Tech News

NVIDIA Jetson Xavier is an AI computer designed to be used in autonomous machines. It delivers the performance of a GPU workstation in an embedded module while consuming power under 30W. It can also operate at 10W and 15W. The Jetson Xavier is supported by NVIDIA’s SDKs like JetPack and DeepStream. It also supports popular libraries like CUDA, cuDNN, and TensorRT. Per NVIDIA, Xavier has 20 times the performance and 10 times the energy efficiency of its predecessor, the NVIDIA Jetson TX2. Everything needed to get started with Nvidia Jetson Xavier is present in the box, including the power supply and cables. The Jetson Xavier is designed for robots, drones and other autonomous machines and is also suitable for smart city applications. An important use case NVIDIA considered while designing the chip was robot prototyping, that meant making it as small as possible while delivering the maximum performance and options for I/O. The module itself without the thermal solution is just about the size of a small notebook. You can run a total of three monitors at once with the two USB 3.1 type C ports and the HDMI port. The chip consists of six processing units. It includes a 512-core Nvidia Volta Tensor Core GPU and an eight-core Carmel Arm64 CPU. The chip capable of 30 trillion operations per second. The specifications of the NVIDIA Jetson Xavier are: GPU 512-core Volta GPU with Tensor Cores DL Accelerator (2x) NVDLA Engines CPU 8-core ARMv8.2 64-bit CPU, 8MB L2 + 4MB L3 Memory 16GB 256-bit LPDDR4x | 137 GB/s Storage 32GB eMMC 5.1 Vision Accelerator 7-way VLIW Processor Video Encode (2x) 4Kp60 | HEVC Video Decode (2x) 4Kp60 | 12-bit support Camera 16x CSI-2 Lanes (40 Gbps in D-PHY V1.2 or 109 Gbps in CPHY v1.1) 8x SLVS-EC lanes (up to 18.4 Gbps) Up to 16 simultaneous cameras PCIe 5x PCIe gen4 (16GT/s) controllers | 1x8, 1x4, 1x2, 2x1 Root port and endpoint Mechanical 100mm x 87mm with 16mm Z-height (699-pin board-to-board connector)   The Xavier is available for preorder for $2,499, but if you are a member of the NVIDIA Developer Program you can get your first kit at a special price of $1,299. For more details, visit the NVIDIA website. NVIDIA open sources its material definition language, MDL SDK NVIDIA shows off GeForce RTX, real-time raytracing GPUs, as the holy grail of computer graphics to gamers Video-to-video synthesis method: A GAN by NVIDIA & MIT CSAIL is now Open source

Facebook has banned 20 military officials from Myanmar for spreading hate and misinformation about the ethnic violence in Myanmar. They have also removed a total of 18 Facebook accounts, one Instagram account, and 52 Facebook Pages. This action was a result of a report conducted by the UN Human Rights Council-authorized Fact-Finding Mission on Myanmar. They found evidence of many organizations and individuals committing or assisting in serious human rights abuses in the country. Following this, Facebook banned these individuals to prevent further inflammation of ethnic and religious tensions. The 20 military officials and organizations removed include Senior General Min Aung Hlaing, commander-in-chief of the armed forces, and the military’s Myawady television network. They have removed six pages and six accounts from Facebook and one account from Instagram connected to these individuals and organizations. The rest don’t have a Facebook or Instagram presence but are banned nevertheless. Facebook has also removed 46 Pages and 12 accounts for engaging in coordinated inauthentic behavior. These pages used independent news and opinion pages to secretly push the messages of the Myanmar military. Earlier this year, Facebook created a dedicated team across product, engineering, and policy to work on issues specific to Myanmar. They use sophisticated artificial intelligence to proactively flag posts that break Facebook policies. In the second quarter of 2018, these algorithms identified about 52% of the content that Facebook removed for hate speech in Myanmar. They also updated their credible violence policies to deal with misinformation that may contribute to imminent violence or physical harm. They are also improving Facebook reporting tools and introducing new tools on the Messenger mobile app for people to report conversations that violate Community Standards. Read the entire report on this decision on the Facebook newsroom. Facebook takes down hundreds of fake accounts with ties to Russia and Iran Facebook bans another quiz app and suspends 400 more due to concerns of data misuse Facebook is reportedly rating users on how trustworthy they are at flagging fake news

Babel 7 has been released after 3 years of wait after Babel 6. Babel is a JavaScript compiler. It is mainly used to convert ECMAScript 2015+ code into a backward compatible version of JavaScript. Babel gives developers the freedom to use the latest JavaScript syntax without developers worrying about backward compatibility. It has been going strong in the Javascript ecosystem. There are currently over 1.3 million dependent repos on GitHub, 17 million downloads on npm per month, and hundreds of users including many major frameworks (React, Vue, Ember, Polymer), and companies (Facebook, Netflix, Airbnb).   Major Breaking Changes All major changes can be done automatically with the new babel-upgrade tool. babel-upgrade is a new tool that automatically makes upgrade changes: currently with dependencies in package.json and .babelrc config. Drop support for un-maintained Node versions: 0.10, 0.12, 4, 5 Introducing @babel namespace to differentiate official packages, so babel-core becomes @babel/core. Deprecation of any yearly presets (preset-es2015, etc). Dropped the "Stage" presets (@babel/preset-stage-0, etc) in favor of opting into individual proposals. Some packages have renames: any TC39 proposal plugin will now be -proposalinstead of -transform. So @babel/plugin-transform-class-properties becomes @babel/plugin-proposal-class-properties. Introduced a peerDependency on @babel/core for certain user-facing packages (e.g. babel-loader, @babel/cli, etc). Typescript and JSX fragment support Babel 7 now ships with TypeScript support. Babel will now get the benefits of TypeScript like catching typos, error checking, and fast editing experiences.  It will enable JavaScript users to take advantage of gradual typing. Install the Typescript plugin as npm install --save-dev @babel/typescript The JSX fragment support in Babel 7 allows returning multiple children from a component’s render method. Fragments look like empty JSX tags. They let you group a list of children without adding extra nodes to the DOM. Speed improvements Babel 7 includes changes to optimize the code as well as accept patches from the v8 team. It is also part of the Web Tooling Benchmark alongside many other great JavaScript tools. There are changes to the loose option of some plugins. Moreover transpiled ES6 classes are annotated with a /*#__PURE__*/ comment that gives a hint to minfiers like Uglify and babel-minify for dead code elimination. What’s Next There are a lot of new features in the works: plugin ordering, better validation/errors, speed, re-thinking loose/spec options, caching, using Babel asynchronously, etc. You can check out the roadmap doc for a more detailed version. These are just a select few updates. The entire changes are available on the Babel blog. TypeScript 3.0 is finally released with ‘improved errors’, editor productivity and more The 5 hurdles to overcome in JavaScript Tools in TypeScript  

Deno is a runtime by creator of Node, Ryan Dahl. It aims at fixing some of the problems in Node. Originally written in Go, Deno is now rewritten in Rust and is in version 0.1. Node.js was developed nearly a decade ago. It was designed in 2009 to use server-side JavaScript. The implementation solved problems of 2009, for which Dahl has no regrets. But lately, he did have regrets elaborated in a talk on 10 things he regrets about Node in the JSConf 2018. Some of the regrets included packages, security issues, the entire build system, among others. Deno is a secure TypeScript run-time on Chrome V8. It was originally written in Go and now has been rewritten in Rust to avoid potential garbage collector issues. Deno is similar to Node.js but is focused on security. Deno takes full advantage of JavaScript being a secure sandbox. So, unlike Node.js, Deno is sandboxed. Scripts should run without any write access by default. Using untrusted utilities like linters will be optional. There is no package.json in Deno, no npm and it is not explicitly compatible with Node. An important thing to note is that the requirement is Python 2, not Python 3. This is because Chrome V8 scripts still use Python 2. There were plans to rewrite Deno in Rust when it was originally released in June this year. Dahl mentioned in a GitHub comment: “The reason for not using Go is that it has a rather complex runtime - including a GC. Although I haven't experienced any problems with that yet, it's not hard to imagine that down the road that might clash badly with V8's very complex runtime.” You can get the binaries here to get started and check out the Github repo. Deploying Node.js apps on Google App Engine is now easy Creating Macros in Rust [Tutorial] Rust Language Server, RLS 1.0 releases with code intelligence, syntax highlighting and more

Listening to the Arduino developer community, the Arduino team has released a command line interface (CLI) for it. The CLI is a single binary file that performs most of the features present in the IDE. There was a wide gap between using the IDE and being able to use CLI completely for everything in Arduino. The CLI will allow you to Install new libraries, create new projects, and compile projects directly from the command line. Developers will get an advantage to test their projects quickly. You can also create your own libraries and compile them directly, for your own or third-party codes. Installing project dependencies will be as easy as typing the following command: arduino-cli lib install "WiFi101” “WiFi101OTA” In addition, the CLI has a JSON interface added for easy parsing by other programs. There were many requests for makefiles integration and the support has been added for it. The Arduino CLI can run on both ARM and Intel (x86, x86_64) architectures which means it can be installed on a Raspberry Pi or on any server. Massimo Banzi, Arduino founder stated: “I think it is very exciting for Arduino, one single binary that does all the complicated things in the Arduino IDE.” The Arduino team looks forward to people seeing integrating this tool in various IDEs. In the blog post by the Arduino team they have mentioned, “Imagine having the Arduino IDE or Arduino Create Editor speaking directly to Arduino CLI – and you having full control of it. You will be able to compile on your machine or on our online servers, detect your board or create your own IDE on top of it!” CLI is a better alternative to PlatformIO and will work on all three major operating systems, Linux, Windows, and macOS. The code is open source but you will need a license for commercial use. Visit the GitHub repository to get started with Arduino CLI. How to assemble a DIY selfie drone with Arduino and ESP8266 How to build an Arduino based ‘follow me’ drone Should you go with Arduino Uno or Raspberry Pi 3 for your next IoT project?

On Friday, Oracle released the JDK 11 first Release Candidate. It includes features such as nest-based access control, dynamic class-file constants, improved Aarch64 intrinsics, and more. The general availability of the final release of JDK 11 is scheduled for next month on the 25th. Every six months, in June and December, the community initiates the release cycle for the next JDK feature release. The work proceeds over the next three months in three phases: Rampdown Phase One (RDP 1), Rampdown Phase Two (RDP 2), and Release-Candidate Phase (RC).The durations of the phases for JDK 11 are four weeks for RDP 1, three weeks for RDP 2, and five weeks for RC. What is new in JDK 11 RC 1.0 ? Nest-based access control Nest is introduced to allow classes that are a logically part of the same code entity, but are compiled to distinct class files, access each other’s private members. Dynamic class-file constants To support a new constant-pool form named, CONSTANT_Dynamic, Java class-file format is extended. Loading this pool will delegate creation to a bootstrap method, just as linking an invokedynamic call site delegates linkage to a bootstrap method. Improvements in Aarch64 intrinsics Intrinsics are used to improve performance by leveraging CPU architecture-specific assembly code for a given method, instead of a generic Java code. The existing string and array intrinsics are improved and new intrinsics are implemented for the java.lang.Math package on AArch64 processors: sin (sine trigonometric function) cos (cosine trigonometric function) log (logarithm of a number) Epsilon A new garbage collector named, Epsilon is introduced that handles memory allocation but does not implement any actual memory reclamation mechanism. The JVM will shut down once the available Java heap is exhausted. Java EE and CORBA modules removed These modules are removed from the Java SE Platform and the JDK. Earlier, they were deprecated in the Java SE 9, indicating their removal in a future release. HTTP Client (Standard) The HTTP Client API, introduced as an incubating API in JDK 9 and JDK 10 is standardized. This API received a number of rounds of feedback that resulted in significant improvements. The module name and the package name of the standard API will be java.net.http. Local-variable syntax for lambda parameters When declaring the formal parameters of implicitly typed lambda expressions, the use of ‘var’ is allowed. Now the following expression: (var x, var y) -> x.process(y) is equivalent to: (x, y) -> x.process(y) Unicode 10 The existing platform APIs will support version 10.0 of the Unicode Standard. It is supported in the following classes: In java.lang: Character and String In java.awt.font: NumericShaper In java.text: Bidi, BreakIterator, and Normalizer New Flight Recorder Flight Recorder, a low-overhead data collection framework is provided for troubleshooting Java applications and the HotSpot JVM. Addition of ChaCha20 and Poly1305 cryptographic algorithms An implementation of the ChaCha20 and ChaCha20-Poly1305 ciphers as specified in RFC 7539 are added. ChaCha20 is a relatively new stream cipher that can replace the older, insecure RC4 stream cipher. ZGC (Experimental) The Z Garbage Collector, also known as ZGC, is a scalable low-latency garbage collector. ZGC is a concurrent, single-generation, region-based, NUMA-aware, compacting collector. To know more about these updates and improvements in detail, head over to its official website, OpenJDK. JavaFX 11 to release soon, announces the Gluon team State of OpenJDK: Past, Present and Future with Oracle Mark Reinhold on the evolution of Java platform and OpenJDK  

OpenSSH 7.8 base source code was released on August 24, 2018. It includes many new features such as a fix for the username enumeration vulnerability, changes to the default format for the private key file, and many more. Additionally, support for running ssh setuid root has been removed, and a couple of new signature algorithms have been added. The base source code is designed specifically for OpenBSD. The aim was to make the code simple, clean, minimal, and auditable. This release will be available from the mirrors listed at http://www.openssh.com/ shortly. Let’s take a look at the features that developers can expect in this new version of OpenSSH Changes that may affect existing configurations ssh-keygen(1): Write OpenSSH format private keys by default instead of using OpenSSL's PEM format. This offers better protection against offline password guessing and supports key comments in private keys. sshd(8): Internal support for S/Key multiple factor authentication is removed. S/Key may still be used via PAM or BSD auth. ssh(1): Vestigal support for running ssh(1) as setuid is removed. sshd(8): The semantics of PubkeyAcceptedKeyTypes and HostbasedAcceptedKeyTypes now specify signature algorithms that are accepted for their respective authentication mechanism. This matters when using the RSA/SHA2 signature algorithms "rsa-sha2-256", "rsa-sha2-512" and their certificate counterparts. Configurations that override these options but do not use these algorithm names may cause unexpected authentication failures. sshd(8): The precedence of session environment variables has changed. ~/.ssh/environment and environment="..." options in authorized_keys files can no longer override SSH_* variables set implicitly by sshd. ssh(1)/sshd(8): The default IPQoS used by ssh/sshd has changed.Interactive traffic will use  DSCP AF21and CS1 will be used  for bulk. For a detailed understanding, head over to the commit message: https://cvsweb.openbsd.org/src/usr.bin/ssh/readconf.c#rev1.28 What's new in OpenSSH 7.8 This  bugfix release has a couple of New Features in store for developers. Let’s take a look at some of the important ones. New signature algorithms "rsa-sha2-256-cert- v01@openssh.com" and "rsa-sha2-512-cert-v01@openssh.com" to  explicitly force use of RSA/SHA2 signatures in authentication. Read more at  ssh(1)/sshd(8). Some countermeasures are added against timing attacks used for account validation/enumeration. sshd will impart a minimum time or each failed authentication attempt consisting of a global 5ms minimum plus an additional per-user 0-4ms delay derived from a host secret. Fine more information at sshd(8). In sshd(8), you can add a SetEnv directive to explicitly specify environment variables in sshd_config by an administrator. Variables set by SetEnv override the default and client-specified Environment. In ssh(1), you can add a SetEnv directive to request that the server sets an environment variable in the session. Similar to the existing SendEnv option, these variables are set subject to server Configuration. Clear environment variables previously marked for sending to the server by "SendEnv -PATTERN" Bug Fixes introduced in this new version In the sshd(8), users can avoid observable differences in request parsing that could be used to determine whether a target user is valid. They can also fix failures to read authorized_keys caused by faulty supplemental group caching. Failures can be fixed to read authorized_keys caused by faulty supplemental group caching. The relax checking of authorized_keys environment="..." options to allow underscores in variable names  (regression introduced in 7.7) Some memory leaks in the ssh(1)/sshd(8) have been fixed. The SSH2_MSG_DEBUG messages for Twisted Conch clients in the ssh(1)/sshd(8) have also been disabled. Tunnel forwarding has also been fixed. In ssh(1), you can now fix a pwent clobber (introduced in openssh-7.7) that could occur during key loading, manifesting as crash on some platforms. To get a detailed overview of the features and changes introduced in portability and checksums in this new release, head over to the official release notes. JavaFX 11 to release soon, announces the Gluon team Gitlab 11.2 releases with preview changes in Web IDE, Android Project Import and more Bodhi Linux 5.0.0 released with updated Ubuntu core 18.04 and a modern look

The Election officials in Los Angeles County gave final approval, last Tuesday, to a new system of counting ballots, named “Voting Solutions for All People (VSAP) Tally 1.0”. The VSAP Tally 1.0 system is created to make the upcoming elections more secure. The new tally system, VSAP Tally 1.0, is an open-source platform that runs on technology owned by the county instead of a private vendor. This is the first publicly-owned, open-source election tally system certified under the California voting system standards. The certification process of VSAP Tally 1.0 involved rigorous functional and security testing conducted by the Secretary of State’s staff as well as a certified voting system test lab. The testing ensured that the new system complies with California Voting System Standards (CVSS). According to Secretary of State, Alex Padilla, “With security on the minds of elections officials and the public, open-source technology has the potential to further modernize election administration, security, and transparency -- the newly designed VBM is the first step in implementing a new voting experience for LA County voters that is more accessible and convenient.” John Sebes, the chief technology officer, Open Source Election Technology Institute, points out that " their intention is to make it freely available to other organizations, which it is not as of now. It's open source in the sense that it was paid for by public funds and the intent is to share it." The certification of the VSAP Tally 1.0 solution enables the Los Angeles County to move forward for November 6, 2018, General Elections, with its newly redesigned VSAP Vote by Mail (VBM) ballots. “This is a significant milestone in our efforts to implement a new voting experience for the voters of Los Angeles County. The VSAP Tally System ensures that the new Vote by Mail ballots cast in the upcoming November election will be counted accurately and securely”, says Dean C. Logan, County Clerk. No information on how they plan to verify these votes has been disclosed yet. Also, even though the VSAP Tally 1.0 is an open source system, there are no codes made available on GitHub so far. For more information, be sure to check out the official press release. Facebook, Twitter takes down hundreds of fake accounts with ties to Russia and Iran, suspected to influence the US midterm elections Jack Dorsey to testify explaining Twitter algorithms before the House Energy and Commerce Committee DCLeaks and Guccifer 2.0: How hackers used social engineering to manipulate the 2016 U.S. elections  

With more and more attacks happening via emails and hackers intruding into presidential elections and still influencing various ongoing campaigns, Google has recently shared their ongoing work to provide protection against: State-sponsored phishing attacks Technical attribution of a recently-reported influence campaign from Iran Detection and termination of activity on Google properties Due to the advanced techniques used by hackers, users are often tricked by an email camouflaged as a legitimate one. As a countermeasure, Google says it has invested in robust systems, For detecting any phishing or hacking attempts on user’s email network To identify influence operations launched by foreign governments To protect political campaigns from digital attacks via Google’s Protect Your Election program. Google’s Threat Analysis Group is working with their partners at Jigsaw and Google’s Trust & Safety team to identify bad actors and disable their accounts. The group will further warn users about these bad actors, and also share intelligence with other companies and law enforcement officials. State-sponsored phishing attacks Email phishing is the most common yet the most popular attack. Google has improved their security policies for Gmail users such as automated protections, account security (like security keys), specialized warnings, and so on. Google, via these attempts, plans to significantly decrease the volume of phishing emails that get through to its users. On 20th August 2018, Google issued a series of notifications to Gmail users who were subject to suspicious emails from a wide range of countries. They posted about the different warnings about Government-backed phishing on their blog post and asked users to take immediate actions if they came across the attack or pop-up mentioned. FireEye detected suspicious Google accounts linked to Iran Google has also integrated with FireEye cybersecurity group, and other top security consultants, to provide them with intelligence. FireEye’s recent help to Facebook by detecting the identified suspicious accounts with links to Russia and Iran is worth mentioning. For the last two months, Google and Jigsaw have worked closely with FireEye on the influence operation linked to Iran that FireEye identified last week. FireEye identified some suspicious Google accounts (three email accounts, three YouTube channels, and three Google+ accounts), which were swiftly disabled. Google Security team suspects the malicious actors are linked to IRIB In addition to FireEye’s intelligence report, Google’s team have investigated a broader range of suspicious actors linked to Iran who has engaged in setting up the malicious accounts. Following this, Google has informed the U.S. lawmakers and law enforcement agencies about the results of their investigation, including its relation to political content in the United States. Google’s technical research team further identified with evidence that these actors are associated with the IRIB, the Islamic Republic of Iran Broadcasting. Their observations are as follows: Technical data associated with these actors is strongly linked to the official IRIB IP address space. Domain ownership information about these actors is strongly linked to IRIB account information. Account metadata and subscriber information associated with these actors is strongly linked to the corresponding information associated with the IRIB, indicating common ownership and control. Detecting and terminating activity on Google properties All content influenced by the malicious actors violating Google’s policies are swiftly removed from Google services and terminates these actors’ accounts. It also uses several robust methods, including IP blocking, to prevent individuals or entities in Iran from opening advertising accounts. Google identified and terminated a number of accounts linked to the IRIB organization that disguised their connection to this effort, including while sharing English-language political content in the U.S., these include: 39 YouTube channels that had 13,466 total US views on relevant videos 6 blogs on Blogger 13 Google+ accounts The state-sponsored phishing attacks and the actors associated with the IRIB are not the only state-sponsored actors at work on the Internet. Google had also disclosed information about actors linked to the Internet Research Agency (IRA) in 2017. They detected and removed 42 YouTube channels, which had 58 English-language political videos (these videos had a total of fewer than 1,800 U.S. views). Read more about Google’s plan to protect users against phish attacks on their Safety & Security blog. DC Airport nabs the first imposter using its newly deployed facial recognition security system Intel faces backlash on Microcode Patches after it prohibited Benchmarking or Comparison Mozilla, Internet Society, and web foundation wants G20 to address “tech-lash” fuelled by security and privacy concerns

In the distributed systems verification of Dgraph 1.0.2 through 1.0.6, Jepsen has found 23 issues including multiple deadlocks and crashes in the cluster, duplicate upserted records, snapshot isolation violations, records with missing fields, and in some cases, the loss of all but one inserted record. Dgraph is an open source, fast, distributed graph database which uses Raft for per-shard replication and a custom transactional protocol, based on Omid, Reloaded, for snapshot-isolated cross-shard transactions. Dgraph has a custom transaction system to provide transactional isolation across different Raft groups. Storage nodes, called Alpha, are controlled by a supervisory system, called Zero. Zero nodes form a single Raft cluster, which organizes Alpha nodes into shards called groups. Each group runs an independent Raft cluster. Jepsen test suite design Jepsen is a framework to analyze distributed systems under stress and verify that the safety properties of a distributed system hold up, given concurrency, non-determinism, and partial failure. It is an effort to improve the safety of distributed databases, queues, consensus systems, and more. To verify safety properties of Dgraph, a suite of Jepsen tests was designed using a five node cluster with replication factor three. Alpha nodes were organized into two groups: one with three replicas, and one with two. Every node ran an instance of both Zero and Alpha. Many operations were tested, out of which some are listed here: Set: Inserting a sequence of unique numbers into Dgraph, then querying for all extant values. Finally, check if every successfully acknowledged insert is present in the final read. Upsert: An upsert is a common database operation in which a record is created if and only if an equivalent record does not already exist. Delete: In the delete test, concurrent attempts were made to delete any records for an indexed value. Since deleting can only lower the number of records, not increase it, it was expected to never observe more than one record at any given time. Bank: The bank test stresses several invariants provided by snapshot isolation. A set of bank accounts were created, each with three attributes: type: It is always account. We use this to query for all accounts. key: It is an integer which identifies that account. amount: It is the amount of money in that account. Issues found in the Dgraph Here are some of the issues found by the test: Cluster join issues: Race conditions were discovered in the Dgraph’s cluster join procedure. Duplicate upserts: In the bank test, it was discovered that test initialization process concurrently upserts a single initial account resulting in dozens of copies of that account record, rather than one. Delete anomalies: With a mix of upserts, deletes, and reads of single records identified by an indexed field key, several unusual behaviors were found. Unusual results were found like values disappeared due to deletion, get stuck in a dangling state, then reappear as full records. Read skew: With a more reliable cluster join process, a read skew anomaly in the bank test was discovered. Lost inserts with network partitions: In pure insert workloads, Dgraph could lose acknowledged writes during network partitions. While performing set tests, which insert unique integer values and attempt to perform a final read, huge number of acknowledged values could be lost. Write loss on node crashes: When Alpha nodes crash and restart, the set test revealed that small windows of successfully acknowledged writes could be lost right around the time the process(es) crashed. Dgraph also constructed records with missing values. Unavailability after crashes: Despite every Alpha and Zero node running, and with total network connectivity, nodes could return timeouts for all requests. Read skew in healthy clusters: A bank test revealed failures without any migration, or even any failures at all. Dgraph could still return incorrect account totals, or records with missing values. The identified safety issues were mostly associated with process crashes, restarts, and predicate migration. Out of 23 issues, 4 still remain unresolved, including the corruption of data in healthy clusters. This analysis was funded by Dgraph and Jepsen has documented the full report on their official website. 2018 is the year of graph databases. Here’s why. MongoDB Sharding: Sharding clusters and choosing the right shard key [Tutorial] MongoDB going relational with 4.0 release

House Energy and Commerce Committee announced that Twitter CEO Jack Dorsey will testify before the committee regarding Twitter algorithms and content monitoring. The hearing will take place on the afternoon of Wednesday, September 5, 2018. https://twitter.com/HouseCommerce/status/1033099291185827841 A few days back, Jack Dorsey announced plans to rethink how Twitter works to combat fake news and data scandals. Last month, Twitter deleted 70 million fake accounts in an attempt to curb fake news and improve Twitter algorithms. It has been constantly suspending fake accounts which are inauthentic, spammy or created via malicious automated bots. Earlier this month, Apple, Facebook, and Spotify took action against Alex Jones. Initially, Twitter allowed Jones to continue using its service. But later Twitter imposed a seven-day “timeout” on Jones after he encouraged his followers to get their “battle rifles” ready against critics in the “mainstream media”. "Twitter is an incredibly powerful platform that can change the national conversation in the time it takes a tweet to go viral," said House Energy and Commerce Committee Chairman Greg Walden, in a statement. "When decisions about data and content are made using opaque processes, the American people are right to raise concerns.” The committee will deal with Twitter algorithms and will ask tough questions revolving around how Twitter monitors and polices content. E&C expects Twitter to adhere to content judgment calls and be transparent regarding the complex processes behind the social media’s algorithms. On Friday, U.S. President Donald Trump accused social media companies of silencing “millions of people” in an act of censorship, but without offering evidence to support the claim. https://twitter.com/realDonaldTrump/status/1032954224529817600 House Majority Leader Kevin McCarthy, commented on the hearing saying, "We all agree that transparency is the only way to fully restore Americans’ trust in these important public platforms." https://twitter.com/GOPLeader/status/1033118278728777729 Following Twitter, representatives from Google and Facebook are also scheduled to appear at next month's hearing. Twitter takes down hundreds of fake accounts with ties to Russia and Iran. Twitter’s disdain for third-party clients gets real. Time for Facebook, Twitter, and other social media to take responsibility or face regulation.

Golang 1.11 is here with modules and experimental WebAssembly port among other updates The Golang team released Golang 1.11 rc1 two weeks back, and now the much awaited Golang 1.11 is here. Golang 1.11, released last Friday, comes with changes and improvements to the toolchain, runtime, libraries, preliminary support for “modules”, and experimental port to WebAssembly. Golang is a modern programming language by Google, which was developed back in 2009 for application development. It’s simple syntax, concurrency support, and fast nature makes it one of the fastest growing languages in the software industry. Let’s now explore the new features in Golang 1.11. Ports Go 1.11 adds an experimental port to WebAssembly ( js/wasm ) along with other changes. Web Assembly Go 1.11 adds new GOOS value “js” and GOARCH value “wasm” to  WebAssembly. Go files named *_js.go or *_wasm.go will now be ignored by Go tools except for times when GOOS/GOARCH values are being used. The GOARCH name “wasm” is the official abbreviation of WebAssembly. The GOOS name “js” is due to the host environments like web browsers and Node.js, that executes the WebAssembly bytecode. Both of these host environments use JavaScript to embed WebAssembly. RISC-V GOARCH values reserved The main Go compiler does not provide support for the RISC-V architecture. Go 1.11 reserves the GOARCH values namely "riscv" and "riscv64" by Gccgo that supports RISC-V. This means that Go files named *_riscv.go will be ignored by Go tools except for cases when those GOOS/GOARCH values are being used. Other changes Go 1.11 now needs OpenBSD 6.2 or later, macOS 10.10 Yosemite or later, or Windows 7 or later. Any support for previous versions of these operating systems have been deprecated. It also offers support for the upcoming OpenBSD 6.4 release. With changes in the OpenBSD kernel, you won’t be able to run older versions of Go on OpenBSD 6.4. With Go 1.11, the new environment variable settings have been added for 64-bit MIPS systems, namely, GOMIPS64=hardfloat (the default) and GOMIPS64=softfloat. These enable you to decide whether to use hardware instructions or software emulation for floating-point computations. Go now uses a more efficient software floating point interface on soft float ARM systems (GOARM = 5). There is no need of a linux kernel configured with KUSER_HELPERS now on ARMv7. Toolchain There are also fixes made in Modules, packages, and debugging in Golang 1.11. Modules There’s now preliminary support added for a new experimental concept called “modules”, in Golang 1.11. This is an alternative to GOPATH with integrated support for versioning and package distribution. With the help of modules, developers are no longer limited to working inside GOPATH. Package loading There’s a new package, the golang.org/x/tools/go/packages that offers a simple API for locating and loading Go source code packages. It’s not yet part of the standard library but it effectively replaces the go/build package for many tasks. Build cache requirement Go 1.11 will be the last release which offers support for setting the environment variable GOCACHE=off ( to disable the build cache ), that was introduced in Go 1.10. The compiler toolchain now offers support for column information in line directives. Improved debugging The compiler in Go 1.11 now offers improved debugging for optimized binaries which includes variable location information, line numbers, and breakpoint locations. This makes it possible to debug binaries compiled without -N -l. There’s also experimental support added for calling Go functions from within a debugger. Compiler Toolchain Golang 1.11 offers support for column information in line directives. Also, a new package export data format is introduced which is transparent to end users, except for speeding up build times for large Go projects. Runtime Runtime in Go 1.11 now makes use of a sparse heap layout. This ensures that there is no longer a limit to the size of the Go heap as the limit was 512GiB earlier. It also provides fixing of rare "address space conflict" failures in mixed Go/C binaries or binaries compiled with -race. Library changes There are various minor updates and changes to the core library in Golang 1.11. Crypto: Crypto operations such as ecdsa.Sign, rsa.EncryptPKCS1v15 and rsa.GenerateKey, now randomly read an extra byte to ensure that tests don't rely on internal behavior. debug/elf: Constants such as ELFOSABI and EM have been added. encoding/asn1: There is now support for "private" class annotations for fields in Marshal and Unmarshal. image/gif: There is support for non-looping animated GIFs. They are denoted by having a LoopCount of -1. math/big: With Golang 1.11, ModInverse now returns nil when g and n are not relatively prime. Apart from these major updates, there are many other changes in Golang 1.11. To get more information, be sure to check the official Golang 1.11 release notes. Writing test functions in Golang [Tutorial] How Concurrency and Parallelism works in Golang [Tutorial] GoMobile: GoLang’s Foray into the Mobile World  

AMD has made V-EZ, the Vulkan wrapper library open source. The V-EZ wrapper is C based lightweight layer around Vulkan which reduces the complexity of using the Vulkan API. It abstracts away the lower level complexities of the Vulkan API. It also reduces differences between traditional graphics APIs and Vulkan by providing similar semantics to Vulkan. V-EZ is basically designed to increase the adoption of Vulkan in the gaming industry. It provides game developers with all the modern graphics API features without all of the low-level responsibilities. The low-level Vulkan API features abstracted in V-EZ include: Memory management Swapchain management Render Passes Pipeline permutations, layouts, and barriers Descriptor pools, sets, and set layouts Image layouts GLSL compilation Vulkan API objects and their interactions V-EZ has only a slight performance overhead as compared to native Vulkan APIs and offers most Vulkan API features including Batching queue submissions Multi-threaded command buffer recording Reusing command buffers Minimizing pipeline bindings Minimizing resource bindings Batching draw calls As mentioned on their Github repo, V-EZ is not hardware vendor specific and should work on non-AMD hardware as well. For building V-EZ you can follow these instructions: Run cmake to generate Visual Studio solution files or Linux make files. No specific settings need to be set. Pull down submodules git submodule init git submodule update Build V-EZ project. Reddit is abuzz with discussion on whether Vulkan is right to be advertised as a general replacement to OpenGL. Some said that Vulkan is a viable replacement to OpenGL but only at a lower level. A lot of the logic that openGL drivers take care of internally are exposed in the Vulkan API to allow for more optimization and performance focused coding. It's a lower level replacement. Most of of the code deals with stuff like GPU memory allocation, command buffering, synchronisation, and other such low-level concerns that, AFAIK, OpenGL doesn't let you touch. Some said Vulkan only stands out when you build games. I see indie game developers who are writing their own games without an existing engine would benefit greatly from higher abstractions of Vulkan, like this V-EZ project. They will get most of the performance improvements of Vulkan without a lot of the complexity. And in some cases the Vulkan abstraction is easier to understand and reason about than the OpenGL equivalent. Most people shouldn't use Vulkan directly. They should use a graphics library that would deal with the low level stuff. Only people making game engines and graphics libraries have to use low level Vulkan API and for those purposes Vulkan is superior. You can follow the entire Reddit thread for other comments. Also, see the Github repo for more details on V-EZ open sourcing. Think Silicon open sources GLOVE: An OpenGL ES over Vulkan middleware. Debugging in Vulkan.

The initial apprehension to having facial recognition technology is beginning to move on to acceptance as the incident at the D.C airport stands witness of this fact.  Just three days after the technology was implemented at Washington Dulles International Airport, the system identified an imposter attempting to make his way into the US using a fake passport. On August 23, the US Customs and Border Protection (CBP) released a news about the 26-year-old male, who was traveling from Sao Paulo, Brazil, who presented a French passport to the CBP officer in the primary investigation phase. The facial comparison biometric system confirmed that his face did not match the picture in the passport. He was then sent to secondary inspections for a thorough examination. He appeared nervous during the checks and doubts were confirmed when a search revealed the man's authentic Republic of Congo identification card concealed in his shoe. NEC has collaborated with a total of 14 airports across the US to use the facial recognition technology in order to screen out people arriving in the US with false documents. This has reduced the average wait time for arriving international passengers by around four minutes. According to the International Trade Administration that Quartz quoted back in February 2017,  about 104,525 people arrive from overseas into the US (that number excludes people entering from Mexico and Canada) every day. Scanning such a large number of travelers each day is a daunting task for the CBP. Facial Recognition technology will definitely reduce the complexity that comes with traveler identification. A gist of how the biometric system works The CBP first constructs a photo gallery of all the travelers on US-bound international aircraft using flight manifests and travelers’ documents (mainly passports and visas). When they touch down in America, TSA officers guide travelers to a camera next to a document checking podium. This camera snaps a picture and compares it to the one on their travel documents to determine if they’re indeed who they claim to be. The CBP asserts that the system will not only help in nabbing terrorists and criminals before they can enter the US, but also speed up airport checks, and eventually allow travelers to get through security processes without a boarding pass. CBP is  clearly trying its best to use technology to make its operations more efficient and to detect security breaches at a scale never seen before. It remains to be seen if the benefits of using of facial recognition such as protecting the American people from external threats outweighs the dangers of over-reliance on this tech such as wrongly tagging people or infringing on individual freedom. You can gain more insights to this article on techspot.com. Google’s new facial recognition patent uses your social network to identify you! Admiring the many faces of Facial Recognition with Deep Learning Amazon is selling facial recognition technology to police  

Looks like OpenAI’s intelligent game-playing bots need to get a little more street smart before they can beat the world’s best. Played as a promotional side-event in The International - the annual Dota 2 tournament, OpenAI Five were beaten by a team of top human professional players in the first two games of the Best of Three contest. Both games were intense and lasted for approximately an hour, but the human teams emerged victorious quite comfortably. OpenAI Five, as we know, are 5 artificially intelligent bots developed by OpenAI, a research institute co-founded by Tesla CEO, Elon Musk, to develop and research human-level artificial intelligence. These bots are trained specifically to play Dota 2 game against top human professionals. While OpenAI five racked up more kills in the game than the human teams paiN Gaming and Big God, it lacked a cohesive strategy and wasted many opportunities to gather and utilize resources in the game efficiently, which is often the difference between a win and a loss. This loss highlights the fact that while the bots are on the right track, more improvement is needed in the manner they adjust to their surroundings and make tactical decisions on the go. Researcher at the University of Falmouth, UK, Mike Cook, agrees - his criticism being that the bots lacked decision-making at the macro-level while having their own moments of magic in the game. [embed]https://twitter.com/mtrc/status/1032430538039148544[/embed] Greg Brockman, CTO and co-founder of OpenAI, meanwhile, was not worried about this loss, citing that it is the defeats that will make OpenAI Five better and more efficient. He was of the opinion that the AI was designed to learn and adapt by learning from the experiences first, before being able to beat the human players. According to Greg, the OpenAI Five is very much still a work in progress project. [embed]https://twitter.com/gdb/status/1032830230103244800[/embed] The researchers at OpenAI are hopeful that the OpenAI Five will improve from this valuable learning experience and give a much tougher fight in the next edition of the tournament, since there won’t be a third game this year. As things stand, though, it’s pretty clear that the human players aren’t going to be replaced by the AI bots anytime soon. See Also: AI beats human again – this time in a team-based strategy game Build your first Reinforcement learning agent in Keras A new Stanford artificial intelligence camera uses a hybrid optical-electronic CNN for rapid decision making