A package manager man-in-the-middle vulnerability put Alpine Linux Docker images at risk, but a patch is available now.
Not that we needed it, but there's more evidence today that Intel has been playing fast and loose with security in order to stay ahead of the fast-chip competition. Today it was announced that there are three more Meltdown/Spectre-type Intel chip exploits. The vulnerability affects Intel's desktop, workstation, and server CPUs.
Two-and-a-half-years-ago when the Linux Foundation announced the creation of the blockchain-based Hyperledger Project, the hype was that blockchain was on its way to becoming the most disruptive technology since the internet. You might have noticed that hasn't happened yet.
It's nearly six weeks late, but Xen 4.11 has finally shipped. If you're wondering about the delay, there's a reason for that. Xen's devs have been busy rewriting the project's code, some of it from the ground up.
What's interesting is that Shippable isn't targeting developers for the Internet of Things or smartphones, ARM's typical base, but is betting that the reduced instruction set architecture is on its way to having a big impact in data centers.
Micro Focus sold the German-based Linux distribution SUSE to Sweden-based private equity group EQT for over $2.53 billion. The last time SUSE changed hands was in 2014, when Micro Focus took ownership in a $1.2 billion merger with The Attachmate Group.
This was a big week for deep-pocketed platinum members signing up. In addition to Google, the Chinese multinational investment holding conglomerate and tech giant Tencent also signed on at the platinum level. Like Google, the $500 billion company has previous ties to the foundation, most notably as a founding member of its Deep Learning Foundation that launched earlier this year.
Puppet, the open source DevOps automation and tool developer, announced this week a $42 million Series F funding round led by Cisco Investments and including EDBI, Kleiner Perkins, True Ventures, and VMware. The round brings the startup's total funding to $130 million. All but EDBI have previously invested in the company.
To old timers in the open source game, it might come as a surprise that a company like GitLab that's proud of it's open source roots would be using Azure to begin with. After all, wasn't distrust of Microsoft's ownership of GitHub the reason behind the mass exodus to GitLab earlier this month? While a "new" and more open source friendly Microsoft was undoubtedly one of the reasons why GitLab would even consider the move to Redmond's cloud -- the motivating factor was money.
Expectations are high in the days leading up to the International Supercomputing Conference 500. Many fans are sure they have a winner with Summit.
Eric S. Raymond took the time at SELF to talk with ITPro Today about the need to "clean" legacy code, along with tips on how to help others maintain your code long after you're gone.
Beginning last Friday, when rumors began to circulate that Microsoft might be preparing to purchase GitHub, competitor GitLab experienced something of a Slashdot Effect, as many Microsoft-wary open source developers started a GitHub mass exodus of sorts.
The problem with Microsoft is the history it shares with Linux and open source. While it's true that today's Microsoft "is not your father’s Microsoft," and that under CEO Satya Nadella Microsoft has developed plenty of open source cred, there are many open source advocates who still remember the days when Microsoft was decrying open source as a "cancer" and "communist" and don't trust the company's motives. They remember when open source absolutely couldn't get traction because of the Kool Aid Microsoft was selling.
If you work with containers you're going to be hearing a lot about Kata Containers soon, if you haven't already. Why? Because the developers of this open source project are busy developing a technology that promises to take much of the worry out of containers for uses where security is a top priority.
The truth is probably not as bleak as the picture the report paints. Black Duck makes its living by auditing code being used by enterprise customers, and has a reputation for being a little alarmist when it comes to the security of open source software.
Facebook today made two announcements about the software it uses to run its network. The first is that it's releasing Katran, the load balancer that keeps the social site from crashing and burning, as open source. In addition, it's offering details on the inner workings of the Zero Touch Provisioning tool it uses to help engineers automate much of the work required to build its backbone networks.
Although VMware has been releasing VIO since 2015, having two versions of the offering is relatively new, with the first release of Carrier and Data Center editions taking place last September. The Carrier version is designed to address specific requirements by telecoms deploying NFV-based network services, especially as they prepare for the 5G world.
Like ARM processors, the U540 sips power, and they already seem capable of doing the type of heavy lifting required of servers. Sherwani told us it would be years before that's possible, but this year two Linux distributions, Debian and Red Hat's Fedora, have been ported to run on the architecture.
Whether it's autonomous cars, connected factories, or shipboard data centers, Mesosphere seeks to make multi-cloud hybrid connectivity easy.
Noting that the issue seems to have died down in recent years, and mindful of Shakespeare's observation on roses, names and smells, I wondered if anyone really cares anymore what Linux is called. So, I put the issue to a number of movers and shakers in Linux and open-source circles by asking the simple question, "Is it GNU/Linux or just plain Linux?"