Sponsored Links

Huawei and Canonical Integrate OpenStack and CloudFabric

Huawei Extends its Cooperation with Canonical with the Integration of CloudFabric Data Center Network Solution and Ubuntu Cloud Solutions

Hannover, Germany, March 23, 2017 – Huawei and Canonical today announced they are expanding their cooperation in enterprise and telecom clouds to announce that they have completed the integration of CloudFabric Cloud Data Center Network Solution and Canonical’s Ubuntu OpenStack. The joint solution integrates the Agile Controller, Huawei’s SDN controller, with Ubuntu OpenStack to improve the efficiency of deploying and maintaining multiple data center networks. A large number of controller nodes can be deployed in minutes to interoperate with the cloud platform quickly. Enterprises or telecom cloud platforms that are using or plan to use Ubuntu OpenStack platform can directly connect their OpenStack platform with the Agile Controller to enable quick, flexible service deployment and integration in multiple data centers.

Canonical’s OpenStack Interoperability Lab in Boston builds more than 3000 OpenStack clouds every month to test and verify the interoperability of different hardware, SDN and software combinations, helping customers to integrate and deploy their cloud platforms and SDN solutions in a secure environment. This new joint initiative between Huawei and Canonical includes the integration of Huawei Agile Controller with Juju, Canonical’s service modelling tool, that provides the ability to quickly deploy complex workloads including OpenStack with various SDN controllers. The combination of Huawei Agile Controller and Ubuntu OpenStack with Juju tooling enables the rapid efficient scaling and operation of complex application services while minimizing the need for manual intervention.

“We are honored to expand our strategic relationship with Huawei. Ubuntu OpenStack and Juju integration with the Huawei Agile Controller enhances customer data center management capability, especially when it comes to operating large-scale data center deployments easily. Our collaboration with Huawei delivers even simpler and more efficient automated data center solutions to our customers,” said John Zannos, Vice President of Cloud Alliances and Ecosystem at Canonical.

Huang He, General Manager of the Huawei SDN Controller Domain, said: “Openness is a key factor of a data center network solution. Huawei Agile Controller has passed interoperability certification with multiple providers of commercial OpenStack versions. The successful integration with Canonical reflects the deepened cooperation with cloud platform providers. This joint solution achieved not only automated network device configuration and service orchestration, but also the quick installation and deployment of the controller system itself. This further improves the data center operation efficiency.”

By cooperating with Canonical, Huawei makes another step toward an all-cloud network management ecosystem. Huawei is continuing the effort promoting commercial SDN deployments and creating an open, cooperative, win-win SDN ecosystem. The alliance of Huawei and Canonical benefits enterprise and telecom users by improving the network management efficiency and is a significant to the development of the entire ecosystem.

For further information please contact pr@canonical.com

Webinar: How to ensure the ongoing security compliance of Ubuntu 12.04

Many enterprises still run Ubuntu 12.04 LTS but updates will end soon.

Date:   22 March, 2017
Time:   4pm GMT / 12pm EDT / 9am CDT
Speaker: Dustin Kirkland, Ubuntu Product and Strategy Lead at Canonical

Ubuntu 12.04 LTS users are encouraged to upgrade to 14.04 LTS or 16.04 LTS. For some this is easy but for others, particularly for larger deployments, upgrading can be complex.

By joining this live webinar you will learn:

  • How Ubuntu 12.04 LTS users will be impacted after April 25th, 2017
  • Upgrading strategies for 12.04 LTS systems to 14.04 LTS or 16.04 LTS
  • How to extend security maintenance for 12.04 LTS with Ubuntu Advantage

We encourage Q&A throughout, so please submit your questions when you register, and also bring more to the webinar!

Register for the webinar

Leading Linux distros dawdle as kernel flaw persists

A local privilege esclation flaw has been fixed in the Linux kernel, but several upstream distributions have yet to release updates. Administrators should plan on mitigating the vulnerability on Linux servers and workstations themselves and monitor the distributions for their update plans.
The race condition flaw in the n_hdlc driver (drivers/tty/n_hdlc.c) in the Linux kernel through 4.10.1 (CVE-2017-2636) can lead to a double-free error in n_hdlc_release() when accessing the n_hdlc.tbuf list, said Alexander Popov, a researcher at Russia-based Positive Technologies who found and reported the flaw. A local, unprivileged user able to set the HDLC line discipline on the tty device could exploit this flaw and gain increased privileges over the affected system or cause a denial-of-service condition.
The vulnerability, which got a base score of 7.8 under Common Vulnerability Scoring System (CVSS) 3.0, doesn’t need to be triggered by any user interaction, and the attack complexity is considered low. Exploiting this flaw does not require specialized hardware or peripherals to be attacked in the targeted system. Under CVSS, the vulnerability is considered High severity because of its impact.

Source: http://www.infoworld.com/article/3182385/security/leading-linux-distros-dawdle-as-kernel-flaw-persists.html
Submitted by: Arnfried Walbrecht

When Products and Digital Signage speak the same language

This is a guest post by Dominique Guinard, Co-founder & CTO at EVRYTHNG. If you would like to contribute a guest post, please contact ubuntu-devices@canonical.com

Digital signage is booming. From stores to offices and public buildings, screens are now commonplace. This is a domain our partner Screenly masters, managing 10,000 screens and counting. Their secret sauce? Simplicity! Their system is plug and play, making it possible to deploy a screen within minutes. Screenly’s system is built on the popular Raspberry Pi platform and running the new Ubuntu Core operating system, a cutting-edge operating system tailored to deploy apps in the real world.

A few weeks ago, Ubuntu, Screenly and EVRYTHNG sat down together to see if we could work on disrupting the digital signage world with a simple, yet very actionable solution to connect digital screens and products in store.

EVRYTHNG is already busy giving millions of products a digital life with a number of leading brands. Imagine if these products could communicate with digital signage without the need for any app to be installed, but instead simply by scanning the EVRYTHNG identities on the products from the Web.

There are plenty of scenarios in which a product and a screen could tell great stories: Are these shoes available in my size? Is this shirt 100% waterproof? What would I look like in this jacket? What’s best to eat with this wine?

The result is an integrated solution that we presented at Mobile World Congress 2017. Simply scan an item from the Web or by tapping an NFC tag, and off you go. You get the stock inventory in the screen in front of you, a video describing the product on the main screen and some related content on your phone.

How does it work? Products that are digitally enabled with EVRYTHNG get a unique URL each, such as https://tn.gg/HLqc3H8j. This URL can be serialized in a QR code, in an NFC tag or via image recognition. All of these formats (and many more) are supported via our scanning tool, SCANTHNG. SCANTHNG is also available as a Web SDK, meaning that consumers don’t need to install an app to interact with products. Instead, they can scan from a Web page on their phone.

Next, the image is sent to the EVRYTHNG platform, where the product is uniquely identified. The Reactor™ in our platform then programmatically decides what to do. In this case, the user is redirected to a landing page about the product, and the Screenly API is sent the product identifier, stock inventory and any other information that will be used to display the interactive information on the screens.

Such a system can be put in place within minutes thanks to the three platforms: Screenly, Ubuntu Core and EVRYTHNG. It also illustrates the power of products #BornDigital™ with Web capabilities: They can trigger experiences in the real world by combining their data and services on the Web!

Original guest post can be found here

Emmabuntus Debian Edition 1.02 Lands Based on Debian GNU/Linux 8.7, Xfce Desktop

Designed to revive those old computers donated to humanitarian organizations, as well as to promote the discovery of GNU/Linux and extend the lifespan of computer hardware, the Emmabuntüs distro received its second maintenance update for the Debian edition, based on Debian GNU/Linux 8.7 “Jessie” and the Xfce 4.12 desktop environment.
Prominent new features introduced in Emmabuntüs Debian Edition 1.02 release include the integration of the Lilo search engine (see the attached screenshot for details), support for the new UEFI (Unified Extensible Firmware Interface) standard during installations.
It also improves support for the KeePassX password manager utility to no longer send qwerty characters instead of azerty, adds “The beginner’s handbook” that’s been released on December 20, 2016, along with the English version of Emmabuntüs Tutorials, and updates the Emmabuntüs Wiki.
The Baobab (Disk Usage Analyzer), Systemback and Mint Stick utilities have been added, along with a new tool that promises to let users enable and disable the Cairo-Dock dock. On the other hand, Emmabuntüs Debian Edition 1.02 updates the TurboPrint, HPLIP, and Ancestris apps to their latest versions.
Among other changes, we can mention that the RecordmyDesktop screen recorder was replaced with Kazam, Pipelight flash player plugin with Freshplayerplugin, and the Catfish search utility with GNOME Search Tool. The Audacious audio player was updated as well to better support Cairo-Dock.

Source: http://news.softpedia.com/news/emmabuntus-debian-edition-1-02-lands-based-on-debian-gnu-linux-8-7-xfce-desktop-514108.shtml
Submitted by: Arnfried Walbrecht

Three flaws at the heart of IoT security

This blog has been syndicated from SCMagazine UK, contributed by Thibaut Rouffineau – head of devices marketing.

According to the latest estimates by Gartner, the total number of connected devices will reach 6.4 billion by the end of this year. From connected homes, to autonomous vehicles, to futuristic smartdust, the Internet of Things has finally moved beyond the realm of theoretical concept and into our day-to-day lives.

As the presence of IoT devices has become more apparent however, so too has its Achilles heel – security. In the last six months alone, we’ve seen some of the largest DDoS attacks in history, all of which have been achieved through a vast network of infiltrated IoT devices. Given the scale of these attacks, it’s important to understand exactly how the Internet of Things is being infiltrated, what the existing issues are within the IoT, and ultimately, how best to fix them.

With this in mind, here are three of the biggest flaws that currently sit at the very heart of IoT security, along with a few tips for how developers, retailers and even governments can come together to make the internet of things safer for everyone:

1. The IoT product lifespan is too short
Through the combination of low barriers to entry and the huge potential for future products and applications, the Internet of Things represents a very attractive market for the business community. The result has been an IoT gold rush, with many independent developers and existing device manufacturers jumping on the bandwagon in an attempt to get their share of this exciting new sector.
Unfortunately, every gold rush has its losers. With so many companies rushing into a relatively new space – where many of the business models remain untested – it seems only natural to expect a reasonable number of false-starts along the way.

According to estimates from Canonical, over two-thirds of new IoT ventures are doomed to fail, with many projects surviving no longer than 18 months. When these businesses ultimately fail, their various IoT devices are left without ongoing support and vital security updates. The result has been an entire ecosystem of outdated an ultimately unsecured IoT devices just waiting to be hacked.

2. Nobody has taken ownership of the IoT
Across the various production stages of the average IoT device, it’s not always clear who should be responsible for ensuring that an end product is kept secure. Disconnects between different companies involved in the production process mean that, in many cases, security is treated as “someone else’s problem”. This is not helped by the fact that security during the development and maintenance cycles is almost always seen as a cost centre, with different departments passing the buck further down the line rather than taking on responsibility and absorbing the additional costs.

The result of this mentality is potential security holes being left open at all stages of the design process, with physical vulnerabilities being built into hardware, undocumented backdoors being incorporated within the operating system, and a lack of updates opening further vulnerabilities at the application level. To address this, rather than pushing responsibility further down the chain, all stages of the design process must start to incorporate some consideration for the end security of a device.

3. Lack of standardisation in IoT updates
According to research from Canonical, 40 percent of consumers have never performed an update on their connected devices. Given this fact, and that most users simply don’t know how to update IoT devices themselves, security patches must be delivered automatically in a consistent and reliable way.

This is especially true for those devices that do not provide users with an external user interface – something that is becoming increasingly true across the Internet of Things. In addition to providing automatic, centrally-managed updates, IoT device manufacturers must also find ways to roll those updates back as and when required. In several instances, faulty software updates have led to IoT devices being made less secure. In these instances, centralised rollback mechanisms are vital to ensure the long-term security of an IoT device.

While all of these flaws sit at the very heart of IoT security, they are just the tip of a much larger iceberg.

As recent events have shown, the Internet of Things is suffering from numerous vulnerabilities and potential security threats, from botnets and hackers, to spyware and cyber-attacks. To solve this issue, such concerns must be addressed from the ground up at all stages of the IoT. Governments need to provide a sensible level of regulation to limit the ‘gold rush’ mentality of new IoT firms. IoT device manufacturers must also consider the role of security throughout all stages of their designs. Developers themselves need to start incorporating more intelligent and automated update systems, relying on standardised operating systems and centralised software updates rather than numerous bespoke OSs. Even consumers must play their part, thinking carefully about the products they buy and the approaches they take to ensuring maximum security for their own home networks.

IoT security is not an issue that will be fixed overnight, but by incorporating security concerns from IoT infrastructure right through to post-purchase support we can help to make the Internet of Things safer, more reliable and ultimately more secure in 2017.

Original source from SCMagazine here

4MLinux 22.0 Launches July 2017 Based on GCC 6.2.0 and the Linux 4.9 LTS Kernel

Zbigniew Konojacki‏, developer of various GNU/Linux distributions based on the 4MLinux project, informed about the immediate availability of a Beta version of his upcoming 4MLinux 22.0 operating system.
The 4MLinux 22.0 series actually entered Beta last week with the release of the Beta version of the Core edition, which is used as the base system for all future 4MLinux versions, and now users can download the Beta build of 4MLinux 22.0 itself, which is powered by the long-term supported Linux 4.9 kernel and ships with GNU Compiler Collection (GCC) 6.2.0.
Along with the launch of the 4MLinux 22.0 Beta milestone, the developer also revealed the roadmap for the 4MLinux 22.0 series, which should hit the stable channel sometime in July 2017. Later this year, in November, the upcoming 4MLinux 22.0 release will become the old stable branch, and it will reach end of life in March 2018.

Source: http://linux.softpedia.com/blog/4mlinux-22-0-launches-july-2017-based-on-gcc-6-2-0-and-the-linux-4-9-lts-kernel-514061.shtml
Submitted by: Arnfried Walbrecht

Some Firefox 52 Users on Linux Left Without Sound

Many Firefox users on Linux were left without the ability to play sound in their browser after updating to Firefox 52, released last week.
The issue at the heart of this problem is that Mozilla dropped support for ALSA (Advanced Linux Sound Architecture) and is now requiring Linux users to have installed the PulseAudio library to support audio playback inside Firefox.
ALSA is a software framework included in the Linux kernel that provides an API for sound card drivers. On the other hand, PulseAudio is a more modern sound server that’s already supported on most Linux distros, but also on FreeBSD, OpenBSD, and even macOS.
Most modern Linux distros come with PulseAudio installed by default, but some minimalistic distros still rely on the built-in ALSA framework.
Users on these distros were left with no sound in Firefox 52, which now requires AudioPulse as a minimum requirement. Users on mainstream distros, but which use older OS versions, are also affected.
While Mozilla engineers talked about imposing AudioPulse as a minimum requirement for Firefox, this conversation took place on an obscure Google Groups topic back in July 2016.
Firefox 52 Linux users weren’t told about this change and had no forewarning. The Firefox 52 release notes didn’t mention anything about ALSA or PulseAudio.

Source: https://www.bleepingcomputer.com/news/software/some-firefox-52-users-on-linux-left-without-sound/
Submitted by: Arnfried Walbrecht

Weekly News – Last week and this week

Sorry that there was no Weekly News last week, and none this week. I’ve had the cold and I assumed you wouldn’t want me sniffling in your ear for ten minutes, and sounding stranger than usual.

Here’s hoping all will be good for next week (Sat. 25th).

Oracle Releases VirtualBox 5.1.18 & 5.0.36 with Improvements for Shared Folders

Oracle announced the availability of two new maintenance updates for the 5.1 and 5.0 stable branches of the open-source and cross-platform Virtualbox virtualization software for all supported platforms.
VirtualBox 5.1.18 is now the newest and most advanced version of the 5.1 series, bringing improvements for Shared Folders by addressing two regressions discovered in the previous point release. Specifically, it fixes an issue with access to long paths and case-insensitive filename access, but only for Windows guests.
These two bug fixes for Shared Folders have also been implemented in the VirtualBox 5.0.36 release, the most advanced in the 5.0 series, which also fixes an issue with virtual machine log collection for the VBoxBugReport component, as well as the autostart service script for Linux hosts, which were also fixed in the VirtualBox 5.1.18 release.
Other than that, it looks like the VirtualBox 5.1.18 update addresses a Windows Additions regression from the VirtualBox 5.1.14 release related to automatic logins for Windows Vista and newer operating systems, and patches two API bugs that improve snapshot handling of PCI device and medium attachments.

Source: http://linux.softpedia.com/blog/oracle-releases-virtualbox-5-1-18-5-0-36-with-improvements-for-shared-folders-514009.shtml
Submitted by: Arnfried Walbrecht