Language Selection

English French German Italian Portuguese Spanish

Server

Security, FUD, Openwashing and Threats

Filed under
Server
Security
  • Security updates for Tuesday

    Security updates have been issued by Debian (curl and otrs2), Fedora (NetworkManager-ssh and python-psutil), Mageia (ipmitool, libgd, libxml2_2, nextcloud, radare2, and upx), openSUSE (inn and sudo), Oracle (kernel, ksh, python-pillow, and thunderbird), Red Hat (curl, kernel, nodejs:10, nodejs:12, procps-ng, rh-nodejs10-nodejs, ruby, and systemd), SUSE (dpdk, firefox, java-1_7_1-ibm, java-1_8_0-ibm, libexif, libvpx, nodejs10, nodejs8, openssl1, pdsh, slurm_18_08, python-azure-agent, python3, and webkit2gtk3), and Ubuntu (libapache2-mod-auth-mellon, libpam-radius-auth, and rsync).

  • New Critical RCE Bug in OpenBSD SMTP Server Threatens Linux Distros [Ed: Typical FUD associating "Linux" with a package that GNU/Linux distros do not come with]

    Security researchers have discovered a new critical vulnerability in the OpenSMTPD email server. An attacker could exploit it remotely to run shell commands as root on the underlying operating system.

  • New OpenSMTPD RCE Flaw Affects Linux and OpenBSD Email Servers [Ed: Again attributing to operating systems bugs in pertinent packages they may not even have]

    OpenSMTPD has been found vulnerable to yet another critical vulnerability that could allow remote attackers to take complete control over email servers running BSD or Linux operating systems.
    OpenSMTPD, also known as OpenBSD SMTP Server, is an open-source implementation of the Simple Mail Transfer Protocol (SMTP) to deliver messages on a local machine or to relay them to other SMTP servers.
    It was initially developed as part of the OpenBSD project but now comes pre-installed on many UNIX-based systems.

  • Y2K bug has a 2020 echo

    The New Scientist reports on problems with software caused by an echo of the Y2K bug that had every excited in the late 1990s.

    It turns out one of the fixes then was to kick various software cans down the road to 2020. In theory that gave people 20 years to find long term answers to the problems. In some cases they might have expected software refreshes to have solved the issue.

    [...]

    This happens because Unix time started on January 1 1970. Time since then is stored as a 32-bit integer. On January 19 2038, that integer will overflow.

    Most modern applications and operating systems have been patched to fix this although there are some compatibility problems. The real issue comes with embedded hardware, think of things like medical devices, which will need replacing some time in the next 18 years.

  • The “Cloud Snooper” malware that sneaks into your Linux servers [Ed: They don't want to mention that people actually need to install this malware on GNU/Linux for dangers to become viable. Typical Sophos FUD/sales.]
  • Cybersecurity alliance launches first open source messaging framework for security tools [Ed: Openwash of proprietary software firms]

    Launched by the Open Cybersecurity Alliance (OCA), a consortium of cybersecurity vendors including IBM, Crowdstrike, and McAfee, on Monday, the OCA said that OpenDXL Ontology is the "first open source language for connecting cybersecurity tools through a common messaging framework."

  • Microsoft uses its expertise in malware to help with fileless attack detection on Linux [Ed: Truly laughable stuff as Microsoft specialises in adding back doors, then abusing those who speak about it]
  • Azure Sphere, Microsoft's Linux-Powered IoT Security Service, Launches [Ed: Microsoft is Googlebombing "Linux" again; you search for Linux news, you get Microsoft Azure (surveillance) and proprietary malware, instead.]

Aiven Nets Money for Cloudwashing (Closing) of Free Software

Filed under
Server
OSS

Servers News and Linux Foundation

Filed under
Server
  • The 15 Best Cloud OS to Use in 2020: The Experts’ Recommendation

    Joli cloud operating system is a multiuser, cross-browser user-friendly Web Desktop Environment. This web operating system comes with a set of interesting applications of web office that makes the system more versatile. It is a multiuser system that can be installed on LAMP ( Linux/Apache/MySQL/Perl) and is an independent platform.

  • Google, IBM Join Forces to Take on Cloud Leaders

    After locking horns last year, Google and IBM are now collaborating to catch their larger cloud services competitors.

    Whether the union is a strategic masterstroke or a marriage of convenience, it promises greater flexibility for enterprise customers making the shift to so-called “compute and storage” services in the cloud.

  • Tachyum Running Apache is a Key Milestone for Prodigy Universal Processor Software Stack

    Semiconductor startup Tachyum Inc. today announced that it has completed another critical stage in software development by successfully achieving an Apache web server port to Prodigy Universal Processor Instruction Set Architecture (ISA). This latest milestone by Tachyum’s software team brings the company’s Prodigy Universal Processor one step closer to being customer-ready in anticipation of its commercial launch in 2021.

    After its successful GNU toolchain port and the creation of multiple simulation environments to execute Prodigy’s native ISA in 2018, Tachyum’s software developers concentrated on achieving their first successful Linux kernel port in 2019. After confirming the kernel’s functionality, the team moved on to GNU userland open source applications porting.

  • How High Performance Computing is Powering the Age of Genomic Big Data

    What does bacteria, a blade of grass and the human body have in common? On the surface, very little. But given the title of this blog, you’re probably way ahead of me.

  • Kubernetes administration policy made easy with brewOPA

    Cloud-native computing -- with such technologies as Kubernetes, service-mesh, and continuous integration and continuous delivery (CI/CD) -- is revolutionizing IT. But managing can still be a major pain in the server. That's where Open Policy Agent (OPA), an open-source Cloud Native Computing Foundation (CNCF) project, comes in. But it has its own steep learning curve. Cyral with brewOPA wants to ease their climb and make managing policies across cloud-native platforms much easier.

  • Linux Foundation Training Announces a Free Online Course- Ethics in AI and Big Data

    The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the availability of a new, free course – Ethics in AI and Big Data. This course is offered through edX, the trusted platform for learning.

    The Fourth Industrial Revolution is upon us; the physical, digital, and biological worlds are being fused in a way that has a tremendous impact on our global culture and economy. It is no secret that people, machines, data, and processes are increasingly connected in today’s world. While technological advancements like AI bring along promises and opportunities, they also raise concerns about security, user privacy, data misuse, and more. Trust is critical when it comes to AI adoption. People have a tendency to distrust artificial intelligence. It is the responsibility of business and data professionals to change that: add transparency, develop standards and share best practices to build trust, and drive AI adoption. A recent IBM study highlights that globally, 78% of respondents believe “it is very or critically important that they can trust that their AI’s output is fair, safe, and reliable.”

Servers and CMS Leftovers (HPCC, Weblate and AgoraCart)

Filed under
Server
OSS
Web
  • Stanford Student Program Gives Supercomputers a Second Life

    Despite their incredible capabilities, today’s supercomputers typically only have three years of operating life before they need an upgrade. With the march of Moore’s Law, faster, more efficient systems are always waiting to replace them.
    A novel program at Stanford is finding a second life for used HPC clusters, providing much-needed computational resources for research while giving undergraduate students a chance to learn valuable career skills. To learn more, we caught up with Dellarontay Readus from the Stanford High Performance Computing Center (HPCC).

  • 30 projects migrated their translation to Weblate, what about yours?

    The localization community gave it’s approval: Weblate fits our expectations. Many projects have already migrated. It’s time for yours to migrate, because the next Fedora release will mark the end of the old translation platform.

  • AgoraCart "Route 66" Version Released

    I have avoided any spotlight in the Perl community after negative experiences early on but at the urging of Gabor Szabo over at PerlMaven.com, I realized that I should not care if I am not the normal Perl community member/developer. As a result, announcements on Perl type groups was skipped until now. So here's to new beginnings.

    I love the flexibility of Perl and hated the feeling that I was giving up on it as other languages rose in popularity and Perl seemed to surrender from the web on its own accord. I restarted development of the new version of AgoraCart during my masters degree coursework, and kept grinding on the development and testing for another 2+ years. This release marks a huge milestone, for AgoraCart and for me personally. I basically gave up on AgoraCart for a few years (motivation to work on it came and went like the changes in the wind after a family tragedy).

Servers: GNU/Linux, Microsoft Hypocrisy/Lies, Kubernetes and Clown Computing

Filed under
Server
  • What's the source of sluggish career advancement for Linux system administrators?

    I know a lot of Linux sysadmins who work 60, 70, or more hours per week who rarely see the light of day and even more, rarely see a bonus or hear a "thank you." It's no wonder there's massive burnout and job turnover, but now it's time to get to the heart of the problem and find out why. Career mobility and advancement are two big reasons and I suspect that others feel that same pain. Let's find out the source of the career advancement question.

  • Microsoft, Google, Amazon – Who’s the Biggest Climate Hypocrite?

    Some of the world’s biggest tech companies want you to know they take climate change seriously. In fact, Amazon, Microsoft, and Google have each developed a plan to address its contributions to climate change. While each company’s plan is unique, none address their problematic contracts that help oil majors use artificial intelligence to extract more oil and gas.

    Here we unpack Amazon, Microsoft, and Google’s sustainability plans. While each company earns hypocrisy points, Amazon is trailing the pack on climate action. And to make matters worse–rather than rise to the challenge, Amazon is currently threatening employees who speak out on its climate plan.

  • While Microsoft Was Making Its Climate Pledge, It Was Sponsoring an Oil Conference

    Last week, Microsoft made a splash when it announced its intention to become a “carbon negative” company—one that pulls more climate-warming carbon dioxide out of the atmosphere than it puts in—by 2030. The news drew widespread attention and praise for the tech giant. Reuters declared Microsoft had “set a new ambition among Fortune 500 companies,” and the UN’s executive secretary of climate change called the move “remarkable.”

    A day earlier, the 12th International Conference on Petroleum Technology drew to a close in Dhahran, Saudi Arabia. This year, Microsoft received special billing as the event’s “Digital Transformation Partner,” meaning it hosted all of the online sessions according to the Saudi Gazette. The company also had a booth at the conference, and Omar Saleh, Microsoft’s regional director of energy and manufacturing for the Middle East and Africa, participated in a panel discussion titled “The Role of the Fourth Industrial Revolution in Developing the Oil and Gas Sector.”

    [...]

    The disconnect is striking because Microsoft’s new climate pledge is, otherwise, pretty impressive. The company’s timeline—which includes shifting to 100 percent renewable energy for its data centers, buildings, and campuses by 2025, and becoming carbon negative by 2030—is in line with what the science says needs to happen to prevent the worst consequences of climate change. To reach net zero and eventually become a carbon negative company, Microsoft has pledged to put $1 billion into so-called negative emissions technologies that pull carbon out of the air. This, too, is significant: Most climate models agree that we’ll need negative emissions tech to bring atmospheric carbon dioxide down to safe levels. The federal government isn’t investing nearly enough in these technologies; Microsoft’s commitment could spur others in the private sector to help fill the gap.

    "Microsoft was one of a number of sponsors for the event," Microsoft said in a statement. "Microsoft attends and sponsors a number of events spanning many industries."

  • Kubernetes Operators: 4 facts to know

    As Kubernetes environments grow, so too does the interest in Operators. coreOS first introduced Operators back in 2016, and they got a big boost with the launch of the Operator Framework in March 2018. (Red Hat acquired coreOS in January 2018, expanding the capabilities of the OpenShift container platform.)

    There’s been a noticeable bump in the interest in and implementation of Operators of late, according to Liz Rice, VP of open source engineering at Aqua Security. Rice also chairs the Cloud Native Computing Foundation’s technical oversight committee.

    “At the CNCF, we’re seeing interest in projects related to managing and discovering Kubernetes Operators, as well as observing an explosion in the number of Operators being implemented,” Rice says. “Project maintainers and vendors are building Operators to make it easier for people to use their projects or products within a Kubernetes deployment.”

    This growing menu of Operators means there’s a need for a, well, menu. “This proliferation of Operators has created a gap for directories or discovery mechanisms to help people find and easily install what’s available,” Rice says.

    The relatively new OperatorHub.io is one place where Kubernetes community members can find existing Operators or share their own. (Red Hat launched Operator Hub in conjunction with Amazon, Microsoft, and Google.)

  • Multi-Cloud Adoption to Better Enable the Developer Workforce

    Over the past decade, we started to see a broader shift toward the use of multiple cloud providers by the enterprise. The need to reduce risk, optimize cloud usage, manage costs and the push to open source and cloud vendor-agnostic technologies are providing more options for developers, which will likely lead to an even steeper increase in multi-cloud usage.

Docker knits together Hub stats, says Pulls over 8 billion

Filed under
Server

Docker wants the world to know that it’s still riding the waves following the offloading of its Enterprise business last year and has issued some insight from its container registry to prove it.

The first batch of figures from the Docker Index showed that there were 8 billion pulls on the Docker Hub “in the past month”, compared to 5.5 billion a year ago. We’re presuming the past month refers to January.

Fleshing things out a little more, there were 6 million repositories on Hub, with 5 million users and 2.4 million desktop installations, the vendor said. The total number of pulls on Hub stands at 130 billion – presumably since the hub was launched in 2014.

Read more

Amazon Linux Users Win a Major Migration Reprieve

Filed under
GNU
Linux
Server

Are you running AWS on the original Amazon Linux AMI?

Good news, you’ve won a major reprieve from plans to end support for the operating system this summer, with the cloud provider bowing to “customer feedback” and agreeing to extend end-of-life to December 31, 2020.

AWS had planned to phase out support by June, but push-back from customers has seen it extend that date by six months; and add a minimal three-year maintenance support period to June 30, 2023 for good measure.

Maintenance will be limited: users of the 10-year-old AMI (Amazon Machine Image) will only get critical and important security updates for a reduced set of packages, with no guaranteed support for new AWS features.

AWS still wants users to migrate to Amazon Linux 2, saying “we strongly encourage you to use it for your new applications.”

Read more

SimpleLogin: Open Source Solution to Protect Your Email Inbox From Spammers

Filed under
Server
Software
OSS

SimpleLogin is an open-source service to help you protect your email address by giving you a permanent alias email address.

Normally, you have to use your real email address to sign up for services that you want to use personally or for your business.

In the process, you’re sharing your email address – right? And, that potentially exposes your email address to spammers (depending on where you shared the information).

What if you can protect your real email address by providing an alias for it instead? No – I’m not talking about disposable email addresses like 10minutemail which could be useful for temporary sign-ups – even though they’ve been blocked by certain services.

Read more

Also: Google promises next week's cookie-crumbling Chrome 80 will only cause 'a very modest amount of breakage'

Kubernetes Leftovers

Filed under
Server
OSS

Server: Kubernetes, Anchore, Octarine

Filed under
Server
  • Just Released: Kube-Scan Open Source Scanning Tool for Kubernetes

    A startup focused on Kubernetes security has released an open source risk assessment tool for the popular container orchestration platform. Cloud-native app security provider Octarine's Kube-Scan is a cluster risk assessment tool for developers that scans Kubernetes configurations and settings to identify and rank potential vulnerabilities in applications in minutes.

    The tool's risk score is based on Octarine's own Kubernetes Common Configuration Scoring System (KCCSS), a framework similar to the widely used Common Vulnerability Scoring System (CVSS). The KCCSS is similar to the CVSS, but it focuses on the configurations and security settings themselves.

  • Catalogic Software Debuts Open Source Backup Tool for Kubernetes

    Catalogic Software has made available the open source KubeDR utility for backing up and recovering Kubernetes cluster configuration, certificates and metadata residing in an etcd repository.

    Company COO Sathya Sankaran says Catalogic Software has been working to extend the reach of its backup and recovery software for Kubernetes and that KubeDR represents an effort to give back to the open source community. The company’s backup and recovery software already have been extended to support instances of Red Hat OpenShift, which is based on a distribution of Kubernetes, running in OpenStack environments.

    As part of that effort, Catalogic Software, which spun out of Syncsort in 2013, has created Catalogic Labs, committed to developing additional open source data protection technologies.

    KubeDR is designed to enable IT organizations to recover Kubernetes configuration, certificates and metadata stored in an S3-compatible object storage system. The idea is to make it easier for IT organizations to recover a Kubernetes cluster in the event of a failure. IT teams still need a separate tool to back and recover any application data that might have been lost as well.

  • Container software startup Anchore raises $20 million

    The open source software evolution that garnered a $150 million buyout by software giant RedHat in 2015 is fueling a second venture for return founder Saïd Ziouani, this time focused on securing the containers at the core of app development.

  • New open-source projects look to secure Kubernetes

    Kubernetes security company Octarine has announced two new open-source projects designed to protect against cloud-native security vulnerabilities. The Kubernetes Common Configuration Scoring System (KCCSS) is a framework for rating security risks, and kube-scan is a workload and assessment tool.

    “Our mission is to make the adoption of DevSecOps best practices simple, understandable, and achievable for any organization running Kubernetes,” said Julien Sobrier, head of product at Octarine. “One glaring blindspot is at the configuration level when building and deploying cloud native apps. We hope these two new projects benefit the Kubernetes practitioners industry-wide and look forward to collaborating with the community to make Kubernetes as secure and compliant as possible.”

Syndicate content

More in Tux Machines

Qt 5.15 Beta1 Released

I am happy to announce to you Qt 5.15 is moved to Beta phase and we have released Qt 5.15 Beta1 today. As earlier our plan is to publish new Beta N releases regularly until Qt 5.15 is ready for RC. Current estimate for Qt 5.15 RC is ~ end of April, see details from Qt 5.15 releasing wiki. Please take a tour now & test Beta1 packages. As usual you can get Qt 5.15 Beta1 by using Qt online installer (for new installations) or by using maintenance tool from your existing Qt online installation. Separate Beta1 source packages are also available in qt account and in download.qt.io Read more

Fedora’s gaggle of desktops

There are 38 different desktops or window managers in Fedora 31. You could try a different one every day for a month, and still have some left over. Some have very few features. Some have so many features they are called a desktop environment. This article can’t go into detail on each, but it’s interesting to see the whole list in one place. To be on this list, the desktop must show up on the desktop manager’s selection list. If the desktop has more than one entry in the desktop manager list, they are counted just as that one desktop. An example is “GNOME”, “GNOME Classic” and “GNOME (Wayland).” These all show up on the desktop manager list, but they are still just GNOME. Read more

Programming: 'DevOps', Caddyfile, GCC 8.4 RC and Forth

  • A beginner's guide to everything DevOps

    While there is no single definition, I consider DevOps to be a process framework that ensures collaboration between development and operations teams to deploy code to production environments faster in a repeatable and automated way. We will spend the rest of this article unpacking that statement. The word "DevOps" is an amalgamation of the words "development" and "operations." DevOps helps increase the speed of delivering applications and services. It allows organizations to serve their customers efficiently and become more competitive in the market. In simple terms, DevOps is an alignment between development and IT operations with better communication and collaboration. DevOps assumes a culture where collaboration among the development, operations, and business teams is considered a critical aspect of the journey. It's not solely about the tools, as DevOps in an organization creates continuous value for customers. Tools are one of its pillars, alongside people and processes. DevOps increases organizations' capability to deliver high-quality solutions at a swift pace. It automates all processes, from build to deployment, of an application or a product.

  • How to solve the DevOps vs. ITSM culture clash

    Since its advent, DevOps has been pitted against IT service management (ITSM) and its ITIL framework. Some say "ITIL is under siege," some ask you to choose sides, while others frame them as complementary. What is true is that both DevOps and ITSM have fans and detractors, and each method can influence software delivery and overall corporate culture.

  • JFrog Launches JFrog Multi-Cloud Universal DevOps Platform

    DevOps technology company JFrog has announced its new hybrid, multi-cloud, universal DevOps platform called the JFrog Platform that drives continuous software releases from any source to any destination. By delivering tools in an all-in-one solution, the JFrog Platform aims to empower organizations, developers and DevOps engineers to meet increased delivery requirements. For the uninitiated, JFrog is the creator of Artifactory, the heart of the Universal DevOps platform for automating, managing, securing, distributing, and monitoring all types of technologies.

  • New Caddyfile and more

    The new Caddyfile enables experimental HTTP3 support. Also I’ve added a few redirects to my new domain. All www prefix requests get redirected to their version without www prefix. My old domain nullday.de redirects now to my new domain shibumi.dev. Also I had to add connect-src 'self' to my CSP, because Google Lighthouse seems to have problems with defalt-src 'none'. If just default-src 'none' is being set, Google Lighthouse can’t access your robot.txt. This seems to be an issue in the Google Lighthouse implementation, the Google Search Bot is not affected.

  • Content Addressed Vocabulary

    How can systems communicate and share meaning? Communication within systems is preceded by a form of meta-communication; we must have a sense that we mean the same things by the terms we use before we can even use them. This is challenging enough for humans who must share meaning, but we can resolve ambiguities with context clues from a surrounding narrative. Machines, in general, need a context more explicitly laid out for them, with as little ambiguity as possible. Standards authors of open-world systems have long struggled with such systems and have come up with some reasonable systems; unfortunately these also suffer from several pitfalls. With minimal (or sometimes none at all) adjustment to our tooling, I propose a change in how we manage ontologies.

  • GCC 8.4 Release Candidate available from gcc.gnu.org
    The first release candidate for GCC 8.4 is available from
    
     https://gcc.gnu.org/pub/gcc/snapshots/8.4.0-RC-20200226/
     ftp://gcc.gnu.org/pub/gcc/snapshots/8.4.0-RC-20200226/
    
    and shortly its mirrors.  It has been generated from git commit
    r8-10091-gf80c40f93f9e8781b14f1a8301467f117fd24051.
    
    I have so far bootstrapped and tested the release candidate on
    x86_64-linux and i686-linux.  Please test it and report any issues to
    bugzilla.
    
    If all goes well, I'd like to release 8.4 on Wednesday, March 4th.
    
  • GCC 8.4 RC Compiler Released For Testing

    GCC 8.4 will hopefully be released next week but for now a release candidate is available for testing the latest bug fixes in the mature GCC8 series. GCC 8.4 is aiming for release next week as potentially the last of the GCC8 series while GCC 9.3 is also coming soon. GCC 8.4 represents all of the relevant bug fixes over the past year for back-porting to users still on GCC 8. GCC 10 (in the form of version GCC 10.1) meanwhile as the next feature release should be out in the next month or two.

  • Excellent Free Tutorials to Learn Forth

    Forth is an imperative stack-based programming language, and a member of the class of extensible interactive languages. It was created by Charles Moore in 1970 to control telescopes in observatories using small computers. Because of its roots, Forth stresses efficiency, compactness, flexible and efficient hardware/software interaction. Forth has a number of properties that contrast it from many other programming languages. In particular, Forth has no inherent keywords and is extensible. It is both a low level and high level language. It has the interesting property of being able to compile itself into a new compiler, debug itself and to experiment in real time as the system is built. Forth is an extremely flexible language, with high portability, compact source and object code, and a language that is easy to learn, program and debug. It has an incremental compiler, an interpreter and a very fast edit-compile-test cycle. Forth uses a stack to pass data between words, and it uses the raw memory for more permanent storage. It also lets coders write their own control structures. Forth has often being deployed in embedded systems due to the compactness of object code. Forth is also used in boot loaders such as Open Firmware (developed by Sun Microsystems) as well as scientific fields such as astronomy, mathematics, oceanography and electrical engineering.

Python Programming

  • Adding Metadata to PDFs

    For both Django Crash Course and the forthcoming Two Scoops of Django 3.x, we're using a new process to render the PDFs. Unfortunately, until just a few days ago that process didn't include the cover. Instead, covers were inserted manually using Adobe Acrobat. [...] The lesson I learned writing this little utility is that as useful as Google and Stack Overflow might be, sometimes you need to explore reference manuals. Which, if you ask me, is a lot of fun. :-)

  • A Week At A Time - Building SaaS #46

    In this episode, we worked on a weekly view for the Django app. We made navigation that would let users click from one week to the next, then fixed up the view to pull time from that particular week. The first thing that I did was focus on the UI required to navigate to a new weekly view in the app. We mocked out the UI and talked briefly about the flexbox layout that is available to modern browsers. From the UI mock up, I changed the view code to include a previous_week_date and next_week_date in the view context so we could change the links to show real dates. From there, we needed a destination URL. I create a new path in the URLconf that connected the weekly URL to the existing app view that shows the week data. After wiring things together, I was able to extract the week date from the URL and make the view pull from the specified day and show that in the UI. Finally, we chatted about the tricky offset calculation that needs to happen to pull the right course tasks, but I ended the stream at that stage because the logic changes for that problem are tedious and very specific to my particular app.

  • Python 3.6.9 : Google give a new tool for python users.

    Today I discovered a real surprise gift made by the team from Google for the evolution of programmers. I say this because not everyone can afford hardware resources.

  • Learn Python Dictionary Data Structure – Part 3

    In this Part 3 of Python Data Structure series, we will be discussing what is a dictionary, how it differs from other data structure in python, how to create, delete dictionary objects and methods of dictionary objects.