Building a Private Currency Service Using Exonum
Potential applications for zero-knowledge include, but are not limited to:
- Inter-bank transfer systems (see a research paper by Narula et al.)
- Privacy-focused management of digital assets (see a proof of concept by J.P. Morgan and zCash)
- KYC (see a proof of concept by ING)
- Self-sovereign identity (see an attribute-based credentials EU project)
- Voting (see a proxy voting prototype by Russian National Security Depository)
Another application for zero-knowledge proofs is helping blockchains scale. ZKPs allow for the “compressing” of computations for blockchain transactions without sacrificing security.
In this article, we describe how zero-knowledge (specifically, Bulletproofs) can be applied to build a privacy-focused service using Bitfury’s Exonum platform.
Internet Issues & Availability Report 2018–2019
While working on the annual report this year we have decided to avoid retelling the news headlines of the previous year and, though it is almost impossible to ignore memories absolutely, we want to share with you the result of a clear thought and a strategic view to the point where we all are going to arrive in the nearest time — the present.
Leaving introduction words behind, here are our key findings:
- Average DDoS attack duration dropped to 2.5 hours;
- During 2018, the capability appeared for attacks at hundreds of gigabits-per-second within a country or region, bringing us to the verge of “quantum theory of bandwidth relativity”;
- The frequency of DDoS attacks continues to grow;
- The continuing growth of HTTPS-enabled (SSL) attacks;
- PC is dead: most of the legitimate traffic today comes from smartphones, which is a challenge for DDoS actors today and would be the next challenge for DDoS mitigation companies;
- BGP finally became an attack vector, 2 years later than we expected;
- DNS manipulation has become the most damaging attack vector;
- Other new amplification vectors are possible, like memcached & CoAP;
- There are no more “safe industries” that are invulnerable to cyberattacks of any kind.
In this article we have tried to cherry-pick all the most interesting parts of our report, though if you would like read the full version in English, the PDF is available.
How does a barcode work?
Every person is using barcodes nowadays, mostly without noticing this. When we are buying the groceries in the store, their identifiers are getting from barcodes. Its also the same with goods in the warehouses, postal parcels and so on. But not so many people actually know, how it works.
What is 'inside' the barcode, and what is encoded on this image?
Lets figure it out, and also lets write our own bar decoder.
How to prevent targeted cyber attacks? 10 best network sandboxes
Targeted attacks are the most dangerous among the multitude of modern cyber threats. They are also known as ATP (an abbreviation which stands for Advanced Persistent Threat). Those are not viruses that can accidentally get into the computer due to user's carelessness. Neither it is an attempt to replace the address of a popular site in order to cheat billing information from credulous users. Targeted cyber attacks are prepared and thought out carefully and pose a particular threat.
Open Source developer's life in GIFs
One of the main challenges is to open the mind of managers and engineers for using FOSS (Free & Open Source Software) properly. Because we have a lot of them, we have tried to use GIFs for answer the most common questions.
Generic Methods in Rust: How Exonum Shifted from Iron to Actix-web
Understanding the POCSAG paging protocol
For people, who owned a pager before, and want to know how it works, this article will be useful.
Checklist: what had to be done before deploying microservices to production
This article contains a brief squeeze from my own experience and that of my colleagues, with whom I had been fighting incidents day and night. And many incidents would never have occurred if all these microservices that we love so much were written at least a little more carefully.
Unfortunately, some programmers seriously believe that a Dockerfile with any team at all inside is a microservice in itself and can be deployed even now. Dockers are running — money are incoming. This approach turns into problems starting from performance degradation, inability to debug, service failures and ending in a nightmare called Data Inconsistency.
If you feel that the time has come to launch one more app in Kubernetes / ECS / whatever, then I have something to object to.
A small notebook for a system administrator
I already have a ThinkPad x200, but it’s heavier than I would like. And among the lightweight notebooks, I did not find anything suitable. All of them imitate the MacBook Air: thin, shiny, glamorous, and they all critically lack ports. Such notebook is suitable for posting photos on Instagram, but not for work. At least not for mine.
After not finding anything suitable, I thought about how a notebook would turn out if it were developed not with design, but the needs of real users in mind. System administrators, for example. Or people serving telecommunications equipment in hard-to-reach places — on roofs, masts, in the woods, literally in the middle of nowhere.
The results of my thoughts are presented in this article.
The authoritative guide to Blockchain Sharding
Hi, I'm one of the developers of the sharded blockchain Near Protocol, and in this article want to talk about what blockchain sharding is, how it is implemented, and what problems exist in blockchain sharding designs.
It is well-known that Ethereum, the most used general purpose blockchain at the time of this writing, can only process less than 20 transactions per second on the main chain. This limitation, coupled with the popularity of the network, leads to high gas prices (the cost of executing a transaction on the network) and long confirmation times; despite the fact that at the time of this writing a new block is produced approximately every 10–20 seconds the average time it actually takes for a transaction to be added to the blockchain is 1.2 minutes, according to ETH Gas Station. Low throughput, high prices, and high latency all make Ethereum not suitable to run services that need to scale with adoption.
Monitoring System for Windows servers on pure SQL, and how I had secretly dragged it into the Production
One of my new tasks was to support NetIQ. The person, who worked with NetIQ before, said a lot about his experience with NetIQ, unfortunately, if I try to put it here it would be just a long line of ‘****’ characters. Soon I realized why. Steve Jobs is probably spinning in his grave looking at the interface like this:
Writing yet another Kubernetes templating tool
If you are working with Kubernetes environment then you probably make use of several existing templating tools, some of them being a part of package managers such as Helm or Ksonnet, or just templating languages (Jinja2, Go template etc.). All of them have their own drawbacks as well as advantages and we are going to go through them and write our own tool that will try to combine the best features.
Monolith to microservices. Infrastructure point of view
I'd like to share my story about migration monolith application into microservices. Please, keep in mind that it was during 2012 — 2014. It is transcription of my presentation at dotnetconf(RU). I'm going to share a story about changing every part of the infrastructure.
About monitoring
Monitoring is the most important part of your infrastructure. Monitoring is system engineers basics. However, everyone has his own way to understand it. My way consist of denial. anger & acceptance.
A Vision towards Observability in Practice
It has gained a lot of attention recently.
System call interception in Linux-kernel module
The module was created as a part of my master thesis in the 2010 year. The master thesis theme is Keylogging in Linux kernel. The main idea was to find out a way to intercept system calls for x64 arch Linux kernel, especially for kernel 2.6.34.7-61.fc13.x86_64.
Test me if you can. Do YML developers Dream of testing ansible?
It is text version of the presentation 2018-04-25 at Saint-Petersburg Linux User Group. Configuration example locates at https://github.com/ultral/ansible-role-testing
I suppose that that you make configuration management, not bash. It means that you have to test it some how. Have you ever tested ansible roles? How do you do it?
How to test your own OS distribution
Let's imagine that you are developing software and hardware appliance. The appliance consists of custom OS distributive, upscale servers, a lot of business logic, as a result, it has to use real hardware. If you release broken appliance, your users will not be happy. How to do stable releases?
I'd like to share my story how we dealt with it.
PVS-Studio for Java
In the seventh version of the PVS-Studio static analyzer, we added support of the Java language. It's time for a brief story of how we've started making support of the Java language, how far we've come, and what is in our further plans. Of course, this article will list first analyzer trials on open source projects.
Hubs
Authors' contribution
alizar 18252.9ru_vds 8840.3amarao 5927.0marks 5856.7it_man 3106.6oldadmin 3027.0BarsMonster 2995.0aleksandrit 2889.4ntsaplin 2853.0eucariot 2797.0