Red Hat, IBM, and Fedora Leftovers

Saturday 3rd of August 2019
Red Hat
  • Shifting culture is the best way to reignite public-sector innovation

    Right now, we're in a storm of digital disruption, also known as the Fourth Industrial Revolution or any of the other trendy monikers coined in recent years. The truth is that the speed of innovation today makes long-term planning incredibly difficult.

    Like everyone, government organizations are struggling to chart paths forward in the face of a fast-moving and increasingly ambiguous future. According to a 2018 report from the Congressional Research Service, federal government IT budgets are growing, but so are the costs of maintaining older systems.

    The only way government agencies -- or any organization -- will continue to thrive amid continual, innovative disruptions will be to fundamentally rethink how they operate.

  • Multi-cloud: 5 important trends to watch

    Going by the most straightforward definition of multi-cloud – using two or more cloud services from two or more vendors – outsized numbers about multi-cloud adoption shouldn’t really surprise anyone, especially IT pros. It seems hard these days to not use at least a handful of cloud-based services.

  • Three Weeks After Closing the Red Hat Deal, IBM Rolls Out New Cloud Offerings

    Managed services and software optimized for Red Hat OpenShift and Linux aimed at helping enterprises move to the cloud.

  • The Big Picture

    IBM finally closed the deal to purchase Red Hat this month, writing a $34 billion check for the leading Linux company in hopes of restarting its cloud and network service endeavors. Red Hat was a really big fish in the open source scene, but they are tiny compared to IBM, and many observers are wondering how this story will unfold.

    In the press release confirming the sale [1], IBM said all the right things, leading off the announcement with the following bullets:

    IBM preserves Red Hat's independence and neutrality; Red Hat will strengthen its existing partnerships to give customers freedom, choice, and flexibility.
    Red Hat's unwavering commitment to open source remains unchanged.
    Together, IBM and Red Hat will deliver a next-generation hybrid multicloud platform.

    As you probably already know, this deal is all about the cloud, and about integrating hybrid cloud with IBM's existing business service portfolio. The quote from IBM CEO Ginni Rometty sounds like a manifesto, "Businesses are starting the next chapter of their digital reinventions, modernizing infrastructure and moving mission-critical workloads across private clouds and multiple clouds from multiple vendors. They need open, flexible technology to manage these hybrid multicloud environments. And they need partners they can trust to manage and secure these systems. IBM and Red Hat are uniquely suited to meet these needs. As the leading hybrid cloud provider, we will help clients forge the technology foundations of their business for decades to come."

  • FPgM report: 2019-31

    Here’s your report of what has happened in Fedora Program Management this week. Flock is this week in Budapest.

Shifting OpenShift

  • IBM moves quickly to shift software base to Red Hat OpenShift

    IBM Corp. is losing no time in its efforts to demonstrate results from its acquisition of Red Hat Inc., which closed just three weeks ago.

    The company today is announcing that it will make much of its software portfolio available in cloud-native form on OpenShift, which is Red Hat’s version of the Kubernetes container orchestration manager. Containers are portable, self-contained software environments and Kubernetes is a management layer for large container deployments.

    “Cloud-native” is a term for software that’s constructed to take advantage of cloud-specific features such as near-limitless scalability and flexible, usage-based pricing. Many cloud applications are essentially versions of on-premises software that has been shifted to the cloud without the full benefit of cloud-specific features.

    “Cloud isn’t just about sticking content in a container,” said Hillery Hunter, chief technology officer of IBM Cloud. “It’s about getting IT operational efficiency and automation.”

Security Leftovers

  • Best VPN for Ubuntu in 2019 (Full Review)

    Linux is a highly customizable and completely open-source operating system that gives you full control over your computer. The Ubuntu distribution takes that customizability and adds a layer of user-friendliness on top. You get all the security benefits of Linux, only you don’t have to be a command line expert to get things done. Even though Ubuntu is more secure than other operating systems, out of the box it doesn’t do much to protect data leaving your device. VPNs bridge that crucial gap by providing encryption for every packet that exits your home network. You’ll get non-local privacy along with a high level of anonymity, all from the comfort of your own Ubuntu system.

  • Cisco's failure to heed whistleblower's warning about security defects in video surveillance software costs the company $8.6m in fines
                       
                         

    There's a lesson here about the people who advocate for allowing companies to decide when defects in their products can be revealed: companies are not trustworthy custodians of bad news about their products, even (especially) when the stakes are high and they face titanic liability for failing to mitigate reported defects.  

  • GitLab Is A Very Powerful Tool For Security: Liz Rice Of Aqua Security

    The ‘Takeaway’ from this interview is that GitLab is a very powerful tool for security. Guest Liz Rice, VP of Open Source Engineering at Aqua Security.

  • Liz Rice On Technology & Culture Of The Cloud Native World

    Liz Rice, VP of Open Source Engineering at Aqua Security sat down with Swapnil Bhartiya at KubeCon and CloudNativeCon, Barcelona, to talk about a wide range of topics.

  • bzip2 and the CVE that wasn’t

    Compiling with the GCC sanitizers and then fuzzing the resulting binaries might find real bugs. But not all such bugs are security issues. When a CVE is filed there is some pressure to treat such an issue with urgency and push out a fix as soon as possible. But taking your time and making sure an issue can be replicated/exploited without the binary being instrumented by the sanitizer is often better. This was the case for CVE-2019-12900 “BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors“. The bzip2 project had lost the domain which it had used for the last 15 years. And it hadn’t seen an official release since 2010. The bzip2 project homepage, documentation and downloads had already been moved back to sourceware.org. And a new bug tracker, development mailinglist and git repository had been setup. But we were still in the middle of a code cleanup (removing references to the old homepage, updating the manual and adding various cleanups that distros had made to the code) when the CVE was filed.

today's howtos

Programming: Test Driven Development (TDD), Cryptocurrency, Mocking, Dask and Vim

  • Lesson In Adopting Test Driven Development (TDD)

    Test Driven Development (TDD) has been a part of the developer's term that I view it as an arcane art for me. As a love or hate relationship between the developer who swears by it exclusively to you don't need this attitude. Which is similar to adopting Agile software management practices for an organisation. I found out about it more as I became involved in helping to guide developers in Python for a developer gym organised by Junior Developer Singapore.

  • Use the Blockchain data to populate the combo box

    Previously the cryptocurrency application has loaded the world currency text file and then populate the currency combo box based on the currency symbol in that text file. In this article, the cryptocurrency program will use the returning currency symbol from Blockchain to populate that same combo box.

  • Why your mock doesn’t work

    Mocking is a powerful technique for isolating tests from undesired interactions among components. But often people find their mock isn’t taking effect, and it’s not clear why. Hopefully this explanation will clear things up. BTW: it’s really easy to over-use mocking.

  • Dask joins NumFOCUS Sponsored Projects

    Dask is an open source library for natively scaling Python. It provides advanced parallelism for analytics, enabling performance at scale for the tools you love. Dask builds on existing Python libraries like NumPy, pandas, and scikit-learn to enable scalable computation on large datasets. In addition, Dask provides a general purpose framework to enable advanced users to build their own parallel applications. Dask enables analysts to scale from their multi-core laptop to thousand-node cluster.

  • [Older] History and effective use of Vim

    This article is based on historical research and on simply reading the Vim user manual cover to cover. Hopefully these notes will help you (re?)discover core functionality of the editor, so you can abandon pre-packaged vimrc files and use plugins more thoughtfully.

Linux heads for space in hardened Ai-RIO computer

Aitech announced that its VxWorks-driven “Ai-RIO” computer, which is available in separate Space and Mil/Aero configurations, now offers a Linux BSP. The rugged Ai-RIO runs on a PowerPC-based NXP P1020 and offers radiation resistance and modular I/O expansion. Commercial space travel is on the verge of becoming a major market for embedded computing. Much of it is RTOS-driven to ensure greater reliability, but with the advent of real-time Linux kernels, the penguin is playing a growing role. On the low-end, Fossbyte just reported that the European Space Agency is using Raspberry Pi Zero SBCs on its experimental CryptIC CubeSat for low-cost encryption. On the high-end are hardened computers like Aitech’s intelligent Ai-RIO Remote I/O interface Unit (RIU), which has just gained a Linux BSP to join the existing VxWorks 6.9 support. Read more

