Category: zgxgr

Extra folic acid taken during pregnancy doesnt prevent preeclampsia study

first_imgTORONTO – Taking high-dose folic acid during pregnancy does not prevent pre-eclampsia in women at elevated risk for the potentially deadly condition, a Canadian-led international study has found.The finding, which refutes a long-held belief about folic acid’s preventive role in pre-eclampsia, is expected to alter the practice of prescribing extra doses of the B vitamin to high-risk pregnant women worldwide.Principal investigator Dr. Mark Walker of the University of Ottawa said the study’s finding doesn’t mean foregoing low-dose folic acid, which is taken to prevent fetal neural-tube defects, which can cause such conditions as spina bifida.“All women should take folic acid for at least three months prior to conception,” said Walker, chief of obstetrics and gynecology at the Ottawa Hospital. “I think it’s safe and efficacious to take .4 to 1 milligram of folic acid in a multivitamin throughout the pregnancy.“However, those women who are at risk for pre-eclampsia, there is no benefit to being on a high dose of folic acid.”Pre-eclampsia is a condition caused by elevated blood pressure as a result of pregnancy. It is the second-leading cause of maternal death in Canada after venous blood clots that go to the lungs. Each year, about 78,000 women around the world die from the condition.After pre-term birth, pre-eclampsia is also the second-leading cause of perinatal mortality in Canada, “so it’s a big contributor to still birth as well as neonatal death,” said Walker.“In the majority of cases, we need to deliver the baby to save the mother’s life,” he said. “If that’s at 37 weeks, it’s not such a problem. But if it’s at 26 or 28 weeks, it is a huge issue.”Walker said previous observational studies, by his team and other research groups around the globe, had led to the conclusion that having high-risk women take an extra four mg of folic acid daily during pregnancy would cut the incidence of pre-eclampsia by about 30 per cent.But the Ottawa scientists wanted to put that notion to the acid test with a large randomized controlled trial, the type of study considered the gold standard of medical research.The 2011-2016 study recruited about 2,300 pregnant women at risk for pre-eclampsia, who were enrolled at 70 centres in five countries — Canada, the U.K., Australia, Jamaica and Argentina.Half the women were randomly assigned to take four extra milligrams of folic acid daily, while the other half received a placebo pill.“What we had hypothesized and anticipated was that the high-dose folic acid would reduce the incidence of pre-eclampsia by 30 per cent,” said Walker.“However, what we found was there was absolutely no difference between the group treated with high-dose folic acid and the placebo. Both groups had a pre-eclampsia rate around 14 per cent.”Walker believes findings from the study, published Wednesday in the BMJ, will “absolutely” change standard practice around the world.Dr. Linda Szymanski, a maternal-fetal medicine specialist at the Mayo Clinic, said she was not surprised by the finding and that high-dose folic acid is not something she or her colleagues would have prescribed to prevent pre-eclampsia.“I would hope if that people were prescribing it for pre-eclampsia prevention that this study would change their practice because it is a well-done randomized controlled trial, with a lot of subjects,” Szymanski, who was not involved in the research, said Wednesday from Rochester, Minn.“I think that if I were prescribing it for pre-eclampsia, this would have affected my practice.”Doctors often have pregnant women at risk of pre-eclampsia take low-dose Aspirin. But that regimen isn’t foolproof either — studies have shown the drug reduces the incidence of the condition by only about 10 to 20 per cent.In an editorial, British specialists say the Canadian-led findings “are another disappointment in the long search for a more effective measure to prevent pre-eclampsia.”“All pregnant women and their families hope for a healthy pregnancy and a happy outcome; until we find additional ways to prevent pre-eclampsia, thousands of women each year will not achieve this goal,” write Jenny Myers of the University of Manchester; Marcus Green, chief executive of the group Action on Pre-eclampsia; and obstetrics research professor Lucy Chappell of King’s College London.The next step for Walker’s team is to follow the children born to mothers in the study up to the age of six to assess their neurological and behavioural development, to see if they derived any benefit or harm from maternal exposure to extra folic acid.But longer term, the researchers hope to determine what intervention could prevent pre-eclampsia, which even without severe complications can lead to hospitalization during pregnancy and pre-term delivery through induction or caesarean section.“We plan a couple of more trials and we’re not going to rest until we’ve answered this question,” Walker said.— Follow @SherylUbelacker on Twitter.Note to readers: This is a corrected story. A previous version referenced acetaminophen instead of Aspirin, sixth last para.last_img read more

Read More

Sunanda Pushkar death case: Court reserves order for May 13 on Swamy’s plea

first_imgNew Delhi: A Delhi court on Saturday reserved its order for May 13 on Subramanian Swamy’s plea seeking to be part of the trial in the death of Sunanda Pushkar, wife of Congress MP Shashi Tharoor. Special judge Arun Bhardwaj passed the order after hearing all the parties. Swamy’s plea has also sought to bring on record the Delhi Police’s vigilance report on tampering of evidence in the case and claimed that it might lead to framing of additional charges. Pushkar was found dead in a suite of a luxury hotel in the city on the night of January 17, 2014. The couple were staying in the hotel as the official bungalow of Tharoor was being renovated at that time. The former Union minister has been charged under sections 498-A (husband or his relative subjecting a woman to cruelty) and 306 (abetment of suicide) of the IPC.last_img read more

Read More

Morocco Announces Officially Approved Tourist Guides

Taroudant – In its attempt to organize the tourism sector and fight against fake guides (locally known as les “faux guides”) the Moroccan government published the full list of officially approved tourist guides, who are authorized by the touristic delegation.The government made available on the website of the Ministry of Tourism and Data.gov.ma the list of the authorized guides, including their full names, the city in which they work, their status and the languages they spoke.For better services, tourists are highly required to contact approved guides whose names are included in the list. In the same sense, the list of approved travel agencies has been put online in early January.This initiative is in line with the broader government’s willingness to secure and organize the tourism sector in the kingdom.Last year, Morocco’s tourism sector performed well, with the majority of tourists who visited the kingdom in the second and third quarters of 2014 expressed satisfaction with their visit.Lahcen Haddad, Tourism Minister, said in December, that “the sector attracted $ 2 billion in investments in 2014, to bring the overall investments in the sector since the launch of the 2020 Vision to 7 billion dollars, despite a challenging international economic environment.” read more

Read More

Badr Hari’s Ex-Partner Estelle Cruyff Allegedly Converts to Islam

Rabat – Estelle Cruyff, Badr Hari’s ex-partner has reportedly converted to Islam, according to Moroccan news outlet Alyaoum24 in its weekend edition.According to the same source, the 37-year old Dutch woman made shahada, or the Islamic declaration of faith affirming the oneness of God and the acceptance of Muhammad as His prophet, during the funeral of the Moroccan kickboxing champion’s sister in Kenitra.Estelle Cruyff, who is the niece of Dutch football legend, Johan Cruyff, had been married with another Dutch football legend, Ruud ­Gullit. They split in 2012. Badri Hari’s sister died earlier this week in the Netherlands after a prolonged illness. Though Cruyff split up with Hari a year ago, she attended the funeral because she was friends with his sister, sources acquainted with the subject in the Netherlands told Morocco World News.The Moroccan super heavyweight champion announced the death of his sister via Instagram on Tuesday.“Surely we belong to Allah and to Him shall we return. My dearest and most beautiful sister has returned to Allah, may Allah forgive her and grant her the highest Paradise, Jennat Al Firdaus,” Hari wrote in English and Arabic mourning the death of his sister. read more

Read More

Taseko Mines Ltd suing Ottawa for blocking development of 15billion gold and

VANCOUVER — Taseko Mines Ltd. (TSX: TKO) is suing the federal government in B.C. Supreme Court and seeking unspecified compensation for a 2014 decision that blocked development of a proposed $1.5 billion gold and copper deposit.The Vancouver-based company claims that the government and its agents — including the environment minister at the time — failed to meet their legal duties to Taseko when they blocked the New Prosperity project.Taseko also alleges, among other things, that its property was effectively expropriated without compensation when a federal cabinet decision on Feb. 25, 2014, made its mineral rights essentially worthless.The company didn’t say how much money it’s seeking through the lawsuit, filed in the provincial court, but said its seeking general and punitive damages, plus interest, and any other relief that the court may choose.The federal government did not immediately return a message seeking comment.Proxy fights get started: Raging River wants change at Taseko MinesTaseko seeks to sue Ottawa for damages over B.C. mine rejectionThe suit was announced Friday, three days before Taseko and the federal government are scheduled to face off in Vancouver with a related dispute before the Federal Court of Canada.The latest claim dated Thursday relates to an open-pit project, 125 kilometres southwest of Williams Lake, B.C., Taseko had promoted as a major economic driver in the Cariboo region of the B.C. Interior.Its suit says the project would have provided about 550 direct jobs and 1,280 indirect jobs and contribute about $459-million annually to the province’s gross domestic product.The project and its predecessor, the Prosperity project, ran into opposition over environmental issues and both were rejected in 2014 and 2010 by the Harper Conservative government on advice from the Canadian Environmental Assessment Agency.“Given the conduct of the Government of Canada and its agents we have no other choice but to defend the interests of our shareholders and to protect their assets,” Taseko CEO Russell Hallbauer said in a statement. read more

Read More

Scientists inject ozone into packaging to make food last longer

first_imgFresh food that’s prepared and packaged in a clean environment still only has a shelf life of a few days, even when refrigerated. That in turn means there’s only a very short period of time in which to transport and sell that food, and ultimately it leads to a lot of waste.Improving the shelf life of such food would cut down on waste considerably, and a group of scientists working out of the University of Glasgow think they have a solution.The reason food becomes un-saleable after a few days is because any bacteria, mold, or fungi that remains on the food when packaged starts to take hold. The more of that you can remove, the longer the food will last. So the scientists in Glasgow decided to inject packaged food with ozone.Ozone is already well-known for its bacteria-killing properties. It’s used as a disinfectant, for preparing pharmaceuticals, sanitizing swimming pools, and washing several foods including fruit and vegetables. For packaged food, a retractable device is placed against the plastic (or glass) packaging, which turns some of the oxygen inside into ozone. It then remains in this form for a couple of hours and kills any bacteria/mold/fungi it encounters before reverting back to oxygen.The end result is packaged food with a lot less bacteria contained within it and a treatment that has no impact on its taste. In real terms, it means the food gains at least an extra 24 hours of shelf life, which is a big improvement when you consider some food stuffs currently only lasts a handful of days.The following video shows the difference the ozone injection makes. The muffins in the bags on the right have been treated, and last far longer than the untreated ones on the left:The university has already formed a company around the product called Anacail (which is Gaelic for “shield”). Initially, they intend to sell the required machine to the food industry, but it has uses in many other industries including for medical equipment and eventually as a consumer device for keeping home-prepared food fresher for longer.last_img read more

Read More

We have plans to deal with racial abuse – Southgate

first_imgEngland’s World Cup squad coach Gareth Southgate has said he has a “tight-knit” group and have plans in place to deal with any racial abuse aimed at any members of the travelling party.This statement is coming after Dany Rose said he asked his family to stay at home and not come to Russia due to fear of racial attacks. The Three Lions will leave for Russia next week ahead of their opening game with Tunisia on June 18, but Danny Rose’s family will not be following them.Southgate says he sympathises “100 percent” with Rose’s situation and confirmed his squad have discussed the issue during their recent training camp, according to Goal.“I wasn’t aware of the conversation he had had with his family,” Southgate told a media conference. “Everything else he has said he talked to us about because we had a meeting with the players a few nights ago.Southgate explains why he started Jadon Sancho Taimoor Khan – September 11, 2019 Jadon Sancho was given a start ahead of Marcus Rashford in England’s win over Kosovo and the manager explained why he went down that…“No one knows what is going to happen in Russia but he felt there could something his family experiences and he thought that might distract from his football.”Southgate’s stance on the issue is clear, and he is confident the players will receive sufficient support should they be subject to any abuse.“The biggest impact we can have is as one of the most diverse squads to have left England and the way that they all get on and hopefully that message will come through.“The players, like everyone else, doesn’t really know what to expect. We have had conversations explaining that. We are all hopeful that it will go well, but we are having conversations in case it happens. We have a plan in place. We have personal support, team support and official protocol in place.”last_img read more

Read More

CES Responded To Structure Fire In Apartment Building Near KBeach Road

first_imgFacebook0TwitterEmailPrintFriendly分享Central Emergency Services crews were dispatched to Cork Line Dr. near K-Beach Rd. at 8:12 p.m., last night, for the report of a fire in a four-plex apartment building. The first fire engine on scene arrived at 8:17pm and found heavy fire in an attached shop with fire spreading to three apartment units. According to CES Chief Roy Browning, fire crews were able to make entry into the apartments and extinguish the fire. The building was occupied and all of the residents were out of the building when the fire department arrived.  The cause of the fire is still under investigation. A total of 24 firefighters responded with 2 Engines, 3 Water Tankers, and a Medic Unit. Kenai Fire Department responded with an Auto-Aid Tanker for mutual aid assistance.last_img read more

Read More

Police bust man for allegedly selling 1 million Netflix Spotify passwords

first_img 0 Share your voice Tags Privacy Netflix Post a comment Angela Lang/CNET An Australian man has been arrested after allegedly raking in an estimated AU$300,000 ($211,000) selling stolen login details online. The man was allegedly behind the website WickedGen.com, which boasted that it had 120,000 users and sold Netflix, Spotify and Hulu logins stolen from almost 1 million accounts. Working on a tip-off from the FBI, Australian Federal Police arrested the 21-year-old man on Tuesday, according to a police statement. “The account details were obtained through credential stuffing, which sees a list of previously stolen or leaked usernames, email addresses and corresponding passwords re-used and sold for unauthorised access,” the statement read. “The accounts details were from unknowing victims in Australia and internationally, including the United States.”While account sharing is common (roughly one third of streaming users say they’d quit a service like Netflix if it tried to stop password sharing), account stealing is a different matter.”These types of offences can often be a precursor to more insidious forms of data theft and manipulation, which can have greater consequences for the victims involved,” said the manager of cyber crime for the AFP, Acting Commander Chris Goldsmid.The lesson? Don’t use the same login details for everything and be careful with your passwords. Internet Securitylast_img read more

Read More

Alaska News Nightly Monday Nov 21 2016

first_imgStories are posted on the APRN news page. You can subscribe to APRN’s newsfeeds via email, podcast and RSS. Follow us on Facebook at alaskapublic.org and on Twitter @aprnListen NowNew legislative leaders prepare to start work ahead of challenging sessionAndrew Kitchenman, KTOO – JuneauBoth houses of the legislature will have new leaders in January. Incoming Senate President Pete Kelly and House Speaker Bryce Edgmon both said they have positive feelings toward the other. But they lead very different caucuses that will likely have different priorities in the coming legislative session.Update: Blood Bank denies it put public at risk to boost financesZachariah Hughes, Alaska Public Media – AnchorageLast Friday, we brought you a story about the Blood Bank of Alaska holding a press conference to dispute allegations that were part of a complaint filed with the Food and Drug Administration by a former employee. That employee, Linda Soriano claimed that over the summer, BBA’s blood supply had gotten dangerously low because of financial incentives to over-export blood in order to pay for the new, larger building that opened earlier this year.Community gathers for Transgender Day of Remembrance Anne Hillman, Alaska Public Media – AnchorageSunday was the International Transgender Day of Remembrance. More than 80 people gathered in Anchorage to honor those who lost their lives because of transphobia. Those in attendance also discussed ways to prevent violence in the future.Front of new Alaska ferry completedLeila Kheiry, KRBD – KetchikanKetchikan’s Vigor Industrial rolled out the forward half of the Alaska-class ferry Tazlina on Sunday. With that portion out of the assembly hall, shipyard employees now can get started on the back half.Great Alaska Shootout enters 39th year, but a 40th isn’t guaranteedJosh Edge, Alaska Public Media – AnchorageThe GCI Great Alaska Shootout basketball tournament tips off this week in Anchorage. This is the tournament’s 39th year, but a 40th is not guaranteed as the university grapples with a shrinking budget.Mat-Su Salmon Symposium brings salmon advocates together Ellen Lockyer, Alaska Public Media – AnchorageMatanuska Susitna Borough’s annual Salmon Symposium brings together researchers and conservationists for updates on how to better manage and protect salmon habitat. The event got underway Thursday in Palmer.Oil advocates optimistic and hopeful of Trump presidencyLiz Ruskin, Alaska Public Media – Washington D.C.Advocates of more oil development in Alaska’s Arctic believe they have a champion in Donald Trump. But the president-elect has not mentioned the Arctic in his few public speeches since election day. He did not respond, by Twitter or otherwise, to last week’s announcement that the Interior Department has removed the Arctic from its five-year offshore leasing plan.HEA members question whether subsidiary will be deregulatedShahla Farzan, KBBI – HomerTwo Homer Electric Association members filed a formal complaint with the Regulatory Commission of Alaska (RCA) on Nov. 15, regarding HEA’s ongoing deregulation election.Juneau animal control officials seek mandatory microchips for dangerous petsJeremy Hsieh, KTOO – JuneauJuneau’s animal control officials want mandatory microchipping of pets they deem “potentially dangerous or dangerous,” and the Juneau Assembly is considering an ordinance with the microchipping requirement at the committee level on Monday.last_img read more

Read More

Whats Coming to Amazon Prime Video in February

first_img ×Actors Reveal Their Favorite Disney PrincessesSeveral actors, like Daisy Ridley, Awkwafina, Jeff Goldblum and Gina Rodriguez, reveal their favorite Disney princesses. Rapunzel, Mulan, Ariel,Tiana, Sleeping Beauty and Jasmine all got some love from the Disney stars.More VideosVolume 0%Press shift question mark to access a list of keyboard shortcutsKeyboard Shortcutsplay/pauseincrease volumedecrease volumeseek forwardsseek backwardstoggle captionstoggle fullscreenmute/unmuteseek to %SPACE↑↓→←cfm0-9Next UpJennifer Lopez Shares How She Became a Mogul04:350.5x1x1.25×1.5x2xLive00:0002:1502:15 Popular on Variety Feb. 5The Tunnel, Season 3Feb. 6Hillary, Season 1Feb. 7PapillonFeb. 8White Dragon, Season 1 (Prime Original series)Don’t Worry, He Won’t Get Far on Foot (Prime Original movie)The PromiseFeb. 15Lorena, Season 1 (Prime Original series)Feb. 16What They HadFeb. 17The PartyFeb. 21Odd Squad: Odds and EndsFeb. 22This Giant Beast That Is The Global Economy, Season 1 (Prime Original series)Feb. 23Death WishFeb. 25Every DayFeb. 28The Young and Prodigious T.S. SpivetAmazon Prime Video is free for all Amazon Prime members. Get a 30-day free trial to Amazon Prime here to check out some of these titles for yourself. See the full list of titles below and sign up for a 30-day free trial to Amazon Prime to start watching. Feb. 1Agatha Christie Presents: ABC Murders, Season 1 (Prime Original series)In Plain Sight, Season 1-5Just Add Magic, Season 3 (Prime Original series)23 1/2 Hours LeaveAlong Came PollyBarefootBountyBrand of the DevilBroadway Danny RoseChaosDelta FarceFlesh+BloodFoolishFour Weddings and a FuneralGambler’s ChoiceGeneration Wealth (Prime Original movie)Gorilla ShipGuru, the Mad MonkHay FootHeadline CrasherHigh LonesomeHigh School GirlHollywood Without Make-UpHunters of the DeepIrish LuckJacaréJoan the WomanLady from ChungkingLara Croft: Tomb RaiderLittle Miss HooverLoaded PistolsLost CanyonLucky GhostLucky TerrorLying LipsMarathon ManMarie GalanteMen of the PlainsMy Lady of Whims‘Neath Canadian Skies‘Neath the Arizona SkiesNext Day AirNo Substitute for VictoryOn Her Majesty’s Secret ServiceOriental EvilOrphans of the StormOutlaw ExpressOutlaws of the DesertParadise ExpressPartners of the PlainsPirates on HorsebackPrivate Snuffy SmithQueen of the JungleRacing BloodRaiders of the BorderRawhideReckless DecisionRogue of the RangeA Romance of Happy ValleyA Romance of the RedwoodRound-Up Time in TexasRubber TiresSecret of the WastelandsSecrets of Three Hungry WivesSepia CinderellaSisters of DeathSparrowsSpirit of YouthStar KidStella MarisA Strange AdventureSwamp FireTerminator 2: Judgment DayTexas JackTexas to BataanThat Gang of MineThe Blues BrothersThe Border LegionThe Ghost WalksThe Hoosier SchoolmasterThe James Dean StoryThe Jesus TripThe KidThe Kid RangerThe Last of the ClintonsThe Last of the MohicansThe Love of SunyaThe Married VirginThe MatrixThe Matrix ReloadedThe Matrix RevolutionsThe MoneyThe Phantom BroadcastThe Portrait of a LadyThe Proud and DamnedThe Purple Rose of CairoThe Quiet OnesThe Shadow StrikesThe Thomas Crown AffairThe Time Traveler’s WifeThe Violent YearsThelma & LouiseThree HusbandsThree Men from TexasTombstone CanyonTomorrow at SevenTracy the OutlawUnforgettableUniversal SoldierUntamed HeartVigilantes of BoomtownWacky TaxiWagon TrailWagon WheelsWater RustlersWayne’s WorldWayne’s World 2West of the LawWhistling BulletsWhite PongoWild CountryWildfireWinning of the WestYe ShanghaiYodelin’ Kid from Pine RidgeYoung Dynamite Just in time for Valentine’s day, Amazon Prime Video is bringing in a haul of Prime Originals — seven to be exact. For those who air on the cynical side this V-day, check out the twisted love story that led to “Lorena,” which details the story of Lorena Bobbitt, the woman who cut off her husband’s penis after enduring years of abuse. And if after watching that you remain a fan of crime and murder stories, another Prime Original to watch is “Agatha Christie Presents: ABC Murders.”True romantics can try a rom-com like “Four Weddings and a Funeral,” “Along Came Polly,” or “Barefoot.” For fans of old black-and-white movies, Prime has several in store. Silent film enthusiasts will rejoice at Cecil B. DeMille’s “A Romance of the Redwoods” from 1917, as well as 1919’s “A Romance of Happy Valley,” and 1937’s “23 1/2 Hours Leave.” There are a lot more old films where that came from, including classics from every decade of the 20th century, from the 1910s to the ’90s.last_img read more

Read More

Netflix Orders Three New Italy Originals Including Three Steps Over Heaven

first_imgNetflix has announced three new Italian originals, indicating that the streaming giant is ramping up operations in the country as it gets more traction with local subscribers.The new Italian Netflix originals in the pipeline are: “Curon,” a genre show with supernatural elements, which is set in a Northern Italian village; a series adaptation of hit teen romance movie “Three Steps Over Heaven”; and an adaptation of a bestselling Italian novel titled “Fedeltà,” which translates as “Faithfulness,” and is about a Milanese couple in their 30s. “Curon,” in which “a mother and her teen kids return to her mysterious hometown village in Northern Italy only to discover what lies below the surface of her past,” according to promotional materials, sees Ezio Abbate serving as head writer. Abbate was a writer on “Suburra,” which was Netflix’s first Italian original. “Curon” will be produced by Indiana Productions and marks the first Netflix deal for the Milan-based shingle, which has been expanding into TV. What’s Coming to Netflix in September 2019 “Three Steps Over Heaven” originated as a movie hit in Italy and was then adapted to stellar results in Spain. The series will be produced by ITV-owned Cattleya, the prominent Italian shingle that produced “Suburra.”In this series, which will transpose the Italian film’s setting from Rome to a backdrop of motorbike racing on the Adriatic coast, “an undeniable attraction” will bring together two characters, Sally and Ale, “from their different worlds,” a Netflix statement said. Netflix has just acquired the adaptation rights to “Fedeltà,” which is shortlisted for Italy’s top literary prize, the Premio Strega. No Italian producer is on board for the show yet.Besides these three new original series, Netflix recently announced an Italian original film, “Lo Spietato,” directed by Renato De Maria and toplining local A-lister Riccardo Scamarcio as a Milanese gangster. Produced by BIBI Film and RAI Cinema, the pic will be released briefly in Italian cinemas April 8-10 and then drop globally on Netflix on April 19.“Italy is a cradle of great storytellers and amazing talent, and our aim is to find those unique and very local voices that could resonate with TV lovers everywhere,” said Kelly Luegenbiehl, Vice President of International Original Series for Europe and Africa. “This new crop of projects are all very different and will all be shot across Italy. We’re deeply committed to the Italian creative community – and to the creative vision of the content creators we’re working with.”Netflix also has three Italian standup comedy originals in the works. And it is also in production on the second season of “Baby,” which takes its cue from a real-life Rome teen prostitution ring.Though the exact figure of Netflix’s Italian client base is not known, subscribers to streaming platforms in Italy have doubled over the past year, reaching roughly 5 million, the bulk of which are said to be Netflix subscribers, according to a recent study by Ernst & Young, the Italian daily Il Sole 24 Ore reported. Other previously announced Italian Netflix originals in the pipeline are the first season of “Luna Nera,” a new original series based on an unpublished manuscript about women accused of witchcraft in 17th-century Italy, to be produced by Domenico Procacci’s Fandango, and an adaptation of Italian animated franchise the “Winx Club” into a live-action TV series. ‘Orange Is the New Black’ Creator Jenji Kohan and Star Uzo Aduba Bid Farewellcenter_img Popular on Variety Related ×Actors Reveal Their Favorite Disney PrincessesSeveral actors, like Daisy Ridley, Awkwafina, Jeff Goldblum and Gina Rodriguez, reveal their favorite Disney princesses. Rapunzel, Mulan, Ariel,Tiana, Sleeping Beauty and Jasmine all got some love from the Disney stars.More VideosVolume 0%Press shift question mark to access a list of keyboard shortcutsKeyboard Shortcutsplay/pauseincrease volumedecrease volumeseek forwardsseek backwardstoggle captionstoggle fullscreenmute/unmuteseek to %SPACE↑↓→←cfm0-9Next UpJennifer Lopez Shares How She Became a Mogul04:350.5x1x1.25×1.5x2xLive00:0002:1502:15last_img read more

Read More

Heres a Closer Look at the Nike Kyrie 5 SpongeBob Pack

first_imgStay on target Sneakers? They’re pretty cool if we’re being honest. A flashy pair of kicks is a great way to take an outfit from good to great (or as is so often the case for me, make a t-shirt and pair of jeans look cooler than it actually is). That said, it’s an expensive habit and oftentimes an intimidating world to dive into for the first time. The whole Geek.com crew digs a good pair of sneakers, but if there’s one thing we understand it’s that getting into the world of sneakers can seem like an uphill battle.That’s why a great pop culture collab is so vital — oftentimes it’s the thing that can get a new fan to buy their first flashy pair of sneakers. One such opportunity is coming up this weekend with the SpongeBob Pack by Nike x Nickelodeon. The drop consists of five of NBA superstar Kyrie Irving’s signature shoes (three Kyrie 5s and two Kyrie 2 Lows) in colorways representing five SpongeBob characters (SpongeBob, Patrick, Squidward, Mr. Krabs, and Sandy).The rollout for these shoes has been much-anticipated. From the first rumors of the pack (well, “rumors” feels like an understatement as it was more Kyrie himself saying that he had some SpongeBob shoes coming out) to the killer PR rollout Nike has organized for the shoes, they’ve managed to turn what could easily be a joke of a release into perhaps the single most anticipated sneaker drop of the summer that doesn’t involve Travis Scott.This week I got a chance to check out some of the shoes for myself thanks to the crew at Nike NYC —specifically, the SpongeBob and Squidward Kyrie 5s. With this drop seeming like such an opportune moment to get the Geek universe stoked on sneakers (and with many of y’all likely anticipating the drop yourselves) we figured it’s a great chance to give you all a closer look at the Nike Spongebob Pack.The Kyrie 5Alright, so the Kyrie 5 isn’t a new sneaker by any means (it dropped Fall ‘18) but there’s still a good chance people will be checking the shoe out for the first time with the SpongeBob release. As such, we’re first going to take a look at the shoe itself, which happens to rule.Nike Kyrie 5 ‘SpongeBob SquarePants’ (Photo Credit: Nike)Seriously, the Kyrie 5 might not have the cutting-edge tech of the Nike Adapt BB (then again, very little does) and it might not have the name recognition of the LeBron 16 or the latest Air Jordan, but it’s been the highlight of Nike’s basketball sneaker line for the last year. I’m usually super curious to see NBA players’ new sneakers every basketball season but this is the rare case where I’m actively dreading Irving switching up his shoe game when the Kyrie 6 comes around. I’m sure the sneaker will be dope, don’t get me wrong, but the 5 is pretty perfect in a multitude of ways.For starters, it’s incredibly well-designed and constructed. The Kyrie 5 is a sturdy mid-cut sneaker with a solid sole — anybody wanting to learn a little bit more about just how much thought goes into the patented Air Zoom tech the shoe utilizes can read up on it here. That sole also features a prominent curve, which I’m sure is super useful on the basketball court but helps a ton in real life as well. I almost always keep a pair of Kyrie 5s on hand on days I spend in Manhattan or at comic conventions — those times when I know I’ll be on my feet and moving constantly. It’s saved me a lot of sore legs over the last year without the sometimes-painful adjustment process that can come with arch supports or super-structured running shoes.Nike Kyrie 5 ‘SpongeBob SquarePants’ (Photo Credit: Nike)The silhouette is the most eye-catching in Nike’s current basketball lineup and if you’ve seen the pictures above you probably already know why. The “Flytrap” device that threads the shoe’s laces serves both technical and aesthetic purposes. From a practicality standpoint it assists in forming the shoe’s upper to your foot. From an aesthetic one, it’s super weird, but in the best way. It’s an eye-catching touch for sure and one that may need a minute to grow on you (I know it did for me). But once it does, you’re gonna hate to wear a pair of shoes without it.There’s one more detail that may be the most crucial, especially if you’re new to buying sneakers. The Kyrie 5 is a performance shoe designed for basketball, and specifically to fit Kyrie Irving’s specifications. As such, it features a narrow upper and an ankle with some pretty thick padding. If you plan on buying one of the Kyrie 5s in this SpongeBob drop (or any Kyrie 5, really) plan on buying a half-size up. There are few worse feelings in sneaker collecting than looking forward to a pair of shoes arriving in the mail only to discover that they don’t fit.Nike Kyrie 5 ‘Squidward Tentacles’ (Photo Credit: Nike)The SpongeBob and SquidwardMy girlfriend is a crazy talented artist (I’m going somewhere with this, I swear) and much of her work revolves around color. She’s got a really incredible eye for it, sometimes to the point that she’ll show me two versions of a piece she’s working on, asking my opinion as to which color looks better, and I’ll hardly be able to notice a difference.I say all of this only to put into context that when I took the SpongeBob and Squidward Kyrie 5s out of the box and my girlfriend immediately said, “Wow, they really nailed those colors” she knows what she’s talking about. And she’s not wrong. It’s one thing to see a promotional image of a shoe look good but seeing these kicks in person it’s truly wild just how true to the character’s color palettes they are. The Squidwards aren’t just teal, they are specifically Squidward Q. Tentacles teal — if you don’t believe me, hold them up to your TV next time the show is on and see for yourself.Nike Kyrie 5 ‘Squidward Tentacles’ (Photo Credit: Nike)Similarly, it’s one thing to see some of the details profiled in the promotional imagery and another thing entirely to see them in person. For the most part, these exceed what the advertising has promised. You don’t quite realize just how tailored the colorways are until you see them in person. The SpongeBobs in particular are so incredibly tailored to the character’s design, from the sponge holes speckled throughout the upper to the way the shoe’s lower mimics the character’s outfit. That includes one of the more impressive twists, actually — the midsole incorporates white and red to pay homage to the character’s shirt and tie but the lower utilizes a classic brown gum material. It might not be the same shade as the nominal square pants but it conveys the message while also drawing on a classic staple of sneaker construction.The details promised are all present, from the characters’ faces on the shoe’s insole to the excellent inner-tongue details — the left shoe displays the character’s “signature” while the right shoe has a bit of their iconography. Squidward’s rocks a clarinet while SpongeBob’s has his classic Krusty Krab hat. A particular detail I’m finding pretty endearing is the thought that’s gone into what each signature looks like. SpongeBob’s is pretty clear print but Squidward’s is a big, gaudy, self-important cursive that actually made me laugh out loud.Nike Kyrie 5 ‘Squidward Tentacles’ (Photo Credit: Nike)Most Kyrie 5s feature a triangle design on the heel harkening back to the Illuminati/conspiracy theory lore the dude loves (no, seriously) but these shoes have foregone it in favor of a Nike logo done up in a recognizable SpongeBob font (speaking of which, the Kyrie KI logo on the outside of the tongues of his shoes has been Bikini Bottom-ized as well). SpongeBob’s is in a, appropriately spongy knit while Squidward’s is a sheeny rubber.There are a couple of downsides, one being that the sponge speckles on the SpongeBob colorway aren’t printed into the material. They’re individual rubber dots glued to the shoe. Nike certainly doesn’t skimp when it comes to putting together a shoe that will last but I’m curious to see how long those dots hold up in the long run. Additionally, the tongues feature the Nickelodeon logo in its classic orange. While it’s a small touch, it definitely clashes with the overall color schemes just a little bit. Not a shoe-ruiner by any means, but it’s an undeniable blemish.Nike Kyrie 5 ‘SpongeBob SquarePants’ (Photo Credit: Nike)The VerdictOutside of its design, what’s always drawn me to the Kyrie 5 is that Irving seems to have gone out of his way to make it an accessible shoe. He’s not opposed to weird, bright designs or pop culture collaborations, not only because they’re extensions of his notorious eccentricity but because they make sneakers feel more accessible to kids and adults alike who may not have considered buying a pair before.Irving is also a stickler for keeping the price point down — the SpongeBob shoes all run around $130, which is a pretty far cry from the LeBron 16 or the latest pair of Air Jordans. Sneakers are an expensive habit if you get into them in a big way but Kyrie keeping his price points down is a refreshing change and helps open up the culture to new fans in a big way.Given the stellar quality and attention to detail, I can’t recommend the SpongeBob pack enough. It’s a great first shoe and a great addition to any already-thriving collection. Don’t miss out when they drop on the Nike SNKRS app on August 10 at 10 a.m. ET.Find out more about the Nike Kyrie 5 SpongeBob Pack at Nike.com.More on Geek.com:This Nike Sneaker Is Inspired by ‘Coming to America’Nike x ‘Stranger Things’ Collection Goes Back to the Summer of ’85Nike’s Newest Air Max 97 Is Inspired by Nintendo 64 Nike x ‘Stranger Things’ Is Back With an Upside Down-Inspire…Nike’s Joyride Sole Is a Fascinating Sneaker Innovation last_img read more

Read More

Oldest business management institute to take measures for 100 final placement

first_imgKolkata: Indian Institute of Social Welfare & Business Management (IISWBM) is taking a slew of measures to achieve 100 percent placement in the institution. Rajagopal Dhar Chakraborti has joined as the new director of the oldest B school in the country in the last week of March.”We want to achieve 100 percent placement. We will be in constant touch with our alumni and seeking their valuable advice for developing our relationship with the industry. We are planning to include the internship of our students as a part of our course,” Dhar Chakrabari said. Also Read – Heavy rain hits traffic, flightsIt may be mentioned that the institute has thousands of alumni based across the world including India. “There are around 2,500 alumni who are in contact with us. A separate cell will be set up to rope in more alumni with the activities of this institute,” a senior official said. He added that the institute will focus on skill development of students and will also recruit at least two more placement officers.According to the placement cell of the B school, there have been 95 percent placements in MBA, 85 percent in Master of Human Resource Management (MHRM ) and 75 percent in other subjects. “We have to achieve 100 percent placement and for this we are also restructuring our curriculum as per job demands in the market,” a senior official of IISWBM said. Also Read – Speeding Jaguar crashes into Merc, 2 B’deshi bystanders killedAs per statistics, in 2015-16 the placement rate was 96 percent, and 98 percent in 2016-17. The placement season starts from November and continues till May. “There have been 92 percent placements already,” an official with the B school’s placement cell said.IISWBM has set a precedence in its placement record this year with one of its students bagging a job with Amazon India with a hefty pay package of Rs 12 lakh.The B school was set up by the Calcutta University senate together with the then Prime Minister Jawaharlal Nehru and the then Bengal Chief Minister Bidhan Chandra Roy and Dijendra Kumar Sanyal in 1953.Companies that had participated in the campus recruitment process includes ICICI, Jio, ITC, Marico, Linde India, Khadims, SBI Cards and of course Amazon India to name a few.last_img read more

Read More

Marilyn Monroe and JFKs Rumored Tryst House Up For Sale

first_imgThe California estate where President John F. Kennedy and Marilyn Monroe are rumored to have had an affair is up for sale for $5 million. Located in Rancho Mirage, just outside of Palm Springs, the Moroccan-themed estate was built for entertainer Bing Crosby in the 1950s and has five bedrooms and five bathrooms spread out over 6,700 square feet, on 1.36 acres of land.It features “expansive and unobstructed views” of Coachella Valley, as well as an array of outdoor gardens, a pool, three fire pits, and an attached casita, according to the site Inside Hook.Photo Courtesy Douglas Elliman Real EstateThe house’s attached two-bedroom casita is rumored to be the place where Marilyn Monroe and JFK would meet in secret.The real estate listing coyly says the house is “fabled to have housed one of our former presidents and his legendary guest, thereby earning its name, the JFK Wing.”The affair between the actress and the president has reached mythic status while not actually having much substantiation.Photo Courtesy Douglas Elliman Real Estate“A passionate love affair between Marilyn Monroe and John F. Kennedy has been assumed for so long that it has achieved as solid a place in public awareness as almost any other event in the man’s presidency,” wrote Donald Spoto, one of Monroe’s more respected biographers.But while the two did know each other, they did not meet often, Spoto said. “All that can be known for certain is that on four occasions between October 1961 and August 1962, the president and the actress met.”JFK with Robert Kennedy and Marilyn Monroe in 1962.One of these four meetings took place at Bing Crosby’s home and it is the time when an affair seems most likely.It was March 24, 1962, and both Monroe and Kennedy were houseguests of Crosby. She told confidante Ralph Roberts afterward “that this night in March was the only time of her ‘affair’ with JFK,” wrote Spoto. Roberts said, “Marilyn gave me the impression that it was not a major event for either of them. It happened once, that weekend, and that was that.”Photo Courtesy Douglas Elliman Real EstateOf course the fourth meeting was when Marilyn Monroe sang to the president at his birthday gala at Madison Square Garden. Afterward, she attended a party for the president, along with many members of his family and his friends, hosted by Arthur and Mathilde Krim.No matter what happened between these two famous figures of the 20th century, the Bing Crosby house was a spectacular home for the “White Christmas” crooner.Marilyn Monroe Happy Birthday Mr. President, 1962. Photo by Cecil Stoughton. White House Photographs. John F. Kennedy Presidential Library and Museum, Boston.Crosby had a number of homes in Palm Springs, including one which President Kennedy visited later on. That visit was also controversial because Kennedy was planning to visit Frank Sinatra, but due to Sinatra’s connections to organized crime, his advisors persuaded him to switch to Crosby.Actor Peter Lawford, Kennedy’s brother-in-law, wrote that when he was told Kennedy would not be his guest, Sinatra was “livid.” He blamed Lawford, and banned him from the Rat Pack.Bing Crosby publicity photo, c. 1930sBing Crosby was neighbors with not only Frank Sinatra but also Ginger Rogers, Kirk Douglas, and Lucille Ball in this exclusive neighborhood.“The home is all about indoor-outdoor living and traditional-meeting-modern design — and it overlooks such a gorgeous backdrop,” realtor Frederik Eklund said in an interview.Photo Courtesy Douglas Elliman Real EstateFortune magazine asked, “What other listing can offer the chance for caroling around a pool and fire pit with such a level of celebrity history? The house is in decent shape but could use some upgrades.”“Along with a well-proportioned main structure with retractable glass walls, the purchase includes an adjacent half-acre lot on which owners can build a small guest house for future presidential affairs.”Palm Springs had a special status among celebrities in the 1950s and 1960s.Read another story from us: Art Deco House with Original Vintage Furnishings For Sale – Take a Tour“Without Hollywood, it can be argued, there would be no Palm Springs as we know it today,” wrote Howard Johns in his book Palm Springs Confidential.last_img read more

Read More

Review of Peachtrees Accounting Software

first_img This story appears in the July 2006 issue of Entrepreneur. Subscribe » 5 min read Free Webinar | Sept 5: Tips and Tools for Making Progress Toward Important Goals When it comes to accounting, folks generally separate into two camps: those who transact, and those who analyze.Any of the major small-business accounting programs–Peachtree, QuickBooks, Microsoft Small Business Accounting, DacEasy–will serve entrepreneurs in either camp. But if you’re an analyzer, chances are you’ll feel most at home with one of the just-released editions of Peachtree Accounting. That’s especially true if you carry inventory. It’s not that Peachtree’s 2007 editions have features competitors don’t. It’s about depth in certain key areas and a degree of flexibility that appeals to those who–if truth be told–kind of dig accounting.Most of us are transactors, of course, because that’s the easiest thing to be. A good accounting program will take a lot of bookkeeping drudgery off your shoulders–but nothing saves time like dumping your shoebox on a paid professional. The only trouble with that particular strategy is, even if you strike gold early on, fortune never smiles on a business forever. You’re bound to hit a rough patch sooner or later–sooner if competitors hear about your margins. That’s when a good accounting program really comes in handy.Star to Steer ByJust recording your transactions in a program like Peachtree creates the most important database you’ll ever own–the one with your company’s key financial details. Peachtree also happens to be an excellent container for customer and vendor records, syncing tightly with Microsoft Outlook and Sage Software’s ACT!As transaction information piles up, standard Peachtree reports will let you compare your performance to those of competitors or industry averages kept by organizations like the Risk Management Association. RMA’s website is also a good place to find useful standard operating ratios, like an instrument panel to steer your business in the right direction. Before you know it, you’ll be analyzing–something you can’t do if your financial data is sitting on an accountant’s computer.Devra Walker, co-owner of Walker Pharmacy & Gifts in Statesboro, Georgia, has an even better approach. She manages her own books with the help of in-house data-entry staff and uses an outside accountant to double-check them, file taxes and act as a sounding board. Peachtree 2007’s improved access privilege system facilitates this kind of close-but-safe relationship.A CPA herself, Walker, 45, needs quick data access because she and her husband, Lindsay, 47, manage eight separate business units with combined annual sales of $8 million and a 60-employee payroll. Peachtree lets her roll up the accounts of all her units when preparing payroll or financial statements, but isolate their performance milestones when meeting with her unit managers.That kind of strong reporting gets stronger still in Peachtree Premium 2007 and the new Peachtree Quantum 2007, says Dean Penderghast, certified Peachtree consultant with Anaheim, California, Sales Automation Services Inc. Premium and Quantum use Pervasive’s 32-bit data engine–it holds more data per record and delivers it faster than the 16-bit Btrieve engine in other Peachtree versions. Quantum can also juggle still-larger databases and more simultaneous users than Premium.One Bean, Two Beans.Companies needing high-level data management and reporting include mixed product/service businesses like contractors, architects–anyone tracking jobs or projects. It’s particularly critical to the margins of manufacturers, wholesalers, retailers and e-tailers who face the twin challenges of costing and managing large inventories.For example, Paula Gilliland, a Roswell, Georgia, accounting consultant and owner of e-commerce site PocketScope.com, uses Peachtree to orchestrate the comings and goings of thousands of parts and assemblies for her $900,000 medical instrumentation business and one client’s large inventory. Many parts are used in several different subassemblies, and if there’s a failure, Gilliland, 44, has to quickly find the bad part among hundreds of similar subassemblies, see if it’s under warranty and arrange a replacement.Keeping too much of something increases carrying costs and, maybe, capital costs. Keeping too little can increase handling and shipping costs, or cost you customers. Both erode margins, so Gilliland leans heavily on Peachtree reports when trying to arrive at just the right inventory mix. The difficulty of this task was underscored recently when Intel had 38 percent shaved off its quarterly profits primarily because it didn’t sync up inventory and sales. If it can happen to a company with Intel’s market experience and business resources, think how easily it could happen to a smaller, product-oriented business.Of course, not every growing business faces these kinds of challenges. But if you do, you could fare worse than Peachtree’s tools. After 30 years of use by companies with 100 or fewer employees, they’re pretty well-honed.How peachy is peachtree 2007?Pros: Fast and easy to use with a degree of record detail unique in its class. A new interface brings key business barometers forward on a home page, while tabs permit quick hops to other modules. There’s new flexibility in budgeting, cash-flow analysis and the use of lists and custom data fields. Formatting, formulas and lists are maintained when you swap data with Microsoft Excel or Outlook.Cons: None. But Peachtree may be more program than you need if you sell services exclusively, or only one or two people need simultaneous access to your books.Mike Hogan is Entrepreneur’s technology editor. Register Now » July 1, 2006 Attend this free webinar and learn how you can maximize efficiency while getting the most critical things done right.last_img read more

Read More

uBlock Origin Extra extension for Chrome

first_imguBlock Origin Extra extension for Chrome by Martin Brinkmann on January 23, 2017 in Google Chrome – 11 commentsThe Google Chrome extension uBlock Origin Extra adds anti-content blocking capabilities to the popular uBlock Origin extension for Chrome.uBlock Origin is probably the best content blocker for the Google Chrome web browser at this point in time.The extension is updated regularly, and very powerful when it comes to content blocking thanks to options to add your own rules, and to download rules using various lists.The rise of ad-blocking makes the advertisement driven business model less viable with every passing month. Companies began exploring options, from hiding content behind paywalls, asking for donations or subscriptions, to earning money through native advertisement.Another option that more and more companies seem to consider is to implement anti-ad-blocking technologies. Designed to either block access if ad-blockers are detected, or to display ads to users even if ad-blockers are used.uBlock Origin ExtraThe Chrome extension uBlock Origin Extra is a companion application for uBlock Origin. It is designed to add capabilities to work around anti-blocking technologies. It does nothing when installed as a standalone extension, but improves uBlock Origin’s capabilities when it is also installed in Chrome.It adds an icon to the Chrome toolbar, but the icon has no real function. You can hide it to the menu. There are not any options either, it runs automatically without need to configure anything.The extension provides uBlock Origin with information on WebSocket connection attempts. These can be filtered, and they are also logged.Another method that is used by sites is to use the WebRTC API to bypass content blockers. Recent versions of uBlock Origin Extra block these sites from using WebRTC for that purpose.You can check manually if sites use WebRTC by loading chrome://webrtc-internals/.The third and final option that it adds is that it deals with Instart Logic code running on websites. According to gorhill, the creator of ublock, the technology disguises third-party network requests as first party requests.Closing WordsSo should you install uBlock Origin Extra besides uBlock Origin? It depends. If you run into sites that implement anti-ad-blocking technologies that don’t go away when you install the  anti-adblock killer and adblock warning removal list, then you may give it a try as it may remove ads that are still displayed then in the browser.As always, please consider supporting sites that you visit regularly either by disabling the ad-blocker, or by helping out in other ways. Check out our support page for additional information.Summary12345 Author Rating4.5 based on 23 votes Software Name uBlock Origin ExtraSoftware Category BrowserLanding Page https://github.com/gorhill/uBO-Extra Advertisementlast_img read more

Read More

How to secure a private cloud using IAM

first_imgIn this article, we look at securing the private cloud using IAM. For IAM, OpenStack uses the Keystone project. Keystone provides the identity, token, catalog, and policy services, which are used specifically by  OpenStack services. It is organized as a group of internal services exposed on one or many endpoints. For example, an authentication call validates the user and project credentials with the identity service. This article is an excerpt from the book,’Cloud Security Automation‘. In this book, you’ll learn how to work with OpenStack security modules and learn how private cloud security functions can be automated for better time and cost-effectiveness. Authentication Authentication is an integral part of an OpenStack deployment and so we must be careful about the system design. Authentication is the process of confirming a user’s identity, which means that a user is actually who they claim to be. For example, providing a username and a password when logging into a system. Keystone supports authentication using the username and password, LDAP, and external authentication methods. After successful authentication, the identity service provides the user with an authorization token, which is further used for subsequent service requests. Transport Layer Security (TLS) provides authentication between services and users using X.509 certificates. The default mode for TLS is server-side only authentication, but we can also use certificates for client authentication. However, in authentication, there can also be the case where a hacker is trying to access the console by guessing your username and password. If we have not enabled the policy to handle this, it can be disastrous. For this, we can use the Failed Login Policy, which states that a maximum number of attempts are allowed for a failed login; after that, the account is blocked for a certain number of hours and the user will also get a notification about it. However, the identity service provided in Keystone does not provide a method to limit access to accounts after repeated unsuccessful login attempts. For this, we need to rely on an external authentication system that blocks out an account after a configured number of failed login attempts. Then, the account might only be unlocked with further side-channel intervention, or on request, or after a certain duration. We can use detection techniques to the fullest only when we have a prevention method available to save them from damage. In the detection process, we frequently review the access control logs to identify unauthorized attempts to access accounts. During the review of access control logs, if we find any hints of a brute force attack (where the user tries to guess the username and password to log in to the system), we can define a strong username and password or block the source of the attack (IP) through firewall rules. When we define firewall rules on Keystone node, it restricts the connection, which helps to reduce the attack surface. Apart from this, reviewing access control logs also helps to examine the account activity for unusual logins and suspicious actions, so that we can take corrective actions such as disabling the account. To increase the level of security, we can also utilize MFA for network access to the privileged user accounts. Keystone supports external authentication services through the Apache web server that can provide this functionality. Servers can also enforce client-side authentication using certificates. This will help to get rid of brute force and phishing attacks that may compromise administrator passwords. Authentication methods – internal and external Keystone stores user credentials in a database or may use an LDAP-compliant directory server. The Keystone identity database can be kept separate from databases used by other OpenStack services to reduce the risk of a compromise of the stored credentials. When we use the username and password to authenticate, identity does not apply policies for password strength, expiration, or failed authentication attempts. For this, we need to implement external authentication services. To integrate an external authentication system or organize an existing directory service to manage users account management, we can use LDAP. LDAP simplifies the integration process. In OpenStack authentication and authorization, the policy may be delegated to another service. For example, an organization that is going to deploy a private cloud and already has a database of employees and users in an LDAP system. Using this LDAP as an authentication authority, requests to the Identity service (Keystone) are transferred to the LDAP system, which allows or denies requests based on its policies. After successful authentication, the identity service generates a token for access to the authorized services. Now, if the LDAP has already defined attributes for the user such as the admin, finance, and HR departments, these must be mapped into roles and groups within identity for use by the various OpenStack services. We need to define this mapping into Keystone node configuration files stored at /etc/keystone/keystone.conf. Keystone must not be allowed to write to the LDAP used for authentication outside of the OpenStack Scope, as there is a chance to allow a sufficiently privileged Keystone user to make changes to the LDAP directory, which is not desirable from a security point of view. This can also lead to unauthorized access of other information and resources. So, if we have other authentication providers such as LDAP or Active Directory, then user provisioning always happens at other authentication provider systems. For external authentication, we have the following methods: MFA: The MFA service requires the user to provide additional layers of information for authentication such as a one-time password token or X.509 certificate (called MFA token). Once MFA is implemented, the user will have to enter the MFA token after putting the user ID and password in for a successful login. Password policy enforcement: Once the external authentication service is in place, we can define the strength of the user passwords to conform to the minimum standards for length, diversity of characters, expiration, or failed login attempts. Keystone also supports TLS-based client authentication. TLS client authentication provides an additional authentication factor, apart from the username and password, which provides greater reliability on user identification. It reduces the risk of unauthorized access when usernames and passwords are compromised. However, TLS-based authentication is not cost effective as we need to have a certificate for each of the clients. Authorization Keystone also provides the option of groups and roles. Users belong to groups where a group has a list of roles. All of the OpenStack services, such as Cinder, Glance, nova, and Horizon, reference the roles of the user attempting to access the service. OpenStack policy enforcers always consider the policy rule associated with each resource and use the user’s group or role, and their association, to determine and allow or deny the service access. Before configuring roles, groups, and users, we should document your required access control policies for the OpenStack installation. The policies must be as per the regulatory or legal requirements of the organization. Additional changes to the access control configuration should be done as per the formal policies. These policies must include the conditions and processes for creating, deleting, disabling, and enabling accounts, and for assigning privileges to the accounts. One needs to review these policies from time to time and ensure that the configuration is in compliance with the approved policies. For user creation and administration, there must be a user created with the admin role in Keystone for each OpenStack service. This account will provide the service with the authorization to authenticate users. Nova (compute) and Swift (object storage) can be configured to use the Identity service to store authentication information. For the test environment, we can have tempAuth, which records user credentials in a text file, but it is not recommended for the production environment. The OpenStack administrator must protect sensitive configuration files from unauthorized modification with mandatory access control frameworks such as SELinux or DAC. Also, we need to protect the Keystone configuration files, which are stored at /etc/keystone/keystone.conf, and also the X.509 certificates. It is recommended that cloud admin users must authenticate using the identity service (Keystone) and an external authentication service that supports two-factor authentication. Getting authenticated with two-factor authentication reduces the risk of compromised passwords. It is also recommended in the NIST guideline called NIST 800-53 IA-2(1). Which defines MFA for network access to privileged accounts, when one factor is provided by a separate device from the system being accessed. Policy, tokens, and domains In OpenStack, every service defines the access policies for its resources in a policy file, where a resource can be like an API access, it can create and attach Cinder volume, or it can create an instance. The policy rules are defined in JSON format in a file called policy.json. Only administrators can modify the service-based policy.json file, to control the access to the various resources. However, one has to also ensure that any changes to the access control policies do not unintentionally breach or create an option to breach the security of any resource. Any changes made to policy.json are applied immediately and it does not need any service restart. After a user is authenticated, a token is generated for authorization and access to an OpenStack environment. A token can have a variable lifespan, but the default value is 1 hour. It is also recommended to lower the lifespan of the token to a certain level so that within the specified timeframe the internal service can complete the task. If the token expires before task completion, the system can be unresponsive. Keystone also supports token revocation. For this, it uses an API to revoke a token and to list the revoked tokens. In OpenStack Newton release, there are four supported token types: UUID, PKI, PKIZ, and fernet. After the OpenStack Ocata release, there are two supported token types: UUID and fernet. We’ll see all of these token types in detail here: UUID: These tokens are persistent tokens. UUID tokens are 32 bytes in length, which must be persisted in the backend. They are stored in the Keystone backend, along with the metadata for authentication. All of the clients must pass their UUID token to the Keystone (identity service) in order to validate it. PKI and PKIZ: These are signed documents that contain the authentication content, as well as the service catalog. The difference between the PKI and PKIZ is that PKIZ tokens are compressed to help mitigate the size issues of PKI (sometimes PKI tokens becomes very long). Both of these tokens have become obsolete after the Ocata release. The length of PKI and PKIZ tokens typically exceeds 1,600 bytes. The Identity service uses public and private key pairs and certificates in order to create and validate these tokens. Fernet: These tokens are the default supported token provider for OpenStack Pike Release. It is a secure messaging format explicitly designed for use in API tokens. They are nonpersistent, lightweight (fall in the range of 180 to 240 bytes), and reduce the operational overhead. Authentication and authorization metadata is neatly bundled into a message-packed payload, which is then encrypted and signed in as a fernet token. In the OpenStack, the Keystone Service domain is a high-level container for projects, users, and groups. Domains are used to centrally manage all Keystone-based identity components. Compute, storage, and other resources can be logically grouped into multiple projects, which can further be grouped under a master account. Users of different domains can be represented in different authentication backends and have different attributes that must be mapped to a single set of roles and privileges in the policy definitions to access the various service resources. Domain-specific authentication drivers allow the identity service to be configured for multiple domains, using domain-specific configuration files stored at keystone.conf. Federated identity Federated identity enables you to establish trusts between identity providers and the cloud environment (OpenStack Cloud). It gives you secure access to cloud resources using your existing identity. You do not need to remember multiple credentials to access your applications. Now, the question is, what is the reason for using federated identity? This is answered as follows: It enables your security team to manage all of the users (cloud or noncloud) from a single identity application It enables you to set up different identity providers on the basis of the application that somewhere creates an additional workload for the security team and leads the security risk as well It gives ease of life to users by proving them a single credential for all of the apps so that they can save the time they spend on the forgot password page Federated identity enables you to have a single sign-on mechanism. We can implement it using SAML 2.0. To do this, you need to run the identity service provider under Apache. We learned about securing your private cloud and the authentication process therein. If you’ve enjoyed this article, do check out ‘Cloud Security Automation‘ for a hands-on experience of automating your cloud security and governance. Read Next: Top 5 cloud security threats to look out for in 2018 Cloud Security Tips: Locking Your Account Down with AWS Identity Access Manager (IAM)last_img read more

Read More

test

first_imgtestlast_img

Read More

US filmmaker offers roadmap to boost local industry

first_imgGreece is luring foreign filmmakers with tax incentives. Cyprus is poised to do the same. Hollywood cinematographer Steven Bernstein explains how it could workBy Theo PanayidesSteven Bernstein is a man with a plan – or a man with a dream, as they say in the movies. His dream is indeed movie-related, hoping to kick-start local film industries (and substantially enrich local economies) by bringing international film productions to Greece, and potentially Cyprus.Who is this 63-year-old American? Here, in his own words – as we speak on the sidelines of the Cyprus Film Days festival – is how he was described by the vice-governor of the Cyclades, when that local luminary asked him to expound on his theories for attracting investment:“Look, Mr. Bernstein,” said the vice-governor, as paraphrased by Bernstein, “you’ve worked around the world, worked on over 100 feature films, shot 40 of them, directed two, directed television, directed 100 commercials, shot over 100 music videos, wrote the biggest-selling textbook about film production ever written” – this book is called simply Film Production; the second edition came out in 1994 – “you’ve lectured around the world, and you’ve been at the inception of film industries in Vancouver, in New Mexico, in Atlanta, in New York, in Connecticut, in London. What’s common to them? What can we do here, in Greece [or Cyprus], to build a film industry?”We’ll get to that in a moment – but first, let’s confirm that Bernstein does indeed have an impressive pedigree. He spent years as a successful Hollywood cinematographer, shooting trashy comedies but also, for instance, Monster, for which Charlize Theron won an Oscar. Then, at the age of 50, he decided on a radical life-change, giving up his lucrative career to write and direct two fairly uncommercial, not to say idealistic films: Decoding Annie Parker (2013), a true tale of breast-cancer researchers, and the recent Dominion, about the final days of the poet Dylan Thomas.He also embarked on another project, which is where the vice-governor of the Cyclades comes in. For the past few years, Bernstein has been building a film school (now up and running) and film studio (“getting closer”) on the island of Syros, just west of Mykonos, which is part of a grander plan to attract foreign investors and help the Greek film industry, whose state-subsidy system has been badly hamstrung (as it has in Cyprus) by recession and cost-cutting.The crux of the plan is simple: tax incentives, also known as ‘tax credits’ or ‘tax rebates’ – though in fact the name is misleading. A tax credit can sometimes be assigned to someone with a high tax exposure in the country in question, who’ll then set it against their tax. Most of the time, however, when the beneficiary is a foreign company which pays no tax in (say) Cyprus, the tax incentive is essentially a gift: if the company spend €10 million in Cyprus, the government gives them €2.5 million back (most tax rebates are in the 25-30 per cent range).“Surely they’re just throwing money away?” exclaims Bernstein, playing devil’s advocate – but in fact there are compensations. “When a movie comes to an area, tourism goes up 20-30 per cent, always. You have to employ local labour, always.” Movie stars spend money when they decide to go sailing or buy local property. Local carpenters are hired to build sets. Local drivers and electricians get jobs on the crew. And of course the other €7.5 million (or whatever) is spent in the local economy, without having to be refunded. Based on his experience of other countries, there’s always a 3:1 or 4:1 ratio of money earned: money expended, he claims – “and it always works. Virtually every place in the world that’s tried it, it’s worked”.None of this is news to our government, which announced its own tax-incentive scheme last September (Bernstein met with government officials during his time here). But there’s still an important question left unanswered, namely: ‘Will our scheme merely result in money ending up in the economy, or will it actually help the local film industry?’. The Film Directors’ Guild of Cyprus have already protested that the criteria in the current plan are too strict, setting a threshold that excludes most Cypriot producers. Given the size of our industry, this may be inevitable. But it would surely be ironic if Cyprus became a destination for film production without any benefit to local filmmakers, even indirectly.Bernstein’s dream is to use the scheme in Greece (which also changed its tax law last year, introducing incentives) to create and nurture a local crew base. His film school – which is free to Greeks, though he hedges when I ask if he plans to extend this to Cypriots – is one plank in the scheme, hopefully churning out graduates who can work on the foreign productions attracted by incentives.The second plank is so-called ‘shadowing’. “No American will come [to Greece] and work without a Greek working next to them”, he explains, the idea being that those Greeks will eventually be hired on their own merits; after three or four projects, “I’m hoping it’ll be all-Greek crews”. This is what happened in Vancouver, and soon resulted in all-Canadian crews (granted, there was no language barrier) – and of course, once locals have experience, contacts and some kind of regular employment in foreign productions, they’ll be much better placed to create their own films, without constantly sucking at the teat of the state.The details of our own, Cypriot scheme have yet to be fully revealed (it still awaits final approval by the Commissioner for State Aid Control). On the face of it, it seems quite promising, obliging foreign productions to employ some local crew – a minimum of five or six persons, including some ‘above the line’ (i.e. in key positions), albeit without any systematic shadowing as described by Bernstein – in order to qualify for the rebate. That said, the fact that it’s being driven mainly by the Cyprus Investment Promotion Agency (Cipa), which will implement the scheme and launch a website, makes it abundantly clear that the purpose behind it is business, not culture.The awkward truth at the heart of this story is that insisting on a role for the local industry inevitably makes a country’s incentives less attractive, and places them at a disadvantage to other countries. Admittedly, almost all countries insist on such a role, so the disadvantage isn’t great – but different countries insist in different ways. “If you don’t want to follow the rules, don’t bring your film to Cyprus!” says Bernstein, envisioning how a proper tax-incentive scheme would work – but would our own, cash-hungry country stand up to investors like that? Or would we succumb and make exceptions, for the sake of a quick buck?Steven Bernstein’s dream is slightly paradoxical, insofar as his two aims – helping local filmmakers and enriching the local economy – are slightly at odds with each other. We’ll know soon enough if the Cypriot tax-rebate scheme matches his idealism. The point, he explains, is to “find a balance between things that generate income but also do good. If you can do good while generating profit, you please both investors and yourself”. Amen to thatYou May LikeFreedom Debt ReliefPeople In Heavy Debt Are In For A SurpriseFreedom Debt ReliefUndoLivestlyChip And Joanna’s $18M Mansion Is Perfect, But It’s The Backyard Everyone Is Talking AboutLivestlyUndoPlarium I Vikings: Free Online GamePlay this for 1 minute and see why everyone is addictedPlarium I Vikings: Free Online GameUndo Pensioner dies after crash on Paphos-Polis roadUndoThe Deniz boat incident showed clearly the intentions of the Turkish sideUndoVarosha move merely a ‘PR stunt’ by Ozersay, expert saysUndoby Taboolaby Taboolalast_img read more

Read More