You are here

Agreguesi i feed

Exposed RDP Servers See 150K Brute-Force Attempts Per Week

Slashdot - Enj, 19/09/2019 - 1:25pd
Slashdot reader Cameyo shares a report from TechRepublic: Remote Desktop Protocol (RDP) is -- to the frustration of security professionals -- both remarkably insecure and indispensable in enterprise computing. The September 2019 Patch Tuesday round closed two remote code execution bugs in RDP, while the high-profile BlueKeep and DejaBlue vulnerabilities from earlier this year have sent IT professionals in a patching frenzy. With botnets brute-forcing over 1.5 million RDP servers worldwide, a dedicated RDP security tool is needed to protect enterprise networks against security breaches. Cameyo released on Wednesday an open-source RDP monitoring tool -- appropriately titled RDPmon -- for enterprises to identify and secure against RDP attacks in its environment. The tool provides a visualization of the total number of attempted RDP connections to servers, as well as a view of the currently running applications, the number of RDP users, and what programs those users are running, likewise providing insight to the existence of unapproved software. RDPmon operates entirely on-premise, the program data is not accessible to Cameyo. Customers of Cameyo's paid platform can also utilize the RDP Port Shield feature, also released Wednesday, which opens RDP ports for authenticated users by setting IP address whitelists in Windows Firewall when users need to connect. RDP was designed with the intent to be run inside private networks, not accessible over the internet. Despite that, enterprise use of RDP over the internet is sufficiently widespread that RDP servers are a high-profile, attractive target for hackers. The report says Cameyo found that Windows public cloud machines on default settings -- that is, with port 3389 open -- experience more than 150,000 login attempts per week.

Read more of this story at Slashdot.

Facebook Plans Launch of Its Own 'Supreme Court' For Handling Takedown Appeals

Slashdot - Enj, 19/09/2019 - 12:45pd
An anonymous reader quotes a report from Ars Technica: Facebook, which has managed to transcend geographic borders to draw in a population equal to roughly a third of all human life on Earth, has made its final charter for a "Supreme Court" of Facebook public. The company pledges to launch this initiative by November of next year. The new Oversight Board will have five key powers, according to a charter (PDF) Facebook released yesterday. It can "request that Facebook provide information" it needs in a timely manner; it can make interpretations of Facebook standards and guidelines "in light of Facebook's articulated values"; and it can instruct the company to allow or remove content, to uphold or reverse a decision leading to content being permitted or removed, and to issue "prompt, written explanations of the board's decisions." "If someone disagrees with a decision we've made, they can appeal to us first, and soon they will be able to further appeal this to the independent board," company CEO Mark Zuckerberg wrote in a letter (PDF). "As an independent organization, we hope it gives people confidence that their views will be heard and that Facebook doesn't have the ultimate power over their expression." The board will launch with at least 11 members and should eventually get up to 40. The entity will contract its services to Facebook. Participants will serve a maximum of three three-year terms each and will be paid for their time. Their decisions will "be made publicly available and archived in a database of case decisions," with details subject to certain data or privacy restrictions. Facebook can also contact the board for an "automatic and expedited review" in exceptional circumstances, "when content could result in urgent real world consequences," such as, for example, if a mass-murderer is livestreaming his crimes. The panel's decisions will be binding, Facebook added, and the company will implement its findings promptly, "unless implementation of a resolution could violate the law."

Read more of this story at Slashdot.

Programmers Complain that Huawei's Ark Compiler is 'Not Even Half-Finished'

Slashdot - Enj, 19/09/2019 - 12:05pd
A scam. A publicity stunt. Premature. These are just a few of the things Chinese developers are saying about the release of Huawei's supposed secret weapon: The Ark Compiler. From a report: Developers are even claiming the program feels incomplete. The reception has been so bad that one programmer told Abacus that he wondered whether it was released just for publicity. "Maybe they're doing it to help in the PR and trade war, adding leverage against the US," said Max Zhou, co-founder of app-enhancement company MetaApp and former head of engineering at Mobike. The Ark Compiler is a key component of Huawei's new operating system, HarmonyOS. The tool is meant to allow developers to quickly port their Android apps to the new OS, ideally helping to quickly bridge the gap of app availability. It is also said to be able to improve the efficiency of Android apps, making them as smooth as apps on iOS. As of right now, though, developers say promises are too good to be true.

Read more of this story at Slashdot.

India Bans E-cigarettes as Global Vaping Backlash Grows

Slashdot - Mër, 18/09/2019 - 11:25md
India has announced a ban on electronic cigarettes, as a backlash gathers pace worldwide about a technology promoted as less harmful than smoking tobacco. From a report: The announcement by India on Wednesday came a day after New York became the second US state to ban flavored e-cigarettes following a string of vaping-linked deaths. "The decision was made keeping in mind the impact that e-cigarettes have on the youth of today," India's finance minister, Nirmala Sitharaman, told reporters in the capital, New Delhi. E-cigarettes heat up a liquid -- tasting of anything from bourbon to bubble gum or just tobacco, and which usually contains nicotine -- into vapor, which is inhaled. The vapor does not contain the estimated 7,000 chemicals present in tobacco smoke but does contain a number of substances that could potentially be harmful. They have been pushed by producers, and also by some governments, including in Europe, as a safer alternative to cigarette smoking -- and as a way to kick the habit.

Read more of this story at Slashdot.

The FBI Tried To Plant a Backdoor in an Encrypted Phone Network

Slashdot - Mër, 18/09/2019 - 10:45md
The FBI tried to force the owner of an encrypted phone company to put a backdoor in his devices, Motherboard has learned. From the report: The company involved is Phantom Secure, a firm that sold privacy-focused BlackBerry phones and which ended up catering heavily to the criminal market, including members of the Sinaloa drug cartel, formerly run by JoaquÃn "El Chapo" Guzman. The news signals some of the tactics law enforcement may use as criminals continue to leverage encrypted communications for their own ends. It also comes as Canadian media reported that a former top official in the Royal Canadian Mounted Police (RCMP), who has been charged with leaking state secrets, offered to sell information to Vincent Ramos, Phantom's CEO. "He was given the opportunity to do significantly less time if he identified users or built in/gave backdoor access," one source who knows Ramos personally and has spoken with him about the issue after his arrest told Motherboard. A backdoor is a general term for some form of technical measure that grants another party, in this case the FBI, surreptitious access to a computer system. What exactly the FBI was technically after is unclear, but the desire for a backdoor was likely to monitor Phantom's clients.

Read more of this story at Slashdot.

California Governor Signs Labor Law, Setting Up Bitter Gig Economy Fight

Slashdot - Mër, 18/09/2019 - 10:05md
California Governor Gavin Newsom signed a sweeping new law that could force gig companies like Uber and Lyft to reclassify their workers as employees. From a report: The hotly contested legislation, Assembly Bill 5, dictates that workers can generally only be considered contractors if they are doing work that is outside the usual course of a company's business. The law codifies a 2018 state supreme court ruling, and applies it to a wide range of state laws. It could upend the business models of companies that depend on armies of independent contractors, who aren't guaranteed employment protections like minimum wage and overtime. The bill is slated to go into effect on Jan. 1. While the legislature has adjourned until next year, fierce lobbying and deal-making efforts are expected to continue in the meantime, and could potentially yield separate legislation in 2020. In a statement, Newsom called the bill "landmark legislation," and said that, "A next step is creating pathways for more workers to form a union, collectively bargain to earn more, and have a stronger voice at work -- all while preserving flexibility and innovation." Lorena Gonzalez, the state assemblywoman who authored the bill, said in a statement that, "California is now setting the global standard for worker protections for other states and countries to follow." Further reading: Drivers? Never Heard of Them, Says Uber.

Read more of this story at Slashdot.

A Lunar Space Elevator Is Actually Feasible and Inexpensive, Scientists Find

Slashdot - Mër, 18/09/2019 - 9:25md
An anonymous reader shares a report: In a paper [PDF] published on the online research archive arXiv, Columbia astronomy students Zephyr Penoyre and Emily Sandford proposed the idea of a "lunar space elevator," which is exactly what it sounds like -- a very long elevator connecting the moon and our planet. The concept of a moon elevator isn't new. In the 1970s, similar ideas were floated in science fiction (Arthur C. Clarke's The Fountains of Paradise, for example) and by academics like Jerome Pearson and Yuri Artsutanov. But the Columbia study differs from previous proposal in an important way: instead of building the elevator from the Earth's surface (which is impossible with today's technology), it would be anchored on the moon and stretch some 200,000 miles toward Earth until hitting the geostationary orbit height (about 22,236 miles above sea level), at which objects move around Earth in lockstep with the planet's own rotation. Dangling the space elevator at this height would eliminate the need to place a large counterweight near Earth's orbit to balance out the planet's massive gravitational pull if the elevator were to be built from ground up. This method would also prevent any relative motion between Earth's surface and space below the geostationary orbit area from bending or twisting the elevator. These won't be problems for the moon because the lunar gravitational pull is significantly smaller and the moon's orbit is tidally locked, meaning that the moon keeps the same face turned toward Earth during its orbit, therefore no relative motion of the anchor point.

Read more of this story at Slashdot.

Amazon Will Soon Let You Make Campaign Contributions Through Your Alexa Device

Slashdot - Mër, 18/09/2019 - 8:45md
On Thursday, you'll be able to make campaign donations to 2020 presidential candidates through your Amazon Alexa devices -- or at least to those candidates whom Amazon deems eligible to set up an account. From a report: If a campaign chooses to sign up for Alexa donations, you'll be able to donate to it by merely saying, "Alexa, I want to make a political contribution," or "Alexa, donate [amount] to [candidate name]." All donations will be processed through Amazon Pay, and users will receive email receipts for their contributions as well. Strangely, the feature is only available to 2020 presidential candidates Amazon defines as "principal campaign committees." It's not apparent who Amazon considers "principal" and for what reasons. The contribution will be limited between $5 to $200.

Read more of this story at Slashdot.

Have Flagship Smartphone Prices Peaked?

Slashdot - Mër, 18/09/2019 - 8:05md
Analyst Ben Wood, writing for research firm CCS Insight: Smartphone makers have been testing the economic rule of supply and demand for the past decade, seemingly defying conventional wisdom in consumer electronics products by raising prices. Greater utility and the constant of use smartphones combined to grow the value of devices to customers. But it seems that top phone-makers are learning that no tree grows to heaven, as prices beyond the psychological threshold of $1,000 have created sticker shock among some consumers. Apple's announcement of the iPhone 11 at its annual product event last week largely centered on incremental improvements such as better camera and battery life, but the company's decision to lower the price of its base flagship smartphone caught our eye. The iPhone 11 will cost $699 in the US. A year ago, Apple introduced the iPhone XR at $749. It's a subtle, but interesting move that sees Apple shifting its "mid-range" iPhone back to a price of $699, where it previously resided with the iPhone 8. Apple's decision to lower pricing can be seen as an acknowledgement that it has tested the upper limits of consumer acceptance. At a time when the company wants to expand its number of customers as it builds out its ecosystem of content and services, it's sensible that it slightly brought down the barriers for consumers to get their hands on the new device.

Read more of this story at Slashdot.

IBM's New 53-qubit Quantum Computer is Its Biggest Yet

Slashdot - Mër, 18/09/2019 - 7:25md
IBM's 14th quantum computer is its most powerful so far, a model with 53 of the qubits that form the fundamental data-processing element at the heart of the system. From a report: The system, available online to quantum computing customers in October, is a big step up from the last IBM Q machine with 20 qubits and should help advance the marriage of classical computers with the crazy realm of quantum physics. Quantum computing remains a highly experimental field, limited by the difficult physics of the ultra-small and by the need to keep the machines refrigerated to within a hair's breadth of absolute zero to keep outside disturbances from ruining any calculations. But if engineers and scientists can continue the progress, quantum computers could help solve computing problems that are, in practice, impossible on today's classical computers. That includes things like simulating the complexities of real-world molecules used in medical drugs and materials science, optimizing financial investment performance, and delivering packages with a minimum of time and fuel.

Read more of this story at Slashdot.

How Long Before These Salmon Are Gone? 'Maybe 20 Years'

Slashdot - Mër, 18/09/2019 - 6:47md
An anonymous reader shares a report: The Middle Fork of the Salmon River, one of the wildest rivers in the contiguous United States, is prime fish habitat. Cold, clear waters from melting snow tumble out of the Salmon River Mountains and into the boulder-strewn river, which is federally protected. The last of the spawning spring-summer Chinook salmon arrived here in June after a herculean 800-mile upstream swim. Now the big fish -- which can weigh up to 30 pounds -- are finishing their courtship rituals. Next year there will be a new generation of Chinook. In spite of this pristine 112-mile-long mountain refuge, the fish that have returned here to reproduce and then die for countless generations are in deep trouble. Some 45,000 to 50,000 spring-summer Chinook spawned here in the 1950s. These days, the average is about 1,500 fish, and declining. And not just here: Native fish are in free-fall throughout the Columbia River basin, a situation so dire that many groups are urging the removal of four large dams to keep the fish from being lost. "The Columbia River was once the most productive wild Chinook habitat in the world," said Russ Thurow, a fisheries research scientist with the Forest Service's Rocky Mountain Research Station. Standing alongside the Salmon River in Idaho, Mr. Thurow considered the prospect that the fish he had spent most of his life studying could disappear. "It's hard to say, but now these fish have maybe four generations left before they are gone," he said. "Maybe 20 years."

Read more of this story at Slashdot.

Smart TVs, Smart-Home Devices Found To Be Leaking Sensitive User Data, Researchers Find

Slashdot - Mër, 18/09/2019 - 6:04md
Smart-home devices, such as televisions and streaming boxes, are collecting reams of data -- including sensitive information such as device locations -- that is then being sent to third parties like advertisers and major tech companies, researchers said Tuesday. From a report: As the findings show, even as privacy concerns have become a part of the discussion around consumer technology, new devices are adding to the hidden and often convoluted industry around data collection and monetization. A team of researchers from Northeastern University and the Imperial College of London found that a variety of internet-connected devices collected and distributed data to outside companies, including smart TV and TV streaming devices from Roku and Amazon -- even if a consumer did not interact with those companies. "Nearly all TV devices in our testbeds contacts Netflix even though we never configured any TV with a Netflix account," the Northeastern and Imperial College researchers wrote. The researchers tested a total of 81 devices in the U.S. and U.K. in an effort to gain a broad idea of how much data is collected by smart-home devices, and where that data goes.

Read more of this story at Slashdot.

Ubucon Europe 2019: Ubucon talks schedule is live!

Planet Ubuntu - Mër, 18/09/2019 - 5:48md

It is now 3 weeks before Ubucon starts, and what better way to remind everyone that we are ready to go by showing our full schedule!

Don’t forget to register to our pre-ubucon cultural events if you want to know a little bit more of Sintra, and don’t forget as well to register for the event if you would like to receive some swag!

All of this would not be possible without the support of our sponsors and the participation of volunteers and speakers for which we are very grateful.

You can view the full schedule here!

Some small schedule changes might occur during the next few days as we are trying to add a few more speakers to our line-up.

More news will come up during the next few days as we align the events and more surprises, stay tuned!

Crypto-mining Malware Saw New Life Over the Summer as Monero Value Tripled

Slashdot - Mër, 18/09/2019 - 5:24md
Malware that mines cryptocurrency made a comeback over the summer, with an increased number of campaigns being discovered and documented by cyber-security firms. From a report: The primary reason for this sudden resurgence is the general revival of the cryptocurrency market, which saw trading prices recover after a spectacular crash in late 2018. Monero, the cryptocurrency of choice of most crypto-mining malware operations, was one of the many cryptocurrencies that were impacted by this market slump. The currency also referred to as XMR, has gone down from an exchange rate that orbited around $300 - $400 in late 2017 to a meager $40 - $50 at the end of 2018. But as the Monero trading price recovered throughout 2018, tripling its value from $38 at the start of the year, to nearly $115 over the summer, so have malware campaigns. These are criminal operations during which hackers infect systems with malware that's specifically designed to secretly mine Monero behind the computer owner's back. Starting with the end of May, the number of reports detailing crypto-mining campaigns published by cyber-security firms has exploded, with a new report published each week, and sometimes new campaigns being uncovered on a daily basis.

Read more of this story at Slashdot.

Ubuntu Blog: Announcing the new IBM LinuxONE III with Ubuntu

Planet Ubuntu - Mër, 18/09/2019 - 5:21md

This is a guest blog by Kara Todd, Director, Linux, IBM Z and LinuxONE

Enterprises today need the most secure, and flexible system to support their initiatives, and for that system to grow and evolve for tomorrow. The latest LinuxONE system was designed to support mission-critical initiatives and allow enterprises to be innovative as they design and scale their environment. LinuxONE III provides features for advanced data protection and privacy, enterprise resiliency and scalability, and cloud enablement and integration. 

Reliability and continuity are critical to the success of any business. With this release, they’ll benefit from up to 10:1 consolidation for key workloads, and up to 190 cores and 40TB of memory. And with 99.999%* availability and up to 7.4x better resilience, enterprises can confidently run and scale their business-critical workloads. The new LinuxONE III provides the highest levels of availability and scalability, so business-critical workloads run flawlessly, recover quickly, and grow seamlessly.

With LinuxONE III enterprises can seamlessly integrate across the stack with hybrid multi-cloud platforms and workloads. And they can now use up to four 19” racks to scale environments using a smaller footprint, providing for ease and economy of growth. This enterprise platform also supports containers with Kubernetes to allow you to build, deploy, manage and scale containerised applications with ease. 

We continue to provide client choice when it comes to Linux distributions with the LinuxONE III. This generation of hardware supports all Ubuntu LTS releases for IBM Z and LinuxONE that are currently in service, including Ubuntu 18.04 LTS. For those wanting to make use of the latest features, Ubuntu 19.04 is also available. 

By selecting the most popular Linux OS, enterprises benefit from a regular release cadence, upstream releases and a portfolio of tools to manage their multi-cloud deployments including Juju, MAAS and Charmed Kubernetes. Ubuntu Advantage for Infrastructure will provide the assurance needed for ongoing enterprise-level support.

LinuxONE III provides advanced security on-prem and in the hybrid cloud using Data Privacy Passports, Secure Boot for Linux, Fiber Channel Endpoint Security, Hyper Protect Crypto Services, and Secure Service Container. Not only does this release provide a high level of security, the features operate at greater efficiency than ever before. For example, an OpenSSL benchmark used 50% fewer cores and up to 5.6x more throughput on a LinuxONE III LPAR when compared to the x86 platform. LinuxONE also supports Blockchain, which continues to mature as new and innovative use cases, such as digital asset custody, emerge in the market. These future-proof features provide peace of mind that your business and your customers’ data is protected. 

The LinuxONE platform was already the most secure platform for data serving and with the new LinuxONE system, we add the ability to protect data as it moves across your hybrid multi-cloud through a technology we are calling Data Privacy Passports

Enterprises can forge ahead with their mission-critical initiatives and create an innovative environment knowing that your system of choice, LinuxONE III, is one step ahead with the tools and capabilities to protect your business and help you achieve your business goals.

To find out more, visit partners.ubuntu.com or the IBM website.

*ITIC (Information Technology Intelligence Consulting), March 28th, 2019 blog

Michael Meeks: 2019-09-18 Wednesday.

Planet GNOME - Mër, 18/09/2019 - 5:14md
  • More work on slides in the morning, headed back to the conference.

Ubuntu Blog: Kubernetes 1.16 available from Canonical

Planet Ubuntu - Mër, 18/09/2019 - 4:49md

Canonical announces full enterprise support for Kubernetes 1.16, with support covering Charmed Kubernetes, MicroK8s and kubeadm.

MicroK8s will be updated with Kubernetes 1.16 enabling users access to the latest upstream release with a single-line command in under 60 seconds. In addition, MicroK8s gets new add-ons with one line installs of Helm and Cilium as well as enhancements, upgrades and bug fixes. Cilium adds enhanced networking features including Kubernetes Network Policy support. With MicroK8s 1.16, users can develop and deploy enterprise grade Kubernetes on any Linux desktop, server or VM across 42 Linux distros.

Canonical’s Charmed Kubernetes 1.16 will come with exciting changes like support for Kata Containers, AWS IAM, SSL passthrough and more. Using Kata Containers, insecure or untrusted pods can be run safely in isolation without disrupting trusted pods in deployments. Identity Access Management on AWS can be used to login to your Charmed Kubernetes cluster. Users get more control over their deployments while benefitting from reduced complexity due to improved LXD support and enhanced Prometheus and OpenStack integration. 

“At Canonical, we enable enterprises by reducing the complexity of their Kubernetes deployments. We are actively involved in the Kubernetes community to ensure we listen to, and support our users’ and partners’ needs. Staying on top of security flaws, community issues and features to improve Kubernetes is critical to us. We keep the Ubuntu ecosystem updated with the latest Kubernetes, as soon as it becomes available upstream,” commented Ammar Naqvi, Product Manager at Canonical.

What’s new: Charmed Kubernetes 1.16

Kata Containers support

Beginning with Charmed Kubernetes 1.16, the Kata Containers runtime can be used with containerd to safely run insecure or untrusted pods. When enabled, Kata provides hypervisor isolation for pods that request it, while trusted pods can continue to run on a shared kernel via runc.

AWS IAM support

Amazon AWS IAM authentication and authorization is now supported via a subordinate charm.

SSL passthrough support

A new configuration parameter was added to the kubernetes-worker charm to enable SSL passthrough. This allows TLS termination to happen on the workload. Refer to the upstream documentation for more information.

Improved LXD support

LXD containers used for hosting Kubernetes components require some specific profile settings. These profiles are now embedded in the charms themselves and applied when deployed, dramatically simplifying the process of installing Charmed Kubernetes on a single machine. See the Local install documentation for the updated instructions.

Improved Prometheus/Grafana integration

The setup and configuration of Prometheus and Grafana has been significantly streamlined with new relations to allow the charms to manage the scraper job and dashboards. This means that monitoring can now be added by specifying a single overlay when deploying Charmed Kubernetes. Refer to the updated documentation for more information.

Improved OpenStack integration

The OpenStack Integrator charm can now replace the Kube API Load Balancer by providing a native OpenStack load balancer (Octavia or Neutron) to provide HA load balancing for the Kubernetes control plane. Refer to the updated documentation for more information.

Docker Registry with Containerd

The Docker registry charm can now be related directly to the Containerd runtime charm. Refer to the documentation for instructions on how to deploy the charm.

Bug fixes and improvements

List of all fixes can be found here.


MicroK8s 1.16

Istio v1.2.2 and kiali

The Istio add-on packaged with MicroK8s is now upgraded to version 1.2.2 and now includes Kiali for observability and configuration of the service mesh within MicroK8s.

Cilium add-on

Cilium allows powerful pod-to-pod connectivity management and service load balancing between pods. You will be able to reach specific pods in your K8s cluster as well as define network security policies for connectivity

Helm add-on

The Helm package manager within MicroK8s allows you to manage, update, share and rollback Kubernetes applications.

Improvements in the inspection script

The MicroK8s inspection script now includes information on memory, disk, distribution, uptime, vm information. It checks for SELinux and docker installation and prints warnings. The script also stores kubernetes info about pv and pvc.

Knative upgraded to v0.7.1

RBAC rules for CoreDNS and storage add-ons

Enabling of aggregation layer and fix on metrics server RBAC rules


Other Notable Changes for 1.16

Support for IPv4/IPv6 dual-stack

IPv4/IPv6 dual-stack support and awareness for Kubernetes pods, nodes, and services. This adds IPv4/IPv6 dual stack functionality to Kubernetes clusters, which includes the following concepts: (1) Awareness of multiple IPv4/IPv6 address assignments per pod; and (2) Native IPv4-to-IPv4 in parallel with IPv6-to-IPv6 communications to, from, and within a cluster.

Improved Pod Overhead Accounting

Pod sandbox runtimes introduce a non-negligible overhead at the pod level which should be accounted for to improve scheduling, resource quota management, and constraining.

Node Topology Manager

This new component helps allocate resources for a pod based on requested resources. For instance, consider scenarios where aligning the available physical resources on a computer can improve performance dramatically. Fast virtualised network functions, where a user asks for a “fast network” and automatically gets all the various pieces coordinated (hugepages, cpusets, network device) co-located on a socket. Another example is accelerated neural network training, where a user asks for an accelerator device and some number of exclusive CPUs in order to get the best training performance, due to socket-alignment of the assigned CPUs and devices.

New Endpoint API

The goal of this new API is to support tens of thousands of backend endpoints in a single service on a cluster with thousands of nodes. In the current Endpoints API, any change to the number of pods results in a series of events that, at scale, puts undue strain on multiple parts of the system.

Pod Spreading across Failure Domains

This feature enables the Kubernetes scheduler to spread a group of pods across failure domains. The existing hard inter-pod anti-affinity does not allow more than one pod to exist in a failure domain. The new feature supports more than one pod in a failure domain.

Multiple Features for Windows

Kubeadm for Windows, Support CSI plugins in Windows, and RunAsUserName for Windows.

Kubernetes Metrics Overhaul

In order to have consistently named and high quality metrics, this effort aims to make working with metrics exposed by Kubernetes consistent with the rest of the ecosystem. Provide consistently named and high quality metrics in line with the rest of the Prometheus ecosystem. Consistent labeling in order to allow straightforward joins of metrics.

Kubernetes 1.16 Changes, by the numbers:

Security enhancements: Over 9 pull requests, closing 4 CVE’s and improving the Kubernetes security poster across escalating privileges, TLS between services, Cgroup and user improvements, and more.

Monitoring enhancements: Over 11 pull requests, with upgrades to monitoring components and including the addition of the Overhead field to the PodSpec and RuntimeClass types as part of the Pod Overhead accounting mentioned above.

Public cloud enhancements: Over 17 pull requests, primarily focusing on better networking and storage integration, with a majority of the PRs targeting Azure.

Kubeadm enhancements: Over 24 pull requests, ranging from bug fixes to new features, including support for IPv6 dual stack mode.

Scheduler enhancements: Over 25 scheduling related pull requests, including PRs for the new Pod Overhead features. Enhancements to pod priority and failure zone scheduling are also included

Robustness enhancements: Over 11 pull requests that increase general robustness, with several targeting resource leak scenarios.

Storage enhancements: Over 23 storage related pull requests, the majority are bug fixes, with some upgrades and enhancements.

Networking enhancements: A handful of changes, with the biggest changes for IPv4, IPv6 dual stack support.

API Server enhancements:  9 pull requests, with several targeting improvements in webhook constructs and startup and shutdown experience.

For more information, please see the upstream Kubernetes 1.16 release notes.

Get In Touch

If you’re interested in Kubernetes support, consulting, or training, please get in touch!

AI Learned To Use Tools After Nearly 500 Million Games of Hide and Seek

Slashdot - Mër, 18/09/2019 - 4:43md
In the early days of life on Earth, biological organisms were exceedingly simple. They were microscopic unicellular creatures with little to no ability to coordinate. Yet billions of years of evolution through competition and natural selection led to the complex life forms we have today -- as well as complex human intelligence. Researchers at OpenAI, the San-Francisco-based for-profit AI research lab, are now testing a hypothesis: if you could mimic that kind of competition in a virtual world, would it also give rise to much more sophisticated artificial intelligence? From a report: The experiment builds on two existing ideas in the field: multi-agent learning, the idea of placing multiple algorithms in competition or coordination to provoke emergent behaviors, and reinforcement learning, the specific machine-learning technique that learns to achieve a goal through trial and error. In a new paper released today, OpenAI has now revealed its initial results. Through playing a simple game of hide and seek hundreds of millions of times, two opposing teams of AI agents developed complex hiding and seeking strategies that involved tool use and collaboration. The research also offers insight into OpenAI's dominant research strategy: to dramatically scale existing AI techniques to see what properties emerge.

Read more of this story at Slashdot.

Michael Catanzaro: Epiphany Technology Preview Users: Action Required

Planet GNOME - Mër, 18/09/2019 - 4:19md

Epiphany Technology Preview has moved from https://sdk.gnome.org to https://nightly.gnome.org. The old Epiphany Technology Preview is now end-of-life. Action is required to update. If you installed Epiphany Technology Preview prior to a couple minutes ago, uninstall it using GNOME Software and then reinstall using this new flatpakref.

Apologies for this disruption.

The main benefit to end users is that you’ll no longer need separate remotes for nightly runtimes and nightly applications, because everything is now hosted in one repo. See Abderrahim’s announcement for full details on why this transition is occurring.

Facebook Contractors Have Been Listening To 'Hey Portal' Clips

Slashdot - Mër, 18/09/2019 - 4:02md
Facebook, which last month said it stopped using humans to review and transcribe users' voice messages, will resume that practice for some audio collected from its Portal video-calling device. From a report: Facebook "paused human review of audio" around August. Bloomberg reported at the time the company hired contractors to transcribe private voice messages sent via its Messenger app. In that case, users had not been alerted to the possibility that their communications might be subject to human review. It was also unclear at the time that some of the clips Facebook had been collecting were coming from Portal. Facebook confirmed Wednesday that it was indeed collecting audio from Portal users who make a request from the device using the command "Hey Portal." By default, those commands were recorded and stored on Facebook servers, and some of them were transcribed by contractors working with the company to improve the software algorithms used to understand the commands, according to Andrew Bosworth, Facebook's head of hardware. That practice was paused last month at the same time Messenger stopped using humans to transcribe messages.

Read more of this story at Slashdot.

Faqet

Subscribe to AlbLinux agreguesi