Critical Vulnerability to be Fixed in Kubernetes 1.13

Issue allowed to get full control over the cluster of containers
06 December 2018   109

Kubernetes 1.13 released, in which developers have eliminated the vulnerability of the illegal privilege escalation. The bug allowed to get full control over the cluster of containers.

To exploit the breach, it was necessary to send a specially designed discovery request to the backend API, which left the network connection open. This allowed access to the API server and send arbitrary commands to it. At the same time, the backend perceived requests as being sent by the server.

In addition, all Kubernetes users, including those who failed to authenticate, could use this flaw. As it turned out, the problem "stretches" from version 1.0.

To fix it, you need to update Kubernetes to versions 1.10.11, 1.11.5, 1.12.3 and 1.13.0 or at least block anonymous access to the API using the option --anonymous-auth = false, and also revoke the rights to perform exec operations / attach / portforward.

New Kubernates 1.13 features:

  • The Container Storage interface has been stabilized to create plug-ins for various storage systems. The developers also stabilized a simplified interface for managing the Kubernetes cluster.
  • TAVS container distribution planner, as well as the Kubelet Device Plugin Registration service, which provides access to the Kubelet from plug-ins.
  • An experimental interface for creating plug-ins has been added, which allows integrating third-party monitoring systems into Kubernetes.
  • The status of beta versions was obtained by APIServer DryRun, the Kubectl Diff team and the ability to use local block devices as permanent data stores.
  • The default CoreDNS DNS server is now used.

 

Microsoft to Use AI to Create Human Voice

Synthetic voice is nearly indistinguishable from recordings of people
27 September 2018   690

Researchers from Microsoft recorded computer voice, imitating human speech. To overcome the difficulties of the traditional model, they used neural networks for speech synthesis. Microsoft promises to provide support for 49 languages ​​and the ability to create unique voices for the needs of companies in the near future.

Synthesis of speech with the help of neural networks involves comparing the stress and length (so-called prosody) of the speaker's speech units, as well as their synthesis into a computer voice. In systems of traditional speech synthesis, prosody is divided into acoustic and linguistic analysis, controlled by various models. As a result, the speech is noisy and indistinct. Representatives of Microsoft argue that in the model of neural synthesis two stages are combined into one, so the voice sounds like a real one.

The developers are convinced that the synthesis of speech with the help of neural networks will make it more natural to communicate with virtual interlocutors and assistants. Moreover, it will enable you to convert e-books into audiobooks and will allow you to change the scoring of built-in navigators.

Microsoft Neural TTS
Microsoft Neural TTS

Azure computing power is available for real-time use, and Azure Kubernetes is responsible for this. Simultaneous application of neural synthesis of speech together with traditional speaks about expansion and increase of availability of service. At the moment, there are a female voice named Jessa and a man named Guy.

Microsoft is competing in speech recognition and synthesis technologies with Google, which updated its services in late August 2018. Google Cloud announced the release of a stable API for the synthesis of speech Cloud Text-to-Speech with the experimental function of audio profiles and support for several new languages.