Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Sunday, 15 Jul 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

The car industry needs to embrace open source

Filed under
OSS

The race to develop software for the connected car market is heating up as consumers expect their vehicles to give them the same experience and ease of use that they have come to know with their smartphones.

The 2017 Autotrader Car Impact Study found that 53 percent of consumers expect their vehicles to offer the same level of technology as their phones, keeping them connected on the move.

Unfortunately, far too many of the automotive manufacturers and the other companies that are developing products for the connected car market are stuck in neutral, unable to produce software at a pace to stay competitive with smartphone level technology.

While the eventual goal for many of the companies in this space is aimed at coming out with the first road-ready autonomous vehicle, most of the current attention is geared towards writing code for infotainment systems, the combination of interfaces that provide services like navigation and streaming music or video to make those long commutes a little bit more bearable.

Read more

GNOME and GUADEC Leftovers

Filed under
GNOME
  • Description view

    Now, coming to the description view itself, along with displaying metadata objects like Developer, Publisher, Co-op, Release Date, Genre as GtkLabels, Cover is being displayed in a thumbnail view with the game’s title placed just below the thumbnail as a GtkLabel, additionally a game’s Rating is rounded off and shown as a Star Rating. Description is shown in a GtkScrolledWindow placed just adjacent to the thumbnail.

  • GUADEC 2018 Almeria – reflections

    Almeria was a grand time, as usual being able to connect with friends and acquaintances is a large part of what makes GUADEC special. I found all the evening events to be spectacular and full of surprises. The beach party was awesome, and the flamenco night was just spectacular. I was really moved by the music and the dancing. There was clearly a lot of different influences there.

  • Ruxandra Simion: GUADEC 2018

    I would like to begin this special blog post by congratulating everybody for contributing to a memorable GUADEC. This was my first time officially attending the GUADEC conference, after attending as a visitor some of the events held in Manchester during the GUADEC 20th edition last year, and this time it was truly an amazing experience.

    [...]

    I would like to thank through this blogpost the organising team for the effort and dedication put into holding the GUADEC conference in the beautiful city of Almeria. Without all of your hard work I would not be writing this post now.

    To the women of GNOME, thank you for kindly receiving me at the women’s dinner and sharing your experiences with me. I truly appreciate it, and I will try my best to keep in touch with you all and continue to share ideas and experiences with you.

    Thank you to everyone who interacted with me after delivering the lightning speech on modernising Five or More. It really means the world to me you came by to say hi, are willing to offer feedback, or even help with some aspects.

  • Nautilus and GTK+ 4

KDE: KDE’s Usability and Productivity, Qt WebChannel, Latte Dock and GSoC

Filed under
KDE
  • This week in Usability & Productivity, part 27

    Get ready for a humongous week for KDE’s Usability and Productivity initiative! KDE developers and contributors squashed a truly impressive number of bugs this week, all the while adding features and polishing the user interface.

  • New client languages for Qt WebChannel

    At the company I’m working at, we’re employing Qt WebChannel for remote access to some of our software. Qt WebChannel was originally designed for interfacing with JavaScript clients, but it’s actually very well suited to interface with any kind of dynamic language.

    We’ve created client libraries for a few important languages with as few dependencies as possible: pywebchannel (Python, no dependencies), webchannel.net (.NET/C#, depends on JSON.NET) and webchannel++ (header-only C++14, depends on Niels Lohmann’s JSON library).

  • Latte Dock 0.8 Released For This KDE-Aligned Desktop Dock

    Latte Dock 0.8 is now available as the latest feature update for this open-source, KDE-aligned desktop dock.

    Latte Dock 0.8 adds multiple task separators, new layout settings, new appearance settings, panel/dock mode changing, various new community layouts, larger badges, new command-line options, a number of Wayland improvements, new global shortcuts, and various other enhancements.

  • Latte Dock v0.8, "...a friendly smile..."

    Latte Dock v.0.8 released!!! The third stable release has just landed!

  • Eighth & Ninth week of coding phase, GSoC'18

    The API to interact with browser user-scripts. This will enable the plugin to create, register, remove, and get all the user-scripts loaded in the browser. Also the scripts registered by it will automatically gets unregistered when the plugin unloads.

  • GSoC 2018 – Coding Period (June 26th to July 15th): RAID on Linux

    I’ve passed in the second evaluation of Google Summer of Code 2018. I am ready for the third phase, but before that I’ll give some updates about how my progress with RAID on kpmcore is going. This post will explain how RAID management works on Linux.

Ubuntu MATE - Pimp your desktop to perfection

Filed under
Ubuntu

Ubuntu MATE has made a quantum leap of innovation in the past several months, offering a wealth of visual and functional changes and a mindblowing level of flexibility when it comes to customization. You really have the ability to implement anything and everything, and all of it natively, from within the system's interface. The list of options is so long that it can be overwhelming.

Hopefully, this little pimping guide puts some order into this fine and rich chaos. Ubuntu Bionic isn't the most refined distro, but it sure has the almost infinite possibilities to make it appear and behave how you want it. You can have a classic desktop one day and then a MAC-like thing the next and then Ubuntu Unity the day after that. It's all there, very slick, very elegant. Well, it's time for you to do some exploring. See you.

Read more

Games: Atari VCS, NEC, Pillars of Eternity II: Deadfire – Beast of Winter, State of Mind

Filed under
Gaming
  • Atari VCS RAM upgraded to 8GB and Atari confirm you can put a normal Linux distribution on it

    While I remain quite sceptical of the Atari VCS, I'm still pretty interested in it as a Linux gaming device. Atari recently did a Q&A blog post detailing some interesting information about it. The post is written by Rob Wyatt, the System Architect for the Atari VCS device. If the name Rob Wyatt doesn't ring a bell—they were the original Xbox system architect.

  • Atari VCS Product Q&A #1

    At this time the developer program is not open yet and it will come online in the coming months. If you have an application in mind you can start today, make sure it runs on Linux at HD resolution using standard runtime libraries, the changes from this to the AtariOS will be minimal and mostly related to application startup and application packaging. In the very near future we will release documentation on the AtariOS which will detail all the runtime components we support as well as libraries for Linux that mimic the AtariOS.

  • Is it worth $129 to relive your NES Duck Hunt glory days?

    But the folks behind the Modern Mallard Kickstarter campaign figured out a way to overcome this problem -- by using a speedy processor to rewrite the game's code in real time, counteracting the lag. The project includes a hardware mod for both the original Duck Hunt game cartridge and Zapper that makes it compatible with LCD, LED and OLED TVs. Note that the campaign doesn't include the game cartridge or Zapper, so you'll have to use your own.

    You can read more about how the mods work at the bottom of the Kickstarter page.

  • Pillars of Eternity II: Deadfire – Beast of Winter due out early next month

    The first piece of expansion content will be released 2 August. Expect to get caught up in a different realm, the Beyond, and face new enemies and puzzles.

  • Futuristic thriller 'State of Mind' has a new story trailer and releasing a day earlier than expected

    Daedalic Entertainment's futuristic thriller 'State of Mind' has a new story trailer out and a new release date.

    When we mentioned it last month, they gave us a release date of August 16th. However, they seem to have moved it forward as it's now going to release on August 15th. This will come with same-day Linux support!

Security Leftovers

Filed under
Security
  • Data breaches show we’re only three clicks away from anarchy

    An IT glitch afflicting BP petrol stations for three hours last Sunday evening might not sound like headline news. A ten-hour meltdown of Visa card payment systems in June was a bigger story — as was the notorious TSB computer upgrade cock-up that started on 20 April, which was still afflicting customers a month later and was reported this week to be causing ruptures between TSB and its Spanish parent Sabadell.

    Meanwhile, what do Fortnum & Mason, Dixons Carphone, Costa Coffee and its sister company Premier Inn have in common with various parts of the NHS? The answer is that they have all suffered recent large-scale ‘data breaches’ that may have put private individuals’ information at risk. IT Governance, a blog that monitors international news stories in this sphere, came up with a global figure of 145 million ‘records leaked’ last month alone. Such leaks are daily events everywhere — and a lesson of the TSB story was that cyber fraudsters are waiting to attack wherever private data becomes accessible, whether because of computer breakdown or lax data protection.

  • UK security researcher Hutchins makes renewed bid for freedom

    British security researcher Marcus Hutchins, who was arrested by the FBI last August over alleged charges of creating and distributing a banking trojan, has made a fresh bid to go free, claiming that the US has no territorial jurisdiction to file charges against him for alleged crimes committed elsewhere.

  • Common Ground: For Secure Elections and True National Security

    An open letter by Gloria Steinem, Noam Chomsky, John Dean, Governor Bill Richardson, Walter Mosley, Michael Moore, Valerie Plame, and others.

Containers or virtual machines: ​Which is more secure? The answer will surprise you

Filed under
Server
Security

Are virtual machines (VM) more secure than containers? You may think you know the answer, but IBM Research has found containers can be as secure, or more secure, than VMs.

James Bottomley, an IBM Research Distinguished Engineer and top Linux kernel developer, writes: "One of the biggest problems with the current debate about Container vs Hypervisor security is that no-one has actually developed a way of measuring security, so the debate is all in qualitative terms (hypervisors 'feel' more secure than containers because of the interface breadth) but no-one actually has done a quantitative comparison." To meet this need, Bottomley created Horizontal Attack Profile (HAP), designed to describe system security in a way that it can be objectively measured. Bottomley has discovered that "a Docker container with a well crafted seccomp profile (which blocks unexpected system calls) provides roughly equivalent security to a hypervisor."

Read more

Linux 4.18-rc5

Filed under
Linux

For some reason this week actually felt very busy, but the rc5 numbers
show otherwise. It's all small and calm, and things are progressing
nicely.

I think the "it felt busy" was partly due to me stressing out over a
nasty VM bug that turned out to have a trivial two-liner fix. But
there were also a fair amount of email threads for future stuff, so
that probably also made me feel last week was busier than the actual
rc5 tree shows.

Anyway, of what little happened in rc5 (see appended shortlog for
details), it's just a fairly random collection of smallish fixes all
over. About a third drivers (nothing in particular stands out - rdma,
usb, ata, mmc, sound) with the rest being some tooling (mostly perf),
some arch updates, some filesystem stuff (mostly reiserfs), some arch
fixlets (mips, arm[64], x86) and some misc core kernel (tracing, VM
fixes, timers, yadda yadda).

Read more

Also: Linux 4.18-rc5 Kernel Released: Regressions Continue To Be Tackled

TxFS Linux File-System Supports ACID Transactions, Simple API

Filed under
Linux

Presented at this past week's 2018 USENIX Annual Technical Conference (ATC18) was TxFS, the Texas Transactional File System for Linux.

Texas Transactional File System (TxFS) has been in the works for a number of years and is a transactional file-system that offers a simple API, wide range of hardware support, high performance while supporting ACID transactions, and relatively low complexity.

TxFS has been worked on by the University of Texas at Austin as well as VMware Research. Papers on TxFS have been published before but their ATC18 paper can be found here (PDF).

One of the professors involved in this work has also tweeted some different remarks including the file-system is down to just five thousand lines of code by utilizing the file-system journal, how they provided isolation for TxFS transactions, and its very simple API of just three system calls.

Read more

Red Hat Enterprise Linux 6 & CentOS 6 Patched Against Spectre V4, Lazy FPU Flaws

Filed under
Red Hat
Security

Users of the Red Hat Enterprise Linux 6 and CentOS Linux 6 operating system series received important kernel security updates that patch some recently discovered vulnerabilities.

Now that Red Hat Enterprise Linux 7 and CentOS Linux 7 operating system series were patched against the Spectre Variant 4 (CVE-2018-3639) security vulnerability, as well as the Lazy FPU State Save/Restore CPU flaw, it's time for Red Hat Enterprise Linux 6 and CentOS Linux 6 to receive these important security updates, which users can now install them on their computers.

Read more

openSUSE Tumbleweed Users Get LibreOffice 6.1, Mozilla Firefox 61, and FFmpeg 4

Filed under
SUSE

The month of July 2018 was pretty busy for the openSUSE Tumbleweed development team, and the first two weeks of the month already delivered dozens of updates and security fixes.

openSUSE developer Dominique Leuenberger reports that a total of nine snapshots have been released in July 2018 for the openSUSE Tumbleweed Linux operating system series, which follows a rolling release model where users install once and receive updates forever. As expected, these 9 snapshots bring numerous updates and bugfixes.

Read more

today's leftovers

Filed under
Misc

Linux Kernel/Foundation

Filed under
Linux
  • Linux Foundation Brings Power of Open Source to Energy Sector

    The Linux Foundation launched on July 12 its latest effort—LF Energy, an open-source coalition for the energy and power management sector.

    The LF Energy coalition is being backed by French transmission system operation RTE, Vanderbilt University and the European Network of Transmission System Operators (ENTSO-E). With LF Energy, the Linux Foundation is aiming to replicate the success it has seen in other sectors, including networking, automotive, financial services and cloud computing.

  • Marek Squeezes More Performance Out Of RadeonSI In CPU-Bound Scenarios

    AMD's leading open-source RadeonSI Gallium3D developer, Marek Olšák, sent out a new patch series this week aiming to benefit this Radeon OpenGL driver's performance in CPU-bound scenarios.

    The patch series is a set of command submission optimizations aimed to help trivial CPU-bound benchmarks to varying extents. In the very trivial glxgears, the patch series is able to improve the maximum frame-rates by around 10%.

  • Intel Sends In A Final Batch Of DRM Feature Updates Targeting Linux 4.19

    After several big feature pull requests of new "i915" Intel DRM driver features landing in DRM-Next for Linux 4.19, the Intel open-source developers have sent in what they believe to be their last batch of feature changes for queuing this next kernel cycle.

OSS Leftovers

Filed under
OSS
  • Open source governance accelerates innovation [Ed: Evolution of the tactics by which anti-FOSS proprietary software firms, Sonatype in this case, try to sell their 'wares']
  • GitHub Enterprise 2.14 brings unified search of cloud and local
  • GitHub Enterprise 2.14 is ‘open goodness’ behind an enterprise firewall
  • DragonFly BSD Lead Developer Preaches The Blessing Of SSDs

    DragonFlyBSD lead developer Matthew Dillon has provided an update on the open-source operating system project's infrastructure and acknowledging the SSD upgrades that are noticeably beneficial over HDDs.

    DragonFlyBSD has recently been replacing various HDDs with SSDs in their build machines and other systems having an important presence in their infrastructure. Following these storage upgrades, things have been running great and ultimately should deliver a snappier experience for users and developers.

  • Binutils 2.31 Offers Faster DLL Linking For Cygwin/Mingw, Freescale S12Z Support

    A new release of the Binutils collection of important tools is now available with a number of new features and improvements.

    Binutils 2.31 contains work like direct linking with DLLs for Cygwin/Mingw targets now being faster, AArch64 disassembler improvements, MIPS GINV and CRC extension support, Freescale S12Z architecture support, the x86 assembler now supports new command line options to enable alternative shorter instruction encodings, and the Gold linker now supports Intel Indirect Branch Tracking and Shadow Stack instructions.

  • GCC 8/9 Land Fix For "-march=native" Tuning On Modern Intel CPUs

    The other day we reported on a GCC 8 regression where Skylake and newer CPUs with "-march=native" haven't been performance as optimally as they should be. Fortunately, that patch was quickly landed into the GCC SVN/Git code for GCC 9 as well as back-ported to GCC 8.

    In the GCC 8.1 release and mainline code since April, as the previous article outlined, when using "-march=native" as part of the compiler flags with GCC the full capabilities of the CPU haven't been leveraged. This affects Intel Skylake CPUs and newer generations, including yet to be released hardware like Cannonlake and Icelake.

  • ARM Kills Its RISC-V FUD Website After Staff Revolt

    ARM is under fire for the way it attempted to kneecap a fledgling open-source hardware project, and has retreated from its own line of attack after several days. ARM had launched a website, riscv-basics.com, which purported to offer “real” information on the rival ISA. As one might expect, the “information” on display was a bit less neutral than a visitor might hope for. Taking this kind of shot against an open-source hardware project also struck many in the OSS community as being in exceptionally poor taste, given how critical open source software has been to ARM’s overall success and visibility.

    First, a bit of background: RISC-V is an open-source ISA based on RISC principles and is intended to eventually provide flexible CPU cores for a wide variety of use-cases. By using the BSD license, the RISC-V teams hope to allow for a greater range of projects that support both open and proprietary CPU designs. RISC-V CPUs are already available today in a range of roles and capabilities. Despite some modest initial success, RISC-V, today, isn’t even a rounding error in CPU marketshare measurements. It’s certainly no threat to ARM, which enjoys the mother of all vendor lock-ins measured in per-device terms.

  • Python boss Guido van Rossum steps down after 30 years

     

    He lays out a list of things that the users will need to consider going forwards like who has banning rights and who inducts noobs to the core developer team, but its laid out in a context of ‘do what you want but keep me out of it'.
     

    "I'll still be here, but I'm trying to let you all figure something out for yourselves. I'm tired, and need a very long break."

Nintendo Found a Way to Patch an Unpatchable Coldboot Exploit in Nintendo Switch

Filed under
Security
Gadgets

If you plan on buying a Nintendo Switch gaming console to run Linux on it using the "unpatchable" exploit publicly disclosed a few months ago, think again because Nintendo reportedly fixed the security hole.

Not long ago, a team of hackers calling themselves ReSwitched publicly disclosed a security vulnerability in the Nvidia Tegra X1 chip, which they called Fusée Gelée and could allow anyone to hack a Nintendo Switch gaming console to install a Linux-based operating system and run homebrew code and apps using a simple trick.

Read more

Winds – RSS and Podcast software created using React / Redux / Node

Filed under
Software
Reviews

Winds is billed as a beautiful, modern, open-source RSS Reader and Podcast app. It’s certainly garnishing attention among open source enthusiasts. It’s picked up over 5,000 stars on GitHub, so I’ve been putting this JavaScript software through its paces.

Winds is cross-platform software. There are desktop apps available for Linux, macOS and Windows. There’s also a web version. The software is released under an open source license (BSD-3-Clause). It’s developed by GetStream.io (Stream), a Venture Capital backed company based in the US and the Netherlands.

Read more

Also: Alacritty – A Fastest Terminal Emulator for Linux

GNOME: Pitivi, Gitlab CI, Flatpak and Mutter

Filed under
GNOME
  • Harish Fulara: [GSoC 2018] Welcome Window Integration in Pitivi – Part 4

    The next and the last task under “Welcome Window Integration in Pitivi” as per my GSoC project is to integrate project thumbnails in recent projects list. I am currently working on this task and hope to finish it by next week.

  • Application screenshots with Gitlab CI

    The fresh new tooling used for development in the GNOME project (gitlab, meson, docker, flatpak) has a lots of potential

  • Matthias Clasen: The Flatpak BoF at Guadec

    Here is a quick summary of the Flatpak BoF that happened last week at Guadec.

  • Flatpak 1.0 Is En Route For Linux App Sandboxing & Easy Program Distribution

    At the recent GUADEC 2018 conference in Spain, GNOME developers plotted the imminent Flatpak 1.0 release as well as what's coming after the big 1.0 milestone.

  • More Mutter Performance Tuning Work Landing For GNOME 3.30

    GNOME 3.30 is looking like Mutter will be quite fit with the ability to remove its dependence on X11 code and various performance tuning optimizations. On top of already landed performance work in recent months, more optimizations have just landed and it looks like more could still be on the way.

    Most recently, as of this morning, this two month old GitLab request was merged about re-using paint volumes. From the last commit it explains, "Cuts down approximately all paint volume calculations when there's windows that redraw frequently, but don't move."

Release of KDE Frameworks 5.48.0

Filed under
KDE
  • Release of KDE Frameworks 5.48.0

    July 14, 2018. KDE today announces the release of KDE Frameworks 5.48.0.

    KDE Frameworks are 70 addon libraries to Qt which provide a wide variety of commonly needed functionality in mature, peer reviewed and well tested libraries with friendly licensing terms. For an introduction see the Frameworks 5.0 release announcement.

  • KDE Frameworks 5.48 Brings KWayland Fixes & Many Other Improvements

    KDE Frameworks 5.48 is now the latest monthly update to this collection of add-on libraries complementing Qt5.

Syndicate content

More in Tux Machines

Ubuntu MATE - Pimp your desktop to perfection

Ubuntu MATE has made a quantum leap of innovation in the past several months, offering a wealth of visual and functional changes and a mindblowing level of flexibility when it comes to customization. You really have the ability to implement anything and everything, and all of it natively, from within the system's interface. The list of options is so long that it can be overwhelming. Hopefully, this little pimping guide puts some order into this fine and rich chaos. Ubuntu Bionic isn't the most refined distro, but it sure has the almost infinite possibilities to make it appear and behave how you want it. You can have a classic desktop one day and then a MAC-like thing the next and then Ubuntu Unity the day after that. It's all there, very slick, very elegant. Well, it's time for you to do some exploring. See you. Read more

Games: Atari VCS, NEC, Pillars of Eternity II: Deadfire – Beast of Winter, State of Mind

  • Atari VCS RAM upgraded to 8GB and Atari confirm you can put a normal Linux distribution on it
    While I remain quite sceptical of the Atari VCS, I'm still pretty interested in it as a Linux gaming device. Atari recently did a Q&A blog post detailing some interesting information about it. The post is written by Rob Wyatt, the System Architect for the Atari VCS device. If the name Rob Wyatt doesn't ring a bell—they were the original Xbox system architect.
  • Atari VCS Product Q&A #1
    At this time the developer program is not open yet and it will come online in the coming months. If you have an application in mind you can start today, make sure it runs on Linux at HD resolution using standard runtime libraries, the changes from this to the AtariOS will be minimal and mostly related to application startup and application packaging. In the very near future we will release documentation on the AtariOS which will detail all the runtime components we support as well as libraries for Linux that mimic the AtariOS.
  • Is it worth $129 to relive your NES Duck Hunt glory days?

    But the folks behind the Modern Mallard Kickstarter campaign figured out a way to overcome this problem -- by using a speedy processor to rewrite the game's code in real time, counteracting the lag. The project includes a hardware mod for both the original Duck Hunt game cartridge and Zapper that makes it compatible with LCD, LED and OLED TVs. Note that the campaign doesn't include the game cartridge or Zapper, so you'll have to use your own.

    You can read more about how the mods work at the bottom of the Kickstarter page.

  • Pillars of Eternity II: Deadfire – Beast of Winter due out early next month
    The first piece of expansion content will be released 2 August. Expect to get caught up in a different realm, the Beyond, and face new enemies and puzzles.
  • Futuristic thriller 'State of Mind' has a new story trailer and releasing a day earlier than expected
    Daedalic Entertainment's futuristic thriller 'State of Mind' has a new story trailer out and a new release date. When we mentioned it last month, they gave us a release date of August 16th. However, they seem to have moved it forward as it's now going to release on August 15th. This will come with same-day Linux support!

Security Leftovers

  • Data breaches show we’re only three clicks away from anarchy
    An IT glitch afflicting BP petrol stations for three hours last Sunday evening might not sound like headline news. A ten-hour meltdown of Visa card payment systems in June was a bigger story — as was the notorious TSB computer upgrade cock-up that started on 20 April, which was still afflicting customers a month later and was reported this week to be causing ruptures between TSB and its Spanish parent Sabadell. Meanwhile, what do Fortnum & Mason, Dixons Carphone, Costa Coffee and its sister company Premier Inn have in common with various parts of the NHS? The answer is that they have all suffered recent large-scale ‘data breaches’ that may have put private individuals’ information at risk. IT Governance, a blog that monitors international news stories in this sphere, came up with a global figure of 145 million ‘records leaked’ last month alone. Such leaks are daily events everywhere — and a lesson of the TSB story was that cyber fraudsters are waiting to attack wherever private data becomes accessible, whether because of computer breakdown or lax data protection.
  • UK security researcher Hutchins makes renewed bid for freedom

    British security researcher Marcus Hutchins, who was arrested by the FBI last August over alleged charges of creating and distributing a banking trojan, has made a fresh bid to go free, claiming that the US has no territorial jurisdiction to file charges against him for alleged crimes committed elsewhere.

  • Common Ground: For Secure Elections and True National Security

    An open letter by Gloria Steinem, Noam Chomsky, John Dean, Governor Bill Richardson, Walter Mosley, Michael Moore, Valerie Plame, and others.

Containers or virtual machines: ​Which is more secure? The answer will surprise you

Are virtual machines (VM) more secure than containers? You may think you know the answer, but IBM Research has found containers can be as secure, or more secure, than VMs. James Bottomley, an IBM Research Distinguished Engineer and top Linux kernel developer, writes: "One of the biggest problems with the current debate about Container vs Hypervisor security is that no-one has actually developed a way of measuring security, so the debate is all in qualitative terms (hypervisors 'feel' more secure than containers because of the interface breadth) but no-one actually has done a quantitative comparison." To meet this need, Bottomley created Horizontal Attack Profile (HAP), designed to describe system security in a way that it can be objectively measured. Bottomley has discovered that "a Docker container with a well crafted seccomp profile (which blocks unexpected system calls) provides roughly equivalent security to a hypervisor." Read more