Slack now lets users take chat credentials to other apps

Slack is offering its users a new way to sign into other applications. The company announced Tuesday that it has launched a new “Sign in with Slack” feature that lets people use their login for the chat app to sign in to participating applications. 

Developers of applications like Quip can now enable their users to sign in with Slack credentials, which can make it easier for people to get started with applications — and therefore more likely to try them out. The new feature makes it possible for independent developers and startups focused on workplace productivity to get an easier foothold with new users.

To read this article in full or to leave a comment, please click here

Original URL:  

Original article

The Extremely Pixel-Dense Workspace

Redditor jamend loves screen real estate, and so do we. He’s rocking four displays in this shot, a 4K display in the center, two 1440p displays on either side, in portrait mode, and a 4K TV just above. Best of all, that’s not all the great gear he uses to get stuff done. Here’s a full rundown.

Read more…

Original URL:  

Original article

Amazon’s Deep Learning Library

DSSTNE (pronounced “Destiny”) is an open source software library for training and deploying deep neural
networks using GPUs. Amazon engineers built DSSTNE to solve deep learning
problems at Amazon’s scale. DSSTNE is built for production deployment of real-world
deep learning applications, emphasizing speed and scale over experimental flexibility.

DSSTNE was built with a number of features for production workloads:

  • Multi-GPU Scale: Training and prediction
    both scale out to use multiple GPUs, spreading out computation
    and storage in a model-parallel fashion for each layer.
  • Large Layers: Model-parallel scaling enables larger networks than
    are possible with a single GPU.
  • Sparse Data: DSSTNE is optimized for fast performance on sparse datasets. Custom GPU kernels perform sparse computation on the GPU, without filling in lots of zeroes.




  • Follow Setup for step by step instructions on installing and setting up DSSTNE

User Guide

  • Check User Guide for detailed information about the features in DSSTNE


  • Check Examples to start trying your first Neural Network Modeling using DSSTNE



Original URL:  

Original article

Installing Lighttpd with PHP 7 (PHP-FPM) and MySQL 5.7 on Ubuntu 16.04 LTS

Lighttpd is a secure, fast, standards-compliant web server designed for speed-critical environments. This tutorial shows how you can install Lighttpd on an Ubuntu 16.04 server with PHP 7 support (through PHP-FPM) and MySQL 5.7. PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI implementation with some additional features useful for sites of any size, especially busier sites. I use PHP-FPM in this tutorial instead of Lighttpd’s spawn-fcgi.

Original URL:  

Original article

Docker Security Scanning

written by Lily Guo, Toli Kuznets and Nandhini Santhanam

Today we announced the general availability of Docker Security Scanning, formerly known as Project Nautilus. Available today as an add-on service to Docker Cloud private repos, Security Scanning provides a detailed security profile of your Docker images for proactive risk management and to streamline software compliance. Docker Security Scanning conducts binary level scanning of your images before they are deployed, provides a detailed bill of materials (BOM) that lists out all the layers and components, continuously monitors for new vulnerabilities, and provides notifications when new vulnerabilities are found.


When you consider the modern software supply chain, it typically includes a number of different development and IT teams in a company coordinating across time zones, stacks and infrastructure to build, ship and run software. The primary concerns of app dev teams are to build the best software and get it to their customer as fast as possible. However, the software supply chain does not stop with developers, it is a continuous loop of iterations, sharing code with teams and moving across environments. Docker makes app portability frictionless and secure by default with a secure platform, controls for secure access and capabilities to secure content. Docker Security Scanning delivers secure content by providing deep insights into Docker images along with a security profile of its components. This information is then available at every stage of the app lifecycle.

Let’s dig into Docker Security Scanning in more detail and walk through how it works.

Docker Security Scanning sits alongside Docker Cloud (and soon with Docker Datacenter) to trigger a series of events once a new image is pushed to a repository. The service includes a scan trigger, the scanner, a database, plugin framework and validation services that connect to CVE databases.

Deep visibility into security profile

The Docker Security Scanning service starts when a user/publisher pushes an image to a repo in Docker Cloud. The scanner service takes the image and separates it into its respective layers and components. Then the components are sent to the validation service to check against multiple CVE databases for not only the package name and version, but also a binary level scan of the content inside the package.

This last step is very important because this approach ensures the package is exactly what it claims it is.

A Docker image is made up of many layers and there can be many components/packages in a single layer and each package having a corresponding name and version number. When vulnerabilities are reported to the CVE databases, they are tied to a package name and specific version number.


Many services do a simple check of the package names against the database of known packages with issues. This alone is not enough as it does not guarantee an answer to the question of “What’s running in my container?” In addition to checking the package names, we do a binary-level analysis of every layer, and match the underlying signatures of each binary to known components and their versions, and cross reference that with a database of known vulnerabilities. This allows us to find components not only listed in the standard BOM (i.e. dpkg -l or yum list installed), but also any statically linked libraries to correctly identify components whose libraries have been patched and backported to a version that was previously vulnerable. This method reduces the rate of false positives that may occur when previously reported packages are remediated without a package version change and also protects against the situation where someone purposely renames a bad package for distribution.

To help protect you, Docker Security Scanning includes support for a broad range of operating systems including all major Linux distributions and Windows Server, languages and binaries.

Once everything is scanned and results returned, the detailed BOM is generated and stored in the Docker Security Scanning database for each image and tag. The results are sent to Docker Cloud to be presented in the UI along with the BOM for each scanned repo tag.

Continuous monitoring and notifications

The ability to scan an image provides insight at a given point in time. Docker Security Scanning goes a step further to make sure your images stay safe with ongoing monitoring and notifications. The Docker Security Scanning database stores the detailed image BOMs and the respective vulnerability status of all the components. When a new vulnerability is reported to a central CVE database, Docker Security Scanning checks our service database to see which images and tags contain that affected package and notify the repo admin via email.

These notifications contain information about the vulnerability itself, as well as list out the repos and tags that contain this vulnerability. With this information, IT teams can proactively manage software compliance requirements by knowing what vulnerabilities impact what pieces of software, reviewing the severity of the vulnerability and making informed decisions on a course of action.

Secure across the content lifecycle

Docker Security Scanning is an exciting addition to the Docker workflow to help companies build, ship and run the safest software possible. When combined with Content Trust, you can guarantee that the software is what you say it is, made by who you say it was and that is hasn’t been tampered with along the way. For example, Official Repos have been using Security Scanning since DockerCon EU in Nov 2015 to understand their vulnerability profile, remediate issues and distribute updated images signed with Content Trust. This feature enabled Docker to work with upstream partners to provide better and safer images for you.

Availability and Getting Started

Docker Security Scanning is available today in Docker Cloud for private repo plan customers for a limited time free trial. Security scanning will be expanding soon to Docker Datacenter and Docker Cloud repo users.

Try in Docker Cloud:

To try this feature, go to Account Settings > Plans and select the checkbox. Once activated, the three most recent tags for each private repo will be scanned and the resulting BOM displayed in the tags section within 24 hours. Afterwards, Docker Security Scanning will scan your image tag every time you push.

The screenshot below shows the plans page of a user with a 5 private repo plan. The checkbox to opt-in to Docker Security Scanning appears at the bottom of the Plan summary.

We are so excited about this that we are giving every private repo plan customer a limited time free trial for three months starting today.

If you have a Docker Hub account and have never tried Docker Cloud – don’t worry! Your same login credentials work in Docker Cloud. The native integration ensures that your Docker Hub repos display within the Docker Cloud “Repositories” section. Private repo plans start at $7 per month for 5 private repositories and are available within Docker Cloud.

More Resources for Docker Security Scanning:

Learn More about Docker

docker cloud, docker hub, Docker security, docker security scanning

Original URL:  

Original article

Twitter open-sources a high-performance replicated log service

Build Status

DistributedLog (DL) is a high-performance, replicated log service, offering durability, replication and strong consistency
as essentials for building reliable distributed systems.

High Performance

DL is able to provide milliseconds latency on durable writes with large number of concurrent logs.
Also handle high volume reads and writes per second from thousands of clients.

Durable and Consistent

Messages are persisted on disk and replicated to store multiple copies to prevent data loss.
They are guaranteed to be consistent among writers and readers in terms of strict ordering.

Efficient Fan-in and Fan-out

DL provides an efficient serving layer that optimized for running in a multi-tenant datacenter
environment such as Mesos or Yarn. The serving layer is able to support large scale writes fan-in
and reads fan-out.

Various Workloads

DL supports various workloads from latency sensitive online transaction processing (OLTP) applications
(e.g. WAL for distributed database and in-memory replicated state machines), real-time stream ingestion
and computing to analytical processing.

Multi Tenant

DL is designed for I/O isolation in real-world workloads, to support large scale of number of logs for multi

Layered Architecture

DL has a modern layered-architecture design, that separates stateless serving tier from stateful storage tier.
It allows scaling storage independent of scaling cpu and memory, to support large scale writes fan-in and
reads fan-out.

Original URL:  

Original article

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: