Language Selection

English French German Italian Portuguese Spanish

Steven

Syndicate content ZDNet | open-source RSS
ZDNet | open-source RSS
Updated: 3 hours 52 min ago

No love lost between security specialists and developers

Thursday 18th of July 2019 01:36:10 PM
GitLab finds 68% of security professionals feel that less than half of developers can spot security vulnerabilities, but most people feel it's a programmer's job to write secure code.

From Linux to cloud, why Red Hat matters for every enterprise

Wednesday 17th of July 2019 01:58:00 PM
Today, Red Hat dominates enterprise Linux. Tomorrow, it wants to rule the cloud. With IBM beside it, don't bet against it.

Where do IBM and Red Hat go from here?

Tuesday 9th of July 2019 08:12:00 PM
The deal is done. Here's where the open-source powers see their path moving forward.

Debian 10 'Buster' Linux arrives

Tuesday 9th of July 2019 01:40:00 AM
Over two years in the making, the latest version of Debian Linux arrives.

Microsoft admitted to private Linux developer security list

Monday 8th of July 2019 07:55:00 PM
Linux developers recognize Microsoft's contributions to Linux and security -- by letting the company's Linux developers in its closed linux-distro security list.

Microsoft asks to join private Linux security developer list

Monday 1st of July 2019 12:33:19 AM
Microsoft's migration from Linux enemy to Linux friend continues in security circles.

Microsoft developer reveals Linux is now more used on Azure than Windows Server

Monday 1st of July 2019 12:19:00 AM
Linux rules all the clouds now, including Microsoft's own Azure.

Valve to continue Steam gaming on Ubuntu Linux

Thursday 27th of June 2019 06:19:00 PM
But, the gaming company isn't happy with Canonical and will try to work closer with other Linux distributors.

SUSE Manager 4: Traditional server management marries DevOps

Wednesday 26th of June 2019 07:04:00 PM
The latest SUSE Linux server management program combines the best of older sysadmin approaches with Salt DevOps.

SUSE Linux bridges the gap between the server and the cloud

Tuesday 25th of June 2019 07:49:48 PM
The new SUSE Linux Enterprise 15 Service Pack 1 is positioned as the operating system for servers, datacenters, and the cloud.

Canonical returning 32-bit Ubuntu Linux support after gaming uproar

Monday 24th of June 2019 06:44:00 PM
32-bit software should be functionally obsolete, but it turns out to live on in a 64-bit computing world. So, Canonical is putting 32-bit libraries back in to its next Ubuntu Linux releases.

Red Hat's last quarterly report?

Thursday 20th of June 2019 09:20:00 PM
With the months ticking down to IBM's acquisition of Red Hat, the Linux and cloud power, business continues to perform at a high level.

Important, but obscure, sysadmin tool osquery gets a foundation of its own

Thursday 20th of June 2019 08:32:36 PM
This relatively unknown, but useful, sysadmin tool is getting a new chance for glory via The Linux Foundation.

All Linux, all the time: Supercomputers Top 500

Tuesday 18th of June 2019 07:09:09 PM
The new list of the world's fastest computers is out and, once more, every last one runs Linux.

Docker embraces Windows Subsystem for Linux 2

Tuesday 18th of June 2019 03:11:58 PM
Docker has realized that Microsoft's new Windows Subsystem for Linux 2 has made Windows much more attractive both to Docker and its container developers for both Windows and Linux platforms.

CERN leaves Microsoft programs behind for open-source software

Wednesday 12th of June 2019 08:30:06 PM
A price tag hike has CERN, one of the world's leading scientific research organizations, moving from Microsoft programs for more affordable open-source software.

Medicine needs to embrace open source

Monday 10th of June 2019 04:55:00 PM
The expensive and abusive pharmaceutical industry needs to open up to improve everyone's health.

Red Hat Enterprise Linux 7.7 beta is now available

Wednesday 5th of June 2019 06:12:00 PM
The last RHEL 7 version is on its way out the door for enterprise Linux users.

The Linux desktop's last, best shot

Monday 3rd of June 2019 07:13:24 PM
With Microsoft cutting off support for Windows 7, the Linux desktop may finally get its day in the sun. But are Linux companies ready to take advantage of their opportunity?

Dell releases more high-end Ubuntu Linux laptops

Friday 31st of May 2019 02:36:49 PM
Linux PCs are growing in popularity for professional programmers and Dell continues to back them.

More in Tux Machines

Database News on YugaByte Going for Apache 2.0 Licence

  • YugaByte Becomes 100% Open Source Under Apache 2.0 License

    YugaByte, a provider of open source distributed SQL databases, announced that YugaByte DB is now 100% open source under the Apache 2.0 license, bringing previously commercial features into the open source core. The transition breaks the boundaries between YugaByte’s Community and Enterprise editions by bringing previously commercial-only, closed-source features such as Distributed Backups, Data Encryption, and Read Replicas into the open source core project distributed under the permissive Apache 2.0 license. Starting immediately, there is only one edition of YugaByte DB for developers to build their business-critical, cloud-native applications.

  • YugaByte's Apache 2.0 License Delivers 100% Open Source Distributed SQL Database

    YugaByte, the open source distributed SQL databases comapny, announced that YugaByte DB is now 100 percent open source under the Apache 2.0 license, bringing previously commercial features into the open source core. The move, in addition to other updates available now through YugaByte DB 1.3, allows users to more openly collaborate across what is now the world’s most powerful open source distributed SQL database.

  • SD Times Open-Source Project of the Week: YugaByte DB

    This week’s SD Times Open Source Project of the Week is the newly open-sourced YugaByte DB, which allows users to better collaborate on the distributed SQL database. The move to the open-source core project distributed under the Apache 2.0 license makes previously closed-sourced features such as distributed backups, data encryption and read replicas more accessible, according to the team. By doing this, YugaByte plans to break the boundaries between YugaByte’s Community and Enterprise editions. “YugaByte DB combines PostgreSQL’s language breadth with Oracle-like reliability, but on modern cloud infrastructure. With our licensing changes, we have removed every barrier that developers face in adopting a business-critical database and operations engineers face in running a fleet of database clusters, with extreme ease,” said Kannan Muthukkaruppan, co-founder and CEO of YugaByte.

Programming: Ruby, NativeScript, Python, Rust/C/C++ FUD From Microsoft

Security Leftovers

  • Alas, Poor PGP

    The first is an assertion that email is inherently insecure and can’t be made secure. There are some fairly convincing arguments to be made on that score; as it currently stands, there is little ability to hide metadata from prying eyes. And any format that is capable of talking on the network — as HTML is — is just begging for vulnerabilities like EFAIL. But PGP isn’t used just for this. In fact, one could argue that sending a binary PGP message as an attachment gets around a lot of that email clunkiness — and would be right, at the expense of potentially more clunkiness (and forgetfulness). What about the web-of-trust issues? I’m in agreement. I have never really used WoT to authenticate a key, only in rare instances trusting an introducer I know personally and from personal experience understand how stringent they are in signing keys. But this is hardly a problem for PGP alone. Every encryption tool mentioned has the problem of validating keys. The author suggests Signal. Signal has some very strong encryption, but you have to have a phone number and a smartphone to use it. Signal’s strength when setting up a remote contact is as strong as SMS. Let that disheartening reality sink in for a bit. (A little social engineering could probably get many contacts to accept a hijacked SIM in Signal as well.) How about forward secrecy? This is protection against a private key that gets compromised in the future, because an ephemeral session key (or more than one) is negotiated on each communication, and the secret key is never stored. This is a great plan, but it really requires synchronous communication (or something approaching it) between the sender and the recipient. It can’t be used if I want to, for instance, burn a backup onto a Bluray and give it to a friend for offsite storage without giving the friend access to its contents. There are many, many situations where synchronous key negotiation is impossible, so although forward secrecy is great and a nice enhancement, we should assume it to be always applicable. [...] My current estimate is that there’s no magic solution right now. The Sequoia PGP folks seem to have a good thing going, as does Saltpack. Both projects are early in development, so as a privacy-concerned person, should you trust them more than GPG with appropriate options? That’s really hard to say.

  • Armadillo Is An Open-Source “USB Firewall” Device To Protect You Against USB Attacks

    Exchanging data using USB devices is something that we do on a daily basis. But how often do you think that the next USB device that you’ll plug into your PC’s port could be malicious? In the past, researchers have unveiled 29 types of USB attacks that could compromise your sensitive data by simply plugging in a USB device. Globotron’s Armadillo is a device that you could use to protect yourself from USB attacks.

  • Open source solutions in autonomous driving: safety is more than an afterthought [Ed: A lot less likely to contain back doors, unlike proprietary software where this has become rather 'standard' a 'feature']

    In the automotive industry, in-vehicle infotainment (IVI) systems were one of the early adopters of open source operating systems, namely Linux. Today’s innovation and success with IVIs can largely be attributed to this approach. Collaborative efforts such as the GENIVI Alliance and Automotive Grade Linux—where automakers, suppliers, and their competitors agree to share common elements of the IVI software stack—are enabling rapid development in this area.

  • New open source solution reduces the risks associated with cloud deployments [Ed: This is an inherently flawed kind of logic because if you handed over control to AWS, then the Pentagon already controls everything and thus you have zero security, you're 'pwned' by definition]

    The Galahad software will be deployed to AWS and provides a nested hypervisor on AWS instances. There, it will monitor role-based virtual machines virtually across all levels of the application stack including the docker container: the basic unit of software that packages an application to run quickly between computing environments.

  • Open-Source Exploit: Private Keys in MyDashWallet Exposed for Two Months- Users Should Move Funds Immediately [Ed: Highly misleading headline. This has nothing to do with "Open Source"; it's about some fool who uploaded private keys]

    The private keys of Dash crypto coins being held in online software “hot wallet” called MyDashWallet have been exposed to hackers for two months, and anyone using the wallet should immediately move funds out. A “hot wallet” is any cryptocurrency software “wallet” connected to the Internet.

Devices: 'IoT', SparkFun and Beelink L55

  • Top 20 Best Internet of Things Projects (IoT Projects) That You can Make Right Now

    Internet of Things (IoT) is a new predominant technology for this advanced world. This technology can change the lifestyle people lead. Question is what the Internet of Things is? IoT can be described as a network of physical objects connected through the internet. Physical objects could be anything that contains embedded electronics, software, sensor, etc. with the internet. Using the IP addresses, those smart objects can exchange data among the network and can make a decision. A significant number of researches is going on over the IoT trends and projects. In this article, we will talk about a few IoT project ideas based on standard IoT protocols, so that readers get the basic knowledge about the Internet of Things. These internet of things example are keen, useful, and interesting to build.

  • Open-Source SparkFun Module Supports Low-Power TensorFlow Machine Learning

    SparkFun has released the SparkFun Artemis, Engineering Version, an open-source embedded development kit that supports the TensorFlow machine learning environment. Designed for toolchain-agnostic, low-power machine learning development, the 15.5 mm x 10.5 mm Artemis board includes... [...] In addition to a secure firmware update system, flexible, serial peripherals, a suite of clock sources, and camera compatibility, the Artemis board features large SMD pads that support carrier board implementations. SparkFun has launched three carrier boards in conjunction with the release of the Artemis, Engineering version board: the BlackBoard Artemis (Arduino Uno footprint); BlackBoard Artemis Nano (smallest form factor); and BlackBoard Artemis ATP (with 48 GPIO pins).

  • Beelink L55 Review – An Intel Core i3-5005U Mini PC Tested with Windows 10 & Ubuntu 18.04

    With the shortage of Gemini Lake processors, some manufacturers have taken to releasing new mini PCs using older CPUs