Friday, April 25, 2014

Engineering for the Cloud: Solaris 11.2



Webcast: Announcing Oracle Solaris 11.2
Tuesday April 29, 2014
1 PM (ET) / 10:00am (PT)
REGISTER FOR THE WEBCAST


1:00pm-1:20pmWelcome and Introduction
Speaker: Mark Hurd, President, Oracle
1:20pm-2:00pmAnnouncing Oracle Solaris 11.2
Speakers: John Fowler, Executive Vice President, Systems, Oracle;
Markus Flierl, Vice President, Solaris Engineering, Oracle
2:00pm-2:30pmOracle Solaris: Real-world Perspectives
2:30pm-4:00pm
Direct from the Experts: Oracle Solaris Deep Dives
Oracle Solaris Lifecycle Management: Agile. Secure. Compliant
Oracle Solaris 11.2 Virtualization and SDN: Integrated. Efficient. Secure.
Oracle Solaris OpenStack
Oracle Solaris: Optimized for Oracle Database, Oracle Java and Oracle Applications
The Economics of Oracle Solaris: Lower Your Costs
Speakers: Markus Flierl, Vice President, Solaris Engineering, Oracle; 
Scott Lynn, Solaris Product Manager, Oracle; 
Eric Saxe, Senior Manager, Software Development, Oracle

Thursday, April 17, 2014

Hardware: American Sell-Off with IBM and Google

[IBM Logo, courtesy IBM]

Abstract:
As the misguided U.S. economy continues to run up massive debt and continue massive trade deficit, the sell-off of U.S. High Technology assets continues to non-U.S. companies, fat with outsourcing cash. Lenovo, a Chinese company, continues their purchases in the United States of inventors of technologyu.
[Chinese glorifying revolution, courtesy, The Telegraph]
Chinese Lenovo Purchasing U.S. Hard Technology

Chinese global company Lenovo has been purchasing their way into the U.S. market through many technologies essentially invented in the United States. IBM seems to be the most significant seller.

[IBM PC, courtesy Wikipedia]
  • 2005-05-01 - PC Division acquired from IBM (PC's and ThinkPad Laptops)
    Chinese computer maker Lenovo has completed its $1.75 billion purchase of IBM’s personal computer division, creating the world’s third-largest PC maker, the company said Sunday. The deal — one of the biggest foreign acquisitions ever by a Chinese company
    [IBM Thinkpad, courtesy tecqcom]
  • 2006-04-10 - Lenovo makes break with the IBM brand (on PC's, not ThinkPad Laptops)
    Since Lenovo took over the IBM personal computer business on May 1, 2005, the company's advertising and marketing efforts have excluded IBM almost entirely. The four television spots that Lenovo ran during the Turin Winter Olympics, for example, never mentioned IBM at all. In fact, the only connection to the iconic brand is the IBM logo, which still adorns Lenovo's ThinkPad laptops.
  • 2013-01-07 - Lenovo to create ThinkPad-focused business unit to compete at the high end
    Lenovo is reorganizing its operations into two business groups... As part of the restructuring, it will create two new divisions, Lenovo Business Group and Think Business Group.The reorganization, which will be completed on April 1 [2013]
    [IBM Servers, courtesy Wikipedia]
  • 2014-01-23- Lenovo to buy IBM's x86 server business for $2.3bn (PC Servers)
    Lenovo and IBM announced on Thursday they have signed a definitive agreement that will see the Chinese hardware giant acquire the IBM's x86 server business for the tidy sum of $2.3bn, with approximately $2bn to be paid in cash and the balance in Lenovo stock.
    Adding to the PC business Lenovo acquired from IBM in 2005, Lenovo will take charge of IBM's System x, BladeCenter and Flex System blade servers and switches, x86-based Flex integrated systems, NeXtScale and iDataPlex servers and associated software, blade networking and maintenance operations.
    [Motorola Droid RAZR, courtesy Wikipedia]
  • 2014-01-29 - Motorola Cellphone Company acquired from Google (by Lenovo)
    Lenovo has signed a deal to buy the loss-making Motorola Mobility smartphone manufacturer for $2.91bn, but a switched-on Google is keeping the patents owned by the firm it gobbled two years ago for $12.5bn.
    "The acquisition of such an iconic brand, innovative product portfolio and incredibly talented global team will immediately make Lenovo a strong global competitor in smartphones," said Lenovo's CEO Yang Yuanqing. "We will immediately have the opportunity to become a strong global player in the fast-growing mobile space."
  • 2014-01-29 -  Lenovo splits into 4 groups after buying IBM's server business
    A few days after announcing its plan to buy IBM’s x86 server business, the Chinese company is dividing its operations into four business groups... enterprise products... developing a software ecosystem...PCs and mobile products. The changes go into effect on April 1 [2014]
Clearly, Lenovo has a vision for the U.S. Market and is executing upon it. How unfortunate that American companies such as IBM and Google see little value or possibility in domestic hardware innovation, moving into the future.
[HP Logo, courtesy eWeek]
Impacts in the U.S. Market

There is a great deal of uncertainty felt by partners and customers of IBM through such acquisitions. Previous attempts to leverage the IBM logo to help assure customers was performed, but with the latest purchase - competitors such as HP are seeing the a lot of noise.
  • 2014-04-11 - HP: Lenovo's buy of IBM x86 biz is bad, bad, bad...
    "Customers and partners are concerned. They are concerned about what the future will be for them – not only in the product but also in support and services," claimed the exec veep and GM of the Enterprise Group.
    HP has an internal migration programme to support customers with IBM servers as they decide to make the switch, he pointed out.
    But providing maintenance support is something that HP and other vendors already offer on third-party kit as standard.
HP was tried to consolidate all of their computing systems under Intel Itanium, before trying to shut them all down. HP also tried to sell off their PC business, but relented, possibly due to customer pressure. How conservative customers who would only buy IBM will respond in the U.S. to their favorite manufacturer leaving the industry may not be a difficult conclusion to reach, especially from companies like HP.
Concluding Thoughts:
The massive technology bleed from the United States is partially due to commoditization, but also due to the migration to Cloud and Appliances and value provided by Intel computing vendors becoming less significant with Intel shipping entire motherboards bundling CPU, Floating Point, Memory Management Units, Ethernet, and most recently Video. Cell phones appear to be drastically simplifying, as well. Perhaps there was nothing of value left for Intel or cell phone based manufacturers to do? Can Apple buck the trend?


Sunday, April 13, 2014

Security: Heartbleed, Apple, MacOSX, iOS, Linux, and Android


Abstract:
Nearly every computing device today is connected together via a network of some kind. These connections open up opportunities or vulnerabilities for exploitation by mafia, criminals, or government espionage via malware. While computers such as MacOSX are immune, along with their mobile devices based upon iOS iPhone and iPads... huge numbers of Linux and Android devices are at risk!





Heartbleed:

 This particular vulnerability can be leveraged by many sources in order to capture usernames and passwords, where those account credentials can be later used for nefarious purposes. Nefarious includes: command and control to attack commercial, financial, government, or even launch attacks against entire national electrical grids; stealing money; stealing compute resources. The defect is well documented.


Apple and Android/Linux Vulnerabilities:

There are many operating systems which are vulnerable to this defect, but for this article, we are only really concerned about the mobile market.
While most of the buzz surrounding OpenSSL's Heartbleed vulnerability has focussed on websites and other servers, the SANS Institute reminds us that software running on PCs, tablets and more is just as potentially vulnerable.
Williams said a dodgy server could easily send a message to vulnerable software on phones, laptops, PCs, home routers and other devices, and retrieve up to 64KB of highly sensitive data from the targeted system at a time. It's an attack that would probably yield handy amounts of data if deployed against users of public Wi-Fi hotspots, for example.
While Google said in a blog post on April 9 that all versions of Android are immune to the flaw, it added that the “limited exception” was one version dubbed 4.1.1, which was released in 2012.
Security researchers said that version of Android is still used in millions of smartphones and tablets, including popular models made by Samsung Electronics Co., HTC Corp. and other manufacturers. Google statistics show that 34 percent of Android devices use variations of the 4.1 software.

The company said less than 10 percent of active devices are vulnerable. More than 900 million Android devices have been activated worldwide.
After taking a few days to check its security, the fruity firm joined other companies in publicly announcing how worried or secure its customers should feel.
“Apple takes security very seriously. IOS and OS X never incorporated the vulnerable software and key Web-based services were not affected,” an Apple spokesperson said.

Conclusions:
To give an adequate understanding regarding the number of mobile Android devices at risk, one could take the population of the United States, at roughly 317 Million people as a baseline. 90 million Android Linux based devices vulnerable, that is equivalent to nearly 28% of the population of the United States is at risk! This is no small number of mobile devices - there is a lot of patching that either needs to be done or mobile devices which should be destroyed. Ensure you check your android device!

Thursday, April 10, 2014

Window Manager Lineup


[TWM History, courtesy Wikipedia]
Abstract:
X Windows is a Client-Server based windowing system, where the client applications can run on foreign servers and the X-Windows Server provide resources to the client to run properly, such as Frame Buffer, Keyboard, and Mouse. The X Windows Client application may run on any Hardware or OS Platform, consuming the memory and CPU resources on the remote side, not bound by architecture or byte order to the X Server. This article discusses one such client, the Window Manager.

[X Windows Architecture, Courtesy Wikipedia]

Architecture:
An X Client may consume resources from a single X Server, such as a simple as a Clock Application as complicated as a Desktop Publishing Application. An X Client may consume resources from multiple X Servers for gaming, such as X Tank or X Battle. A special kind of X Client is called the Window Manager. The Window Manager acts as a client, may run as a local client, on the platform hosting the X Server, or it can run on a different platform hosting clients. The Window Manager provides controls to the desktop environment, which is ultimately virtualized through the X Protocol.

[Open Look Virtual Window Manager, courtesy Layer 3 Networking]
Window Manager Lineup
Window Managers come in many different flavors. A recent article on windows managers hit the Layer 3 Networking Blog and offers a view into what may be appropriate for a vendor's virtual desktop environment.

2013-03-17 --- A Memory Comparison of Light... Desktops – Part 1
Fortunately, ...we have plenty of other choices, and we do like change. We have no need to keep using desktops we don’t like.I will describe some of choices in this article, and I’ll attempt to measure the RAM memory requirements. 

2013-04-09 ---  A Memory Comparison of Light... Desktops – Part 2
...I’ve tried to investigate the RAM memory requirements for running some of the most common light window managers and desktop environments available... Prompted by several readers, I’ve decided to include also the big, well-known memory hogs that grab most of the... market, i.e. KDE, Unity and Gnome.

2014-02-15 --- A Memory Comparison of Light Linux Desktops – Part 3
Unused memory goes into a special buffering pool, where the kernel caches all recently used data. If a process attempts to read a file and the kernel already has the file cached, reading it is as fast as reading RAM. Filesystem-heavy task, such as compiling source code, processing video files, etc. benefit from as much free memory as possible in buffering pool. It is not uncommon today to see users with powerful systems running tiling window managers in only a few megabytes of memory.
[Lineup of Window Managers by Resource Utilization, courtesy Layer 3 Networking]

Conclusions:
The author of these articles had placed a disproportionate weight upon Linux, which did not even exist when X Windows was released, so it should be noted that any OS can leverage these Window Managers. The layer of control the Window Manager offers to the virtual desktop user is what is most important for the environment where virtualization is occurring. What really matters is the application being virtualized, not the window manager, so the desktop features required to deliver the virtualized application to the end user is an economics question which this article series provides excellent data points for an architect to leverage in order to make the appropriate business decision.

Wednesday, April 2, 2014

Security: Android Phone App Steals CPU

android marketplace shopping bag
[Courtesy: AndroidAuthority ]
Abstract:
Malware was seen traditionally only a Microsoft Windows problem. Now that highly secured,  multi-platform, standards-based UNIX environments lose influence, malware continues to spread to poorly secured Linux environments. More importantly, Google Android's mobile phone and tablet platforms have fallen victim. Attacks continue mercilessly.

old analog time clock
Recent History
Some recent Linux and Android validated attacks: January through November 2013, December 2013, January through February 2014, March 2014, and more malware is hitting the Linux and Android platforms. The most recent attacks are using your Linux based Android phones to create money for others.

virus eating desktop computer
Latest Attack
At the end of March 2014, a new attack was discovered... not only on the third-party Google Android application internet sources, but also multiple infected applications were found on Google Play.

2014-03-26 - Apps with millions of Google Play downloads covertly mine cryptocurrency
Yes, smartphones can generate digital coins, but at a painfully glacial pace.

According to a blog post published Tuesday by a researcher from antivirus provider Trend Micro, the apps are Songs, installed from one million to five million times, and Prized, which was installed from 10,000 to 50,000 times. Neither the app descriptions nor their terms of service make clear that the apps subject Android devices to the compute-intensive process of mining, Trend Micro Mobile Threats Analyst Veo Zhang wrote. As of Wednesday afternoon, the apps were still available.
If you download applications from Google Play or other non-Google sites - you may be noticing terrible battery life, increased battery temperature, and increased network usage.
global network image
What This Means To You
While Google has managed to remove some trojan applications which were designed to steal CPU time from your smart phone in order to electronically harvest bit coins for application developers, there are others sitting in Google Play and in non-regulated application markets.