Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
################################### Multi-threaded Optimization Toolbox ################################### The Multi-threaded Optimization Toolbox (MOT) is a library for parallel optimization and sampling using the OpenCL compute platform. Using OpenCL allows parallel processing using all CPU cores or using the GPU (Graphics card). MOT implements OpenCL parallelized versions of the Powell, Nelder-Mead Simplex and Levenberg-Marquardt non-linear optimization algorithms alongside various flavors of Markov Chain Monte Carlo (MCMC) sampling.
For the full documentation see: https://mot.readthedocs.org
Can MOT help me?
MOT can help you if you have multiple small independent optimization problems. For example, if you have a lot of (>10.000) small optimization problems, with ~30 parameters or less each, MOT may be of help. If, on the other hand, you have one big optimization problem with 10.000 variables, MOT unfortunately can not help you.
Example use case
MOT was originally written as a computation package for the Microstructure Diffusion Toolbox <https://github.com/robbert-harms/MDT>
_, used in dMRI brain research.
In diffusion Magnetic Resonance Imaging (dMRI) the brain is scanned in a 3D grid where each grid element, a voxel, represents its own optimization problem.
The number of data points per voxel is generally small, ranging from 30 to 500 datapoints, and the models fitted to that data have generally
somewhere between 6 and 20 parameters.
Since each of these voxels can be analyzed independently of the others, the computations can be massively parallelized and hence programming
in OpenCL potentially allows large speed gains.
This software toolbox was originally built for exactly this use case, yet the algorithms and data structures are generalized such that any
scientific field may take advantage of this toolbox.
For the diffusion MRI package MDT to which is referred in this example, please see https://github.com/robbert-harms/MDT.
Summary
Links
PyPi <http://badge.fury.io/py/mot>
_Quick installation guide
The basic requirements for MOT are:
Linux
For Ubuntu >= 16 you can use:
sudo add-apt-repository ppa:robbert-harms/cbclab
sudo apt update
sudo apt install python3-pip python3-mot
sudo pip3 install tatsu
For Debian users and Ubuntu < 16 users, install MOT with:
sudo apt install python3 python3-pip python3-pyopencl python3-devel
sudo pip3 install mot
Mac
pip install mot
Windows For Windows the short guide is:
pip install pyopencl
, this requires:
NVidia CUDA <https://developer.nvidia.com/cuda-downloads>
_ or Intel OpenCL SDK <https://software.intel.com/en-us/intel-opencl>
_ or the AMD APP SDK <http://developer.amd.com/tools-and-sdks/opencl-zone/amd-accelerated-parallel-processing-app-sdk/>
_)pip install mot
For more information and for more elaborate installation instructions, please see: https://mot.readthedocs.org
Caveats
There are a few caveats and known issues, primarily related to OpenCL:
FAQs
Multi-threaded Optimization Toolbox
We found that mot demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.