OStatic

Syndicate content
OStatic
Updated: 2 hours 11 min ago

Mozilla CEO Oops, Ubuntu 14.04 Beta, and a GNOME Review

Sat, 29/03/2014 - 3:16am

There didn't seem to be as much variety in the news today but there were plenty of articles about Mozilla CEO Brendan Eich's donation in support of California's Prop. 8. Ubuntu 14.04 Beta was released and OMG!Ubuntu! has a What's New. Red Hat stock took a bit of hit today and Forbes.com is reporting oversold conditions. And finally today, Jack Wallen has a look-see at GNOME 3.10 stable in light of yesterday's GNOME 3.12 release.

There's been a bit of a dust-up over Mozilla co-founder and CEO Brendan Eich donation to support California's Prop 8. Eich has expressed regret for his 2008 donation but now "high profile employees" and users are asking for his resignation. Website The New Civil Rights Movement is reporting that some are even boycotting the Open Source browser in protest too.

In a more upbeat story, Ubuntu 14.04 Beta was released today and OMG!Ubuntu! says "This Is What’s New." Some of the things they highlight include Honing & Polishing, Application Menu Options, and Minimise on Click. See their full story for more on all the new and improved features.

Two updates to some of last night stories appeared this evening. Jack Wallen published his review of GNOME 3.10 inspired by yesterdays GNOME 3.12 release.  He began, "My initial impression of GNOME 3.10 is what I'd imagine Ubuntu Unity would be if Canonical opened up the floodgates of configuration and allowed users to make Unity exactly how they wanted." About GNOME itself he said, "The difference between earlier releases of GNOME Shell and 3.10 (actually 3.9.90) are pretty amazing." See his full review for more.

Today's bonus link is this Forbes.com piece reporting Oversold Conditions For Red Hat. MarketWatch.com says Red Hat stock fell 7% after the report was released.

Related Activities

Related Software Related Blog Posts








Red Hat Serves Up Good Earnings, Updated Virtualization Platform

Fri, 28/03/2014 - 2:53pm

Red Hat is out with a slew of news this week. As Susan covered earlier, the company reported better-than-expected quarterly results, aided by strong subscription growth for its Linux operating system, but also forecast full-year profit following below average analyst estimates. Along with that news, the company announced the Red Hat Enterprise Virtualization 3.4 Beta, which builds on the recent Red Hat Enterprise Virtualization 3.3 release, and aims to automate enterprise virtualization tasks while providing integration with OpenStack.

Red Hat Enterprise Virtualization is an important tool for the company as it seeks to win companies over with its OpenStack platform and surrounding services. Many IT departments want to run hybrid cloud environments and avoid being limited to one or only a few operating systems. That's where solid virtualization is required.

New features in Red Hat Enterprise Virtualization 3.4 Beta include stronger OpenStack integration, enterprise network capabilities enhancements, and advanced manageability of the entire stack.

To learn more about how Red Hat Enterprise Virtualization aligns with your organization’s IT demands, visit www.redhat.com/virtualization and download a fully supported 60-day trial at www.redhat.com/rhev3

As Red Hat continues to align its company strategy around OpenStack and cloud computing, it is also gearing up to host the Red Hat Summit in San Francisco, beginning April 14. It's a big event, and a complete agenda is now available. On the Summit site, you can also watch a good video featuring Red Hat engineers discussing how virtualization and cloud computing will advance together, and you can get the speaker lineup for the Summit.

Related Activities

Related Blog Posts








Mozilla's Thimble and Webmaker Get Nods for Teaching Web Development Skills

Fri, 28/03/2014 - 2:37pm

For a long time now, Mozilla has been quietly pursuing training and educational goals surrounding making people more web literate. One of the company's tools, the Thimble collaborative code editor, which is designed to make it easy for anyone to use HTML, CSS, and Javascript, recently won an award from Common Sense Media for being one of the best educational tools online. Thimble is actually a subset of Mozilla’s Webmaker project, which is aimed at teaching all kinds of web literacy and development skills.

As Lifehacker recently observed:

"Webmaker has three major components—the Thimble interactive, collaborative code editor that demystifies HTML, CSS, and Javascript, and corrects you as you write it (and shows you the results of what you write as you write it), X-Ray Goggles, which lets you view the source of any element on a web page—then change and tweak it to see what effect it would have on a real website, and Popcorn, an HTML5 media tool that shows you how to layer videos, images, audio embeds, and other rich media on web sites."

The folks behind Webmaker also work with a global community of educators, to find open and distributed ways of teaching web literacy on a global scale.  If you're interested in picking up some skills with web development tools, look into Webmaker here. We also covered a number of good open source web development tools and training resources in this post.

Related Activities

Related Software Related Blog Posts








GNOME 3.12 Released, 'Sup Apache, King of Office

Fri, 28/03/2014 - 6:06am

There was so much news today, I couldn't fit it all into one post. Several interesting software topics surfaced today as well. First up, Glyn Moody asks, What's Up with Apache Web Server? Jack Germain test-drove a new Linux office suite. And GNOME 3.12 was released!

GNOME 3.12 was announced today at the home of the foot saying, "The next milestone release in the GNOME 3 series includes many new features, enhancements and updates, as well as new capabilities and APIs for application developers. The new version continues to improve the GNOME 3 user experience and includes many small bug fixes and enhancements."

Some of these include:

  • * A significant update to the experience for finding and installing applications.
  • * Major facelifts for the Videos and gedit applications.
  • * Greater high-resolution display support.
  • * Big updates for the Software and Web applications.
  • * Improved start up times as well as more efficient resource usage.
  • * A new application folders feature, which lets you organize your apps.

3.12 is also a major release for developers, and comes with new interface widgets and APIs, as well as improved documentation.

The release notes have a lot more detail, but The Register says GNOME 3.12 is Pixel perfect ... but homeless. They claim GNOME "is a desktop in search of a Linux distro" and suggest folks roll their own with something like Arch. But then they go into pretty good detail showing users what's new. Muktware.com has a review.

LinuxInsider today ran a piece on the Kingsoft Office Suite whom says they have a Microsoft Office clone for Linux. Germain said since we don't have a decent office suite, you'd think this offering would be a no-brainer. But alas, Kingsoft Software Co. is probably more known for their Windows and Mac versions. "It comes with Writer, Presentation and Spreadsheet" and "the cloning is authentic, even down the Microsoft blue skin." However, before you run out and download your copy, it seems its format support is a tad limited. That kills it for me right there, but Germain concludes, "If you need a well-functioning alternative to other Linux office suites, Kingsoft Office could be a good choice."

Finally today, Glyn Moody asked Jim Jagielski, a founding member of The Apache Software Foundation, "What's Up with Apache Web Server?" The latest Netcraft reports Apache use is falling off more and more. Jageilski puts a positive spin on it, but Moody said he predicted the rise of Nginx, who knocked Apache down a peg or two.

 

Related Activities

Related Blog Posts








Red Hat on the Rise, Fun Fun Makulu, and Whazzup Kernel

Fri, 28/03/2014 - 2:48am

Today's news search turned up quite a bit of data. Red Hat released their quarterly earnings this afternoon and while observers expected good news, some are now reporting not so much. ZDNet.com has two stories of interest today, the first is from Steven J. Vaughan-Nichols reporting on the Linux Collaboration Summit and the other is Jamie Watson's hands-on review of Makulu Linux 5 Xfce. He said it was the most fun as one could have with Linux!

Red Hat released their Fourth Quarter and Fiscal Year 2014 Results quarterly earnings report this afternoon at 5:00 p.m. Eastern time saying their revenue is up 16%, their cash flow is up 35%, and their bank balance is up 18%. It all sounds like good news to me, but Reuters' second update says those numbers were disappointing. Their original title was something like Red Hat results shine as subscription revenue rises 16 pct. Reuters' reports Red Hat said don't expect this kind growth to continue, then the rising stock prices fell a bit. But Investing.com has all kinds of charts and graphs and expert opinions to prove Why Red Hat Will Keep Going Higher.

Steven J. Vaughan-Nichols has a report out (as does our own Sam Dean) on the Linux Kernel Developer Panel that occurred yesterday at the Linux Collaboration Summit. Hackers from SUSE, Facebook, The Linux Foundation, and Jon Corbet from LWN.net were some on the panel to discuss the state of Linux development. Libby Clark over at Linux.com picked out some of the best quotes and some video from the panel for those in a bit of hurry.

And finally today, Jamie Watson asks, "Makulu Linux 5 Xfce: The most fun you can have with Linux?" His summary states, "My first look at this wonderful Debian Testing/Unstable (Jessie/Sid) derivative reminds me of how much fun there can be in Linux." He then said in his text, "Makulu is so much fun I'm going to have a hard time conveying the feeling. I'm pretty sure there are places where it's illegal to have this much fun." I'm gonna have to give that one a real spin.

Related Activities

Related Blog Posts








The Linux Foundation Presents Results of Collaborative Development Study

Thu, 27/03/2014 - 2:57pm

The Linux Foundation has announced the release of its first “Collaborative Development Trends Report,” which presents the results of an invitation-only survey of nearly 700 software developers and business managers about their participation and investments in collaborative development practices. The complete report is now downloadable online, and is released in conjunction with The Linux Foundation Collaboration Summit in Napa, Calif. The report shows strong growth for collaborative development projects and more investments made in them.

According to the announcement: 

"The rise of Linux and open source tools and components in the enterprise software industry over the past decade has been well documented. More recently, a new business model has emerged in which companies are joining together across industries to share development resources and build common open source code bases on which they can differentiate their own products and services. This collaborative approach is transforming industries from cloud computing and the datacenter, to automotive and mobile computing, and creating the next generation of technologies. The Linux kernel community pioneered this approach to software development and their success has helped to inspire the spread of collaborative methods to other industries and technologies."

The report found that ninety-one percent of business managers and executives surveyed ruled collaborative software development somewhat to very important to their businesses. And nearly 80 percent say collaborative development practices have been seen as more strategic to their organization over the past three years. Nearly half of business managers surveyed said they prioritize collaborative development because it allows them to innovate and/or help transform their industry.

Among business managers and executives, 44 percent said they would increase their investments in collaborative software development in the next six months; 42 percent said they would sustain their current investment, and no one reported they would decrease their investment. Sixty-three percent of software developers surveyed said they spend more time now on collaborative software development, compared with five years ago. And 59 percent reported increased participation in collaborative software development in the last year.

“Linux is the largest collaborative development project in the history of computing and has paved the way for other collaborative efforts to accelerate technology advancements and dramatically reduce research and development costs,” said Jim Zemlin, executive director at The Linux Foundation, in a statement. “These collaborative development practices are dramatically disrupting the way technologies are built and distributed, and the new Collaborative Development Trends Report helps inform how and what we can expect in the coming months.”

It should be noted that many companies polled in the survey were large technology companies, where you would expect familiarity with collaboration as a development model. The companies included Cisco, Fujitsu, HP, IBM, Intel, Google, NEC, Oracle, Qualcomm and Samsung.  

Related Activities

Related Blog Posts








Google Chrome Taking on New Music and Voice Features

Thu, 27/03/2014 - 2:47pm

The Google Chrome browser is putting on some new moves. We've already covered the fact that with the latest version of Chrome, you can search by voice on Google—no typing or clicking required.The browser also has a new feature that makes it easier for users to import and upload music into its Google Play Music service, including dragging and dropping tracks from Apple’s iTunes into Google Music. And finally, Google is rolling out Google Now notifications to users of its browser on Microsoft Windows and Apple's OS X.

As noted on Engadget:

"Google has finally enabled uploading tracks to its Play Music service through a browser, but for now, you'll need to flip the switch yourself. In the Labs section of the menu, there's an option for Google Play Music for Chrome. Ticking the appropriate box will allow for both drag-and-drop and manual song additions without the need to use that less than stellar Music Manger. Clicking the "Add Music" button at the top of the UI will also give you the option to choose folders that you'd like synced automatically."

"If you use Google Now on your mobile device, you can see certain Now cards on your desktop computer if you're signed into Chrome, including weather, sports scores, commute traffic, and event reminders cards," the company also said in a support document online.

The cards will already be familiar to iOS and Android users who have taken advantage of Google Now alerts. The cards deliver notifications that  appear on the desktop and you have to be signed into your Google account to get them, so they are another way that Google is tying users to its ecosystem of services.

Meanwhile, both Chrome and Chrome OS are getting voice search features. To use the feature, you open a new tab or visit Google.com in Chrome, say "Ok Google," and then start speaking your search. This is being rolled out progressively to users on Windows, Mac and Linux.

Google has been steadily working on Voice Search for some time, and is likely increasing its focus on speech recognition since hiring Ray Kurzweil as head of engineering. Kurzweil is a seasoned veteran in the speech recognition field. We covered these features previously in this post

Related Activities

Related Software Related Blog Posts








Windows Deletes Linux, Ubuntu's Unmentionables, & the Max

Thu, 27/03/2014 - 3:26am

Today in Linuxland a dual-booter is reporting that his latest Windows update deleted his GRUB boot loader and turned on secure boot. Bruce Byfield says Ubuntu's conflicts with the community are less about the issues and more about user disappointment. And finally, lots of sites are reporting that a new browser has added Linux support.

Sahil Kalloli over at Muktware.com is reporting that a user on Reddit is claiming that a regular weekly Windows update "deleted the GRUB boot loader and set UEFI to secure boot." Then the guy got the basic runaround from Microsoft (of course). After that the user says "now there are three different windows boot loaders besides the Linux entry, each on a different partition that wasn’t there before. Apparently, they have found a new way to fragment your disks entries besides the Linux." Man oh man.

Lots of folks are covering the release of Maxthon "cloud browser" for Linux. This report at TechCrunch quotes VP Karl Mattson saying, "If people haven’t taken a look at Linux for a while, they should take a second look because it’s a great product. The chorus of people emailing us asking for Linux has gotten a lot louder."

"Maxthon Cloud Browser for Linux brings high performance and seamless browsing along with it's core values of speed and a great out of the box experience," explains Maxthon.com. The changelog for today's 1.0.0.10 release lists some of the new features. These include new interface design, Drag & Drop, and mouse gestures.

Bruce Byfield said today, "I suspect that the community is less jealous of Ubuntu and Canonical than disappointed. From its earliest days, Ubuntu promised to transform free software, yet somehow that has never happened." Shuttleworth's dictatorship contributed to the animosity, but Byfield says it was necessary to "ready Ubuntu for commercial purposes." The community became obsolete for him saying, "This is not a democracy." Byfield then says, "Shuttleworth stifled complaints by asserting his authority." He concluded, "The bottom line is that Ubuntu and Canonical's relationship with the rest of free software is severely dysfunctional." See the full article for more.

Today's bonus topics are Open Source Isn't Just For Developers Anymore and Why is Steam down so much lately?

Related Activities

Related Software Related Blog Posts








Apache CloudStack 4.3 Supports Microsoft's Hyper-V Virtualization

Wed, 26/03/2014 - 3:04pm

The Apache Software Foundation has announced the arrival of version 4.3 of the CloudStack cloud computing platform, which offers a lot of new features and includes support for Microsoft's Hyper-V virtualization hypervisor.  This release is the first big update to CloudStack since the 4.2 release debuted in October. CloudStack is an open source project that Citrix donated to the Apache Software Foundation, and Citrix also sells and supports a commercial arm of the platform.

The new version of CloudStack also supports Dynamic Compute, which facilitates tenants when creating instances. Notably, according to eWeek, CloudStack project leaders are also looking into supporting Docker container virtualization technology.

The commercial arm of CloudStack that Citrix focuses on has also won the support of major vendors including Cisco, CA and NetApp, all of whom have announced significant investments in the platform. While CloudStack doesn't draw as many headlines as OpenStack, Citrix officials regularly point out that it is highly popular, as seen in this post:

"CloudStack continues to gain rapid adoption with large scale deployments around the world, both with major service provider and enterprise customers. While you might not realize it from reading the press releases, CloudStack is far and away the most widely deployed open source platform in the cloud. It’s not even a close race. While other platforms have lots of 'PR wins,' very few have been successful in real deployments."

It's good to see a powerful and experienced open source steward like the Apache Software Foundation moving the open source CloudStack platform along. Apache, of course, has a sterling reputation for creating and scaling mature, dependable open source applications and platforms. 

With its new support for Hyper-V, CloudStack currently supports most of the popular hypervisors. VMware, KVM, XenServer, and Xen Cloud Platform (XCP) are all supported as well.

Dynamic Comput

 

Related Activities

Related Blog Posts


    





Hortonworks' $100 Million Infusion Heralds Big Open Source Opportunities

Wed, 26/03/2014 - 2:50pm

Hortonworks, the company focused on the open source Big Data crunching platform Hadoop, has been making waves for some time now, and now the company has announced that it has raised a whopping $100 million in an investment round led by BlackRock and Passport Capital managed funds. The company was formed in 2011, and previously got a hefty $120 million round of financing. Even more notably, this level of funding for Hortonworks, along with a number of other cash infusions for companies focused on open source, is being heralded as a "perfect storm" moment for commercial open source.

Mike Volpi, partner at Index Ventures, has a column up on Recode where he uses the "perfect storm" imagery to characterize the unprecedented financial welcome that commercial open source companies have now:

"Open source, by its very nature, is communal, free or low-cost, hacker-driven, and even anarchist in its approach. So, at first glance, it may seem counterintuitive that a free movement for the “common good” could form the basis for a highly profitable industry. Up until this year, Red Hat was one of the few open source companies with a market capitalization in the billions, but we are already seeing more open source success stories with Hortonworks, Elasticsearch and many others."

Volpi also notes that open source creations and development models have matured and are "cheap but robust, easy to use, but also technically advanced."

The other trend boosting companies focused on commercial open source is that the monetization model that surrounds branching a commmercial offering out from a pure open source project is proven. "Open source companies can also charge for consulting, training, service, connectors and components, much like SaaS vendors do," writes Volpi. 

That business model, of course, was pioneered by Red Hat, which became the first billion dollar a year company focused purely on open source. 

As for Hortonworks, it is benefiting from the fact that in enterprises, as well as small businesses, the Big Data trend--sorting and sifting large data sets with new tools in pursuit of surfacing meaningful angles on stored information--is on the rise. The company has said that it plans to use its new cash infusion to scale its business, which already includes training and support for its own distribution of Hadoop.

Related Activities

Related Blog Posts


    





Piston's Josh McKenty Weighs In on OpenStack Compatibility, Market Saturation

Tue, 25/03/2014 - 3:11pm

There are some interesting discussions going on regarding the OpenStack cloud computing platform and industry standards. Last August, we covered former Microsoftie and noted tech blogger Robert Scoble's Google+ post saying that OpenStack would be sidetracked by any attempt to build in API compatibility with Amazon Web Services (AWS).  Meanwhile, VMware CEO Pat Gelsinger said that the OpenStack platform is "immature," in terms of standards.

Now, in a discussion with Forbes, Piston co-founder Josh McKenty is discussing the standards issue, and compatibility, in more depth.

McKenty was, of course, one of the initial project drivers for OpenStack, and he knows the platform's roots as well as its roadmap. There have been many recent initiatives surrounding structured compatibility testing for OpenStack, and Red Hat, among others, is certifying technologies for compatibility with OpenStack.

Forbes notes the following:

"The very value proposition of the initiative is that it is a common platform and hence there should  be high levels of compatibility. Indeed in its briefing materials for the latest release, Piston is quick to point out that since they use an unmodified OpenStack core, there are no interoperability issues. McKenty pointed out that there is an existing Interoperability Committee of which both he and Mirantis CEO Boris Renski sit on. The existence of OpenStack’s DefCore committee that is charged with defining and promulgating what is actually the “OpenStack Core” also helps with compatibility clarity – the Refstack project creates both a reference OpenStack environment and a certification process for OpenStack service and product vendors – how much certification does one initiative need?"

In all likelihood, with IT departments everywhere pledging to deploy OpenStack this year or very soon, there are going to be high demands for proof of compatibility.

McKenty also notes in the Forbes interview that there are too many players in the OpenStack ecosystem, and some are likely to fall by the wayside, a point I made in this postThere are observers who are concerned that the market is now becoming flooded with distributions and companies supporting them, which could become a detriment to those who deploy them later. Granted, there are some important points of differentiation among the OpenStack service providers. For example, some are very focused on public cloud services and some are focused on private clouds. Players like Red Hat are adamant that hybrid clouds will rule the day.

But technology history shows us that consolidation occurs around emerging platforms, and we're likely to see quite a bit of that as this year plays out. McKenty makes the good point that many of the OpenStack distribution providers are "chasing the same customers."

 

Related Activities


    





JavaScript Guru Brendan Eich Takes the Reins at Mozilla

Tue, 25/03/2014 - 2:55pm

Brendan Eich, formerly CTO of Mozilla and famous as the creator of JavaScript, has been named CEO at Mozilla, in a move that signals how seriously Mozilla is shifting toward a mobile-first strategy emphasizing Firefox OS. The Mozilla Board of Directors made the announcement, and also said that Li Gong will be named Chief Operating Officer and will take on a number of functionsunder his organization including Cloud Services, IT, Marketplace, Mobile & Research, and Platform Engineering.

Mitchell Baker, one of the most public faces at Mozilla, will remain Executive Chairwoman and Jay Sullivan, who was acting CEO during a transition period, will stay on for a short period and then leave for other opportunities.

Brendan Eich has posted his own blog post about his new role, where he writes:

"Mozilla is about people-power on the Web and Internet — putting individual users, who create as well as consume, above all other agendas. In this light, people-fu trumps my first love, which you might say is math-fu, code-fu or tech-fu (if I may appropriate the second syllable from kung fu). People around the world are our ultimate cause at Mozilla, as well as source of inspiration and ongoing help doing what we do."

"Mozilla remains a global public benefit organization, so I’m sure I will see all of you more as I travel: to all of our offices (I have not yet been to Beijing or Taipei), to the places where we are bringing Firefox OS and the $25 smartphone, and everywhere Mozillians, developers, and others are working to make the Web better for everyone."

Notably, Eich's post mentions Firefox OS multiple times, and $25 smartphones, but they are the only technologies discussed. If you had any questions about how focused Mozilla is on Firefox OS and its mobile strategy, those questions should be clearing up now.

 

Related Activities

Related Software Related Blog Posts


    





Reviews, Indecent Proposal, and Ubuntu Graduation

Tue, 25/03/2014 - 3:34am

Today brings two new reviews. Jesse Smith reviews Linux Mint Debian Edition 201403 in today's Distrowatch Weekly and Jamie Watson posts his latest hands-on. Steven J. Vaughan-Nichols says folks don't care about operating systems anymore. Matt Hartley has a few suggestions for those ready to graduate from Ubuntu. All this and more in tonight's Linux news review.

Jesse Smith tested the latest LMDE in this week's Distrowatch Weekly. He found a few bugs but Smith says it "lives up to its description" of having "rough edges." With all its "nasty surprises" Smith suggests folks just stick with the Ubuntu-based version of Mint. But see his full review for all the details.

Speaking of Ubuntu, Matt Hartley today posted several "solid Ubuntu alternatives for those of you looking to graduate to something new." Covering a few key demographics, he suggests Arch for the do-it-yourself types and Debian for those wanting stability. See that full post for the rest of his picks.

Also, speaking of Mint, Nick Heath is reporting that the MintBox 2 are all sold out in Europe. They say, "Interest in the device has led to machine selling out through amazon.de, but CompuLab says a new batch of computers will be available through the website from 31 March." More on that at ZDNet.com.

Inspired by the suggestion that Microsoft should buy Red Hat, bloggers took the blogowaves and Katherine Noyes has the highlights. Some include users not trusting Microsoft and that Microsoft already owns SUSE. Others noted that Red Hat isn't for sale and other say the article was surely "linkbait."

Bonus articles of possible interest include Taking Red Hat Linux to the next level, Who needs operating systems anymore? Not you., and Hands-On: Zorin OS 8 Linux.

Related Activities

Related Software Related Blog Posts


    





Patching and Docker

Tue, 25/03/2014 - 1:46am

Keeping Linux servers up to date in a production environment hasn't gotten any easier, but the importance of the process has certainly been illustrated recently. As reported by Ars Technica, Cisco, ZDNet, and thousands of other sites around the Internet, Linux has had a bit of bad press lately relating to security. It is easy to point at the sysadmins who allowed their servers to stay online for nearly two years without patches and say that they are causing harm to the Internet, but to come to a sysadmin's defense, they are rarely the ones saying that patches shouldn't be put on.

There are three things that are always on a sysadmin's mind: uptime, stability, and security. Unfortunately, two of the three are almost always at odds with the third. Uptime and stability often go hand in hand, but the ever changing arena of security introduces a system of constant change into the environment. Sysadmin's are being asked to build systems that are bullet proof, highly available, and reliable... but also to have the latest cool feature or application that the developers want to take advantage of. Systems need to be spun up at the drop of a hat, and they need to be the same as systems that have been working in production for the past several years. Any changes, especially in large "enterprise" environments are carefully scrutinized, tested, and scheduled far in advance, and if need be, the scheduled changes are scrapped in the name of continued uptime. Until it is their name in the paper, businesses rarely put security at the top of their list of priorities.

And why should they have to? Most are in business to make money, after all, and if they wisely chose Linux over proprietary Unix or Windows they are looking for stable, supported platforms. Perhaps the real answer to keeping Linux servers up to date is to upgrade the system each and every time the developers push new code to the server. In traditional server setups, this would be impossible, but with Docker and Linux containers a system for security starts to take shape.

If one of the commands to build a Docker container is "yum update -y" or "apt-get upgrade", that container is going to get all the freshest patches every time it is built. Assuming that a system is put in place to ship the entire application as a container, and each push to production is a new container, that container would always have the latest code. Using a system like this, the Docker containers have the latest and greatest features, as well as the latest patches, while the underlying system remains on a strict upgrade schedule, completely separate from the application container. Flexibility and stability. The impact of Docker hasn't really been felt in the Enterprise yet, but I have a feeling that it is going to be huge.

Using Docker containers to keep systems up to date makes the process of patching a server nearly obsolete. Of course, the base system will need to be kept up to date as well, but since it should be inaccessible from the Internet, the attack vector is much smaller. Hopefully, this should keep the programmers happy, and let the sysadmins get a good night's sleep.

Related Activities

Related Software Related Blog Posts


    





Facebook Releases Open Source Hack Language to Improve on PHP

Mon, 24/03/2014 - 3:12pm

Facebook has released a new open source language, called Hack, that integrates with the popular PHP language and includes many of the safety features in older languages such as C++. You can try Hack now at http://hacklang.org/ During the past year, Facebook has been converting nearly its entire PHP code base to Hack.

According to a post on Hack:

"Today we're releasing Hack, a programming language we developed for HHVM that interoperates seamlessly with PHP. Hack reconciles the fast development cycle of PHP with the discipline provided by static typing, while adding many features commonly found in other modern programming languages.We have deployed Hack at Facebook and it has been a great success."

"Traditionally, dynamically typed languages allow for rapid development but sacrifice the ability to catch errors early and introspect code quickly, particularly on larger codebases. Conversely, statically typed languages provide more of a safety net, but often at the cost of quick iteration. We believed there had to be a sweet spot. Thus, Hack was born. We believe that it offers the best of both dynamically typed and statically typed languages, and that it will be valuable to projects of all sizes."

 

According to Facebook, most PHP files are already valid Hack files, so developers with large blocks of PHP code can hit the ground running with the new language. Interestingly, Facebook has implemented a type checker in Hack as a local server that watches the filesystem. The server keeps all information about the source code in memory and automatically updates itself when a file changes on disk.

The announcement post adds:

"We are delighted to open source both Hack and the tools you can use to automatically convert your codebase. This is just the first step, and we are dedicated to continuing to evolve this software to make development even easier for both our own engineers and the broader community. Hack's value is *not* limited to big projects: with type information, good error messages, and fast feedback, small codebases can reap the benefits of Hack as well. Next month, we will also introduce the language at the Hack Developer Day on the Facebook campus in Menlo Park, and we hope to see you there in person or online."

 

Related Activities

Related Software Related Blog Posts


    





Cisco, with Partners, to Put $1 Billion into OpenStack-based "Intercloud"

Mon, 24/03/2014 - 2:59pm

Cisco Systems has announced that it plans to invest more than $1 billion to expand its cloud business in the next two years, including building an OpenStack-based Intercloud, descrbied as a "network of clouds," with several partners. The Cisco global Intercloud is being built for the Internet of Everything, with real-time analytics, “near infinite” scalability and full compliance with local data sovereignty laws, according to the company. The Intercloud, which will feature open APIs for application development, will also deliver a new enterprise-class portfolio of cloud IT services for businesses and service providers.

The Internet of Everything has been getting quite a bit of attention lately, with The Linux Foundation also announcing its Allseen Alliance initiative, billed as "the broadest cross-industry consortium to date to advance adoption and innovation in the 'Internet of Everything' in homes and industry." Partners supporting the alliance include some of the world’s leading, consumer electronics manufacturers, home appliances manufacturers, service providers, retailers, enterprise technology companies, innovative startups, and chipset manufacturers.

The following organizations, which are either planning to deliver Cisco Cloud Services or have endorsed Cisco’s global Intercloud initiative, represent Cisco's cloud partners: Australian service provider Telstra; Canadian business communications provider Allstream; European cloud company Canopy; cloud services aggregator, provider and wholesale technology distributor Ingram Micro Inc.; global IT and managed services provider Logicalis Group; global provider of enterprise software platforms MicroStrategy, Inc.; enterprise data center IT solutions provider OnX Managed Services; information availability services provider SunGard Availability Services; and global IT, consulting and outsourcing company Wipro Ltd.

According to Cisco's announcement:

"The networked connection of people, data, processes and things, dubbed the Internet of Everything, is expected to be a $19 trillion economic opportunity in the coming decade.  The Internet of Everything movement, which is creating an entirely new set of requirements for globally distributed and highly secure clouds, has empowered Cisco and its partners to initiate the development of a massively scalable, flexible and highly secure Intercloud to deliver the mobile, collaborative and rich video cloud services that enable today’s new connected experiences."

The Intercloud will be based on OpenStack, and you can find out more about its architecture and the roles of partners on this page

Related Activities

Related Blog Posts


    





Security Exaggeration, Linux on ATMs, and Mac Ubuntu

Sat, 22/03/2014 - 2:45am

A lot of Websites are still covering the last couple of Linux security breaches and today Steven J. Vaughan-Nichols said, "It's not Linux's fault!" It rarely is. A lot of talk is heard lately about those last XP users and what they will use next, but yesterday ComputerWorld.com said ATMs will likely be migrated to Linux as well. That's a whole demographic we forgot to count. Jack Wallen says Google is "single-handedly" responsible for propelling Linux to the top. And Michael Larabel reports that Ubuntu 14.04 runs very well on MacBooks.

Steven J. Vaughan-Nichols says "Linux is as secure as ever. The real security hole lies with some of Linux's administrators and users." He first reminds folks that the last two Linux episodes resulted in less than 60,000 infected servers while just one Windows botnet claimed nearly two million. Besides that, one attacked default passwords on stand-alone devices with open service ports and the other relied upon stolen passwords and keys. Neither are the result of some vulnerability in the operating system itself. See his full story at ZDNet.com.

ComputerWorld.com is reporting that a whole lot of the ATMs in use in this country are still using Windows XP and more than 60% will still be using it passed the April 8 deadline. While that's a frightening thought, Jaikumar Vijayan says many owners may consider Linux as an alternative to upgrading expensive hardware. "30% of installed point of sale systems at convenience stores and petroleum retailers already are Linux-based." It just makes sense according to that article.

Jack Wallen at TechRepublic.com said today that "Google has single-handedly helped Linux to become one of the most popular platforms on the planet." He says Google has put Linux in more hands than Ubuntu, Red Hat, SuSE and all the rest combined. Well, I guess if count Android and Chrome OS as Linux. Read the rest for his "logic."

And finally today, or day before yesterday actually, Michael Larabel over at Phoronix.com said that "Not only is Ubuntu Linux now running on the MacBook Air without show-stopping issues, but its OpenGL performance can even beat Mac OS X 10.9.2." He then posts a bunch of benchmarks and a few pictures. Give that a read this weekend if you have or been thinking of getting one of those.

Bonus: Ruth Suehle's 7 favorite Raspberry Pi projects.

Related Activities

Related Software Related Blog Posts


    





Report: Tor Project Leaders Call Out Fake Tor Browser

Fri, 21/03/2014 - 3:07pm

Now here is a sneaky malware story that you don't hear every day: According to an online post being widely covered in the media (though it appears to have been taken down now) members of the Tor Project said that a fake application on the iOS App Store was billing itself as a Tor Browser and delivering up ads to users without permission from project leaders.  As we've written about before, using Tor to stay anonymous online is a practice seen around the world, and, in recent months Tor usage has soared due partly to user concerns over online snooping. Apple has reportedly taken the fake Tor browser down at this point.

According to The Register:

"Following months of protests, Apple has apparently removed from its App Store software that claimed to be a Tor-friendly web browser yet was allegedly loaded with adware and spyware. Members of the Tor Project said that a rogue application on the iOS App Store was billing itself as a Tor Browser and serving up ads to users without a license or permission from the group. Numerous attempts to remove the "fake" app were ignored by Apple before the application was made unavailable on Thursday afternoon, US West Coast time, amid growing pressure on Cupertino."

It's not hard to see how users getting stung by the fake browser would be upset. The whole reason users reach for Tor is to be anonymized and protect personal privacy online. Who wants opting in for it to lead to ads and malware? PCMag has collected some of the frustrated messages that users sent about the fake browser.

It's notable that according to recent statistics available through Tor Metrics Portal there has been a large 1increase in the number of Tor clients used and more than a million users are now connecting to the network. Tor, from the Tor Project, is one of the most powerful and flexible open source solutions for online anonymity, and it's clearly gaining popularity.  

In some areas in the world, opressive government regulations threaten free speech, and even in the U.S. there has recently been uproar over NSA snooping. That has helped boost usage of Tor. 

The process for getting an app listed with Apple is not all that easy, so it's surprising that a fake browser would make it up for availability and then stay up. It seems that even if you reach for software to keep you safe these days, that may be the first step in being unsafe.

Related Activities

Related Software Related Blog Posts


    





Red Hat Wraps Latest Open Source Offerings into Software Collections

Fri, 21/03/2014 - 2:53pm

Red Hat is out with its latest Sofware Collections package, arriving at version 1.1, and it is embracing Apache httpd and Nginx Web servers, Ruby 2.0, and NoSQL database MongoDB, among other previously unseen offerings. As Infoworld has noted:  "One of Red Hat Enterprise Linux's big selling points has been its consistency, in the operating system itself and the software packaged with it. Red Hat goes so far as to offer application certification -- now with Docker support -- to ensure the software running on top of RHEL behaves as expected. But what about developers who want to step outside the lines, so to speak, and run something a little more cutting-edge?"

Sure enough, version 1.1 of Software Collections includes the latest versions of many in-demand open source offerings.

The applications and platforms in this version of Sofware Collections are detailed on Red Hat's site. Included are PHP 5.4.16 and 5.5.6, Python 2.7.5 and 3.3.2, Ruby 1.9.3. and 2.0.0, Node.js 0.10, Nginx 1.4.4, MongoDB 2.4.9, and more.

According to Red Hat's announcement: "Today, we are pleased to announce the beta availability of Red Hat Software Collections 1.1, the second installment of Red Hat Software Collections which was launched in October 2013.  Red Hat Software Collections delivers a comprehensive suite of runtime languages, open source databases, and related tools helping developers and systems administrators accelerate the creation of stable, modern web applications."

The applications and platforms included in collections were actually determined by polling users and developers for wish lists. Some users have felt constrained by the applications available to them previously when using RHEL.

Red Hat Software Collections 1.1 Beta is available now for use with Red Hat Enterprise Linux 6. For more information on how to install Red Hat Software Collections view the Red Hat Software Collections 1.1 Beta release notes.

Related Activities

Related Blog Posts