Twitter
Home Blog Page 416

Linux Foundation Training Surpasses One Million Served

By
Sam Dean
-

All around the open source technology industry, the skills gap is widening, making it ever more difficult to hire people with much needed job skills. In response, the demand for training on open source topics is growing. The Linux Foundation, in partnership with edX, has been steadily working on closing these skills gaps, by offering online courses on vital open source platforms, tools, and practices. Now, Linux Foundation training has just passed the one million mark for people enrolled in courses on edX.

“While we’re humbled at having reached one million folks, we remain aware of just how big the need is,” said Clyde Seepersad, General Manager of Linux Foundation training. “For example, over 65,000 folks registered for our Blockchain course within the first 100 days. There’s clearly a huge appetite for materials on critical open source projects and we’re committed to continuing to develop courses to help fill the need.”

“Over the past four years, the market has spoken loud and clear — providing high quality, free and vendor neutral entry level training is a critically important component of ensuring continued growth and adoption of open source software,” Seepersad added.

“The Linux Foundation has been a valued partner since they joined edX in 2014, and we congratulate them on achieving the milestone of reaching 1 million learners,” said Anant Agarwal, MIT professor and CEO of edX. “Their courses address popular and cutting-edge technology skills and prepare learners for career success. We look forward to our continued partnership and to launching many more courses in the future.”

Free courses for open source skills

The Linux Foundation has collaborated with edX to bring many courses on open source topics to the community. For example, they offer an online “Introduction to OpenStack (LFS152x), which includes seven chapters with a quiz at the end of each chapter. There is also a final exam, and the great news is that the complete course is available at no cost. In fact, many of the Linux Foundation courses offered in conjunction with edX are free. Many also offer official certification, which can increase participants’ job prospects.

Do you want to dive into Linux-specific training? You can start with the Introduction to Linux online course, which also delivered by The Linux Foundation and edX. The course is hugely popular and can help with basic preparation for the Linux Foundation Certified SysAdmin Exam (LFCS). You can also peruse the many other training options, which range from courses on Kubernetes to advanced cloud platform and Linux administration.

The training offered in these courses can have a very direct impact on your prospects for getting top jobs. For example, it is more important than ever for Linux and Azure professionals to understand how to manage Linux workloads in an Azure environment, and The Linux Foundation recently announced the availability of a new training course, Administering Linux on Azure (LFS205), that can arm you with the requisite skills.

As ZDNet noted, some of The Linux Foundation training and certification courses have qualified as the biggest Massive Open Online Courses (MOOCs) ever. Meanwhile, Linux Foundation training has been breaking down borders all around the world. “We are very pleased by not only the sheer number of folks who have registered, but also that we’ve reached learners from over 200 countries,” said Seepersad.

Visit the Linux Foundation training site to check out the available courses.

How to Run Your Own Public Time Server on Linux

By
Carla Schroder
-

One of the most important public services is timekeeping, but it doesn’t get a lot of attention. Most public time servers are run by volunteers to help meet always-increasing demands. Learn how to run your own public time server and contribute to an essential public good. (See Keep Accurate Time on Linux with NTP to learn how to set up a LAN time server.)

Famous Time Server Abusers

Like everything in life, even something as beneficial as time servers are subject to abuse fueled by either incompetence or malice.

Vendors of consumer network appliances are notorious for creating big messes. The first one I recall happened in 2003, when Netgear hard-coded the address of the University of Wisconsin-Madison’s NTP server into their routers. All of a sudden the server was getting hammered with requests, and as Netgear sold more routers, the worse it got. Adding to the fun, the routers were programmed to send requests every second, which is way too many. Netgear issued a firmware upgrade, but few users ever upgrade their devices, and a number of them are pummeling the University of Wisconsin-Madison’s NTP server to this day. Netgear gave them a pile of money, which hopefully will cover their costs until the last defective router dies. Similar ineptitudes were perpetrated by D-Link, Snapchat, TP-Link, and others.

The NTP protocol has become a choice vector for distributed denial-of-service attacks, using both reflection and amplification. It is called reflection when an attacker uses a forged source address to target a victim; the attacker sends requests to multiple servers, which then reply and bombard the forged address. Amplification is a large reply to a small request. For example, on Linux the ntpq command is a useful tool to query your NTP servers to verify that they are operating correctly. Some replies, such as lists of peers, are large. Combine reflection with amplification, and an attacker can get a return of 10x or more on the bandwidth they spend on the attack.

How do you protect your nice beneficial public NTP server? Start by using NTP 4.2.7p26 or newer, which hopefully is not an issue with your Linux distribution because that version was released in 2010. That release shipped with the most significant abuse vectors disabled as the default. The current release is 4.2.8p10, released in 2017.

Another step you can take, which you should be doing anyway, is use ingress and egress filtering on your network. Block packets from entering your network that claim to be from your network, and block outgoing packets with forged return addresses. Ingress filtering helps you, and egress filtering helps you and everyone else. Read BCP38.info for much more information.

Stratum 0, 1, 2 Time Servers

NTP is more than 30 years old, one of the oldest Internet protocols that is still widely used. Its purpose is keep computers synchronized to Coordinated Universal Time (UTC). The NTP network is both hierarchical, organized into strata, and peer. Stratum 0 contains master timekeeping devices such as atomic clocks. Stratum 1 time servers synchronize with Stratum 0 devices. Stratum 2 time servers synchronize with Stratum 1 time servers, and Stratum 3 with Stratum 2. The NTP protocol supports 16 strata, though in real life there not that many. Servers in each stratum also peer with each other.

In the olden days, we selected individual NTP servers for our client configurations. Those days are long gone, and now the better way is to use the NTP pool addresses, which use round-robin DNS to share the load. Pool addresses are only for clients, such as individual PCs and your local LAN NTP server. When you run your own public server you won’t use the pool addresses.

Public NTP Server Configuration

There are two steps to running a public NTP server: set up your server, and then apply to join the NTP server pool. Running a public NTP server is a noble deed, but make sure you know what you’re getting into. Joining the NTP pool is a long-term commitment, because even if you run it for a short time and then quit, you’ll be receiving requests for years.

You need a static public IP address, a permanent reliable Internet connection with at least 512Kb/s bandwidth, and know how to configure your firewall correctly. NTP uses UDP port 123. The machine itself doesn’t have to be any great thing, and a lot of admins piggyback NTP on other public-facing servers such as Web servers.

Configuring a public NTP server is just like configuring a LAN NTP server, with a few more configurations. Start by reading the Rules of Engagement. Follow the rules and mind your manners; almost everyone maintaining a time server is a volunteer just like you. Then select 4-7 Stratum 2 upstream time servers from StratumTwoTimeServers. Select some that are geographically close to your upstream Internet service provider (mine is 300 miles away), read their access policies, and then use ping and mtr to find the servers with the lowest latency and least number of hops.

This example /etc/ntp.conf includes both IPv4 and IPv6 and basic safeguards:

# stratum 2 server list
server servername_1 iburst
server servername_2 iburst
server servername_3 iburst
server servername_4 iburst
server servername_5 iburst

# access restrictions
restrict -4 default kod noquery nomodify notrap nopeer limited
restrict -6 default kod noquery nomodify notrap nopeer limited
            
# Allow ntpq and ntpdc queries only from localhost
restrict 127.0.0.1
restrict ::1

Start your NTP server, let it run for a few minutes, and then test that it is querying the remote servers:

$ ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
=================================================================
+tock.no-such-ag 200.98.196.212   2 u   36   64    7   98.654   88.439  65.123
+PBX.cytranet.ne 45.33.84.208     3 u   37   64    7   72.419  113.535 129.313
*eterna.binary.n 199.102.46.70    2 u   39   64    7   92.933   98.475  56.778
+time.mclarkdev. 132.236.56.250   3 u   37   64    5  111.059   88.029  74.919

Good so far. Now test from another PC, using your NTP server name. The following example shows correct output. If something is not correct you’ll see an error message.

$ ntpdate -q yourservername
server 66.96.99.10, stratum 2, offset 0.017690, delay 0.12794
server 98.191.213.2, stratum 1, offset 0.014798, delay 0.22887
server 173.49.198.27, stratum 2, offset 0.020665, delay 0.15012
server 129.6.15.28, stratum 1, offset -0.018846, delay 0.20966
26 Jan 11:13:54 ntpdate[17293]: adjust time server 98.191.213.2 offset 0.014798 sec

Once your server is running satisfactorily apply at manage.ntppool.org to join the pool.

See the official handbook, The Network Time Protocol (NTP) Distribution to learn about all the command and configuration options, and advanced features such as management, querying, and authentication. Visit the following sites to learn pretty much everything you need about running a time server.

Learn more about Linux through the free “Introduction to Linux” course from The Linux Foundation and edX.

Call for Proposals Now Open – Speak at Open Source Summit Japan, North America, Europe

By
The Linux Foundation
-

Open Source Summit Japan, North America and Europe are the leading conferences for developers, architects and other technologists – as well as open source community and industry leaders – to collaborate, share information, learn about the the latest technologies and gain a competitive advantage by using innovative open solutions.

Join us in Tokyo, Vancouver, or Edinburgh to share your expertise with 2,000+ technologists and open source community members.

Conference Tracks at all three events include:

  • Cloud Native Apps/Serverless/Microservices
  • Infrastructure & Automation (Cloud / Cloud Native / DevOps)
  • Linux Systems
  • Artificial Intelligence & Data Analytics
  • Emerging Technologies & Wildcard (Networking, Edge, IoT, Hardware, Blockchain)

Additional tracks featured at Open Source Summit North America & Europe

  • Diversity Empowerment Summit
  • Open Collaboration Conference (Community, Compliance, Governance, Culture)
  • Innovation at Apache (ASF track)

Suggested Topics & CFP Deadlines:

Open Source Summit Japan

June 20-22 in Tokyo

View Suggested Topics

CFP Deadline: March 18

Submit for the co-located Automotive Linux Summit here.

Open Source Summit North America

August 29-31 in Vancouver

View Suggested Topics

CFP Deadline: April 29

Open Source Summit Europe

October 22-24 in Edinburgh

View Suggested Topics

CFP Deadline: July 1

Submit for the co-located Embedded Linux Conference here.

Get Inspired!

Watch Keynotes from Open Source Summit Japan, North America, and Europe 2017

Watch All Keynotes

Learn more about the CFP process and submit your speaking proposal today.

Not submitting, but planning to attend? Register now and save with early bird pricing!

Mitigating Known Security Risks in Open Source Libraries

By
O'Reilly
-

This is an excerpt from Securing Open Source Libraries, by Guy Podjarny. 

Read the preceding chapter or view the full report.

There are several ways to fix vulnerable packages, but upgrading is the best choice. If that is not possible, patching offers a good alternative. The following sections discuss each of these options, and we will later take a look at what you can do in situations where neither of these solutions is possible.

Upgrading

As I’ve previously stated, a vulnerability is a type of bug, and the best way to address a bug is to use a newer version where it is fixed. And so, the best way to fix a vulnerable dependency is to upgrade to a newer version. 

Read more at O’Reilly

How Programmers Learn to Code

By
MyBroadband
-

HackerRank recently published the results of its 2018 Developer Skills Report, in which it asked programmers when they started coding.

39,441 professional and student developers completed the online survey from 16 October to 1 November 2016, with over 25% of the developers surveyed writing their first piece of code before they were 16 years old.

How programmers learn

In terms of how programmers learnt to code, self-teaching is the norm for developers of all ages, stated the report.

Read more at MyBroadband

Reckoning the Spectre and Meltdown Performance Hit for HPC

By
The Next Platform
-

While no one has yet created an exploit to take advantage of the Spectre and Meltdown speculative execution vulnerabilities that were exposed by Google six months ago and that were revealed in early January, it is only a matter of time. The patching frenzy has not settled down yet, and a big concern is not just whether these patches fill the security gaps, but at what cost they do so in terms of application performance.

To try to ascertain the performance impact of the Spectre and Meltdown patches, most people have relied on comments from Google on the negligible nature of the performance hit on its own applications and some tests done by Red Hat on a variety of workloads, which we profiled in our initial story on the vulnerabilities

Read more at The Next Platform

A Fast-Evolving New Botnet Could Take Gadgets in Your Home to the Dark Side

By
Linux.com Editorial Staff
-

Satori is built to turn routers, thermostats, and other household devices into zombies.

There’s a new botnet in town. Since December, security researchers have been tracking an insidious piece of malware called Satori, which hijacks internet-connected devices and turns them into “zombies” that can be remotely controlled in unison. The number of devices in its thrall is still small. But whoever’s behind it is working quickly to tweak its design, hoping to build a powerful army of machines that can be summoned to pump out masses of e-mail spam, incapacitate corporate websites, or even bring down large chunks of the internet itself.

Satori, whose name means “enlightenment” in Japanese, has dark origins. Some of its source code appears to be the same as that of Mirai, a botnet that in 2016 used hundreds of thousands of compromised routers, web-connected cameras, and other devices…

Read more at Technology Review

ELC + OpenIoT: From Cloud Computing to Robot Apocalypse

By
Eric Brown
-

It’s time once again for that grand gathering of embedded Linux geeks known as the Embedded Linux Conference (ELC), as well as the co-located, non-Linux specific OpenIoT Summit. In this article, we take a closer look at the conference schedule, with keynotes and sessions you won’t want to miss.

ELC + OpenIoT is happening Mar. 12-14 in Portland, Oregon, the home of Linus Torvalds, who created Linux as a desktop OS and has watched it spread throughout the server world. Over the past decade, Linux has found similar success in embedded gear ranging from mobile devices to Internet of Things hubs to industrial equipment to drones.

Torvalds is not a scheduled speaker at the event, but the keynote speakers include the co-founder of another major open source embedded platform. Massimo Banzi is now the clear leader of the Arduino community after Federico Musto, the head of the formerly forked and then reunited Arduino Srl, departed last summer. There are no details as yet on the topic of Banzi’s Tuesday, 10 a.m. keynote, but it will likely be more about OpenIoT than Linux. Arduino appears to have backed away from its experiment in Linux/Arduino hybrid boards, such as the Yun, but it has a renewed emphasis on open source, community, and educational projects. Arduino is now focusing on its Raspberry Pi Zero sized MKR line of wireless, MCU-based Arduino boards.

Keynote lineup: From Google Cloud IoT to the robot apocalypse

Monday’s keynote lineup starts with a welcome from Sony’s Tim Bird, Chair of the Architecture Group of The Linux Foundation’s CE Working Group, and Philip DesAutel, the LF’s IoT Co-Chair. This talk will be followed by Antony Passemard, the Product Management Lead for Google Cloud IoT, who will discuss Google’s growing body of cloud-related IoT and analytics services. A hardware perspective on Linux will be provided by Patricia Florissi, VP and global CTO for Sales at Dell EMC.

Monday’s keynotes will be concluded with an address by Daniel Wilson titled “Sci-Fi Destroys the World, Science Builds It.” You can amp yourself up by reading Wilson’s bestsellers: Robopocalypse, Robogenesis, and How to Survive a Robot Uprising. (Maybe it’s time to keep that TurtleBot under lock and key.)

Tuesday’s lineup includes Banzi’s address, along with a keynote from DesAutels and Kate Stewart, Sr. Director of Strategic Programs at The Linux Foundation. Wednesday’s speakers include Amber Case of the Harvard’s Berkman Klein Center, as well as two longtime Linux leaders: Imad Sousou, VP and GM at Intel’s Open Source Technology Center, and Jonathan Corbet, Executive Editor of LWN.net.

Sign up for ELC/OpenIoT Summit updates to get the latest information:

Sessions: Real-Time Linux, Yocto, Zephyr, and much more

This year’s diverse selection of topics lacks a clearly dominant theme. There are, however, more than the usual sessions on Real-Time Linux. A half dozen ELC presentations include sessions on both the dominant Preempt-RT and its main rival Xenomai, and there’s a report from Ambient Sensors’ Sandra Capri on implementing a pseudo-real-time stack that uses neither of these technologies, with examples detailed for the Raspberry Pi and BeagleBone.

The ELC lineup also includes five sessions on the Yocto Project, which is quietly extending its reach in embedded Linux development on both x86 and ARM platforms, especially when a high degree of customization is required. There’s even a session on porting OpenEmbedded/Yocto to the open source RISC-V architecture (see farther below).

The OpenIoT track, meanwhile, has seven presentations on the lightweight Zephyr OS. This quickly maturing open source distribution for MCUs will also be showcased at Embedded World in Nuremberg, Germany, taking place Feb. 27 to Mar. 1.

The following list is a rather arbitrary selection of sessions that stand out from the pack, along with a few side notes. Other sessions not listed here cover topics such as ROS, GPUs, asymmetric multiprocessing, boot strategies, testing, security, RTS kernel, EAS, SiP, Eclipse, JavaScript, quality assurance, FPGAs, Bluetooth Mesh, NuttX, MQTT, EdgeX Foundry, Android Common Kernel, I3C, Tock, power management, virtualization on the edge, wireless debug, and Azure IoT Edge, among others.

10 sessions to consider for ELC + OpenIoT 2018:

Mozilla’s Iot Framework: Putting People First (Mon. 10:50) — Kathy Giori, Mozilla Corp. Last July, Mozilla unveiled an open source IoT project called Web of Things in collaboration with the W3C. The project has a Things gateway prototype that runs on a Raspberry Pi, and which builds on linkable and discoverable APIs based on standard web technologies.

Zephyr LTS Release, What to Expect and Why are We Doing This (Mon. 11:50) — Anas Nashif, Intel. In its first two years, the Zephyr RTOS has had 11 development releases. This year, we’ll see a major Zephyr LTS release with new features, stable APIs, and a subset of certifications.

Introduction to SoundWire (Mon 2:00) — Vinod Koul, Intel. The MIPI Alliance’s SoundWire audio bus spec, which was recently merged into Linux 4.16, should eventually replace HDA and I2C for low-cost, low-latency audio streaming in embedded devices and PCs.

OpenEmbedded Yocto on RISC-V — New Kid on the Block (Mon. 4:10) — Khem Raj, Comcast. This year we’ll see the first Linux-ready implementation of the open source RISC-V ISA architecture. OpenEmbedded/Yocto is one of first embedded Linux distribution frameworks to support RISC-V, but challenges remain.

Preempt-RT Raspberry Pi Linux (Tue. 2:00) — Tiejun Chen, VMware. Real-time Preempt-RT patches are increasingly being integrated in the Linux kernel, but not the kernel maintained specifically for the Raspberry Pi. Chen explores the potential and challenges of integration.

Secure Containers in Embedded Deployments (Tue. 4:20) — Stefano Stabellini, Xen Project. Stabellini discusses a new approach for enabling embedded hypervisors to run container apps such as minimalist Docker implementations on small embedded Linux devices without sacrificing real-time or safety.

The Salmon Diet: Up-Streaming Drivers as a Form of Optimization (Wed. 11:05) — Gilad Ben-Yossef, Arm. Ben-Yossef describes his experience in up-streaming the previously out-of-tree CryptoCell REE device driver, how the process helped reduce the line count by 30 percent while also decreasing bugs.

Sensor Types and their Uses (Wed. 2:30) — Mike Anderson, The PTR Group. With the increase of IoT and robotics applications, sensors such as gyroscopes, stress gauges, thermocouples, and more are increasingly part of the embedded developer’s toolkit. But what do they do exactly, and how do you integrate them?

Civil Infrastructure Platform: Industrial Grade Open Source Base-Layer (Wed. 3:30) — Yoshitake Kobayashi, Toshiba, and Urs Gleim, Siemens AG. Catch up on one of the Linux Foundation’s latest projects. The CIP project is producing a super long-term supported (SLTS) industrial software layer for civil infrastructure to encourage improved reusability.

3D Printing with Linux and Xenomai (Wed. 3:30) — Kendall Auel, 3D Systems Corp. Auel describes how a dual-kernel architecture using Linux and Xenomai can maintain low and predictable latencies for real time control of a 3D printer, while enabling a complex and resource intensive slicing application to run in parallel.

Registration

Registration is now open for the Embedded Linux Conference and OpenIoT Summit, to be held Mar. 12-14 at the Hilton Portland in Portland, OR. Packages start at $700, rising to $850 on Feb. 18. Academic and hobbyist discounts are available. Linux.com readers can register now with discount code, LINUXRD5, for 5% off the attendee registration.

Your Instant Kubernetes Cluster

By
Alex Ellis Blog
-

This is a condensed and updated version of my previous tutorial Kubernetes in 10 minutes. I’ve removed just about everything I can so this guide still makes sense. Use it when you want to create a cluster on the cloud or on-premises as fast as possible.

1.0 Pick a host

We will be using Ubuntu 16.04 for this guide so that you can copy/paste all the instructions. Here are several environments where I’ve tested this guide. Just pick where you want to run your hosts.

Read more at Alex Ellis blog

What is the IoT? Everything You Need to Know About the Internet of Things Right Now

By
ZDNet
-

What is the Internet of Things?

The Internet of Things, or IoT, refers to billions of physical devices around the world that are now connected to the internet, collecting and sharing data. Thanks to cheap processors and wireless networks, it’s possible to turn anything, from a pill to an aeroplane, into part of the IoT. This adds a level of digital intelligence to devices that would be otherwise dumb, enabling them to communicate without a human being involved, and merging the digital and physical worlds.

Pretty much any physical object can be transformed into an IoT device if it can be connected to the internet and controlled that way. A lightbulb that can be switched on using a smartphone app is an IoT device, as is a motion sensor or a smart thermostat in your office or a connected streetlight. 

Read more at ZDNet

1...415416417...10,742Page 416 of 10,742