Wochenzusammenfassung Replay: FritzBox-Lücke, sichere Browser, Windows as a Service
Windows 10, Fritzbox, Aldi-Notebook: Die vergangene Woche stand ganz im Zeichen von Standardsoft- und Hardware.
Quelle: Heise Tech News
c’t uplink 16.7: Industrie 4.0, Wetter-Apps, AMD-Mainboards
Die wichtigsten Fragen im Leben, alle drei beantwortet in c't uplink: Wie arbeiten wir in der Zukunft, wie wird morgen das Wetter, und welches Mainboard brauche ich für meinen neuen AMD-Prozessor?
Quelle: Heise Tech News
Louise Mensch Has A List Of Suspected Russian Agents
Ben A. Pruchnie / Getty Images
Since last November’s election, the former British politician Louise Mensch has transformed herself into the leader of a wide-ranging internet investigation into Russian espionage and influence in American politics, media, and business. Every day, Mensch and her network of online detectives unravel what they claim is a massive conspiracy linking the Kremlin, the Republican party, armies of internet trolls, and moneyed puppet-masters around the world.
Mensch, who sometimes tweets hundreds of times a day, has claimed or implied that targets ranging from top government officials to journalists to teenagers to anonymous twitter users are in thrall to Vladimir Putin.
Just since inauguration day, according to an extensive review of her tweets, the New York-based Mensch has accused at least 210 people and organizations of being under Russian government influence.
Mensch's campaign has played out almost entirely on Twitter. But she has also been validated at the highest levels of English-language media: She published an op-ed in the New York Times, appeared on MSNBC and Real Time with Bill Maher earlier this year, and was the subject of a flattering Guardian profile. And her relentless tweets and passionate following have made her a central figure in a new obsession with Russian influence that recalls Cold War era divisions over Communist infiltration. That “red scare” reached its paranoid height in the late 1940s and early 1950s, when substantive fears of (real) Soviet intelligence operations turned into a politicized hall of mirrors in which figures like Senator Joe McCarthy ruined the lives and careers of thousands of Americans with baseless allegations of working for Moscow. (The era also persuaded some on the “anti-anti-Communist” left that real Soviet spies were innocent victims of hysteria; their guilt was settled with the opening of the Soviet archives at the end of the Cold War.)
Mensch’s list includes 35 American politicians and government officials, 26 journalists, 26 organizations and corporations (among them think tanks, banks, media outlets, foreign intelligence agencies, and security firms), 18 Russians, 18 US citizens notable for political donations or affiliations, 80 low-profile Twitter accounts Mensch has characterized as “Putinbots” or similar (many of which appear to belong to Americans who support President Trump), and two British politicians. The list includes figures as disparate as Bernie Sanders and Sean Hannity.
Among the 210 named by Mensch are individuals and entities who do have obvious or reported ties to the Russian government and intelligence agencies, ranging from Wikileaks — which has denied that accusation — to the anonymous hacker Guccifer 2.0 to the Kremlin-owned news agency Sputnik. Mensch’s specific allegations draw on the reality of a large-scale and widely-documented Russian campaign to influence the U.S. election. But in many cases, she lacks strong, or any, evidence connecting her targets to that campaign.
In addition to the journalists, media personalities, and politicians, among those fingered are a Twitter comedian, a fake White House staff account, and a 15-year-old girl who Mensch suggested does not actually exist except as a Kremlin fabrication. (BuzzFeed News interviewed the teenager in person.)
Mensch’s criteria for accusing someone of being under Russian influence vary. Sometimes she cites her own and others’ reporting. In some cases, she points out suspicious geotags and catfishing attempts. In others, mangled English syntax appears to be enough to prove Russia ties. She has accused people of being affiliated with Russia simply for disagreeing with her or calling her theories far-fetched, but she has also called someone a Russian agent for being too enthusiastic about her own theories.
Many of the people Mensch has accused vociferously deny involvement with the Russian government. Many of those share the attribute that nobody other than Mensch has ever accused them of it.
“I am proud of my service to this country and to be a loyal first generation American, to suggest anything otherwise is both absolutely false and offensive to me, my family and first generation and naturalized citizens who continue to serve this great country,” Naveed Jamali, a former FBI double agent who Mensch has accused of being a Russian spy, wrote to BuzzFeed in an email.
The political strategist Evan Siegfried denied Mensch’s accusation that he is a “Kremlin troll.”
“In no way, shape or form am I or have I ever been a Kremlin operative, Russian agent or party to aiding Putin and/or Russia. Any and all accusations are not only false, but strain credulity. The closest I&039;ve come to Russia was the time I went to NYC&039;s Russian Tea Room in 1993. I was ten,” he said in an email.
Reached for comment by Twitter direct message, Mensch said that, if anything, the number of Russian agents she identified was understated.
“No, I doubt that number is accurate. I am quite certain the number is going to be a lot larger than 210 people or organizations once the trials are finished. It takes a village to elect a President who is working hand in glove with the Kremlin both in terms of propaganda and hacking collusion – and that&039;s before we even get to the money laundering.”
Mensch went on to say that her criteria for determining whether or not someone was a Russian agent depended on “Intelligence, from sources; actions; words, such as tweets; and other primary source material.”
Asked about her accusations against Jamali, Mensch referred BuzzFeed News to earlier tweets about a dispute between the two. She provided no evidence that Jamali is a Russian spy, and did not address a query about why she thinks Siegfried is a Russian agent.
Mensch had a colorful and storied career in British public life, which reached its peak when as a Tory member of Parliament, she grilled Rupert Murdoch over his role in the News of the World phone-hacking scandal. She moved to the US in 2012, at one point founded a social network intended to rival Twitter, and in April 2016 started a conservative news site for Murdoch’s company, News Corp. (She left the site, Heat Street, in January, and tweeted in March that she had left News Corp, which a company spokesman confirmed.)
An ally of intelligence services and a fierce critic of Edward Snowden and the press who published his leaked material, Mensch in 2016 established herself as a prominent voice on the Trump campaign’s ties to Russia. Her following grew in November, when she published a blockbuster story alleging that the FBI had been granted a FISA warrant in order to examine connections between Trump and Russia. Other media outlets later reported that the U.S. government had indeed obtained a FISA warrant in connection with the Trump campaign, though the details of those reports have differed from hers. That story won her legitimacy among close followers of the Trump-Russia story (BuzzFeed News reporters, among others, spoke to her to see if she had information that could advance reporting on Russia), and she has continued to use it as a calling card. And Mensch told BuzzFeed News that her reporting on Trump connections to Russia are being borne out.
But recently – and particularly over the last month — Mensch has become increasingly outspoken in labeling accounts who disagree with her “Kremlin shills,” “Putinbots,” and “RIS,” Russian intelligence services.
Some of her targets say they are puzzled and alarmed by her attention.
“It’s been very frustrating to encounter people who assume I’m a Kremlin propagandist simply because one of my jobs has the word “Moscow” in it,” said Kevin Rothrock, the web editor of the Moscow Times, who Mensch referred to as “Vlad” — her oft-used shorthand for an agent of Vladimir Putin — after Rothrock chided Mensch for “tweeting the dumbest shit.” The Moscow Times, which is known as a training ground for foreign correspondents, has a reputation as a rare independent voice in Russian media. Mensch did not respond to a query about why she thinks Rothrock may be a Russian agent.
Mensch’s critics have accused her of fomenting an anti-Russia panic. In an article last month in Rolling Stone, journalist Matt Taibbi warned of a resurgent “case of mass hysteria” about Russia among politicians and journalists.
(Mensch has speculated that Taibbi, who once lived and worked in Russia, “might be a Russian agent.”
“I am not a Russian agent,” Taibbi said to BuzzFeed News. “I have never been engaged in any kind of espionage work.”
Mensch did not respond to a query about why she thinks Taibbi may be a Russian agent.)
Some have accused Mensch of going too far. Cassandra Fairbanks, an American social media personality and journalist filed a complaint with the FBI against Mensch, alleging a “months long campaign of cyber stalking and harassment.” (Fairbanks works for the Russian-owned Sputnik.) Others, including Taibbi, suspect that going too far may be part of what has made Mensch such a popular figure.
“A lot of her success has come from some of the same instincts that have given Trump success,” Taibbi said. “The ability to generate headlines [is] a quality that is good to have if you are an attention seeking person in the internet age.”
And one way to generate headlines and amass a following in a bitterly divided political climate — as Donald Trump has demonstrated — is to find someone to blame. Indeed, if her tweets are to be believed, the number of people Louise Mensch believes to be agents of Russian influence may exceed 210 astronomically:
Steven Perlberg contributed reporting to this story.
Quelle: <a href="Louise Mensch Has A List Of Suspected Russian Agents“>BuzzFeed
Louise Mensch Has A List Of Suspected Russian Agents
Ben A. Pruchnie / Getty Images
Since last November’s election, the former British politician Louise Mensch has transformed herself into the leader of a wide-ranging internet investigation into Russian espionage and influence in American politics, media, and business. Every day, Mensch and her network of online detectives unravel what they claim is a massive conspiracy linking the Kremlin, the Republican party, armies of internet trolls, and moneyed puppet-masters around the world.
Mensch, who sometimes tweets hundreds of times a day, has claimed or implied that targets ranging from top government officials to journalists to teenagers to anonymous twitter users are in thrall to Vladimir Putin.
Just since inauguration day, according to an extensive review of her tweets, the New York-based Mensch has accused at least 210 people and organizations of being under Russian government influence.
Mensch's campaign has played out almost entirely on Twitter. But she has also been validated at the highest levels of English-language media: She published an op-ed in the New York Times, appeared on MSNBC and Real Time with Bill Maher earlier this year, and was the subject of a flattering Guardian profile. And her relentless tweets and passionate following have made her a central figure in a new obsession with Russian influence that recalls Cold War era divisions over Communist infiltration. That “red scare” reached its paranoid height in the late 1940s and early 1950s, when substantive fears of (real) Soviet intelligence operations turned into a politicized hall of mirrors in which figures like Senator Joe McCarthy ruined the lives and careers of thousands of Americans with baseless allegations of working for Moscow. (The era also persuaded some on the “anti-anti-Communist” left that real Soviet spies were innocent victims of hysteria; their guilt was settled with the opening of the Soviet archives at the end of the Cold War.)
Mensch’s list includes 35 American politicians and government officials, 26 journalists, 26 organizations and corporations (among them think tanks, banks, media outlets, foreign intelligence agencies, and security firms), 18 Russians, 18 US citizens notable for political donations or affiliations, 80 low-profile Twitter accounts Mensch has characterized as “Putinbots” or similar (many of which appear to belong to Americans who support President Trump), and two British politicians. The list includes figures as disparate as Bernie Sanders and Sean Hannity.
Among the 210 named by Mensch are individuals and entities who do have obvious or reported ties to the Russian government and intelligence agencies, ranging from Wikileaks — which has denied that accusation — to the anonymous hacker Guccifer 2.0 to the Kremlin-owned news agency Sputnik. Mensch’s specific allegations draw on the reality of a large-scale and widely-documented Russian campaign to influence the U.S. election. But in many cases, she lacks strong, or any, evidence connecting her targets to that campaign.
In addition to the journalists, media personalities, and politicians, among those fingered are a Twitter comedian, a fake White House staff account, and a 15-year-old girl who Mensch suggested does not actually exist except as a Kremlin fabrication. (BuzzFeed News interviewed the teenager in person.)
Mensch’s criteria for accusing someone of being under Russian influence vary. Sometimes she cites her own and others’ reporting. In some cases, she points out suspicious geotags and catfishing attempts. In others, mangled English syntax appears to be enough to prove Russia ties. She has accused people of being affiliated with Russia simply for disagreeing with her or calling her theories far-fetched, but she has also called someone a Russian agent for being too enthusiastic about her own theories.
Many of the people Mensch has accused vociferously deny involvement with the Russian government. Many of those share the attribute that nobody other than Mensch has ever accused them of it.
“I am proud of my service to this country and to be a loyal first generation American, to suggest anything otherwise is both absolutely false and offensive to me, my family and first generation and naturalized citizens who continue to serve this great country,” Naveed Jamali, a former FBI double agent who Mensch has accused of being a Russian spy, wrote to BuzzFeed in an email.
The political strategist Evan Siegfried denied Mensch’s accusation that he is a “Kremlin troll.”
“In no way, shape or form am I or have I ever been a Kremlin operative, Russian agent or party to aiding Putin and/or Russia. Any and all accusations are not only false, but strain credulity. The closest I&039;ve come to Russia was the time I went to NYC&039;s Russian Tea Room in 1993. I was ten,” he said in an email.
Reached for comment by Twitter direct message, Mensch said that, if anything, the number of Russian agents she identified was understated.
“No, I doubt that number is accurate. I am quite certain the number is going to be a lot larger than 210 people or organizations once the trials are finished. It takes a village to elect a President who is working hand in glove with the Kremlin both in terms of propaganda and hacking collusion – and that&039;s before we even get to the money laundering.”
Mensch went on to say that her criteria for determining whether or not someone was a Russian agent depended on “Intelligence, from sources; actions; words, such as tweets; and other primary source material.”
Asked about her accusations against Jamali, Mensch referred BuzzFeed News to earlier tweets about a dispute between the two. She provided no evidence that Jamali is a Russian spy, and did not address a query about why she thinks Siegfried is a Russian agent.
Mensch had a colorful and storied career in British public life, which reached its peak when as a Tory member of Parliament, she grilled Rupert Murdoch over his role in the News of the World phone-hacking scandal. She moved to the US in 2012, at one point founded a social network intended to rival Twitter, and in April 2016 started a conservative news site for Murdoch’s company, News Corp. (She left the site, Heat Street, in January, and tweeted in March that she had left News Corp, which a company spokesman confirmed.)
An ally of intelligence services and a fierce critic of Edward Snowden and the press who published his leaked material, Mensch in 2016 established herself as a prominent voice on the Trump campaign’s ties to Russia. Her following grew in November, when she published a blockbuster story alleging that the FBI had been granted a FISA warrant in order to examine connections between Trump and Russia. Other media outlets later reported that the U.S. government had indeed obtained a FISA warrant in connection with the Trump campaign, though the details of those reports have differed from hers. That story won her legitimacy among close followers of the Trump-Russia story (BuzzFeed News reporters, among others, spoke to her to see if she had information that could advance reporting on Russia), and she has continued to use it as a calling card. And Mensch told BuzzFeed News that her reporting on Trump connections to Russia are being borne out.
But recently – and particularly over the last month — Mensch has become increasingly outspoken in labeling accounts who disagree with her “Kremlin shills,” “Putinbots,” and “RIS,” Russian intelligence services.
Some of her targets say they are puzzled and alarmed by her attention.
“It’s been very frustrating to encounter people who assume I’m a Kremlin propagandist simply because one of my jobs has the word “Moscow” in it,” said Kevin Rothrock, the web editor of the Moscow Times, who Mensch referred to as “Vlad” — her oft-used shorthand for an agent of Vladimir Putin — after Rothrock chided Mensch for “tweeting the dumbest shit.” The Moscow Times, which is known as a training ground for foreign correspondents, has a reputation as a rare independent voice in Russian media. Mensch did not respond to a query about why she thinks Rothrock may be a Russian agent.
Mensch’s critics have accused her of fomenting an anti-Russia panic. In an article last month in Rolling Stone, journalist Matt Taibbi warned of a resurgent “case of mass hysteria” about Russia among politicians and journalists.
(Mensch has speculated that Taibbi, who once lived and worked in Russia, “might be a Russian agent.”
“I am not a Russian agent,” Taibbi said to BuzzFeed News. “I have never been engaged in any kind of espionage work.”
Mensch did not respond to a query about why she thinks Taibbi may be a Russian agent.)
Some have accused Mensch of going too far. Cassandra Fairbanks, an American social media personality and journalist filed a complaint with the FBI against Mensch, alleging a “months long campaign of cyber stalking and harassment.” (Fairbanks works for the Russian-owned Sputnik.) Others, including Taibbi, suspect that going too far may be part of what has made Mensch such a popular figure.
“A lot of her success has come from some of the same instincts that have given Trump success,” Taibbi said. “The ability to generate headlines [is] a quality that is good to have if you are an attention seeking person in the internet age.”
And one way to generate headlines and amass a following in a bitterly divided political climate — as Donald Trump has demonstrated — is to find someone to blame. Indeed, if her tweets are to be believed, the number of people Louise Mensch believes to be agents of Russian influence may exceed 210 astronomically:
Steven Perlberg contributed reporting to this story.
Quelle: <a href="Louise Mensch Has A List Of Suspected Russian Agents“>BuzzFeed
Waymo: Uber Concealed Secret Self-Driving Technology From The Court
An Uber self-driving Volvo drives in Pittsburgh Friday, March 17, 2017. (AP Photo/Gene J. Puskar)
Gene J. Puskar / AP
Waymo, Alphabet’s autonomous car company, alleged in a court filing on Friday that Uber has been developing a secret, secondary self-driving technology that is a more direct copy of Waymo’s autonomous driving designs — and that the ride-hail giant intentionally concealed this project from the court.
“Uber has taken, copied, and used Waymo's technology. This, along with Uber&039;s subsequent cover up and violations of this court&039;s orders, show the need for an injunction in this case,” read Waymo documents filed today in support of its request for an injunction against Uber. The injunction would temporarily halt Uber’s self-driving car program.
“Uber should be enjoined from continuing to use Levandowski in its driverless car program and from continuing to misappropriate and infringe Waymo’s intellectual property,” Waymo wrote.
The filing is the latest development in the legal battle between Uber and Alphabet-owned Waymo over allegedly stolen self-driving car technology. Specifically, the lawsuit centers around LiDAR, or Light Detection And Ranging technology, which is what helps autonomous vehicles navigate.
In February, Waymo filed a lawsuit against Uber claiming that it had intentionally stolen Waymo’s intellectual property when it made Anthony Levandowski, a former Waymo employee, the head of its self-driving car program. (Levandowski was the co-founder of Otto, an autonomous truck startup, which Uber acquired in August 2016.)
In Friday’s filing, Waymo says that during deposition earlier this week, an Uber engineer “was forced to admit” that the company was working on a second LIDAR technology that more closely resembles technology built by Waymo.
Earlier this month, Uber emphatically denied Waymo’s allegations, saying that “A cursory inspection of Uber’s LiDAR and Waymo’s allegations fall like a house of cards.” Levandowski pled the fifth to avoid testifying. At the time, Uber argued its so-called “Fuji” LiDAR technology was “fundamentally different” in its design from that built by Waymo.
But in the reply filed today, the company says Uber’s claim that the four-lens Fuji LiDAR was its only LiDAR project is “a cover up” and alleges Levandowski himself worked on the second, secret self-driving technology, the name of which is redacted, but which Waymo says it copied from Waymo’s own LiDAR design, the name of which is also redacted. “In its Opposition, Uber misrepresents its LiDAR design efforts to this court,” reads the reply.
In the documents filed today, Waymo also surfaces evidence from a deposition earlier this month which suggests Uber started preparing for possible legal action regarding self-driving car technology before it even acquired Otto and “just two days after Levandowski left Waymo, and probably even before that.”
Uber did not immediately respond to request for comment.
The next hearing regarding the injunction in Waymo v. Uber is scheduled for May 3.
This is a breaking story and will continue to be updated.
Quelle: <a href="Waymo: Uber Concealed Secret Self-Driving Technology From The Court“>BuzzFeed
How Bitmovin is Doing Multi-Stage Canary Deployments with Kubernetes in the Cloud and On-Prem
Editor’s Note: Today’s post is by Daniel Hoelbling-Inzko, Infrastructure Architect at Bitmovin, a company that provides services that transcode digital video and audio to streaming formats, sharing insights about their use of Kubernetes.Running a large scale video encoding infrastructure on multiple public clouds is tough. At Bitmovin, we have been doing it successfully for the last few years, but from an engineering perspective, it’s neither been enjoyable nor particularly fun. So obviously, one of the main things that really sold us on using Kubernetes, was it’s common abstraction from the different supported cloud providers and the well thought out programming interface it provides. More importantly, the Kubernetes project did not settle for the lowest common denominator approach. Instead, they added the necessary abstract concepts that are required and useful to run containerized workloads in a cloud and then did all the hard work to map these concepts to the different cloud providers and their offerings.The great stability, speed and operational reliability we saw in our early tests in mid-2016 made the migration to Kubernetes a no-brainer.And, it didn’t hurt that the vision for scale the Kubernetes project has been pursuing is closely aligned with our own goals as a company. Aiming for >1,000 node clusters might be a lofty goal, but for a fast growing video company like ours, having your infrastructure aim to support future growth is essential. Also, after initial brainstorming for our new infrastructure, we immediately knew that we would be running a huge number of containers and having a system, with the expressed goal of working at global scale, was the perfect fit for us. Now with the recent Kubernetes 1.6 release and its support for 5,000 node clusters, we feel even more validated in our choice of a container orchestration system.During the testing and migration phase of getting our infrastructure running on Kubernetes, we got quite familiar with the Kubernetes API and the whole ecosystem around it. So when we were looking at expanding our cloud video encoding offering for customers to use in their own datacenters or cloud environments, we quickly decided to leverage Kubernetes as our ubiquitous cloud operating system to base the solution on.Just a few months later this effort has become our newest service offering: Bitmovin Managed On-Premise encoding. Since all Kubernetes clusters share the same API, adapting our cloud encoding service to also run on Kubernetes enabled us to deploy into our customer’s datacenter, regardless of the hardware infrastructure running underneath. With great tools from the community, like kube-up and turnkey solutions, like Google Container Engine, anyone can easily provision a new Kubernetes cluster, either within their own infrastructure or in their own cloud accounts. To give us the maximum flexibility for customers that deploy to bare metal and might not have any custom cloud integrations for Kubernetes yet, we decided to base our solution solely on facilities that are available in any Kubernetes install and don’t require any integration into the surrounding infrastructure (it will even run inside Minikube!). We don’t rely on Services of type LoadBalancer, primarily because enterprise IT is usually reluctant to open up ports to the open internet – and not every bare metal Kubernetes install supports externally provisioned load balancers out of the box. To avoid these issues, we deploy a BitmovinAgent that runs inside the Cluster and polls our API for new encoding jobs without requiring any network setup. This agent then uses the locally available Kubernetes credentials to start up new deployments that run the encoders on the available hardware through the Kubernetes API.Even without having a full cloud integration available, the consistent scheduling, health checking and monitoring we get from using the Kubernetes API really enabled us to focus on making the encoder work inside a container rather than spending precious engineering resources on integrating a bunch of different hypervisors, machine provisioners and monitoring systems. Multi-Stage Canary DeploymentsOur first encounters with the Kubernetes API were not for the On-Premise encoding product. Building our containerized encoding workflow on Kubernetes was rather a decision we made after seeing how incredibly easy and powerful the Kubernetes platform proved during development and rollout of our Bitmovin API infrastructure. We migrated to Kubernetes around four months ago and it has enabled us to provide rapid development iterations to our service while meeting our requirements of downtime-free deployments and a stable development to production pipeline. To achieve this we came up with an architecture that runs almost a thousand containers and meets the following requirements we had laid out on day one:Zero downtime deployments for our customersContinuous deployment to production on each git mainline pushHigh stability of deployed services for customersObviously #2 and #3 are at odds with each other, if each merged feature gets deployed to production right away – how can we ensure these releases are bug-free and don’t have adverse side effects for our customers?To overcome this oxymoron, we came up with a four-stage canary pipeline for each microservice where we simultaneously deploy to production and keep changes away from customers until the new build has proven to work reliably and correctly in the production environment.Once a new build is pushed, we deploy it to an internal stage that’s only accessible for our internal tests and the integration test suite. Once the internal test suite passes, QA reports no issues, and we don’t detect any abnormal behavior, we push the new build to our free stage. This means that 5% of our free users would get randomly assigned to this new build. After some time in this stage the build gets promoted to the next stage that gets 5% of our paid users routed to it. Only once the build has successfully passed all 3 of these hurdles, does it get deployed to the production tier, where it will receive all traffic from our remaining users as well as our enterprise customers, which are not part of the paid bucket and never see their traffic routed to a canary track.This setup makes us a pretty big Kubernetes installation by default, since all of our canary tiers are available at a minimum replication of 2. Since we are currently deploying around 30 microservices (and growing) to our clusters, it adds up to a minimum of 10 pods per service (8 application pods + minimum 2 HAProxy pods that do the canary routing). Although, in reality our preferred standard configuration is usually running 2 internal, 4 free, 4 others and 10 production pods alongside 4 HAProxy pods – totalling around 700 pods in total. This also means that we are running at least 150 services that provide a static ClusterIP to their underlying microservice canary tier.A typical deployment looks like this:Services (ClusterIP)Deployments##Podsaccount-serviceaccount-service-haproxy4account-service-internalaccount-service-internal-v1.18.02account-service-canaryaccount-service-canary-v1.17.04account-service-paidaccount-service-paid-v1.15.04account-service-productionaccount-service-production-v1.15.010An example service definition the production track will have the following label selectors:apiVersion: v1kind: Servicemetadata: name: account-service-production labels: app: account-service-production tier: service lb: privatespec: ports: – port: 8080 name: http targetPort: 8080 protocol: TCP selector: app: account-service tier: service track: productionIn front of the Kubernetes services, load balancing the different canary versions of the service, lives a small cluster of HAProxy pods that get their haproxy.conf from the Kubernetes ConfigMaps that looks something like this:frontend http-in bind *:80 log 127.0.0.1 local2 debug acl traffic_internal hdr(X-Traffic-Group) -m str -i INTERNAL acl traffic_free hdr(X-Traffic-Group) -m str -i FREE acl traffic_enterprise hdr(X-Traffic-Group) -m str -i ENTERPRISE use_backend internal if traffic_internal use_backend canary if traffic_free use_backend enterprise if traffic_enterprise default_backend paidbackend internal balance roundrobin server internal-lb user-resource-service-internal:8080 resolvers dns check inter 2000backend canary balance roundrobin server canary-lb user-resource-service-canary:8080 resolvers dns check inter 2000 weight 5 server production-lb user-resource-service-production:8080 resolvers dns check inter 2000 weight 95backend paid balance roundrobin server canary-paid-lb user-resource-service-paid:8080 resolvers dns check inter 2000 weight 5 server production-lb user-resource-service-production:8080 resolvers dns check inter 2000 weight 95backend enterprise balance roundrobin server production-lb user-resource-service-production:8080 resolvers dns check inter 2000 weight 100Each HAProxy will inspect a header that gets assigned by our API-Gateway called X-Traffic-Group that determines which bucket of customers this request belongs to. Based on that, a decision is made to hit either a canary deployment or the production deployment.Obviously, at this scale, kubectl (while still our main day-to-day tool to work on the cluster) doesn’t really give us a good overview of whether everything is actually running as it’s supposed to and what is maybe over or under replicated.Since we do blue/green deployments, we sometimes forget to shut down the old version after the new one comes up, so some services might be running over replicated and finding these issues in a soup of 25 deployments listed in kubectl is not trivial, to say the least.So, having a container orchestrator like Kubernetes, that’s very API driven, was really a godsend for us, as it allowed us to write tools that take care of that.We built tools that either run directly off kubectl (eg bash-scripts) or interact directly with the API and understand our special architecture to give us a quick overview of the system. These tools were mostly built in Go using the client-go library.One of these tools is worth highlighting, as it’s basically our only way to really see service health at a glance. It goes through all our Kubernetes services that have the tier: service selector and checks if the accompanying HAProxy deployment is available and all pods are running with 4 replicas. It also checks if the 4 services behind the HAProxys (internal, free, others and production) have at least 2 endpoints running. If any of these conditions are not met, we immediately get a notification in Slack and by email.Managing this many pods with our previous orchestrator proved very unreliable and the overlay network frequently caused issues. Not so with Kubernetes – even doubling our current workload for test purposes worked flawlessly and in general, the cluster has been working like clockwork ever since we installed it.Another advantage of switching over to Kubernetes was the availability of the kubernetes resource specifications, in addition to the API (which we used to write some internal tools for deployment). This enabled us to have a Git repo with all our Kubernetes specifications, where each track is generated off a common template and only contains placeholders for variable things like the canary track and the names.All changes to the cluster have to go through tools that modify these resource specifications and get checked into git automatically so, whenever we see issues, we can debug what changes the infrastructure went through over time!To summarize this post – by migrating our infrastructure to Kubernetes, Bitmovin is able to have:Zero downtime deployments, allowing our customers to encode 24/7 without interruptionFast development to production cycles, enabling us to ship new features fasterMultiple levels of quality assurance and high confidence in production deploymentsUbiquitous abstractions across cloud architectures and on-premise deploymentsStable and reliable health-checking and scheduling of servicesCustom tooling around our infrastructure to check and validate the systemHistory of deployments (resource specifications in git + custom tooling)We want to thank the Kubernetes community for the incredible job they have done with the project. The velocity at which the project moves is just breathtaking! Maintaining such a high level of quality and robustness in such a diverse environment is really astonishing. –Daniel Hoelbling-Inzko, Infrastructure Architect, BitmovinPost questions (or answer questions) on Stack OverflowJoin the community portal for advocates on K8sPortGet involved with the Kubernetes project on GitHubFollow us on Twitter @Kubernetesio for latest updatesConnect with the community on SlackDownload Kubernetes
Quelle: kubernetes
Video Shows Palantir CEO Ridiculing Trump And Slamming His Immigration Rhetoric
More so than perhaps any other Silicon Valley startup, Palantir Technologies is poised to play a central role in the Trump era.
Its data-mining technology has long been used by federal agencies, and its chairman, the billionaire Peter Thiel, emerged last year as Donald Trump’s most prominent supporter from the tech world. Alex Karp, the Palantir CEO, joined the chiefs of much larger tech companies in a meeting with Trump shortly after the election. Thiel was there, too, seated prominently at Trump’s left.
But an internal Palantir video exclusively obtained by BuzzFeed News shows that Karp, the CEO, was full of withering criticism for Trump more than a year before the election. In a Palantir staff meeting in August 2015, the video shows, Karp derided Trump’s “fictitious wealth,” called him a bully, and condemned his campaign rhetoric on deporting immigrants. He also said he had given Trump a brush-off.
“I’ve had the rare opportunity to meet Trump, which I turned down — I mean, this is off the record — but like, I don’t respect — like, I respect nothing about the dude,” Karp said in a roughly 45-minute-long “beer sync” talk that ranged widely, from company news to his own life philosophy. The meeting was filmed by Palantir.
“Like, you could almost make up someone that I find — it would be hard to make up someone I find less appealing,” Karp said of Trump.
Palantir, a Silicon Valley data-mining firm with a $20 billion valuation, relies on federal contracts for a significant portion of its revenue. It works for the CIA, the FBI, the Marine Corps, and Immigration and Customs Enforcement, deploying engineers to analyze and visualize the customers’ data. It’s currently trying to get a lucrative contract from the Army — an effort so important to Palantir that it took the Army to court, and won, after it wasn’t considered for the work.
If you have information or tips, you can contact this reporter over an encrypted chat service such as Signal or WhatsApp, at 310-617-1302. You can also send an encrypted email to will.alden@buzzfeed.com, using the PGP key found here.
Karp’s comments in 2015 reveal an ideological divide between the Palantir CEO and the man who is now his most important customer. Among other projects, Palantir is currently working on software for the government’s immigration enforcers that observers say could be used to help carry out Trump’s deportation goals.
Trump’s plan to “throw out all immigrants,” Karp said, “makes no sense” and “is bringing up the worst that a society can bring up.”
LINK: Palantir’s Relationship With America’s Spies Has Been Worse Than You’d Think
The remarks also highlight a divide inside Palantir itself. Thiel, who co-founded Palantir along with Karp, gave $1.25 million to support Trump’s campaign, spoke in support of Trump at the Republican National Convention, and joined Trump’s transition team. Karp has not publicly expressed his views on President Trump, though he said before the election that he was supporting Hillary Clinton. At the time Karp made the comments in the video, Thiel was still months away from endorsing Trump.
Palantir Technologies CEO Alex Karp and Trump adviser Omarosa Manigault at Trump Tower on the day the President-elect met with technology leaders.
Bryan R. Smith / AFP / Getty Images
Palantir, which counts foreign governments and big corporations among its customers, has long said that it has certain corporate values, and that it will prioritize ideology over financial incentives when making business decisions. For example, Karp told Fortune magazine that Palantir turned down business from a tobacco company out of concern that the company would use the technology to sell cigarettes to vulnerable communities. Still, Palantir told The New York Times that, for example, it has contracts with the Israeli government despite objections from some employees.
In an interview with Forbes in January, responding to fears that Trump might seek to create a registry of Muslims living in the United States, Karp said Palantir had not been asked to build such a registry, and “if we were asked, we wouldn't do it.”
A Palantir spokesperson declined to comment on the 2015 video.
Karp shared his views on Trump while expounding on economic inequality and fears of social unrest. Trump, he said, might do well politically, since he was responding to people’s economic anxiety. But Karp, a billionaire, also jabbed at Trump’s wealth.
“It’s like, the guy inherits $50 million and has a fictitious wealth he claims of 10 — it’s probably like half a billion,” Karp said. “So you inherit $50 million in the 70s, and you have — let’s just say you have $20 billion now. You guys can do compounding math. That’s not a good return. So even purely on the vulgar metric of, like, as a business person, then as a person, and then, like, as a bully — in any case, I don’t care if you guys vote for him or whatever, I’m just saying.”
Karp said he hoped he had seen the last of Trump.
“I think Trump, I don’t know what’s going to happen to him. I quite frankly would like him to go away, but, you know, he may do very well, because he’s sitting up and saying, you know, no one’s on your side, which may be true, it’s all dysfunctional, which may be true, and it’s going to be worse for your kids than for you,” Karp said.
“Therefore we should throw out all immigrants. Like, who’s going to do the work?” Karp added. “It’s like, it makes no sense. But you have to ask yourself, something that makes no sense, that, like, de facto is bringing up the worst that a society can bring up — which is, like, blame the people that work really hard, and that we need, and that are coming here at the risk of their life, instead of the dysfunction that you may have helped create — why is that person so successful?”
Quelle: <a href="Video Shows Palantir CEO Ridiculing Trump And Slamming His Immigration Rhetoric“>BuzzFeed
Palantir’s Relationship With America’s Spies Has Been Worse Than You’d Think
Saul Loeb / AFP / Getty Images
Palantir Technologies, the Silicon Valley data company co-founded by billionaire investor Peter Thiel, has developed an almost mythical reputation for its work building tools for the U.S. intelligence community. But Palantir has had a far rockier relationship with the nation’s top spy agencies than its image would let on, BuzzFeed News has learned.
As of summer 2015, the Central Intelligence Agency, a signature client, was “recalcitrant” and didn’t “like us,” while Palantir’s relationship with the National Security Agency had ended, Palantir CEO Alex Karp told staff in an internal video that was obtained by BuzzFeed News. The private remarks, made during a staff meeting, are at odds with a carefully crafted public image that has helped Palantir secure a $20 billion valuation and win business from a long list of corporations, nonprofits, and governments around the world.
“As many of you know, the SSDA’s recalcitrant,” Karp, using a Palantir codename for the CIA, said in the August 2015 meeting. “And we’ve walked away, or they walked away from us, at the NSA. Either way, I’m happy about that.”
The CIA, he said, “may not like us. Well, when the whole world is using Palantir they can still not like us. They’ll have no choice.” Suggesting that the Federal Bureau of Investigation had also had friction with Palantir, he continued, “That’s de facto how we got the FBI, and every other recalcitrant place.”
Palantir’s data-mining software has become ingrained at the CIA, according to people familiar with the company and the agency. But the relationship has also been marked by tension and even hostility, three people with direct knowledge of the matter said. One source of the tension, these people said, has been Palantir’s failure to quash persistent publicity about its CIA business and about its supposed role in helping to track down Osama bin Laden.
Palantir was never so critical to the NSA, despite media reports over the years linking the two. Palantir performed some pilot work for the NSA, but this did not turn into a full-fledged contract, according to two people with knowledge of the matter. The NSA has plenty of its own computer talent, and Palantir’s particular expertise fit awkwardly with the agency’s mission of intercepting communications and electronic signals, the people said.
A Palantir spokesperson said the company couldn't comment on its relationships with intelligence agencies. Spokespeople for the CIA and the NSA declined to comment.
Palantir, founded in 2004, has authentic ties to the intelligence community. It got an early $2 million investment from the CIA’s venture capital arm, called In-Q-Tel, which helped the young startup develop data-crunching software that was well suited to the CIA’s brand of spycraft. Later, Palantir won significant business from the FBI and the Defense Intelligence Agency, as well as the Department of Homeland Security, the military’s Special Operations Command, and other federal agencies, according to company documents. (Don’t ask what “SSDA” stands for; even many Palantir insiders have forgotten the origin of the company’s nickname for the CIA.)
Palantir has expanded into corporate work — Karp said in the video that it had a total of 400 “deployments,” or jobs around the world — but it still relies on the federal government for a significant portion of its revenue. And it now has a significant connection to the White House. Thiel, its co-founder and chairman, prominently supported President Donald Trump’s campaign and became an adviser to the President after the election. Karp, however, supported Hillary Clinton for president and said in the 2015 staff meeting that “it would be hard to make up someone I find less appealing” than Trump.
LINK: Video Shows Palantir CEO Ridiculing Trump And Slamming His Immigration Rhetoric
In a June 2016 lawsuit that it filed against the Army in an effort to be considered for a lucrative contract, Palantir said its government clients had “overwhelmingly praised” its software.
But in the August 2015 meeting, Karp described the relationship with the federal government as colder, while discussing Palantir’s business more broadly. “I think France may be the country where they just like us — as opposed to the U.S. government, where they tolerate us because nothing else works,” he said.
Palantir’s relationship with the NSA, for one, has been limited, though it seems to loom large in the public imagination. A February report in The Intercept said Palantir had worked in the past to “facilitate, augment, and accelerate” an NSA tool called XKeyscore. In early 2015, TechCrunch reported that potential investors were circulating a document from two years earlier that listed the NSA as using Palantir software. TechCrunch didn’t say whether that information originated from Palantir or from an outside broker — or whether it was still true.
The Palantir software, built with the CIA in mind, works better for managing HUMINT, or intelligence from human sources, than SIGINT, or intelligence from signals, which is the NSA’s bread and butter, people familiar with it say. Even Palantir insiders say it’s not surprising that the NSA relationship never took off.
If you have information or tips, you can contact this reporter over an encrypted chat service such as Signal or WhatsApp, at 310-617-1302. You can also send an encrypted email to will.alden@buzzfeed.com, using the PGP key found here.
The report that Palantir had a role in the bin Laden mission, though unconfirmed, has been repeated in numerous articles, sometimes as a “rumor,” and always in nonspecific terms. The truth of the matter is a government secret and could not be determined.
But the very existence of the report — with the implication that Palantir provided a crucial assist — has rankled CIA insiders, who strenuously avoid being recognized publicly for their work and are aware that the bin Laden mission included a large number of participants, the three people familiar with the matter said.
Moreover, such a report “would probably be a true statement for almost any contracting company,” Glenn Carle, a former CIA officer who worked on terrorism issues, told BuzzFeed News. “Companies will have some finger in the pie, whether it’s providing analysts or technical capability. They all played a part.”
People gather in Times Square shortly after the announcement that Osama bin Laden was dead.
Timothy A. Clary / AFP / Getty Images
Though it usually carries the caveat that Palantir would not comment on it, the rumor has appeared in several stories — in The New York Times, Fortune, and Forbes, for example — that featured on-the-record interviews with Karp.
After the publication of a 2013 Forbes article, the CIA grew so frustrated by the publicity about Palantir’s business with the agency that it considered canceling its Palantir contract, according to a person with direct knowledge of that discussion. The agency decided, however, that it would be too difficult to replace the work Palantir was doing.
Palantir’s reputation for helping take down the Al Qaeda founder stems from a single paragraph in a 2012 book, “The Finish: The Killing of Osama Bin Laden,” by Mark Bowden. The book cited Palantir as an example of a company that had “elegantly accomplished” what a government data-wrangling project had sought to do. It said Palantir’s software “would help turn America’s special forces into deadly effective hunters,” but it did not explicitly say how the software was used in the bin Laden raid, or even whether it was used in that mission at all.
Not long after, in early 2013, a Wall Street Journal columnist quoted from the book and added that Palantir’s technology “is known to have been key in locating bin Laden” — and Palantir posted a PDF of the entire column on its website.
Months later, the Forbes article opened with: “Since rumors began to spread that a startup called Palantir helped to kill Osama bin Laden, Alex Karp hasn&039;t had much time to himself.” (The Forbes story got a link on Palantir.com.) Since then, journalists have written that “Palantir’s software has been credited with helping intelligence agencies find and kill Osama bin Laden,” that Palantir “may or may not have helped track down Osama bin Laden,” and that Palantir is “best known for helping the U.S. government track down” bin Laden.
This reputation wasn’t lost on Palantir’s customers. The subject of bin Laden came up during an “incredibly positive” meeting in March 2015 with the health insurer Molina Healthcare, as the two sides discussed project ideas, according to meeting notes compiled by a Palantir employee and shared internally. The line about bin Laden appeared in a list of “favorite quotes.”
“Find Osama Bin Laden,” the insurer’s CEO, Dr. Mario Molina, was quoted as saying, according to the notes. “Palantir didn’t do that by going out to the Middle East and surveying people asking ‘Where’s Osama?”
In an interview with BuzzFeed News, Dr. Molina said he didn&039;t recall saying that. He sought Palantir&039;s data-mining services on the advice of a friend, whose son had gone to work there, and Palantir has since done “really good work for us,” Dr. Molina said.
“First of all, we didn’t go to Palantir because they found Osama bin Laden,” he said. “Number two, no one at Palantir has ever told me they found Osama bin Laden.”
Quelle: <a href="Palantir’s Relationship With America’s Spies Has Been Worse Than You’d Think“>BuzzFeed
Announcing Third Edge Location in Atlanta, Georgia for Amazon CloudFront
We are excited to announce a new edge location for Amazon CloudFront in Atlanta, Georgia. Each new edge location helps improve performance and availability for end users of your application. This is our third edge location in the Atlanta area, bringing the total number of CloudFront locations to 85 (including 74 points of presence and 11 regional edge cache locations). To see a full list of all Amazon CloudFront locations, please visit our website here. Meet with the CloudFront team at one of our upcoming webinars.
Quelle: aws.amazon.com
Amazon AppStream 2.0 Adds Simple Network Setup for Internet Access
Amazon AppStream 2.0 now allows you to enable Internet access for your image builder and fleet instances without the need for advanced network configuration. Providing Internet access to your instances allows your applications to access online resources such as application updates and licensing services, and your users to access documents, tutorials, and other information from the Internet.
Quelle: aws.amazon.com
