Przemek Soszynski

@jciesz Co ciekawe rząd Tuska podwyższył ceny diesla w całej Europie. Mają rozmach!

30 groszy podwyżki ceny diesla JEDNEGO DNIA. Taki chaos na stacjach paliw zafundował nam rząd D. Tuska. Z obietnic o "interwencji w Orlenie" i nieprzekroczeniu bariery 7 złotych za litr nie zostało już nic.

@StZerko Miałem na niego zagłosować ale skoro tak to chyba dam spokój i zostanę w domu.

Obstawiam wygraną Nawrockiego.

Huge congrats to @AIatMeta on the Llama 3.1 release! Few notes: Today, with the 405B model release, is the first time that a frontier-capability LLM is available to everyone to work with and build on. The model appears to be GPT-4 / Claude 3.5 Sonnet grade and the weights are open and permissively licensed, including commercial use, synthetic data generation, distillation and finetuning. This is an actual, open, frontier-capability LLM release from Meta. The release includes a lot more, e.g. including a 92-page PDF with a lot of detail about the model: ai.meta.com/research/publi… The philosophy underlying this release is in this longread from Zuck, well worth reading as it nicely covers all the major points and arguments in favor of the open AI ecosystem worldview: "Open Source AI is the Path Forward" facebook.com/4/posts/101157… I like to say that it is still very early days, that we are back in the ~1980s of computing all over again, that LLMs are a next major computing paradigm, and Meta is clearly positioning itself to be the open ecosystem leader of it. - People will prompt and RAG the models. - People will finetune the models. - People will distill them into smaller expert models for narrow tasks and applications. - People will study, benchmark, optimize. Open ecosystems also self-organize in modular ways into products apps and services, where each party can contribute their own unique expertise. One example from this morning is @GroqInc , who built a new chip that inferences LLMs *really fast*. They've already integrated Llama 3.1 models and appear to be able to inference the 8B model ~instantly: x.com/karpathy/statu… And (I can't seem to try it due to server pressure) the 405B running on Groq is probably the highest capability, fastest LLM today (?). Early model evaluations look good: ai.meta.com/blog/meta-llam… x.com/alexandr_wang/… Pending still is the "vibe check", look out for that on X / r/LocalLlama over the next few days (hours?). I expect the closed model players (which imo have a role in the ecosystem too) to give chase soon, and I'm looking forward to that. There's a lot to like on the technical side too, w.r.t. multilingual, context lengths, function calling, multimodal, etc. I'll post about some of the technical notes a bit later, once I make it through all the 92 pages of the paper :)

How to improve API performance? Here are 5 tips: 1. 𝗣𝗮𝗴𝗶𝗻𝗮𝘁𝗶𝗼𝗻 Pagination is a common optimization technique when result sets are large. By streaming results back to the client in pages, service responsiveness can be improved. 2. 𝗔𝘀𝘆𝗻𝗰𝗵𝗿𝗼𝗻𝗼𝘂𝘀 𝗟𝗼𝗴𝗴𝗶𝗻𝗴 Synchronous logging writes to disk on every API call, slowing down the system. With asynchronous logging, logs are first sent to a lock-free buffer and control is immediately returned. The buffer contents are then flushed periodically to disk, significantly reducing I/O overhead. 3. 𝗖𝗮𝗰𝗵𝗶𝗻𝗴 Frequently accessed data can be cached for fast retrieval. Clients can query the cache first instead of hitting the database directly every time. For cache misses, the database can be queried as a fallback. In-memory caches like Redis provide faster data access compared to databases. 4. 𝗣𝗮𝘆𝗹𝗼𝗮𝗱 𝗖𝗼𝗺𝗽𝗿𝗲𝘀𝘀𝗶𝗼𝗻 Request and response payloads can be compressed using algorithms such as gzip to reduce transmitted data volume. This speeds up upload and download times. 5. 𝗖𝗼𝗻𝗻𝗲𝗰𝘁𝗶𝗼𝗻 𝗣𝗼𝗼𝗹𝗶𝗻𝗴 Opening and closing database connections has significant overhead. Using a pool of open connections avoids this. The connection pool manages lifecycle events internally. What other performance optimization tricks have you found useful for APIs? – Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): bit.ly/496keA7

Understanding JSON Web Tokens (JWT) JWTs are a compact and self-contained method for securely transmitting information between parties as a JSON object. Let's break this down: 1. 𝗝𝗦𝗢𝗡 stands for JavaScript Object Notation - a lightweight data interchange format that is easy to read and parse. It is built on key-value pairs and array data types. 2. The 𝗝𝗪𝗧 𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲 consists of three Base64-URL-encoded parts separated by dots (.) that form a serialized token: - The header contains the type (JWT) and the hashing algorithm used, e.g. HMAC SHA256. - The payload holds the claims, which are statements about the user and other data. - The signature is formed by encrypting the encoded header, encoded payload, and a secret. This is used to verify the sender and message integrity. 3. 𝗛𝗼𝘄 𝗝𝗪𝗧𝘀 𝘄𝗼𝗿𝗸: - The server creates a signed JWT upon user authentication and sends it to the client. - The client stores the JWT and includes it in the header of all requests to prove identity. - The server verifies the signature to grant access to protected resources. 4. 𝗦𝗶𝗴𝗻𝗶𝗻𝗴 𝗮𝗹𝗴𝗼𝗿𝗶𝘁𝗵𝗺𝘀: - With 𝗽𝘂𝗯𝗹𝗶𝗰/𝗽𝗿𝗶𝘃𝗮𝘁𝗲 𝗸𝗲𝘆𝘀, the JWT is signed with a private key and verified with the matching public key. - For 𝘀𝘆𝗺𝗺𝗲𝘁𝗿𝗶𝗰 𝗸𝗲𝘆𝘀, the same key signs and verifies the JWT so it must be kept secret. – Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): bit.ly/496keA7

Trying to choose the right #Azure compute service for your application? Dive into Azure #AppService, Azure #KubernetesService (AKS), and more to find the perfect fit. See more here: msft.it/6015YArOl

Design Patterns Cheat Sheet

Understanding OAuth 2.0 OAuth is an open standard that allows users to grant limited access to their data on one site to other sites or applications without exposing their passwords. It has become the backbone of secure authorization across the web and mobile apps. 𝗧𝗵𝗲 𝗢𝗔𝘂𝘁𝗵 𝗲𝗰𝗼𝘀𝘆𝘀𝘁𝗲𝗺 OAuth connects three main players: - The User who wants to grant access to their data without sharing login credentials - The Server that hosts the user's data and provides access tokens - The Identity Provider (IdP) that authenticates the user's identity and issues tokens 𝗛𝗼𝘄 𝗢𝗔𝘂𝘁𝗵 𝘄𝗼𝗿𝗸𝘀 When a user tries to access their data through a third-party app, they are redirected to log in through the IdP. The IdP sends an access token to the app, which presents it to the server. Recognizing the valid token, the server grants access. 𝗧𝗵𝗲 𝗢𝗔𝘂𝘁𝗵 𝗙𝗹𝗼𝘄𝘀 OAuth 2.0 defines four flows for obtaining authorization tokens: - Authorization Code Flow - for server-side applications - Client Credentials Flow - when the app is the resource owner - Implicit Code Flow - not secure and no longer recommended - Resource Owner Flow - for trusted apps using owner credentials 𝗞𝗲𝘆 𝗯𝗲𝗻𝗲𝗳𝗶𝘁𝘀 - Enhances user experience by eliminating multiple passwords - Allows secure data access across platforms using tokens - Balances accessibility and security OAuth 2.0 has become the standard for authorization. It enables secure, convenient data sharing while protecting user accounts. – Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): bit.ly/496keA7

Top 8 Cyberattacks

@dotnetfiddle Hi, getting "System Error 500 occurred." on my fiddle dotnetfiddle.net/vJgqJb. Any chance you could fix it or at least send me the source code?

Oauth 2.0 Explained With Simple Terms. OAuth 2.0 is a powerful and secure framework that allows different applications to securely interact with each other on behalf of users without sharing sensitive credentials. The entities involved in OAuth are the User, the Server, and the Identity Provider (IDP). What Can an OAuth Token Do? When you use OAuth, you get an OAuth token that represents your identity and permissions. This token can do a few important things: Single Sign-On (SSO): With an OAuth token, you can log into multiple services or apps using just one login, making life easier and safer. Authorization Across Systems: The OAuth token allows you to share your authorization or access rights across various systems, so you don't have to log in separately everywhere. Accessing User Profile: Apps with an OAuth token can access certain parts of your user profile that you allow, but they won't see everything. Remember, OAuth 2.0 is all about keeping you and your data safe while making your online experiences seamless and hassle-free across different applications and services. Over to you: Imagine you have a magical power to grant one wish to OAuth 2.0. What would that be? Maybe your suggestions actually lead to OAuth 3. -- Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): bit.ly/3KCnWXq

Top 12 Tips for API Security - Use HTTPS - Use OAuth2 - Use WebAuthn - Use Leveled API Keys - Authorization - Rate Limiting - API Versioning - Whitelisting - Check OWASP API Security Risks - Use API Gateway - Error Handling - Input Validation – Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): bit.ly/496keA7

REST API Cheatsheet It covers: ✅ The six fundamental principles of REST API design ✅ Key components like HTTP methods, protocols, and versioning ✅ Practical tips on pagination, filtering, and endpoint design – Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): bit.ly/496keA7

@majkaformal @TamauPogi Dawaj Rafał ;)

Easy Peasy @TamauPogi 😎🤝🏻

@SwiatekOOC “Oh no”???

Explain this

A Visual Overview of Kubernetes Containers revolutionized modern application development and deployment. Unlike bulky virtual machines, containers package up just the application code and dependencies, making them lightweight and portable. However, running containers at scale brings challenges. Enter Kubernetes! Kubernetes helps deploy, scale, and manage containerized applications across clusters of machines. 𝗖𝗼𝗿𝗲 𝗞𝘂𝗯𝗲𝗿𝗻𝗲𝘁𝗲𝘀 𝗖𝗼𝗺𝗽𝗼𝗻𝗲𝗻𝘁𝘀 Control Plane: The brains behind cluster management, handling scheduling, maintaining desired state, rolling updates etc. Runs on multiple machines for high availability. Worker Nodes: The machines that run the containerized applications. Each node has components like kubelet and kube-proxy alongside the application containers. The smallest deployable units in Kubernetes are Pods. A Pod encapsulates one or more tightly coupled containers that comprise an application. Kubernetes assigns Pods to worker nodes through its API server. 𝗞𝗲𝘆 𝗞𝘂𝗯𝗲𝗿𝗻𝗲𝘁𝗲𝘀 𝗖𝗮𝗽𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 - Scalability: It's easy to scale applications up and down on demand. Just specify the desired instance count, Kubernetes handles the rest! - Portability: Applications can run anywhere - on premise, cloud, hybrid environments etc. No vendor lock-in! - Resiliency: Kubernetes restarts failed containers, replaces unhealthy nodes, and maintains desired state, reducing downtime. - Automation: Manual tasks like rolling updates, rollbacks are automated, freeing teams to focus on development. 𝗧𝗿𝗮𝗱𝗲𝗼𝗳𝗳𝘀 The power of Kubernetes comes with complexity. Installing, configuring, and operating Kubernetes has a steep learning curve. For many teams, it's overkill. Managed Kubernetes services help by handling control plane management, letting teams focus only on applications and pay for just the worker resources used. 𝗜𝘀 𝗞𝘂𝗯𝗲𝗿𝗻𝗲𝘁𝗲𝘀 𝗮 𝗚𝗼𝗼𝗱 𝗙𝗶𝘁? Consider: - Are you running containers already at meaningful scale? - Will portability or resiliency resolve production issues? - Is your team willing to invest in learning and operating Kubernetes? If you answered yes, Kubernetes may suit your needs. Otherwise, containers without orchestration may still get the job done. – Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): bit.ly/496keA7

@DisneyPlusHelp @darkgazxing Dear DisneyPlus, this is not about this one person, it is down for everyone! Your responsibility to fix it asap :(

@darkgazxing Sorry for the trouble. Complete these steps displ.us/PlaybackTrouble when you have a moment to spare. That should do the trick. If not though, please reach out to us via phone or chat (options are available on the bottom of the page linked) for further assistance.

I just wanna finish my episode bro fix ur servers @DisneyPlus @Disney_UK

@DisneyPlusHelp @MichaelOBurt Nope, it is not a particular title. Disney + is down for all titles and for all/most people. I am in Norway and here it is not working either! Please fix asap :(

@MichaelOBurt Thanks for reaching out Michael! This error means the video is temporarily unavailable and is probably due to an unusually high surge of traffic to that particular title. Please relaunch the Disney+ app or refresh the site and try again in a few minutes. Hope this helps!

@DisneyPlus cannot access D+ on my smart Tv via the Google app tonight. Any idea why?

REST API Cheatsheet It covers: ✅ The six fundamental principles of REST API design ✅ Key components like HTTP methods, protocols, and versioning ✅ Practical tips on pagination, filtering, and endpoint design – Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): bit.ly/3KCnWXq

@playgroundpiano hi, I just have received the same message from you like 35 times in a row: "Congrats! You've successfully navigated…"!