How many times do you hear about a company exposing sensitive data because they forgot to lock down a data repository on Amazon? It happens surprisingly often. Chef wants to help developers and operations teams prevent that kind of incident. Today, the company released InSpec 2.0, which is designed to help automate applications security and compliance in the cloud.
InSpec is a free open source tool that lets development teams express security and compliance rules as code. Version 1.0 was about ensuring compliance at a local development level by making sure that applications were set up properly. The new version extends this capability to the cloud where companies are running the applications, enabling teams to test and write rules for compliance with cloud security policy. It supports AWS and Azure and comes with 30 common configurations out of the box including Docker, IIS, NGINX and PostgreSQL.
Companies running multiple applications across multiple clouds face challenges in today’s continuous development environment. It’s actually fairly easy to leave that database exposed when it’s up to humans to continuously monitor if it’s in compliance or not.
Chef wants to help with that problem by offering a tool to automate compliance. It takes some work in getting the security, development and operations teams together to discuss what needs to be locked down, but once they come to an agreement, they can to use InSpec to write rules to validate proper cloud configurations using the InSpec scripting language.
Chef’s director of product marketing Julian Dunn says that anyone used to using scripting languages should be able to pick it up. “A language like InSpec allows customers to customize and write the rules specific to the cloud they are in and specific to their cloud deployment and check things they care about it,” he said.
Scripting language example. Code sample: Chef
“The language is designed to be easy to read and write. It’s intended for security engineering folks who don’t have programming background, but have scripting experience,” Dunn added. Once you write these scripts, you can run tests against your code, see which areas out of compliance and take steps to fix them.
InSpec was created via the acquisition of VulcanoSec, a German compliance and security firm that Chef purchased in 2015. InSpec 2.0 is open source and available for download on Github.
When a new Marvel movie featuring the Hulk hits theaters, you can usually find a pair of oversized foam Hulk hands at toy stores. They’re fun, but not as fun as a 30-pound Hulk glove made from steel that lets you smash cinderblocks and anything else you feel like breaking.
To create this unique cosplay accessory that probably leaves you feeling genuinely hulkish, YouTube’s The Hacksmith started with a 3D model which would usually be destined for a 3D printer. But instead of making one from plastic, he assembled the model using sheets of laser-cut steel, which were stacked and welded together to create what amounts to a sledgehammer you can wear. Watch it in action:
But don’t expect Hasbro to release something like this for when Avengers: Infinity War hits theaters. Just think about how much damage your kid already causes with Hulk hands made from foam.
Right now Aurora only allows a single master, with up to 15 read-only replicas.
Master/Replica Failover
We love testing failure scenarios, however our options for such tests with Aurora are limited (we might get back to that later). Anyhow, we told the system, through the RDS dashboard, to do a failover. These were our observations:
Role Change Method
Both master and replica instances are actually restarted (the MySQL uptime resets to 0).
This is quite unusual these days, we can do a fully controlled roll change in classic async replication without a restart (CHANGE MASTER TO …), and Galera doesn’t have read/write roles as such (all instances are technically writers).
Failover Timing
Failover between running instances takes about 30 seconds. This is in line with information provided in the Aurora FAQ.
Failover where a new instance needs to be spun up takes 15 minutes according to the FAQ (similar to creating a new instance from the dash).
Instance Availability
During a failover operation, we observed that all connections to the (old) master, and the replica that is going to be promoted, are first dropped, then refused (the refused will be during the period that the mysqld process is restarting).
According to the FAQ, reads to all replicas are interrupted during failover. Don’t know why.
Aurora can deliver a DNS CNAME for your writer instance. In a controlled environment like Amazon, with guaranteed short TTL, this should work ok and be updated within the 30 seconds that the shortest possible failover scenario takes. We didn’t test with the CNAME directly as we explicitly wanted to observe the “raw” failover time of the instances themselves.
Caching State
On the promoted replica, the buffer pool is saved and loaded (warmed up) on the restart; good! Note that this is not special, it’s desired and expected to happen: MySQL and MariaDB have had InnoDB buffer pool save/restore for years.
On the old master (new replica/slave), the buffer pool is left cold (empty). Don’t know why.
Because of the server restart, other caches are of course cleared also. I’m not too fussed about the query cache (although, deprecated as it is, it’s currently still commonly used), but losing connections is a nuisance.
Statistics
Because of the instance restarts, the running statistics (SHOW GLOBAL STATUS) are all reset to 0. This is annoying, but should not affect proper external stats gathering, other than for uptime.
On any replica, SHOW ENGINE INNODB STATUS comes up empty. Always. This seems like obscurity to me, I don’t see a technical reason to not show it. I suppose that with a replica being purely read-only, most running info is already available through SHOW GLOBAL STATUS LIKE ‘innodb%’, and you won’t get deadlocks on a read-only slave.
Multi-Master
Aurora MySQL multi-master was announced at Amazon re:Invent 2017, and appears to currently be in restricted beta test. No date has been announced for general availability.
We’ll have to review it when it’s available, and see how it works in practice.
Conclusions
I don’t understand why the old master gets a cold InnoDB buffer pool.
I wouldn’t think a complete server restart is necessary, but since we don’t have insight in the internals, who knows.
Losing connections across the cluster is a real nuisance that really impacts applications. Here’s why. When a C client (on which most MySQL APIs are based, or modelled) is disconnected, it passes back a specific error to the application. When the application makes its next query call, the C client will automatically reconnect first (so the client does not have to explicitly reconnect). However, this does mean that the application has to handle disconnects gracefully without chucking hissy-fits at users, and I know for a fact that that’s not how many (most?) applications are written. Consequentially, an Aurora failover will make the frontend of an application look like a disaster zone for about 30 seconds. I appreciate that this is not Aurora’s fault, it’s sloppy application development that causes this, but it’s a real-world fact we have to deal with, and our other cluster and replication options do not trigger this scenario.
An excerpt from Science Channel’s How It’s Made which takes us inside of a factory that churns out millions of paintballs every year. It turns out these painful projectiles are basically made from the same stuff that gummy bears are made of – though we bet they don’t taste as good.
“Mental health is often a big problem underlying these tragedies.” — House Speaker Paul Ryan. That’s the first “fact” that “fact checkers” Linda Qiu and Justin Bank want to address. Hang on . . .
How do you “debunk” a statement that says that mental health is “often” a problem underlying spree killings? Not always. Often.
Well know for a fact that the Newtown, Aurora, Virginia Tech and Giffords spree killers were diagnosed as mentally ill. So there’s only one way that Speaker Ryan’s comment would be false: if mental health was seldom or never a problem underlying mass shootings.
“There’s a link,” the Times pronounces, “but it’s more limited than widely thought.” So Ryan’s statement is a fact, but it’s not an important fact. At least not to the Times’ “fact checkers.” Who proceed to redefine the statement entirely to debunk it. Like this:
Mr. Ryan’s claim reflects a common misconception. According to various polls, roughly half of Americans either believe that failing to identify people with mental health problems is the primary cause of gun violence or that addressing mental health issues would be a major deterrent.
That conclusion is not shared by experts or widely accepted research.
That is incredibly intellectually dishonest. Equally incredibly, it gets worse . . .
Overall, mass shootings by people with serious mental illness represent 1 percent of all gun homicides each year, according to the book “Gun Violence and Mental Illness” published by the American Psychiatric Association in 2016.
To be sure, gun violence experts contacted by New York Times reporters have said that barring sales to people who are deemed dangerous by mental health providers could help prevent mass shootings. But the experts said several more measures — including banning assault weapons and barring sales to convicted violent criminals — more effective.
Speaker Ryan wasn’t talking about “gun homicides” in general. He was talking about some mass shootings. And admitting that mental health is an issue then interjecting an assault weapon ban into the conversation is blatant misdirection.
And while we’re at it, it’s a fact that criminals convicted of violent offenses are barred from purchasing firearms. Besides, the Speaker wasn’t addressing “mass shootings” in general. He was addressing high profile spree killings.
There’s more, of course.
The Times’ “debunks” the idea that Israel stopped school shootings by arming teachers and administrators by quoting one Israeli politician — who says his country stopped school shootings thanks to “an overall antiterror policy and antiterror operations.” Well he would say that, wouldn’t he? And it doesn’t entirely discount the role of arming schools, does it?
Working in a similar fashion to 3D-printing pens, but without the futile exasperation of actually trying to make 3D objects, Crayola’s new Crayon Melter turns colorful sticks of wax into a thick, goopy, ink that lets kids write on almost any surface imaginable. Can you hear the sound of parents crying in the distance?
Although it uses an enclosed and protected heating element to turn smaller pieces of unwrapped crayons into liquid wax, and a low-temperature extruder that’s safe to touch, Crayola is still targeting its Crayon Melter pen at older kids aged eight and up which hopefully means they’re past the age of writing on walls, furniture, or themselves—hopefully.
Advertisement
It takes about a minute to liquify the pieces of crayon after they’ve been inserted into the back of the melting chamber, at which point you can just start writing with it like an oversized ballpoint pen. Aside from being another novel way for kids to draw that will maybe hold their attention for a few more minutes, the Crayon Melter has the potential for being a legitimately useful tool for grownups too.
The melted crayons adhere to countless surfaces you could never draw on with a regular crayon, and once it dries, which happens almost immediately after extrusion, the results are waterproof and durable, depending on the surface. Removing wax from a pane of glass is almost certainly a lot easier than a piece of fabric.
The Crayon Melter is expected to hit stores later this year in August for $25, and will only include eight crayons to get you started, so maybe it’s time to dig up that bucket of crayon shards you had as a kid.
U.S.A. –-(Ammoland.com)- Ben Shapiro has a saying. His saying is that “facts don’t care about your feelings.” Every time a shooting happens in the US the anti-gun leftist try to goad the pro-gun side into a debate. The issue is that you cannot have a discussion when one side is arguing facts, and the other side is using an emotional crutch.
We can all agree on what happened in Parkland, Florida was a hideous crime. We can all agree that this is a tragedy that we shouldn’t have to accept as “just part of life.” I think we all want to prevent the next mass shooting. It is just the left, and the right disagrees on how to fix the situation.
Where the pro-gun side wants to fix the actual problem such as the mental health system, the left would instead attack an inanimate object like it is the ring from the “Lord Of The Rings.” The Democrat method is akin to trying to fix the road instead of your car when it breaks down. It just doesn’t work.
I am not saying don’t debate the people on the left. What I am suggesting is when you do engage them in a war of ideas for you not to get sucked into a battle of emotions. Ben Shapiro headed off Piers Morgan by removing the emotional argument by insisting that Morgan “not stand on the graves of the children of Sandy Hook.”
Shapiro automatically puts Morgan on the defensive and took away his ability to use emotions in his argument by using this technique. Morgan spent a minute plus saying, “How dare you?” in his smug British accent. The reason he kept repeating himself is that Shapiro took away the emotional evidence that Morgan was so fond of using and he knew he couldn’t beat Shapiro in a war of facts.
When debating gun control with someone on the left, it is always good to know their arguments better than they do. Fortunately for us being on the pro-gun side, the gun grabbers will use the same talking points sourced from the same places. In reality most of the time they just repeat the twisted statistics they hear on TV.
The question I ask is, “If we were to stop the manufacture and sale of all firearms from this moment then how would you deal with the 350 million plus guns that are already in circulation in the United States?”
The only answer that they have is a forced confiscation of firearms. People always think that there is some list of the location of where every gun resides, but this isn’t the case, so make sure they know that fact. It is clear to see if no one knows where all the guns are then there is no way for gun confiscation to work.
Even if the government did know where every gun was, the confiscating firearms wouldn’t work in our country. Unless they are dishonest, they will have to admit a large percentage are not going to volunteer to give up their guns. How would the anti-gunner handle the holdouts? Usually, they will not have an answer.
Another argument I have seen today is the “18 school shootings this year” pushed by Everytown. Ask them if they know what Everytown considers a school shooting. When they don’t understand what Everytown uses in their study, then bring up the fact that they included bb guns in their stats of school shooting.
I always bring up the indisputable fact that schools are gun-free zones. If you look at the study by The Crime Research Prevention Center that looked at every mass shootings between 1950 and 2016, they found that a staggering 98.4% happened in gun free zones. Even if we limit the range to 1998 to 2016, we still see that 96.2% of mass shootings occur in gun-free zones.
The anti-gunners are going to bring up more talking points from Everytown again. The Bloomberg group puts this number at only 30% of shootings happening in gun-free zones. When this happens, I always ask if they know what Everytown counts in their studies. Of course, they don’t.
Everytown includes suicides, accidental discharges, and airsoft guns. Yes, kids playing in the park with airsoft guns and police get called because someone overreacts is counted as “a shooting” by Everytown For Gun Safety. The average anti-gunners just hear the numbers and does not look at the method that was used to reach the figures.
In truth, Everytown For Gun Safety counts on people not looking into their methods used to come up with their skewed numbers. The more significant the amounts; The more prominent the headlines. By knowing their ways, we can discount their studies as propaganda.
The gun-grabbers will try to argue that the founding fathers were talking about muskets and not AR15s in the Consitution. This point is elementary to counter. James Madison, “The Father Of The Consitution,” wrote in Federalist No.46 about the need of the people to be armed as well as the military. Most gun-grabbers haven’t even heard of the Federalist Papers.
My favorite thing that they do is say that the other developed countries don’t have as many people killed by guns. What this does is discounts is the size of the US. The numbers they use do not include the differences in population. When you look at shootings per capita, you will find another answer.
Jaclyn Schildkraut of the State University of New York in Oswego and H. Jaymi Elsass of Texas State University analyzed mass shooting from 2004 to 2014. What they found is that you have a better chance of being killed in a shooting in Norway, Finland, and Switzerland than in the US.
Then you also have to look at the violent crime rates in other countries. This statistic is one thing that the left never uses in their anti-gun attack. For example, in China where citizens are not allowed to own firearms at all, they have a higher murder than in the US. If people want to kill you and don’t have access to a gun they are just going to use something else.
The final thing the gun-grabbers might use is another stat from the Everytown for Gun Safety Support Fund. The statistic states that there were 300 mass school shootings since 2013. The actual number of total mass shootings since 1999 is 66 according to the non-partisan Congressional Research Service. These include all public mass shootings whether they happen in a school or a park. We can surmise from this fact that the 300 number is not only misleading but a total lie.
With separating emotion from the facts we, as responsible gun owners, can win any debate with the gun-grabbing leftist. What we must do is not follow them down the rabbit hole of emotion. We must present the fact and know the subject matter better than they do. In the end, the truth is on our side.
About John Crump
John is a NRA instructor and a constitutional activist. He is the former CEO of Veritas Firearms, LLC and is the co-host of The Patriot News Podcast which can be found at www.blogtalkradio.com/patriotnews. John has written extensively on the patriot movement including 3%’ers, Oath Keepers, and Militias. In addition to the Patriot movement, John has written about firearms, interviewed people of all walks of life, and on the Constitution. John lives in Northern Virginia with his wife and sons and is currently working on a book on the history of the patriot movement and can be followed on Twitter at @crumpyss or at www.crumpy.com.
Cowboy Action Shooting is one of the nation’s fastest-growing shooting sports and requires competitors to take their best shots with single-action revolvers, lever-action rifles and period shotguns.
PHOENIX –-(Ammoland.com)- For those who harken back to the days of jingling spurs, the smell of authentic chuck-wagon cooking, and cowboys vying to see who’s the quickest on the trigger, then circle Feb. 19-25 on your calendar.
That’s when Winter Range rides into town, transforming the Ben Avery Shooting Facility into a festive scene from the Old West where more than 1,000 competitors from around the world will take part in the 27th annual Single Action Shooting Society’s national championship of Cowboy Action Shooting.
Cowboy Action Shooting is one of the nation’s fastest-growing shooting sports and requires competitors to take their best shots with single-action revolvers, lever-action rifles and period shotguns. Competitors also must adopt a shooting alias suitable to a character or profession of the late 19th century, a Western movie star or an appropriate character from fiction — names like “Babe Ruthless,” “Chihuahua Charlie” and “Laurie L’Amour” — and then dress in costume accordingly.
Winter Range will feature period militaria, exhibitions of Western skills and crafts, a fast-draw competition, and vendors purveying period clothing, hats and wigs, antiques, reproductions and more. There also will be roaming balladeers, trick horses and even a visit from Wyatt Earp, the great grand-nephew of his namesake, at 1:15 p.m. Feb. 24.
A two-day mounted shooting event is expected to draw 100-plus competitors mounted on horses participating in their own arena Feb. 24-25.
A variety of food services will be available, including chuck-wagon cooking, barbecue and ice cream. Admission to Winter Range is free (parking is $5). BASF is located on Carefree Highway, west of Interstate 17. For more information, visit www.winterrange.com.
Twilio’s Engagement Cloud, its suite of products for building new customer experiences, is about to get a new feature, TechCrunch has learned. The company plans on launching the beta of a full contact center solution for businesses at the Enterprise Connect conference in March, according to a tip we received this afternoon. When reached for confirmation, Twilio had no comment.
With the launch of this product, Twilio could potentially be going up against some of its current customers who are selling contact center solutions to enterprises. In a copy of the internal email we saw about the upcoming launch of this new product, the company clearly aims to avoid this impression, but that’s likely because it’s worried about how this move will be perceived by current players in this market who are likely using some of Twilio’s services themselves.
Until now, Twilio positioned its various APIs as the building blocks for developing new contact center solutions. With Flex, it’ll now essentially bundle these together to make it far easier for developers to build these services.
Our understanding is that Twilio Flex, as the service is currently called (though that could change in the time leading up to the launch date), will follow in the footsteps of most of the company’s products in that it will put an emphasis on the developer experience. For example, it will allow systems integrators to build a customized contact center solution on top of Flex.
Twilio Flex will offer them the basic building blocks to power the communications experience, single sign-on and integration points for these organizations workforce management and workforce optimization suites (i.e. all of the usual contact center goodies like call recording, agent coaching, speech analytics, etc.), as well as integrations with their back-office employee scheduling systems.
As the name implies, Twilio is positioning this service as a very customizable solution, though that also means that it’ll take some extra integration work on the side of the customer to make it work. Twilio, however, argues that it’s exactly this kind of customization that will enable businesses to optimize their contact centers.
According to our source, the announcement is currently scheduled for March 12th, the first day of the Enterprise Connect conference In Orlando, which focuses on the contact and calling center market.
