February 19, 2015

Who's writing Linux today? Capitalists
All together more than 4,000 developers from 200 companies have contributed to the kernel. Half of the kernel developers were contributing for the first time. That number may look large, and it is, but the Foundation also found that "there is still a relatively small number who are doing the majority of the work. In any given development cycle, approximately 1/3 of the developers involved contribute exactly one patch." Since the 2.6.11 release, the top ten developers have contributed 36,664 changes -- 8.2 percent of the total. The top thirty developers contributed just over 17 percent of the all the code.

There's no way of knowing if the NSA's spyware is on your hard drive
According to a report by Reuters, a former NSA employee "confirmed that the NSA had developed the prized technique of concealing spyware in hard drives, but said he did not know which spy efforts relied on it." ... "There is no way to understand whether your HDD is infected," Igor Soumenkov, principal security researcher at Kaspersky Lab, said in an email reply to Computerworld. "Once the hard drive gets infected with this malicious payload, it's impossible to scan its firmware."

Ansible CEO: A New Fold In The IT Automation Universe
Ansible brings a new aspect of IT automation to the Enterprise. The idea of being able to automate updates to your infrastructure simply and with higher flexibility has driven the high adoption rate we’ve seen in the past two years. This space has been dominated by what I call the “pre-virt automation” tools that made a name for themselves before Virtualization and Cloud was around. Ansible was built as a cloud native tool, able to manage both on-prem and cloud instances seamlessly and with greater flexibility ... We strongly believe that IT Automation should be a dull task; your IP competency should be your priority and the main focus for your software developers. Managing your infrastructure must be simple to a point that it’s almost boring.

French Minister Thinks Netflix Needs To Pay ISPs A 'Bandwidth Tax'
This reasoning is incoherent and stupid, since customers and content companies alike already pay plenty for bandwidth and infrastructure. Still, somehow Whitacre's absurd attempt to try and offload network operation costs to others went viral globally, and we've repeatedly seen overseas telcos trying to argue the same point ever since. Of course, whereas Google used to be the global telco whipping boy, we're increasingly seeing Netflix playing that role given its more vocal support of net neutrality.

Is Microsoft still the CIO's best friend?
"Licensing has probably been the single biggest reason why CIOs would not count Microsoft as a friend," he says. "The fact that there are specialists whose sole purpose is to interpret and explain how these licensing models work tells you all you need to know about the complexity, mystery, and confusion that exists around the myriad of Microsoft licence agreements." Even more frustratingly, Cox says that CIOs are often none the wiser as to which licensing model represents best value for the organisation after spending time with these specialists.

Heroku Expands Cloud Services For Enterprise Development
A new collaboration feature allows a wider team of developers, project managers, system administrators, partners, and contractors to work together on an application or a group of apps. "Enterprises are looking for a more powerful collaboration capability," noted Jesper Joergensen, senior director of product management, in an interview with InformationWeek. Heroku is trying to provide wider collaboration that is still under the review and control of a few overall managers, he said. For example, an application that made use of the language combination available on Heroku could be worked on by different teams under the new Enterprise collaboration umbrella.

To cloud or not to cloud for mobile enterprise security?
The cloud service providers, because of the nature of their service, have specific people to manage and provide the service. In the case of a dedicated infrastructure, an organization will need to train its own personal. As for provisioning, with a dedicated infrastructure, the client has to provide the infrastructure resource for their projected user baseline for the next 2-3 years. This means the resource will be oversized for the first couple of years. In a cloud-based model, the client doesn’t need to worry about this because he can pay just for the infrastructure that he is currently using. Finally, in terms of process, cloud service providers will have their own processes for meeting the requirements.

Microsoft adds HTTP Strict Transport Security support to Internet Explorer
HSTS addresses SSL stripping attacks by allowing websites to instruct browsers that they should always connect to them over HTTPS. Websites can express this policy through a Strict-Transport-Security HTTP header sent in a response. Once a browser sees such a header for a website, it will remember the preference and only accept HTTPS connections for that site in the future. Internet Explorer is actually the last major browser to get support for HSTS and even now it's not for all versions. Google Chrome has had HSTS support since 2009, Firefox since 2010, Opera since 2012 and Safari since 2013.

Microsoft: big data analytics for everyone
This news comes just 24 hours after HP announced its Haven Predictive Analytics software was fit for operationalising large-scale machine learning. These new services from Redmond reaffirm that "Microsoft is embracing open source" (the team is saying that a lot) and simplifying Hadoop (every body wants to do that, Hadoop is hard) for simplicity and ease-of-use. Updates to Azure HDInsight include a public preview of HDInsight on Linux and general availability of Apache Storm for HDInsight.

Metadata Driven Design - An Agile Bridge Between Design and Development
Usually, when metadata is put into use, it exists as simply a configurable set of data that can determine some aspect of behavior in an application. C# attributes can designate the preferred mode of a defined class, and a set of .properties files can contain the values needed by a Java application in order to establish a database connection. To some extent, one can scrutinize this metadata alone and deduce its intended effects upon the program’s execution. In some cases, it even has the power to tell a narrative, and if formed meticulously, it can tell the story of an entire architecture. Truthfully, there’s no reason that the very same metadata can’t also drive such an architecture, but we’ll get to that part later.

Quote for the day:

A community is like a ship; everyone ought to be prepared to take the helm." -- Henrik Johan Ibsen