Tech News

YouTube’s recent Polymer redesign upgrade was loved by many, which included improved designs and an added dark theme. Much after all the wow factor became a part of the routine, a new controversy came up stating Youtube slowing down on non-Chrome browsers. This glitch was brought to light by Mozilla’s Technical Program Manager, Chris Peterson. He tweeted, YouTube’s current architecture that includes Polymer is only available in Google Chrome. Thus, making it slower on Mozilla Firefox and Microsoft Edge. Why is Youtube loading slower on non-Chrome browsers Per Peterson, YouTube’s polymer redesign depends on the deprecated Shadow DOM v0 API, which is also the current implementation in Google Chrome. On the other hand, Firefox and Edge browsers have Shadow DOM polyfills, which are slower than Chrome’s native implementation. Peterson also stated that “On my laptop, initial page load takes 5 seconds with the polyfill viz-a-viz one without it. Subsequent page navigation perf is comparable.” What about the Internet Explorer 11? YouTube’s condition in the IE11 is a lot slower than even Firefox and Edge. IE11 is still being served with the old version of YouTube, by default. https://twitter.com/cpeterso/status/1021626510296285185 Is there a fix? Google could have chosen to service the new implementation into Firefox and Edge. A failure to do this, has resulted in the popular video streaming website running substantially slower on these two. However, there is an  easy fix for this issue. Peterson recommends users on both Firefox browser and Edge to revert YouTube to a previous version using add-ons. Firefox users can boost YouTube page load speeds by installing the YouTube Classic extension, while Edge users can do the same by installing the Tampermonkey extension and the YouTube − Restore Classic script. There are speculations that this is Google’s secretive plan to migrate the non-chrome users to Chrome? But that begs the question of whether such a move is worth risking Youtube users leaving the platform due to poor user experience. Considering this, the performance issue is unlikely to be a conscious effort from Google. What is more likely is that Google may’ve considered redesigning it with Polymer could provide great exposure to the web development framework’s features and use-cases. YouTube has more than 1.8 billion registered viewers every month along with 400 hours of video are uploaded to its site every minute. Although it works excellently in Chrome, which is the most popular web browser and accounts for 59 percent of website usage, a significant amount of the population still use Firefox and Edge. As such Youtube users expect a seamless experience regardless of what browser they use, and that is a fair expectation of a product from a reliable brand. YouTube has a $25 million plan to counter fake news and misinformation Vevo’s YouTube account Hacked: Popular videos deleted Firefox has made a password manager for your iPhone

Last week, the Nuxt.js community announced the release of Nuxt.js 2.0 with major improvements. This release comes with a scaffolding tool, create-nuxt-app to quickly get you started with Nuxt.js development. To provide a faster boot-up and re-compilation, this release is upgraded to Webpack 4 (Legato) and Babel 7. Nuxt.js is an open source web application framework for creating Vue.js applications. You can choose between universal, static generated or single page application. What is new in Nuxt.js 2.0? Introduced features and upgradations create-nuxt-app To get you quickly started with Nuxt.js development, you can use the newly introduced create-nuxt-app tool. This tool includes all the Nuxt templates such as starter template, express templates, and so on. With create-nuxt-app you can choose between integrated server-side framework, UI frameworks, and add axios module. Introducing nuxt-start and nuxt-legacy To start Nuxt.js application in production mode nuxt-start is introduced. To support legacy build of Nuxt.js for Node.js < 8.0.0,  nuxt-legacy is added. Upgraded to Webpack 4 and Babel 7 To provide faster boot-up time and faster re-compilation, this release uses Webpack 4 (Legato) and Babel 7. ESM supported everywhere In this release, ESM is supported everywhere. You can now use export/import syntax in nuxt.config.js, serverMiddleware, and modules. Replace postcss-next with postcss-preset-env Due to the deprecation of cssnext, you have to use postcss-preset-env instead of postcss-cssnext. Use ~assets instead of ~/assets Due to css-loader upgradation, use ~assets instead of ~/assets for alias in <url> CSS data type, for example, background: url("~assets/banner.svg"). Improvements The HTML script tag in core/renderer.js is fixed to pass W3C validation. The background-color property is now replaced with background in loadingIndicator, to allow the use of images and gradients for your background in SPA mode. Due to server/client artifact isolation, external build.publicPath need to upload built content to .nuxt/dist/client directory instead of .nuxt/dist. webpackbar and consola provide a improved CLI experience and better CI compatibility. Template literals in lodash templates are disabled. Better error handling if the specified plugin isn't found. Deprecated features The vendor array isn't supported anymore. DLL support is removed because it was not stable enough. AggressiveSplittingPlugin is obsoleted, users can use optimization.splitChunks.maxSize instead. The render.gzip option is deprecated. Users can use render.compressor instead. To read more about the updates, check out Nuxt’s official announcement on Medium and also see the release notes on its GitHub repository. Next.js 7, a framework for server-rendered React applications, releases with support for React context API and Webassembly low.js, a Node.js port for embedded systems Welcome Express Gateway 1.11.0, a microservices API Gateway on Express.js

Yesterday, the team at Oracle released VirtualBox 6.0.0, a free and open-source hosted hypervisor for x86 computers. VirtualBox was initially developed by Innotek GmbH, which was then acquired by Sun Microsystems in 2008 and then by Oracle in 2010. VirtualBox is a virtualization product for enterprise as well as home use. It is an extremely feature rich, high-performance product for enterprise customers. Features of VirtualBox 6.0.0 User interface Virtual 6.0.0 comes with a greatly improved HiDPI and scaling support which includes better detection and per-machine configuration. User interface is simpler and more powerful. It also comes with a new file manager that enables users to control the guest file system and copy files between host and guest. Graphics VirtualBox 6.0.0 features 3D graphics support for Windows guests, and VMSVGA 3D graphics device emulation on Linux and Solaris guests. It comes with an added support for surround speaker setups. It also comes with added utility vboximg-mount on Apple hosts for accessing the content of guest disks on the host. In VirtualBox 6.0.0, there is an added support for Hyper-V to avoid the inability to run VMs at low performance. VirtualBox 6.0.0 comes with support for exporting a virtual machine to Oracle cloud infrastructure This release comes with a better application and virtual machine set-up Linux guests This release now supports Linux 4.20 and VMSVGA. The process of building vboxvideo on EL 7.6 standard kernel has been improved with this release. Other features Support for DHCP options. MacOS Guest initial support. Now it is possible to configure upto four custom ACPI tables for a VM. With this release, video and audio recordings can be separately enabled. Better support for attaching and detaching remote desktop connections. Major bug fixes The previous release used to throw wrong instruction after single-step exception with rdtsc. This issue has been resolved with this release. This release comes with improved audio/video recording. This issues with serial port emulation have been fixed. The resizing issue with disk images has been resolved. This release comes with an improved shared folder for auto-mounting. Issues with BIOS has been fixed. Read more about this news on VirtualBox’s changelog. Installation of Oracle VM VirtualBox on Linux Setting up a Joomla Web Server using Virtualbox, TurnkeyLinux and DynDNS How to Install VirtualBox Guest Additions

A pair of researchers, Ruohan Gao, University of Texas and Kristen Grauman, Facebook AI research came out with a method, earlier this month, that can teach an AI system the conversion of ordinary mono sounds into binaural sounds. The researchers have termed this concept as “2.5D visual sound” and it uses a video to generate synthetic 3D sounds. Background According to the researchers, binaural audio provides a listener with the 3D sound sensation that allows a rich experience of the scene. However, these recordings are not easily available and require expertise and equipment to obtain.  Researchers state that humans generally determine the direction of a sound with the help of visual cues. So, they have used a similar technique, where a machine learning system is provided with a video involving a scene and mono sound recording. Using this video, the ML system then figures out the direction of the sounds and further distorts the “interaural time and level differences” to generate the effect of a 3D sound for the listener. Researchers mention that they have devised a deep convolutional neural network which is capable of learning how to decode the monaural (single-channel) soundtrack into its binaural counterpart. Visual information about object and scene information is injected within the CNN during the whole process. “We call the resulting output 2.5D visual sound—the visual stream helps “lift” the flat single channel audio into spatialized sound. In addition to sound generation, we show the self-supervised representation learned by our network benefits audio-visual source separation”, say researchers. Training method used For the training process, researchers first created a database of examples of the effect that it wants the machine learning system to learn. Grauman and Gao created a database using binaural recordings of over 2,265 musical clips which they had also converted into videos. The researchers mention in the paper, “Our intent was to capture a variety of sound-making objects in a variety of spatial contexts, by assembling different combinations of instruments and people in the room. We post-process the raw data into 10s clips. In the end, our BINAURAL-MUSIC-ROOM dataset consists of 2,265 short clips of musical performances, totaling 6.3 hours”. The equipment used for this project involved a 3Dio Free Space XLR binaural microphone, a GoPro HERO6 Black camera, and a Tascam DR-60D recorder as an audio pre-amplifier. The GoPro camera was mounted on top of the 3Dio binaural microphone to mimic a person seeing and hearing, respectively. The GoPro camera records videos at 30fps with stereo audio. Researchers then used these recordings from the dataset for training a machine-learning algorithm which could recognize the direction of sound from a video of the scene. Once the machine learning system learns this behavior, it is then capable of watching a video and distorting a monaural recording to simulate where the sound is ought to be coming from. Results The video shows the performance results of the research which is quite good. In the video, the results of 2.5D recordings are compared against monaural recording.                                                     2.5D Visual Sound However, it is not capable of generating a complete 3D sound and there certain situations that the algorithm finds difficult to deal with. Other than that, the ML system cannot consider any sound source that is not visible in the video, and the ones that it has not been trained on. Researchers say that this method works best for music videos and they have plans to extend its applications. “Generating binaural audio for off-the-shelf video could potentially close the gap between transporting audio and visual experiences, and will be useful for new applications in VR/AR. As future work, we plan to explore ways to incorporate object localization and motion, and explicitly model scene sounds”, say the researchers. For more information, check out the official research paper. Italian researchers conduct an experiment to prove that quantum communication is possible on a global scale Stanford researchers introduce DeepSolar, a deep learning framework that mapped every solar panel in the US Researchers unveil a new algorithm that allows analyzing high-dimensional data sets more effectively, at NeurIPS conference

Korean researchers have developed a GAN that can achieve image translation in challenging cases. Instance-aware GAN or InstaGAN as the authors call it can achieve image translation in various scenarios showing better results than CycleGAN in specific problems. It can swap pants with skirts and giraffes with sheeps. The system is designed by a student and an assistant professor from Korea Advanced Institute of Science and Technology and an assistant professor from the Pohang University of Science and Technology. They have published their results in a paper titled InstaGAN: Instance-Aware Image-to-Image Translation, last week. Systems that map images aren’t new but the authors of the paper say that they are the first to report image to image translation in multi-instance transfiguration tasks. The methods used in image to image translation before InstaGAN often failed in challenging cases, like multi-instance transfiguration where significant changes are involved. A multi-instance transfiguration task involves multiple individual objects present in an image. The objective here is to swap objects in an image without changing the background scene. InstaGAN uses the instance information such as object segmentation masks improving on the challenging areas for image to image transformation. The method showed in the paper translates an image as well as its instance attributes. They introduce a context-preserving loss, which encourages the network to learn the identity function outside the target instances. A sequential mini-batch training technique handles multiple instances when using a limited GPU memory. This also enhances the network to generalize better when multiple instances are involved. The researchers compared InstaGAN with CycleGAN and doubled the number of parameters for CycleGAN. This is done for a fair comparison as InstaGAN uses two networks for image and masks. In areas where CycleGAN fails, the new method generates ‘reasonable shapes’. InstaGAN preserves the background while making changes to the objects in images where CycleGAN is unable to maintain the original background. Source: InstaGAN: Instance-Aware Image-to-Image Translation The authors said that their ideas of using the set-structured side information have potential applications in other cross-domain generation tasks such as neural machine translation or video generation. For more details, examples of the model where images are swapped, check out the research paper. NVIDIA demos a style-based generative adversarial network that can generate extremely realistic images; has ML community enthralled Generative Adversarial Networks: Generate images using Keras GAN [Tutorial] What are generative adversarial networks (GANs) and how do they work? [Video]

PyTorch 0.3.0 has removed stochastic functions, i.e. Variable.reinforce(), citing “limited functionality and broad performance implications.” The Python package has added a number of performance improvements, new layers, support to ONNX, CUDA 9, cuDNN 7, and “lots of bug fixes” in the new version. “The motivation for stochastic functions was to avoid book-keeping of sampled values. In practice, users were still book-keeping in their code for various reasons. We constructed an alternative, equally effective API, but did not have a reasonable deprecation path to the new API. Hence this removal is a breaking change,” PyTorch team said. To replace stochastic functions, they have introduced the torch.distributions package. So if your previous code looked like this: probs = policy_network(state) action = probs.multinomial() next_state, reward = env.step(action) action.reinforce(reward) action.backward() This could be the new equivalent code: probs = policy_network(state) # NOTE: categorical is equivalent to what used to be called multinomial m = torch.distributions.Categorical(probs) action = m.sample() next_state, reward = env.step(action) loss = -m.log_prob(action) * reward loss.backward()   What is new in PyTorch 0.3.0?   Unreduced losses Now, Some loss functions can compute per-sample losses in a mini-batch By default PyTorch sums losses over the mini-batch and returns a single scalar loss. This was limiting to users. Now, a subset of loss functions allow specifying reduce=False to return individual losses for each sample in the mini-batch Example: loss = nn.CrossEntropyLoss(..., reduce=False) Currently supported losses: MSELoss, NLLLoss, NLLLoss2d, KLDivLoss, CrossEntropyLoss, SmoothL1Loss, L1Loss More loss functions will be covered in the next release An in-built Profiler in the autograd engine PyTorch has built a low-level profiler to help you identify bottlenecks in your models. Let us start with an example: >>> x = Variable(torch.randn(1, 1), requires_grad=True) >>> with torch.autograd.profiler.profile() as prof: ... y = x ** 2 ... y.backward() >>> # NOTE: some columns were removed for brevity ... print(prof) -------------------------------- ---------- --------- Name CPU time CUDA time ------------------------------- ---------- --------- PowConstant 142.036us 0.000us N5torch8autograd9GraphRootE 63.524us 0.000us PowConstantBackward 184.228us 0.000us MulConstant 50.288us 0.000us PowConstant 28.439us 0.000us Mul 20.154us 0.000us N5torch8autograd14AccumulateGradE 13.790us 0.000us N5torch8autograd5CloneE 4.088us 0.000us The profiler works for both CPU and CUDA models. For CUDA models, you have to run your python program with a special nvprof prefix. For example: nvprof --profile-from-start off -o trace_name.prof -- python <your arguments> # in python >>> with torch.cuda.profiler.profile(): ... model(x) # Warmup CUDA memory allocator and profiler ... with torch.autograd.profiler.emit_nvtx(): ... model(x) Then, you can load trace_name.prof in PyTorch and print a summary profile report. >>> prof = torch.autograd.profiler.load_nvprof('trace_name.prof') >>> print(prof) For additional documentation, you can visit this link. Higher order gradients v0.3.0 has added higher-order gradients support for the following layers: ConvTranspose, AvgPool1d, AvgPool2d, LPPool2d, AvgPool3d, MaxPool1d, MaxPool2d, AdaptiveMaxPool, AdaptiveAvgPool, FractionalMaxPool2d, MaxUnpool1d, MaxUnpool2d, nn.Upsample, ReplicationPad2d, ReplicationPad3d, ReflectionPad2d PReLU, HardTanh, L1Loss, SoftSign, ELU, RReLU, Hardshrink, Softplus, SoftShrink, LogSigmoid, Softmin, GLU MSELoss, SmoothL1Loss, KLDivLoss, HingeEmbeddingLoss, SoftMarginLoss, MarginRankingLoss, CrossEntropyLoss DataParallel Optimizers optim.SparseAdam: Implements a lazy version of Adam algorithm suitable for sparse tensors. (In this variant, only moments that show up in the gradient get updated, and only those portions of the gradient get applied to the parameters.) Optimizers now have an add_param_group function that lets you add new parameter groups to an already constructed optimizer. New layers and nn functionality Added AdpativeMaxPool3d and AdaptiveAvgPool3d Added LPPool1d F.pad now has support for: 'reflection' and 'replication' padding on 1d, 2d, 3d signals (so 3D, 4D and 5D Tensors) constant padding on n-d signals nn.Upsample now works for 1D signals (i.e. B x C x L Tensors) in nearest and linear modes. Allow user to not specify certain input dimensions for AdaptivePool*d and infer them at runtime. For example: # target output size of 10x7 m = nn.AdaptiveMaxPool2d((None, 7)) DataParallel container on CPU is now a no-op (instead of erroring out) New Tensor functions and features Introduced torch.erf and torch.erfinv that compute the error function and the inverse error function of each element in the Tensor. Adds broadcasting support to bitwise operators Added Tensor.put_ and torch.take similar to numpy.take and numpy.put. The take function allows you to linearly index into a tensor without viewing it as a 1D tensor first. The output has the same shape as the indices. The put function copies value into a tensor also using linear indices. Adds zeros and zeros_like for sparse Tensors. 1-element Tensors can now be casted to Python scalars. For example: int(torch.Tensor([5]))works now. Other additions Added torch.cuda.get_device_name and torch.cuda.get_device_capability that do what the names say. Example: >>> torch.cuda.get_device_name(0) 'Quadro GP100' >>> torch.cuda.get_device_capability(0) (6, 0) If one sets torch.backends.cudnn.deterministic = True, then the CuDNN convolutions use deterministic algorithms torch.cuda_get_rng_state_all and torch.cuda_set_rng_state_all are introduced to let you save / load the state of the random number generator over all GPUs at once torch.cuda.emptyCache() frees the cached memory blocks in PyTorch's caching allocator. This is useful when having long-running ipython notebooks while sharing the GPU with other processes. API changes softmax and log_softmax now take a dim argument that specifies the dimension in which slices are taken for the softmax operation. dim allows negative dimensions as well (dim = -1 will be the last dimension) torch.potrf (Cholesky decomposition) is now differentiable and defined on Variable Remove all instances of device_id and replace it with device, to make things consistent torch.autograd.grad now allows you to specify inputs that are unused in the autograd graph if you use allow_unused=True This gets useful when using torch.autograd.grad in large graphs with lists of inputs / outputs For example: x, y = Variable(...), Variable(...) torch.autograd.grad(x * 2, [x, y]) # errors torch.autograd.grad(x * 2, [x, y], allow_unused=True) # works pad_packed_sequence now allows a padding_value argument that can be used instead of zero-padding Dataset now has a + operator (which uses ConcatDataset). You can do something like MNIST(...) + FashionMNIST(...) for example, and you will get a concatenated dataset containing samples from both. torch.distributed.recv allows Tensors to be received from any sender (hence, src is optional). recv returns the rank of the sender. adds zero_() to Variable Variable.shape returns the size of the Tensor (now made consistent with Tensor) torch.version.cuda specifies the CUDA version that PyTorch was compiled with Added a missing function random_ for CUDA. torch.load and torch.save can now take a pathlib.Path object, which is a standard Python3 typed filepath object If you want to load a model's state_dict into another model (for example to fine-tune a pre-trained network), load_state_dict was strict on matching the key names of the parameters. Now Pytorch provides a strict=False option to load_state_dict where it only loads in parameters where the keys match, and ignores the other parameter keys. added nn.functional.embedding_bag that is equivalent to nn.EmbeddingBag Performance Improvements The overhead of torch functions on Variables was around 10 microseconds. This has been brought down to ~1.5 microseconds by moving most of the core autograd formulas into C++ using ATen library. softmax and log_softmax are now 4x to 256x faster on the GPU after rewriting the gpu kernels 2.5x to 3x performance improvement of the distributed AllReduce (gloo backend) by enabling GPUDirect nn.Embedding's renorm option is much faster on the GPU. For embedding dimensions of 100k x 128 and a batch size of 1024, it is 33x faster. All pointwise ops now use OpenMP and get multi-core CPU benefits Added a single-argument version of torch.arange. For example torch.arange(10) Framework Interoperability DLPack Interoperability DLPack Tensors are cross-framework Tensor formats. We now have torch.utils.to_dlpack(x) and torch.utils.from_dlpack(x) to convert between DLPack and torch Tensor formats. The conversion has zero memory copy and hence is very efficient. Model exporter to ONNX ONNX is a common model interchange format that can be executed in Caffe2, CoreML, CNTK, MXNet, and Tensorflow at the moment. PyTorch models that are ConvNet-like and RNN-like (static graphs) can now be shipped to the ONNX format. There is a new module torch.onnx (http://pytorch.org/docs/0.3.0/onnx.html) which provides the API for exporting ONNX models. The operations supported in this release are: add, sub (nonzero alpha not supported), mul, div, cat, mm, addmm, neg, tanh, sigmoid, mean, t, transpose, view, split, squeeze expand (only when used before a broadcasting ONNX operator; e.g., add) prelu (single weight shared among input channels not supported) threshold (non-zero threshold/non-zero value not supported) Conv, ConvTranspose, BatchNorm, MaxPool, RNN, Dropout, ConstantPadNd, Negate elu, leaky_relu, glu, softmax, log_softmax, avg_pool2d unfold (experimental support with ATen-Caffe2 integration) Embedding (no optional arguments supported) RNN FeatureDropout (training mode not supported) Index (constant integer and tuple indices supported) Usability Improvements More cogent error messages during indexing of Tensors / Variables Breaking changes Add proper error message for specifying dimension on a tensor with no dimensions better error messages for Conv*d input shape checking More user-friendly error messages for LongTensor indexing Better error messages and argument checking for Conv*d routines Trying to construct a Tensor from a Variable fails more appropriately If you are using a PyTorch binary with insufficient CUDA version, then a warning is printed to the user. Fixed incoherent error messages in load_state_dict Fix error message for type mismatches with sparse tensors Bug fixes torch Fix CUDA lazy initialization to not trigger on calls to torch.manual_seed (instead, the calls are queued and run when CUDA is initialized) Tensor if x is 2D, x[[0, 3],] was needed to trigger advanced indexing. The trailing comma is no longer needed, and you can do x[[0, 3]] x.sort(descending=True) used to incorrectly fail for Tensors. Fixed a bug in the argument checking logic to allow this. Tensor constructors with numpy input: torch.DoubleTensor(np.array([0,1,2], dtype=np.float32)) torch will now copy the contents of the array in a storage of appropriate type. If types match, it will share the underlying array (no-copy), with equivalent semantics to initializing a tensor with another tensor. On CUDA, torch.cuda.FloatTensor(np.random.rand(10,2).astype(np.float32)) will now work by making a copy. ones_like and zeros_like now create Tensors on the same device as the original Tensor expand and expand_as allow expanding an empty Tensor to another empty Tensor torch.HalfTensor supports numpy() and torch.from_numpy Added additional size checking for torch.scatter Fixed random_ on CPU (which previously had a max value of 2^32) for DoubleTensor and LongTensor Fix ZeroDivisionError: float division by zero when printing certain Tensors torch.gels when m > n had a truncation bug on the CPU and returned incorrect results. Fixed. Added a check in tensor.numpy() that checks if no positional arguments are passed Before a Tensor is moved to CUDA pinned memory, added a check to ensure that it is contiguous Fix symeig on CUDA for large matrices. The bug is that not enough space was being allocated for the workspace, causing some undefined behavior. Improved the numerical stability of torch.var and torch.std by using Welford's algorithm The Random Number Generator returned uniform samples with inconsistent bounds (inconsistency in cpu implementation and running into a cublas bug). Now, all uniform sampled numbers will return within the bounds [0, 1), across all types and devices Fixed torch.svd to not segfault on large CUDA Tensors (fixed an overflow error in the magma bindings) Allows empty index Tensor for index_select (instead of erroring out) Previously when eigenvector=False, symeig returned some unknown value for the eigenvectors. Now this is corrected. sparse Fix bug with 'coalesced' calculation in sparse 'cadd' Fixes .type() not converting indices tensor. Fixes sparse tensor coalesce on the GPU in corner cases autograd Fixed crashes when calling backwards on leaf variable with requires_grad=False fix bug on Variable type() around non-default GPU input. when torch.norm returned 0.0, the gradient was NaN. We now use the subgradient at 0.0, so the gradient is 0.0. Fix an correctness issue with advanced indexing and higher-order gradients torch.prod's backward was failing on the GPU due to a type error, fixed. Advanced Indexing on Variables now allows the index to be a LongTensor backed Variable Variable.cuda() and Tensor.cuda() are consistent in kwargs options optim torch.optim.lr_scheduler is now imported by default. nn Returning a dictionary from a nn.Module's forward function is now supported (used to throw an error) When register_buffer("foo", ...) is called, and self.foo already exists, then instead of silently failing, now raises a KeyError Fixed loading of older checkpoints of RNN/LSTM which were missing _data_ptrs attributes. nn.Embedding had a hard error when using the max_norm option. This is fixed now. when using the max_norm option, the passed-in indices are written upon (by the underlying implementation). To fix this, pass a clone of the indices to the renorm kernel. F.affine_grid now can take non-contiguous inputs EmbeddingBag can accept both 1D and 2D inputs now. Workaround a CuDNN bug where batch sizes greater than 131070 fail in CuDNN BatchNorm fix nn.init.orthogonal to correctly return orthonormal vectors when rows < cols if BatchNorm has only 1 value per channel in total, raise an error in training mode. Make cuDNN bindings respect the current cuda stream (previously raised incoherent error) fix grid_sample backward when gradOutput is a zero-strided Tensor Fix a segmentation fault when reflection padding is out of Tensor bounds. If LogSoftmax has only 1 element, -inf was returned. Now this correctly returns 0.0 Fix pack_padded_sequence to accept inputs of arbitrary sizes (not just 3D inputs) Fixed ELU higher order gradients when applied in-place Prevent numerical issues with poisson_nll_loss when log_input=False by adding a small epsilon distributed and multi-gpu Allow kwargs-only inputs to DataParallel. This used to fail: n = nn.DataParallel(Net()); out = n(input=i) DistributedDataParallel calculates num_samples correctly in python2 Fix the case of DistributedDataParallel when 1-GPU per process is used. Allow some params to be requires_grad=False in DistributedDataParallel Fixed DataParallel to specify GPUs that don't include GPU-0 DistributedDataParallel's exit doesn't error out anymore, the daemon flag is set. Fix a bug in DistributedDataParallel in the case when model has no buffers (previously raised incoherent error) Fix __get_state__ to be functional in DistributedDataParallel (was returning nothing) Fix a deadlock in the NCCL bindings when GIL and CudaFreeMutex were starving each other Among other fixes,model.zoo.load_url now first attempts to use the requests library if available, and then falls back to urllib. To download the source code, click here.

Update: Included Google’s recent plan of action after facing backlash by Nest users.   At this year’s Google I/O developer conference, Google announced that it is bringing all the Nest and Google Home products under one brand “Google Nest”. As a part of this effort, Nest announced on Tuesday that it will be discontinuing the Works with Nest API by August 30, 2019, in favor of Works with Google Assistant. “We want to unify our efforts around third-party connected home devices under a single developer platform – a one-stop shop for both our developers and our customers to build a more helpful home. To accomplish this, we’ll be winding down Works with Nest on August 31, 2019, and delivering a single unified experience through the Works with Google Assistant program,” wrote Nest in a post. Google with this change aims to make the whole smart home experience for users more secure and unified. Over the next few months, users with Nest accounts will need to migrate to Google Accounts, which will serve as a single front-end for using products across Nest and Google. Along with providing a unified experience, Google also promises to be transparent about the data it collects, which it mentioned in an extensive document published on Tuesday. The document titled “Google Nest commitment to privacy in the home” describes how its connected smart home devices work and also lays out Google’s approach for managing user data. Though Google is promising improved security and privacy with this change, this will also end up breaking some existing third-party integrations. And, one of them is IFTTT (If This, Then That), a software platform with which you can write “applets” that allow devices from different manufacturers to talk to each other. We can use IFTTT for things like automatically adjusting the thermostat when the user comes closer to their house based on their phone location, turning Philips Hue smart lights on when a Nest Cam security camera detects motion, and more. Developers who work with Works with Nest API are recommended to visit the Actions on Google Smart Home developer site to learn how to integrate smart home devices or services with the Google Assistant. What Nest users think about this decision? Though Google is known for its search engine and other online services, it is also known for abandoning and killing its products in a trice. This decision of phasing out Works with Nest has left many users infuriated who have brought Nest products. https://twitter.com/IFTTT/status/1125930219305615360 “The big problem here is that there are a lot of people that have spent a lot of money on buying quality hardware that isn't just for leisure, it's for protection. I'll cite my 4 Nest Protects and an outdoor camera as an example. If somehow they get "sunsetted" due to some Google whim, fad or Because They Can, then I'm going to be pretty p*ssed, to say the least. Based on past experience I don't trust Google to act in the users' interest,” said one Hacker News user. Some other users think that this change could be for better, but the timeline that Google has decided is pretty stringent. A Hacker News user commented on a discussion triggered by this news, “Reading thru it, it is not as brutal as it sounds, more than they merged it into the Google Assistant API, removing direct access permission to the NEST device (remember microphone-gate with NEST) and consolidating those permissions into Assistant. Whilst they are killing it off, they have a transition. However, as far as timelines go - August 2019 kill off date for the NEST API is brutal and not exactly the grace period users of connected devices/software will appreciate or in many cases with tech designed for non-technical people - know nothing until suddenly in August find what was working yesterday is now not working.” Google’s reaction to the feedback by Nest users As a response to the backlash by Nest users, Google published a blog post last week sharing its plan of action. According to this plan, users’ existing devices and integrations will continue to work with their Nest accounts. However, they will not have access to any new features that will be available through their Google account. Google further clarified that it will stop taking any new Works with Nest connection requests from August 31, 2019. “Once your WWN functionality is available on the WWGA platform you can migrate with minimal disruption from a Nest Account to a Google Account,” the blog post reads. Though Google did share its plans regarding the third-party integrations, it was pretty vague about the timelines. It wrote, “One of the most popular WWN features is to automatically trigger routines based on Home/Away status. Later this year, we'll bring that same functionality to the Google Assistant and provide more device options for you to choose from. For example, you’ll be able to have your smart light bulbs automatically turn off when you leave your home.” It further shared that it has teamed up with Amazon and other partners for bringing custom integrations to Google Nest. Read the official announcement on Nest’s website. Google employees join hands with Amnesty International urging Google to drop Project Dragonfly What if buildings of the future could compute? European researchers make a proposal. Google to allegedly launch a new Smart home device

Deep learning and 3D vision research have led to major developments in the field of robotics and computer graphics. However, there is a dearth of systems that allow easy loading of popular 3D datasets and get the 3D data across various representations converted into modern machine learning frameworks. To overcome this barrier, researchers at NVIDIA have developed a 3D deep learning library for PyTorch called ‘Kaolin’. Last week, the researchers published the details of Kaolin in a paper titled “Kaolin: A PyTorch Library for Accelerating 3D Deep Learning Research”. https://twitter.com/NvidiaAI/status/1194680942536736768 Kaolin provides an efficient implementation of all core modules that are required to build 3D deep learning applications. According to NVIDIA, Kaolin can slash the job of preparing a 3D model for deep learning from 300 lines of code down to just five. Key features offered by Kaolin It supports all popular 3D representations like Polygon meshes, Pointclouds, Voxel grid, Signed distance functions, and Depth images. It enables complex 3D datasets to be loaded into machine-learning frameworks, irrespective of how they’re represented or will be rendered. It can be implemented in diverse fields for instance robotics, self-driving cars, medical imaging, and virtual reality. Kaolin has a suite of 3D geometric functions that allow manipulation of 3D content. Several rigid body transformations can be implemented in a variety of parameterizations like Euler angles, Lie groups, and Quaternions. It also permits differentiable image warping layers and also allows for 3D-2D projection, and 2D-3D back projection. Kaolin reduces the large overhead involved in file handling, parsing, and augmentation into a single function call and renders support to many 3D datasets like ShapeNet and PartNet. The access to all data is provided via extensions to the PyTorch Dataset and DataLoader classes which makes pre-processing and loading 3D data simple and intuitive. Kaolin’s modular differentiable renderer A differentiable renderer is a process that supplies pixels as a function of model parameters to simulate a physical imaging system. It also supplies derivatives of the pixel values with respect to those parameters. With an aim to allow users the easy use of popular differentiable rendering methods, Kaolin provides a flexible and modular differentiable renderer. It defines an abstract base class called ‘DifferentiableRenderer’ which contains abstract methods for each component in a rendering pipeline. The abstract methods allowed in Kaolin include geometric transformations, lighting, shading, rasterization, and projection. It also supports multiple lighting, shading, projection, and rasterization modes. One of the important aspects of any computer vision task is visualizing data. Kaolin delivers visualization support for all of computer vision representation types. It is implemented via lightweight visualization libraries such as Trimesh, and pptk for running time visualization. The researchers say, “While we view Kaolin as a major step in accelerating 3D DL research, the efforts do not stop here. We intend to foster a strong open-source community around Kaolin, and welcome contributions from other 3D deep learning researchers and practitioners.” The researchers are hopeful that the 3D community will try out Kaolin, and contribute to its development. Many developers have expressed interest in the Kaolin PyTorch Library. https://twitter.com/RanaHanocka/status/1194763643700858880 https://twitter.com/AndrewMendez19/status/1194719320951197697 Read the research paper for more details about Kaolin’s roadmap. You can also check out NVIDIA’s official announcement. Facebook releases PyTorch 1.3 with named tensors, PyTorch Mobile, 8-bit model quantization, and more Transformers 2.0: NLP library with deep interoperability between TensorFlow 2.0 and PyTorch, and 32+ pretrained models in 100+ languages Introducing ESPRESSO, an open-source, PyTorch based, end-to-end neural automatic speech recognition (ASR) toolkit for distributed training across GPUs Baidu adds Paddle Lite 2.0, new development kits, EasyDL Pro, and other upgrades to its PaddlePaddle deep learning platform CNCF announces Helm 3, a Kubernetes package manager and tool to manage charts and libraries

MongoDB is, without a doubt, the most popular NoSQL database today. Per the Stack Overflow Developer Survey, more developers have been wanting to work with MongoDB than any other database over the last two years. With the upcoming MongoDB 4.0 release, it plans to up the ante by adding support for multi-document transactions and ACID-based features (Atomicity Consistency Integrity and Durability). Poised to be released this summer, MongoDB 4.0 will combine the speed, flexibility and the efficiency of document models - features which make MongoDB such a great database to use - with the assurance of transactional integrity. This new addition should give the database a more relational feel, and would suit large applications with high data integrity needs regardless of how the data is modeled. It has also ensured that the support for multi-document transactions will not affect the overall speed and performance of the unrelated workloads running concurrently. MongoDB have been working on this transactional integrity feature for over 3 years now, ever since they incorporated the WiredTiger storage engine. The MongoDB 4.0 release should also see the introduction of some other important features such as snapshot isolation, a consistent view of data, ability to roll-back transactions and other ACID features. Per the 4.0 product roadmap, 85% of the work is already done, and the release seems to be on time to hit the market. You can read more about the announcement on MongoDB’s official page.You can also join the beta program to test out the newly added features in 4.0.  

I remember deciding to pursue my first IT certification, the CompTIA A+. I had signed up for a class that lasted one week, per exam, meaning two weeks.  We reviewed so much material during that time that the task of preparing for the certification seemed overwhelming.  Even with an instructor, the scope of the material was a challenge.   Mixed messages  Somedays, I would hear from others how difficult the exam was; on other days, I would hear how easy the exam was. I would also hear advice about topics I should study more and even some topics I didn’t think about studying.  These conflicting comments only increased my anxiety as my exam date drew closer. No matter what I read, studied, or heard from people about the exam, I felt like I was not prepared to pass it. Overwhelmed by the sheer volume of material, anxious from the comments of others and feeling like I didn’t do enough preparation when I finally passed the exam, it didn’t bring me joy so much as relief that I had survived it.   Then it was time to prepare for the second exam, and those same feelings came back but this time with a little more confidence that I could pass it. After that first A+ exam, I have not only passed more exams, I have also have helped others prepare successfully for many certification exams.    Exam hacks  Below is a list that has helped not only me but also others to successfully prepare for exams.   Start with the exam objectives and keep a copy of them close by you for reference during your whole preparation time.  If you haven’t downloaded them (many are on the exam vendor’s site), do it now.  This is your verified guide on what topics will appear on the exam, and it will help you feel confident to ignore others when they tell you what to study. If it’s not in the exam objectives, then it is more than likely not on the exam. There is never a 100% guarantee, but whatever they ask you will at least be related to those topics found on the objectives. They will not be in addition to the objectives.                                                                                                                                                                                                              To sharpen the focus of your preparation, refer to your exam objectives again.  You may see this as just a list, but it is so much more. Put differently, the exam objectives set the scope of what to study.  How?  Pay attention to the verbs used on the exam objectives.  The objectives never give you a topic without using a verb to help you recognize the depth you should go into when you study. e.g., “configure and verify HSRP.”  You are not only learning what HSRP is, but you should know where and how to configure and verify it working successfully.  If it reads to “describe the hacking process”, you will know this topic is more conceptual. A conceptual topic with that verb would require you to define it and put it in context.                                                                                                                                                                                        The exam objectives also show the weighting of those topics for the exam. Vendors break down the objective domain into percentages. For example, you may find one topic accounts for 40% of the exam. This helps you predict what topics you will see more questions for on the exam. That means you can know what topics you’re more likely to see than other topics.  You may also see that you already know a good percentage of the exam as well. It’s a confidence booster and that mindset is key in your preparation.                                                                                                                                    A good study session begins and ends with a win. You can easily sabotage your study by picking a topic that is too difficult to get through in a single session. In the same manner, ending a study session where you feel like you didn’t learn anything is also disheartening.  This is demotivating at best.  How do we ensure that we can begin and end a study session with win? Create a study session with three topics. Begin with an easier topic to review or learn. Then, you can choose a topic that is more challenging.  Of course, end your study session with another easier topic.  Following this model, do a minimum of one a day or maximum of two sessions a day.                            Put your phone away. Set your emails and notifications, instant messaging, and social media on do not disturb during your study session time. Good study time is uninterrupted, except on your very specific and short breaks. It’s amazing how much more you can accomplish when you have dedicated study time away from beeps, rings, notifications.     Prep is king  Preparing for a certification exam is hard enough due to the quantity of material and the added stress of sitting for an exam and passing. You can make it more effective by using the objectives to help guide you, putting a session plan in place that is motivating as well as reducing the distractions during your dedicated study times. These are commonly overlooked preparation hacks that will benefit you in your next certification exam.   These are just some handy hints for passing IT Certification exams. What tips would you give? Have you recently completed a certification or are you planning on taking one soon?  Packt would love to hear your thoughts, so why not take the following survey? The first 200 respondents will get a free ebook of choice from the Packt catalogue.*    *To receive the ebook, you must supply an email. Free ebook requires a no-charge account creation with Packt   

Yesterday, Amazon announced support for load balancing UDP traffic on Network Load Balancers, which will enable it to deploy connectionless services for online gaming, IoT, streaming, media transfer, and native UDP applications. This has been a long requested feature by Amazon customers. The Network Load Balancer is designed to handle tens of millions of requests per second while maintaining high throughput at ultra low latency, with no effort on the users part. UDP load balancing will give users the liberty to no longer maintain a fleet of proxy servers to ingest UDP traffic, and instead use the same load balancer for both TCP and UDP traffic. Hence simplifying the network architecture, reducing users cost and scalability. Supported Targets UDP on Network Load Balancers is supported for Instance target types only. It does not support IP target types and PrivateLink. Health Checks Health checks must be done using TCP, HTTP, or HTTPS. Users can check on the health of a service by clicking override and specifying a health check on the selected port. Users can then run a custom implementation of Syslog that stores the log messages centrally and in a highly durable form. Multiple Protocols A single Network Load Balancer can handle both TCP and UDP traffic. In situations like DNS, when support of TCP and UDP is both needed on the same port, user can set up a multi-protocol target group and a multi-protocol listener. New CloudWatch Metrics The existing CloudWatch metrics (ProcessedBytes, ActiveFlowCount, and NewFlowCount) can  now represent the aggregate traffic processed by the TCP, UDP, and TLS listeners on the given Network Load Balancer. Users who host DNS, SIP, SNMP, Syslog, RADIUS and other UDP services in their own data centers can now move their services to AWS. It is also possible to deploy services to handle Authentication, Authorization, and Accounting, often known as AAA. Earlier this year, Amazon launched the TLS Termination support for Network Load Balancer. It simplifies the process of building secure web applications by allowing users to make use of TLS connections that terminate at a Network Load Balancer. Users are delighted with Amazon’s support for load balancing UDP traffic. https://twitter.com/cgswong/status/1143312489360183296 A user on Hacker News comments,“This is a Big Deal because it enables support for QUIC, which is now being standardized as HTTP/3. To work around the TCP head of line blocking problem (among others) QUIC aises UDP. QUIC does some incredible patching over legacy decisions in the TCP and IP stack to make things faster, more reliable, especially on mobile networks, and more secure.” Another comment reads, “This is great news, and something I’ve been requesting for years. I manage an IoT backend based on CoAP, which is typically UDP-based. I’ve looked at Nginx support for UDP, but a managed load balancer is much more appealing.” Some users see this as Amazon’s way of preparing ‘http3 support’ for the future. https://twitter.com/atechiethought/status/1143240391870832640 Another user on Hacker News wrote, “Nice! I wonder if this is a preparatory step for future quick/http3 support?” For details on how to create a UDP Network Load Balancer, head over to Amazon’s official blog. Amazon patents AI-powered drones to provide ‘surveillance as a service’ Amazon is being sued for recording children’s voices through Alexa without consent Amazon announces general availability of Amazon Personalize, an AI-based recommendation service

Yesterday, the Firefox team announced its latest version, Firefox 71. This version includes a plethora of new developer tools features such as web socket message inspector, console multi-line editor mode, log on events, and network panel full-text search. Many of these features were first made available in the Firefox Developer Edition and later improved based on the feedback. Other highlights in Firefox 71 includes new web platform features such as CSS subgrid, column-span, Promise.allSettled, and the Media Session API. What’s new in Firefox 71? Improvements in speed and reliability In Firefox 71, the team took some help from the JavaScript team by improving the caching of scripts during a startup. This made both Firefox and DevTools start faster. “One Console test got an astonishing 40% improvement while times across every panel were boosted by 8-15%”, the official blog post mentions. Also, the links to scripts, for example, from the event handler tooltip in the Inspector or the stack traces in the Console, reliably gets you to the expected line and debugging sources loaded through eval() now also works as expected. WebSocket Message Inspector In Firefox 71, the Network panel has a new Messages tab. You can observe all messages sent and received through a WebSocket connection: Source: Mozilla Hacks Sent frames have a green up-arrow icon, while received frames have a red down-arrow icon. You can click on an individual frame to view its formatted data. Know more about WebSocket Message Inspector on the official post. Console multi-line editor mode Another developer tools feature in Firefox 71 is the new multi-line console. It combines the benefits of IDEs to authoring code with the workflow of repeatedly executing code in the context of the page. If you open the regular console, you’ll see a new icon at the end of the prompt row. Source: Mozilla Hacks Clicking this will switch the console to multi-line mode: Source: Mozilla Hacks Here you can enter multiple lines of code, pressing enter after each one, and then run the code using Ctrl + Enter. You can also move between statements using the next and previous arrows. The editor includes regular IDE features you’d expect, such as open/close bracket pair highlighting and automatic indentation. Inline variable preview in Debugger The JavaScript Debugger now provides inline variable previewing, which is a useful timesaver when stepping through your code. In previous versions, you had to scroll through the scope panel to find variable values or hover over a variable in the source pane. In the current version, when execution pauses, you can view relevant variable and property values directly in the source. Source: Mozilla Hacks Using the babel-powered source mapping, preview also works for variables that have been renamed or minified by build steps. Make sure to enable this power-feature by checking Map in the Scopes pane. Log on Event Listeners There have been a few updates in the event listener breakpoints in Firefox 71. A few improvements include, log on events lets you explore which event handlers are being fired in which order without the need for pausing and stepping. Hence, if we choose to log keyboard events, for example, the code no longer pauses as each event is fired: Source: Mozilla Hacks Instead, we can then switch to the console, and whenever we press a key we are given a log of where related events were fired. CSS improvements In Firefox 71, the new CSS includes subgrid, multicol, clip-path: path, and aspect ratio mapping. Subgrid A feature that has been enabled in 71 after being supported behind a pref for a while, the subgrid value of grid-template-columns and grid-template-rows allows you to create a nested grid inside a grid item that will use the main grid’s tracks. This means that grid items inside the subgrid will line up with the parent’s grid tracks, making various layout techniques much easier. Multicol — column-span CSS multicol support has moved forward in a big way with the inclusion of the column-span property in Firefox 71. This allows you to make an element span across all the columns in a multicol container (generated using column-width or column-count). Clip-path: path() The path() value of the clip-path property is now enabled by default — this allows you to create a custom mask shape using a path() function, as opposed to a predefined shape like a circle or ellipse. Aspect ratio mapping Finally, the height and width HTML attributes on the <img> element are now mapped to an internal aspect-ratio property. This allows the browser to calculate the image’s aspect ratio early on and correct its display size before it has loaded if CSS has been applied that causes problems with the display size. There are also a few minor JavaScript changes in this release including, Promise.allSettled(), the Media Session API, and WebGL multiview. A lot of users are excited about this release and are looking forward to trying it out. https://twitter.com/IshSookun/status/1201897724943036417 https://twitter.com/awhite/status/1202163413021077504 To know more about this news in detail, read Firefox 71 official announcement. The new WebSocket Inspector will be released in Firefox 71 Firefox 70 released with better security, CSS, and JavaScript improvements Google and Mozilla to remove Extended Validation indicators in Chrome 77 and Firefox 70

The attempts of porting Swift to WebAssembly has been going on for very long, and finally, a team of developers has come up with SwiftWasm, which was released last week. With this tool, you will now be able to run your Swift code on the web by compiling it to WebAseembly. https://twitter.com/swiftwasm/status/1127324144121536512 The SwiftWasm tool is built on top of the WASI SDK, which is a WASI-enabled C/C++ toolchain. This makes the WebAssembly executables generated by SwiftWasm work on both browsers and standalone WebAssembly runtimes such as Wasmtime, Fastly’s Lucet, or any other WASI-compatible WebAssembly runtime. How you can work with SwiftWasm? While macOS does not need any dependencies to be installed, some dependencies need to be installed on Ubuntu and Windows: On Ubuntu install ‘libatomic1’: sudo apt-get install libatomic1 On Windows: First Install the Windows Subsystem for Linux, and then install the libatomic1 library. The next step is to compile SwiftWasm by running the following commands: ./swiftwasm example/hello.swift hello.wasm To run the resulting ‘hello.wasm’ file, go to the SwiftWasm polyfill and upload the file. You will see the output in the textbox. This polyfill supports Firefox 66, Chrome 74, and Safari 12.1. The news of having a tool for running Swift on the web has got many developers excited. https://twitter.com/pvieito/status/1127620197668487169 https://twitter.com/johannesweiss/status/1126913408455053312 https://twitter.com/jedisct1/status/1126909145926569986 The project is still work-in-progress and thus has some limitations. Currently, only the Swift ‘stdlib’ is compiled and other libraries such as Foundation or SwiftPM are not included. Few functions such as ‘Optional.Map’ does not work because of the calling convention differences between throwing and non-throwing closures. If you want to contribute to this project, check out its pull request on Swift’s GitHub repository to know more about its current status. You can try SwiftWasm on its official website. Swift is improving the UI of its generics model with the “reverse generics” system Swift 5 for Xcode 10.2 is here! Implementing Dependency Injection in Swift [Tutorial]

A few days ago, researchers from Positive technologies discovered flaws in Visa contactless cards, which allow hackers to bypass the payment limits. This research was conducted by two of Positive technologies’ researchers: Leigh-Anne Galloway, Cyber Security Resilience Lead and Tim Yunusov, Head of banking security. The attack was tested with “five major UK banks where it successfully bypassed the UK contactless verification limit of £30 on all tested Visa cards, irrespective of the card terminal”, the researchers mentioned. They added that the contactless Visa card vulnerability is possible on cards outside the UK as well. How to exploit this contactless Visa card vulnerability? The attack manipulates two data fields that are exchanged between the card and the terminal during a contactless payment. “Predominantly in the UK, if a payment needs an additional cardholder verification (which is required for payments over 30 pounds in the UK), cards will answer "I can’t do that," which prevents against making payments over this limit,” the researchers said. Next, the terminal uses country-specific settings, which demand that the card or mobile wallet provide additional verification of the cardholder, such as through the entry of the card PIN or fingerprint authentication on the phone. The attack could bypass both these checks using a device that intercepts communication between the card and the payment terminal. This device acts as a proxy thereby conducting a man in the middle (MITM) attack. “This attack is possible because Visa does not require issuers and acquirers to have checks in place that block payments without presenting the minimum verification,” the researchers say. “The attack can also be done using mobile wallets such as GPay, where a Visa card has been added to the wallet. Here, it is even possible to fraudulently charge up to £30 without unlocking the phone,” Positive Technologies mention in their post. One of the researchers, Yunusov said, "The payment industry believes that contactless payments are protected by the safeguards they have put in place, but the fact is that contactless fraud is increasing. While it’s a relatively new type of fraud and might not be the number one priority for banks at the moment, if contactless verification limits can be easily bypassed, it means that we could see more damaging losses for banks and their customers." A hacker can easily conduct a cardless attack Forbes explains, criminals, for instance, could take a payment from a card when the user wasn’t looking with their own mobile payments machine (though a malicious merchant would eventually be caught by banks’ fraud systems if they used the same terminal). They could even take a payment reading from a credit card using their mobile phones and send the data to another phone and make a payment on that second device going beyond the limit, the researchers claimed. “For the hack to work, all the fraudsters need is to be close to their victim,” Forbes mentions. “So that means if you found someone’s card or if someone stole your card, they wouldn’t have to know your PIN, they wouldn’t have to impersonate your signature, and they could make a payment for a much higher value,” Galloway said. According to UK Finance, fraud on contactless cards and devices increased from £6.7 million in 2016 to £14 million in 2017. £8.4 million was lost to contactless fraud in the first half of 2018. Researchers suggest that additional security should be provided by the bank issuing cards and shouldn’t rely on Visa to provide a secure protocol for payments. “Instead, issuers should have their own measures in place to detect and block this attack vector and other payment attacks,” the researchers say. Galloway says, “It falls to the customer and the bank to protect themselves. While some terminals have random checks, these have to be programmed by the merchant, so it is entirely down to their discretion.” “Because of this, we can expect to see contactless fraud continue to rise. Issuers need to be better at enforcing their own rules on contactless and increasing the industry standard. Criminals will always gravitate to the more convenient way to get money quickly, so we need to make it as difficult as possible to crack contactless,” she further adds. In the U.S., contactless card transactions are relatively rare, with only about 3 percent of cards falling into this category, CNBC reports. Researchers say the limits attackers can withdraw will differ in different countries. In the UK, they were able to make payments of £100 without any detection. Galloway says, for instance, in the U.S., it’s considerably higher at $100. What measures is Visa taking to prevent this kind of contactless fraud? Surprisingly, the company was not alarmed by this situation. In fact, Forbes reports that Visa wasn’t planning on updating their systems anytime soon. “One key limitation of this type of attack is that it requires a physically stolen card that has not yet been reported to the card issuer. Likewise, the transaction must pass issuer validations and detection protocols. It is not a scalable fraud approach that we typically see criminals employ in the real world,” a Visa spokesperson told Forbes. The company also said it was continually working on improving its fraud detection tech. https://twitter.com/a66ot/status/1155793829443842049 To know more about this news in detail, head over to Positive technologies’ official post. A vulnerability found in Jira Server and Data Center allows attackers to remotely execute code on systems VLC media player affected by a major vulnerability in a 3rd library, libebml; updating to the latest version may help A zero-day vulnerability on Mac Zoom Client allows hackers to enable users’ camera, leaving 750k companies exposed

The rise of the video game industry over the last two decades has been staggering, to say the least. Considered to be an area with massive revenue potential, we have seen a revolution in the way games are designed, developed and played across various platforms.Unity, the most popular cross-platform game development platform, is now encouraging even the non-programmers to take up Unity game development by equipping them with state-of-the-art tools for designing interactive games. Unity game development simplified for non-developers These days, there are a lot of non-developers, game designers and even artists who wish to build their own games. Well, they are now in for a treat. Unity have come up with their 2D and 3D Game kits wherein the users develop 2D or 3D gameplays without the need to code. With the help of these game kits, beginners can utilize the elements, tools and systems within the kit to design their gameplay. The Unity 2D game kit currently supports versions Unity 2017.3 and higher, while the 3D game kit is supported by Unity 2018.1 or higher. Visual scripting with Bolt Unity  have also introduced a new visual scripting tool called Bolt, which allows non-programmers to create new gameplays from scratch and design interactive systems in Unity, without having to write a single line of code. With live editing, predictive debugging and a whole host of other features, Bolt ensures you can get started with designing your own game in no time at all. The idea of introducing these game kits and the Bolt scripting engine is to encourage more and more non-programmers to take up game development and let their creative juices flow. It will also serve as a starting point for absolute beginners to start their journey in game development. To know more about how to use these Unity game kits, check out the introduction to game kit by Unity.