Crowdstrike on Wednesday made public its discovery of yet another long-buried Linux vulnerability. “Venom,” as it has been dubbed, was unearthed by the firm’s senior security researcher, Jason Geffner. It is listed as vulnerability CVE-2015-3456. Venom exists in the virtual floppy drive code used by virtualization platforms based on QEMU, or quick emulator. It has been around since 2004.
EMC on Wednesday announced it will release its commercial ViPR software storage controller technology as an open source project called “CoprHD.” The ViPR software controller puts the control functionality and the data services into separate operational planes, allowing different data services to be layered onto a set of storage hardware products and cloud storage.
VMware last week released details about two new open source projects — Project Lightwave and Project Photon — that aim to bridge the divide between the company’s virtualization software and other vendors’ containers. Both projects integrate into VMware’s unified platform for the hybrid cloud, allowing the company to create a consistent environment for cloud-native and traditional applications.
Black Duck Software and North Bridge Venture Partners on Thursday published the results of The Ninth Annual Future of Open Source Survey. The number of companies using some open source products or developing software built with open source components is at an all-time high, it found. The results reflect the increasing enterprise adoption of open source and participation in the OSS community.
Red Hat last week made Red Hat Enterprise Linux 7 Atomic Host generally available, following a four-month live beta test. “The beta release was very successful,” said Lars Herrmann, senior director of product strategy at Red Hat. Feedback from customers and partners “helped us refine several features and tools” for the GA version. Atomic Host is a lean OS designed to run Docker containers.
Pivotal on Wednesday announced its decision to open source all of the core components of its big data platform, becoming the first big data industry player to do so. The company also announced its participation in the Open Data Platform, which seeks to encourage more enterprise collaboration, along with the adoption of modern, scalable data architectures.
Good Technology on Tuesday announced a merger of its app container and app ecosystem with the Samsung KNOX enterprise security platform for Android. The product merger is aimed at eliminating virus and malware concerns that come with Android adoption in the enterprise. The hardened security for Android targets the OS’s deployment with U.S. government and Department of Defense agencies.
Security questions recently have been raised about Docker, a promising technology for running applications in the cloud. Docker is an open source initiative that allows applications to be run in containers for flexibility and mobility only dreamt of in the past. “Since the 70s, programmers have been talking about reusable code and the ability to migrate applications,” noted IDC analyst Al Gillen.
Is OpenStack best deployed as a server distribution, a service from a cloud provider, or something else? At the OpenStack Summit in Paris last month, seven developers participating in a panel discussion failed to reach a consensus. One reason for the debate over deployment methodology is the lack of any clear product designation. OpenStack is more an entity than a product.
Four days after Shellshock was disclosed, Incapsula’s Web application firewall deflected more than 217,000 attempted exploits on more than 4,100 domains. The company recorded upwards of 1,970 attacks per hour, from more than 890 IPs around the world. Shellshock was expected to be far worse than the Heartbleed flaw, which was expected to impact about 17 percent of the secure Web servers worldwide.
We’re hearing more from vendors about how new features, functionality, rewrites and releases are being driven by customers — by their direct experience using the software and competing in their various industries. We’re also hearing from customers and users, including the enterprise market, that increasingly they are involved and thus empowered in open source software communities.
OpenStack, which turned 4 years old this summer, began as a twinkle in Scott Sanchez’s eyes. He was determined to turn the fledgling Infrastructure as a Service platform he helped create into a thriving resource for public and private clouds. OpenStack is an open source project. Its technology consists of a series of interrelated projects for managing public and private cloud operations.
The OpenStack project continues to be something of a lightning rod and also something of a dichotomy in the industry. On one hand, it has drawn the involvement of hundreds of supporting vendors and more than 17,000 individual members. It ranks highly among priorities, particularly for private clouds. Yet critics are quick to point out issues, such as installation and implementation difficulties.
Scarcely two months have passed since Red Hat announced plans to acquire open source storage company Inktank, but already the union has produced results: Inktank Ceph Enterprise 1.2, which made its debut Wednesday. Ceph is a scalable, open source, software-defined storage system that runs on commodity hardware. “Our goal is to do for storage what Linux did for servers,” said Red Hat’s Ross Turk.
Red Hat is famous for focusing squarely on a market and technology and building success from there, as it did with Linux. However, the company increasingly has diverged from its roots and historical laser focus on the enterprise x86 server market. The overarching theme and identity of Red Hat is still open source software, but the main driver for the company clearly is now cloud computing.
Red Hat on Tuesday rolled out Red Hat Enterprise Linux 7, the latest major release of the company’s flagship Linux platform, six months after the software’s beta version made its debut. Among the key new features included in the release are KVM virtualization technology, an improved installation experience, Active Directory/Identity Management integration, and Linux containers.
Software developers routinely use open source components to boost productivity and improve the quality of their code. The problem for enterprises is that companies using open source must properly manage it and comply with its licensing, as with any third-party code. That becomes difficult to do when corporate leaders do not know their computer systems are running open source code.
Red Hat on Tuesday unveiled Red Hat JBoss BPM Suite 6, an open source business process management suite that combines business process management, business rules management and complex event processing technologies in a single product offering. JBoss BPM Suite 6 includes all the capabilities of the next version of Red Hat’s business rules platform, JBoss BRMS 6.
Red Hat and Hortonworks on Monday announced a strategic alliance to integrate their product lines, as well as undertake joint go-to-market initiatives and offer collaborative customer support. By tightly integrating the enterprise Apache Hadoop platform with open hybrid cloud technologies, they aim to enable data-driven applications that help enterprises more quickly draw value from Big Data.
Red Hat on Wednesday launched Red Hat Enterprise Linux 7 into beta. RHEL 7 incorporates several changes, including a move from Oracle’s MySQL to the open source MariaDB, the adoption of the XFS file system, and improvements in various areas, including storage and file size. The changes seem to indicate the company is ramping up its efforts to compete in the virtualization market.