Sign up for our Technology Newsletter 
ARM Buys Offspark For IoT
ARM has snaffled up Dutch Internet of Things (IoT) company Offspark.
The move is designed to improve ARM’s security credentials for IoT offerings.
Offspark is the creator of PolarSSL, a widely used protocol for IoT security products, and ARM hopes that the combined companies can offer a one-stop shop for IoT developers.
Krisztian Flautner, ARM’s IoT manager, said: “PolarSSL technology is already deployed by the leading IoT players.
“The fact that those same companies also use ARM Cortex processor and software technologies means we are now able to provide a complete bedrock solution for the industry to innovate from.”
The product will be renamed ARM Mbed TLS, but will remain open source, reports Tech Week Europe.
Paul Bakker, CEO of Offspark, added: “Security is the most fundamental aspect in ensuring people trust IoT technology and that is only possible with a truly tailored solution.
“Together, ARM and Offspark can provide security to the edge of any system and we look forward to working with our partners to help them deliver some exciting new projects.”
Developers will be able to license the technology for commercial use as well as embedding it into future ARM products.
Last week the company released the ARM Cortex-A72 processor, a 64-bit effort offering support for Android 5.x Lollipop and incorporating the big.LITTLE architecture that prioritises jobs to different processor cores based on their computational requirements.
A message on the Offspark website indicates that it has been taken down and redirects to ARM.
RHEL Finally Available On IBM’s Power8
Comments Off on RHEL Finally Available On IBM’s Power8
IBM has made the Power8 version of the latest Red Hat Enterprise Linux (RHEL) beta available through its Power Development Platform (PDP) as the firm continues to build support for its Power systems.
IBM and Red Hat announced in December that RHEL 7.1 was adding support for the Power8 processor in little endian instruction format, as the beta release was made available for testers to download.
This version is available for developers and testers to download from today through the IBM PDP and at IBM Innovation Centres and Client Centres worldwide, IBM announced on its Smarter Computing blog.
“IBM and Red Hat’s collaboration to produce open source innovation demonstrates our commitment to developing solutions that efficiently solve IT challenges while empowering our clients to make their data centres as simple as possible so they can focus on core business functions and future opportunities,” said Doug Balog, general manager for Power Systems at IBM’s Systems & Technology Group.
The little endian support is significant because IBM’s Power architecture processors are capable of supporting little endian and big endian instruction formats. These simply reflect the order in which bytes are stored in memory.
The Power platform has long had Linux distributions and applications that operate in big endian mode, but the much larger Linux ecosystem for x86 systems uses little endian mode, and supporting this in Red Hat makes it much easier to port applications from x86 to Power.
Suse Linux Enterprise Server 12 launched last year with little endian support for the Power8 processor, as did Canonical’s Ubuntu 14.04 LTS.
However, Red Hat and Suse are understood to be continuing to support their existing big endian releases on Power for their full product lifecycles.
IBM sold off its x86 server business to Lenovo last year, and has focused instead on the higher value Power Systems and z Systems mainframes.
In particular, the firm has touted the Power Systems as more suitable for mission critical workloads in scale-out environments like the cloud than x86 servers, and has been forging partnerships with firms such as Red Hat through its OpenPower Foundation.
ARM Develops IoT For Students
ARM has created a course to teach IoT skills to students at University College London (UCL)
The course is designed to encourage graduates in science, technology, engineering and maths (Stem) to seek careers in IT.
The IoT Education Kit will teach students how to use the Mbed IoT operating system to create smartphone apps that control mini-robots or wearable devices.
Students are expected to be interested in building their own IoT business, or joining IoT-focused enterprises like ARM. The course will also try to limit the number of Stem graduates pursuing non-technology careers.
ARM reported statistics from a 2012 study by Oxford Policy and Research revealing how many engineering graduates (36 percent of males, 51 percent of females), technology graduates (44 percent, 53 percent) and computer scientists (64 percent, 66 percent) end up with non-Stem jobs.
The IoT Education Kit will be rolled out by UCL’s Department of Electronics from September 2015, with a week-long module for full-time and continuing professional development students.
The Kit comprises a complete set of teaching materials, Mbed-enabled hardware boards made by Nordic Semiconductor, and software licensed from ARM. A second teaching module for engineering graduates is being developed for 2016.
“Students with strong science and mathematical skills are in demand and we need to make sure they stay in engineering,” said ARM CTO Mike Muller.
“The growth of the IoT gives us a great opportunity to prove to students why our profession is more exciting and sustainable than others.”
UCL professor Izzat Darwazeh also highlighted the importance of Stem skills, saying that “many students are not following through to an engineering career and that is a real risk to our long-term success as a nation of innovators”.
Silk Road 2.0 Shutdown
U.S. governmnent authorities said they have shut down the successor website to Silk Road, an underground online drug marketplace, and charged its alleged operator with conspiracy to commit drug trafficking, computer hacking, money laundering and other crimes.
Blake Benthall, 26, was arrested last Wednesday in San Francisco and was expected to make an initial court appearance in federal court there later on Thursday.
The charges against Benthall carry a maximum sentence of life in prison.
A lawyer for Benthall could not immediately be identified.
Silk Road 2.0 was launched late last year, weeks after authorities had shuttered the original Silk Road website in October and arrested its alleged owner, Ross Ulbricht, who went by the online alias, Dread Pirate Roberts.
“Let’s be clear – this Silk Road, in whatever form, is the road to prison,” Manhattan U.S. Attorney Preet Bharara, whose office is prosecuting both cases, said in a statement.
Benthall, known as “Defcon” online, became the operator of Silk Road 2.0 in December, one month after an unnamed co-conspirator launched the site, according to prosecutors.
Silk Road 2.0 provided an online bazaar where users across the world could buy and sell drugs, computer hacking tools and other illicit items, using the digital currency Bitcoin as payment, authorities said.
As of September, the site was generating at least $8 million a month in sales, they said.
The government’s investigation included an undercover agent who was able to infiltrate the administrative staff of the website and interact directly with Benthall, prosecutors said.
Ulbricht, 30, has pleaded not guilty and is scheduled for trial in New York in January.
NSA Software Reengineered
Hackers have found a way to reverse engineer the technology of the United States National Security Agency (NSA) spy gadgets.
Thanks to documents leaked by fugitive former NSA contractor and whistleblower Edward Snowden, the group has built a copycat device able to gather private data from computer systems.
The Advanced Network Technology catalogue, leaked by Snowden, is the Argos book of the NSA showing a range of toys available to agents. One such device known has a “retro reflector” had eluded identification, beyond that it acted as a bug, keylogger and screengrabber.
Michael Ossman and his team from Great Scott Gadgets, a Colorado based hacking group, decided that the best defence against such devices was to create their own to understand what makes them tick.
It transpired that the key technology being used is called software defined radio (SDR), an approach that uses software to generate radio transmissions through signal processing, doing away with a lot of hardware circuitry.
“SDR lets you engineer a radio system of any type you like really quickly so you can research wireless security in any radio format,” Ossmann told New Scientist.
The technique can be used for almost any type of radio signal and therefore the devices are capable of tracking anything, from what you’re listening to through a Bluetooth headset to the binary signals of your internet traffic.
The group, which will demonstrate its work at the Defon hacking conference in Las Vegas, runs a website at NSAplayset.org that is a repository for all of the information it gathered.
Is The Internet Secure?
June 9, 2014 by admin
Filed under Around The Net
Comments Off on Is The Internet Secure?
Hacker blogger Quinn Norton is getting a lot of coverage with her blog claiming that the Internet is broken. She argues that every computer and every piece of software we use is vulnerable to hackers because of terrible security flaws. Norton blames these flaws on the fact that developers who face immense pressure to ship software quickly.
Norton says that those bugs may have been there for years unnoticed, leaving systems susceptible to attacks. One of her hacker mates accidentally took control of more than 50,000 computers in four hours after finding a security vulnerability. Another one of her colleagues accidentally shut down a factory for a day after sending a “malformed ping.”
She said that the NSA wasn’t, and isn’t, the great predator of the internet, it’s just the biggest scavenger around. It isn’t doing so well because they are all powerful math wizards of doom. The other problem is software is too complicated and the emphasis placed on security too light.
“The number of people whose job it is to make software secure can practically fit in a large bar, and I’ve watched them drink. It’s not comforting. It isn’t a matter of if you get owned, only a matter of when,” Norton said.
Is RedHat Being Open?
Red Hat has responded to claims that its implementation of Openstack isn’t as open as it should be.
A report at the Wall Street Journal this week suggested that Red Hat was blocking customers from using alternatives to the bespoke version of Openstack that it offers.
Red Hat provides Openstack with extended support by the company, however in spirit of open source, users should be entitled to use another vendor’s Openstack software, the generic Openstack, or create their own fork.
In reality though, the Wall Street Journal report suggests that Red Hat customers have been advised that Red Hat will not support mixed vendor software, that it has claimed it would cost the company too much to support multiple Openstack distributions and that Red Hat Linux and Red Hat Openstack are too closely intertwined to be separated.
Openstack’s open character is part of what makes it what it is, it’s embedded in the name, and Red Hat has been quick to distance itself from the report, though it does hedge a bit.
In a blog post, Paul Cormier, president of the company’s Products and Technologies division said, “Red Hat believes the entire cloud should be open with no lock-in to proprietary code. Period. No exceptions. Lock-in is the antithesis of open source, and it goes against everything Red Hat stands for.”
However, he went on to warn, “[Red Hat Enterprise Linux OpenStack Platform] requires tight feature and fix alignment between the kernel, the hypervisor, and Openstack services. We have run into this in actual customer support situations many times.”
In other words, its advice to customers is seemingly ‘of course you can do it, but you’d have to be a bit daft’.
He went on to explain, “Enterprise-class open source requires quality assurance. It requires standards. It requires security. Openstack is no different. To cavalierly ‘compile and ship’ untested Openstack offerings would be reckless. It would not deliver open source products that are ready for mission critical operations and we would never put our customers in that position or at risk.”
Which suggests that Red Hat will let you use your own version, unless it’s not happy with it, in which case it won’t.
In a swipe at HP, Cormier concluded by attacking its rival, saying, “We would celebrate and welcome competitors like HP showing commitment to true open source by open sourcing their entire software portfolio.”
HP, which recently launched its HP Helion brand for Openstack, would probably argue that it has already done this, so the war of words might just be beginning.
Dell RedHat Join Forces
The Dell Red Hat Cloud solution, a co-engineered, enterprise grade private cloud, was unveiled at the Red Hat Summit on Thursday.
The Openstack-based service also includes an extension of the Red Hat partnership into the Dell Openshift Platform as a Service (PaaS) and Linux Container products.
Dell and Redhat said their cloud partnership is intended to “address enterprise customer demand for more flexible, elastic and dynamic IT services to support and host non-business critical applications”.
The integration of Openshift with Redhat Linux is a move towards container enhancements from Redhat’s Docker platform, which the companies said will enable a write-once culture, making programs portable across public, private and hybrid cloud environments.
Paul Cormier, president of Products and Technologies at Red Hat said, “Cloud innovation is happening first in open source, and what we’re seeing from global customers is growing demand for open hybrid cloud solutions that meet a wide variety of requirements.”
Sam Greenblatt, VP of Enterprise Solutions Group Technology Strategy at Dell, added, “Dell is a long-time supporter of Openstack and this important extension of our commitment to the community now will include work for Openshift and Docker. We are building on our long history with open source and will apply that expertise to our new cloud solutions and co-engineering work with Red Hat.”
Dell Red Hat Cloud Solutions are available from today, with support for platform architects available from Dell Cloud Services.
Earlier this week, Red Hat announced Atomic Host, a new fork of Red Hat Enterprise Linux (RHEL) specifically tailored for containers. Last year, the company broke bad with its Fedora Linux distribution, codenamed Heisenbug.
Source
Red Hat Releases Fedora 19
Red Hat has released Fedora 19, codenamed Schrödinger’s Cat, which has support for 3D printing and is the first to use MariaDB as its default SQL database instead of Oracle’s MySQL.
Red Hat’s Fedora Linux distribution is the testing ground for the firm’s hugely successful Enterprise Linux (RHEL) distribution, and for that reason it heralds what will appear in future releases of RHEL. The firm’s Fedora 19 release brings support for 3D printing through OpenSCAD, Skeinforge, SFACT, Printrun and Repetierhost, and it is the first release to make MariaDB the default SQL database server implementation in place of Oracle’s MySQL.
The Fedora Project was criticised for delaying its Fedora 18 release, however Fedora 19 appeared on time. Fedora’s latest release includes Gnome 3.8 and the capability to enable Gnome Classic, a Gnome 2 type user interface, along with KDE Plasma 4.10 and Mate 1.6, with other window managers such as Xfce and Lxde available in different spins.
As Red Hat sponsors the Fedora Project it is not surprising to see Fedora include Openshift, the firm’s platform as a service infrastructure. Fedora 19 also includes node.js and Ruby 2.0, but arguably its biggest move is away from Oracle’s MySQL to the community maintained MariaDB fork, which suggests that eventually RHEL will make MariaDB its default SQL database implementation.
The Fedora Project has said that work on Fedora 20 has been in active development for several months and it plans to release that in November.
Fedora 19 is available for download from regional mirrors and users can also use Fed Up to upgrade from previous versions of the distribution.
Anonymous Goes After North Korea
Anonymous has restarted its attack against North Korea and once again is using a North Korean Twitter account to announce website scalps.
The Twitter account @uriminzok was the scene of announcements about the hacked websites during the last stage of Op North Korea, and reports have tipped up there again.
The first wave of attacks saw a stream of websites defaced or altered with messages or images that were very much not in favour of the latest North Korean hereditary leader, Kim Jong-un.
They were supported by a Pastebin message signed by Anonymous that called for some calming of relations between North Korea and the US, and warned of cyber attacks in retaliation.
“Citizens of North Korea, South Korea, USA, and the world. Don’t allow your governments to separate you. We are all one. We are the people. Our enemies are the dictators and regimes, our goals are freedom and peace and democracy,” read the statement. “United as one, divided by zero, we can never be defeated!”
Before the attacks restarted, the last Twitter message promised that more was to come. It said, “OpNorthKorea is still to come. Another round of attack on N.Korea will begin soon.” Anonymous began delivering on that threat in the early hours this morning.
More of North Korean websites are in our hand. They will be brought down.
— uriminzokkiri (@uriminzok) April 15, 2013
We’ve counted nine websites downed, defacements and hacks, and judging by the stream of confirmations they happened over a two hour period. No new statement has been released other than the above.
jajusasang.com twitter.com/uriminzok/stat…
— uriminzokkiri (@uriminzok) April 15, 2013
Downed websites include the glorious uriminzokkiri.com, a North Korean news destination. However, when we tried it we had intermittent access.
Last time around the Anonymous hackers had taken control of North Korea’s Flickr account. This week we found the message, “This member is no longer active on Flickr.”