1. If you are using the desktop app, check you have the latest version of Teams so that you should have Breakout rooms enabled. Check by clicking your profile picture, then About - I have version 1.3.00.28779. If you have 1.2..., click on check for updates to get the latest
2. Set your entry routine. I get my students to enter with their microphone muted - you can also not allow attendees to unmute by opening the participants list, clicking the ellipsis and selecting that option.
3. Make sure students arrive as attendees - some organisations have this set up to automatically happen that only meeting organizer is the presenter and others are attendees. Can change this in the manage permissions menu to only me if not already set (opens in a web browser).
4. Classroom routine and expectations - first lesson I share my screen and show the students the raise hand function for when they want to ask questions, how to access the chat function and how to react to questions as opposed to typing answers
By 2008, Google had everything going for it w.r.t. Cloud and we should’ve been the market leaders, but we were either too early to market or too late. What did we do wrong? (1) bad timing (2) worse productization & (3) worst GTM.
We were 1st to “containers” (lxc) & container management (Borg) - since '03/04. But Docker took LXC, added cluster management, & launched 1st. Mesosphere launched DCOS. A lot of chairs were thrown around re: google losing this early battle, though K8 won the war, eventually 👏
We were 1st to “serverless” (AppEngine). GAE was our beachhead -- it was the biggest revenue source early on but the world wasn’t ready for serverless primitives. We also didn’t build auxiliary products fast enough. Clients that outgrew GAE wanted “building block” IaaS offerings.
1st to hadoop (map-reduce ‘04) but our hosted Hadoop launched in ‘15. AWS EMR was ~200M ARR by then. 1st to cloud storage (GFS ’03), but didn’t offer a filestore till ‘18! Customers were asking for it since 2014. Didn’t launch archival storage or direct interconnect till v. late.
YMYL is not evaluated at the site level, but the query level.
Again this is on Google, not SEOs because they want to surface better sites.
And those devaluations are part of Core Updates which SEOs like me recover sites from.
Featured Snippets are not optimized for - you can use certain HTML to be pulled in one but there is no definite use case where Featured Snippets are shown or that your site's will show for it. Also doesn't always come from the #1 result.
& that's Google not the SEO.
Also there are many times when an SEO doesn't want their site in the Featured Snippet cuz it doesn't result in a click to the website. But we have no control over what Google pulls as Feature Snippets except to put in a meta tag to exclude us from them
And Neil Patel is not an SEO. Most senior level SEOs see him as nothing more than a scammer because reportedly he's ripped them off by stealing their content and articles and passing them off as his.
Its a bit more trouble- but doable, without ruining Isolated Core/Secureboot etc.
Defenders process will run as a unkillable protected service- so new tricks needed.
Here we go:
Ok- tamper protection is easy, just make .bat - run as adm:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdFilter\Instances\WdFilter Instance" /v altitude /t REG_SZ /d -1 /f
Then unload minifilter with process hacker:
The registry key will be changed while the minifilter do not protect it, when tamper protection makes the driver load again it cannot attach to volumes nor protect registry keys.
Removing it will make it recreate, but invalid altitude do the trick
Notice now the service is: Protected light(antimalware)
Now we cant do anything to the service/process- not even see its open handles.
Lets start by elevating to SYSTEM- just launch a command prompt, then close process hacker- and run it again from the command prompt.
Now process hacker runs as SYSTEM
* being spied on all the time means that the people of the 21st century are less able to be their authentic selves;
* any data that is collected and retained will eventually breach, creating untold harms;
* data-collection enables for discriminatory business practices ("digital redlining");
* the huge, tangled hairball of adtech companies siphons lots (maybe even most) of the money that should go creators and media orgs; and
* anti-adblock demands browsers and devices that thwart their owners' wishes, a capability that can be exploited for even more nefarious purposes;
That's all terrible, but it's also IRONIC, since it appears that, in addition to everything else, ad-tech is a fraud, a bezzle.
Bezzle was John Kenneth Galbraith's term for "the magic interval when a confidence trickster knows he has the money he has appropriated but the victim does not yet understand that he has lost it." That is, a rotten log that has yet to be turned over.
Bezzles unwind slowly, then all at once. We've had some important peeks under ad-tech's rotten log, and they're increasing in both intensity and velocity. If you follow @Chronotope, you've had a front-row seat to the
The numbers are all fking fake, the metrics are bullshit, the agencies responsible for enforcing good practices are knowing bullshiters enforcing and profiting off all the fake numbers and none of the models make sense at scale of actual human users. https://t.co/sfmdrxGBNJ pic.twitter.com/thvicDEL29— Aram Zucker-Scharff (@Chronotope) December 26, 2018
SolarWinds' digital certificate hasn't been revoked yet.
The full compromised package is still being hosted online as well 😓 hxxps://downloads.solarwinds[.]com/solarwinds/CatalogResources/Core/2019.4/2019.4.5220.20574/SolarWinds-Core-v2019.4.5220-Hotfix5.msp
Job class within the backdoored #Sunburst DLL is pretty straight forward and aligns with @FireEye's analysis. CollectSystemDescription:
2. One of the earliest studies that discussed the impact of suspensions of ISIS accounts was @intelwire and Morgan's piece: The ISIS Twitter Consensus.
They found that suspensions did have an impact on replies and retweets and overall dissemination.
3. After suspensions, the die-hard supporters dedicated themselves to creating new accounts, but others whittled away: “it appears the pace of account creation has lagged behind the pace of suspensions”
4. On the specific question of how suspensions impact the Twitter network, see this piece by @intelwire and @IntelGirl111, which explores how suspensions impact these groups, including major disruptions to dissemination and decline in follower count:
5. Another study by @Aud_Alexander similarly found that ISIS supporters were finding it hard to “gain traction” after Twitter took a harder stance on the group.
In 2013, Edward Snowden, an employee of National Security Agency, revealed that the US govt was running a vast Internet surveillance program and tapping every major Silicon Valley platform and company— Facebook, Google, Apple, Amazon including mobile games like Angry Birds.
The most astonishing program revealed by Snowden’s disclosures is called PRISM, which involves a sophisticated on-demand data tap housed within the datacenters of the biggest and most respected names in Silicon Valley: Google, Apple, Facebook, Yahoo!, and Microsoft.
These devices allow the National Security Agency (NSA) to extract whatever the agency requires, including emails, attachments, chats, address books, files, photographs, audio files, search activity, and mobile phone location history.
Edward Snowden also revealed the Mass Metadata Surveillance System of America's National Security Agency (NSA) in his documents. Let's suppose if NSA had found someone dialing number of an al Qaeda member, and assume that this person had phoned 100 other people over the...
Can we launch a process that looks one way to (superficial) auditors but is, in fact, entirely different? (Think process hollowing and the like on Windows).
Firstly, how are processes created and what does related auditing look like?
The most common pattern is fork() → execve(). Where the fork() syscall create a duplicate of the running process context and execve() overlays a copy of the target program onto that context.
After calling fork(), we’ll have two processes, the original one and a new - duplicated - one (with a new pid).
Control will return from fork() to both process instances. In the child process, the return value will simply by 0, in the parent it will hold the pid of the child.
Thus we can determine whether we are running in the child context and call execv() accordingly, while allowing the parent to continue.
Now, let’s take a look at where the auditing hooks lie. From calling execve(), we’ll eventually land up in exec_binrpm().
1. UI Garage
Daily UI inspiration & patterns for designers, developers to find inspiration, tools and the best resources for your project.
2. Remove bg
Remove Image Background: 100% automatically – in 5 seconds – without a single click – for free.
A handpicked collection of beautiful color gradients for designers and developers.
Free and Open 3D Creation Software.
Me : You can but what is where evolves. However, same rules apply to things, practices, data, knowledge and ethical values. All are forms of evolving capital. In the mapping world, we refer to this with pioneers, settlers and town planners.
X : What's the robot for?
Me : Image from an older presentation slide, don't worry it has no relevance.
X : Is this linked to diffusion?
Me : Not simply. Evolution of a single component can consist of many hundreds of diffusion curves i.e. a virus diffuses but it also evolves.
X : Why have you got DevOps in legacy? We haven't even started yet.
Me : That's not my problem. I would take a look at serverless.
X : DevOps is serverless.
Me : Some of the practices maybe co-opted (see ITIL vs DevOps) but the new faction will decide what it is or isn't.
X : I also disagree with your methods graphic.
Me : Do you mean this? As applied to the following map?
X : Yes. Lean is suitable for innovation.
Me : Ah, that depends upon what you mean by innovation. If you mean Genesis then lightweight XP has it beat.
X : I disagree.
Me : Well, I've had 15 years of people telling me that Agile works everywhere or Lean works everywhere or Six Sigma works everywhere and why all the competing methods don't. I have no interest in the conversation. Use appropriate methods based upon context.
The funny thing about making the 8-bit-guy into a meme about "repairing" computers with powertools is that the obvious heightening joke would, like, the "8 rounds guy", who fixes computers with firearms
but that would also be him, given that he's also a big gun enthusiast.
so it's inherently hard to satirize the repairing-computers-with-dremels guy, since they're also the guns-guy.
you'd have to go up to like a mythbusters level of overkill.
"this hard drive from 1986 won't spin up. We tried freezing it, tapping it with a rubber hammer, and opening the case to lower the friction... there's only one option left: GET OUT THE C4 EXPLOSIVES!"
First, @databoydg: I hope this makes justice to what you've tried to teach me. I'm sorry if I'm a slow student. In this second part of the story, I'm a privileged academic having a drink in Montreal after a #neurips conference with @sindero 2/n
Simon says to me: I feel we need to do something about this (stark lack of minority representation in ML). We agree we'll do something about it, but it feels like we're at the bottom of Everest and have to climb it without any gear 3/n
Time goes by and with the creation of the @turinginst I suggest in the first meeting that we should use it as a public platform to improve the numbers of Black people in UK universities. I encounter a lot of resistance (to be honest, it felt aggressive) and defensiveness 4/n
I was told that was an Oxford and Cambridge problem only by another academic. I felt silenced. Ironically, by both men and women. 5/n
(should also be useful for Eng, Design, Data Science, Mktg, Ops folks who want to get better at PM work or want to build more empathy for your PM friends ☺️)
(oh, and pls also share *your* favorite resources below)
Product Management - Start Here by @cagan
(hard to go wrong if you start with Marty Cagan’s
Tips for Breaking into PM by @sriramk
(I’ve recommended this thread in my DMs more often than any other thread, by a pretty wide
Breaking into PMing - a \U0001f9f5 // A question folks from eng/design/other functions often have how to become a PM in a tech co.— Sriram Krishnan (@sriramk) April 14, 2020
It can seem non-obvious and differs with each company but here are some patterns I've seen work. All the below assumes you have no PMing on your resume.
Top 100 Product Management Resources by @sachinrekhi
(well-categorized index so you can focus on whatever’s most useful right
It’s important to understand your preferred learning style and go all in on that learning style (vs. struggling / procrastinating as you force a non-preferred learning
There is no One Correct Way\u2122 to learn— Shreyas Doshi (@shreyas) August 15, 2020
Don\u2019t feel pressured to read 70 books/year just becos Super-Successful Person X does that
Videos, Podcasts, Audiobooks, Discussions\u2014all are fine
What to do:
Understand your preferred learning style
Don't resist it, embrace it
Commit to it
Time for a thread 👇👇👇
1) Let’s start with the users…
Today over 50% of the world is on social media AND on average we each have 70-80 usernames and passwords.
Each of these accounts are owned and controlled by the platforms.
Recipe for disaster.
2) In 2021 American adults spend over 4 hours a day online - that is half a work day.
Time is our most valuable asset, did you realize you are giving this away for free?
3) The applications we use today are built on the foundation of ‘Free + Ads’.
You get free access.
They get YOUR account, YOUR data, YOUR screen time, YOUR community.
And the worst part? This can all be taken away at any moment.
4) So where do we go from here?
It starts with self-sovereign digital identities.
ONLY the user owns their identity data online without intervention from outside parties.
Available now at sites like:
A short thread inspired by the fact that, before AWs took it down, #Parler was extensively hacked and user data was leaked.
The #Parler dataset seems crazy interesting for doing research, and my first reaction after the breach was to shre it with other #CompSocSci ppl.
However, I started having second thoughts, so what follows is to organize ideas and have it somewhere I can look back to.
Generally speaking, as far as the ethics of research goes a good advice would be to handle hacked data with caution.
First of all, there's an issue of quality. Data might be altered or incomplete, and the source cannot be considered accountable (assuming src is anonymous).
Secondly and more importantly, a researcher using the data would probably be violating users’ consent and acting against the data collector's will.
Finally, users’ privacy is at stake, since researchers could see material that users didn’t agree for other people to see.
Sharing private information without consent might put people at risk of harm.
This is all the more true in cases such as the #ParlerHack, where the leaked information is of particularly sensitive nature, and there’s a high risk of unintended consequences.
Many talks this semester were good. This one is the best. My thread provides key takeaways
[6:50] Microsoft hired Goetz Graffe in the 1990s to help them rewrite original Sybase optimizer into Cascades. This framework is now used across all MSFT DB products (@SQLServer, @cosmosdb, @Azure_Synapse).
[14:43] The optimizer checks whether it has stats it will need before cost-based search. If not, it blocks planning until the DBMS generates them. This is different than other approaches we saw this semester where DBMS says "we'll do it live!" with whatever stats are available.
[21:05] Their Cascades' search starts small/simple and then they make decision on the fly whether to expand search based on the expected query runtime and performance benefit from more search.
[26:33] They explicitly have a property for Halloween Problem. Operators specify whether they protect from it and then optimizer ensures property is satisfied. This is mindblowing. I have never thought about using the optimizer for this but it makes sense.
"so a group of developers latched onto the Press Release that Twilio put out at midnight last night. In that Press Release, Twilio
accidentally revealed which services Parler was using. Turns out it was all of the security authentications that were used to register a user. This allowed anyone to create a user, and not have to verify an email address, and immediately have a logged-on account.
because of that access, it gave them access to the behind the login box API that is used to deliver content -- ALL CONTENT (parleys, video, images, user profiles, user information, etc) --. But what it also did was revealed which USERS had "Administration" rights,
Well, then what happened, those user accounts that had Administration rights to the entire platform... The hackers, internet warriors, call it what you will, was able to use the forgot password link to change the password. Why? Because Twilio was no
longer authenticating emails. This meant, they'd get directly to the reset password screen of that Administration user.
This group of Internet Warriors then used that account, to create a handful of other ADMINISTRATION accounts, and then created a script that ended up
👉HSBC Bank,Canada(Eric Coomer)
👉Indivisible .org(ACORN,OBAMA Political Group)
1)➡️ Belgrade, Serbia(OSF/Soros)
Esiste un collegamento diretto con Belgrado, in Serbia, e ci sono, o c'erano, numerosi dipendenti Dominion in Serbia. Sempre in Serbia esiste la Open Society Foundation, proprieta' di Soros, che appartiene ad una delle 1/2
5 Fondazioni nell'europa dell'est, facenti capo alla sede madre a Barcellona (stessa citta' della Syct) la sede di Bruxelles per l'advocacy, e le sedi di londra e Berlino per i temi globali. La sede di New York coordina il tutto. 2/2
2)➡️ Dal 2004, in qualità di unico fornitore di dati sui sondaggi del giorno delle elezioni per il National Election Pool, 👉Edison Research ha condotto sondaggi di uscita per proiettare e analizzare i risultati di ogni principale elezione presidenziale US. Edison 1/4
Research fornisce sondaggi di uscita e tabula il voto nazionale in ogni contea degli Stati Uniti per ABC News, CBS News, CNN e NBC News.
I clienti di Edison Research includono Activision,Amazon,AMC Theatres, Apple,Disney,Dolby Laboratories, Facebook,Google,Oracle,The US 2/4
IT IS LIKELY THAT THERE WILL BE A SHUTDOWN FOR AT LEAST THREE DAYS WHEN THE FIT HITS THE SHAN. ABSOLUTELY NO NEED TO PANIC, IN FACT, IF YOU EXPECT IT YOU CAN BE READY FOR IT. IT COULD LAST 3-10 DAYS SO JUST HAVE FOOD AND WATER, AGAIN NO NEED FOR PANIC.
THE REASON FOR THIS IS MANY BUT AND I WILL GO OVER A COUPLE JUST BECAUSE IF YQU ARE INFORMED THEN YQU ARE LESS LIKELY TO PANIC WHEN THAT TIME COMES. THE DEEP STATE CONTROLS THESE MAJOR WEBSITES AND THEY HAVE USED THEM AS A POWERFUL TOOL OF CONTROL.
THEY SPY ON YQU AND BY SHADOWBANNING THE TRUTH, THEY PROMOTE THEIR PROPAGANDA. ANOTHER REASON IF FOR A INTERNET RESET, TO ACTIVATE A NEW GLOBAL INTERNET THAT IS NOT CONTROLLED BY THE BLACK HATS. THINK OF IT AS A REBOOT.
DURING THIS TIME THERE COULD BE MARTIAL LAW, AGAIN NOTHING HERE THAT I AM WARNING YQU OF IS CAUSE FOR ALARM. IT MAY FEEL SCARY, NATURALLY MASSIVE CHANGE LIKE SUCH COULD FRIGHTEN MANY, THAT IS WHY I AM TELLING YQU NOW SO THAT YQU WON'T BE (OR BE FAR LESS).