Notes from 15/7–22/7
Article Archive: https://fishbiscuit.github.io/site-library/
So I’ve kept everything in a searchable archive, courtesy of forkngo by Jessica Lord.
Let’s begin!
Blockchain
Graph Day: Open Financial Primitives with Robert Leshner
Just a new way of thining about decentralised finance. So you can just put together ecosystems as you need. But its strange how it just describes new capabilities to build old things.
How to Open a MakerDAO CDP and Earn Interest on Compound — A Walkthrough Guide
So many steps to lock it up in some sort of financial product. Sadly, no thanks.
Data
Northstar — The Latest & Greatest in Drag-and-drop data analytics from MIT and Brown University
Seriously absolutely amazing! Drag and drop ML. Similar to something i’ve seen elsewhere but at a bigger scale and allows you to run AutoML
DIY Data: Web Scraping with Python and BeautifulSoup
Teaches all sorts of neat tricks and how understanding the webpage is really key to any webscraping task.
Development
Top Developers Build Things
Similar articles exist, but what I like is how he has provided some examples that you can also explore. Interested in looking at how sunfish plays Chess.
Retool
What does Retool do?
Retool lets you build front-ends quickly around any sort of datastore.
How do I deploy my app?
After building an app in Retool, it’s automatically hosted by Retool. To get other people to use your app, just pass them the URL.
What’s creator mode, and what’s end-user mode?
When you build your app, you’re in creator mode. Creator mode lets you change queries, move buttons around, etc. Generally, this is the mode engineers are in.
End-user mode is meant for end-users, who don’t need to modify SQL queries or change the placement of buttons. You typically don’t want your end-users modifying apps, so you want to give them in end-user mode.
End-user mode is available on the Plus plan and above, and access controls are available on the Pro plan and above.
The Definitive TypeScript Handbook
Leaving this here for reference
Product management
6 ways PMs can collect, analyze, and leverage user feedback more effectively
3. Break your users into segments
This way you can better understand the gaps between personas
5. Avoid the “squeaky wheel” syndrome
Loudset voices are those most unhappy
How to Define Your Product Strategy
The concepts are so similar, I thini we’ll have to apply this for Servesg
Security
Cyber Training Through Games and AI
A cyber range is a virtual environment that is used to simulate cyberwarfare scenarios with the goal of training cybersecurity professionals, traditionally used in government and military agencies (Chapman et al., 2017). However, recently the commercial sector is utilizing these principles in products to train others to be better cyber security experts. An example is with ManTech who recently announced a successful ransomware defense exercise for financial sector participants within its Advanced Cyber Range Environment (ACRE) (Herndon, 2018)
Exactly what CyberCity was supposed to be at SUTD
An example of an enterprise providing CyRaaS is Circadence. This cyber security organization provides their CyRaaS on a cloud environment with templates and tools to building an emulated environment to simulate real world scenarios on. They allow duplicating “real” networks, “real” enterprises and even “real” cities by template or users can build customized environments designed to be similar to their enterprise.
Exactly what LARIAT was.
So the concept was to be able to integrate AI and ML into your cyber training program. In the sense of using these models to act as sparring partners or deciding what sort of incentives might work.
Details of the Cloudflare outage on July 2, 2019
One single mistake can bring down the entire service.
On July 2, we deployed a new rule in our WAF Managed Rules that caused CPUs to become exhausted on every CPU core that handles HTTP/HTTPS traffic on the Cloudflare network worldwide. We are constantly improving WAF Managed Rules to respond to new vulnerabilities and threats. In May, for example, we used the speed with which we can update the WAF to push a rule to protect against a serious SharePoint vulnerability. Being able to deploy rules quickly and globally is a critical feature of our WAF.
Unfortunately, last Tuesday’s update contained a regular expression that backtracked enormously and exhausted CPU used for HTTP/HTTPS serving. This brought down Cloudflare’s core proxying, CDN and WAF functionality. The following graph shows CPUs dedicated to serving HTTP/HTTPS traffic spiking to nearly 100% usage across the servers in our network.
The level of transparency is amazing. They even put a breakdown of how the regex expression exhausted all their CPU. It was really a mistake that could’ve been avoided easily but due to a bunch of loopholes generated by a different priority (the type of attack it is trying to mitigate is very urgent) such a mistake was propagated
