Société
5 things great data science product managers do
Published
4 weeks agoon
By
bb DiversA key product management discipline is identifying an initiative’s target customer, value proposition, and strategic business value. Business value from data science initiatives often involves improved decision-making capabilities, increased productivity, and sustained competitive advantages. The data science product, including the product’s data visualizations, predictive models, and LLMs, are part of the solution.
“AI is the ‘how’ and not the product, so if using AI doesn’t solve a customer problem, you shouldn’t do it,” says Ibrahim Bashir, VP of product management at Amplitude. “If an AI-driven feature doesn’t positively impact a key business metric, such as time-to-value or retention, it shouldn’t be a priority.”
Karl Mattson, CISO at Noname Security, says that leading product managers first consider the end state of the user or customer experience and work backward to build the product. He says, “For data science initiatives, the end goal is informing quality decisions. We truly have to understand the nature of the decisions to be made on our data product and not be obsessed first over the technical how.”
Related
You may like
Tu te demandes peut-être comment se déconnecter de Facebook de manière efficace. Que ce soit pour prendre une pause des réseaux sociaux ou simplement parce que tu utilises un appareil partagé, il est essentiel de savoir comment quitter ta session en toute sécurité. Dans cet article, je vais te guider pas à pas pour réussir cette opération sans souci.
Pourquoi se déconnecter de Facebook ?
Il y a plusieurs raisons pour lesquelles tu pourrais vouloir te déconnecter de ton compte Facebook. Peut-être veux-tu simplement protéger ta vie privée sur un appareil partagé. Ou peut-être que tu ressens le besoin de faire une pause et de réduire ton temps d’écran.
Prendre conscience du temps passé sur les réseaux sociaux peut t’aider à améliorer ta qualité de vie. De plus, la déconnexion régulière peut prévenir l’accès non autorisé à ton compte, surtout si tu partages ton ordinateur ou ton téléphone avec d’autres personnes.
Sécurité et confidentialité
Pour assurer ta sécurité en ligne, il est important de comprendre quelques concepts de base sur la gestion de ton compte Facebook. Se déconnecter régulièrement empêche quiconque d’accéder à tes informations personnelles si tu oublies de fermer ta session.
La sécurité des comptes est une priorité pour beaucoup de gens aujourd’hui. En te déconnectant de ton compte après chaque utilisation, tu restes maître de tes données et de leur protection contre tout accès indésirable.
Réduire le temps d’écran
Avec la montée en puissance des smartphones et des réseaux sociaux, il devient difficile de limiter le temps passé devant l’écran. Prendre l’habitude de déconnecter l’application Facebook peut t’aider à diminuer le nombre de notifications et distractions inutiles.
Moins de temps à scroller signifie plus de temps pour toi, tes amis dans le monde réel, et pourquoi pas, apprendre quelque chose de nouveau. C’est une méthode simple mais efficace pour gérer ton addiction aux réseaux sociaux.
Les étapes pour se déconnecter de Facebook
Il est temps de passer aux choses sérieuses. Voici un guide complet pour te montrer comment se déconnecter de l’application Facebook sur différents appareils. Suis ces simples étapes pour être sûr de bien terminer ta session à chaque fois.
Depuis un smartphone ou une tablette
- Ouvrez l’application Facebook sur ton téléphone ou ta tablette.
- Appuyez sur en haut à droite du menu où se trouve l’icône à trois lignes horizontales. Cela ouvrira un menu déroulant.
- Faites défiler la page jusqu’en bas jusqu’à voir l’option “Déconnexion”.
- Cliquez sur déconnexion. Voilà, tu es maintenant hors de Facebook.
En suivant ces étapes simples, tu peux te déconnecter rapidement de ton compte Facebook sur n’importe quel appareil mobile. N’avoir aucune hésitation à répéter cette procédure autant de fois que nécessaire.
Depuis un ordinateur
Et maintenant, voyons comment faire pour ceux qui utilisent un ordinateur. Le processus est légèrement différent mais tout aussi simple.
- Ouvre ton navigateur préféré et va sur le site de Facebook.
- Cliquer sur le menu déroulant en haut à droite, représenté par un petit triangle inversé.
- Choisis l’option Paramètres et vie privée, puis clique sur “Déconnexion”.
Facile, non ? Assure-toi toujours que ta connexion est sécurisée, en particulier lorsque tu utilises un ordinateur public ou partagé.
Gérer les connexions : une option avancée
Si tu as oublié de te déconnecter sur un autre appareil, ne t’inquiète pas. Facebook offre une fonctionnalité pour gérer les connexions à distance.
Utilisation de l’espace comptes
Rends-toi sur Facebook depuis n’importe quel appareil connecté. Ensuite :
- Accède à tes paramètres et vie privée.
- Va dans la section “Sécurité et Connexion”
- Sous lieux de connexion, tu verras tous les appareils où tu es actuellement connecté.
- Tu peux choisir de te déconnecter individuellement de n’importe quelle session active.
Cette fonctionnalité est super pratique si jamais tu perds ton appareil ou utilises souvent des ordinateurs publics. Tu gardes ainsi le contrôle total sur ton compte.
Astuce Bonus : Déconnexion automatique
Imagine pouvoir fermer ta session automatiquement après une certaine période d’inactivité. Bien que Facebook ne propose pas directement cette option, certains navigateurs comme Chrome offrent des extensions pour cela.
Ces outils peuvent t’aider à forcer la déconnexion après un certain laps de temps, idéal pour ceux qui ont tendance à oublier de quitter leurs sessions ouvertes.
Installer une extension de navigateur
Rechercher une extension nommée “Automatic Logoff” ou quelque chose de similaire dans la boutique d’extensions de ton navigateur. Configure-la selon tes préférences une fois installée.
Certaines de ces extensions permettent même de personnaliser les sites sur lesquels elles s’appliquent. Ça ajoutera une couche de sécurité supplémentaire à ton usage quotidien de Facebook.
Dans quels cas doit-on absolument se déconnecter ?
Bien qu’il soit bénéfique de te déconnecter régulièrement pour des raisons de temps d’écran, certaines situations rendent cette étape encore plus cruciale.
Utilisation d’appareils publics
Si tu consultes ton compte Facebook sur un ordinateur public (comme dans un café, une bibliothèque ou un hôtel), il est impératif de te déconnecter une fois terminé. Les risques d’intrusion sont considérablement élevés sur ces types de systèmes.
Non seulement cela empêche les utilisateurs suivants d’accéder à ton compte, mais cela protège également tes coordonnées et autres informations sensibles.
Perte de ton appareil
Si tu perds ton téléphone, tablette ou ordinateur portable, réagir vite est crucial. Utilise un autre appareil pour accéder à Facebook et suivre les procédures mentionnées sous lieux de connexion afin de verrouiller ta session perdue immédiatement.
Sans cette précaution, quelqu’un pourrait exploiter l’accès à couvert et éventuellement mener des actions nuisibles en ton nom.
Modification des paramètres de sécurité
Quand tu changes tes mots de passe ou modifies tes paramètres de sécurité, il est conseillé de te déconnecter de toutes les sessions actives. Cela permet une remise à zéro complète des accès et renforce la sécurité de ton compte.
Voilà, maintenant tu sais exactement comment te déconnecter de Facebook, que ce soit sur mobile ou sur ordinateur. Suivre ces conseils rendra ton expérience en ligne bien plus sécurisée et contrôlée. Adopte ces réflexes, et profite sereinement de tes moments en ligne !
Related
Société
Salesforce previews new XGen-Sales model, releases xLAM family of LLMs
Published
3 days agoon
September 6, 2024By
bb Divers“For example, you might have a game developer using an LLM to generate game character descriptions or parameters on the fly. For that to work, the LLM simply ‘must’ generate that information reliably in valid JSON format. Right now, developers have to rely on third party tools like Pydantic, Zod, LangChain, etc. to do things like iteratively run the same prompt until the inference returns data that’s usable, which is not a great solution,” Shimmin said.
What developers want is both in-model function calling, where the model’s syntax incorporates this functionality, and a model that itself knows how to work with APIs and formatting languages like JSON properly, the analyst explained, citing the example of Phi-based model NuExtract.
Why Salesforce is ‘open sourcing’ these products?
Analysts believe that Salesforce is releasing these products as “open source” in order to gain market share for capabilities such as Agentic actions.
“By making this tool available to developers and researchers, Salesforce aims to accelerate the development and refinement of function calling models, potentially leading to more robust and reliable AI applications,” Hinchcliffe said, adding that the open-sourcing of APIGen can also lead to more specialized and efficient AI solutions that are better tailored to the unique needs of various industries, enhancing business operations and customer experiences.
Related
Société
Visual Studio Code 1.93 shines on profiles
Published
3 days agoon
September 6, 2024By
bb DiversMicrosoft has released Visual Studio Code 1.93, its August 2024 update of the popular code editor, featuring a profiles editor that allows users to switch and manage profiles from a single place.
Introduced September 5, Visual Studio Code 1.93 can be downloaded for Windows, Mac, or Linux from the project website.
The new Profiles editor, now generally available for all users, provides a unified interface for creating new profiles, editing and deleting existing profiles, and importing and exporting profiles. VS Code 1.93 also improves test generation in the GitHub Copilot AI-based coding tool. The test generation flow has been improved by looking for an existing test file and generating new tests into that file, appending these tests at the end. If there is no test file, GitHub Copilot creates a test file for the generated tests.
Related
Société
Are you ready for data hyperaggregation?
Published
3 days agoon
September 6, 2024By
bb DiversAI is the driver
If the concept of abstraction has been around for decades, albeit called different things, why is there renewed interest now? A significant factor driving data hyperaggregation is the growing focus on AI and machine learning (ML). As companies increasingly integrate AI and ML into their workflows, the need for consolidated and high-quality data becomes imperative. Cloud platforms, by virtue of their comprehensive service offerings, provide an ideal environment for AI-driven applications that require large-scale data processing and analysis. With hyperaggregation, AI models can access diverse, accurate data sets and improve the robustness and accuracy of their predictions.
In the context of economic viability, data hyperaggregation has a compelling sales pitch. Migrating to cloud platforms can involve costs, but the benefits derived from enhanced data analytics, reduced operational inefficiencies, and faster time to market often outweigh these expenses. Organizations are empowered to reallocate their financial resources more effectively, directing them toward innovation and strategic initiatives rather than hardware and infrastructure maintenance.
The push toward ubiquitous computing aligns perfectly with the principles of data hyperaggregation. By adopting a model where computing infrastructure spans edge locations, central data centers, and multiple cloud environments, businesses ensure that data is processed and consumed where it is most efficient and valuable. This approach optimizes costs and bolsters performance and resilience against potential disruptions.
Related
Société
What is GitHub? More than Git version control in the cloud
Published
3 days agoon
September 6, 2024By
bb DiversGitHub vs. Bitbucket
GitHub isn’t the only hosted enhanced Git service, and GitHub Enterprise isn’t the only on-premises product for companies. Atlassian Bitbucket competes with both of them, with slightly lower pricing and with a free five-member team level that includes unlimited private repos and the use of Bitbucket Pipelines for continuous integration. GitHub is a more popular site for open source projects and it has a much larger pool of open source developers. Bitbucket’s pricing used to be more favorable for small startups. Now that GitHub allows unlimited private repos on free and team accounts, that’s no longer the case.
GitHub vs. GitLab
GitLab competes with both GitHub and Bitbucket, both hosted and on-premises. On the surface, GitLab appears to have more lifecycle functionality than the others, but the difference from Bitbucket mostly disappears if you include Jira when you evaluate Bitbucket. GitLab offers Gold-plan cloud features to open-source projects for free, but that additional functionality doesn’t really compensate for the larger open-source developer community on GitHub.
GitHub Desktop
GitHub Desktop, shown below, makes it easy to manage your GitHub.com and GitHub Enterprise repositories. While it doesn’t implement all the features of the Git command line and the GitHub web GUI, it does implement all the operations you’ll do on a daily basis from your desktop while contributing to projects. Typically, you will clone repos from GitHub to GitHub Desktop, sync them as needed, create branches for your work, commit your work, and occasionally revert one or more commits.
To work with repos for which you lack commit and collaborate privileges, you typically start by forking the repo on GitHub and cloning the fork to your desktop. Then you add any branches you need in GitHub Desktop, commit any changes you wish, test your work, push the commits back to your remote forked repo, and finally generate a pull request to the parent project.
You can see the Pull Request button at the upper right of the GitHub Desktop interface. You can also see many commits in the Neo4j project that were merges of branches or pull requests. That’s typical of open-source projects with few committers and many contributors.
GitHub for open-source projects
Open-source software projects often need ways to enforce quality control while still accepting contributions from outside the core team of committers. The need for contributors is huge, but bringing new contributors into the project while maintaining the integrity of the codebase is a difficult and potentially dangerous undertaking. At the same time, the need for feedback from users of the project is also huge.
GitHub has a number of mechanisms that can help grease the wheels of open source projects. For example, users can add issues to the project on GitHub to report bugs or request features. Some other systems call these tickets. Project managers working with issues can generate task lists, assign issues to specific contributors, mention other interested contributors so that they are notified of changes, add labels, and add milestones.
To contribute to a project, you basically start from a topic head branch that contains the committed changes that you want added to the project base branch and initialize a pull request from the head branch, as shown below. Then you push your commits and add them to the project branch. Other contributors can review your proposed changes, add review comments, contribute to the pull request discussion, and add their own commits to the pull request.
Once everyone involved is happy with the proposed changes, a committer can merge the pull request. The merge can preserve all the commits, squash all changes into a single commit, or rebase the commits from the head branch into the base branch. If the merge generates conflicts, you can resolve them on GitHub or using the command line.
Code reviews on GitHub allow a distributed team to collaborate asynchronously. Useful GitHub tools for reviewers include diffs (the lower half of the screenshot below), history (the upper half), and blame view (a way to view the evolution of a file commit by commit). Code discussions on GitHub go into comments that are presented in line with your code changes. If the built-in tools don’t suffice for your project, you can add code review and continuous integration tools from the GitHub marketplace. Marketplace add-ons are often free for open source projects.
GitHub gists
Gists are special GitHub repositories for sharing your work (public) or for saving work for later reuse (secret). They can contain single files, parts of files, or full applications. You can download gists, clone them, fork them, and embed them.
Public gists can be discovered and found in searches. You can use keywords to narrow down what you find, including prefixes to restrict the results to gists from specific users, gists with at least N stars, gists with specific filenames, and so on.
Secret gists are not searchable, but anyone with the URL can see them. If you really want your code to be protected, use a private repository.
As we’ve seen, GitHub provides Git repositories as a service, along with features for code review, project management, integrations with other developer tools, team management, social coding, and documentation. While GitHub is not the only product in its category, it is the dominant repository for open-source software development.
Related
Société
Vue JavaScript framework improves reactivity system
Published
3 days agoon
September 6, 2024By
bb DiversVue 3.5, an update to the popular “progressive” JavaScript framework, emphasizes improvements to the platform’s reactivity system, for better performance and improved memory usage.
Vue 3.5, described as a minor release with no breaking changes, was announced September 1. However, the release includes a major refactor of the reactivity system that boosts performance and significantly improves memory usage (-56%) with no behavior changes, Vue creator Evan You wrote in a blog post.
The Vue 3.5 release also resolves stale computed values and hanging memory issues caused by hanging computes during SSR (server-side rendering). Additionally, reactivity tracking has been optimized for large, deeply reactive arrays, making these operations as much as 10x faster in some cases. Reactive props destructure, meanwhile, has been stabilized and now is enabled by default. Variables destructured from a defineProps
call in now are reactive. This simplifies declaring props with default values, You said.
Related
Société
Generative AI and coding: Time to rethink software development
Published
4 days agoon
September 5, 2024By
bb DiversJust ask Tom Taulli, who’s authored multiple AI programming books, including this year’s AI-Assisted Programming: Better Planning, Coding, Testing, and Deployment.
“For example, you can ask these LLMs [large language models] to create code and they sometimes make up a framework, or an imaginary library or module, to do what you want it to do,” Taulli said. (He explained that the LLMs were not actually creating a new framework as much as pretending to do so.)
That’s not something a human programmer would even consider doing, Taulli noted, “unless (the human coder) is insane, they are not going to make up, create out of thin air, an imaginary library or module.”
Related
The main()
method first verifies that a single command-line argument has been specified. If the verification succeeds, it passes this argument to Audio.newAudio()
and assigns the returned Audio
object’s reference to a local variable named audio
. main()
then proceeds to verify that audio
isn’t null and (in this case) interrogate the Audio
object, outputting the audio clip’s sample values along with its sample rate.
Copy Listing 3 to a file named UseAudio.java
and place this file in the same directory as the ca
directory that you previously created. Then, execute the following command to compile UseAudio.java
:
javac UseAudio.java
If all goes well, you should observe UseAudio.class
in the current directory.
Execute the following command to run UseAudio
against a fictitious WAV file named audio.wav
:
java UseAudio audio.wav
You should observe the following output:
Samples
Sample Rate: 0
Suppose that UseAudio.java
wasn’t located in the same directory as ca
. How would you compile this source file and run the resulting application? The answer is to use the classpath.
The Java classpath
The Java classpath is a sequence of packages that the Java virtual machine (JVM) searches for reference types. It’s specified via the -classpath
(or -cp
) option used to start the JVM or, when not present, the CLASSPATH
environment variable.
Suppose (on a Windows platform) that the audio library is stored in C:audio
and that UseAudio.java
is stored in C:UseAudio
, which is current. Specify the following commands to compile the source code and run the application:
javac -cp ../audio UseAudio.java
java -cp ../audio;. UseAudio audio.wav
The period character in the java
-prefixed command line represents the current directory. It must be specified so that the JVM can locate UseAudio.class
.
Additional package topics
The Java language includes a protected
keyword, which is useful in a package context. Also, packages can be distributed in JAR files. Furthermore, the JVM follows a specific search order when searching packages for reference types (regardless of whether or not these packages are stored in JAR files). We’ll explore these topics next.
Protected access
The protected
keyword assigns the protected access level to a class member, such as a field or method (as an example, protected void clear()
). Declaring a class member protected
makes the member accessible to all code in any class located in the same package and to subclasses regardless of their packages.
Joshua Bloch explains the rationale for giving class members protected access in his book, Effective Java Second Edition (“Item 17: Design and document for inheritance or else prohibit it”). They are hooks into a class’s internal workings to let programmers “write efficient subclasses without undue pain.” Check out the book for more information.
JAR files
Distributing a package by specifying instructions for creating the necessary directory structure along with the package’s class files (and instructions on which class files to store in which directories) would be a tedious and error-prone task. Fortunately, JAR files offer a much better alternative.
A JAR (Java archive) file is a ZIP archive with a .jar
extension (instead of the .zip
extension). It includes a special META-INF
directory containing manifest.mf
(a special file that stores information about the contents of the JAR file) and a hierarchical directory structure that organizes class files.
You use the JDK’s jar
tool to create and maintain a JAR file. You can also view the JAR file’s table of contents. To show you how easy it is to use this tool, we’ll create an audio.jar
file that stores the contents of the ca.javajeff.audio
package. We’ll then access this JAR file when running UseAudio.class
. Create audio.jar
as follows:
First, make sure that the current directory contains the previously created ca / javajeff / audio
directory hierarchy, and that audio
contains audio.class
and WavReader.class
.
Second, execute the following command:
jar cf audio.jar cajavajeffaudio*.class
The c
option stands for “create new archive” and the f
option stands for “specify archive filename”.
You should now find an audio.jar
file in the current directory. Prove to yourself that this file contains the two class files by executing the following command, where the t
option stands for “list table of contents”:
jar tf audio.jar
You can run UseAudio.class
by adding audio.jar
to its classpath. For example, assuming that audio.jar
is located in the same directory as UseAudio.class
, you can run UseAudio
under Windows via the following command:
java -classpath audio.jar;. UseAudio
For convenience, you could specify the shorter -cp
instead of the longer -classpath
.
Searching packages for reference types
Newcomers to Java packages often become frustrated by “no class definition found” and other errors. This frustration can be partly avoided by understanding how the JVM looks for reference types. To understand this process, you must realize that the compiler is a special Java application that runs under the control of the JVM. Also, there are two forms of search: compile-time search and runtime search.
Compile-time search
When the compiler encounters a type expression (such as a method call) in source code, it must locate that type’s declaration to verify that the expression is legal. As an example, it might check to see that a method exists in the type’s class, whose parameter types match the types of the arguments passed in the method call.
The compiler first searches the Java platform packages (in rt.jar
and other JAR files), which contain Java’s standard class library types (such as java.lang
‘s System
class). It then searches extension packages for extension types. If the -sourcepath
option is specified when starting javac
, the compiler searches the indicated path’s source files.
Otherwise, the compiler searches the classpath (in left-to-right order) for the first class file or source file containing the type. If no classpath is present, the current directory is searched. If no package matches or the type still cannot be found, the compiler reports an error. Otherwise, it records the package information in the class file.
Runtime search
When the compiler or any other Java application runs, the JVM will encounter types and must load their associated class files via special code known as a classloader. The JVM will use the previously stored package information that’s associated with the encountered type in a search for that type’s class file.
The JVM searches the Java platform packages, followed by extension packages, followed by the classpath or current directory (when there is no classpath) for the first class file that contains the type. If no package matches or the type cannot be found, a “no class definition found” error is reported. Otherwise, the class file is loaded into memory.
Statically importing static members
In Effective Java Second Edition, Item 19, Joshua Bloch mentions that Java developers should only use interfaces to declare types. We should not use interfaces to declare constant interfaces, which are interfaces that only exist to export constants. Listing 4’s Switchable
constant interface provides an example.
Listing 4. A constant interface (Switchable.java)
public interface Switchable
{
boolean OFF = false;
boolean ON = true;
}
Developers resort to constant interfaces to avoid having to prefix the constant’s name with the name of its reference type (e.g., Math.PI
). For example, consider Listing 5’s Light
class, which implements the Switchable
interface so that the developer is free to specify constants OFF
and ON
without having to include class prefixes (if they were declared in a class).
Listing 5. Light implements Switchable (Light.java, version 1)
public class Light implements Switchable
{
private boolean state = OFF;
public void printState()
{
System.out.printf("state = %s%n", (state == OFF) ? "OFF" : "ON");
}
public void toggle()
{
state = (state == OFF) ? ON : OFF;
}
}
A constant interface provides constants that are intended to be used in a class’s implementation. As an implementation detail, you shouldn’t leak constants into the class’s exported API because they could confuse others using your class. Furthermore, to preserve binary compatibility, you’re committed to supporting them, even when the class is no longer using them.
Static imports
To satisfy the need for constant interfaces while avoiding the problems imposed by using them, Java 5 introduced static imports. This language feature can be used to import a reference type’s static members. It’s implemented via the import static
statement whose syntax appears below:
import static packagespec . typename . ( staticmembername | * );
Placing static
after import
distinguishes this statement from a regular import statement. The syntax is similar to the regular import
statement in terms of the standard period-separated list of package and subpackage names. You can import either a single static member name or all static member names (thanks to the asterisk). Consider the following examples:
import static java.lang.Math.*; // Import all static members from Math.
import static java.lang.Math.PI; // Import the PI static constant only.
import static java.lang.Math.cos; // Import the cos() static method only.
Once you’ve imported them, you can specify static members without having to prefix them with their type names. For example, after specifying either the first or third static import, you could specify cos
directly, as in [>
double
cosine = cos(angle);
To fix Listing 5 so that it no longer relies on implements Switchable
, we can insert a static import, as demonstrated in Listing 6.
Listing 6. A static import improves the implementation of Switchable (Light.java, version 2)
package foo;
import static foo.Switchable.*;
public class Light
{
private boolean state = OFF;
public void printState()
{
System.out.printf("state = %s%n", (state == OFF) ? "OFF" : "ON");
}
public void toggle()
{
state = (state == OFF) ? ON : OFF;
}
}
Listing 6 begins with a package foo;
statement because you cannot import static members from a type located in the unnamed package. This package name appears as part of the subsequent static import:
import static
foo.Switchable.*;
What to watch out for when using static imports
There are two additional cautions concerning static imports.
First, when two static imports import the same-named member, the compiler reports an error. For example, suppose package physics
contains a Math
class that’s identical to java.lang
‘s Math
class in that it implements the same PI
constant and trigonometric methods. When confronted by the following code fragment, the compiler reports errors because it cannot determine whether java.lang.Math
‘s or physics.Math
‘s PI
constant is being accessed and cos()
method is being called:
import static java.lang.Math.cos;
import static physics.Math.cos;
double angle = PI;
System.out.println(cos(angle));
Second, overusing static imports pollutes the code’s namespace with all of the static members you import, which can make your code unreadable and unmaintainable. Also, anyone reading your code could have a hard time finding out which type a static member comes from, especially when importing all static member names from a type.
Conclusion
Packages help you create reusable libraries of reference types with their methods. If you should call a method (whether packaged into a library or not) with an illegal argument (such as a negative index for an array), you’ll probably run into a Java exception.
Related
Société
DirectML on Arm is here at last, almost
Published
4 days agoon
September 5, 2024By
bb DiversAfter waiting so long for the first Windows Copilot Runtime tools to arrive, this was a disappointing result, especially as the hang not only locks up the NPU app but also affects tools like Task Manager. The only way out is to reboot your PC. I’m sure that updated drivers will be delivered soon, but for now, this feels like something of a dead end.
From desktop to WebNN
The drivers are intended to support WebNN as well as your own code. WebNN is a developing standard for using ONNX in the browser, allowing small models to run locally rather than use remote servers. Microsoft has been building experimental support for WebNN into its Edge browser, putting it behind a flag in both Dev and Canary Insider builds.
As part of the announcement of DirectML support for Qualcomm’s NPU, Microsoft included instructions for using DirectML with WebNN. Again, this is a somewhat complex process for now, as it involves extracting the DirectML DLL from the NuGet package and manually installing it in the appropriate Edge directory.
Related
Société
What software supply chain security really means
Published
4 days agoon
September 5, 2024By
bb DiversThe definition breaks down
A mere three months later, a new type of attack materialized that didn’t fit within the existing typology. A new attack type called “dependency confusion” was coined when security researcher Alex Birsan self-published a Medium article sub-titled “How I Hacked into Apple, Microsoft, and Dozens of Other Companies.” What was clever about this new attack type is how it took advantage of the non-intuitive behavior of package managers, allowing an attacker to trick developers into downloading malicious code from an external package registry rather than, as planned, an internal package registry. While similar to typosquatting, which was already a minor category in our typology, this attack didn’t actually involve a typo. Our original definition of software supply chain security had already been stretched. We added another minor category and moved on.
Then in December 2021, Log4shell happened and the “internet was on fire.” Now our typology suffered a mortal wound. The earlier typology focused exclusively on the insertion of malicious code, but the Log4shell vulnerability didn’t involve malicious code. Nevertheless, Log4shell clearly represented a widespread vulnerability in the software supply chain. It was an easily exploited and severe vulnerability, introduced by a flaw in a widely popular open source Java logging library. The episode revealed a crucial flaw in our existing definition of software supply chain security: unintentional security flaws in widely used open source software had no place. That original typology, for the purposes of my career, was dead only 18 months after invention.
Accepting a broader definition
Upon reflection, the “supply chain” aspect of software supply chain security suggests the crucial ingredient of an improved definition. Software producers, like manufacturers, have a supply chain. And software producers, like manufacturers, require inputs and then perform a manufacturing process to build a finished product. In other words, a software producer uses components, developed by third parties and themselves, and technologies to write, build, and distribute software. A vulnerability or compromise of this chain, whether done via malicious code or via the exploitation of an unintentional vulnerability, is what defines software supply chain security. I should mention that a similar, rival data set maintained by the Atlantic Council uses this broader definition. (Full disclosure: I’m now a non-resident fellow at the Atlantic Council. If you can’t beat ‘em, join ‘em.)
Related
Derniers Articles
Morgan Gibbs-White hails Lee Carsley after England senior call-up
Spread the love Midfielder Morgan Gibbs-White says he was “buzzing” when Lee Carsley was named as the interim England manager,...
Scottish Widows hoping to drive pension engagement among younger people with £100m digital investment
Spread the love Scottish Widows is planning to ‘supercharge’ pension engagement as it launches a revamped app and TikTok channel...
Brice Anoh annonce son départ de Life TV après 4 ans de carrière
Spread the love Découvrez pourquoi Brice Anoh quitte Life TV après 4 ans de carrière et ce que l’avenir réserve...
Kendrick Lamar assurera le show du Super Bowl 2025
Spread the love TIMOTHY NORRIS / Getty Images via AFP Kendrick Lamar en concert à Inglewood en Californir, le 19 juin...
Jeux olympiques et paralympiques Paris 2024 : un été doré à faire fructifier
Spread the love Retiens la nuit. Retiens notre meilleure vie. Retiens les Jeux. Nos amis des soirées canapés, nos amours...
La superstar du FC Barcelone se fixe un objectif personnel pour la saison après un bon début
Spread the love Selon un rapport de Mundo Deportivo, l’inquiétude grandit à Barcelone à propos des tacles violents dont fait...
Belaili inscrit un magnifique but en solo
Spread the love Lors d’un match amical entre l’ES Tunis et le SA Menzel, Youcef Belaili a brillé lors de...
Les pronostics Quinté du 09/09/2024 à Beaumont-de-Lomagne
Spread the lovePour le quinté du jour à Beaumont-de-Lomagne, Thierry Léger recommande de jouer les numéros 1,4,6,8,5,13,9,12. See also Northeast...
Premier League quarterbacks – best long-range assists
Spread the loveWith the return of the National Football League, BBC Sport honours some of the Premier League’s best passers...
The golden age of sea travel? Fascinating photos show what life was like onboard luxury Scottish-built transatlantic liners in the 1930s – from the first-class buffet to the third-class swimming pool
Spread the love Are we in the golden age of sea travel? Or have we left it behind? These fascinating...
Au Zevent, Laura Felpin reprend son personnage d’Annick pour une mini-chanson
Spread the love L’actrice et humoriste Laura Felpin et le streamer Domingo lors du Zevent, le dimanche 8 septembre. L’actrice et...
Qui est vraiment Naomie Eto, la nouvelle prodige du football camerounais ?
Spread the love Grâce à une performance flamboyante de Naomie Eto, les Lionnes Indomptables U-20 ont décroché leur billet pour...
France-Belgique : à quelle heure et sur quelle chaîne TV suivre le match de Ligue des Nations ?
Spread the love Traversant l’une de ses plus mauvaises passes de l’ère Didier Deschamps, l’équipe de France retrouve l’un de...
Les médias néerlandais rendent un verdict brutalement honnête sur la prestation de Matthijs de Ligt contre la Bosnie-Herzégovine
Spread the love Manchester United a eu deux joueurs en démonstration lors de la victoire des Pays-Bas sur la Bosnie-Herzégovine...
Coin master spin : Liens tours gratuits (09/09/24)
Spread the love Tous les jours, vous pouvez récupérer des tours gratuits sur Coin Master Spin grâce à nos liens...
«Il y a des accidents électoraux», déplore le député RN du territoire de Belfort
Spread the love Pascale de La Tour du Pin 21h23, le 08 septembre 2024 Vendredi, samedi et dimanche dans Europe...
House Republicans slam Biden over chaotic Afghanistan withdrawal in new report
Spread the loveHouse Republicans will release a report Monday criticising President Joe Biden’s administration over the chaotic August 2021 Afghanistan...
Sorba Thomas says ‘harsh realities’ have boosted his game
Spread the love “I’m a winner, I’m not a good loser. You can see when I’m angry and upset on...
Après sa séparation, le groupe Trois Cafés Gourmands se relance avec une nouvelle chanteuse
Spread the love Après sa séparation, « Trois Cafés Gourmands » se relance avec une nouvelle chanteuse. Après sa séparation, « Trois Cafés...
Why night owls’ ‘mismatched’ body clock could increase their risk of type 2 diabetes
Spread the love By Xantha Leatham, Deputy Science Editor Published: 23:59 BST, 8 September 2024 | Updated: 00:47 BST, 9...