For once, some good news about women in the cybersecurity field: A new survey shows that despite the low number of women in the industry, many feel empowered in their jobs and consider themselves valuable members of the team.
The newly published “Women in Cybersecurity: A Progressive Movement” report — a survey of women by a woman — is the brainchild of security industry veteran Caroline Wong, vice president of security strategy at Cobalt, who formerly worked at Cigital, Symantec, eBay, and Zynga.
Wong says she decided to conduct the survey after getting discouraged with all of the bad news about women being underrepresented, underpaid, and even harassed in the technology and cybersecurity fields. The number of women in the industry has basically plateaued at 11% over the past few years.
I’ve been looking for a low level Linux network debugging tool for quite some time. Linux allows to build complex networks running directly on the host, using a combination of virtual interfaces and network namespaces. When something goes wrong, troubleshooting is rather tedious. If this is a L3 routing issue, mtr has a good chance of being of some help. But if this is a lower level issue, I typically end up manually checking each interface / bridge / network namespace / iptables and firing up a couple of tcpdumps as an attempt to get a sense of what’s going on. If you have no prior knowledge of the network setup, this may feel like a maze.
What I’d need is a tool which could tell me “Hey, I’ve seen your packet: It’s gone this way, on this interface, in this network namespace”.
GNOME Project’s GUADEC (GNOME Users And Developers European Conference) developer conference is now over, and Canonical’s Didier Roche was there to collaborate with the GNOME team for the upcoming Ubuntu 17.10 release.
It’s no news that Canonical decided to bury its excellent Unity user interface and switch back to a default GNOME desktop environment experience for upcoming Ubuntu releases, and Ubuntu 17.10 (Artful Aardvark) will be the first to offer fans of the popular Linux-based operating system these major changes.
And it finally looks like Canonical’s Ubuntu Desktop team now has a clear direction after the GUADEC conference, deciding to make some modifications to the vanilla GNOME desktop environment, such as enabling an always visible dock by default via the widely-used Dash to Dock GNOME Shell extension.
This week in OSS and Linux news, two opinion writers at The New York Times consider the safeguards of open source software in future elections, Prodip Sen of HP shares the growing role of OPNFV, and more! Read on to stay in the open source know this week.
1) The National Association of Voting Officials is leading a movement to encourage officials to stop purchasing insecure systems and use open source software to “guard our votes against manipulation.”
Ilan Rabinovitch, Director of Technical Community at Datadog, will be giving a talk at Open Source Summit NA titled “Docker Adoption Patterns” based on information gathered through Datadog’s research.
Rabinovitch has years of experience leading infrastructure and reliability engineering teams at companies such as Ooyala and Edmunds.com and is also a co-founder of open source community events such as SCALE, Texas Linux Fest, and DevOpsDay LA. Here, Rabinovitch shares all the reasons why you need to attend his talk.
Linux.com: How are containers affecting us in real life? What kind of companies should care about your talk?
Ilan Rabinovitch: Over the last decade, public cloud providers and virtualization have, through automation, reduced human and financial cost of provisioning or re-provisioning. Once you could replace instances with an API call, it no longer makes sense to troubleshoot unhealthy hosts, when you can just replace them. Further autoscaling often meant that hosts might only be around long enough to handle a spike in load during peak traffic and be churned out once that load subsided. Containers have taken that dynamism and turned the dial up to 11. We find that among Datadog’s customers containers are churning 9x or more times a given VM runs on them.
As far as who is adopting them, it’s fairly safe to say everyone. Our study dives into this in more detail, but we find that these are adopted by organizations both large and small.
Linux.com: What gives Datadog a unique perspective into Docker adoption patterns?
Rabinovitch: Datadog has a SaaS provider of monitoring services for applications and infrastructure. As we studied Docker adoption among our customers, we were able to include anonymized data from a sample of over 10,000 companies, and 185 million containers in real-world use. This is the largest single data set on container and orchestrator adoption, which provides us with a unique vantage point on where the industry is today.
Linux.com: Who will benefit from learning about these patterns?
Rabinovitch: While container adoption has skyrocketed over the past few years, it is still early days for adoption and many of the best practices around deployment are still being learned. As users look to adopt these new technologies, it is helpful to see how their peers and the industry as a whole are adopting them in order to help validate their own approaches.
Linux.com: Can you tell us some of what you have learned from your studies?
Rabinovitch:We published our last study on Docker Adoption in April 2017 and the bulk of our findings are available in it. As part of my session at OSS Summit, we will be releasing new updated facts and metrics for a study to be released around the same time.
Linux.com: What kind of technologies do you see getting adopted?
Rabinovitch: Anecdotally, we often hear about mostly stateless applications being in containers. In our studies we’ve been surprised to regularly find that data-stores and stateful services such as Redis, Postgres, and MySQL are some of the most frequently deployed technologies across our customer base.
If you’re seriously concerned about privacy, you want to ensure you’re doing all the right things and not leaving behind a trace of what you’ve browsed. There are many reasons for this—some good, some bad. I’d like to focus on the good (naturally). In the past few years, it has become clear that tracking web histories is not a myth. Businesses, governments—anyone with the skills can make use of your browsing history. That is the very reason why technology like Tor has recently gained popularity.
Users want to reclaim their anonymity.
That is where the likes of Tails comes in. Tails lays claim to “Privacy for anyone” and they make good on that claim with tools like:
Tor — Tails relies on the Tor anonymity network
Tor Browser — A browser that works seamlessly with Tor
Onion Circuits — A tool that lists the circuits used by Tor
OnionShare — Anonymously share files
By using all of the above, on top of a live-only distribution, Tails makes for a very anonymous experience. And because it all works together seamlessly, you don’t have to worry about certain dependent components (e.g., starting Tor before using Tor Browser). In fact, you can fire up Tails, open up Tor Browser and immediately go to the Tor Check site and see that your Tails instance is, in fact, configured to use Tor.
This is privacy at it simplest—with a slight catch.
But wait; what exactly is Tails?
As I mentioned earlier, Tails is a live Linux distribution. What does that mean? It means you don’t install the operating system, you run it on a per-instance basis, use it for as long as you need, and shut it down when you’re done. If you want to use Tails, you burn the ISO (you must use either Firefox or Tor Browser, to download the ISO) onto a USB drive, stick the USB drive into your machine, and boot. Enjoy the privacy of Tails and then, when you’re done, reboot the computer (removing the USB drive). Everything you did within Tails is gone; you have left absolutely no trace. And, if you work with the likes of VirtualBox, you can create a virtual machine with the ISO and have Tails at the ready any time (just remember to shut it down and not save the VM in its running state).
And so, for anyone that is looking to gain as much privacy as they can, Tails is one of the easiest solutions.
What’s new in Tails 3?
Startup and shutdown
Tails 3 brings about some significant changes to the platform. First and foremost, there’s a brand new startup and shutdown experience. When you boot Tails 3, the first thing you will see is the Tails Greeter (Figure 1). In this screen, you can select your Language, Keyboard Layout, and Date/Time formats.
Figure 1: The Tails 3 Greeter.
Click on Additional settings and you can configure an administrator password (which is off by default), MAC address spoofing (on by default), and Network Connection (direct by default). Once you’ve configured Tails how you want it, click the Start Tails button and the default desktop will appear (Figure 2).
Figure 2: The Tails desktop.
The improved desktop
The desktop is based on GNOME (with a slight tweak or two, by way of extensions) and is quite user-friendly. One of the first things previous users will note is that Tails has opted to go to the dark side, using the darker GNOME theme as the default. Speaking of the desktop, the Tails file manager (GNOME Files) finally includes the built-in ability to compress and extract as well the ability to rename multiple files at the same time. Add to that, Tails makes it easy (by way of GNOME Files) to encrypt, sign, wipe, and share (via OnionShare) files, through a right-click context menu (Figure 3).
Figure 3: The GNOME Files right-click context menu, as seen through Tails.
No more 32-bit support
That’s right, Tails has opted to leave behind the aging 32-bit hardware support. This was a tough decision on their part, but it was the right move, as there is more security to be found within the 64-bit architecture.
Software updates
A number of the software packages have enjoyed updates. Once you boot up Tails, you’ll find the following release changes:
KeePassX from 0.4.3 to 2.0.3
LibreOffice from 4.3.3 to 5.2.6
Inkscape from 0.48.5 to 0.92.1
Audacity from 2.0.6 to 2.1.2
Enigmail from 1.8.2 to 1.9.6
MAT from 0.5.2 to 0.6.1
Dasher from 4.11 to 5.0
git from 2.1.4 to 2.11.0
As you can see, many of those titles are nowhere near bleeding edge; but when you’re using a live distribution, such as Tails, you’re not concerned with having the newest of the new. Even so, just because you’re looking for anonymity, doesn’t mean you don’t need to get things done. Tails has plenty of software to help you do just that. You’ll even find titles such as:
GIMP
Inkscape
Scribus
Thunderbird
Pidgin
Pitivi
Sound Recorder
And much more
In other words, don’t be fooled by the fact that Tails is a live distribution; this is still Linux, so there’s plenty of software to be had.
To read about all the changes that have been made to Tails, check out their official post here.
Amnesia
One thing you should know about tails is that it defaults to the user, amnesia. This particular user is not a member of sudo, so it is not allowed to execute tasks that require administrative permission. You can get around that during the startup. Click Additional settings at the Tails Greeter and then click Administration password. Type and verify the new administrator password and click Add (Figure 4).
Figure 4: Adding an administrator password.
Once you’ve started Tails with an administrator password in place, the amnesia user can then work with tools like sudo. Do note, as soon as you restart Tails, that administrator password is gone and will have to be reset.
Is Tails right for you?
This question is fairly easily answered. Are you looking for the means by which you can browse and work anonymously, knowing once you shut down every trace of what you were doing will vanish? If that’s you, Tails might well be the perfect fit. Give Tails 3 a spin and enjoy anonymity at its simplest.
Learn more about Linux through the free “Introduction to Linux” course from The Linux Foundation and edX.
Kubernetes, the open-source system for automating the deployment and scaling of containerized applications, does its job really well. It groups an application’s containers into logical units for easy management and discovery, scales all the way from local testing to truly global production, and runs pretty much anywhere.
At the same time, the platform can be intimidating to implement — particularly for new users configuring their first-ever system running on Kubernetes. Kubernetes is quickly becoming the de facto standard for software container orchestration, but accessing it remains a challenge for anyone who is not a hardcore systems engineer.
Heptio, founded by Kubernetes co-creators Joe Beda and Craig McLuckie, is a company that aims to make the platform more accessible.
It can be tough to start a new open source project. You have an awesome idea in your head, but it takes work to turn it into a productive, healthy, engaging community. Sadly (as seems to be the case in practically anything), the same mistakes are made over and over again by new projects.
Here are some of the most common mistakes open source projects make and my recommendations for avoiding them.
1. Chatting instead of shipping
Of the thousands of open source projects that kick off, too many get stuck at the outset because of a bunch of discussions on a Slack channel, mailing list, issue, or elsewhere. The discussions bounce around the house, and the scope often grows more and more lavish to incorporate the many, sundry ideas and considerations.
To ensure websites and applications deliver consistently excellent speed and availability, some organizations are adopting Google’s Site Reliability Engineering (SRE) model. In this model, a Site Reliability Engineer (SRE) – usually someone with both development and IT Ops experience – institutes clear-cut metrics to determine when a website or application is production-ready from a user performance perspective. This helps reduce friction that often exists between the “dev” and “ops” sides of organizations. More specifically, metrics can eliminate the conflict between developers’ desire to “Ship it!” and operations desire to not be paged when they are on-call. If performance thresholds aren’t met, releases cannot move forward.
Sounds simple and straightforward enough, but you’d be surprised at how challenging the SRE role can be, given basic human psychological tendencies. Our desire to see ourselves and our teams in a positive light, and avoid negative consequences that can result in our subconsciously gaming, distorting, and manipulating metrics.
You might be wondering what’s the difference between apt-get and apt? And if they have a similar command structure, what was the need for the new apt command? You might also be thinking if apt is better than apt-get? Should you be using the new apt command or stick with the good old apt-get commands?
