OpenSuse Goes Rolling
OpenSuse, the free Linux distribution forked from Suse Linux Professional and the basis for Suse Linux Enterprise, is switching to a rolling release model.
The development change will see daily builds released to keep the distribution at the cutting edge of development.
Announced by the Opensuse Project on Wednesday, the rolling release model for the development version of Opensuse, which is called Factory, will shorten the stabilisation process for releases and eliminate the need for pre-release or “milestone” builds, the project said.
Opensuse board chairman Richard Brown said that the project team was hopeful that the move would lead to more users of the software and more contributors to the code, which would have a knock-on effect on quality.
“With a daily fresh Factory distribution making it easier for those who want to preview and test, we hope to see more users and contributors, leading to faster fixes and even higher quality. Factory is critical as it provides the base technology for Opensuse and Suse Linux Enterprise, which is used by tens of thousands of organisations around the world,” he said.
The new development model balances responsibility among packagers, testers and end users while putting more emphasis on automated quality assurance. As a result, Opensuse Factory is no longer just the development branch of Opensuse but becomes a reliable, always-ready working distribution, according to the project.
The move also means that Opensuse is following a similar development model to Fedora, the cutting-edge Linux distribution sponsored by Red Hat that Red Hat Enterprise Linux (RHEL) is based upon.
More information on Opensuse Factory can be found on the project’s online portal. However, at the time of writing this was still showing a notice warning that the Factory repository is not guaranteed to be fully stable, and advising users to download the current release build.
An Opensuse spokesperson told stated that this is because the Factory build is primarily for developers and those keen to see the latest developments, and is not recommended for production environments.
Is China Spying?
Security experts claim that a Chinese manufacturer has been installing malware in its hand-held scanners that steals supply chain data.
TrapX says infected scanners made by an unnamed Chinese manufacturer located in Shandong province have been sold to eight unnamed firms including a large robotics company. The manufacturer denied knowledge that its scanners and website-hosted software were infected.
Sixteen of the 48 scanners deployed at one firm were infected, TrapX found. They all successfully sought out and compromised host names containing the word finance and siphoning off the logistical and financial data. The report Anatomy of the Attack: Zombie Zero said:
“Exfiltration of all financial data and ERP data was achieved, providing the attacker complete situational awareness and visibility into the logistic/shipping company’s worldwide operations,”.
TrapX suspected the attacks dubbed Zombie Zero were backed by the Chinese government and were a bid to gain intelligence on either logistics firms or their customers.
Is RedHat Being Open?
Red Hat has responded to claims that its implementation of Openstack isn’t as open as it should be.
A report at the Wall Street Journal this week suggested that Red Hat was blocking customers from using alternatives to the bespoke version of Openstack that it offers.
Red Hat provides Openstack with extended support by the company, however in spirit of open source, users should be entitled to use another vendor’s Openstack software, the generic Openstack, or create their own fork.
In reality though, the Wall Street Journal report suggests that Red Hat customers have been advised that Red Hat will not support mixed vendor software, that it has claimed it would cost the company too much to support multiple Openstack distributions and that Red Hat Linux and Red Hat Openstack are too closely intertwined to be separated.
Openstack’s open character is part of what makes it what it is, it’s embedded in the name, and Red Hat has been quick to distance itself from the report, though it does hedge a bit.
In a blog post, Paul Cormier, president of the company’s Products and Technologies division said, “Red Hat believes the entire cloud should be open with no lock-in to proprietary code. Period. No exceptions. Lock-in is the antithesis of open source, and it goes against everything Red Hat stands for.”
However, he went on to warn, “[Red Hat Enterprise Linux OpenStack Platform] requires tight feature and fix alignment between the kernel, the hypervisor, and Openstack services. We have run into this in actual customer support situations many times.”
In other words, its advice to customers is seemingly ‘of course you can do it, but you’d have to be a bit daft’.
He went on to explain, “Enterprise-class open source requires quality assurance. It requires standards. It requires security. Openstack is no different. To cavalierly ‘compile and ship’ untested Openstack offerings would be reckless. It would not deliver open source products that are ready for mission critical operations and we would never put our customers in that position or at risk.”
Which suggests that Red Hat will let you use your own version, unless it’s not happy with it, in which case it won’t.
In a swipe at HP, Cormier concluded by attacking its rival, saying, “We would celebrate and welcome competitors like HP showing commitment to true open source by open sourcing their entire software portfolio.”
HP, which recently launched its HP Helion brand for Openstack, would probably argue that it has already done this, so the war of words might just be beginning.
RedHat Buys InkTank
Red Hat has announced that it bought storage system provider Inktank.
Inktank is the company behind Ceph, the cloud based objects and block storage software package used in a number of Openstack cloud configurations.
Ceph will continue to be marketed alongside Red Hat’s own GlusterFS in a deal worth $175m, which the company does not believe will adversely affect its financial forecasts for the year.
In a statement, Brian Stevens, EVP and CTO of Red Hat said, “We’re thrilled to welcome Inktank to the Red Hat family. They have built an incredibly vibrant community that will continue to be nurtured as we work together to make open the de facto choice for software-defined storage. Inktank has done a brilliant job assembling a strong ecosystem around Ceph and we look forward to expanding on this success together.”
As part of the deal Ceph’s Monitoring and Diagnostics tool Calamari will also become open source, allowing users to add their own modules and functionality.
Inktank founder Sage Weil used his blog to assure users that the two storage systems will be treated with equal respect. “Red Hat intends to administer the Ceph trademark in a manner that protects the ecosystem as a whole and creates a level playing field where everyone is held to the same standards of use.”
Red Hat made the announcement fresh from Red Hat Summit in New York, where the company reaffirmed that it is the Linux distribution of choice at the CERN supercollider in Switzerland.
The Inktank deal is set to close later this month.
Dell RedHat Join Forces
The Dell Red Hat Cloud solution, a co-engineered, enterprise grade private cloud, was unveiled at the Red Hat Summit on Thursday.
The Openstack-based service also includes an extension of the Red Hat partnership into the Dell Openshift Platform as a Service (PaaS) and Linux Container products.
Dell and Redhat said their cloud partnership is intended to “address enterprise customer demand for more flexible, elastic and dynamic IT services to support and host non-business critical applications”.
The integration of Openshift with Redhat Linux is a move towards container enhancements from Redhat’s Docker platform, which the companies said will enable a write-once culture, making programs portable across public, private and hybrid cloud environments.
Paul Cormier, president of Products and Technologies at Red Hat said, “Cloud innovation is happening first in open source, and what we’re seeing from global customers is growing demand for open hybrid cloud solutions that meet a wide variety of requirements.”
Sam Greenblatt, VP of Enterprise Solutions Group Technology Strategy at Dell, added, “Dell is a long-time supporter of Openstack and this important extension of our commitment to the community now will include work for Openshift and Docker. We are building on our long history with open source and will apply that expertise to our new cloud solutions and co-engineering work with Red Hat.”
Dell Red Hat Cloud Solutions are available from today, with support for platform architects available from Dell Cloud Services.
Earlier this week, Red Hat announced Atomic Host, a new fork of Red Hat Enterprise Linux (RHEL) specifically tailored for containers. Last year, the company broke bad with its Fedora Linux distribution, codenamed Heisenbug.
Source
RedHat Goes Atomic
The Red Hat Summit kicked off in San Francisco on Tuesday, and continued today with a raft of announcements.
Red Hat launched a new fork of Red Hat Enterprise Linux (RHEL) with the title “Atomic Host”. The new version is stripped down to enable lightweight deployment of software containers. Although the mainline edition also support software containers, this lightweight version improves portability.
This is part of a wider Red Hat initiative, Project Atomic, which also sees virtualisation platform Docker updated as part of the ongoing partnership between the two organisations.
Red Hat also announced a release candidate (RC) for Red Hat Enterprise Linux 7. The beta version has already been downloaded 10,000 times. The Atomic Host fork is included in the RC.
Topping all that is the news that Red Hat’s latest stable release, RHEL 6.5 has been deployed at the Organisation for European Nuclear Research – better known as CERN.
The European laboratory, which houses the Large Hadron Collider (LHC) and was birthplace of the World Wide Web has rolled out the latest versions of Red Hat Enterprise Linux, Red Hat Enterprise Virtualisation and Red Hat Technical Account Management. Although Red Hat has a long history with CERN, this has been a major rollout for the facility.
The logging server of the LHC is one of the areas covered by the rollout, as are the financial and human resources databases.
The infrastructure comprises a series of dual socket servers, virtualised on Dell Poweredge M610 servers with up to 256GB RAM per server and full redundancy to prevent the loss of mission critical data.
Niko Neufeld, deputy project leader at the Large Hadron Collider, said, “Our LHCb experiment requires a powerful, very reliable and highly available IT environment for controlling and monitoring our 70 million CHF detectors. Red Hat Enterprise Virtualization is at the core of our virtualized infrastructure and complies with our stringent requirements.”
Other news from the conference includes the launch of Openshift Marketplace, allowing customers to try solutions for cloud applications, and the release of Red Hat Jboss Fuse 6.1 and Red Hat Jboss A-MQ 6.1, which are standards based integration and messaging products designed to manage everything from cloud computing to the Internet of Things.
Dell Unveils Laptop/Tablet Hybrid
Dell unveiled a new 11.6-in. screen rugged laptop that has literally has a twist — the screen can rotate 180 degrees to turn the device into a tablet.
At first, the Latitude 12 looks like a laptop. But within the display panel, the screen rotates 180 degrees and the laptop turns into a tablet once placed on the keyboard.
The new Latitude 12 laptop is part of a new Rugged Extreme line of laptops, which also includes the Rugged Extreme 14. The new laptops are robust and can withstand six-foot drops and remain protected from extreme weather conditions.
The laptops have hard covers that add a layer of protection, but also make the products heavy. The Latitude 12 Rugged Extreme weighs 2.72 kilograms with a four-cell battery, while the 14-in. counterpart weighs 3.54 kilograms with a six-cell battery and no optical drive.
The laptops can also withstand solar radiation, “explosive atmosphere” and weather ranging from -20 degrees to 145 degrees Fahrenheit (-29 degrees to 63 degrees Celsius), according to specifications provided by Dell. The products are targeted at field workers like emergency responders and the military, and will compete against Toughbook rugged laptops from Panasonic.
The Latitude 12 rugged laptop has a starting price of $3,649, while the Latitude 14 begins at $3,499. The laptops will ship next month.
The hybrid design in Latitude 12 has been borrowed from the company’s XPS 12 Ultrabook Touch, which has a 12.5-inch screen that can similarly flip to turn the laptop into a tablet. The resistive touch screens on both laptops can show images at a resolution of 1366 x 768 pixels.
The laptops will have storage options of up to 512GB solid-state drives. Users can configure the laptop with Intel’s latest fourth-generation Core processorscode-named Haswell. The laptops will come with either Windows 8.1 or 7, or Ubuntu Linux operating systems.
Other features include support for up to 16GB of DRAM, Wi-Fi and Gigabit Ethernet through a connector. The laptop also has USB 3.0, USB 2.0, VGA and HDMI ports. Mobile broadband and docking are available as options.
nVidia Goes For Raspberry Pi
nVidia has unveiled what it claims is “the world’s first mobile supercomputer”, a development kit powered by a Tegra K1 chip.
Dubbed the Jetson TK1, the kit is built for embedded systems to aid the development of computers attempting to simulate human recognition of physical objects, such as robots and self-driving cars.
Speaking at the GPU Technology Conference (GTC) on Tuesday, Nvidia co-founder and CEO Jen Hsun Huang described it as “the world’s tiniest little supercomputer”, noting that it’s capable of running anything the Geforce GTX Titan Z graphics card can run, but at a slower pace.
With a total performance of 326 GFLOPS, the Jetson TK1 should be more powerful than the Raspberry Pi board, which delivers just 24 GFLOPS, but will retail for much more, costing $192 in the US – a number that matches the number of cores in the Tegra K1 processor that Nvidia launched at CES in Las Vegas in January.
Described by the company as a “super chip” that can bridge the gap between mobile computing and supercomputing, the Nvidia Tegra K1, which replaces the Tegra 4, is based on the firm’s Kepler GPU architecture.
The firm boasted at CES that the chip will be capable of bringing next-generation PC gaming to mobile devices, and Nvidia claimed that it will be able to match the PS4 and Xbox One consoles’ graphics performance.
Designed from the ground up for CUDA, which now has more than 100,000 developers, the Jetson TK1 Developer Kit includes the programming tools required by software developers to develop and deploy compute-intensive systems quickly, Nvidia claimed.
“The Jetson TK1 also comes with this new SDK called Vision Works. Stacked onto CUDA, it comes with a whole bunch of primitives whether it’s recognising corners or detecting edges, or it could be classifying objects. Parameters are loaded into this Vision Works primitives system and all of a sudden it recognises objects,” Huang said.
“On top of it, there’s simple pipe lines we’ve created for you in sample code so that it helps you get started on what a structure for motion algorithm, object detection, object tracking algorithms would look like and on top of that you could develop your own application.”
Nvidia also expects the Jetson TK1 to be able to operate in the sub-10 Watt market for applications that previously consumed 100 Watts or more.
Ubuntu Cross-Platform Delayed
Ubuntu will not offer cross-platform apps as soon as it had hoped.
Canonical had raised hopes that its plan for Ubuntu to span PCs and mobile devices would be realised with the upcoming Ubuntu 14.04 release, providing a write-once, run-on-many template similar to that planned by Google for its Chrome OS and Android app convergence.
This is already possible on paper and the infrastructure is in place on smartphone and tablet versions of Ubuntu through its new Unity 8 user interface.
However, Canonical has decided to postpone the rollout of Unity 8 for desktop machines, citing security concerns, and it will now not appear along with the Mir display server this coming autumn.
This will apply only to apps in the Ubuntu store, and in the true spirit of open source, anyone choosing to step outside that ecosystem will be able to test the converged Ubuntu before then.
Ubuntu community manager Jono Bacon told Ars Technica, “We don’t plan on shipping apps in the new converged store on the desktop until Unity 8 and Mir lands.
“The reason is that we use app insulation to (a) run apps securely and (b) not require manual reviews (so we can speed up the time to get apps in the store). With our plan to move to Mir, our app insulation doesn’t currently insulate against X apps sniffing events in other X apps. As such, while Ubuntu SDK apps in click packages will run on today’s Unity 7 desktop, we don’t want to make them readily available to users until we ship Mir and have this final security consideration in place.
“Now, if a core-dev or motu wants to manually review an Ubuntu SDK app and ship it in the normal main/universe archives, the security concern is then taken care of with a manual review, but we are not recommending this workflow due to the strain of manual reviews.”
As well as the aforementioned security issues, there are still concerns that cross-platform apps don’t look quite as good on the desktop as native desktop versions and the intervening six months will be used to polish the user experience.
Getting the holistic experience right is essential for Ubuntu in order to attract OEMs to the converged operating system. Attempts to crowdfund its own Ubuntu handset fell short of its ambitious $20m target, despite raising $10.2 million, the single largest crowdfunding total to date.
Did The British Go After Anonymous?
February 17, 2014 by admin
Filed under Around The Net
Comments Off on Did The British Go After Anonymous?
Did a British Spy agency linked to GCHQ attacked hacktivists of the Anonymous and Lulzsec collectives, according to leaked US National Security Agency (NSA) documents?
NBC published documents obtained by NSA whistleblower Edward Snowden showing that the group codenamed the Joint Threat Research Intelligence Group (JTRIG) proactively attempted to shut down and spread misinformation throughout the Anonymous collective.
The leaked document allege that the unit attempted to phish Anonymous members and launched attacks designed to disrupt and infiltrate its networks as part of an operation called Rolling Thunder.
The documents show the spies mounted a sophisticated espionage campaign that enabled intelligence officers to phish a number of Anonymous members to extract key bits of information.
The documents include conversations between intelligence officers and Anonymous members G-Zero, Topiary and pOke in 2011.
One log shows that a GCHQ spy duped the hacker pOke into clicking on a malicious link dressed up to look like a news article about Anonymous. The link used an unspecified method to extract data from the virtual private network (VPN) being used by pOke.
The documents allege pOke was not arrested, but that the information acquired during the phishing attack was used in the arrest of Jake Davis, who was known as Topiary, in July 2011.
Davis’ arrest was taken as a key victory for law enforcement. British citizen Davis was believed to have acted as a spokesman for many Anonymous cells and is credited as having written several of its statements.
A GCHQ spokesman declined The INQUIRER’s request for comment on NBC’s report, but reiterated the agency’s previous insistence that all of its operations are carried out within the letter of the law.
“It is a longstanding policy that we do not comment on intelligence matters. Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework,” read the statement.
Experts in the security community have questioned the GCHQ’s argument. Corero Network Security COO Andrew Miller said that the secret unit’s use of blackhat tactics was at the very least morally questionable.
“We have to remember that cyber-spooks within GCHQ are equally if not more skilled than many black hat hackers, and the tools and techniques they are going to use to fight cybercrime are surely going to be similar to that of the bad guys,” he said.
“Legally, we enter a very grey area here, where members of Lulzsec were arrested and incarcerated for carrying out DDoS attacks, but it seems that JTRIG are taking the same approach with impunity.”
The campaign against Anonymous is one of many revelations from the leaked Snowden files.
The files initially were leaked to the press in 2013 and detailed several intelligence operations carried out by the UK GCHQ and US NSA. Documents emerged in January alleging that GCHQ and NSA used mobile apps such as Angry Birds to spy on citizens.