Ethereum VM May Have Vulnerability

The vulnerability is reported by NettaLab Twitter account
12 November 2018   282

On November 9, a statement appeared in Netta Lab’s Twitter account that the organization discovered a vulnerability in the Ethereum virtual machine that allows to execute smart contracts endlessly without paying for gas online. The researchers also allegedly turned to the operator of the American database of vulnerabilities, where they registered the corresponding discovery.

Netta Labs discovered an Ethereum EVM vulnerability, which could be exploited by hackers. The vulnerability can cause smart contracts can be executed indefinitely without gas being paied.
 

Netta Lab's Twitter

At Netta Lab's request, Google demonstrates the site of the netto.io project, which specializes in auditing smart contracts under the Netta Lab brand, but the Twitter accounts of the projects do not match. Note that the profile that reported the vulnerability was registered in November.

Many users expressed doubts about the authenticity of the information that appeared, but then the creator of the NEO project Da Hongwei said that he spoke with the CEO of Netta Labs and asked the researchers to audit the NEO virtual machine.

Nevertheless, Vitalik Buterin wrote on Reddit that this is a vulnerability in the Python-implementation of the virtual machine, which was first reported on GitHub 9 days ago. This means that the main clients (go-ethereum; parity and cpp-ethereum) are not affected.

Facebook to Release PyTorch 1.0

This release added support for large cloud platforms, a C ++ interface, a set of JIT compilers
10 December 2018   102

Facebook has released a stable version of the library for machine learning PyTorch 1.0. This iteration added support for large cloud platforms, a C ++ interface, a set of JIT compilers, and various improvements.

The stable version received a set of JIT compilers that eliminate the dependence of the code on the Python interpreter. The model code is transformed into Torch Script - a superstructure over Python. Keeping the opportunity to work with the model in the Python environment, the user can download it to other projects not related to this language. So, the PyTorch developers state that the code processed in this way can be used in the C ++ API.

The torch.distributed package and the torch.nn.parallel.DistributedDataParallel module are completely redesigned. torch.distributed now has better performance and works asynchronously with the Gloo, NCCL and MPI libraries.

The developers added a C ++ wrapper to PyTorch 1.0. It contains analogs of Python interface components, such astorch.nn,torch.optim, torch.data. According to the creators, the new interface should provide high performance for C ++ applications. True, the C ++ API is still experimental, but it can be used in projects now.

To improve the efficiency of working with PyTorch 1.0, a Torch Hub repository has been created, which stores pre-trained models of neural networks. You can publish your own development using the hubconf.py file, after which the model will be available for download by any user via the torch.hub.load API.

Support for C extensions and the module torch.utils.trainer were removed from the library.

Facebook released the preliminary version of PyTorch 1.0 at the beginning of October 2018, and in two months the developers brought the framework to a stable state.