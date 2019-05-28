Language Selection

Linux Foundation, Trade Wars and Revisionism/FUD

Sunday 2nd of June 2019 08:56:20 PM Filed under
Linux
OSS
  • Cloud computing community needs more women to join, says CNCF ecosystem director

    From Ada Lovelace to Grace Hopper, women have played an important part in the development of computing. Female executives such as Ginni Rometty and Meg Whitman have opened the doors of the boardroom; and women-led start-ups abound.

    Yet despite these high-profile successes, the overall percentage of women and minorities in tech is still ridiculously low. One place where this really stands out is in the open-source community, where male contributors outnumber women.

  • What's happening with the Linux sustainable energy initiative? An update from LF Energy

    In the short time since we last interviewed LF Energy's executive director Shuli Goodman - in November 2018, shortly after it was founded - the body, which came out of the Linux Foundation and aims to make energy usage drastically more efficient with an open source framework, has added more than 20 new members and established three projects.

    Big hitters including the sustainable research subsidiary NREL of America's Department of Energy, Monash University, IBM, Stanford University, Washington State, Vanderbilt, and École Polytechnique Fédérale de Lausanne have joined as members, with a view to finding a collaborative way to better manage energy consumption and distribution.

    [...]

    The Open Energy Data Initiative (OEDI) could provide the "means and mechanisms" for being able to work with big data in energy, she explained, from data lakes to AI algorithms. This is probably "one of the highest priorities" that she finds when speaking with utilities providers.

    "Very few utilities globally have either the capacity or the reach in terms of the amount of data, to be able to really, in a wholesale way, transition to AI and machine learning," she explained. "They actually need each other to be able to do that in the predictive maintenance space - it's not like transformers fail a lot, but what it's going to take is a lot of data across a lot of data points to be able to really successfully begin managing the grid."

    OEDI, then, is a "foundational element" to say to the market that there is an opportunity in better energy management with an open source approach to big data.

  • The Linux foundation brings global unification through open-source collaboration

    It is a gathering storm of technological advances: artificial intelligence, network virtualization, 5G, containerized applications, neural processing units. As new technology enables greater connectivity, the race toward a smart society based on the internet of things gathers speed.

    Thanks to open-source collaboration, the journey has become a cooperative one rather than a arms race. Software developers understand that pooling knowledge and resources is more productive than working alone; and project collaboration overcomes political and geographical differences.

    “As a global community … whether it’s Europe, Asia, China, India, [or] Japan, developers are coming together very nicely through a common governance which crosses boundaries,” said Arpit Joshipura (pictured), general manager of networking, orchestration, and edge/internet of things at the Linux Foundation.

  • Huawei Crackdown Hits Open Source Groups

    Organizations including IEEE, multiple Linux Foundation groups, the Open Networking Foundation, and the OpenStack Foundation have been busy studying the legal limits of Huawei’s involvement following actions by the U.S. government. ETSI and 3GPP haven’t responded to requests for comment on the matter, and while none of the aforementioned groups have outwardly restricted Huawei’s access, they note that the situation is fluid and will continue to be reviewed by legal counsel.

    “This is just a piece of the trade war,” William Ho, principal analyst at 556 Ventures, told SDxCentral. If the restrictions being levied against Huawei are central to the U.S.-China trade war, “this will all be rolled back” similar to what happened with ZTE, another China-based vendor. But the long-term damage could still hurt Huawei’s prospects.

    “Everybody’s got ideas, and I think that open source and all those organizations bring in a breadth of different thought,” Ho said. “If you operate in a vacuum, you’re not going to get that… It’s only effective if there’s global cooperation in technology, and 5G and 4G has been beneficiary versus 3G in the past.”

  • Open Source Software Licensing [Ed: Open Source? They mean Free software, which predates it. Also fails to mention GNU and starts with Linux.]

    For over 30 years, open source software (OSS) has formed the backbone of the technology industry. Today, it is nearly impossible to find a computing device that does not utilize an open source component. For example, the Linux kernel powers well over a billion devices. As the adoption of OSS accelerates, it is increasingly important to understand the history, legal issues, and future challenges of the open source world.

Audiocasts/Shows: 45 Minutes With Linus Torvalds, Lenovo Thinkpad X1 Extreme Laptop (Running Linux) and SMLR's Latest

Openwashing, Sharing and FOSS in Healthcare

  • St. Jude Cloud's open-source genomics research data now available in real-time [Ed: This is about open data, not open source. Different things. Misleading.]
    St. Jude Children's Research Hospital is updating its cloud-based repository of pediatric whole-genome sequencing data to include prospective clinical data, the Memphis, Tenn.-based treatment and research facility announced May 28. Like other such databases, the St. Jude Cloud initially comprised genomics data collected retrospectively and released after corresponding research had been published. Now, however, it will be updated monthly with whole-genome, exome and transcriptome data from consenting subjects, making St. Jude the first institution to release real-time clinical genomics data.
  • IPF Open Source Imaging Consortium Launched to Advance Diagnosis [Ed: "Open Source" as PR, no substance to it]
  • Open-source group to aid ILD care through digital imaging, ML
    A group of experts conducting research in an aspect of lung disease associated with respiratory diseases such as emphysema is forming an Open Source Imaging Consortium to aid diagnosis through digital imaging and machine learning.
  • Open Source System Debuts for EHR Data Sharing [Ed: A bit more about data sharing than Open Source]
    A consortium of cancer care institutions released details on a prototype system designed to link electronic health record (EHR) systems to provide a source of real-world patient information to guide research and improve cancer treatment. Minimal Common Oncology Data Elements (mCODE) is an open source system allowing for the interflow of common clinical data amassed on patients within institutional EHR systems. mCODE collects data on 6 core domains: patient characteristics and demographics; lab tests and vital signs; specific details regarding the cancer; genomics such as molecular characteristics; treatments including surgical, radiation, drug and other treatments; and outcomes, such as current cancer status and survival. These elements of the patient journey are subdivided into 27 types of profiles and encompass 73 distinct data elements that can provide critical information for clinical inquiry. The initial set of standards and specifications for mCODE was released at the 2019 American Society of Clinical Oncology Annual Meeting by a collaboration including ASCO, its nonprofit subsidiary CancerLinQ, the MITRE Corporation, and the Alliance for Clinical Trials in Oncology Foundation...
  • Open-Source System Introduced to Guide, Improve Cancer Treatment Through EHR Systems
    The lack of interoperability and inability to share information among EHR systems smoothly has long been a concern among oncologists and an impediment to large-scale research efforts that depend on agglomerations of data that, when mined, filtered, and analyzed, yield insights into drug performance and patient experiences under treatment.

Security: Firmware, 2FA, Microsoft Partners, FUD and KeePassXC 2.4.2

  • Why open source firmware is important for security

    I gave a talk recently at GoTo Chicago on Why open source firmware is important and I thought it would be nice to also write a blog post with my findings. This post will focus on why open source firmware is important for security.

  • How much is good online security worth to you? How about $100,000? [iophk: "except that 2FA is used to lock people into Google's proprietary mail clients, as they do not support 2FA on IMAP and probably never will since it is an open protocol which allows free choice of mail clients, not just Google's"

    Google’s research indicates that spear phishing emails impersonating family members, colleagues, government officials, or even Google itself, are the main ways to break into accounts. Attacks can persist for several weeks, and involve sophisticated man-in-the-middle techniques that prompt users to enter not just their password, but also authentication codes sent by SMS or from devices running software like Google Authenticator. Because of this weakness – and those deriving from the SIM swap attack – Google recommends that “high-risk users” enrol in its Advanced Protection Program, which requires the use of hardware 2FA keys.

    The cost of these is very low now – typically around $25. Of course, the downside with such hardware keys is that they require setting up, carrying around and using. Whether the undoubted extra security is worth the extra effort will depend on individual circumstances. For those who manage to minimise how much about their personal lives appears online, it may be enough to use weaker forms of 2FA. But given the central importance of email accounts in our digital lives, and how gaining control of them makes taking over other online services much easier, it is certainly something that people should seriously consider. Buying hardware keys could prove one of the best investments they ever make. Just ask someone who didn’t, and paid the price. In the case of Sean Coonce, that price turned out to be $100,000.

  • Open Source Security - How to Defend at the Speed of Attack
    On the sixth stop of a multi-city tour, ISMG and Sonatype visited San Francisco for an engaging discussion on how to mitigate risks introduced by open source software. Sonatype CMO Matt Howard discusses the relevance and value of this application security conversation. The reason why this topic resonates so well across sectors and regions? "Because software is the last path for differentiation in every industry," Howard says, "and whether you know it or not, every business in the world today is largely a software company."
  • Venafi: Four Ways Open Source Libraries Leave Organizations at Risk [Ed: of course proprietary software is absolutely perfect and comes with no risks, holes, back doors and so on]
  • WordPress Slick Popup plugin could leave backdoor open to hackers [Ed: This is a really sloppy case of programming or intentional malice caught thanks to the source being available. "The login credentials for the administrative accounts are the same for all of the sites."]
  • Netgate® Progresses TNSR™ Open Source Secure Networking with Release 19.05
  • KeePassXC 2.4.2 released
    We are happy to announce KeePassXC 2.4.2, the second maintenance release of the 2.4 series! This release fixes several bugs and introduces a memory wiping feature that will reduce the risk of secrets remaining in memory after a database is locked or being swapped to disk. Combined with the existing restrictions on memory access by non-administrators, this feature increases the security of KeePassXC. Other notable changes are fixes to entry editing, prevention of infinite save loops, ability to open non-http url’s, and preventing data loss when opening a database with duplicated attachment binaries.
  • KeePassXC Password Manager 2.4.2 Released (Howto Install)
    KeePassXC, cross-platform community fork of KeePassX, released version 2.4.2 a few days ago with many improvements and security fixes.

