Twitter
Home Blog Page 413

Integrating Continuous Testing for Improved Open Source Security

By
O'Reilly
-

Preventing new security flaws is conceptually simple, and very aligned with your (hopefully) existing quality control. Because vulnerabilities are just security bugs, a good way to prevent them is to test for them as part of your automated test suite.

The key to successful prevention is inserting the vulnerability test into the right steps in the process, and deciding how strict to make it. Being overly restrictive early on may hinder productivity and create antagonism among your developers. On the flip side, testing too late can make fixing issues more costly, and being too lenient can eventually let vulnerabilities make it to production. It’s all about finding the right balance for your team and process.

Here are a few considerations on how to strike the right balance.

Read more at O’Reilly

IOT Trends To Watch Out For In Mobile App Development

By
Melissa Crooks Crooks
-

At the moment, mobile app development is in its prime. No doubt, these recent years have been phenomenal for mobile particularly now that that many business organizations and individuals are recognizing mobile apps to be more of a necessity than an optional investment. Today, any business person looking to meet customer demands and boost sales must pass through the way of mobile for sure.

At the moment, one of the most actively growing sectors in the industry is mobile app development whose market is currently been dominated by gaming apps, lifestyle, social media, and Google apps. While small and medium-size businesses are struggling to create their own apps and follow the mobile trend, many large companies such as banks, retailers, hospitability etc. are already employing mobile applications to enhance and improve direct their marketing, customer engagement, and branding activities.

Obviously, the future of mobile application development is bright. The internet of things (IoT) is one of the most recent innovative technologies transforming app development in the mobile world.

The Impact of IOT in Mobile App Development

This trend which involves connecting all kinds of gadgets to the web is already gaining fast momentum and also impacting mobile app development in a very significant way. As a matter of fact, many top app development companies are now getting themselves engaged in the business of controlling physical devices through a smartphone.

There are fairly obvious and plentiful options to benefit from connected things. Users can effectively obtain full control of the features offered by connecting several gadgets and machines to their smartphones. IoT is helping apps to push notifications directly to the phone by running them through the internet. It also makes it possible for users to switch these systems on and off remotely since it allows update parameters.

The scope to access IoT-enabled devices is better provided via mobile phones and mobile app programming. Currently, some sectors such as hospitality, travel, retail, education, and healthcare are employing mobile connectivity and apps to access IoT ecosystems. Thanking an IoT approach to mobile app development comes with lots of benefits including:

– It provides a faster means of accessing information than web browsing. As a matter of fact, customers will not have to wait so long for sites to load before they can access applications as this won’t even take a minute.

– The integration of IoT in mobile app development will go a long way in making the entire development process affordable. The cost of sending SMSes and newsletters can be effectively reduced through this means. This is because apps can now integrate direct communication with customers via messages.

Currently, app developers and mobile app development company alike are trying so hard to transform the mobile app development space by building IoT-friendly apps that are capable of rendering customer-centric services at any time.

Reasons for Integrating IoT Mobile Strategy into App Development

No doubt, the mobile app development world is amazing, but there are quite a lot more things to benefit from IoT which just beginning to emerge. In order to provide end users with the topical product, it is imperative for app developers India to keep up with the latest trends in this sphere. As a matter of fact, there are some serious technical challenges that they need to address including testing requirements for IoT apps and learning how to meet the security analytics.

Here are some meaningful reasons why app developers India and mobile app development businesses should consider the development of IoT mobile apps.

– Regardless of where users are located on the face of the earth, they can always access mobile apps on their smartphones. Due to the highly flexible accessibilities of these apps, there has been an increasing demand for mobile apps in recent times.

– Like social platforms, IoT is basically concerned with the interconnectivity of devices and how they interact. Since mobile apps offer enabling features such as comments, likes, share etc., for social platforms they have proven to be very efficient at boosting IoT capabilities.

– Aside from their excellent abilities to promote brands, mobile applications can win over the most customers for any business. Companies are using their mobile apps to not only enhance user engagement but to persuade customers to buy their products and use their services. This is how they expand their customer base.

– It only takes seconds to spread information to a target audience through a mobile app. With the use of some helpful mobile features such as push notifications, companies are connecting with customers and reminding them of relevant updates.

– Unlike traditional websites where information is somewhat limited and restricted to certain areas and demographics, customers can now access information on just about anything through the use of their smartphones. Nowadays, mobile applications are considered more important for business growth and expansion than websites because they offer more quality browsing experience and buying options.

Mobile App Development: IoT Trends to Watch Out For

With each passing day, the mobile app development world is constantly evolving. However, it is fascinating to see how a beginner industry such as the Internet of Things (IoT) is transforming mobile technology. Many app developers India are now coming to understand how IoT and mobile app improvements can boost connection and improve interaction between people around the world. This has led to the emergence of several devices controlled by many businesses online which in turn are helping to boost productivity and response times.

One major area of concern for the development in any enterprise app is security. When tangible (physical) devices become the first entry point to communication there is every possibility that IoT could drastically improve the overall defense barriers of mobile app development.

In less than no time, there’ll probably be a technological explosion in the mobile app development world as more and more app developers India begin to take up the challenge of using IoT to drive the development process. This will lead to a wide-spread of IoT devices around the world thereby boosting customer communication and user engagement.

Don’t Fear the Regex: Getting Started on Regular Expressions

By
The New Stack
-

According to good ol’ Mozilla Developer Network, “Regular Expressions are patterns used to match character combinations in strings.”  Yes, strings as in text or — as the authors of Programming Perl point out — “If you take ‘text’ in the widest possible sense, perhaps 90 percent of what you do is 90 percent text processing.”

This is useful because regular expressions can match just about any pattern. They are fast — faster than the recursive cruft required to not write regex, for sure. And while regexes aren’t the easiest to read, especially for newcomers to the syntax, consider whether you’d rather put in the effort required to puzzle out the logic of one line of cryptic letters and symbols versus the dozens of lines of non-regex code required to achieve the same result.

Read more at The New Stack

Kubernetes for Dev Infrastructure

By
HackerNoon
-

Kubernetes is one of the hottest open-source projects these days. It’s a production-grade container orchestration system, inspired by Google’s own Borg and released into the wild in 2014. Thousands of developers joined the project since then, and now it’s becoming an industry standard for running containerized applications. Kubernetes is designed to run production workloads on a scale, but it’s capable of much more. In this article, I’ll talk about my experience setting up a Kubernetes cluster as a core component of a development infrastructure while working at ThoughtSpot.

I was initially assigned to solve an easy-sounding problem: make integration tests faster. There were a few hundreds of Selenium-based workflows, which were running sequentially and taking up to 10 hours to complete. The obvious solution was to parallelize them. The problem was that they were not designed to run concurrently…

Read more at HackerNoon

First Linux-Based RISC-V Board Prepares for Take-Off

By
Eric Brown
-

It’s been two years since the open source RISC-V architecture emerged from computer labs at UC Berkeley and elsewhere and began appearing in soft-core implementations designed for FPGAs, and over a year since the first commercial silicon arrived. So far, the focus has primarily been on MCU-like processors, but last October, SiFive announced the first Linux-driven RISC-V SoC with its quad-core, 64-bit Freedom U540 (AKA U54-MC Coreplex). A few days ago at FOSDEM, SiFive opened pre-sales for an open source HiFive Unleashed SBC that showcases the U540.

The $999 HiFive Unleashed is available on Crowd Supply, with shipments due on June 30. The 28nm fabricated U540 SoC that drives the SBC is not only the first multi-core and Linux-ready RISC-V processor, but the first to provide cache coherence. In addition to the four 1.5GHz U54 RV64GC CPU cores, the SoC includes an E51 RV64IMAC management core with Sv39 virtual memory support.

Each CPU core provides a five-stage in-order pipeline, along with 32KB L1 instruction and data caches, and there’s also a shared, coherent 2MB L2 cache. Because both the L1 instruction and L2 caches can be configured into high-speed deterministic SRAMs, the SoC can be used for real-time applications.

What you won’t find is a GPU or VPU. However, third parties are encouraged to integrate them. Silicon developers can tap an open source TileLink interface bus to build peripheral IP. The TileLink bus’ scalable cache-coherent fabric is further enabled with bridge adapters for legacy bus protocols such as AXI4, AHB-Lite, and APB.

The open spec HiFive Unleashed board integrates a U540 SoC, 8GB of DDR4 RAM, and 32MB quad SPI flash. The only other major features include a microSD slot, a Gigabit Ethernet port, and an FMC connector for future expansion. A SiFive rep confirmed to Linux.com that the board will be open source hardware, with freely available schematics and layout files.

The feature set may be pretty limited for $999, but you’re really paying for the novel SoC and a chance the get a head start on what could potentially become a major new computing platform.

RISC-V jumps out to a fast start

It’s too early to say whether RISC-V will ever rival ARM or x86, let alone match the reach of fading architectures such as MIPS and PowerPC. So far, however, there has been a surprising willingness on the part of major computer and semiconductor vendors to experiment with the new ISA. RISC-V Foundation Platinum members include heavy hitters like Draper, Google, Hewlett Packard Enterprise, IBM, Microsemi, Oracle, Microsoft, Nvidia, and Qualcomm. 

The widespread interest is partially due the fact that RISC-V has a free and permissive license that enables third parties to use the ISA to develop proprietary implementations. The expectation, however, is that most RISC-V SoCs will follow the early players’ leads in providing open source implementations.

RISC-V’s timing seems to be right, as the growing acceptance of open source software and hardware logically leads to a desire to open up of the processor. Opaque chip designs often create obstacles and blind spots — not only for open source projects, but also semiconductor vendors. Conceivably, hidden issues such as Intel’s Spectre and Meltdown security problems might have come to light more quickly in the open source spotlight.

There’s also a sense that the dominance of two closed source architectures — ARM and Intel x86 — is limiting innovation, slowing time to market, and increasing cost. In addition, RISC-V advocates claim that both ARM and x86 platforms are burdened by legacy code. By comparison, RISC-V is starting with a clean slate of modern components.

SiFive was founded by RISC-V inventors including Yunsup Lee, Andrew Waterman, and Krste Asanovic, based in part on two earlier open source RISC ISAs: SPARC and OpenRISC. In 2014, Asanovic and fellow UC Berkeley professor David Patterson, who coined the term RISC, posted a white paper on RISC-V, and development progressed rapidly from there.

SiFive has been the major RISC-V hardware player, while Microsemi has led the way in developing soft-core implementations that can run on FPGAs for prototyping. In Nov. 2016, SiFive announced an open source, Arduino compatible HiFive1 development board for its Freedom E300 — an MCU-like RISC-V design with an E31 Coreplex core designed to run FreeRTOS. Developers could also use Microsemi’s soft-core SmartFusion 2 SoC FPGA to develop for the E300.

The HiFive1 was followed last May by an Arduino Cinque board based on the HiFive1, jointly developed by SiFive and Arduino. The key addition was an Espressif ESP32 SoC that supplies WiFi and Bluetooth.

SiFive and Microsemi aren’t the only vendors invested in RISC-V. Andes, Bluespec, Codasip, and Cortus sell RISC-V core IP that can be used to develop MCU-like SoCs. (SiFive also sells IP in addition to silicon and development services.) Like Microsemi, Rumble and Development and VectorBlox offer soft cores that run on FPGAs.

According to a recent summary of RISC-V developments posted on Electronic Design by Microsemi’s Ted Marena, Vice Chair of the RISC-V Foundation’s RISC-V Marketing Committee, software support is also evolving. In the Linux realm, RISC-V support was added to the GNU/GCC and GNU/GDB toolchains last May. In addition, writes Marena, “several flavors of Linux are supported, including Yocto,” based on Linux 4.6. RISC-V support appears to be headed for a merge into kernel 4.14, which “means RISC-V will soon be a mainline platform in Linux.”

The HiFive Unleashed Crowd Supply page does not have much to say about software aside from noting Linux compatibility, and SiFive did not respond to our queries for more details. When the U540 SoC was announced, however, SiFive said the SoC would be supported by “a rich SDK with demo software and an easy-to-install binary toolchain.” Standard development and debug tools such as OpenOCD, GDB, and an Eclipse IDE, were also said to be in the works.

Performance questions should be partially answered when the HiFive Unleashed appears this Spring. According to an EETimes story posted in October, the “single issue” U54 core is expected to lag the performance of the “dual issue” Cortex-A53. Marena, however, claims that “the modularity of the RISC-V ISA design enables implementations to be more efficient than legacy ISAs such as x86 or ARM.”

In conjunction with the Embedded Linux Conference + OpenIoT event to be held in Portland, Oregon on Mar. 12-14, SiFive will host the first hackathon for the HiFive Unleashed. Registered SiFive Developers will be able to attend the Portland event to try out the SBC. (More information may be found on the HiFive Unleashed product page.) The ELC conference itself includes a presentation by Comcast’s Khem Raj called OpenEmbedded Yocto on RISC-V — New Kid on the Block.

Registration is now open for the Embedded Linux Conference and OpenIoT Summit, to be held Mar. 12-14 at the Hilton Portland in Portland, OR. Linux.com readers can register now with discount code, LINUXRD5, for 5% off the attendee registration.

Kubernetes vs Docker Swarm: A Comparison of Cloud Container Tools

By
Computer Business Review
-

Put simply, Kubernetes is a tool allowing the IT manager to run multiple containers in parallel. Think of it as a container dashboard; if your containers are musicians, then Kubernetes is the conductor.

Docker is a container platform with a panoply of management options for any type of cloud set-up, providing fine control over applications independent of infrastructure. The tool we are interested in is Docker Swarm, a flexible container storage platform which some consider more straightforward to use than Kubernetes.

Let’s get into the differences, overlap and how to choose between them.

Read more at CBROnline

One Million Linux and Open-Source Software Classes Taken

By
ZDNet
-

Want to get a job in IT? Then, you need to know Linux and open-source software. While nothing beats hands-on experience, classes are a great way to get started. So, it comes as no surprise that The Linux Foundation recently announced would-be IT staffers have now taken a million Linux and open-source software classes.

The Linux Foundation has been able to reach so many students because of its partnership with edX. EdX is the non-profit online learning platform from Harvard University and Massachusetts Institute of Technology (MIT). 

Read more at ZDNet

How to Minimize the Meltdown Patch Performance Penalty

By
The New Stack
-

The saga of the cross-industry side-channel attack (Meltdown and Spectre) is not yet over. Turmoil continues as CPU vendors release new microcode and recall previous ones. To understand the extent of the work that still needs to be done, consider the language Linus Torvalds usesabout the patches sent by elite open source kernel developers to deal with Spectre — specifically “Indirect Branch Restricted Speculation.”

Development teams are left to sit back and watch as vendors struggle to decrease the performance impact of these fixes. For example, AWS claims “we have not observed meaningful performance impact for the overwhelming majority of EC2 workloads,” yet most big data workloads are heavily impacted.

Read more at The New Stack

A History of Low-Level Linux Container Runtimes

By
OpenSource.com
-

At Red Hat we like to say, “Containers are Linux—Linux is Containers.” Here is what this means. Traditional containers are processes on a system that usually have the following three characteristics:

1. Resource constraints

When you run lots of containers on a system, you do not want to have any container monopolize the operating system, so we use resource constraints to control things like CPU, memory, network bandwidth, etc. The Linux kernel provides the cgroups feature, which can be configured to control the container process resources.

Read more at OpenSource.com

Who Really Contributes to Open Source

By
InfoWorld
-

New data debunks several myths around which companies lead in open source contributions.

Microsoft has been nipping at the top open source contributor position for years, but a new analysis by Adobe developer Fil Maj puts Microsoft into a whole other universe of contributions. Or, at least, of contributors.

Using the GitHub REST API to pull public profile information from all 2,060,011 GitHub users who were active in 2017 (“active” meaning ten or more commits to public projects), Maj was able to pull the total number of corporate contributors to GitHub, with results that might surprise you.

Read more at InfoWorld

1...412413414...10,742Page 413 of 10,742