Home Blog

The ByteCode Alliance wants to bring binary apps into your browser

Back in 2015, a consortium including Google, Microsoft, Mozilla, and the WebKit project announced WebAssembly. This week, Mozilla, Intel, Red hat, and Fastly announced a new consortium called the Bytecode Alliance, which aims to foster WebAssembly and other “new software foundations” that will allow secure-by-default ways to run untrusted code, either inside or outside the Web browser environment.

For many, this raises an obvious question: what is WebAssembly? WebAssembly (wasm) was and is a potentially exciting project, offering a way to run native bytecode inside the browser for potentially very large increases in performance over the Javascript engines in use both then and today.

[Source: Ars Technica]

Google releases source code of new on-device machine learning solutions

Google has opened up the source code of two machine learning (ML) on-device systems, MobileNetV3 and MobileNetEdgeTPU, to the open source community. In a blog post, software and silicon engineers Andrew Howard and Suyog Gupta from Google Research said on Wednesday that both the source code and checkpoints for MobileNetV3, as well as the Pixel 4 Edge TPU-optimized counterpart MobileNetEdgeTPU, are now available.

Google says the demand for mobile intelligence has prompted research into algorithmically-efficient neural network models and hardware “capable of performing billions of math operations per second while consuming only a few milliwatts of power,” such as in the case of the Google Pixel 4’s Pixel Neural Core.

[Source: ZDNet]

WhiteSource Acquires Renovate to Automate Dependency Updates

WhiteSource has acquired Renovate, a provider of an open source automated dependency update platform that the company plans to make available for free. Rhys Arkins, co-founder of Renovate who is now director of product for WhiteSource, said that as software projects become more complicated, there’s an increased need for a mechanism to identify and track dependencies and automatically update them as changes and updates are made.

That requirement is becoming especially acute with the rise of microservices-based applications, which substantially increase the number of dependencies that exist within and between applications, added Arkins.

[Source: DevOps.com]

GitHub launches Arctic Code Vault to preserve open source software for 1,000 years

GitHub has shared plans to open the Arctic Code Vault, an effort to store and preserve open source software like Flutter and TensorFlow. Code for all open source projects will be stored here on film with frames that include 8.8 million pixels each, designed to last 1,000 years.

The code will be housed in a decommissioned coal mine in Svalbard, Norway, the same city chosen to host a global seed vault. One of the northernmost cities on Earth, in Svalbard permafrost can extend hundreds of meters below the surface. Archivists believe the cold and near-constant conditions can help in preservation.

[Source: VentureBeat]

Debian Project Releases Linux Security Updates to Patch Latest Intel CPU Flaws

The Debian Project released new Linux kernel security updates for its supported Debian GNU/Linux releases to address the latest vulnerabilities affecting Intel CPU microarchitectures. As reported earlier this week, four new security vulnerabilities have been discovered in the Linux kernel and with an impact on Intel CPUs, namely CVE-2019-11135, CVE-2018-12207, CVE-2019-0154 and CVE-2019-0155, which may lead to privilege escalation, information leak, as well as denial of service.

The Debian Project recommends all users of the Debian GNU/Linux 9 “Stretch” and Debian GNU/Linux 10 “Buster” operating systems to update their installations as soon as possible to the new Linux kernel versions, namely 4.9.189-3+deb9u2 for Debian Stretch and 4.19.67-2+deb10u2 for Debian Buster.

[Source: Softpedia]

Intel launches DevCloud for edge AI prototyping with OpenVINO

Intel today announced the launch of the Edge AI DevCloud, a way to prototype and test AI with the OpenVINO toolkit for edge devices like drones and cameras. Developers can use existing tools and frameworks to test and optimize models in OpenVINO for Intel hardware like CPUs or FPGAs for free.

OpenVINO supports a range of machine learning accelerators from CPUs, GPUs, and FPGAs to the Intel Movidius Neural Compute Stick. The toolkit was updated earlier this year to extend beyond computer vision applications and support voice and NLP models.

[Source: VentureBeat]

Big believer in government open source? Help with an open task on code.gov

Want to collaborate on government open source code projects? Don’t forget about code.gov. Technologists who want to support the various missions of the federal government need not take on a full-time role to contribute. The General Services Administration‘s lead for code.gov, Karen Trebon, gave a shoutout to the site’s “open tasks” tab during a panel at the Red Hat Government Summit on Tuesday.

Code.gov currently lists 48 open tasks at agencies as divergent as the Consumer Financial Protection Bureau, Department of Defense, GSA and more.

[Source: FedScoop]

Sonatype Delivers Premium Open Source Controls to GitHub Users

Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today announced new integrations that strengthen GitHub with premium open source governance and dependency management controls.

Nexus Lifecycle customers can now automatically enforce their policies and view expert remediation guidance directly in GitHub Actions. Sonatypes unparalleled open source data enables developers to know with extreme confidence, if a component is vulnerable without leaving their environment. Nexus now supports 42 programming languages and package formats.

[Source: DevOps.com]

Canonical Announces Ubuntu Updates to Mitigate Latest Intel Vulnerabilities

Following on the footsteps of Red Hat, Canonical also announced today that it has prepared updates for all of its supported Ubuntu Linux releases to mitigate the latest Intel CPU security vulnerabilities.

As we reported earlier, Intel announced today that several new security vulnerabilities are affecting various of its Intel CPU microarchitectures, as well as associated GPUs. These vulnerabilities are known as TSX Asynchronous Abort (CVE-2019-11135), Intel Processor Machine Check Error (CVE-2018-12207), and Intel i915 graphics hardware vulnerabilities (CVE-2019-0155, CVE-2019-0154).

[Source: Softpedia]

Redis Labs Leverages Kubernetes to Automate Database Recovery

Redis Labs today announced it has enhanced the Operator software for deploying its database on Kubernetes clusters to include an automatic cluster recovery that enables customers to manage a stateful service as if it were stateless. Announced at Redis Day, the latest version of Kubernetes Operator for Redis Enterprise makes it possible to spin up a new instance of a Redis database in minutes.

Howard Ting, chief marketing officer for Redis Labs, says as Kubernetes has continued to gain traction, it became apparent that IT organizations need tools to provision Redis Enterprise for Kubernetes clusters.

[Source: Container Journal]