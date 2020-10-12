Fedora and Red Hat Leftovers
Web of Trust, Part 1: Concept
Every day we rely on technologies who nobody can fully understand. Since well before the industrial revolution, complex and challenging tasks required an approach that broke out the different parts into smaller scale tasks. Each resulting in specialized knowledge used in some parts of our lives, leaving other parts to trust in skills that others had learned. This shared knowledge approach also applies to software. Even the most avid readers of this magazine, will likely not compile and validate every piece of code they run. This is simply because the world of computers is itself also too big for one person to grasp.
Still, even though it is nearly impossible to understand everything that happens within your PC when you are using it, that does not leave you blind and unprotected. FLOSS software shares trust, giving protection to all users, even if individual users can’t grasp all parts in the system. This multi-part article will discuss how this ‘Web of Trust’ works and how you can get involved.
But first we’ll have to take a step back and discuss the basic concepts, before we can delve into the details and the web. Also, a note before we start, security is not just about viruses and malware. Security also includes your privacy, your economic stability and your technological independence.
Sandboxing inside the sandbox: No rogue thumbnailers inside Flatpak
A couple of years ago, we sandboxed thumbnailers using bubblewrap to avoid drive-by downloads taking advantage of thumbnailers with security issues.
It's a great tool, and it's a tool that Flatpak relies upon to create its own sandboxes. But that also meant that we couldn't use it inside the Flatpak sandboxes themselves, and those aren't always as closed as they could be, to support legacy applications.
We've finally implemented support for sandboxing thumbnailers within Flatpak, using the Spawn D-Bus interface (indirectly).
This should all land in GNOME 40, though it should already be possible to integrate it into your Flatpaks.
Automating the edge: Connecting a variety of devices, applications and data
The IT world we know today is currently going through a phase of decentralization: computation is moving closer to where the data is generated. This means gathering and processing data closer to application, also known as edge computing.
In this new world, devices and services are managed outside the traditional management sphere: platforms are pushed outside the data center, devices are spread across huge areas in inaccessible locations and applications run on demand closer to the data.
Hands on vDPA: what do you do when you ain't got the hardware
In the previous post the internals of the vDPA kernel framework were covered. Putting the theory aside, the proof is in the pudding so now it’s time to get our hands dirty and try vDPA out. The obvious issue is the vDPA is a HW based feature requiring vendor NICs that support it. So how can we test vDPA when we don’t have such cards? What can we use instead of real hardware?
The answer is a vDPA simulator. The vDPA simulator is a software test device with an IOMMU that is "emulated on a chip." The vDPA device simulator will loopback TX traffic to its RX. The main use cases for the simulated device are feature testing, prototyping and development. With this simulated device, you can set up your own vDPA test/development environment in minutes!
Security Leftovers
IVPN Released a GUI Client App for the Linux Platform
IVPN is giving its Linux audience some love, as they have just released a GUI (graphical user interface) app for the platform. The particular VPN (virtual private network) vendor has only recently embraced Linux with a command-line app, but the time for something more user-friendly has come. Many Linux users are used to firing up the terminal to do whatever they need to do, as the power of the command line is undeniable. However, this is not the case for every Linux user nowadays, and having a comfortable GUI client app for your VPN service is nice.
today's howtos
Why Congress should invest in open-source software
In response to past crises, investments in physical infrastructure have helped the United States recover and thrive after significant challenges. After both the Great Depression and the Great Recession, for example, increased investment in transportation infrastructure was a key part of bringing the American economy back from disaster. The COVID-19 pandemic and its attendant economic crisis requires a similarly significant response, but it also asks of lawmakers to consider what is next. We can’t just invest in highways—we also need to invest in the technology underpinning the information superhighway. To rebuild from one of the greatest challenges of our time, the United States must invest both in physical and digital infrastructure to secure its recovery. For the last few years, both Democrats and Republicans have called for major infrastructure investments, only for them not to materialize. These efforts to fund infrastructure investment have focused on the physical world—highways, railroads, bridges. While those are important areas for investment, we must not forget the equal importance of digital infrastructure, especially the free and open-source software (FOSS) that is built mostly by volunteer labor and underpins the digital world. FOSS is even working its way into the physical world, as it is built into our phones, cars, and refrigerators. FOSS began in the 1980s as an effort to give developers the ability to tinker with and alter software, which was prevented by most software vendors at the time. This led to the “free” in FOSS being defined as “Free as in Free Speech, not as in Free Beer,” although frequently the software was also free of costs. For years, FOSS was primarily the domain of hobbyists, but as computing and the internet became a larger part of daily life, so too did FOSS. The untiring efforts of countless volunteers collaborating remotely eventually led to a robust FOSS ecosystem. Now, FOSS underpins the entire digital economy in the form of operating systems (Linux, Android, etc.), databases (MySQL, PostgreSQL, MongoDB, etc.), and big data and artificial intelligence software (Hadoop, TensorFlow, etc.). Multi-billion dollar companies are regularly built on the back of FOSS. Even Microsoft, whose leadership once called Linux “a cancer” and equated it to communism, has now embraced FOSS and uses it as the core of its Azure cloud computing offering.
