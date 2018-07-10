Language Selection

today's leftovers

Friday 13th of July 2018 03:49:27 PM
Misc
  • Greens 'bewildered' by kerfuffle over Microsoft's Protected cloud status

    The Australian Greens say they are "bewildered" at the way the Australian Signals Directorate has handled Microsoft's application for Protected cloud certification and the subsequent departure of a top female officer from the agency's ranks.

    Protected cloud is the highest security classification for vendors and allows a company to apply for contracts to store top-secret Australian Government data.

    In response to queries from iTWire, Greens' digital communications spokesperson Senator Jordon Steele-John said: "A staffer within the Australian Signals Directorate dared to refuse an application from foreign multinational company, Microsoft.

    "This application ensured secure cloud services receiving protected certification. Approving this certification meant that Microsoft overseas employees could access secure information for government departments.

    [...]

    Microsoft has been allowed to have staff based abroad handle systems on which top-secret data is stored. For the other four Australian companies, only staff vetted by the ASD can administer these systems.

    "It seems that there is one rule for multinational corporations, and another rule for Australian businesses, who are yet to get a look in to providing Protected cloud services to the Australian Public Service," Senator Steele-John said.

    "Australians have a right to know that the corporate interest is not being put ahead of the the security of our data."

  • Container Adoption Starts to Outpace DevOps

    A new survey finds the number of organizations using containers is poised to pass the number of organizations employing DevOps processes in the months ahead. Less clear, however, is the degree to which adoption of containers will force organizations to embrace DevOps.

    The survey of 601 IT decision-makers conducted by ClearPath Strategies on behalf of the Cloud Foundry Foundation (CFF) finds that 32 percent of respondents have adopted containers and are employing DevOps processes. But the number of respondents who plan to adopt or evaluate containers in the next 12 months is 25 percent, while 17 percent are planning to adopt or evaluate DevOps processes. Overall, the survey finds that within the next two years, 72 percent of respondents either already are or expect to be using containers. That compares to 66 percent who say the same for DevOps.

  • MKVToolNix 25.0.0 Released, Linux AppImage Now Available

    MKVToolNix, the free and open source set of tools used for creating, editing, and inspecting Matroska files (MKV, MK3D, MKA, and MKS), was updated to version 25.0.0, bringing quite a few bug fixes along with a few enhancements. With this release, a Linux AppImage is available "which should run on any Linux distribution released around the time of CentOS 7/Ubuntu 14.04 or later".

  • Fixing issues with the “New Messages” divider

    Fractal is a Matrix client for GNOME and is written in Rust. Matrix is an open network for secure, decentralized communication.

OSS Leftovers

  • What's the difference between a fork and a distribution?
    If you've been around open source software for any length of time, you'll hear the terms fork and distribution thrown around casually in conversation. For many people, the distinction between the two isn't clear, so here I'll try to clear up the confusion.
  • Stordis and Barefoot Lead Open Source Networking in Europe
    The German company Stordis distributes telecom equipment in Europe. But Stordis is in the process of repositioning itself as the champion of open source networking hardware and software for European service providers. And it’s working closely with Barefoot Networks as part of its strategy. It plans to provide hardware from bare metal suppliers such as Edgecore and Delta. It will offer consultancy and support services to help European service providers adopt open source networking software. And the company is in the process of ramping the manufacturing of a 100 Gig switch that is based on Barefoot’s Tofino programmable chip. [...] But Stordis’ strategy of targeting broadcasters first will hopefully lead to a willingness for other service providers to try open source. And the company is involved with the Open Networking Foundation (ONF).
  • Talking mobile edge computing and open source software with Kontron Canada Inc.
    A crucial facilitator of Kontron Canada’s hardware-software evolution has been open source software. Integration of OpenStack in particular has proven a differentiator for the company, not least because it can tap into the expertise of a community of experts at an economical price. Open source software also enables flexibility for clients to build networks and data centres in their own way. However, while the perks of cloud adoption for organisations in industries such as telecoms are well-documented, deterrents such as higher than anticipated costs, start-up delays and being locked into a vendor’s specific approach do exist. Kontron’s OpenStack turnkey platform solution, fully integrated with the Canonical distribution of Ubuntu OpenStack, alleviates these concerns. Robert explains how Kontron’s hardware must keep aligned with updates from Canonical and the OpenStack community: “Canonical have their own releases of their distribution of OpenStack and our software team does all the work behind the scenes to make sure that it will be fully validated and integrated on our hardware.
  • Perspecta to Sponsor 7th Annual OSEHRA Open Source Summit; Mac Curtis Comments
  • Rethinking our approach to open-source data
    Open-source data is built on the foundation of long-term useability, authenticity and reliability. Its public nature means that it can be accessible anywhere with an internet connection. Yet when we talk about the government data that needs to be protected for national security reasons, classified information—related to defence and intelligence services—often takes precedence. But what about the protection of unclassified, open-source government data? Websites like data.gov.au, Trove and Parl Info Search host a broad range of data that collectively documents the political, social and cultural history of Australia. Over time, this data accumulates to paint a detailed picture of our country. It’s a high-value dataset given the trends big data analytics can reveal.

Windows Server 2016 vs. FreeBSD 11.2 vs. 8 Linux Distributions Performance Benchmarks

Given the recent releases of FreeBSD 11.2, Scientific Linux 6.10, openSUSE Leap 15, and other distribution updates in the past quarter, here are some fresh benchmarks of eight different Linux distributions compared to FreeBSD 11.2 and Microsoft Windows Server 2016. The tested Linux platforms for this go-around were CentOS 7.5, Clear Linux 23610, Debian 9.4, Fedora Server 28, openSUSE leap 15.0, Scientific Linux 6.10, Scientific Linux 7.5, and Ubuntu 18.04 LTS. Read more

Security: Chip Defects and More

  • Chrome Web Browser Will Now Use 10% More RAM With Spectre Fix
  • Chrome 67 protects against Spectre hacks but gobbles more RAM

    The new feature basically splits the render process into separate tasks using out-of-process iframes, which makes it difficult for speculative execution exploits like Spectre to snoop on data.

  • Linux, malware and data breaches – what can we learn? [VIDEO] [Ed: The insecurity industry, which profits from selling snake oil for Windows, relishes in the idea that GNU/Linux is not secure]
    We thought we’d dig into the recent malware infestation at Gentoo Linux – how it happened, how Gentoo responded, and how to avoid this sort of crisis in your own network. We think Gentoo did a good job in a bad situation, and we can all learn something from that.
  • Speculative Load Hardening Lands In LLVM For Spectre V1 Mitigation
    The Speculative Load Hardening (SLH) effort that has been in development for months as a compiler-based automated Spectre Variant One mitigation technique has landed within LLVM trunk. Happening in time for LLVM 7.0 is this initial Speculative Load Hardening for x86/x86_64 while ARM developers are also working on leveraging SLH within LLVM for AArch64 (64-bit ARM) as well.
  • Senators press federal election officials on state cybersecurity

    “Many elections across the nation do not have auditable elections. They are done completely electronically,” Sen. James Lankford (R-Okla.) told the panel of witnesses at a hearing on election security preparedness convened by the Senate Rules and Administration Committee.

    Thomas Hicks, the head of the EAC, indicated that states decide whether they want to have auditable elections.

