When it comes to protecting against credentials theft on Windows, enabling LSA Protection (a.k.a. RunAsPPL) on LSASS may be considered as the very first recommendation to implement. But do you really know what a PPL is? https://itm4n.github.io/lsass-runasp
anonymous poll
No, it's the first time I've ever heard about that. – 3
👍👍👍👍👍👍👍 100%
Yes, I was familiar with that.
▫️ 0%
👥 3 people voted so far.
anonymous poll
No, it's the first time I've ever heard about that. – 3
👍👍👍👍👍👍👍 100%
Yes, I was familiar with that.
▫️ 0%
👥 3 people voted so far.
Jim's Lib via @vote
When it comes to protecting against credentials theft on Windows, enabling LSA Protection (a.k.a. RunAsPPL) on LSASS may be considered as the very first recommendation to implement. But do you really know what a PPL is? https://itm4n.github.io/lsass-runasp…
Introduction to RunAsPPL or LSA protection
https://itm4n.github.io/lsass-runasppl/
What will happen in real world if you don't enable that?
"LSASS has the ability to execute arbitrary kernel-mode addresses? I wrote a small proof of concept that allows administrators to execute unsigned code in the kernel if LSA Protection is disabled."
https://tierzerosecurity.co.nz/2024/04/29/kexecdd.html
https://itm4n.github.io/lsass-runasppl/
What will happen in real world if you don't enable that?
"LSASS has the ability to execute arbitrary kernel-mode addresses? I wrote a small proof of concept that allows administrators to execute unsigned code in the kernel if LSA Protection is disabled."
https://tierzerosecurity.co.nz/2024/04/29/kexecdd.html
itm4n’s blog
Do You Really Know About LSA Protection (RunAsPPL)?
When it comes to protecting against credentials theft on Windows, enabling LSA Protection (a.k.a. RunAsPPL) on LSASS may be considered as the very first recommendation to implement. But do you really know what a PPL is? In this post, I want to cover some…
Atomic DDL is not transactional DDL
"Atomic DDL is not transactional DDL. DDL statements, atomic or otherwise, implicitly end any transaction that is active in the current session, as if you had done a COMMIT before executing the statement. This means that DDL statements cannot be performed within another transaction, within transaction control statements such as START TRANSACTION ... COMMIT, or combined with other statements within the same transaction."
https://dev.mysql.com/doc/refman/8.0/en/atomic-ddl.html
"Atomic DDL is not transactional DDL. DDL statements, atomic or otherwise, implicitly end any transaction that is active in the current session, as if you had done a COMMIT before executing the statement. This means that DDL statements cannot be performed within another transaction, within transaction control statements such as START TRANSACTION ... COMMIT, or combined with other statements within the same transaction."
https://dev.mysql.com/doc/refman/8.0/en/atomic-ddl.html
What is Implicit Commit in MySQL?
The implicit commit occurs within a session.
So for instance you start a transaction, do some updates and then forget to close the transaction and start a new one. Then the first transaction will implicitely committed.
https://dev.mysql.com/doc/refman/8.0/en/implicit-commit.html
The implicit commit occurs within a session.
So for instance you start a transaction, do some updates and then forget to close the transaction and start a new one. Then the first transaction will implicitely committed.
https://dev.mysql.com/doc/refman/8.0/en/implicit-commit.html
Spring Boot's application events
https://medium.com/@truongbui95/spring-boots-application-events-36ebe09e9313
https://medium.com/@truongbui95/spring-boots-application-events-36ebe09e9313
https://github.com/tarantool/tarantool
Tarantool is an in-memory computing platform consisting of a database and an application server.
Tarantool is an in-memory computing platform consisting of a database and an application server.
GitHub
GitHub - tarantool/tarantool: Get your data in RAM. Get compute close to data. Enjoy the performance.
Get your data in RAM. Get compute close to data. Enjoy the performance. - tarantool/tarantool
most engineers will work on badly designed systems because most systems turn into badly designed systems over time.
most engineers will work on badly designed systems because most successful/popular systems are badly designed systems, because there is almost no other way to design these systems.
work on badly designed systems will particularly suffer since badly designed systems have unbounded complexity. because most of these systems are built by large group of people over time, and complexity is limited only by human creativity.
Why Delete records with FK might be slow in PostgreSQL?
- PostgreSQL doesn't index FKs by default
- on each FK reference, there is a function call that checks referential integrity violation, for 100 record with 2 FKs it will be called 200 times.
Mitigation:
Index FK with CONCURRENTLY flag on production where Referential Integrity Violation check could be done concurrently.
- PostgreSQL doesn't index FKs by default
- on each FK reference, there is a function call that checks referential integrity violation, for 100 record with 2 FKs it will be called 200 times.
Mitigation:
Index FK with CONCURRENTLY flag on production where Referential Integrity Violation check could be done concurrently.
CPU branching and parallelization
“A branch is an instruction in a computer program that can cause a computer to begin executing a different instruction sequence and thus deviate from its default behavior of executing instructions in order.” — Wikipedia
This article will improve array iteration performance in C#, but during that it will explain about CPUs a little bit, branching and SIMD.
https://antao-almada.medium.com/array-iteration-performance-in-c-branching-and-parallelization-d0705adbf425
“A branch is an instruction in a computer program that can cause a computer to begin executing a different instruction sequence and thus deviate from its default behavior of executing instructions in order.” — Wikipedia
This article will improve array iteration performance in C#, but during that it will explain about CPUs a little bit, branching and SIMD.
https://antao-almada.medium.com/array-iteration-performance-in-c-branching-and-parallelization-d0705adbf425
Medium
Array iteration performance in C# — Branching and parallelization
This is a third post in a series on performance in C#.
https://cedardb.com/
CedarDB is a government funded general-purpose database solution which claims to present more performance with general purpose approach versus postgresql, because re-think in design with these days workload and usecases, hardwares and etc.
All of CedarDB founders are graduated from Technical Univesty of Munich with almost no experience in industry.
read more about them
https://cedardb.com/docs/technology/
CedarDB is a government funded general-purpose database solution which claims to present more performance with general purpose approach versus postgresql, because re-think in design with these days workload and usecases, hardwares and etc.
All of CedarDB founders are graduated from Technical Univesty of Munich with almost no experience in industry.
read more about them
https://cedardb.com/docs/technology/
CedarDB - The All-In-One-Database
An ode to PostgreSQL, and why it is still time to start over
CedarDB is a relational-first database system that delivers best-in-class performance for all your workloads, from transactional to analytical to graph, accessible through PostgreSQL’s tools and SQL dialect. Here's the story of why we're doing what we're…