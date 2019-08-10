Language Selection

Linux Stressed in Fedora, Red Hat/IBM and Security

Tuesday 13th of August 2019
Red Hat
Security
  • Fedora Developers Discuss Ways To Improve Linux Interactivity In Low-Memory Situations

    While hopefully the upstream Linux kernel code can be improved to benefit all distributions for low-memory Linux desktops, Fedora developers at least are discussing their options for in the near-term improving the experience. With various easy "tests", it's possible to easily illustrate just how poorly the Linux desktop responds when under memory pressure. Besides the desktop interactivity becoming awful under memory pressure, some argue that an unprivileged task shouldn't be able to cause such behavior to the system in the first place.

  • How open source can help banks combat fraud and money laundering

    Jump ahead a few years to the Fourth EU AML Directive - a regulation which required compliance by June 2017 - demanding enhanced Customer Due Diligence procedures must be adhered to when cash transactions reach an aggregated amount of more than $11,000 U.S. dollars (USD). (The Fifth EU AML Directive is on the way, with a June 2020 deadline.) In New Zealand’s Anti-Money Laundering and Countering Financing of Terrorism Amendment Act of 2017 it is stated that banks and other financial entities must provide authorities with information about clients making cash transactions over $6,500 USD and international monetary wire transfers from New Zealand exceeding $650 USD. In 2018, the updated open banking European Directive on Payment Services (PSD2) that requires fraud monitoring also went into effect. And the Monetary Authority of Singapore is developing regulations regarding the use of cryptocurrencies for terrorist funding and money laundering, too.

  • Automate security in increasingly complex hybrid environments

    As new technologies and infrastructure such as virtualization, cloud, and containers are introduced into enterprise networks to make them more efficient, these hybrid environments are becoming more complex—potentially adding risks and security vulnerabilities.

    According to the Information Security Forum’s Global Security Threat Outlook for 2019, one of the biggest IT trends to watch this year is the increasing sophistication of cybercrime and ransomware. And even as the volume of ransomware attacks is dropping, cybercriminals are finding new, more potent ways to be disruptive. An article in TechRepublic points to cryptojacking malware, which enables someone to hijack another's hardware without permission to mine cryptocurrency, as a growing threat for enterprise networks.

    To more effectively mitigate these risks, organizations could invest in automation as a component of their security plans. That’s because it takes time to investigate and resolve issues, in addition to applying controlled remediations across bare metal, virtualized systems, and cloud environments -- both private and public -- all while documenting changes.

  • Josh Bressers: Appsec isn’t people

    The best way to think about this is to ask a different but related question. Why don’t we have training for developers to write code with fewer bugs? Even the suggestion of this would be ridiculed by every single person in the software world. I can only imagine the university course “CS 107: Error free development”. Everyone would fail the course. It would probably be a blast to teach, you could spend the whole semester yelling at the students for being stupid and not just writing code with fewer bugs. You don’t even have to grade anything, just fail them all because you know the projects have bugs.

    Humans are never going to write bug free code, this isn’t a controversial subject. Pretending we can somehow teach people to write bug free code would be a monumental waste of time and energy so we don’t even try.

    Now it’s time for a logic puzzle. We know that we can’t train humans to write bug free code. All security vulnerabilities are bugs. So we know we can’t train humans to write vulnerability free code. Well, we don’t really know it, we think we can if you look at history. The last twenty years has had an unhealthy obsession with getting humans to change their behaviors to be “more secure”. The only things that have come out of these efforts are 1) nobody likes security people anymore 2) we had to create our own conferences and parties because we don’t get invited to theirs 3) they probably never liked us in the first place.

Linux-driven i.MX6 gateway offers 4G plus isolated serial and CANBus

Forlinx announced a compact “FCU1201” IoT gateway that runs Linux on an i.MX6 DualLite and offers 4G, WiFi/BT, LAN, CAN, HDMI, USB, serial, DIDO, and CANBus. Chinese embedded vendor Forlinx has unveiled a power-efficient FCU1201 IoT gateway equipped with NXP’s 1GHz, dual-core Cortex-A9 i.MX6 DualLite. Like the company’s i.MX6 UL-equipped FCU1101, the system combines extensive serial interfaces with wireless connectivity. Read more

Vulkan: SIGGRAPH 2019 News and NVIDIA Focus

  • NVIDIA Continues To Be Involved With Making Vulkan More Appropriate For Machine Learning

    NVIDIA engineers continue to be among those in the Vulkan technical sub-group working to advance machine learning for this API. Vulkan machine learning is being worked on for functionality like NVIDIA's DLSS, bots, character animations, and other functionality that can be tailored to machine learning in high frame-rate applications. There's also the benefit of Vulkan being an industry standard unlike CUDA and friends.

  • NVIDIA 435.17 Linux Beta Driver Adds Vulkan + OpenGL PRIME Render Offload

    NVIDIA this morning introduced their 435 Linux driver series currently in beta form with the release of the 435.17 Linux build. With this new driver comes finally the best PRIME/multi-GPU support they have presented to date. The NVIDIA 435.17 driver has a new PRIME render offload implementation supported for Vulkan and OpenGL (with GLX). This PRIME offloading is about using one GPU for display but having the actual rendering be done on a secondary GPU, as is common with many of today's high-end notebooks that have Intel integrated graphics paired with a discrete NVIDIA GPU.

  • Vulkan Video Decoding Coming In H1'2020, Ray-Tracing Progressing

    The Khronos Group has posted their material from the SIGGRAPH 2019 graphics conference and includes some interesting updates on Vulkan and their ongoing efforts. In addition to making Vulkan better for machine learning, ray-tracing and video decode are two other topics of interest to us.

Kernel: Linux, Mir, and the Linux Foundation's Hyperledger

  • Oracle's Kernel Test Framework Might Be Added To The Linux Kernel Tree

    Knut Omang of Oracle is working on integrating the Kernel Test Framework into the Linux kernel source tree/repository. The Kernel Test Framework is used for unit testing of the Linux kernel as well as different component testing of the code. Up to this point the Kernel Test Framework has been developed separate of the Linux kernel tree in order to allow for testing against arbitrary versions of the Linux kernel. Now, however, Oracle is wanting to get this kernel testing framework as part of the Linux kernel source tree.

  • Mir 1.4 Released With Fix For GTK3, Support For Exclusive Zones

    The Canonical team led by Alan Griffiths for maintaining the Mir display server with Wayland support today rolled out Mir version 1.4. Mir 1.4 brings support for the concept of exclusive zones to the MirAL layer, various Wayland layer shell improvements, making the MirClient socket optional, a fix for GTK3 handling, and various other Wayland handling improvements.

  • Essential Developer Guide for Building Blockchain Applications Using Hyperledger Sawtooth

    Hyperledger Sawtooth is an enterprise blockchain platform for building distributed ledger applications and networks. The design philosophy targets keeping ledgers distributed and making smart contracts safe, particularly for enterprise use. Sawtooth simplifies blockchain application development by separating the core system from the application domain. Application developers can specify the business rules appropriate for their application, using the language of their choice, without needing to know the underlying design of the core system. Sawtooth is also highly modular. This modularity enables enterprises and consortia to make policy decisions that they are best equipped to make. Sawtooth’s core design allows applications to choose the transaction rules, permissioning, and consensus algorithms that support their unique business needs.

Leaving Windows 7? Here are some non-Windows options.

Then there’s my own favorite: the Linux desktop. But while I love it, I’m well aware of the Linux desktop’s many problems. But recently the Linux community looks to be finally getting its act together. So now might be a good time to kick Linux’s tires. Personally, when it comes to the many distros, I favor Linux Mint. It’s good, secure and fast. It also has the advantage, from your perspective, of looking a good deal like Windows 7. That makes switching over to it easier than you might expect. But if you need corporate support, you’ll be better off with Red Hat Enterprise Linux Workstation or Canonical’s Ubuntu for desktop. You can, by the by, use Linux desktops with your existing Active Directory domains if that’s what’s stopping you from considering Linux. Which is best for you? Only you can answer that question. What I can say, though, is that these days you don’t have to just grit your teeth and shift over to the next version of Windows. Thanks in large part to the move to a SaaS model for nearly all applications, you have real desktop OS choices. Read more

