Twitter
Home Blog Page 452

Black Duck Launches New Container Security Solution

By
SD Times
-

Black Duck announced the release of its OpsSight automatic open source vulnerability detection solution for containers at its Flight 2017 conference in Boston today.

According to the company’s CEO Lou Shipley, OpsSight is Black Duck’s first product that targets the production phase of the software lifecycle.

“…as the number of containers grows, so does the complexity of validating the contents and securing container images in production. OpsSight allows operations team to be sure deployments are free from known open source security vulnerabilities because it provides full visibility into and control over the open source in the container images.

Read more at SDTimes

Arduino Create Expands to Support Linux on Intel Chips

By
Eric Brown
-

When we talk about open source hardware, we often think about the Raspberry Pi and other community-backed single board computers running Linux. Yet all these communities were modeled on the success of the 14-year-old Arduino project, in which Linux has been only tangentially involved, and only over the past four years. The two platforms should grow closer, however, now that Arduino has extended its Arduino Create development environment to support Linux on x86 platforms.

With the new Linux support, “users are now able to program their Linux devices as if they were regular Arduinos,” says Arduino. Arduino Create works in concert with embedded Linux distributions – initially Ubuntu or Intel’s Wind River Pulsar Linux – to let developers load Arduino sketches to control lower level interfaces to sensors and other Internet of Things peripherals.

Arduino Create was unveiled as a private beta in May 2016, intended as a modern, web-based companion application – and perhaps and eventual replacement – for the desktop-based Arduino IDE. The software provides a browser plugin, letting developers upload sketches to any connected Arduino board from the browser. It features a web editor, as well as cloud-based sharing and collaboration tools.

Arduino Create enables program-to-program, and program-to-cloud communications via the MQTT protocol. This is implemented with a new open source Arduino Connector program.

UP Squared IoT Grove Development Kit

Intel unveiled the revised Arduino Create on Nov. 2 as a collaboration between itself, Arduino, Aaeon, Canonical, and Seeed. This was followed the next day by Arduino’s announcement.

The Linux-ready version of Arduino Create is debuting on a version of Aaeon’s UP Squared (UP2) hacker SBC called the UP Squared IoT Grove Development Kit. In addition to the SBC, which runs Ubuntu 16.04 on an Intel Apollo Lake SoC, the kit includes Seeed’s Arduino compatible Grove Pi+ extension board, a display, and Grove sensors.

Arduino Create can also run on any system controlled by Ubuntu or Pulsar that uses 64-bit Intel Atom, Core, or Xeon processors. Arduino’s announcement points to tutorials for setting up Arduino Create on the Intel NUC, Dell Wyse, and Gigabyte GB-BXT mini-PCs.

Arduino’s announcement suggests that ARM could be the next target: “In the coming months, we plan to expand support for Linuxbased IoT devices running on other hardware architectures,” says Arduino.    

The version of Arduino Create available on the UP Squared kit combines Arduino programming libraries with a simplified installation process, code sharing, and cloud services. Developers can make system calls and run multiple sketches simultaneously. The software ships with examples for integrating Amazon Web Services (AWS) and Microsoft Azure.

The UP Squared kit version provides example code specifically designed for the kit and its Arduino-programmable Grove sensors and I/O peripherals. It includes libraries such as OpenCV, Intel’s Math Kernel Library (MKL), and Intel’s MRAA HAL library for low-speed I/O links. Developers can also export sketches as CMake projects that can bridge to more advanced tools like Intel System Studio 2018.

Next step in the Arduino Linux dance

The newly Linux friendly Arduino Create adds another wrinkle to the continuing evolution of Arduino/Linux integration. Because the Arduino IDE is PC-based, as opposed to an autonomous embedded RTOS such as FreeRTOS or ARM’s Mbed, Arduino is well positioned to act as a bridge between the application processor and microprocessor unit (MCU) realms.

The first Arduino board that also ran Linux the Arduino Yún arrived only four years ago. Arduino sketches running on an ATmega32u4 MCU control the Yún, but the software hands off to the OpenWRT Linux based Linino distro running on an Atheros wireless SoC when it needs to communicate with the outside world.

Several other hybrid Arduino/Linux boards that followed had similar designs. These included the Arduino Yún Mini, Arduino Industrial 101, and Arduino TIAN.

At the same time the Arduino/Linux hybrids were advancing, open hardware Linux projects were adding Arduino support. Out of the 98 community backed Linux hacker boards that appeared in our June 2017 survey, 15 offered standard or optional Arduino shield support. A few of these are official Arduino hybrids, but most are Linux-driven boards such as the pcDuino, Udoo, and Link-It SBCs.

Our survey showed increasing preference for Arduino-ready Linux SBCs just as several of these boards – the Intel Edison and Galileo – were being discontinued. Most of the Linux-enabled Arduinos boards, meanwhile, have emerged from the forked Arduino.org wing of the once feuding Arduino camps. Now that the groups have reunified, and Arduino.org’s Federico Musto has been ousted, the future of Linux-ready Arduino boards (as opposed to Arduino-compatible Linux boards) – is in doubt.

This has less to do with Arduino politics than with the advent of increasingly sophisticated Cortex-M MCUs and wireless chips such as Espressif’s open source ESP8266 and newer ESP32 SoCs, as well as the evolution of the Arduino IDE. The ESP8266, for example, stood in for Linino-on-Atheros on non-Linux, wireless-enabled Arduino offerings such as the Arduino STAR Otto and Arduino Primo.

More recently, Arduino has focused on its smaller, IoT-targeted MKR boards, which do not run Linux. The original MKR1000 offloads WiFi services to an Atmel ATSAMW25H18 WiFi module, and the new MKR WAN 1300 and MKR GSM 1400 use Murata (LoRa) and U-Blox (3G) modules, respectively in addition to their Arduino-compatible MCUs.

Arduino’s new philosophy appears to be that 1) Arduino should focus more on cloud connected IoT software than hardware, and 2) that the best path to Arduino/Linux integration is to run Arduino code under the umbrella of an embedded Linux OS rather than add a separate Linux subsystem to an Arduino board. This would seem to make sense since Linux is no longer needed on Arduino boards to do basic web-enabled networking. The hardware required to run Linux costs more, and Linux adds complexity, especially considering its weak integration with Arduino.

With Arduino Create, however, Linux developers can use Arduino to gain better control over sensors and motor control gizmos, and Arduino developers can piggyback their designs on platforms with more powerful processors and additional resources. The revised Arduino Create aims to bring Intel Linux developers gently into the world of Arduino while also opening up Linux boards to Arduino developers. This is a powerful combination that could prove even more significant if Arduino creates an ARM version of Arduino Create.

How to Measure HPC

By
Top500
-

Measuring high performance computing can be very powerful for the businesses that rely on it and the end users that directly employ it. Based on NAG’s experience helping organizations with HPC measurement, we have put together this overview of the subject for TOP500 News.

Measuring usage and costs of your current HPC capability can inform service delivery and policies to extract the optimum science or business impact from your existing set-up. Collecting data on the usage patterns, costs, and value delivered by current HPC capability can also help ensure future decisions are optimal. This enables that subsequent investments can be made with confidence, at the right scale, type and timing for maximum value, and with well understood risks. However, measuring the right things, and making sure they drive the best business or science impact is a surprisingly complex undertaking.

Read more at TOP500

Project Treble Brings Extended Linux Kernel Security Support to Combat Fragmentation

By
XDA
-

One of the major issues for Android over the years has been device fragmentation. The Android version and Linux kernel version a device are on can have a massive impact on the device’s security and usability, and Google is making a concerted effort to improve Android’s update lifecycle with Project Treble.

At Linaro Connect San Francisco 2017, Google Project Treble team member Iliyan Malchev gave a talk on what Project Treble is attempting to do for Android, and on what it has achieved so far. He revealed that as part of their efforts to improve the security lifecycle for Android devices, Google has managed to get the Linux Foundation to agree to extend the support life of the Linux Long-Term Support (LTS) kernel branch from the 2 years that it has historically lasted, to 6 years for future versions of the LTS kernel, starting with Linux kernel 4.4. Greg Kroah-Hartman (GKH) of the Linux Foundation, the head maintainer for the Linux stable kernel branch (including LTS), felt that the timing was right to implement the change with the direction the entire computing market is heading, and gave Iliyan Malchev permission to announce the extended support life.

Read more at XDA

Best Practices for Using Open Source Code

By
The Linux Foundation
-

However, diving in and using open source code without an understanding of everything from legal risks to best development practices is perilous. Approaching open source code usage without best practices in place can also tarnish an organization’s reputation. That’s where the free, new Using Open Source Code guide comes in. It can help you craft and codify a comprehensive strategy.

One of the most important steps in using open source code effectively within your program is to set explicit guidelines to be followed, which are often summarized in a strategy document. What if code comes into one of your projects from a project with a different licensing setup? What acceptance, rejection, and exception policies should developers follow? What is your organization’s overall stance toward open source development?

Read more at The Linux Foundation

Download the free guides and stay tuned for our continuing coverage.

Exploring AMD’s Ambitious ROCm Initiative

By
ADMIN Magazine
-

The open source ecosystem is a vast world of free tools and interacting components: drivers, APIs, compilers, and programming languages. The story of Linux and the open source movement has always been about building this ecosystem and completing the pieces of the puzzle to create a flexible, versatile, and all-free computing environment.

For many common scenarios, this constellation of free components is nearly complete; however, the crucial area of high-performance computing has had to contend with some non-free software components. In particular, the rise of the Graphics Processing Unit (GPU) has complicated a toolchain that had previously been focused on traditional CPU-based computing. Languages like CUDA evolved as a means for integrating the GPU into conventional C++ programming; however, CUDA was never really envisioned as a universal solution, and it is designed to support the GPU hardware of a single vendor. Other solutions, such as OpenCL, embrace the concept of open source but do not support a full range of programming alternatives.

As a leading vendor of both GPU and CPU technologies, AMD has taken up the challenge of bringing free, flexible, cross-platform, and language-independent computing to the GPU-accelerated HPC space. The result of this ambitious effort is the Radeon Open Compute Ecosystem (ROCm) platform, which AMD describes as “the first open-source HPC/Hyperscale-class platform for GPU computing that’s also programming-language independent.”

Read more at ADMIN 

Edge Computing Moves the Open Cloud Beyond the Data Center

By
OpenSource.com
-

Edge computing, like public cloud at scale, requires a convenient, powerful cloud software stack that can be deployed in a unified, efficient and sustainable way. Open source is leading the way.

When we think of cloud computing, most of us envision large-scale, centralized data centers running thousands of physical servers. As powerful as that vision sounds, it actually misses the biggest new opportunity: distributed cloud infrastructure.

Today, almost every company in every industry sector needs near-instant access to data and compute resources to be successful. Edge computing pushes applications, data and computing power services away from centralized data centers to the logical extremes of a network, close to users, devices and sensors. It enables companies to put the right data in the right place at the right time, supporting fast and secure access. The result is an improved user experience and, oftentimes, a valuable strategic advantage. The decision to implement an edge computing architecture is typically driven by the need for location optimization, security, and most of all, speed.

Read more at OpenSource.com

Linux Kernel 3.10 Reached End of Life, Users Are Urged to Move to Linux 4.4 LTS

By
Softpedia
-

Linux kernel maintainer Willy Tarreau announced that the Linux 3.10 kernel series reached end of life and it will no longer receive maintenance updates that patch critical security vulnerabilities.

The end of life was reached this past weekend with the release of Linux kernel 3.10.108, which is the last maintenance update for the Linux 3.10 branch. Therefore, users and OEMs are now urged to upgrade to a more recent, long-term supported Linux kernel, such as the Linux 4.4 LTS series.

Read more at Softpedia

Install Let’s Encrypt and Secure Nginx with SSL/TLS in Debian 9

By
Falko Timme
-

This tutorial will show you how to install and secure a Nginx web server on Debian 9 with a TLS certificate issued for free by the Let’s Encrypt Certificate Authority. Furthermore, we will configure automatic renewal of Lets’ Encrypt TLS certificates using a cron job before the certificates expire.

TLS, also known as Transport Layer Security, is a network protocol that uses SSL certificates to encrypt the network traffic which flows between a server and a client, or between a web server, such as Nginx server, and a browser. All data exchanged in between these two entities is secured and the connection cannot be decrypted even if it is intercepted using a technique such as by a man in the middle attack or packet sniffing. The certbot package software is the official client utility provided by Let’s Encrypt CA that can be used in the process of generating and downloading free Let’s Encrypt certificates in Debian.

Read more at HowToForge

4 Ways to Watch or Monitor Log Files in Real Time

By
Tecmint
-

How can I see the content of a log file in real time in Linux? Well there are a lot of utilities out there that can help a user to output the content of a file while the file is changing or continuously updating. Some of the most known and heavily used utility to display a file content in real time in Linux is the tail command (manage files effectively).

1. tail Command – Monitor Logs in Real Time

As said, tail command is the most common solution to display a log file in real time. However, the command to display the file has two versions, as illustrated in the below examples.

In the first example the command tail needs the -f argument to follow the content of a file.

Read more at Tecmint

 

1...451452453...10,742Page 452 of 10,742