Language Selection

English French German Italian Portuguese Spanish

Red Hat

Red Hat Family: Fedora, CloudLinux, CentOS and More

Filed under
Red Hat
  • Fedora Community Blog: GSOC 2019 – release-bot project

    On May 6, the selected students for Google summer of code 2019 were officially announced. We, as mentors of the release-bot project, would like to thank all applicants and provide insight into our decision process.

    Google summer of code is popular for the past several years which means that competition is really high. For our project, release-bot, this was definitely the case. We had several very promising candidates providing early contributions.

  • CloudLinux OS Feature Survey - CLOSING SOON

    We're closing this CloudLinux OS feature survey at the end of this month. We'll publish the results after the survey has closed.

    Thanks to everyone who participated. If you didn't, there's still time to share your views on the direction of CloudLinux OS. It only takes a few minutes.

  • May 30 virtual event explores digital leadership in financial services

    Today’s financial services businesses are faced with the need to drive new and better digital products, services, and efficiencies to improve customer loyalty and competitive advantage. Payments, authorizations, and risk and fraud assessments are embedded as part of everyday events rather than an event unto itself, with the need for speed—now often in fractions of a second—blurring the lines between front office and back office operational processing. Financial services companies need to balance the costs of renewing systems with the costs of adopting new, innovative technologies, while seeking advantages from automation, real time assessments, embedded intelligence, and more.

  • CentOS 8 Release Map And It’s Details

    We already know that Red Hat Enterprise Linux 8 was released on 2019-05-07, and everyone is waiting for CentOS 8 release.

    Most of us doesn’t have active subscription to download Red Hat Enterprise Linux 8 from the Red Hat Customer Portal.

    We have to wait till CentOS 8 release to test this out.

  • OpenShift 4: Red Hat's on ramp for the hybrid cloud

    In this next generation of Red Hat's Kubernetes platform, Red Hat explicitly stated OpenShift 4 is designed to deliver a cloud-like experience across the hybrid cloud by driving automated updates across Kubernetes deployments everywhere. Or, as Red Hat CEO Jim Whitehurst summed it up: "Make open hybrid cloud the default architecture."

    In more detail, Ashesh Badani, Red Hat senior vice president of Cloud Platforms, said: "Enterprise IT's future is driven by hybrid and multicloud computing, with Kubernetes acting as a bridge to seamlessly connect workloads between on-premise datacenters and public cloud footprints. Red Hat OpenShift 4 makes this vision of Kubernetes a reality, offering a consistent, self-managing enterprise Kubernetes platform that spans the hybrid cloud."

  • Sudo + syslog-ng: two software at two conferences

    Recently I visited two conferences: LOADays and Red Hat Summit. They both focus on open source software, but similarities end there. LOADays in Antwerp is small, free and focuses on Linux administrators. The Red Hat Summit in Boston is huge, expensive and covers a wide variety of topics, including administration among many others. No matter of the differences, both are among my favorite events.

    Why sudo? Last year Balabit, the company where I work, was acquired by One Identity. Todd Miller, developer of sudo became my colleague. I was happy to see another open source software around. I read sudo and learned that it has many more features than I knew about, even if I have been using it for decades. So, next to syslog-ng I started to evangelize sudo as well, demonstrating how much more it can be than a simple prefix to administrative commands.

  • Software Defined Storage: The Next Killer App for Cloud

    It’s never going to be possible to completely disconnect software from hardware. Indeed, hardware development is having a bit of a rebirth as young developers rediscover things like the 6502, homebrew computing, and 8-bit assembly languages. If this keeps going, in 20 years developers will reminisce fondly and build hobby projects in early IoT platforms, using 2007-era cloud APIs with old refrigerator-sized storage arrays.

    In my experience, storage hardware has remained something of a legacy boat anchor in many enterprises: you don’t mess around when it comes to storing your company’s long term data or selecting storage providers for your lights-on, business critical applications. Governments demand it be retained, and data scientists are increasingly building new algorithms based on giant old datasets. For a time after the cloud revolution began in the late 2000’s it seemed that storage hardware wouldn’t be moving to x86 cloud-based virtual machines–much less Linux containers–anytime soon.

SUSE and Fedora Leftovers

Filed under
Red Hat
  • Introducing SUSE Enterprise Storage 6

    SUSE Enterprise Storage 6 enables IT organizations to seamlessly adapt to changing business demands while reducing IT operational expense by transforming their enterprise storage infrastructure with our intelligent software-defined storage solution.

    Based on the Ceph Nautilus release and built on SUSE Linux Enterprise Server 15 SP1, SUSE Enterprise Storage 6 enables IT organizations to seamlessly adapt to changing business demands while reducing IT operational expense with new features focused on containerized and cloud workload support, improved integration with public cloud, and enhanced data protection capabilities

  • Introducing Fedora Summer Coding Class of Summer 2019

    Starting today, interns from the Fedora Summer Coding (F.S.C.) class of Summer 2019 start working on their projects. Three interns selected for Outreachy begin today, and another five interns selected for Google Summer of Code begin on Monday, May 27. The Fedora CommOps and Diversity and Inclusion teams worked together to interview all eight interns. This week on the Fedora Community Blog, we’ll introduce two interns each day of this week!

  • Getting set up with Fedora Project services

    In addition to providing an operating system, the Fedora Project provides numerous services for users and developers. Services such as Ask Fedora, the Fedora Project Wiki and the Fedora Project Mailing Lists provide users with valuable resources for learning how to best take advantage of Fedora. For developers of Fedora, there are many other services such as dist-git, Pagure, Bodhi, COPR and Bugzilla that are involved with the packaging and release process.

    These services are available for use with a free account from the Fedora Accounts System (FAS). This account is the passport to all things Fedora! This article covers how to get set up with an account and configure Fedora Workstation for browser single sign-on.

Developers Start Debating Whether To Block Password-Based Root SSH Logins For Fedora 31

Filed under
Red Hat

While upstream SSH has disabled password logins for the root user as their default configuration the past number of years and that has carried over into being the out-of-the-box behavior for many operating systems, Fedora continues allowing password-based SSH root log-ins by default. But with the next Fedora release they are thinking about changing that default behavior.

This would allow Fedora to have better security out-of-the-box particularly on servers where OpenSSH tends to be running. The configuration can still be toggled with the "PermitRootLogin" directive of the SSHD configuration.

Read more

Also: FPgM [Fedora Program Management ] report: 2019-20

Where IBM and Red Hat go from here

Filed under
Red Hat

I've been following Linux, IBM, and Red Hat since Linus Torvalds was a graduate student. So, after IBM began its Red Hat acquisition for $34 billion, I've been watching it like a hawk. I spoke to dozens of IBM and Red Hat staffers and acquisition at the recent Red Hat Summit. Here is what I think will happen when the deal is done.

I believe Red Hat will remain, for all practical purposes, an independent company within IBM. As IBM CEO Ginni Rometty said in said in a conversation with Red Hat CEO Jim Whitehurst, "I don't have a death wish for $34 billion." Rometty continued, "I'm not buying them to destroy them. It's a win win for our clients. It's a way to drive more innovation."

In short, "Jim and I have both agreed -- Red Hat should stay an independent unit."

IBM and Red Hat has been saying that all along. I believe them.

Let's get real. This is a make or break decision for IBM. This is the single biggest technology deal in history. While IBM has stopped its decline in revenues, it's still losing market share to its rivals such as Google, Microsoft and Amazon Web Services (AWS).

Read more

Red Hat Satellite 6.5 is now available

Filed under
Red Hat

Red Hat Satellite is a systems management solution that makes Red Hat infrastructure simple to deploy, scale, and manage across physical, virtual, and cloud environments. Satellite enables users to control the full lifecycle of Red Hat systems and ensure that they are running efficiently, more securely, and compliant with various standards.

By automating most tasks related to maintaining systems, Satellite helps organizations increase efficiency, reduce operational costs, and enables IT to better respond to strategic business needs.

If you are new to Satellite please check out the Satellite product page or the free RH053 Satellite Technical Overview course.

Read more

Red Hat Leftovers

Filed under
Red Hat
  • Use the Kubernetes Python client from your running Red Hat OpenShift pods

    Red Hat OpenShift is part of the Cloud Native Computing Foundation (CNCF) Certified Program, ensuring portability and interoperability for your container workloads. This also allows you to use Kubernetes tools to interact with an OpenShift cluster, like kubectl, and you can rest assured that all the APIs you know and love are right there at your fingertips.

    The Kubernetes Python client is another great tool for interacting with an OpenShift cluster, allowing you to perform actions on Kubernetes resources with Python code. It also has applications within a cluster. We can configure a Python application running on OpenShift to consume the OpenShift API, and list and create resources. We could then create containerized batch jobs from the running application, or a custom service monitor, for example. It sounds a bit like “OpenShift inception,” using the OpenShift API from services created using the OpenShift API.

    In this article, we’ll create a Flask application running on OpenShift. This application will use the Kubernetes Python client to interact with the OpenShift API, list other pods in the project, and display them back to the user.

  • Bringing IoT to Red Hat AMQ Online

    Red Hat AMQ Online 1.1 was recently announced, and I am excited about it because it contains a tech preview of our Internet of Things (IoT) support. AMQ Online is the “messaging as service solution” from Red Hat AMQ. Leveraging the work we did on Eclipse Hono allows us to integrate a scalable, cloud-native IoT personality into this general-purpose messaging layer. And the whole reason why you need an IoT messaging layer is so you can focus on connecting your cloud-side application with the millions of devices that you have out there.

  • Let's be real: Diversity and inclusion is a business issue

    When diversity and inclusion are solutions to problems that affect us every day, we remain sharply focused on all the ways our efforts at cultivating more diverse teams are helping us do better work and generate value for customers. Something we might call the "D+I problem" (something we definitively "solve") becomes something more like "the D+I conversation" (something we never stop having in all our complex systems).

    And when this conversation centers on a mindset that welcomes a wealth of backgrounds and experiences to the table, organizations can influence all of the components of their ecosystems to unlock their potential to be as innovative, responsive, and disruption-proof as they possibly can be.

  • RHEL8 Brings the Hybrid Cloud to DevOps

    The latest and greatest version of Red Hat Enterprise Linux ships with new features that will make routine administration tasks easier for DevOps teams, while clearing a path for hybrid cloud deployments.

Review: Fedora 30 Workstation and Fedora 30 Silverblue

Filed under
Red Hat

Fedora 30 continues the trend of each new Fedora release being a little better and more polished than the last. There are still a few rough edges (e.g., Toolbox creating an image that still has updates-testing enabled and certain Flatpak games not properly exiting), but those should be resolved soon enough. Fedora 30 Workstation is more than ready for anyone who likes being an early adopter, but more conservative upgraders should perhaps give it a few more weeks.

Fedora 30 Silverblue is almost ready for anyone interested in using Flatpaks for all of their apps and containers for development. Silverblue's GNOME desktop needs a few minor odds & ends fixed to bring into feature parity with Workstation, but most of the issues with Silverblue involve getting various Flatpak applications to communicate with each other and with the base system. So for some, Silverblue may be ready, it really depends on an individual's particular software needs, but for others it still needs work.

Read more

Server: OpenStack, Docker, Red Hat, CentOS and Fedora

Filed under
Red Hat
  • The OpenStack Foundation would like everyone to just get along and play nice, m'kay?

    OpenStack executive director Jonathan Bryce took to the stage of the open source outfit's shindig in Denver, Colorado this week with a message of collaboration, openness and... clowns.

    Around 2,000 fans of the technology had gathered in the cavernous Colorado Convention Center to either listen to the emissions from the OpenStack Foundation (OSF) or shelter from the sudden return to winter in the mile-high city.

    Bryce took the audience at the newly renamed Open Infrastructure Summit on a whimsical trip down his own personal memory lane, which ended up, unsurprisingly, with his time at Rackspace and OpenStack, but started with his dream of becoming a rodeo clown.

  • Steve Singh stepping down as Docker CEO

    TechCrunch has learned that Docker  CEO Steve Singh will be stepping down after two years at the helm, and former Hortonworks CEO Rob Bearden will be taking over. An email announcement went out this morning to Docker employees.

    People close to the company confirmed that Singh will be leaving the CEO position, staying on the job for several months to help Bearden with the transition. He will then remain with the organization in his role as chairman of the board. They indicated that Bearden has been working closely with Singh over the last several months as a candidate to join the board and as a consultant to the executive team.

    Singh clicked with him and viewed him as a possible successor, especially given his background with leadership positions at several open-source companies, including taking Hortonworks public before selling to Cloudera last year. Singh apparently saw someone who could take the company to the next level as he moved on. As one person put it, he was tired of working 75 hours a week, but he wanted to leave the company in the hands of a capable steward.

  • Radio ham wins Red Hat Women in Open Source Award

    Radio amateur Limor Fried AC2SN, founder of Adafruit Industries, was one of the winners of the 2019 Women in Open Source Awards 

    In its fifth year, the Women in Open Source Awards were created and sponsored by Red Hat to honor women who make important contributions to open source projects and communities, or those making innovative use of open source methodology. Nominations for this year’s awards were accepted for two categories: academic (those currently enrolled in a college or university) and community (those working on or volunteering with projects related to open source). A panel of judges determined finalists based on nomination criteria, and the public voted to determine the award winners who were: 

  • No Longer A Cheap Alternative, Open Source Is Now The Home Of Innovation Says Red Hat Chief

    Open source software and its associated culture of innovation and collaboration are now proving the difference in digital transformation, according to Jim Whitehurst, CEO and president of Red Hat.

    Indeed he told media and analysts at the company’s annual conference in Boston this morning that open source is where innovation happens and and that enterprises are starting to work it out, creating a boom period in the market.

  • Ansible roadmap offers open source automation with assurances

    At Red Hat Summit 2019 here this week, the company shared Ansible roadmap details, many of which underscored a prominent and running theme around the tool -- namely, that it's broadening its reach beyond the core IT ops and development domains, and into areas such as IT security, compliance and networking.

    In addition, Red Hat unveiled plans to shake up its delivery and distribution model for Ansible content, as well as provide expanded reporting and analytics capabilities in Ansible Tower, the tool's enterprise-level web-based management console.

  • Red Hat talks project vs. product in enterprise open source

    A lot of companies are ditching proprietary technology products in favor of open-source software. Others find they’re not quite ready to forgo vendor support. This is where the open-source as a service business model comes in.

    The difference between open-source projects and plug-and-play products can sometimes confuse customers, according to Paul Cormier (pictured), president of products and technologies at Red Hat Inc. For example, the open-source Kubernetes platform for orchestrating containers (a virtualized method for running distributed applications).

  • Red Hat CTO Chris Wright: we're creating an autonomic platform

    With the latest release of Red Hat Enterprise Linux and OpenShift being packed with Kubernetes-friendly features, Red Hat is looking to create what its CTO Chris Wright calls the "autonomic computing platform".

    Here at the Red Hat Summit in Boston - the first since IBM's acquisition plans for the open source company were made public - Computerworld UK sat down with Wright to talk the major new announcements, trends, open source's apparent victory, and what contributors might need to have their guard up about in light of increasing interest in open source communities.

  • Red Hat’s CTO says incremental improvements through open source will drive autonomic computing

    From his position as the chief technology officer for Red Hat Inc., Chris Wright (pictured) can see a future when self-tuning platforms will scale as the need grows. This is autonomic computing or autonomous clouds, and it’s not as far away as it might seem.

    “We’ve been working towards autonomic computing for decades,” Wright said. “Things like having this holy grail of a self-healing, self-optimizing, self-driving cluster is not as science fiction as it felt 20 years ago. We are tapping into the next generation of what’s possible.”

  • Red Hat’s David Egts: Open Source, Hybrid Cloud to Optimize Agency Access to HPC

    David Egts, chief technologist of Red Hat‘s (NYSE: RHT) North American public sector business, said open source and hybrid cloud platforms will be key to federal agencies’ adoption of high-performance computing, ExecutiveBiz reported April 25.

    Egts wrote in a GCN guest piece published April 24 that the combination of open source and hybrid cloud will work to enable even agencies with small budgets and few resources to utilize HPC technologies and explore new possibilities in using data science to update operations and address emerging business needs.

  • Red Hat's OpenShift 4 Kubernetes Platform: 5 Things To Know

    Red Hat unveils OpenShift 4, its first new major version of the Kubernetes platform since rebuilding it around the open-source container orchestration system...

  • Datacentrix ups the open source ante, attains Red Hat Advanced Solution Partner status

    High performing and secure ICT solutions provider Datacentrix has intensified its focus on open source technology, recently reaching Advanced Solution Partner status with Red Hat South Africa.

    In a partnership that has been just over a year in the making, Datacentrix's achievement speaks of its dedication to improve support of open source technology locally, says Graeme Dendy, service manager for Converged Solutions at Datacentrix.

  • CentOS8 Release Date and Features

    Red Hat released RHEL version 8.0 on May 7, 2019 so lots of folks are looking where is the equivalent build of CentOS. Well long story short, looking at the history it takes about a month to spin out a production release of CentOS after RHEL is released. Red Hat released RHEL7 on June 10 (2014) and CENTOS7 was released officially on July 7 (2014) almost a month later. So you should expect, rough and tough to see CetnOS8 released in the month June of 2019.
    Once CentOS8 is released you can download it from the official project download site.

    If you are clamoring to track the blow by blow status of the release progress, keep an eye on the project status page for the creation of CentOS 8.

  • Contribute at the Fedora Test Week for kernel 5.1

    The kernel team is working on final integration for kernel 5.1. This version was just recently released, and will arrive soon in Fedora. This version has many security fixes included. As a result, the Fedora kernel and QA teams have organized a test week from Monday, May 13, 2019 through Saturday, May 18, 2019. Refer to the wiki page for links to the test images you’ll need to participate. Read below for details.

Red Hat: Twitter, Openshift, Red Hat Innovation Award and Fedora Program Management

Filed under
Red Hat
  • This Week Twitter Taught Me: I Follow Too Many Red Hat Employees?

    Dang it! Another week has only gone and flapped past my ears while I sat here squinting awkwardly at Twitter.

    And what of the tweets that whizzed by my eyeballs this week? Well, most of ’em concerned Red Hat.

    The billion-dollar Linux giant has basically sponsored my stream for the entire week (that or I simply follow too many Red Hat employees. It’s Probably the latter).

    Red Hat started May by unveiling a (surprisingly uncontroversial) new logo, then they slipped into killer conference mode for the Red Hat Summit 2019 (stocked with the most EPIC of conference swag) and then they found a couple of spare minutes to serve up their bread and butter, namely RHEL 8.

  • Red Hat OpenShift 4, AWS, Windows, and a video

    Let’s get meta: This is a blog post about a video about a blog post. Is that kind of like calling someone to tell them you sent them an email? How can you use the Red Hat OpenShift installer (for OpenShift 4) with Windows when the installer only runs on Linux or MacOS? Keep reading to find out.

    In late April, I published a somewhat popular article about creating a Red Hat OpenShift 4 cluster on AWS using Windows as your desktop operating system, despite that fact that the OpenShift installer (openshift-install) runs on Linux or macOS, but not Windows.

    For those who learn better by visual input—”visual learning” is the phrase—I’ve created a short video. It’s about four minutes and touches on the key points. Click here to watch the video and read the previous article.

  • Emirates NBD Transforms its Digital Banking with Red Hat-Based Cloud, Winning 2019 Red Hat Innovation Award

    Red Hat, Inc. (NYSE: RHT), the world's leading provider of open source solutions, today announced that Emirates NBD, a leading banking group in the United Arab Emirates (UAE), has built a distributed private cloud platform with Red Hat’s hybrid cloud and application programming interface (API) technologies as part of its digital transformation strategy. Its platform provides a common foundation and access to cloud-native services for internal teams, improving integration, collaboration and speed of development. The Red Hat-based cloud helps enable Emirates NBD to better keep pace with its competition, to make banking more available, and to more dynamically offer modern, personalized services to customers. Emirates NBD received recognition for its innovative cloud platform as a winner in the 2019 Red Hat Innovation Awards, which recognize creative thinking, problem-solving and innovative uses of Red Hat technology.

  • FPgM report: 2019-19

    Here’s your report of what has happened in Fedora Program Management this week. Elections nominations are open through May 22.

    I have weekly office hours in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else.

Red Hat: IBM, OpenShift 4, IDC, Kubernetes and RHEL

Filed under
Red Hat
  • Everything Red Hat CEO Jim Whitehurst would say about the IBM deal

    This week during the Red Hat Summit in Boston - the first major Red Hat event since IBM announced its intention to acquire the open source vendor for $33 billion - CEO Jim Whitehurst sat down for a roundtable briefing with press from across the EMEA region.

    Naturally the main topic of interest was the IBM-Red Hat acquisition, which has just this week been approved by the US Department of Justice - however, European regulators may yet stall the deal from going ahead.

  • Red Hat Redefines Enterprise Kubernetes Through Full Stack Automation with Red Hat OpenShift 4

    Red Hat, Inc. (NYSE: RHT), the world's leading provider of open source solutions, today introduced Red Hat OpenShift 4, the next generation of its trusted enterprise Kubernetes platform, reengineered to address the complex realities of container orchestration in production systems. OpenShift 4 is designed to deliver a cloud-like experience across the hybrid cloud by driving automated updates across Kubernetes deployments everywhere. Paired with enhanced developer flexibility and backed by Kubernetes Operators, this helps to lay a more secure and consistent foundation for modern and emerging cloud-native workloads.

  • New Research Expects Red Hat Enterprise Linux to Impact $10 Trillion of Global Business Revenues, Employ 900,000 IT Professionals in 2019
  • Microsoft and Red Hat launch a new event-driven Kubernetes autoscaling tool

    It’s not a developer conference until somebody talks about Kubernetes, so it’s no surprise that Microsoft is highlighting a number of new features around the container orchestration service at its Build conference today.

    Most of these are relatively minor and involve features like better support for Azure Policy, new tools for building and debugging containers and updates to the Azure Container registry, which now allows users to automate their continuous integration and deployment workflows using Helm charts.

  • Red Hat Enterprise Linux 8 Promises One Enterprise Linux Experience

    Red Hat Enterprise Linux 8 is now available. For any workload running on any environment, Red Hat Enterprise Linux 8 is said to deliver one enterprise Linux experience to meet the technology needs of evolving enterprises.

    Redesigned for the hybrid cloud era, Red Hat Enterprise Linux 8 is built to support the workloads and operations that stretch from enterprise datacenters to multiple public clouds.

Syndicate content

More in Tux Machines

Programming/Development Leftovers

Openwashing Leftovers/New Examples

Kernel and Linux Foundation in Pockets of Proprietary Software Vendors

  • AT&T, Nokia open up the radio’s edge to third party apps [Ed: Openwashing to dominate the standards and interfaces (with patents) through the "Linux" Foundation]
    AT&T and Nokia have developed a radio edge cloud (REC) appliance that the two companies plan to release into open source via the Linux Foundation. The REC will make it possible for third parties to develop apps and get access to the radio access network (RAN). [...] Murphy said that it is not easy to predict all the use cases for REC but added that having an open source edge cloud with open interfaces to the RAN control will allow operators to have more options.
  • Accord Project to develop open source framework for smart legal contracts [Ed: They're promoting and spreading proprietary software and proprietary formats of Microsoft]
    One of the main purposes of Accord Project is, therefore, to provide a vendor-neutral “.doc” format for smart legal agreements.
  • Apple joins the open-source Cloud Native Computing Foundation
    Apple, in typical fashion, isn’t commenting on the announcement, but the CNCF notes that end-user memberships are meant for organizations that are “heavy users of open source cloud native technologies” and that are looking to give back to the community. By becoming a CNCF end-user member, companies also join the Linux Foundation .
  • Linux stable tree mirror at github [Ed: Greg Kroah-Hartman giving Microsoft more control over Linux]
    It differs from Linus’s tree at: in that it contains all of the different stable tree branches and stable releases and tags, which many devices end up building on top of. So, mirror away! Also note, this is a read-only mirror, any pull requests created on it will be gleefully ignored, just like happens on Linus’s github mirror. If people think this is needed on any other git hosting site, just let me know and I will be glad to push to other places as well.

Security Leftovers

  • Industry Watch: Of open source, data breaches and speed [Ed: And proprietary software is a lot less suitable for security and privacy purposes because there are surveillance 'features' disguised and back doors too]
    Open-source software helps developers work faster and smarter, as they don’t have to ‘re-invent the wheel’ every time create an application. They just need to be sure the license attached to that software allows them to use the component the way they want. They also need to stay on top of that application, so if the component changes, or an API changes, their application isn’t affected and they are still in compliance. Data protection is also something organizations must get serious about. While the GDPR only affects users in the European Union, it’s only a matter of time before those or similar regulations are in place in the U.S. and elsewhere. Companies should get a jump on that by doing a thorough audit of their data, to know they are prepared to be compliant with whatever comes down from the statehouses or from Washington, D.C. On the speed side, the benefits of Agile and DevOps are clear. These methodologies enable companies to bring new software products to market faster, with the result of getting a jump on the competition, working more efficiently and ultimately serving your customers. Unfortunately, these efforts are usually done by different teams of developers, database administrators and security experts. If the Equifax and Facebook breaches have taught us anything, it’s that you can’t expect developers to be security experts, and you can’t expect DB admins to understand the ramifications on the business when data is misunderstood. It will take a coordinated approach to IT to achieve business goals while not leaving the company — and its IP and PII data — exposed.
  • VLC patches critical flaws through EU open source bug bounty program
    More than 30 security issues have been fixed in VLC, the popular open source media player, with developers praising an EU-funded bug bounty program for helping produce its most secure update yet. VLC media player, created by the software non-profit VideoLAN, was found to have 33 vulnerabilities within various versions, including two that were considered critical. An out-of-bounds write was one of the severe vulnerabilities found to affect all VLC versions, and a stack buffer overflow was also discovered in VLC 4.0. Less severe vulnerabilities consisted of out-of-band reads, heap overflows, NULL-dereference, and use-after-free bugs. An updated version, VLC 3.0.7, has since been released for users to download.
  • VLC Player Gets Patched for Two High Severity Bugs
  • Asigra FreeNAS plugin brings open source data protection [Ed: Some openwashing of proprietary software]
    Asigra is trying to capture FreeNAS users with a free-to-try plugin version of its backup software. The Asigra FreeNAS plugin released this week allows customers to turn their iXsystems FreeNAS storage systems into backup targets. It encrypts and deduplicates data before it is sent to the FreeNAS system. The plugin also detects and quarantines malware and ransomware so that it doesn't get backed up.
  • TrueCommand Brings Single Pane of Glass Management to TrueNAS and FreeNAS Fleets
  • WSO2 and Ping Identity Partner to Provide Comprehensive, AI-Powered Cyber-Attack Protection for APIs
  • The Open Source Cookbook: A Baker’s Guide to Modern Application Development
    Let’s begin our cookbook by selecting our recipe. I’ve had some phenomenal baked goods, and I’ve had some not-so-phenomenal baked goods (there is rarely a bad baked good). But I’ve been surprised before, by a croissant from a diner that didn’t taste like the one from the local French bakery, or by a buttercream frosting at a supermarket that just didn’t have the same delicate touch as the one I make at home. In each case, I expected the same as I had before – by title – yet encountered a much different experience. When selecting your recipes, it’s important to understand which type of a particular food you are expecting to make, or you may be met with a different taste when you finish than you were hoping for when you began. [...] As with cooking, when incorporating open source components into applications, it’s important to understand origin and evolution of what you’re baking into your software. Carefully review your open source component versions, and evaluate the community’s activity in order to have the greatest chance possible to predict the possible technical debt you may inherit.