Rookie’s Guide to Ethereum and Blockchain

February 20, 2018

What is Blockchain?

“The blockchain is an incorruptible digital ledger of economic transactions that can be programmed to record not just financial transactions but virtually everything of value.” — Don & Alex Tapscott, authors Blockchain Revolution (2016)

Blockchain is the digital and decentralized ledger that records all transactions. (See the “Blockchain Simplified” video for more information.) Every time someone buys digital coins on a decentralized exchange, sells coins, transfers coins, or buys a good or service with virtual coins, a ledger records that transaction, often in an encrypted fashion, to protect it from cybercriminals. These transactions are also recorded and processed without a third-party provider, which is usually a bank.

A distributed database

Picture a spreadsheet that is duplicated thousands of times across a network of computers. Then imagine that this network is designed to regularly update this spreadsheet and you have a basic understanding of the blockchain.

Information held on a blockchain exists as a shared — and continually reconciled — database. This is a way of using the network that has obvious benefits. The blockchain database isn’t stored in any single location, meaning the records it keeps are truly public and easily verifiable. No centralized version of this information exists for a hacker to corrupt. Hosted by millions of computers simultaneously, its data is accessible to anyone on the Internet.

Why was blockchain invented?

The main reason we even have this cryptocurrency and blockchain revolution is as a result of the perceived shortcomings of the traditional banking system. What shortcomings, you ask? For example, when transferring money to overseas markets, a payment could be delayed for days while a bank verifies it. Many would argue that financial institutions shouldn’t tie up cross-border payments and funds for such an extensive amount of time.

Likewise, banks almost always serve as an intermediary of currency transactions, thus taking their cut in the process. Blockchain developers want the ability to process payments without a need for this middleman.

A network of so-called computing “nodes” make up the blockchain.

Node is a computer connected to the blockchain network using a client that performs the task of validating and relaying transactions gets a copy of the blockchain, which gets downloaded automatically upon joining the blockchain network.

Together they create a powerful second-level network, a wholly different vision for how the internet can function.

Every node is an “administrator” of the blockchain, and joins the network voluntarily (in this sense, the network is decentralized). However, each one has an incentive for participating in the network: the chance of winning Bitcoins.

Nodes are said to be “mining” Bitcoin, but the term is something of a misnomer. In fact, each one is competing to win Bitcoins by solving computational puzzles. Bitcoin was the raison d’etre of the blockchain as it was originally conceived. It’s now recognized to be only the first of many potential applications of the technology.

There are an estimated 700 Bitcoin-like cryptocurrencies (exchangeable value tokens) already available. As well, a range of other potential adaptations of the original blockchain concept are currently active, or in development.

What are the applications of blockchain?

The nature of blockchain technology has got imaginations running wild, because the idea can now be applied to any need for a trustworthy record. It is also putting the full power of cryptography in the hands of individuals, stopping digital relationships from requiring a transaction authority for what are considered ‘pull transactions’.

For sure, there is also a lot of hype. This hype is perhaps the result of how easy it is to dream up a high-level use case for the application of blockchain technology. It has been described as ‘magic beans’ by several of the industry’s brightest minds.

There is more on how to test whether blockchain technology is appropriate for a use case or not here — “Why Use a Blockchain?” For now, let’s look at the development of blockchain technology for how it could be useful.

As a system of record

Digital identity

Cryptographic keys in the hands of individuals allow for new ownership rights and a basis to form interesting digital relationships. Because it is not based on accounts and permissions associated with accounts, because it is a push transaction, and because ownership of private keys is ownership of the digital asset, this places a new and secure way to manage identity in the digital world that avoids exposing users to sharing too much vulnerable personal information.

Tokenization

Tokens are used as to bind the physical and digital worlds. These digital tokens are useful for supply chain management, intellectual property, and anti-counterfeiting and fraud detection.

Inter-organizational data management

Blockchain technology represents a revolution in how information is gathered and collected. It is less about maintaining a database, more about managing a system of record.

For governments

Governments have an interest in all three aspects components of blockchain technology. Firstly, there’s the ownership rights surrounding cryptographic key possession, revocation, generation, replacement, or loss. They also have an interest in who can act as part of a blockchain network. And they have an interest in blockchain protocols as they authorize transactions, as governments often regulate transaction authorization through compliance regimes (eg stock market regulators authorize the format of market exchange trades).

For this reason, regulatory compliance is seen as a business opportunity by many blockchain developers.

For financial institutions

For audit trails

Using the client-server infrastructure, banks and other large institutions that help individuals form digital relationships over the internet are forced to secure the account information they hold on users against hackers.

Blockchain technology offers a means to automatically create a record of who has accessed information or records, and to set controls on permissions required to see information.

This also has important implications for health records.

As a platform

For smart contracting

Blockchains are where digital relationships are being formed and secured. In short, this version of smart contracts seeks to use information and documents stored in blockchains to support complex legal agreements.

Other startups are working on sidechains — bespoke blockchains plugged into larger public blockchains. These ‘federated blockchains’ are able to overcome problems like the block size debate plaguing bitcoin. It is thought these groups will be able to create blockchains that authorize super-specific types of transactions.

Ethereum takes the platform idea further. A new type of smart contracting was first introduced in Vitalik Buterin’s white paper, “A Next Generation Smart Contract and Decentralized Application Platform”. This vision is about applying business logic on a blockchain, so that transactions of any complexity can be coded, then authorized (or denied) by the network running the code.

As such, ethereum’s primary purpose is to be a platform for smart contract code, comprising of programs controlling blockchain assets, executed by a blockchain protocol, and in this case running on the ethereum network.

For automated governance

Bitcoin itself is an example of automated governance, or a DAO (decentralized autonomous organization). It, and other projects, remain experiments in governance, and much research is missing on this subject.

For markets

Another way to think of cryptocurrency is as a digital bearer bond. This simply means establishing a digitally unique identity for keys to control code that can express particular ownership rights (eg it can be owned or can own other things). These tokens mean that ownership of code can come to represent a stock, a physical item or any other asset.

For automating regulatory compliance

Beyond just being a trusted repository of information, blockchain technology could enable regulatory compliance in code form — in other words, how blocks are made valid could be a translation of government legal prose into digital code. This means that banks could automate regulatory reporting or transaction authorization.

What is Ethereum?

Ethereum is the second-largest blockchain. It’s much smaller than bitcoin — its cryptocurrency token, ether, has a market cap of $42 billion, compared to bitcoin’s quarter of a trillion dollars — but Ethereum can integrate smart contracts onto its blockchain. “So if I upload a program, let’s say a bet, I escrow some money into it, you escrow some money into it, and then a third party lets us know whether the Chicago Bulls beat the New York Knicks or vice versa, resolving our bet,” explains Joe Lubin, one of Ethereum’s founders.

Ethereum isn’t meant to be just a cryptocurrency like bitcoin, according to Lubin, but a full enterprise platform onto which programmers can build applications for any number of things. Despite that, one ether went from being worth $8 in January to being worth $434 in December as investors began to sense the enormous sums of money to be made.

Like Bitcoin, Ethereum is a distributed public blockchain network. Although there are some significant technical differences between the two, the most important distinction to note is that Bitcoin and Ethereum differ substantially in purpose and capability. Bitcoin offers one particular application of blockchain technology, a peer to peer electronic cash system that enables online Bitcoin payments. While the Bitcoin blockchain is used to track ownership of digital currency (bitcoins), the Ethereum blockchain focuses on running the programming code of any decentralized application.

In the Ethereum blockchain, instead of mining for bitcoin, miners work to earn Ether, a type of crypto token that fuels the network. Beyond a tradeable cryptocurrency, Ether is also used by application developers to pay for transaction fees and services on the Ethereum network.

Bitcoin can be described as digital money. Bitcoin has been around for eight years and is used to transfer money from one person to another. It is commonly used as a store of value and has been a critical way for the public to understand the concept of a decentralized digital currency.

Ethereum is different than Bitcoin in that it allows for smart contracts which can be described as highly programmable digital money. Imagine automatically sending money from one person to another but only when a certain set of conditions are met. For example an individual wants to purchase a home from another person. Traditionally there are multiple third parties involved in the exchange including lawyers and escrow agents which makes the process unnecessarily slow and expensive. With Ethereum, a piece of code could automatically transfer the home ownership to the buyer and the funds to the seller after a deal is agreed upon without needing a third party to execute on their behalf.

Application of Ethereum

In addition to being a great investment coin, Ethereum is a platform that enables what has come to be known as “web 3.0”. “Web 2.0” (the internet as we know it) is based on centralized servers; to have access to the internet and most of the services therein, we have to rely on third-party servers. These servers charge us fees and collect our data (often against our will).

With Ethereum, there are no centralized servers. Instead, Ethereum runs on blockchain technology, a kind of distributed ledger technology that is upheld by a network of thousands of different computers, called “nodes.” In exchange for performing the duties that secure the network and verify the transactions that take place on it, the nodes receive rewards in the form of ETH tokens.

Ethereum was the first cryptocurrency that was built to function primarily as a settlement layer. This means that it was designed as a platform for other things to be developed on. In contrast, Bitcoin was designed initially to transact as a form of “digital cash” (though, over time, Bitcoin has become more of a settlement layer itself).

What are smart contracts and how does Ethereum work?

Ethereum’s smart contracts have been famously explained by Nick Szabo as being similar to a vending machine.

When you use a vending machine, you put money in, press a button, and receive your candy. It’s all automated; there is no third-party that needs to come and make sure that you inserted your coin or unlock the door to give the candy to you.

Smart contracts operate similarly, except they usually have nothing to do with candy; rather, they can be applied to tons of different scenarios across different industries. Smart contracts take the “middle man” out of a variety of legal and financial services.

For example, Hermione is buying a home to move into immediately and needs to set up a mortgage contract with the seller. In today’s world, she must go to a bank or use another third-party service to draw up the contract. The third-party charges fees and the process takes a while–time and money that Harriet doesn’t have.

Using a smart contract, a legal mortgage contract could be set up without involving any third party. The loan’s data would be stored on the blockchain, and anytime that the borrower missed a payment, the keys to the loan’s collateral would be automatically revoked.

Using Smart Contracts to Build Dapps

Ethereum can be (and is) used as a platform for developing “dapps,” another name for “decentralized apps.” There are a variety of benefits of using dapps as opposed to traditional applications, including:

Dapps are decentralized–they are not run by any singular entity. This means that the third-parties that are an inherent part of the structure of traditional applications do not exist. You know, the third-parties that exist to charge fees or to collect your personal data?
Ethereum-based dapps know the pseudonymous identity of each user. In other words, dapp users will never have to provide personal information to register or use dapps; in fact, users will not have to register at all. Instead, the dapp will operate using your pseudonymous identity within the Ethereum network.
All payments are processed within the Ethereum network. There is no need to integrate PayPal, Stripe, or any other third-party means of payment into Ethereum-based dapps. Payments will be securely sent and received on the Ethereum network.
The blockchain holds all the data. While some extraneous data may be held outside of the blockchain, everything that needs to be kept secure will be stored forever (immutably) within the blockchain. Additionally, any logs created within dapps are held on the blockchain, making public data easily searchable.
The front- and back-end code is open source. You can independently verify that the dapp you’re using is secure and that there is no malicious code.

Ethereum vs. other smart contract alternatives

Ethereum has a long road ahead if it wants to achieve its ambition of becoming the world’s “decentralized computer.” Even Vitalik Buterin, the creator of Ethereum, doubts its current ability to scale, saying, “Scalability [currently] sucks; the blockchain design fundamentally relies on bottlenecks where individual nodes must process every single transaction in the entire network.”

He’s correct. The Ethereum blockchain keeps getting bigger, and exhibits an increasingly large footprint for the hardware of miners and users alike. Additionally, its relatively outdated algorithmic programming makes inefficient use of the chain’s processing power, and returns a dismal number of transactions per second. This is a problem for businesses who rely on Ethereum smart contracts and impacts its future applicability and price. Fortunately, there are other smart contract platforms built on blockchain that are working to evolve the concept further.

1. QTUM

One of the most promising contenders for Ethereum’s title is QTUM, a hybrid cryptocurrency technology that takes the best attributes of bitcoin and Ethereum before blending them together. The result is a solution that resembles bitcoin core, but also includes an Abstract Accounting Layer that gives QTUM’s blockchain smart contract functionality via a more robust x86 Virtual Machine.

Essentially this is an off-layer scaling solution akin to what bitcoin seeks in SegWit and the Lightning Network, combined with the ability to build and host smart contracts. This has made QTUM a popular destination for developers, who appreciate the protective clauses installed in the platform that make it nigh impossible to commit the kinds of coding infractions that might one day become a multi-million-dollar problem. They also appreciate the presence of second-layer storage, despite its implications on decentralization, because stable business applications are their primary desire, as well they should be.

2. Ethereum Classic

The first hard fork that the cryptocurrency community witnessed was Ethereum forking from Ethereum Classic in 2013, which created a new prototype with ambitions to fill the gaps in Ethereum’s code. The controversy surrounded a hack where one individual stole over $50 million in ETH from a smart contract that was holding them in escrow as part of the original DAO (Decentralized Autonomous Organization) project.

After the hacker created a glitch that withdrew ETH from users instead of depositing it, the community voted to create a new chain that was backwards-compatible with the old one, so that mistakes like these could be reversed, and coins returned to their rightful owners. The hard fork installed a new update to the old Ethereum’s code which made it impossible to backtrack, even in the case of heinous breaches, of which there have been several. Ethereum Classic is continually being upgraded in this manner, thanks to a vibrant and active community, and keeps on pace with other projects despite its age.

3. NEO

NEO is what people like to refer to as “China’s Ethereum,” and for good reason. First, the two are very similar, and bill themselves as hosts of decentralized applications (dApps), ICOs, and smart contracts. They’re both open source, but while Ethereum is supported by a democratic foundation of developers, NEO has the full backing of China’s government. This has made it popular domestically but also abroad, and for its unique value proposition as well.

NEO uses a more energy-efficient consensus mechanism called dBFT (decentralized Byzantium Fault Tolerant) instead of proof-of-work, making it much faster at a rate of 10,000 transactions per second. Moreover, it supports more computer languages than Ethereum. People can build dApps with Java, C#, and soon Python and Go, making this option accessible to startups with big ideas while helping to add to its long-term viability.

4. Cardano

One of the newest entries into the smart contract platform contest, Cardano is a dual-layer solution, but with a unique twist. The platform has a unit of account and a control layer that governs the use of smart contracts, recognizes identity, and maintains a degree of separation from the currency it supports.

Cardano is programmed in Haskell, a language best suited for business applications and data analysis, making its future applications likely to be financial or organizational. This ideal blend of public sector usability and privacy protection makes Cardano a potentially groundbreaking solution, but it’s still very young. While the developer team’s use of deliberate, airtight scientific methodology make progress slow, it will likely be void of any parity or security mistakes that are an unfortunate reality in its more haphazardly assembled peers.

Mitali Sengupta is a former digital marketing professional, currently enrolled as a full-stack engineering student at Holberton School. She is passionate about innovation in AI and Blockchain technologies.. You can contact Mitali on Twitter, LinkedIn or GitHub.

AT&T Sharpens Edge With New Open Source Effort, Test Lab Launch

Light Reading

February 20, 2018

AT&T is continuing its aggressive edge computing push, today announcing that its first test zone for edge applications is up and running at its AT&T Foundry in Palo Alto, Calif., and that it is creating a new open source project focused on automated, distributed cloud infrastructure for carrier and enterprise networks. (See AT&T Turns Up Edge Computing Test Lab and Linux Foundation, AT&T Launch Akraino.)

According to a blog post by Melissa Arnoldi, senior executive vice president of technology and operations at AT&T Inc. (NYSE: T), the open source group, named Akraino, will be hosted by the Linux Foundation and will focus on “expanding the development of next generation zero-touch edge cloud infrastructure for carrier and enterprise networks,” …

Understanding SELinux Labels for Container Runtimes

OpenSource.com

February 20, 2018

“I’ve just started to deal with some software that is containerized via Docker, and which is ordinarily only ever run on Ubuntu. Naturally this means nobody ever put any thought into how it will interact with SELinux.

“I know that containers get a pair of randomly chosen MCS [Multi-Category Security] labels by default, and that the files they create obviously end up with those same categories. However, when it’s time to rebuild or upgrade the container, the files are now inaccessible because the new container has a different pair of categories.

“Are we supposed to relabel these files with the new categories? Or do we have to pick the categories ourselves and then use Docker’s --security-opt option when we run the container? How do we do so without risk that some other container will end up with the same categories?”

Regarding the first question, when a container runtime like Docker, as well as some of the new ones we have been working on—podman, CRI-O, and Buildah—create a container, they pick a random MCS label to run the container. The MCS labels consist of two random numbers between 0 and 1,023 and have to be unique. They are prefixed with a c or category. SELinux also needs a sensitivity level s0.

What is LLVM? The Power Behind Swift, Rust, Clang, and More

InfoWorld

February 20, 2018

LLVM makes it easier to not only create new languages, but to enhance the development of existing ones. It provides tools for automating many of the most thankless parts of the task of language creation: creating a compiler, porting the outputted code to multiple platforms and architectures, and writing code to handle common language metaphors like exceptions. Its liberal licensing means it can be freely reused as a software component or deployed as a service.

The roster of languages making use of LLVM has many familiar names. Apple’s Swift language uses LLVM as its compiler framework, and Rust uses LLVM as a core component of its tool chain. Also, many compilers have an LLVM edition, such as Clang, the C/C++ compiler (this the name, “C-lang”), itself a project closely allied with LLVM. And Kotlin, nominally a JVM language, is developing a version of the language called Kotlin Native that uses LLVM to compile to machine-native code.

Linux: To Recurse or Not

Network World

February 20, 2018

Linux and recursion are on very good speaking terms. In fact, a number of Linux commands recurse without ever being asked, while others have to be coaxed with just the right option.

When is recursion most helpful and how can you use it to make your tasks easier? Let’s run through some useful examples and see.

Easy recursion with ls

First, the ls command seems like a good place to start. This command will only list the files and directories in the current or specified directory unless asked to work a little harder. It will include the contents of directories only if you add a -R option.

Find Large Files in Linux

RoseHosting .com

February 19, 2018

In today’s tutorial we are going to show you how to find large files in Linux. One of the most common things you will do as a Linux system administrator is finding unneeded large files that consume disk space, and removing them to free up space for applications that actually need it. Let’s dive in and find out how we can find, large files in Linux.

1. Finding largest directories and files in Linux

First we are going to look at how we can find the largest directories and files in linux combined, execute the following command to find the top 10 largest directories and files on your Linux server:

# du -ah /* 2>/dev/null | sort -rh | head -n 10

Q4OS Makes Linux Easy for Everyone

Jack Wallen

February 16, 2018

Modern Linux distributions tend to target a variety of users. Some claim to offer a flavor of the open source platform that anyone can use. And, I’ve seen some such claims succeed with aplomb, while others fall flat. Q4OS is one of those odd distributions that doesn’t bother to make such a claim but pulls off the feat anyway.

So, who is the primary market for Q4OS? According to its website, the distribution is a:

“fast and powerful operating system based on the latest technologies while offering highly productive desktop environment. We focus on security, reliability, long-term stability and conservative integration of verified new features. System is distinguished by speed and very low hardware requirements, runs great on brand new machines as well as legacy computers. It is also very applicable for virtualization and cloud computing.”

What’s very interesting here is that the Q4OS developers offer commercial support for the desktop. Said support can cover the likes of system customization (including core level API programming) as well as user interface modifications.

Once you understand this (and have installed Q4OS), the target audience becomes quite obvious: Business users looking for a Windows XP/7 replacement. But that should not prevent home users from giving Q4OS at try. It’s a Linux distribution that has a few unique tools that come together to make a solid desktop distribution.

Let’s take a look at Q4OS and see if it’s a version of Linux that might work for you.

What Q4OS all about

Q4OS that does an admirable job of being the open source equivalent of Windows XP/7. Out of the box, it pulls this off with the help of the Trinity Desktop (a fork of KDE). With a few tricks up its sleeve, Q4OS turns the Trinity Desktop into a remarkably similar desktop (Figure 1).

When you fire up the desktop, you will be greeted by a Welcome screen that makes it very easy for new users to start setting up their desktop with just a few clicks. From this window, you can:

Run the Desktop Profiler (which allows you to select which desktop environment to use as well as between a full-featured desktop, a basic desktop, or a minimal desktop—Figure 2).
Install applications (which opens the Synaptic Package Manager).
Install proprietary codecs (which installs all the necessary media codecs for playing audio and video).
Turn on Desktop effects (if you want more eye candy, turn this on).
Switch to Kickoff start menu (switches from the default start menu to the newer kickoff menu).
Set Autologin (allows you to set login such that it won’t require your password upon boot).

Figure 2: The Desktop Profiler allows you to further customize your desktop experience.

If you want to install a different desktop environment, open up the Desktop Profiler and then click the Desktop environments drop-down, in the upper left corner of the window. A new window will appear, where you can select your desktop of choice from the drop-down (Figure 3). Once back at the main Profiler Window, select which type of desktop profile you want, and then click Install.

Figure 3: Installing a different desktop is quite simple from within the Desktop Profiler.

Note that installing a different desktop will not wipe the default desktop. Instead, it will allow you to select between the two desktops (at the login screen).

Installed software

After selecting full-featured desktop, from the Desktop Profiler, I found the following user applications ready to go:

LibreOffice 5.2.7.2
VLC 2.2.7
Google Chrome 64.0.3282
Thunderbird 52.6.0 (Includes Lightning addon)
Synaptic 0.84.2
Konqueror 14.0.5
Firefox 52.6.0
Shotwell 0.24.5

Obviously some of those applications are well out of date. Since this distribution is based on Debian, we can run and update/upgrade with the commands:

sudo apt update

sudo apt upgrade

However, after running both commands, it seems everything is up to date. This particular release (2.4) is an LTS release (supported until 2022). Because of this, expect software to be a bit behind. If you want to test out the bleeding edge version (based on Debian “Buster”), you can download the testing image here.

Security oddity

There is one rather disturbing “feature” found in Q4OS. In the developer’s quest to make the distribution closely resemble Windows, they’ve made it such that installing software (from the command line) doesn’t require a password! You read that correctly. If you open the Synaptic package manager, you’re asked for a password. However (and this is a big however), open up a terminal window and issue a command like sudo apt-get install gimp. At this point, the software will install… without requiring the user to type a sudo password.

Did you cringe at that? You should.

I get it, the developers want to ease away the burden of Linux and make a platform the masses could easily adapt to. They’ve done a splendid job of doing just that. However, in the process of doing so, they’ve bypassed a crucial means of security. Is having as near an XP/7 clone as you can find on Linux worth that lack of security? I would say that if it enables more people to use Linux, then yes. But the fact that they’ve required a password for Synaptic (the GUI tool most Windows users would default to for software installation) and not for the command-line tool makes no sense. On top of that, bypassing passwords for the apt and dpkg commands could make for a significant security issue.

Fear not, there is a fix. For those that prefer to require passwords for the command line installation of software, you can open up the file /etc/sudoers.d/30_q4os_apt and comment out the following three lines:

%sudo    ALL = NOPASSWD: /usr/bin/apt-get *

%sudo    ALL = NOPASSWD: /usr/bin/apt-key *

%sudo    ALL = NOPASSWD: /usr/bin/dpkg *

Once commented out, save and close the file, and reboot the system. At this point, users will now be prompted for a password, should they run the apt-get, apt-key, or dpkg commands.

A worthy contender

Setting aside the security curiosity, Q4OS is one of the best attempts at recreating Windows XP/7 I’ve come across in a while. If you have users who fear change, and you want to migrate them away from Windows, this distribution might be exactly what you need. I would, however, highly recommend you re-enable passwords for the apt-get, apt-key, and dpkg commands… just to be on the safe side.

In any case, the addition of the Desktop Profiler, and the ability to easily install alternative desktops, makes Q4OS a distribution that just about anyone could use.

Learn more about Linux through the free “Introduction to Linux” course from The Linux Foundation and edX.

This Week in Open Source News: Google’s AMP Support to Snazz Up Email, Open Source Community Continues to Do Good & More

The Linux Foundation

February 16, 2018

This week in open source and Linux news, Google’s Accelerated Mobile Pages will now support web browsing in email, an op-ed on the continued value of the open source community and more! Read this week’s digest to stay in the open source know.

1) Google is bringing its open source Accelerated Mobile Pages (AMP) capabilities to email today

Gmail Will Let You Browse Websites in Your Email With New AMP Support– The Verge

2) “[The open source community] and the code they’ve built over the past two decades — is the linchpin for so much important social good.”

Two Decades On, Open Source Still Brings the World Together– siliconANGLE

3) Nathan Cranford shares his picks for the most popular open source projects, including Hyperledger and Kubernetes.

Five Noteworthy Open Source Projects– RCRWireless News

4) Hyperledger-based “Omnitude” makes middleware to bridge between difference blockchain databases.

Connecting Blockchains To ‘Real’ Business– Forbes

The 4 Major Tenets of Kubernetes Security

The New Stack

February 16, 2018

In a previous article, we learned about the threats to a Kubernetes deployment that may result in a multitude of compromises and undesirable scenarios. With these threat models in mind, we can now explore Kubernetes security along four major tenets:

authentication and authorization
resource isolation
hardening and network security
logging and auditing.

We look at security from the perspective of containers, Kubernetes deployment itself and network security. Such a holistic approach is needed to ensure that containers are deployed securely and that the attack surface is minimized. The best practices that arise from each of the above tenets apply to any Kubernetes deployment, whether you’re self-hosting a cluster or employing a managed service.

Enterprises Identify 10 Essential Tools for DevOps

Tech Target

February 16, 2018

In rough order of their appearance in the DevOps pipeline, based on real-world user feedback, here are the most essential DevOps tools:In some of these 10 major categories, just one tool rules the roost, such as Docker for application containers and Jenkins for CI/CD. In others, DevOps practitioners view a handful of tools as interchangeable, depending on personal preferences and the IT environment’s specific requirements.

1. Source code repository

The first step in a DevOps process is a version-controlled source code repository where developers check in, check out and manage code. Most CI and application deployment tools respond automatically to code commits in such repositories, and a DevOps process that doesn’t start with source code control is a nonstarter in the eyes of practitioners.