Containers are fundamentally enabled by Linux. As I discussed in more detail recently, all the security hardening, performance tuning, reliability engineering, and certifications that apply to a bare metal or virtualized world still apply in the containerized one. And, in fact, the operating system arguably shoulders an even greater responsibility for tasks such as resource or security isolation than when individual operating system instances provided a degree of inherent isolation.
Google has announced an open source tool for testing network traffic security called Nogotofail. The project is now available on GitHub, and Google is inviting the community to work with it and help improve the security of networks and the Internet.
Many people are familiar with the “HTTPS everywhere” tool, and a related Firefox add-on, which protect online security. Nogotofail is a roughly similar tool, but is more robust. Here are the details.
GovCMS, the Australian government's new cloud-based web content management system, has gone live on Australia.gov.au, the federal government's chief technology officer, John Sheridan, said at a media briefing in Sydney on Tuesday. The site receives more than 2 million visitors each month, and is the first site to migrate to the platform.
The Department of Finance has developed govCMS, an Australian government-specific distribution of the Drupal open-source content management platform, in conjunction with Acquia — a company founded by Drupal's creator, Dries Buytaert, to provide commercial-grade support for the platform.
Transparency groups are recommending changes to the rules of the House of Representatives that would allow the use of open source software.
Noting a push toward open source software adoption by the executive branch, the legislative branch should follow suit and allow open source code to be used and published, say recommendations (pdf) issued to the 114th Congress by the Citizens for Responsibility and Ethics in Washington, the Sunlight Foundation and the OpenGov Foundation.
THE UK MINISTRY OF DEFENCE (MoD) has revealed that it has put a piece of code into the open source community for the first time.
Franklin is a 39 year old FOSS activist based in Taipei. He has coordinated KDE's zh_TW translation team since 2006, and is the core developer of ezgo (Chinese), a compilation of educational software used by schools all over Taiwan. ezgo, which in its Linux installation uses KDE by default, blends more than 100 free software applications into one localized, easy to use package.
Similarly, moves by both Microsoft and Amazon, among others, to set up local data centres in the EU will not on their own protect European data unless that is encrypted by the companies themselves, and the cloud computing providers do *not* have access to the keys. Indeed, if the data is encrypted in this way, local storage is not so important, since the NSA will have an equally hard time decrypting it wherever it is held - as far as we know, that is.
Because of that recent US court judgment ordering Microsoft to hand over emails held in Ireland, many people are now aware of the dangers of cloud computing in the absence of encryption under the control of the customer. But very few seem to have woken up to the problems of backdoors in proprietary software that I mentioned at the start of this post. One important exception is the German government, which according to Sky News is working on an extremely significant law in this area