and don t waste time with a traditional approach Unit TestsEverything should be unit tested It s the cheapest way to establish if what we build is working and heading in a good direction Fast feedback loop should be the top priority for every developer and nothing beats unit tests here I try to structure my code in a way that there are a lot of pure functions Once side effects kicks in and mocks are needed I m proceeding very cautiously as too many mocks may lead to brittle tests Serverless in Go How to write testable Lambdas prozz・Dec ・ min read go serverless aws tdd I still maintain a lot of mock based unit tests as those are invaluable for testing error scenarios ever tried to force your database to fail but it is highly likely integration tests should take over if that s the case Package Level Integration TestsUsing rd party APIs may be hard due to their complexity Additionally testing is about checking behaviour so changing implementation details shouldn t make the test invalid ever had to adjust mocks after simple implementation change This is why package level integration tests that can be run outside the cloud are invaluable Examples of such tests include Using DynamoDB Local to check if my stores can fetch and save data correctly Using Opensearch to build indexes and examine if queries can fetch proper data Please note that I m not trying to make a convoluted setup and simulate cloud services locally especially make them talk to each other That would be an actual anti pattern that needs to be avoided at all costs All I m doing is validating if my isolated code that is for example supposed to talk to a database is able to do it Service Level Integration TestsThis is where the fun starts and where the traditional local testing approach doesn t cut it To be sure all the resources our application creates can talk to each other we need to be able to execute our code in the cloud There is no way around it as something as innocent as a lack of IAM permission can make the service unusable Service level integration tests are run on a deployed stack Each developer should have an ability to on demand deploy their own stack inside a testing account to run them Continuous integration pipeline should also fire them on staging and other necessary environments Those kinds of tests trigger some process via an entry point such as invoking a Lambda function uploading a file to S bucket or sending a message to SQS queue then check if processing was finished and certain actions were taken for example if data was successfully saved in DynamoDB All of those interactions and checks could be done with the use of AWS API One of the challenges I faced lately was to be able to examine events that arrive at SNS topic from the inside of an integration test Turns out there is no single API call that I could use so I wrote snstesting package to help me with the task prozz snstesting Package snstesting simplifies checking what messages arrive at any SNS topic from the inside of your integration tests To solve my problem I embraced the cloud to the fullest by creating SQS queue and it s SNS subscription After checking what messages arrived at SNS both ad hoc resources are cleaned up End to end TestsNo unit or integration test can verify if your customer can use the product you are working on especially if it s a web application This is why end to end testing plays the crucial role in the development process There are at least a few tools worth exploring teams I work with use Playwright and Cypress End to end tests are frequently harder to construct and maintain and may take a lot more time to run in comparison to unit tests Don t be discouraged by it and make sure to cover at least happy paths Summary prozz prozz If you want to use serverless technologies but still insist on testing everything together locally then your mindset isn t there yet PM Aug One of the often overlooked aspects of testing is how long it takes to run them inside a CI CD pipeline Making sure it s a quick process is one of my top priorities Flaky tests and slow pipelines create a perfect excuse for a tech debt to accumulate Finding the right balance between number of valuable tests and pipeline execution time is essential Quality tests aligned with the pyramid presented in this post and fast feedback loop will boost your confidence in delivering This is how rock solid apps are born |
2022-04-12 16:32:40 |
| 海外TECH |
DEV Community |
The 10 Commandments .NET Developers Must apply for Secure Applications |
https://dev.to/dotnetsafer/the-10-commandments-net-developers-must-apply-for-secure-applications-3gl3
|
The Commandments NET Developers Must apply for Secure ApplicationsThe security of NET applications is necessary and knowing how to protect it is not always an easy task As developers we must be clear that an insecure application can be a serious problem from modifying the operation of the application or stealing the source code to exposing a company to legal liability Each developer it is clear that he applies the security that he believes convenient for his applications and I also want to add that the possibilities and ways to do this are infinite But there will always be a set of practices that any developer should follow when developing a NET application Following these best practices will prevent major application security issues And that is why I have decided to compile the commandments of NET application security You shall delete cookies when you logoutWe use sessions to maintain user login across visits On some login pages if you check a box and opt not to sign out there is no session timeout setting All at once the AspNetCore Session cookie is set to the browser to keep a track of the current logged in user When logging out remember to delete the Cookies your application has created as a Hacker may be able to take advantage of them in an unauthorized login In case we want to overwrite the default cookie session we can simply use SessionOptions like this builder Services AddSession options gt options Cookie Name AdventureWorks Session options IdleTimeout TimeSpan FromSeconds Options Cookie IsEssential true The options used are used for Cookie Determine the settings used to create the cookie IdleTimeout Indicate how long the session can be idle before its contents are abandoned IOTimeout Indicate the maximum amount of time allowed to load a session from the store or to commit it back to the store I don t want to expand any further here because this topic could be the subject of several articles I recommend you to consult all the information about sessions and cookies in the article of minutes of reading that I recommend to accompany with a good coffee or the drink that is in your case Check Session and state management in ASP NET Core You shall never forget XSS injectionsCross Site Scripting XSS is a vulnerability that allows an attacker to inject client side scripts into web pages When you load an affected page the attacker s scripts will execute with which they can steal your session tokens and cookies change the content of the web page through DOM manipulation or even redirect you away from where you want to go A Cross Site Scripting Vulnerability typically occurs when application takes user input and outputs it to unvalidated pages The places where it is easiest to carry out this type of attack are usually HTTP HeadersForm InputsURL Query StringsThe first solution is to use proper HTTP headers The X XSS Protection HTTP header will cause a script filter to be enabled in the browser This filter will prevent certain XSS attacks that can occur between sites One way to do this is This will trigger the XSS filter that will sanitize the page and remove the unsafe parts X XSS Protection It can also be done in this way Adding mode block will enable XSS filtering which upon detection of an attack will directly prevent the page from being displayed instead of sanitizing it X XSS Protection mode block We must also remember that the data inserted by users in the case of a form must be in plain text and not HTML because it could be executed Let s see the correct and incorrect way to do this Bad way If you look closely you will quickly notice that the data sent has the possibility of being executed document getElementById “id innerHTML “user data Good way In this way any data entered will be interpreted as plain text and no matter how hard they try to inject code it will not be possible document getElementById “id textContent “user data These ways are very useful when it comes to avoiding XSS attacks but if you want to go deeper into the subject I recommend this article in which I talk only about the different types of Cross Site Scripting attacks and how to avoid them Cross Site Scripting XSS Vulnerabilities Tips to prevent it Dotnetsafer・Jan ・ min read security csharp dotnet programming You shall avoid direct connections to databasesIt is clear that many times we need to connect our application to some database One of these ways is using a connector for our application The problem is when that connector is in plain text let s see this example string connectionString datasource dev dotnetsafer com port username root password secret database test MySqlConnection databaseConnection new MySqlConnection connectionString This way of doing it is not safe at all We can see perfectly well that sensitive data such as server username port or password are available to anyone who has access to our application If you re looking for some quick fixes here are some suggestions that might work Don t use Universal Data Link UDL filesUse Azure Key Vault SecretEncrypt the configuration filesUse Windows AuthenticationOf course if you want the best security for your data I recommend outsourcing connections You shall not store sensitive information in your databasesAlmost every web application must have a database for storing user data However hackers will always look to steal user data from databases ーsometimes even going as far as to attack servers themselves and gaining unauthorised access in order to do so If someone gains unauthorised access to your database they can take advantage of it by stealing all the sensitive information they find there including passwords and credit card details This seems like a joke but to this day I still see databases that store passwords in plain text so this is a commandment To do this you must encrypt sensitive information so that it is not in plain text in the database Regardless of this common encryption can fall short of password protection In cases of sensitive data it is best to hash the information and then verify it without the need for decryption keys so that the original information cannot be reversed If you want to go deeper into password hashing or any kind of information I recommend this article it is very complete How to hash passwords You shall always handle errorsErrors when developing an application are something that nobody wants to happen but they always do They are practically impossible to avoid but when they do occur you have to know how to handle them correctly If this is not done errors can leak internal information and this would not be a good thing One possible solution to this would be to always keep trace of the exception stack It is preferable to use throw than throw e because if we use the latter then it will return an empty string in production try FunctionThatMightThrow catch Exception error logger LogInfo error throw new CustomException error Another possible and good way to do this would be to always analyze the detected errors If you spot an error please don t ignore it or just let it go without fixing it There s no point in doing this because then you will never be able to take care of the problem If you know that errors are possible and want to fix them before they happen use a try catch block for code where one could occur try FunctionThatMightThrow catch Exception error NotifyUserOfError error Another option ReportErrorToService error As we can see catching the exception could be a good idea because it will stand out in the console among all of the other printouts If we wrap it up in a try catch statement then afterwards if an error occurs then we can make a plan to handle this or have code paths set up for such events If you want to learn more in depth the ways to handle errors in C applications I recommend you to read this article Good Practices for Error Handling in C Dotnetsafer・Mar ・ min read csharp dotnet beginners productivity You shall avoid CSRF attacksCross Site Request Forgery CSRF attacks are a fairly common and dangerous type of attack They are based on a vulnerability in which the attacker can take over a user session to carry out any action in his favor make purchases money transfers and more… To explain it quickly with an example let s imagine a user with a logged in session cookies and clicks on a button on a malicious page That button on the malicious site will make unauthorized requests for the real user As the user is logged in any request made would be valid With AntiforgeryOptions you can easily avoid this by adding for example builder Services AddAntiforgery options gt Set Cookie properties using CookieBuilder properties options FormFieldName AntiforgeryFieldname options HeaderName X CSRF TOKEN HEADERNAME options SuppressXFrameOptionsHeader false If you want to know all the possibilities and options of AntiforgeryOptions this article from Microsoft is for you Prevent Cross Site Request Forgery attacks You shall not forget to update your dependencies and librariesThis is probably an obvious way to prevent security breaches but sadly many developers still don t do this In NET we rely on libraries ーlots of them ーincluding Microsoft s user made ones and those found in NuGet packages Checking what library s our app uses can stop security breaches before they happen by informing us about any vulnerabilities or potential risks beforehand Remember Keeping these libraries up to date is a very simple and effective way to avoid vulnerabilities in any NET application It s also crucial to keep an eye out for outdated versions of the framework used because there might be some serious vulnerabilities we re unaware of that need immediate attention so that there won t be a risk at all ーthis will make the application more secure and easier to maintain In order to achieve this according to NuGet documentation you can use Update PackageAnd as NuGet mentions Update all packages in all projects of the current solution to the latest versions This will ensure that all packages used by your solution will be updated If you want to know the vulnerabilities of a package I recommend you to use Snyk Vulnerability DB You shall avoid click jacking attacksFor those who do not know what Clickjacking is it is a type of attack that is based in most cases on the ignorance of the user to trick him and force him to click on another element of the web page This causes the user to visit unwanted websites download malicious files provide confidential information or even transfer money without being aware of it It is very important to avoid this as it can cause serious problems to users visiting our website We must not let any web site with a domain different from ours in iframe to open This can be achieved in a very simple way in ASP NET by adding an x frame options response header and setting it as deny Let me show you an example void application beginrequest object sender eventargs e httpcontext current response addheader x frame options deny In this way the header will always be added to the application response in order to avoid any possible clickjacking attack You shall prevent SQL injectionsAn SQL injection attack exploits a vulnerability in which malicious commands are inserted into SQL Structured Query Language queries taking advantage of the dynamic nature of SQL to break down the security walls around data allowing the attacker to access information that they should not be able to see or modify Most companies do not have adequate defenses against this type of cyberattack so it s important to understand what it is and why it s dangerous in order to properly defend against it By injecting the commands through a SQL injection hackers can alter what happens on the database Let s see a simple example for those who don t know how SQL injection works Let s think that we have a login form in which we ask for username and password so that a user can log in When the information is submitted a query would be executed in the database similar to the following select idfrom userswhere username username and password password Let s suppose that the query is concatenated if for example in the user field we enter root knowing that this user exists and in the password field we enter or what would happen I mean like this What would happen would be that parameter in the password field would modify the SQL query to something like this Select idfrom userswhere username root and password or Result As it is always true we would be able to log in with the user root A very simple way to solve this is to pass the values as a parameter select idfrom userswhere username username and password password But apart from that I always recommend Validate inputs Validate inputs both client side and server side also remember to use data annotations and regular expressions Use least privileged DB access To ensure the safety of a database remove permissions so that no one can alter sensitive data or carry out certain actions Start by restricting the insert update and delete permissions for tables related to payment details or transactions Next make sure nobody can access tables containing sensitive user information such as passwords or usernames ーbecause these entries could lead to an account takeover Use an ORM like Entity Framework Object relational mapping ORM gives you the power to interact with objects as if they re directly connected to a database without ever needing to know anything about the backend A good option for this is Entity Framework You shall never write your own cryptographyOne security truth that you can t afford to ignore is that there isn t a single developer out there who knows how to come up with an unbreakable cryptographic algorithm It doesn t matter if your team has tried for years and still hasn t found the perfect combination ーwhat matters is that you re not taking chances This type of “home made cryptography is usually more prone to errors and bugs than actually protecting the source code of the application As Runa Sandvik expert security researcher said on Twitter “Asking why you should not roll your own crypto is a bit like asking why you should not design your own aircraft engine ーRuna SandvikIn the case of the NET Framework there is good news Currently there are quite a few implementations of obfuscation and encryption algorithms although you have to be careful with some of them because over the years they have not been updated and those algorithms have become obsolete ーtheir obfuscation and encryption can be easily removed with free tools on the internet This is a very big security problem and that is why I recommend using a Cloud Obfuscator You don t even need to download or install it on your computer and even less to update it since you protect from a web panel My recommendation is Shield NET obfuscator a very good cloud obfuscator that has military grade protections besides it has a Visual Studio extension that you can try for free to protect directly when compiling and also it has integration with MSBuild to deploy the application already protected This has been my compilation of the security practices that a NET developer should follow to maintain a minimum of security in their developments And if you are reading this it means that you belong to the of the people who read the articles UNTIL THE END tell me how many coffees you need per day to continue programming if I see many coffees I will not feel alone and you will make my day |
2022-04-12 16:19:22 |
| 海外TECH |
DEV Community |
Announcing the Appwrite Hackathon on DEV! |
https://dev.to/devteam/announcing-the-appwrite-hackathon-on-dev-1oc0
|
Announcing the Appwrite Hackathon on DEV There s a brand new opportunity for you to sharpen your software development skills while educating others and earning some amazing prizes ーright here on DEV Announcing the Appwrite Hackathon on DEV This is our last DEV hackathon for a number of months so if you ve been considering participating in a past DEV contest this is the time Read on for more details about Appwrite and the fun challenge they re extending to DEV members over the next few weeks Appwrite is a self hosted backend as a service platform that gives developers all the APIs required to build any application With Appwrite you can add a number of crucial services into your app including user authentication file management image handling Cloud Functions Realtime database and more From now through May th we re offering you the opportunity to build a new application using Appwrite for the chance to earn win some awesome prizes including up to USD In the process of building your app and writing your DEV submission post you ll get better acquainted with Appwrite s end to end backend server for Web Mobile Native or Backend apps CategoriesThe Appwrite Hackathon on DEV is calling for projects in the following four categories Web Wizards Build an application using any of Appwrite s services that services today s internet and its users Projects under this category should make use of user generated content on the internet in some way Web Wunderkinds Fascinated by decentralization Put on your creative hats and build a blockchain related application using Appwrite Mobile Moguls Build a new application that utilizes Appwrite s Apple SDK Appwrite s Flutter SDK or Appwrite s Android SDK Wacky Wildcards Build a wacky app that doesn t fit into one of the categories above With this category we are looking for some truly silly and or fun submissions Feel free to dream big and ridiculously ーand utilize any offering that Appwrite offers Appwrite ResourcesAppwrite documentationAppwrite on YouTubeWATCH Getting Started With Appwrite s Apple SDKTeam Appwrite on DEV ltag user id follow action button background color feffa important color fe important border color feffa important Appwrite Follow Appwrite is an open source self hosted backend server that abstract and simplify complex and repetitive development tasks behind a very simple to use REST API Prizes Grand Prize Winners one in each category USD gift card or equivalent USD credit to the Forem ShopSpecial Appwrite Grand Prize t shirtCustom Appwrite StickersPhysical Grand Prize trophy via AppwriteDEV Sticker PackDEV “Appwrite Hackathon Grand Prize profile badgeRunner Up Prizes Total USD gift card or equivalent USD credit to the Forem ShopSpecial Appwrite Runner Up t shirtCustom Appwrite StickersDEV Sticker PackDEV “Appwrite Hackathon Runner Up profile badgeParticipants with a valid project DEV Sticker PackAppwrite T shirtDEV “Appwrite Hackathon participant profile badgeHere s a preview of Appwrite s awesome swag offerings How to submit your app and enter the Appwrite Hackathon on DEVInstall AppwriteCreate an app using Appwrite that falls under one of the categories listed above Use one of the following permissive licenses for your code MIT Apache BSD BSD or Commons Clause Use this post template to officially submit your application for the hackathon Be sure to publish your submission on DEV between April and May PM UTC and provide your app s URL screenshot description and source codeAdditional notes We encourage you to share update posts on DEV using the appwritehack tag to keep us posted on your progress hint use series “series name in the markdown heading of all your Appwrite Hackathon related posts to link all content in a series Multiple submissions are allowedIf you collaborate with anyone please list their DEV handles in your submission post so we can award a profile badge to your entire team DEV does not handle prize splitting so in the event your project is named a Grand Prize winner or runner up you will need to split those amongst yourselves Thank you for understanding Additional RulesNO PURCHASE NECESSARY Open only to Contest entry period ends May PM UTC Contest is void where prohibited or restricted by law or regulation All entries must be new projects and created during the hackathon period For Official Rules see Contest Announcement Page and General Contest Official Rules Community SupportTo ask any questions about Appwrite throughout the hackathon leave a comment in the Appwrite Hackathon help threadWe also have a community discussion thread where you can share your ideas and get suggestions on improvements from the DEV community as you build your app We encourage you to share your progress along the way to generate more excitement and benefit from additional community feedback suggestions Important Dates April Hackathon BeginsMay Hackathon Submission Due at PM UTCMay Submission judging beginsWinners will be selected and announced in the weeks following the final submission deadline Stay tuned We cannot wait to see how you approach this fun challenge ーand the amazing applications you come up with Happy coding |
2022-04-12 16:12:40 |
| 海外TECH |
DEV Community |
Almighty Opensource project about machine learning you should try out |
https://dev.to/qazmkop/almighty-opensource-project-about-machine-learning-you-should-try-out-1i5f
|
Almighty Opensource project about machine learning you should try outWhen it comes to machine learning TensorFlow PyTorch and other well known machine learning frameworks come to mind and many models can also be found on GitHub However the algorithm model needs to be implemented in a specific business scenario leading to many problems Taking the recommendation system as an example the following issues may occur during the implementation of real service scenarios How to generate training data samples In recommendation scenarios splice user feedback signals such as exposure and click with various feature sources perform necessary feature cleaning and extraction and divide data into verification sets negative sampling and other complex processing We need an extensive data system to handle batch or streaming data After the training data is generated on the big data platform how can it be transmitted to the deep learning framework Frameworks such as TensorFlow and PyTorch have data input formats and corresponding DataLoader interfaces requiring data parsing Dealing with data fragmentation variable length features and other problems often puzzle algorithm engineers How to run a distributed training that can freely schedule cluster resources including GPUs A dedicated operations team may be required to manage machine learning related hardware scheduling How to train the sparse feature model and use the NLP pre training model In the recommendation scenario we need to be able to handle sparse features on a large scale to model the interesting relationship between users and goods At the same time multi modal model fusion has gradually become the frontier direction After model training is completed how can online prediction be carried out efficiently In addition to cluster resources elastic scheduling and load balancing are also involved These problems require dynamic resource allocation in a heterogeneous environment with CPUs GPUs and NPUS For complex models distillation quantification and other methods are needed to ensure prediction performance After the model goes online how does the online system extract splicing features ensure the consistency of offline features and evaluate the algorithm effect quantitatively We need an online algorithm application framework that can organically integrate with online systems read all kinds of online data sources and provide multi layer ABTest traffic experiment functions How to conduct efficient iteration in algorithm experiments We wanted to be able to run multiple parallel experiments quickly to improve business performance rather than being tied down by complex system environment configurations The above problems often need to be solved by multiple teams and multiple sets of different systems in large Internet factories As shown in the figure building a complete industrial grade recommendation system is quite complicated and tedious requiring considerable knowledge in different fields and investment in engineering development Small and medium sized enterprises lack the staffing and a one stop platform to solve these problems in a standardized way The overall architecture of the recommendation system shared by the Netflix algorithm engineering teamBut now MetaSpore a new machine learning platform can solve these problems Based on MetaSpore s features enterprises and developers can solve various problems encountered in algorithmic business development Using standardized components and development interfaces to provide a one stop development experience to meet the needs of enterprises and developers to obtain best practices in algorithmic business development Specifically MetaSpore has the following core functional design concepts Seamless integration of model training and big data system MetaSpore can directly read structured and unstructured data of various data lakes and warehouses for training and seamlessly integrate data feature preprocessing and model training eliminating tedious data import export and format conversion processes Support for sparse features Large scale sparse Embedding layer training is often required in search and generalization scenarios Some processing of sparse features is involved such as cross combination variable length feature pooling etc which need special support from the training framework Provide high performance online forecasting services Online prediction services support neural networks including sparse Embedding decision trees and a variety of traditional machine learning models Supports heterogeneous hardware computing acceleration reducing the engineering threshold for online deployment Unified offline feature calculation Through the unified feature format and calculation logic the unified offline feature calculation saves the cost of repeated development of multiple systems and ensures the consistency of offline features Online algorithm application framework The online algorithm application framework covers the common function points of online systems such as automatic feature extraction from multi data sources feature calculation predictive service interface experimental dynamic configuration ABTest dynamic cutting flow etc Embrace open source MetaSpore provides several independent research components to implement these core function points At the same time MetaSpore s development philosophy is to embrace the mature open source ecosystem as much as possible Without cutting the ecosystem apart it can also lower the barriers to learning and meet the needs of developers who want to develop quickly based on their existing experience MetaSpore it has to be said is a new machine learning platform with transcendent qualities that can solve problems that other products cannot However as a new open source project it still has a lot to go and I ll be keeping an eye on MetaSpore and sharing and reposting more information |
2022-04-12 16:12:15 |
| 海外TECH |
DEV Community |
Appwrite x DEV Hackathon Help Thread |
https://dev.to/devteam/appwrite-x-dev-hackathon-help-thread-4jfj
|
Appwrite x DEV Hackathon Help Thread If you re participating in the Appwrite x DEV hackathon and you need some help with your submission you ve come to the right place If you have any questions about how this contest works ex due dates how to post your submission picking a category etc the DEV team will be happy to assist you If you are running into issues or get stuck when it comes to Appwrite s self hosted backend as a service platform please leave those questions here as well Comment below if you need asynchronous assistance with the Appwrite x DEV Hackathon ️P S If you d like to share an update on the progress you re making on your project or if you d like to connect with other participants please do so in the community discussion thread |
2022-04-12 16:11:33 |
| 海外TECH |
DEV Community |
How to use NPM modules in Kotlin/JS - Discord Bot Series (Part 1) |
https://dev.to/kevinschildhorn/how-to-use-npm-modules-in-kotlinjs-discord-bot-series-part-1-51ni
|
How to use NPM modules in Kotlin JS Discord Bot Series Part KotlinJS is an exciting new method of creating javascript projects that combines the benefits of javascripts speed and versatility and kotlins strong typing and conciseness Plus the ability to easily add testing and even share code across platforms Since KotlinJS transpiles kotlin code to javascript it gives you all the advantages of executing a NodeJS program while enjoying the benefits of the kotlin language There are many use cases for KotlinJS and in this series we ll be creating a Discord bot Discord is a great platform for keeping in touch with friends and adding a bot can enrich that experience We can create this bot by using the NPM module for DiscordJS So how do you create a discord bot using KotlinJS Well since this is a somewhat large topic this post will be the first in a series of three posts In this post we ll go over how kotlinJS uses node modules This is more of an intro to KotlinJS and doesn t cover Discord In the next post we ll go over implementing DiscordJS and responding to messages In the last post we ll add some unit tests to make sure the bot works as expected before deploying OverviewBy the end of this series we ll have a small discord bot that responds to a specific message with the computer name it s running on In this first part the bot will just print to console on startup but responding to messages will come later in another part PrerequisitesSome Kotlin ExperienceSome JS ExperienceIntelliJ IDEA I m using Community Edition New ProjectTo get started first follow the js project setup on the kotlin site Be sure to choose NodeJS Application not browser This will create a project with a Main kt file and a greeting function To run the project call gradlew run in the terminal You should see Hello YOUR BOT NAME in the terminal Importing Node Modules in KotlinJSLets start off by getting familiar with how KotlinJS handles Node Modules To have the bot send a message with its name let s use a simple node module called computer name As mentioned in the project setup node modules are implemented as dependencies in the build gradle file No need for require or special imports Add this line to your dependencies dependencies implementation npm computer name If you try to call computerName now you ll get an Unresolved reference error This is because of a crucial difference between javascript and kotlin Javascript is loosely typed and kotlin is strongly typedSo in order to use this function we need to define it by using external functions ExternalThe kotlin docs mention the External Modifier which is used to declare pure javascript code This tells the compiler that we re expecting this class or function to be defined externally by the node module Whenever we want to use a module we have to define functions and classes An important note about this is You only need to define what you are usingSo you don t need to define the entire module just what you need to reference So for us to use computerName we need to define it and tell the compiler where it s defined like so JsModule computer name external fun computerName StringNote that we also need to annotate the function with the module name or else we ll hit a runtime error compilerReferenceError This definition was easy to figure out based on the npm page but as we ll see you may have to dig into the documentation and source code of node modules to find the original definition Module SystemAnother thing we have to define is the module system You can find more information here but in short KotlinJS supports UMD AMD and commonJS systems commonJS is widely used for NodeJS so we ll add useCommonJs to our build gradle file kotlin js IR useCommonJs Now try adding println computerName to main and run the project You should see the name of your computer in the terminal congrats Now let s look at importing classes Importing NodeJS ClassesSo far we ve covered importing a function by using computerName as an example but that s a small module with one function It s also important to be able to import classes and interfaces from modules to use in our project For this example we ll use youtube search which is a small module that lets you search for youtube videos Note You won t get results without a youtube api key but the calls will still work which is all we need From the npm page you can see there s a search function that returns custom results So how do we define this in kotlin While there is definition in this module we ll need to go to the repository to get more information Lucky for us this module is conveniently written in typescript so it s very easy to find the definition which is written in index d ts DukatBefore we get into manually converting typescript to kotlin code I should mention there is a tool to do this automatically called Dukat It is a powerful tool that can help with easy conversion however for this post I want to go over how to manually convert typescript to kotlin so that you have a good understanding of how it works Manually Converting TypescriptFrom the repo open the index d ts file and scroll to the bottom to see the search function declare function search term string opts search YouTubeSearchOptions cb err Error result search YouTubeSearchResults pageInfo search YouTubeSearchPageResults gt void Promise lt results search YouTubeSearchResults pageInfo search YouTubeSearchPageResults gt We can see it takes in a stringa custom options classa callback that returns an optional error results array and pageInfo arrayThe fuction then returns a Promise Luckily kotlin already defines errors in the stdlib and it also includes an import for promises import kotlin js PromiseSo the difficult parts are the Results and options We can see that YouTubeSearchResults and YouTubeSearchPageResults are interfaces so we can easily define them like so file JsModule youtube search Note that for multiple definitions in the same file you can use fileexternal interface YouTubeSearchPageResults val totalResults Int external interface YouTubeSearchResults val id String Now for YouTubeSearchOptions we could do the same approach but there s another option we can use JsonWe can simply use a Json class object which acts similarly to a HashMap This way we can just pass in what we want without defining the entire interface This also works well if you can t find a clear definition of an object being passed in import kotlin js Jsonval options json Pair maxResults Pair key YOUR YOUTUBE API KEY Leave this blank if you don t have one So from all of this we can then create the external search function JsModule youtube search external fun search term String opts Json cb err Error result Array lt YouTubeSearchResults gt pageInfo YouTubeSearchPageResults gt Unit Unit acts as Void in kotlin Promise lt Json gt search your search options err result pageInfo gt print Youtube callback err result pageInfo n Try adding this to your project and run If you don t have an api key you should see this in the terminal Youtube callback Error Request failed with status code null nullIf you do have the api key you should see this Youtube callback null object Object ConclusionCongratulations you have a working KotlinJS project with imported NPM modules In the next post we ll go over the specifics of creating our Discord bot using DiscordJS Thanks for reading Let me know in the comments if you have questions Also you can reach out to me at kevinschildhorn on Twitter |
2022-04-12 16:05:14 |
| Apple |
AppleInsider - Frontpage News |
iMovie for iOS adds new Storyboards, Magic Movie features for video creation |
https://appleinsider.com/articles/22/04/12/imovie-for-ios-adds-new-storyboards-magic-movie-features-for-video-creation?utm_medium=rss
|
iMovie for iOS adds new Storyboards Magic Movie features for video creationApple has released an updated version of its iMovie software with major new features that should make creating edited movies and videos easier on iPhone and iPad Credit AppleThe iMovie update is currently available starting Tuesday from the has two new additions aimed at helping aspiring video creators students and others create great video content According to Apple the biggest updates are coming to iPhone and iPad Read more |
2022-04-12 17:00:08 |
| Apple |
AppleInsider - Frontpage News |
Apple won't be heavily impacted by supplier factory closures, analyst says |
https://appleinsider.com/articles/22/04/12/apple-wont-be-heavily-impacted-by-supplier-factory-closures-analyst-says?utm_medium=rss
|
Apple won x t be heavily impacted by supplier factory closures analyst saysSupply issues caused by Covid lockdowns in key Chinese manufacturing cities are unlikely to significantly affect Apple according to Piper Sandler iPhone Pro modelsIn a note to investors Tuesday seen by AppleInsider Piper Sandler lead analyst Harsh Kumar offered a few thoughts on reports of strict lockdowns and production halts in Shanghai and Kunshan ーboth cities that are home to some of Apple s key supply chain partners Read more |
2022-04-12 16:06:53 |
| Apple |
AppleInsider - Frontpage News |
Nomad Base One Max review: Magnetic chargers for your iPhone & Apple Watch |
https://appleinsider.com/articles/22/04/12/nomad-base-one-max-review-magnetic-chargers-for-your-iphone-apple-watch?utm_medium=rss
|
Nomad Base One Max review Magnetic chargers for your iPhone amp Apple WatchAnnounced on Tuesday Nomad s new Base One Max is a two in one desktop charger that will power up your Apple Watch as well as iPhone the latter via Apple s MagSafe Nomad s Base One MaxThis new combo charger is arriving just over a month after Nomad s first ever MagSafe device The Base One was released as a solo charger but carried a particularly high price tag Read more |
2022-04-12 16:36:28 |
| 海外TECH |
Engadget |
Ukraine says Russian hackers tried and failed to attack an energy provider |
https://www.engadget.com/ukraine-russia-hack-energy-provider-eset-microsoft-162847785.html?src=rss
|
Ukraine says Russian hackers tried and failed to attack an energy providerUkraine says Russian military hackers attempted to disrupt an energy provider in the country but they were unsuccessful The Computer Emergency Response Team of Ukraine CERT UA claims it was able to thwart an effort to gain access to computers linked to substations and wipe all files on them That would have shut down the unnamed provider s infrastructure The company in question is said to provide power to customers in a highly populated area Russia has been blamed for previous cyberattacks on Ukraine s power infrastructure but it hasn t successfully conducted similar hacks since it invaded the country in February In and some residents of the capital city Kyiv lost power in the wake of attacks attributed to Sandworm a purported wing of Russia s GRU military intelligence agency Cybersecurity company ESET which has been helping shore up Ukraine s defenses said Sandworm was behind the latest attempt as well Sandworm is said to have used a new version of the Industroyer malware it employed to shut down Ukraine s power grid in late The latest attempted attack had been in the works for at least two weeks according to ESET Microsoft also helped ESET and Ukraine fend off the hackers according to Viktor Zhora a cybersecurity official in the country According to CNBC Zhora said the attackers did gain access to some systems and created disruption at one power facility but they were snuffed out before any residents lost electricity |
2022-04-12 16:28:47 |
| 海外TECH |
Engadget |
Adobe makes it easier to collaborate on video production thanks to Frame.io |
https://www.engadget.com/adobe-creative-cloud-frame-io-after-effects-m1-support-161446684.html?src=rss
|
Adobe makes it easier to collaborate on video production thanks to Frame ioRemote collaboration on video has been virtually necessary for some producers since the pandemic began and Adobe thinks it can help The company has added Frame io collaboration tools for Creative Cloud subscribers to help Premiere Pro and After Effects users share work and obtain feedback You can upload up to GB to a dedicated space where colleagues can download in progress edits provide time stamped commentary including drawings and approve changes The addition also includes a quot Camera to Cloud quot feature that can upload video directly from compatible cameras You could remotely review raw shots long before the production crew has finished filming in other words Frame io is available starting today and should be available in the latest versions of Premiere Pro and After Effects as long as they re included in your Creative Cloud plan Adobe has some notable upgrades to the apps themselves For a start After Effects finally has native support for M based Macs ーthe company is claiming up to twice the rendering speed versus a core iMac Pro among other performance improvements You can also expect redesigned import export and header bar interfaces in Premiere Pro as well as AI based editing tools in both apps auto color correction in Premiere scene edits in After Effects |
2022-04-12 16:14:46 |
| 海外TECH |
Engadget |
TikTok now lets anyone create AR effects with its beta tools |
https://www.engadget.com/tiktok-effect-house-beta-expansion-160625932.html?src=rss
|
TikTok now lets anyone create AR effects with its beta toolsLast summer TikTok began beta testing Effect House a platform that allows people to create their own augmented reality filters for use within the app The closed test eventually came to include approximately creators And starting today TikTok is opening the program to anyone who wants to take part Visiting the Effect House website you ll find tools and documentation designed to help you begin making your own AR filters TikTok has also published a set of dedicated guidelines detailing the policies governing Effect House In addition to the company s Community Guidelines creators will need to adhere to those rules if they want to see their work made accessible to the wider TikTok community Among the filters that won t be allowed on the platform include ones that promote plastic surgery For instance you can t upload an effect that lets someone see how their face might look with lip filler Many platforms that offer AR effects including TikTok feature their share of first party beauty filters but in recent months there s been a backlash against those among both users and lawmakers In particular Instagram has come under significant scrutiny in the US after The Wall Street Journal published a report that claimed Facebook s own researchers had found the app was “harmful for a sizeable percentage of teens TikTok says its Trust and Safety team will review all user submitted effects to ensure they adhere to its policies before granting them approval Users can also report filters which will prompt the company to take another look at the offending effect to see if it misjudged its appropriateness |
2022-04-12 16:06:25 |
| Cisco |
Cisco Blog |
Router Spring Cleaning – No MOP Required — Again |
https://blogs.cisco.com/security/router-spring-cleaning-no-mop-required-again
|
configuration |
2022-04-12 16:46:17 |
| Cisco |
Cisco Blog |
ThousandEyes in Catalyst 9000 Switches, Part 3: How to install the agent using CLI? |
https://blogs.cisco.com/networking/thousandeyes-in-catalyst-9000-switches-part-3-how-to-install-the-agent-using-cli
|
agent |
2022-04-12 16:00:42 |
| 海外TECH |
CodeProject Latest Articles |
Use Remote-Storage, a Community-Derived FOSS, Offline-First, Un-Hosted, Zero-Back-End for Your Web Product - A How-To Tutorial Guide |
https://www.codeproject.com/Articles/5329553/Use-Remote-Storage-a-Community-Derived-FOSS-Offlin
|
remotestorage |
2022-04-12 16:49:00 |
| 海外科学 |
NYT > Science |
Most Active Hurricane Season Was Also Wetter Because of Climate Change |
https://www.nytimes.com/2022/04/12/climate/climate-change-hurricane-rain.html
|
Most Active Hurricane Season Was Also Wetter Because of Climate ChangeDuring the record setting Atlantic storm season the most extreme three hour rainfall rates were percent higher than they would have been without climate change a new study found |
2022-04-12 16:28:48 |
| 金融 |
RSS FILE - 日本証券業協会 |
諸外国における国民ID制度に関する調査 |
https://www.jsda.or.jp/anshin/mynumber/idtyousa.html
|
外国 |
2022-04-12 16:07:00 |
| 金融 |
金融庁ホームページ |
「保険業法施行規則の一部を改正する内閣府令(案)」及び「保険会社向けの総合的な監督指針」の一部改正(案)について公表しました。 |
https://www.fsa.go.jp/news/r3/hoken/20220412/20220412.html
|
保険会社 |
2022-04-12 17:00:00 |
| 金融 |
金融庁ホームページ |
「気候変動関連リスクに係るシナリオ分析に関する調査」報告書について公表しました。 |
https://www.fsa.go.jp/common/about/research/20220412/20220412.html
|
気候変動 |
2022-04-12 17:00:00 |
| ニュース |
ジェトロ ビジネスニュース(通商弘報) |
三井住友銀、コロンビアコーヒー基金へ4,000万ドルのSDGs融資 |
https://www.jetro.go.jp/biznews/2022/04/05df1180671c43ca.html
|
三井住友 |
2022-04-12 16:40:00 |
| ニュース |
ジェトロ ビジネスニュース(通商弘報) |
韓国政府、ブルネイにCPTPP加盟の支持を要請 |
https://www.jetro.go.jp/biznews/2022/04/d6eec17007dbca2f.html
|
cptpp |
2022-04-12 16:30:00 |
| ニュース |
ジェトロ ビジネスニュース(通商弘報) |
米テスラ、テキサス州でのEV「サイバートラック」の生産を2023年開始へ |
https://www.jetro.go.jp/biznews/2022/04/61f3007470dcfab9.html
|
生産 |
2022-04-12 16:20:00 |
| ニュース |
ジェトロ ビジネスニュース(通商弘報) |
サムスン電子、中小企業に無償で技術を移転 |
https://www.jetro.go.jp/biznews/2022/04/dc4e4f4ce063e728.html
|
中小企業 |
2022-04-12 16:10:00 |
| ニュース |
BBC News - Home |
Boris Johnson and Rishi Sunak to be fined over lockdown parties |
https://www.bbc.co.uk/news/uk-politics-61083402?at_medium=RSS&at_campaign=KARANGA
|
covid |
2022-04-12 16:46:52 |
| ニュース |
BBC News - Home |
Brooklyn shooting: Several people shot in New York City subway |
https://www.bbc.co.uk/news/world-us-canada-61082792?at_medium=RSS&at_campaign=KARANGA
|
scene |
2022-04-12 16:07:52 |
| ニュース |
BBC News - Home |
Kemarni Watson Darby: Man guilty of murdering partner's son, 3 |
https://www.bbc.co.uk/news/uk-england-birmingham-60996115?at_medium=RSS&at_campaign=KARANGA
|
bromwich |
2022-04-12 16:17:25 |
| ニュース |
BBC News - Home |
Johnny Depp and Amber Heard: Heard giving 'performance of her life' |
https://www.bbc.co.uk/news/world-us-canada-61082790?at_medium=RSS&at_campaign=KARANGA
|
defamation |
2022-04-12 16:35:44 |
| ニュース |
BBC News - Home |
Why do so few rape cases go to court? |
https://www.bbc.co.uk/news/uk-48095118?at_medium=RSS&at_campaign=KARANGA
|
wales |
2022-04-12 16:12:40 |
| ニュース |
BBC News - Home |
Sepp Blatter and Michel Platini to go on trial in June to face corruption charges |
https://www.bbc.co.uk/sport/football/61086784?at_medium=RSS&at_campaign=KARANGA
|
Sepp Blatter and Michel Platini to go on trial in June to face corruption chargesFormer Fifa president Sepp Blatter and former Uefa president Michel Platini will go on trial in Switzerland in June to face corruption charges |
2022-04-12 16:11:20 |
| ニュース |
BBC News - Home |
Fernandinho: Pep Guardiola surprised by midfielder's plans to leave Manchester City |
https://www.bbc.co.uk/sport/av/football/61086665?at_medium=RSS&at_campaign=KARANGA
|
Fernandinho Pep Guardiola surprised by midfielder x s plans to leave Manchester CityManchester City manager Pep Guardiola is surprised about captain Fernandinho s plans to leave the club in the summer |
2022-04-12 16:27:38 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
元自衛官が語る「狂った体内時計」を整えるための3つの方法 - メンタルダウンで地獄を見た元エリート幹部自衛官が語る この世を生き抜く最強の技術 |
https://diamond.jp/articles/-/301301
|
twitter |
2022-04-13 01:55:00 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
グラフィックデザイナー・原研哉さん×ワイン醸造家・三澤彩奈さん対談「お酒のロマンチックなところが好き」という原さんがラベルのデザインで心に留めていることとは? - 日本のワインで奇跡を起こす |
https://diamond.jp/articles/-/299693
|
グラフィックデザイナー・原研哉さん×ワイン醸造家・三澤彩奈さん対談「お酒のロマンチックなところが好き」という原さんがラベルのデザインで心に留めていることとは日本のワインで奇跡を起こす手掛けるワインがつねに世界で高い評価を受け続けているワイン醸造家で中央葡萄酒取締役の三澤彩奈さんと、同社のワインのラベルを長年デザインしている世界的なグラフィックデザイナーの原研哉さん。 |
2022-04-13 01:50:00 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
【副業で人生を変えた私が回答】9割の副業リーマンが悩んでいる“5つの疑問” - 真の「安定」を手に入れるシン・サラリーマン |
https://diamond.jp/articles/-/300664
|
【副業で人生を変えた私が回答】割の副業リーマンが悩んでいる“つの疑問真の「安定」を手に入れるシン・サラリーマン異例の発売前重版刷仕事がデキない、忙しすぎる、上司のパワハラ、転職したい、夢がない、貯金がない、老後が不安…サラリーマンの悩み、この一冊ですべて解決これからのリーマンに必要なもの、結論、出世より「つの武器」リーマン力副業力マネー力。 |
2022-04-13 01:45:00 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
広告を見させることと、 広告を見て行動をとらせることは、違う! - コピーライティング技術大全 |
https://diamond.jp/articles/-/301056
|
広告を見させることと、広告を見て行動をとらせることは、違うコピーライティング技術大全「最強コスパ本知ってるのと知らないのでも大きな差になる内容ばかり」と話題沸騰発売即大重版Amazonランキング第位広告・宣伝。 |
2022-04-13 01:40:00 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
感染予防と若返りのW効果! 旬の野菜ほど多くとれる成分とは? - 認知症専門医が毎日食べている長寿サラダ |
https://diamond.jp/articles/-/301464
|
|
2022-04-13 01:35:00 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
今年2月がAI通訳機「ポケトーク」事業を分社化する最適のタイミングだった理由とは? - ファイナンス思考 |
https://diamond.jp/articles/-/301532
|
今年月がAI通訳機「ポケトーク」事業を分社化する最適のタイミングだった理由とはファイナンス思考起業家と投資家の経験をもつ書籍『ファイナンス思考』の著者・朝倉祐介さんが、ビジネスのトップ層から現場に至るまで、実績を挙げた多士済々をゲストにお迎えするインタビューPodcast「朝倉祐介の経営トーク」。 |
2022-04-13 01:30:00 |
コメント
コメントを投稿