Language Selection

English French German Italian Portuguese Spanish

Microsoft

GAFAM and 'Cloud': Google, Microsoft, Amazon and GitHub

Filed under
Google
Microsoft
  • Daniel Stenberg: Google to reimplement curl in libcrurl

    By throwing a lot of man power on it. As the primary author and developer of the libcurl API and the libcurl code, I assume that Cronet works quite differently than libcurl so there’s going to be quite a lot of wrestling of data and code flow to make this API work on that code.

    The libcurl API is also very versatile and is an API that has developed over a period of almost 20 years so there’s a lot of functionality, a lot of options and a lot of subtle behavior that may or may not be easy or straight forward to mimic.

    The initial commit imported the headers and examples from the curl 7.65.1 release.

  • Microsoft, you should look away now: Google's cloud second only to AWS in dev survey [Ed: Longtime Microsoft booster Tim Anderson  on Azure being a failure after so many entryism attempts and underhanded tactics]

    Coders use Google Cloud Platform (GCP) more than Microsoft Azure, though Amazon Web Services (AWS) has a comfortable lead, according to a Developer Ecosystem survey conducted by tools vendor JetBrains.

    Developer usage is 67 per cent AWS versus 28 per cent GCP and 21 per cent Azure, according to the new survey. Unfortunately, the question was posed in a different way in the 2018 survey, adding on-premises into the mix, but last year Azure and GCP had equal share after AWS.

    The survey had 19,000 participants invited via "Twitter ads, Facebook ads, Google Adwords and JetBrains' own communication channels," the tools vendor said, though "only the responses of 6,993 respondents were included in the report." Responses were removed to reduce bias, yet it warned "some bias may be present as JetBrains users may have been more willing on average to compete the survey".

  • Get your coat, you've pulled a Pull Panda: GitHub goes home with code collab specialists [Ed: Notice how Microsoft only takes GitHub in more of a proprietary software direction. That says a lot – they have plans and they’re really detrimental to FOSS]

NSA Back Doors in Windows Causing Chaos While Media is Obsessing Over DoS Linux Bug

Filed under
Microsoft
Security
  • U.S. Government Announces Critical Warning For Microsoft Windows Users

    The United States Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has gone public with a warning to Microsoft Windows users regarding a critical security vulnerability. By issuing the "update now" warning, CISA has joined the likes of Microsoft itself and the National Security Agency (NSA) in warning Windows users of the danger from the BlueKeep vulnerability.

    This latest warning, and many would argue the one with most gravitas, comes hot on the heels of Yaniv Balmas, the global head of cyber research at security vendor Check Point, telling me in an interview for SC Magazine UK that "it's now a race against the clock by cyber criminals which makes this vulnerability a ticking cyber bomb." Balmas also predicted that it will only be "a matter of weeks" before attackers started exploiting BlueKeep.

    The CISA alert appears to confirm this, stating that it has, "coordinated with external stakeholders and determined that Windows 2000 is vulnerable to BlueKeep." That it can confirm a remote code execution on Windows 2000 might not sound too frightening, this is an old operating system after all, it would be unwise to classify this as an exercise in fear, uncertainty and doubt. Until now, the exploits that have been developed, at least those seen in operation, did nothing more than crash the computer. Achieving remote code execution brings the specter of the BlueKeep worm into view as it brings control of infected machines to the attacker.

  • Netflix uncovers SACK Panic vuln that can bork Linux-based systems

CERN Is Working To Move Further Away From Microsoft Due To License Costs Going Up By 10x

Filed under
GNU
Linux
Server
Microsoft

CERN, The European Organization for Nuclear Research that is home to the Large Hadron Collider and a lot of other experiments, is experimenting with moving further away from Microsoft products. Due to Microsoft license fee increases affecting their work in the research laboratory and its budget, they established the Microsoft Alternatives "MAlt" project.

CERN had already long been involved with developing Scientific Linux (now shifting to CentOS) but they have still been reliant upon Microsoft products in other areas, on some Windows systems as well as using the likes of Skype for Business.

Read more

Also today: Ubuntu preinstalled by Lenovo.

Microsoft/Linux 'Crossover'

Filed under
Linux
Microsoft
  • Chuwi AeroBook review: A successful move upmarket

    If given the choice I'd actually prefer a cheaper 128GB eMMC option and to add my own SSD. Why? Because the AeroBook works beautifully with Linux. I tried both Ubuntu 19.04 and the Intel-backed Clear Linux distro on the AeroBook and they ran faultlessly.

  • Bodhi is getting ready for rawhide gating [Ed: Bodhi is spyware and it is hosted on Microsoft GitHub i.e. NSA PRISM. If Fedora and Red Hat spread it further, it will damage their credibility]
  • Linux Foundation to Host the Accord Project to Develop Open Source Framework for Smart Legal Contracts [Ed: Dan Selman, whom LF has just made co-director of the Accord Project, apparently works or worked for Microsoft (or maybe it's another person with the same name). Zemlin PAC may be dead anyway. Stick a fork in it. This new group has nothing to do with “Linux"; Everything to do with 'IP' boosters Intel, IBM and Microsoft (see who’s cited in this press release).]

    The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the launch of the Accord Project as a Linux Foundation project. The Accord Project is a nonprofit organization that builds open source code and documentation to maintain a common and consistent legal and technical foundation for contract management. The project comprises all the software necessary to author, edit and execute smart legal contracts in a standardized way. Many of the world's largest global law firms have signed on, as well as leading industry bodies and technology companies such as DocuSign, IBM, IEEE and R3.

    Smart contracts are showing promise for simplifying complexities in supply chain management and other contract-heavy areas of technology development, but they also introduce requirements for interoperability and consistency. The Accord Project provides a globally interoperable approach for creating contracts that bind legally enforceable natural language text to executable business logic. With an increased focus on enterprise digitalization, adoption of blockchain technologies and the growth of the API economy, the usage of computable agreements is rapidly increasing. Having a common format for “computable” legal agreements is an important cornerstone for the future of commercial relationships. One of the main purposes of Accord Project is to provide a vendor-neutral “.doc” format for smart legal agreements

Microsoft Layoffs/Closures, UEFI Trap Upgraded, Microsoft Puff Pieces (Lies) Emerge

Filed under
Microsoft
  • What's in store for Microsoft's US pop-up shops? Not much, they're being closed

    Microsoft has quietly swung the axe on a chunk of its retail operation, with "speciality stores" in America bearing the brunt of the blade.

    All 17 of Microsoft's kiosk-sized stores were disappeared from the company's website over the weekend, leaving some of the US states that had at least enjoyed a stub of retail presence from the Windows giant bereft of the limited line-up of stock available at the outlets.

    And, more importantly, somewhere to take their Surfaces to when the things break down.

    Disgruntled employees have taken to the usual social media outlets, with one posting on Reddit: "We had no notice beforehand by the way. They told us that on Sunday morning, we had a mandatory meeting Sunday night then told us we were all terminated. It's horrible to be treated that poorly after years of work."

  • UEFI 2.8 Specification Released With REST & Memory Cryptography [Ed: Intel continues its attacks, with Microsoft, on general-purpose computing, and it is disguised as a 'forum']

    The UEFI Forum today announced the release of the UEFI 2.8 specification.

    New to UEFI 2.8 for platform firmware is support for the REST software architecture as well as memory cryptography.

    The UEFI Forum is hoping the REST support will lead to better interoperability.

  • Open-Source ‘Great Satan’ No More, Microsoft Wins Over Skeptics [Ed: Watch out in the face of Microsoft PR. It looks like Bloomberg does a whole bunch of lies for them right now. Advertising as articles? That certainly matches their latest wave of PR campaigns. There's more from Bloomberg this past week. A Microsoft public relations machine this month? Cui bono and who's paying who? Now, for instance, it's also Shira Ovide pretending Bing matters. Marketing as 'news'. "Shira Ovide is a Bloomberg Opinion columnist covering technology. She previously was a reporter for the Wall Street Journal." They're well known for Microsoft boosting and Google bashing because of their owner.]

Facebook, Not Microsoft, Is the Main Threat to Open Source

Filed under
Microsoft

Facebook is under a lot of scrutiny and pressure at the moment. It's accused of helping foreign actors to subvert elections by using ads and fake accounts to spread lies—in the US, for example—and of acting as a conduit for terrorism in New Zealand and elsewhere. There are calls to break up the company or at least to rein it in.

In an evident attempt to head off those moves, and to limit the damage that recent events have caused to Facebook's reputation, Mark Zuckerberg has been publishing some long, philosophical posts that attempt to address some of the main criticisms. In his most recent one, he calls for new regulation of the online world in four areas: harmful content, election integrity, privacy and data portability. The call for data portability mentions Facebook's support for the Data Transfer Project. That's clearly an attempt to counter accusations that Facebook is monopolistic and closed, and to burnish Facebook's reputation for supporting openness. Facebook does indeed use and support a large number of open-source programs, so to that extent, it's a fair claim.

Read more

From same author today: Facebook Fails To Block EU Court Case That Could Rule Against Most Transatlantic Data Flows

China Prepares To Drop Microsoft Windows -- Blames U.S. Hacking Threat

Filed under
Microsoft
Security

First there have been the drafting of cybersecurity regulations that could see U.S. technology imports blocked on national security grounds. Now comes the news, first broken online by the Epoch Times this week, that China is preparing to replace the Windows operating system with an alternative that is being developed within China in order to "prevent the United States from hacking into China's military network."

Quoting a report from a Canadian military print publication called Kanwa Asian Defence, the Epoch Times revealed how the Internet Security Information Leadership Group (ISILG) in China has been created in order to replace Windows, and the UNIX system, used by the Chinese military.

The ISILG is part of the People's Liberation Army (PLA) and falls directly under the control of the Central Committee of the Chinese Communist Party (CCP). This would make a lot of sense given that the United States Cyber Command was similarly formed to provide a separation between network security and national security groups.

I can certainly see how the technology environment has turned toxic at a national security level for countries on both sides of the East-West divide. While the West has become increasingly hostile towards Huawei, Chinese attention has been focused on networking technology made in the West. The Kanwa report talks of the ISILG believing that German-developed programmable logic controllers used in much of the Chinese industrial sector posing risks to national security.

Starting with the Edward Snowden NSA document leaks back in 2013 and bolstered by the Shadow Brokers group releasing NSA-developed malware more recently, China fears that U.S. intelligence agencies have the necessary tools to easily hack into operating systems such as Windows, and UNIX or Linux for that matter, and spy on Chinese military secrets.

The irony of a nation state oft-associated with cyber-attacks on Western targets, both in the business and government spheres, blaming the U.S. hacking capability for the need to develop a custom OS is not lost on me.

Read more

Chinese Military Will Replace Windows Operating System

Filed under
OS
GNU
Linux
Microsoft

The Chinese regime is getting ready to replace the Windows operating system in its military. The new operating system is independently developed by China, and it would prevent the United States from hacking into China’s military network.

An “Internet Security Information Leadership Group” was established to perform the task of replacing the Windows operating system, according to a report published on May 11 by Canada-based military magazine Kanwa Asian Defence.

The group does not trust the “UNIX” multi-user, multi-stroke operating system either, which is used in some of the servers within the People’s Liberation Army (PLA), Kanwa reported. Therefore, Chinese authorities ordered to develop an operating system dedicated to the Chinese military.

Read more

Linux Still Yields Better Multi-Threaded Performance On AMD Threadripper Against Windows 10 May 2019 Update

Filed under
Graphics/Benchmarks
Linux
Microsoft

Curious whether the recent Microsoft Windows 10 Version 1903 (May 2019 Update) improved the multi-threaded performance at all for the likes of the AMD Ryzen Threadripper 2990WX, I recently carried out some benchmarks looking at Windows 10 1903 against the former Windows 10 Version 1809 release benchmarked against both Ubuntu 18.04.2 LTS and the latest Ubuntu 19.04.

Read more

Many Openwashing Examples (Past Week)

Filed under
Microsoft
OSS
Syndicate content

More in Tux Machines

Official x86 Zhaoxin Processor Support Is Coming With Linux 5.3

Zhaoxin is the company producing Chinese x86 CPUs created by a joint venture between VIA and the Shanghai government. The current Zhaoxin ZX CPUs are based on VIA's Isaiah design and making use of VIA's x86 license. With the Linux 5.3 kernel will be better support for these Chinese desktop x86 CPUs. Future designs of the Zhaoxin processors call for 7nm manufacturing, PCI Express 4.0, DDR5, and other features to put it on parity with modern Intel and AMD CPUs. It remains to be seen how well that will work out, but certainly seems to be moving along in the desktop/consumer space for Chinese-built x86 CPUs while in the server space there's the Hygon Dhyana EPYC-based processors filling the space for Chinese servers. Read more

Security Leftovers

  • OpenSSH adds protection against Spectre, Meltdown, RAMBleed

    OpenSSH, a widely used suite of programs for secure (SSH protocol-based) remote login, has been equipped with protection against side-channel attacks that could allow attackers to extract private keys from memory.

  • How to take the pain out of patching Linux and Windows systems at scale

    Patching can be manually intensive and time-consuming, requiring large amounts of coordination and processes. Tony Green gives the best tips.

  • Removal of IBRS mitigation for Spectre Variant2

    As the Meltdown and Spectre attacks were published begin of January 2018, several mitigations were planned and implemented for Spectre Variant 2.

  • Go and FIPS 140-2 on Red Hat Enterprise Linux

    Red Hat provides the Go programming language to Red Hat Enterprise Linux customers via the go-toolset package. If this package is new to you, and you want to learn more, check out some of the previous articles that have been written for some background. The go-toolset package is currently shipping Go version 1.11.x, with Red Hat planning to ship 1.12.x in Fall 2019. Currently, the go-toolset package only provides the Go toolchain (e.g., the compiler and associated tools like gofmt); however, we are looking into adding other tools to provide a more complete and full-featured Go development environment. In this article, I will talk about some of the improvements, changes, and exciting new features for go-toolset that we have been working on. These changes bring many upstream improvements and CVE fixes, as well as new features that we have been developing internally alongside upstream.

  • Check your password security with Have I Been Pwned? and pass

    Password security involves a broad set of practices, and not all of them are appropriate or possible for everyone. Therefore, the best strategy is to develop a threat model by thinking through your most significant risks—who and what you are protecting against—then model your security approach on the activities that are most effective against those specific threats. The Electronic Frontier Foundation (EFF) has a great series on threat modeling that I encourage everyone to read. In my threat model, I am very concerned about the security of my passwords against (among other things) dictionary attacks, in which an attacker uses a list of likely or known passwords to try to break into a system. One way to stop dictionary attacks is to have your service provider rate-limit or deny login attempts after a certain number of failures. Another way is not to use passwords in the "known passwords" dataset.

SUSE: Release of SUSE CaaS Platform, SUSE Enterprise Storage, SUSE Linux Enterprise 15 Service Pack 1 and More

  • SUSE CaaS Platform 4.0 Beta 3 is out!

    SUSE CaaS Platform 4.0 is built on top of SLE 15 SP1 and requires either the JeOS version shipped from the product repositories or a regular SLE 15 SP1 installation. Please note that SLE 15 SP1 is now officially out! Check out the official announcement for more information. Thus you should not use a SLES 15 SP1 environment with the SLE Beta Registration Code anymore. Because the SLE Beta Registration Code has expired now, but you can either use your regular SLE Registration Code or use a Trial.

  • SUSE Enterprise Storage 6 Now Available

    With the current increase in data creation, increased costs and flat to lower budgets, IT organizations are looking for ways to deploy highly scalable and resilient storage solutions that manage data growth and complexity, reduce costs and seamlessly adapt to changing demands. Today we are pleased to announce the general availability of SUSE Enterprise Storage 6, the latest release of the award-winning SUSE software-defined storage solution designed to meet the demands of the data explosion.

  • What’s New for SUSE Linux Enterprise Server for Arm 15 SP1

    Happy Birthday! It’s been 1 year since we introduced the world’s first multimodal OS supporting 64-bit Arm systems (AArch64 architecture), SUSE Linux Enterprise Server for Arm 15. Enterprise early adopters and developers of Ceph-based storage and industrial automation systems can gain faster time to market for innovative Arm-based server and Internet of Things (IoT) solutions. SUSE Linux Enterprise Server for Arm is tested with a broad set of Arm System-on-a-Chip (SoC) processors, enabling enterprise-class security and greater reliability. And with your choice of Standard or Premium Support subscriptions you can get the latest security patches and fixes, and spend less time on problem resolution as compared to maintaining your own Linux distribution.

  • Are you ready for the world’s first Multimodal Operating System

    Today, SUSE releases SUSE Linux Enterprise 15 Service Pack 1, marking the one-year anniversary since we launched the world’s first multimodal OS. SUSE Linux Enterprise 15 SP1 advances the multimodal OS model by enhancing the core tenets of common code base, modularity and community development while hardening business-critical attributes such as data security, reduced downtime and optimized workloads.

  • The future of OpenStack?

    Before we can answer these questions, let’s take a look at its past to give some context. Since its original release in 2010 as a joint venture by Rackspace and NASA, and its subsequent spin-off into a separate open source foundation in 2012, OpenStack has seen growth and hype that was almost unparalleled. I was fortunate enough to attend the Paris OpenStack Summit in 2014, where Mark Collier was famously driven onto stage for a keynote in one of the BMW electric sports cars. The event was huge and was packed with attendees and sponsors – almost every large technology company you can think of was there. Marketing budget had clearly been splurged in a big way on this event with lots of pizazz and fancy swag to be had from the various vendor booths. Cycle forward 4 years to the next OpenStack Summit I attended – Vancouver in May 2018. This was a very different affair – most of the tech behemoths were no longer sponsoring, and while there were some nice pieces of swag for attendees to take home, it was clear that marketing budgets had been reduced as the hype had decreased. There were less attendees, less expensive giveaways, but that ever-present buzz of open source collaboration that has always been a part of OpenStack was still there. Users were still sharing their stories, and developers and engineers were sharing their learnings with each other, just on a slightly smaller scale.

  • SUSE Academic Program to be present at 2019 UCISA SSG Conference

    Engaging with the community has always been important for SUSE and this is no different for our Academic Program. That is why next week, the SUSE Academic Program is excited to attend and participate in a three day event hosted by one of the most respected networks in UK education.

Glen Barber: Statement regarding employment change and roles in the [FreeBSD] Project

Dear FreeBSD community:

As I have a highly-visible role within the community, I want to share
some news.  I have decided the time has come to move on from my role
with the FreeBSD Foundation, this Friday being my last day.  I have
accepted a position within a prominent company that uses and produces
products based on FreeBSD.

My new employer has included provisions within my job description that
allow me to continue supporting the FreeBSD Project in my current
roles, including Release Engineering.

There are no planned immediate changes with how this pertains to my
roles within the Project and the various teams of which I am a member.

FreeBSD 11.3 and 12.1 will continue as previously scheduled, with no
impact as a result of this change.

I want to thank everyone at the FreeBSD Foundation for providing the
opportunity to serve the FreeBSD Project in my various roles, and their
support for my decision.

I look forward to continue supporting the FreeBSD Project in my various
roles moving forward.

Glen
Read more Also: FreeBSD's Release Engineering Lead Departs The Foundation