Cisco has described Umbrella as "the first Secure Internet Gateway in the cloud," though the now-closed tunnel "auto-initiated from the customer's appliance to Cisco's SSH Hubs in the Umbrella datacenters." Cisco adds that it "did not require explicit customer approval before establishment." Access to the terminating server required valid keys and was provided only to privileged support personnel within the Cisco Umbrella network space. Customers could prevent this tunnel from getting established by blocking the relevant firewall ports. However, in the case of customers who allowed establishment of the tunnel, an attacker who obtained access to the internal Cisco terminating server could use the SSH tunnel as a backdoor to obtain full control of the VA device at the customer's premises...
It is our policy that any undocumented methods of entry into your network devices be considered a vulnerability due to the potential risk of an attacker leveraging this tunnel to gain access to your network. While Cisco has NO indications that our remote support SSH hubs have ever been compromised, Cisco has made significant changes to the behavior of the remote support tunnel capability to further secure the feature...
To address this vulnerability, the Umbrella Virtual Appliance version 2.1.0 now requires explicit customer approval before an SSH tunnel from the VA to the Cisco terminating server can be established... . For additional security, customer is required to provide tunnel configuration parameters out-of-band to the Cisco support personnel before tunnel establishment.
"Open source software isn't what it used to be," writes Doug Dineley, the site's executive editor. "The term used to conjure images of the lone developer, working into the night and through weekends, banging out line after line of code to scratch a personal itch or realize a personal vision... But as you wend your way through our Bossie winners, you're bound to be struck by the number of projects with heavyweight engineering resources behind them... Elsewhere in the open source landscape, valuable engineering resources come together in a different way -- through the shared interest of commercial software vendors."
More than 10% of the awards went to the Apache Software Foundation -- 7 of the 68 -- though I was surprised to see that five of the best software development tools are languages -- specifically Kotlin, Go, Rust, Clojure, and Typescript. Two more of the best open source software development tools were Microsoft products -- .Net Core and Visual Studio Code. And in the same category was OpenRemote a home automation platform, as well as Ethereum, which "smells and tastes like an open source project that is solving problems and serving developers."
Red Hat remains an anomaly -- it makes money in open source. It has new revenue streams opening up. It is well positioned to keep doing the basics, but also now have a conversation with the C-suite about transformation.
The article notes the popularity of OpenShift, Red Hat's Kubernetes distribution for managing container-based applications. (OpenShift Container Platform, Red Hat's on-premises private PaaS product, now has 400 paying enterprise customers). And it also applauds Red Hat's 2016 launch of Open Innovation Labs -- a enterprise consulting service "to jumpstart innovation and software development initiatives using open source technology and DevOps methods."
But now from the 2nd of October, Amazon will start billing Linux virtual machines by the second, with a one minute minimum.
IBM argues that Open Liberty, along with the OpenJ9 VM they open sourced last week, "provides the full Java stack from IBM with a fully open licensing model."
Interestingly, Slashdot ran a story asking "IBM WebSphere SE To Be Opened?" -- back in 2000.
$ sudo apt install linux-virtual linux-cloud-tools-virtual
$ sudo apt purge linux*azure
$ sudo reboot
The article mentions several benefits over the generic Linux kernel for Azure
if, indeed, this is the year of desktop Linux, why oh why cannot people like Zemlin present a simple slide presentation -- let alone actually use a Linux distro for work.
A security developer at Google has now "spotted Jim Zemlin using Apple's macOS twice in last four years," according to the article, which complains the Foundation's admirable efforts on cloud/container technology has them neglecting Linux on the desktop.
Ironically, in March Zemlin told a cloud conference that organizations that "don't harvest the shared innovation" of open source "will fail."
Microsoft has started hiring Linux kernel developers like Matthew Wilcox, Paul Shilovsky, and (in mid-2016) Stephen Hemminger... Microsoft now employs 12 Linux kernel contributors. As for what these engineers are doing, Linux kernel maintainer Greg Kroah-Hartman says, "Microsoft now has developers contributing to various core areas of the kernel (memory management, core data structures, networking infrastructure), the CIFS filesystem, and of course many contributions to make Linux work better on its Hyper-V systems." In sum, the Linux Foundation's Jim Zemlin declares, "It is accurate to say they are a core contributor," with the likelihood that Hemminger's and others' contributions will move Microsoft out of the kernel contribution basement into the upper echelons.
The article concludes that "Pigs, in other words, do fly. Microsoft, while maintaining its commitment to Windows, has made the necessary steps to not merely run on Linux but to help shape the future of Linux."
The idea is that anyone in the world can send heavy workloads over the cloud to a Q.rad and have it render the task and heat a person's home in the process. The two industries that are targeted by Qarnot include movies studios for 3D rendering and VFX, and banks for risk analysis. Qarnot is opting in for Ryzen Pro processors over Intel i7 processors due to the performance gain and heat output. According to Qarnot, they "saw a performance gain of 30-45% compared to the Intel i7." They also report that the Ryzen Pro is "producing the same heat as the equivalent Intel CPUs" they were using -- all while providing twice as many cores.
While it's neat to see a company convert what would otherwise be wasted heat into a useful asset that heats a person's home, it does raise some questions about the security and profitability of their business model. By using Ryzen Pro's processors, OS independent memory encryption is enabled to provide additional security layers to Qarnot's heaters. However, Q.rads are naturally still going to be physically unsecured as they can be in anyone's house.
Further reading: The Mac Observer, TechRepublic