CodeIsGo.com

To understand why there was a requirement for WebAssembly, let’s take a not-so-quick stroll down memory lane. And why it hasn’t replaced Javascript yet. By Divya Mohan.

So what exactly is WebAssembly? It is a binary instruction format for stack based machines.It is closer to machine code than either asm.js or JavaScript. Therefore, it is a no-brainer that decoding, compiling, fetching, and optimizing WebAssembly code takes lesser time. Why?

The guide then explains:

• History of the WWW
• Enter JavaScript
• asm.js
• Enter WebAssembly

Introduced as a subset of JavaScript, the asm.js specification aimed at describing a sandboxed virtual machine for memory-unsafe languages like C or C++ and provide a low-level, efficient target language for compilers. Implemented first by the Mozilla Firefox browser, this spec introduced performance improvements via employment of ahead-of-time optimizing compilation strategy for valid asm.js code by the JavaScript engines.

WebAssembly, abbreviated Wasm, was designed to be a portable compilation target for programming languages, enabling deployment on the web for client and server applications.

WebAssembly, abbreviated Wasm, was designed to be a portable compilation target for programming languages, enabling deployment on the web for client and server applications. Good read!

The Internet of Things (IoT) is a growing technology that continues to gain traction year after year. On the one hand, it can be helpful, but on the other hand, it carries many security threats. These threats include scalable remote attacks, side-channel attacks on cryptography, DDoS attacks, data breaches, malware, and others. By Roland Atoui.

The article then search answer for the following questions:

• Why use Quantum Cryptography?
• Why secure IoT?
• How does Quantum Cryptography work?

Of course, technical quantum solutions are challenging to implement in IoT devices due to technical and commercial constraints. Therefore, a few security options combine both the quantum and classical approaches. One option keeps the current semiconductor chips but uses quantum techniques to create a unique long cryptographic key for every device. This can be done with a quantum random number generation (QRNG). It creates a noise source with a high randomness level.

Although quantum cryptography and quantum computing have developed quite efficiently, some more advancement is necessary for them to become a reality in commercial systems. Commercial use is a big challenge. Firstly, implementing quantum systems in IoT is expensive. Secondly, large-scale quantum apparatus is hard to afford for many organizations. Thirdly, the properties of photons restrict them from traveling long distances. If these issues can be resolved, we will have successful IoT systems with quantum cryptography. Good read!

In this post you will learn some of the best patterns/tricks author has learned during my time creating Step Functions workflows. By Lukas Fruntke.

Since it has been introduced in June Step Functions Workflow Studio proved its value to me several times. As its a low-code editor with the most common configurations already baked-in, the effort of writing/designing a workflow with Amazon States Language plummeted. Those minutes and hours handwriting workflows with 100 lines++ are finally over for good, which is something you must not ignore when dealing with Step Functions.

The main points captured in this article:

• Make use of the Step Functions Workflow Studio
• Utilize the service integrations
• Use .waitForTaskToken
• Make use of the inbuilt retries
• Utilize Heartbeats to fail fast
• Define a Catch Handler
• Further reading

While AWS offers some 17 “optimized” service integrations (for the definitive list see here), that include different custom options of integrating with the specific services, AWS has released an option to call the APIs of nearly all AWS services directly, as described in this article. This allows you to scrap some of the utility lambdas one uses to add much-needed functionality-augmentation to a service and go with Step Function instead. You will also get links to further reading. Excellent!

Most people spend every second of their workday trying to keep up with their calendars and to-do lists — attending meetings, responding to emails, racing to meet deadlines. This makes it difficult to set aside time to explore ideas that interest us or learn new skills. And during a time when it’s impossible to predict how our jobs and industries will evolve, expanding our expertise is what gives us a competitive edge in the long-run. By Dorie Clark.

How can we ensure we make the time to stay ahead? Enter: Google’s “20% time” rule, a concept made popular when Google went public in 2004:

• Clearly identify what you want to learn
• Win — even if you lose
• Be flexible and committed
• Look for ways to make it fun
• Think in decades

Just like with an investment in the stock market, when you invest time in your 20% projects, the power of compound interest is dramatic. What at first seems small and meaningless can enable you to put massive distance between you and your competitors. Good advice!

Every search interface relies on a fast back-end data-indexing process that keeps its search results up to date in as timely a manner as possible. But search indexing is only one side of the coin. The other side is the real-time speed of a high-quality relevant search engine. By Peter Villani.

The article then explains how you could imrpove search performance for Algolia NoSQL database:

• Indexing for search
• Indexing to create a company-wide, multi-purpose, searchable data layer
• Indexing as a “matchmaker” – the collaborative indexing use case
• Best practices for fast indexing performance (with code snippets)
  • Batch indexing instead of updating one record at a time
  • Batch indexing instead of updating one record at a time
  • Partial indexing (updating only changed attributes)

For all search engines, the search request is the highest priority, with indexing a (very) close second. There are several reasons for this, but the most important is a business argument: every search is a potential game changer, a path to a conversion. Any slow or dropped search request, or irrelevant result, is a potential financial or business loss. Nice one!

An artifact is a single portable file that allows us to deploy our application. It usally is an archive of the project with its dependencies (or not) but could also be a executable binary file. By Florian Goto.

The JavaScript world is generally more flexible than other languages in terms of how to do things. This is most of the time a benefit but it sometimes like standardization (efforts are being made to change that with the OpenJS foundation).

Blog post is split into these sections:

• Packaging frontend code
• Build with other languages
• Publishing to an artifact repository

Contrary to certain belief, the frontend code is actually more complex than the backend (my opinion, could be wrong). On the frontend, you usually use some framework like React with its fancy JSX syntax which requires additional step to run the code. Good read!

Privacy regulators in Europe last year imposed known fines totaling more than 1 billion euros ($1.2 billion) under the EU’s General Data Protection Regulation, bolstered in part by two record-breaking sanctions, according to the law firm DLA Piper. But sanctions approach varies widely across 31 countries complying with privacy law. By Mathew J. Schwartz.

The amount of fines levied in the 12 months since Jan. 28, 2021, marked a sharp increase from the 159 million euros ($181 million) in fines seen for the preceding 12 months, according to DLA Piper’s latest GDPR and data breach report. Not all of those GDPR violations involved data breaches.

Since GDPR came into full effect on May 25, 2018, organizations that handle Europeans’ personal data must comply with tough breach notification rules, which can include a requirement to notify authorities they have suffered a breach within 72 hours of its discovery. Failure to comply exposes organizations to fines of up to 4% of their annual global revenue or 20 million euros ($22.8 million) - whichever is greater. Organizations’ ability to process people’s personal data can also be revoked (see: Privacy Rights: GDPR Enforcement Celebrates Third Birthday).

In a repeat from 2020, in 2021, Germany and the Netherlands logged the most breach notifications, according to the report. Last year, they were followed by Poland, the U.K and Denmark. Per capita, the number of 2021 breach notifications per 100,000 residents was greatest in the Netherlands (151), followed by Liechtenstein (136) and Denmark (131), according to the report. “Croatia, the Czech Republic and Greece reported the fewest number of breach notifications per capita since Jan. 28, 2021,” it says. Interesting read!

At the turn of the 21st century, the identity management discipline within IT Security was born of necessity. Advancements in computer technology meant that every area, function, and discipline within organizations was turning to automation to gain a competitive advantage. A computer was placed on every desk, and servers, mini-computers, and mainframes were being deployed to automate every area of the business. By Chris Olive.

We are now seeing this pattern repeat with the mass proliferation of data to the cloud, catalyzed by the tsunami of Digital Transformation. The modern organization needs to adopt a Data-Centric Security approach to safely execute their digital transformation strategy.

The article then pays attention to:

• Digital transformation has radicalized the data security landscape
• Data security needs to grow up and mature
• Speed
• Scale
• Strategy

Transformation based on automation twenty years ago meant organizations simply couldn’t keep pace with identity lifecycle events or address growing compliance and reporting needs using previous methods. Keeping up with the Speed of business was a real issue. Twenty years ago, Identity management was born from a massive acceleration of technology enablement adopted by organizations as a transformative need. Today, digital transformation driven by massive amounts of data is transforming the business landscape at incredible speed and in ways that seem to dwarf the transformation of the past. Good read!

Understanding how Kubernetes handles containers gives you greater flexibility to create custom configurations for specific needs. Kubernetes enables you to do a lot of productive work without having to understand a lot about the underlying details. By Bob Reselman.

The article then explains:

• Understanding Kubernetes architecture and Kubelet
• Understanding the difference between a container manager and a container runtime
• Standardizing the container infrastructure with the OCI
• Understanding the Container Runtime Interface
• The benefit of understanding the details

Putting the CRI and the OCI specifications together makes it so that Kubernetes can support exactly the container manager and runtime you want to use in your Kubernetes cluster designs. Also, the CRI and the OCI make it so that you can run many different types of container managers and container runtimes across a single cluster.

When it comes to designing a Kubernetes infrastructure to support today’s modern applications, choice matters. Fortunately, choice exists due to the benefits provided by the OCI and CRI specifications. The tradeoff is the need to understand many details of Kubernetes and container technology to get it all to work for your benefit.

A few weeks ago, an interesting issue appeared on our GitHub tracker. It was reported that, despite our care in designing the driver to be efficient, it proved to be unpleasantly slower than one of the competing drivers, cassandra-cpp, which is a Rust wrapper of a C++ CQL driver. By Piotr Sarna.

Brendan Gregg’s flamegraphs are indispensable for performance investigations. What’s even better is that the Rust ecosystem already has fantastic support for generating flamegraphs integrated into the build system: cargo-flamegraph.

A flamegraph generated from one of the test runs shows that our driver indeed spends an unnerving amount of total CPU time on sending and receiving packets, with a fair part of it being spent on handling syscalls.

The article then describe how author was investigating reported issue with driver performance:

• Reproducing the problem
• Profiling
• Hint
• Root cause No1
• Root Cause No2: Pitfall in Async Rust
• Quadratic behavior?

You will find the solution in provided GitHub repository. The world of async programming in Rust is still young, but very actively developed. Investigating and getting rid of bottlenecks and pitfalls is a very useful skill, so don’t hesitate in joining in the effort — e.g. by becoming a contributor to our brand new, native Scylla driver!. Good read!