Ask Sendai

We are excited to announce the public availability of HashiCorp Vault 1.2. Vault is a tool to provide secrets management, data encryption, and identity management for any infrastructure and application. Vault 1.2 is focused on supporting new architectures for automated credential and cryptographic key management at a global, highly-distributed scale. This release introduces new mechanisms for users and applications to manage sensitive data such as cryptographic keys and database accounts, and exposes new interfaces that improve Vault’s ability to automate secrets management, encryption as a service, and privileged access management. KMIP Server Secret Engine (Vault Enterprise only): Allow Vault to serve as a KMIP Server for automating secrets management and encryption as a service workflows with enterprise systems. Integrated Storage (tech preview): Manage Vault’s secure storage of persistent data without an external storage backend, supporting High Availability and Replication.

Uber Poet, an open source mock application generator, helped us determine if refactoring the application part of our code into a few large modules would make our overall Swift build times faster. Given the scope and scale of Uber’s business, our Swift applications are some of the largest in the world. Each application possesses 500,000 to 1 million lines of shipping Swift and Objective-C code and about three times more lines of code in the form of tests and auto-generated mocks. As a result of the makeup of our iOS apps, Swift compile times are an important consideration for our engineers. Just a couple years ago, clean build times with our Swift-based rider app used to take 30 to 45 minutes, and after improvements in build configuration, the swift compiler, and build hardware, Swift builds now take about 5 to 10 minutes depending on the application.

Creating accurate maps today is a painstaking, time-consuming manual process, even with access to satellite imagery and mapping software. Many regions — particularly in the developing world — remain largely unmapped. To help close this gap, Facebook AI researchers and engineers have developed a new method that uses deep learning and weakly supervised training to predict road networks from commercially available high-resolution satellite imagery.

Since iOS 7, Dynamic Type has allowed users to choose a prefered font size for their phone. At Airbnb, we try to build an app that our entire community can use — since Dynamic Type is a critical accessibility feature, we knew supporting it would make more people able to effectively use our app, some of them probably for the first time. To validate the importance of this feature, we examined the data and saw as much as 30% of people using our app had a preferred font size that was not the default.

Computer power supplies don’t get much respect. As a tech enthusiast, you probably know what microprocessor is in your computer and how much physical memory it has, but odds are you know nothing about the power supply. Don’t feel bad—even for manufacturers, designing the power supply is an afterthought. That’s a shame, because it took considerable effort to create the power supplies found in personal computers, which represent a huge improvement from the circuits that powered other kinds of consumer electronics up until about the late 1970s. This breakthrough resulted from huge strides made in semiconductor technology a half century ago, specifically improvements in switching transistors and innovations in ICs. And yet, it’s a revolution that goes completely unrecognized by the general public and even by many people familiar with the history of microcomputers.

Recently I came across this excellent post from Cindy Sridharan, which throws a bunch of good ideas about how to improve the troubleshooting experience with microservices. I think that Kiali already has a good approach in that regard, which doesn’t mean there’s no room for improvement. Kiali is meant to be the Istio console. This has been a constant focus of the development team since the beginning of the project. We try to show the best out of Istio telemetry, and to interact in various ways with the available Istio resources. However, Kiali also plays a role in troubleshooting, not just within the boundaries of the Istio mesh metrics, but also beyond.

Late last week, the U.S. House of Representatives passed legislation to mandate federal research on a radically ‘retro’approach to protect power grids from cyber attack: unplugging or otherwise isolating the most criticalequipment from grid operators’ digital control systems. Angus King, an independent senator from Maine whose identical bill passedthe Senate last month, says such a managed retreat from networked controls may berequired to thwart the grid’s most sophisticated online adversaries. Grid cyber experts say the Securing Energy Infrastructure Act moving through Congress isa particular testament toMichael Assante, a gifted and passionate cybersecurity expert whodied earlier this monthfrom leukaemia at the age of 48.

Oliver Gould talks about the Linkerd project, a service mesh hosted by the Cloud Native Computing Foundation, to give operators control over the traffic between their microservices. He shares the lessons they’ve learned helping dozens of organizations get to production with Linkerd and how they’ve applied these lessons to tackle complexity with Linkerd. Source: infoq.com

Tools that enable fast and flexible experimentation democratize and accelerate machine learning research. Take for example the development of libraries for automatic differentiation, such as Theano, Caffe, TensorFlow, and PyTorch: these libraries have been instrumental in catalyzing machine learning research, enabling gradient descent training without the tedious work of hand-computing derivatives. In these frameworks, it’s simple to experiment by adjusting the size and depth of a neural network, by changing the error function that is to be optimized, and even by inventing new architectural elements, like layers and activation functions–all without having to worry about how to derive the resulting gradient of improvement.

Welcome to part 3 in our series about secure control of egress traffic in Istio. In the first part in the series, I presented the attacks involving egress traffic and the requirements we collected for a secure control system for egress traffic. In the second part in the series, I presented the Istio way of securing egress traffic and showed how you can prevent the attacks using Istio.