Language Selection

English French German Italian Portuguese Spanish

Security

Security: Updates, Pwn2Own Tokyo and Spyware

Filed under
Security
  • Security updates for Wednesday

    Security updates have been issued by Arch Linux (powerdns and powerdns-recursor), Debian (ceph and spamassassin), Fedora (feh, flatpak, and xen), Red Hat (kernel, kernel-rt, openstack-cinder, python-cryptography, and Red Hat Single Sign-On 7.2.5), and Ubuntu (python2.7, python3.4, python3.5).

  • iPhone X, Samsung Galaxy S9, Xiaomi Mi 6 Hacked At Pwn2Own Tokyo [Ed: All so-called 'phones' nowadays have a back door at the baseband OS, so cracking them and remotely controlling them is trivial, securing them a non-starter.]
  • It’s Amateur Hour in the World of Spyware and Victims Will Pay the Price

    We’re living in the golden age of spyware and government hacking, with companies rushing to join a blossoming billion dollar market. The weakest among us—activists or journalists—will suffer the consequences if we don’t regulate it appropriately.

Security Leftovers

Filed under
Security

Security: Updates, Protecting the Digital Supply Chain, and Steam DRM Failure

Filed under
Security
  • Security updates for Tuesday
  • Protecting the Digital Supply Chain

    You first learn about the importance of the supply chain as a child. You discover a shiny object on the ground and as you reach down to pick it up your parent says “Don’t touch that! You don’t know where it’s been!” But why does it matter whether you know where it’s been? When your parents know where something came from, they can trust that it’s clean and safe for you to play with. When they don’t, their imagination runs wild with all of the disgusting bacteria and viruses that might taint it.

    The food supply chain is important. Food is sealed not just so that it will keep longer, but also so that you can trust that no one has tampered with it between the time it left the supplier to the time it goes in your grocery bag. Some food goes even further and provides a tamper-evident seal that makes it obvious if someone else opened it before you. Again, the concern isn’t just about food freshness, or even someone stealing food from a package, it’s about the supplier protecting you from a malicious person who might go as far as poisoning the food.

    The supply chain ultimately comes down to trust and your ability to audit that trust. You trust the grocery and the supplier to protect the food you buy, but you still check the expiry date and whether it’s been opened before you buy it. The grocery then trusts and audits their suppliers and so on down the line until you get to a farm that produces the raw materials that go into your food. Of course it doesn’t stop there. In the case of organic farming, the farmer is also audited for the processes they use to fertilize and remove pests in their crops, and in the case of livestock this even extends to the supply chain behind the food the livestock eats.

  • I found a security hole in Steam that gave me every game's license keys and all I got was this... oh nice: $20,000

    A bloke has told how he discovered a bug in Valve's Steam marketplace that could have been exploited by thieves to steal game license keys and play pirated titles.

    Researcher Artem Moskowsky told The Register earlier this week that he stumbled across the vulnerability – which earned him a $20,000 bug bounty for reporting it – by accident while looking over the Steam partner portal. That's the site developers use to manage the games they make available for download from Steam.

  • Hacker Receives $20,000 From Valve For Discovering Steam Bug That Generates Free Steam Keys

GNU/Linux Skills, Raspberry Pi and FUD

Filed under
GNU
Linux
Security
  • Raspberry Pi's potential is wider than you think

    What do you get for the techie who has everything? How about giving them a Raspberry Pi and letting them make pretty much anything. Or better yet, do it for yourself with the Ultimate Raspberry Pi eBook Bundle.

  • Systems Engineer Salary Rises Even Higher with Linux Experience

    Some companies treat “systems engineer” and “systems administrator” almost interchangeably, but there are significant differences between the two positions. In broadest terms, systems engineers must design and implement a company’s system (comprising the network, servers, devices, etc.), whereas systems administrators are largely charged with keeping everything running.

    To frame it another way, system administration is a very reactive role, with sysadmins constantly monitoring networks for issues. Systems engineers, on the other hand, can build a system that anticipates users’ needs (and potential problems). In certain cases, they must integrate existing technology stacks (e.g., following the merger of two companies), and prototype different aspects of the network before it goes “live.”

  • New Linux-Targeting Crypto-Mining Malware Combines Hiding and Upgrading Capabilities [Ed: When your system gets cracked anything can happen afterwards; does not matter whether there's an upgrade or not? No.]

    Japanese multinational cybersecurity firm Trend Micro has detected a new strain of crypto-mining malware that targets PCs running Linux, according to a report published Nov. 8.
    The new strain is reportedly able to hide the malicious process of unauthorized cryptocurrency-mining through users’ CPU by implementing a rootkit component. The malware itself, detected by Trend Micro as Coinminer.Linux.KORKERDS.AB, is also reportedly capable of updating itself.

Security: Reproducible Builds, D-Link, Kaspersky

Filed under
Security

Security: Buttercup, Container Labeling, Serendipity and Security Updates

Filed under
Security
  • Buttercup – A Free, Secure And Cross-platform Password Manager

    In this modern Internet era, you will surely have multiple accounts on lot of websites. It could be a personal or official mail account, social or professional network account, GitHub account, and ecommerce account etc. So you should have several different passwords for different accounts. I am sure that you are already aware that setting up same password to multiple accounts is crazy and dangerous practice. If an attacker managed to breach one of your accounts, it’s highly likely he/she will try to access other accounts you have with the same password. So, it is highly recommended to set different passwords to different accounts.

  • Container Labeling

    Container policy is defined in the container-selinux package. By default containers run with the SELinux type "container_t" whether this is a container launched by just about any container engine like: podman, cri-o, docker, buildah, moby. And most people who use SELinux with containers from container runtimes like runc, systemd-nspawn use it also.

    By default container_t is allowed to read/execute labels under /usr, read generically labeled content in the hosts /etc directory (etc_t).

    The default label for content in /var/lib/docker and /var/lib/containers is container_var_lib_t, This is not accessible by containers, container_t, whether they are running under podman, cri-o, docker, buildah ... We specifically do not want containers to be able to read this content, because content that uses block devices like devicemapper and btrfs(I believe) is labeled container_var_lib_t, when the containers are not running.

    For overlay content we need to allow containers to read/execute the content, we use the type container_share_t, for this content. So container_t is allowed to read/execute container_share_t files, but not write/modify them.

  • How my personal Bug Bounty Program turned into a Free Security Audit for the Serendipity Blog

    This blog and two other sites in scope use Serendipity (also called S9Y), a blog software written in PHP. Through the bug bounty program I got reports for an Open Redirect, an XSS in the start page, an XSS in the back end, an SQL injection in the back end and another SQL injection in the freetag plugin. All of those were legitimate vulnerabilities in Serendipity and some of them quite severe. I forwarded the reports to the Serendipity developers.

    Fixes are available by now, the first round of fixes were released with Serendipity 2.1.3 and another issue got fixed in 2.1.4. The freetag plugin was updated to version 2.69. If you use Serendipity please make sure you run the latest versions.

  • Security updates for Monday

Ubuntu Core and Kura: A framework for IoT gateways

Filed under
Security
Ubuntu

The Linux distribution model, whilst established and well understood for computing, has some limitations when it comes to IoT edge gateway devices. Due to often being located in remote or hard to access areas, there is a greater demand for a system that offers both high levels of robustness and security.

With the IoT gateway market growing at a fast pace in recent years and continuing to grow even more rapidly – mostly due to increasing demand for big data collection and analytics, there is greater importance being placed upon finding solutions that are capable of offering this.
Having a standard Linux distribution as the base is often not the optimal choice due to these systems often lacking a clear update story, creating security risks caused by an unmaintained system. Updates are often deferred because they are identified as risky operations, without a good recovery path. This makes such systems an unsuitable fit for unattended devices.

Read more

Security: BoE, North Korea, Russia

Filed under
Security

  • Bank of England stages day of war games to combat cyber-attacks [iophk: "neglects to implicate Windows as the key facilitator of attacks, both by making victims vulnerable and by providing a platform for attackers"]

    Up to 40 firms are taking part in the voluntary exercise, alongside the BoE, the Treasury, City regulator the Financial Conduct Authority and UK Finance, the industry trade body.

  • North Korean hackers filched tens of millions from cash machines in ATM heist

    Symantec reports that the scheme has been going on for some time, and while the 2018 attack targeted 23 countries in Africa and Asia, the US government reports a similar attack in 2017 which saw 30 nations' ATMs breached simultaneously.

    The good news - well, goodish - is that all Trojan.Fastcash attacks seem to have hit servers running outdated software.

  • The US Military Just Publicly Dumped Russian Government Malware Online

    The malware itself does not appear to still be active. A spokesperson for Symantec told Motherboard in an email that the command and control servers—the computers that tell the malware what commands to run or store stolen data—are no longer operational. The spokesperson added that Symantec detected the sample when the company updated its detection tools a couple of months ago.

Security and DRM

Filed under
Security
  • The Morris Worm Turns 30
  • DJI Fixes Massive Vulnerability In User Accounts That Could’ve Allowed Hackers To Take Control Of Your Drone And Steal Personal Information

    DJI drones are the hot trend of 21st century. However, as functional and well built they are, some vulnerabilities in them could pose serious threat to your security. As these drones rely on a DJI account to be functional, you can land in serious trouble if a hacker gains access to your account. The hacker may access your drone and fly or crash it into a sensitive more or no fly zone. Not only that, personal information can also be accessed through the exploit and that may put you in more danger.

  • Denuvo: Every Download Is A Lost Sale For This Anonymous AAA Title We're Referencing, So Buy Moar Dunuvo!

    The saga of antipiracy DRM company Denuvo is a long and tortured one, but the short version of it is that Denuvo was once a DRM thought to be unbeatable but which has since devolved into a DRM that cracking groups often beat on timelines measured in days if not hours. Denuvo pivoted at that point, moving on from boasting at the longevity of its protection to remarking that even this brief protection offered in the release windows of games made it worthwhile. Around the same time, security company Irdeto bought Denuvo and rolled its services into its offering.

    And Irdeto apparently wants to keep pushing the line about early release windows, but has managed to do so by simply citing some unnamed AAA sports game that it claims lost millions by being downloaded instead of using Denuvo to protect it for an unspecified amount of time.

  • Denuvo Research Claims Unnamed “major sports title” Lost $21m in Revenue Because of Piracy [Ed: Amplifying the lies of disgraced DRM firm Denuvo]

    Denuvo, the infamous video game anti-piracy software provider, was acquired by Irdeto earlier this year in January. In a statement posted on Irdeto’s website, the software company shared research results which claim game piracy caused a potential loss of $21 million for an unnamed AAA sports title in the two weeks following its release.

Security Updates and FUD

Filed under
Security
  • Security updates for Friday
  • Linux CryptoMiners Are Now Using Rootkits to Stay Hidden [Ed: This impacts already-cracked machines; unlike Windows, where rootkits come though official channels like CD-ROM (Sony)]

    As the popularity of cryptocurrency rises, so does the amount of cryptominer Tojans that are being created and distributed to unsuspecting victims. One problem for cryptominers, though, is that the offending process is easily detectable due to their heavy CPU utilization.

    To make it harder to spot a cryptominer process that is utilizing all of the CPU, a new variant has been discovered for Linux that attempts to hide its presence by utilizing a rootkit.

    According to a new report by TrendMicro, this new cryptominer+rootkit combo will still cause performance issues due to the high CPU utilization, but administrators will not be able to detect what process is causing it.

    "We recently encountered a cryptocurrency-mining malware (detected by Trend Micro as Coinminer.Linux.KORKERDS.AB) affecting Linux systems," stated a report by TrendMicro. "It is notable for being bundled with a rootkit component (Rootkit.Linux.KORKERDS.AA) that hides the malicious process’ presence from monitoring tools. This makes it difficult to detect, as infected systems will only indicate performance issues. The malware is also capable of updating and upgrading itself and its configuration file."

  • Linux cryptocurrency miners are installing rootkits to hide themselves [Ed: By hiring Catalin Cimpanu CBS ZDNet basically imported the same misleading headlines and style as the sensationalist Bleeping Computer (above, where he came from). Because all CBS judges "success" by is clicks and ad impressions.]
Syndicate content

More in Tux Machines

Debian and Derivatives

  • Montreal Bug Squashing Party - Jan 19th & 20th 2019
    We are organising a BSP in Montréal in January! Unlike the one we organised for the Stretch release, this one will be over a whole weekend so hopefully folks from other provinces in Canada and from the USA can come.
  • Debian Cloud Sprint 2018
    Recently we have made progress supporting cloud usage cases; grub and kernel optimised for cloud images help with reducing boot time and required memory footprint. There is also growing interest in non-x86 images, and FAI can now build such images. Discussion of support for LTS images, which started at the sprint, has now moved to the debian-cloud mailing list). We also discussed providing many image variants, which requires a more advanced and automated workflow, especially regarding testing. Further discussion touched upon providing newer kernels and software like cloud-init from backports. As interest in using secure boot is increasing, we might cooperate with other team and use work on UEFI to provide images signed boot loader and kernel.
  • Third Point Release of Univention Corporate Server 4.3-3
    With UCS 4.3-3 the third point release for Univention Corporate Server (UCS) 4.3 is now available, which includes a number of important updates and various new features.
  • Canonical Launches MicroK8s
    Canonical, the parent company of Ubuntu, has announced MicroK8s, a snap package of Kubernetes that supports more than 42 flavors of Linux. MicroK8s further simplifies the deployment of Kubernetes with its small disk and memory footprint. Users can deploy Kubernetes in a few seconds. It can run on the desktop, the server, an edge cloud, or an IoT device. Snap is a self-contained app package solution created by Canonical that competes with Flatpak, which is backed by Red Hat and Fedora. Snap offers macOS and Windows-like packages with all dependencies bundled with it. A snap package of Kubernetes means any Linux distribution that supports Snap can benefit from MicroK8s
  • Compiz: Ubuntu Desktop's little known best friend

OSS Leftovers

  • Android Open Source Project now includes the Fuchsia SDK and a Fuchsia ‘device’
     

    In a new commit posted today to Android’s Gerrit source code management, two Fuchsia-related repos have been added to the primary “manifest” for the Android Open Source Project. For the unfamiliar, this manifest is used to inform Google’s download tool “Repo” of what should be included when you download AOSP.

  • Google Fuchsia: Why This New Operating System Solves a Huge Coding Problem
     

    The mobile layout has been code-named “Armadillo” and the other view has been dubbed “Capybara,” reported 9to5Google. Both sides of Fuchsia will work together using a tab system that will make up a majority of the user experience.

  • Lessons in Vendor Lock-in: Shaving
    The power of open standards extends beyond today into the future. When my son gets old enough to shave, I can pass down one of my all-metal, decades-old antique razors to him, and it will still work. While everyone else in a decade will have to shave with some $20-per-blade disposable razor with three aloe strips, seven blades, and some weird vibrating and rotating motor, he will be able to pick any razor from my collection and find affordable replacement blades. This is the power of open standards and the freedom to avoid vendor lock-in.
  • Help us to make document compatibility even better
    The Document Liberation Project (DLP) is a sister project to LibreOffice, and provides many software libraries for reading and writing a large range of file formats – such as files created by other productivity tools. Thanks to the DLP, LibreOffice (and other programs) can open many legacy, proprietary documents, but there’s always room for improvement! Check out this short video to learn more:
  • GNU Guix: Back from SeaGL 2018
    SeaGL 2018 has concluded. Thank you to everyone in the local Seattle community who came to participate! As previously announced, Chris Marusich gave a talk introducing GNU Guix to people of all experience levels. Some very Guixy swag was handed out, including printed copies of this handy Guix reference card. The room was packed, the audience asked great questions, and overall it was tons of fun! If you weren't able to come to SeaGL this year, that's OK! You can watch a video of the talk below.

Servers: Kubernetes, CNCF, Red Hat and More

  • ​Bitnami Kubernetes Production Runtime released
    If you want to use a safe third-party container, smart people know they should turn to Bitnami. This company packages, deploys, and maintains applications in virtually any format for any platform. Now, at KubeCon in Seattle, Bitnami announced its Kubernetes release: Bitnami Kubernetes Production Runtime (BKPR) 1.0, a production-ready open source project. So, with everyone and their cloud provider offering Kubernetes, why should you care? Well, first, BKPR provides built-in monitoring, alerting, and metrics automatically, thereby enabling developers to avoid reinventing the wheel when they rollout a Kubernetes application.
  • Why the Cloud-Native Market Is Expanding at KubeCon
    The KubeCon + CloudNativeCon North America event is a beacon for news, with vendors showcasing their wares and making multiple announcements. KubeCon + CloudNativeCon runs here from Dec. 11-13 and has brought 8,000 attendees and more than 187 vendors into the exhibit hall. Kubernetes itself is part of the Cloud Native Computing Foundation (CNCF), which is also the home now to 31 open-source cloud projects. In this eWEEK Data Points article, we look at the major areas of innovation and new services announced at the conference.
  • Add It Up: Enterprise Adoption of Kubernetes Is Growing
    A recently updated user survey from monitoring software provider Datadog confirms an increase in Kubernetes adoption. We believe this is the result of three factors: 1) more organizations using containers in production; 2) Kubernetes has emerged as the leading orchestration platform; 3) organizations are choosing to adopt Kubernetes earlier in cloud native voyage. There is also some evidence that Kubernetes adoption is more likely among organizations with more containers being deployed. This article highlights findings from several studies released in conjunction with KubeCon + CloudNativeCon North America, a Kubernetes user conference being held this week in Seattle. Cloud Foundry’s most recent survey of IT decision makers shows container production usage jumping from 22 percent in early 2016 to 38 percent in late 2018, with these deployments increasingly being described as “broad.” The Cloud Foundry report also found an increase in the number of containers being deployed — in 2016, only 37 percent of cont
  • Oracle Q&A: A Refresher on Unbreakable Enterprise Kernel
    Oracle caused quite a stir in 2010 when it announced its Unbreakable Enterprise Kernel for Oracle Linux. We’ve checked in with Sergio Leunissen, Vice President, Linux and VM Development at Oracle, for an update on the ABCs of this important introduction as well as the company’s latest take on Linux.
  • Get the Skills You Need to Monitor Systems and Services with Prometheus
    Open source software isn’t just transforming technology infrastructure around the world, it is also creating profound opportunities for people with relevant skills. From Linux to OpenStack to Kubernetes, employers have called out significant skills gaps that make it hard for them to find people fluent with cutting-edge tools and platforms. The Linux Foundation not only offers self-paced training options for widely known tools and platforms, such as Linux and Git, but also offers options specifically targeting the rapidly growing cloud computing ecosystem. The latest offering in this area is Monitoring Systems and Services with Prometheus (LFS241). Prometheus is an open source monitoring system and time series database that is especially well suited for monitoring dynamic cloud environments. It contains a powerful query language and data model in addition to integrated alerting and service discovery support. The new course is specifically designed for software engineers and systems administrators wanting to learn how to use Prometheus to gain better insights into their systems and services.
  • Red Hat Container Development Kit 3.7 now available
  • CodeReady Workspaces for OpenShift (Beta) – It works on their machines too
    “It works on my machine.” If you write code with, for, or near anybody else, you’ve said those words at least once. Months ago I set up a library or package or environment variable or something on my machine and I haven’t thought about it since. So the code works for me, but it may take a long time to figure out what’s missing on your machine.
  • OpenShift & Kubernetes: Where We’ve Been and Where We’re Going Part 2
    The growth and innovation in the Kubernetes project, since it first launched just over four years ago, has been tremendous to see. In part 1 of my blog, I talked about how Red Hat has been a key contributor to Kubernetes since the launch of the project, detailed where we invested our resources and what drove those decisions. Today, that innovation continues and we are just as excited for what comes next. In this blog, I’d like to talk about where we are going and what we’re focused on, as we continue driving innovation in Kubernetes and the broader cloud native ecosystem and building the next generation of OpenShift.
  • Red Hat OpenStack Platform and making it easier to manage bare metal
    Bare metal is making a comeback. At Red Hat we have been observing an increase of the use of bare metal in general. And we aren’t the only ones. In 2017’s OpenStack User Survey there had been a growth of bare metal in production environments from 9% to 20% of the production deployments. The 2018 survey says that adoption of Ironic is being driven by Kubernetes, with 37% of respondents who use Kubernetes on OpenStack using the bare metal provisioner. And there are many reasons for this growth. A great blog post about Kubernetes on metal with OpenShift by Joe Fernandes described this growth in the context of containers on bare metal with Kubernetes as a driver for this growth. But, it doesn’t stop there - High-Performance Compute (HPC), access to hardware devices or scientific workloads such as AI/ML or data lake management are also contributing to this increase.
  • etcd finds new home at CNCF
    CoreOS has moved to secure the independence of etcd by donating the distributed key-value store to the Cloud Native Computing Foundation. The project was started by Core OS – now part of Red Hat – in 2013 to handle coordination between container instances so that a system reboot was possible without affecting the uptime of applications running on top. Its name can be seen as an hint to the management of configuration files, which over the years have grown to be stored in /etc directory in Unix systems.
  • Kubernetes etcd data project joins CNCF
    How do you store data across a Kubernetes container cluster? With etcd. This essential part of Kubernetes has been managed by CoreOS/Red Hat. No longer. Now, the open-source etcd project has been moved from Red Hat to the Cloud Native Computing Foundation (CNCF). What is etcd? No, it's not what happens when a cat tries to type a three-letter acronyms. Etcd (pronounced et-see-dee) was created by the CoreOS team in 2013. It's an open-source, distributed, consistent key-value database for shared configuration, service discovery, and scheduler coordination. It's built on the Raft consensus algorithm for replicated logs.
  • Welcome etcd to CNCF
    Etcd has been written for distributed systems like Kubernetes as a fault-tolerant and reliable data base. Clients can easily watch certain keys and get notified when their values change which allows scaling to a large number of clients that can reconfigure themselves when a value changes.
  • etcd: Current status and future roadmap
    etcd is a distributed key value store that provides a reliable way to manage the coordination state of distributed systems. etcd was first announced in June 2013 by CoreOS (part of Red Hat as of 2018). Since its adoption in Kubernetes in 2014, etcd has become a fundamental part of the Kubernetes cluster management software design, and the etcd community has grown exponentially. etcd is now being used in production environments of multiple companies, including large cloud provider environments such as AWS, Google Cloud Platform, Azure, and other on-premises Kubernetes implementations. CNCF currently has 32 conformant Kubernetes platforms and distributions, all of which use etcd as the datastore. In this blog post, we’ll review some of the milestones achieved in latest etcd releases, and go over the future roadmap for etcd. Share your thoughts and feedback on features you consider important on the mailing list: etcd-dev@googlegroups.com.
  • Red Hat contributes etcd, the cornerstone of Kubernetes, to the Cloud Native Computing Foundation
    Today Red Hat is thrilled to announce our contribution of etcd, an open source project that is a key component of Kubernetes, and its acceptance into the Cloud Native Computing Foundation (CNCF), a vendor-neutral foundation housed under The Linux Foundation to drive the adoption of cloud native systems. The etcd project’s focus is safely storing critical data of a distributed system and it demonstrated its quality early on. It is most notably the primary datastore of Kubernetes, the de facto standard system for container orchestration. Today we're excited to transfer stewardship of etcd to the same body that cares for the growth and maintenance of Kubernetes. Given that etcd powers every Kubernetes cluster, this move brings etcd to the community that relies on it most at the CNCF.
  • Banks take next steps to digital refinement
    The financial services industry (FSI) has gotten the message: customer expectations have changed radically. They want to experience banking services through multiple digital channels, and they want those services to go well beyond the generic products that traditional banks typically offer. Customers are looking for personalization, are comfortable with service automation, and are eager to get what they need quickly and easily. As the value chain for financial institutions’ services expands along with the need to deliver new and relevant customer offerings, their dexterity is being put to the test, according to an article by The Economist Intelligence Unit (EIU). To enable the flexibility and agility they need to support a dynamic environment, they’ve begun to create a culture of continuous delivery (CD). This allows for continuous cross-channel development, may allow deployment of features in hours rather than months, and lends support for performing system upgrades with zero downtime and without disturbing the customer experience.
  • CentOS 7-1810 "Gnome" overview | The community enterprise operating system
  • How to prepare for digital transformation with Red Hat Virtualization and Veeam
    Red Hat has a history of helping organizations reduce the cost of IT, from infrastructure to applications, while also helping to lay the foundation for open source digital transformation. More recently, Red Hat has sought to help organizations reduce the cost of virtualization, aiming to make it easier to accelerate their digital transformation journey through innovative technologies such as Red Hat Ansible Automation or Red Hat OpenShift Container Platform, Red Hat’s comprehensive enterprise Kubernetes Platform.
  • Red Hat schedules stockholder meeting to vote on $34B IBM deal
  • INVESTIGATION NOTICE: Kaskela Law LLC Announces Shareholder Investigation of Red Hat, Inc.
  • Red Hat sets date for stockholders to vote on the merger with IBM
  • Arista Works With Red Hat and Tigera on Container Environments for Enterprises
    Arista Networks is working with Red Hat and Tigera to help enterprises adopt containers in both private and public clouds. The three companies are demonstrating a preview of their upcoming offering this week at KubeCon + CloudNativeCon North America 2018 in Seattle. The integrated product will include Arista’s containerized Extensible Operating System (cEOS) and CloudVision software along with Red Hat’s OpenShift Container Platform and Tigera’s Secure Enterprise Edition.
  • Knative Meshes Kubernetes with Serverless Workloads
    Google Cloud’s Knative initiative launched in July is expanding to include an updated version of Google’s first commercial Knative offering along with a batch of new distributions based on serverless computing framework. Knative is a Kubernetes-based platform for building and managing serverless workloads in which cloud infrastructure acts as a server for managing the allocation of computing and storage resources. It is being offered as an add-on to Kubernetes Engine used to orchestrate application containers.
  • Red Hat Steps Up with HPC Software Solutions at SC18
    In this video from SC18 in Dallas, Yan Fisher and Dan McGuan from Red Hat describe the company’s powerful software solutions for HPC and Ai workloads.
  • RedHat contributes etcd, a distributed key-value store project, to the Cloud Native Computing Foundation at KubeCon + CloudNativeCon

Microsoft FUD, Openwashing and Entryism