Devices: Security, Microsoft, ASRock and QNAP

• The Cybersecurity Weakest Link – Linux and IOT

  Linux is not only the backbone of the internet and the Android operating system, it is now expanding into domestic appliances, motor vehicles and pretty much anything else that requires a minimal operating system to run dedicated software. The Internet of Things is very much The Internet of Things Powered by Linux. But when Chrysler announced a recall of 1.4 million vehicles back in 2016 after a pair of hackers demonstrated a remote hijack of a Jeep’s digital systems, the risks involved with hacking IoT devices were dramatically illustrated. So what does the rise of Linux and IoT mean for Cybersecurity in the Enterprise? Let’s take a look.

• Microsoft buys Express Logic, adds a third operating system to its IoT range [Ed: Microsoft Peter on Microsoft swallowing another Linux company because Windows is unfit for purpose]

  Not content with having a Windows-based Internet of Things platform (Windows 10 IoT) and a Linux-based Internet of Things platform (Azure Sphere), Microsoft has added a third option. The company has announced that it has bought Express Logic and its ThreadX real-time operating system for an undisclosed sum. [...] Linux can be built with various options to offer more predictable behavior and so can address some similar scenarios. But ThreadX has another big advantage up its sleeve: it's tiny. A minimal ThreadX installation takes 2,000 bytes of storage and needs 1KB of RAM, far less than Linux can use. By way of comparison, Microsoft's Sphere hardware (which uses a custom-designed ARM processor with various security features embedded) has 4MB of RAM for applications and 16MB of storage. There are an estimated 6.2 billion deployments of ThreadX running on several dozen different kinds of processor or microcontroller.

• World’s first AMD-based NUC mini-PC showcases Ryzen R1000

  ASRock Linux-ready “iBox-R1000” industrial PC and “NUC-R1000” mainboard provide the new AMD Ryzen Embedded R1000 SoC in a 4×4 NUC form-factor with up to 32GB DDR4, 2x GbE, 3x USB 3.1, triple 4K displays, and 2x M.2 slots. In a renewed rivalry with Intel reignited by the success of its Ryzen line of processors, AMD has started to get a bit cheeky with its larger rival. Its latest provocation is the launch (via partner ASRock Industrial) of the first 4×4 (also called 4″x4″) NUC form-factor mini-PC based on an AMD processor. As noted in the Tom’s Hardware story that alerted us to the iBox-R1000 and the board-level NUC-R1000, the NUC label “isn’t technically accurate” since it’s an Intel brand that defines a certain class of mini-PC that uses Intel processors. [...] The ASRock product page notes only Windows 10, support, but the announcement also says it supports Linux kernel 4.18 and above.

• QNAP Linux Station Supports Ubuntu 18.04 LTS

  QNAP® Systems, Inc. today announced that Linux Station is fully integrated with Ubuntu® 18.04 LTS, allowing users to enjoy the brand-new GNOME GUI desktop with higher security and easily install apps (including LibreOffice 6.0, Inkscape, and multimedia applications) from the Software Center. Linux Station provides one-click installation of multiple versions of Ubuntu, and brings a streamlined NAS and Ubuntu PC experience when using an HDMI-equipped QNAP NAS with a keyboard and mouse. Linux Station also supports remote desktop connection with audio output. As QNAP is dedicated to leverage open-source software for a better user experience, Linux Station also adds support for Ubuntu Kylin - the official Chinese version of Ubuntu. “QNAP exclusively incorporates Ubuntu into NAS applications to give users multiple benefits from using QTS and Ubuntu applications,” said Judy Chen, Product Manager of QNAP, adding “The increasingly diverse applications in Linux Station allows users to freely utilize cross-platform, open-source software, such as multimedia applications and Inkscape.”

GNU Spotlight with Mike Gerwitz and Meetup With the FSF's John Sullivan and Donald Robertson

• GNU Spotlight with Mike Gerwitz: 13 new GNU releases!

  coreutils-8.31 ddrescue-1.24 dr-geo-19.2 gnuhealth-3.4.1 gnupg-2.2.15 help2man-1.47.10 librejs-7.19 linux-libre-5.0-gnu mit-scheme-10.1.6 nano-4.0 octave-5.1.0 parallel-20190322 unifont-12.0.01

• Meetup - with the FSF's John Sullivan and Donald Robertson, III (Bellingham, WA)

  Free Software Foundation (FSF) executive director John Sullivan and licensing & compliance engineer Donald Robertson, III, will be hosting a meetup in Bellingham, WA, to show appreciation for your support of the FSF's work and to provide you with an opportunity to meet other FSF members and supporters. They will give a brief update on what the FSF is currently working on and will be curious to hear your thoughts, as well as answer any questions you may have.

Programming: imapautofiler, Red Hat Decision Manager, AiC, Python-moa, WebAssembly/Python

• imapautofiler 1.8.0

  imapautofiler applies user-defined rules to automatically organize messages on an IMAP server.

• Modern business logic tooling workshop, lab 3: Create a domain model

  Since starting to update my free online rules and process automation workshops that showcase how to get started using modern business logic tooling, we’ve come a long way with process automation. The updates started with moving from JBoss BPM to Red Hat Decision Manager and from JBoss BPM Suite to Red Hat Process Automation Manager. The first lab update showed how to install Red Hat Decision Manager on your laptop, and the second lab showed how to create a new project. This article highlights the newest lab update for Red Hat Process Automation Manager, where you’ll learn how to create a domain model.

• AiC: Adventures in consensus

  In the talk I gave at Rust LATAM, I said that the Rust project has always emphasized finding the best solution, rather than winning the argument. I think this is one of our deepest values. It’s also one of the hardest for us to uphold. Let’s face it – when you’re having a conversation, it’s easy to get attached to specific proposals. It’s easy to have those proposals change from “Option A” vs “Option B” to “my option” and “their option”. Once this happens, it can be very hard to let them “win” – even if you know that both options are quite reasonable. This is a problem I’ve been thinking a lot about lately. So I wanted to start an irregular series of blog posts entitled “Adventures in consensus”, or AiC for short. These posts are my way of exploring the topic, and hopefully getting some feedback from all of you while I’m at it. This first post dives into what a phrase like “finding the best solution” even means (is there a best?) as well as the mechanics of how one might go about deciding if you really have the “best” solution. Along the way, we’ll see a few places where I think our current process could do better.

• Quansight Labs Blog: MOA: a theory for composable and verifiable tensor computations

  Python-moa (mathematics of arrays) is an approach to a high level tensor compiler that is based on the work of Lenore Mullins and her dissertation. A high level compiler is necessary because there are many optimizations that a low level compiler such as gcc will miss. It is trying to solve many of the same problems as other technologies such as the taco compiler and the xla compiler. However, it takes a much different approach than others guided by the following principles.

• The Human in Devops

  This week a mild epiphany came to me right after a somewhat heated and tense meeting with a team of developers plus project owner of a web project. They were angry and they were not afraid to show it. They were somewhat miffed about the fact that the head wrote them an email pretty much forcing them to participate to make our DevOps initiative a success. All kinds of expletive words were running through my head in relation to describing this team of flabby, tired looking individuals in front of me, which belied the cool demeanour and composure that I was trying so hard to maintain. It happened. In the spur of the moment I too got engulfed in a sea of negativity and for a few minutes lost site of what is the most important component or pillar in a successful DevOps initiative. The people. "What a bunch of mule heads !" I thought. It's as plain as day, once this initiative is a success everybody can go home earlier and everything will be more predictable and we can do much much more than we could before. "Why are you fighting this ?!" I was ready to throw my hands up in defeat when it finally dawned on me.

• Python Bytes: #126 WebAssembly comes to Python