Tech News

Raph Levien, an ex-software engineer at Google’s Fuchsia project, announced yesterday that Fuchsia’s Xi editor is no longer a Google-owned project. It is now being hosted in its own GitHub organization. Xi editor was a Google project to create a performant text editor. All editing operations are asynchronous, so the UI is responsive even when editing huge documents. It is used as the basis for text editing services in the Fuchsia operating system. Raph had started working on the Xi editor at his time in Google, where he had been working for 11 years. The Xi editor is thoroughly async with a loosely coupled design which promises performance and rich extensibility. It’s main aim as stated in the project’s abstract is to “push the state of computer science for text handling and build an open-source community for teaching and learning, and working together to create a joyful editing experience.” After his departure from Google in August, he gave an update yesterday on how that will affect Xi’s development going forward. Per his blog, Xi’s core and its Windows and Mac client projects are now under their own xi-editor organization. They had previously been hosted on Google’s GitHub organization where it was a part of Google’s Contributor License Agreement. As per this agreement, Google can use and distribute a developer’s code without taking away its ownership. The new Xi editor project, licensed under the Apache 2 license, also has a new set of contributor guidelines, which explains in more detail what their process will be going forward. Raph stated in his blog, that since he will be busy with creating a music synthesis game, he is inviting contributors to “help share the load, reviewing each other’s code, discussing desired features and implementation strategies for them, and then assigning issues to me when they need my review.” He further adds, “I’m hopeful this will grow a scalable and sustainable structure for the community.” Regarding the state of the Fuchsia front-end, he mentions that it’s still early days for Fuchsia and the platform is not really ready for end-user software or self-hosted development. “ I’m hopeful it will get there in time and feel that xi-editor will be a great fit for it at that time. I look forward to continuing to collaborate with the Fuchsia team and others within Google.” Read Raph’s announcement on his blog. Google Fuchsia: What’s all the fuss about? Is Google planning to replace Android with Project Fuchsia? Google’s Smart Display – A push towards the new OS, Fuchsia

Day 2 of the Kotlin Conference 2018 just ended yesterday and announcements were made regarding the programming language. There is one more day of the conference which will be streamed live at the Kotlin website. We will look at some of the announcements made in the conference so far. Kotlin 1.3 is now RC Kotlin 1.3 RC is here and brings a lot of new features. Some of them are the following. Contracts The Kotlin compiler now does extensive static analysis to show warnings and reduce boilerplate. ‘Contracts’ in Kotlin 1.3 allow functions to explicitly describe its own behavior in a way which is understood by the compiler. Coroutines Kotlin Coroutines are no longer experimental and will be supported like other features starting from Kotlin version 1.3. Coroutines delegate most of the functionality to libraries and helps in providing a fluid experience that is scalable when needed. Multiplatform projects The multiplatform projects model has been reworked to improve expressiveness and flexibility. It is in line with the language’s goal to function on all platforms. Currently Kotlin supports JVM, Android, JavaScript, iOS, Linux, Windows, Mac and embedded systems like STM32. This is beneficial for reusing code. Kotlin/Native is now in beta Kotlin/Native is designed to enable compilation in platforms where virtual machines do not work. An example would be embedded devices or iOS. Kotlin/Native is a solution to situations when developers need to produce a self-contained program where an additional runtime or virtual machine is not required. After several years of development, Kotlin/Native is now beta. The Kotlin foundation The Kotlin Foundation is a nonprofit nonstock corporation created in 2018. It has backing from JetBrains and Google. The Kotlin Foundation aims to protect, promote and advance the development of Kotlin. New revamped playground The online environment for trying and learning Kotlin has a new look, functionality, and a new section called Learn Kotline by Example. All this is available directly in your web browser via the Kotlin Playground website. The first day can be watched on YouTube. You can watch the Kotlin Conference live at their website. Kotlin 1.3 RC1 is here with compiler and IDE improvements How to implement immutability functions in Kotlin [Tutorial] Forget C and Java. Learn Kotlin: the next universal programming language

The Qt team released Qt 3D Studio 2.1 earlier this week. Qt 3D Studio 2.1 explore features such as sub-presentations, scene preview, and runtime improvements. Qt 3D Studio 2.1 is a design tool that is used for creating 3D user interfaces as well as for adding 3D content into Qt-based applications. Qt 3D Studio helps with easily designing the 3D content look & feel, animations and user interface states. New Editor features There are two new features added in the Editor in Qt 3D Studio 2.1, namely, Sub-presentations and Scene Preview. Sub-presentations This feature provides an option to embed another Studio presentation or a QML file within a Studio presentation. For example, you can divide the design work into smaller projects and make reusable components. Managing the Sub-Presentations as well adding them into views is easy with the Qt 3D Studio 2.1. There’s a project browser option that shows all the Qt Quick files (.qml) as well as the Qt 3D Studio presentations (.uip) that have been imported to the main project. These files can then be added to a scene layer or as a texture to an object by dragging them from the project browser onto the scene. Sub-Presentations can now be easily viewed in the scene view allowing you to see the whole user interface while creating the design. Scene Preview Qt 3D Studio 2.1 release comes with a new option used for Scene Preview for times when you’re working with different camera views (perspective, top etc.). This is super handy when aligning objects in the scene. Runtime The runtime side in Qt 3D Studio 2.1 mainly focuses on performance and stability improvements. The Qt team is working on writing a new API that will help replace the old runtime in the Qt 3D Studio Editor. In the future releases, the new API will also be capable of performing dynamic content creation from the application side. Support for compressed textures which is already a feature in Qt 5.11 has been also added to the Qt 3D Studio runtime. So you can improve the loading time and also save memory in devices supporting  ETC2 or ASTC Compressed textures by compressing the textures. Asset compression management feature will also be added in the Editor side in the future releases of Qt 3D Studio. For more information, check out the official documentation. Qt Creator 4.7.0 releases! Qt for Python 5.11 released! WebAssembly comes to Qt. Now you can deploy your next Qt app in the browser

JFrog the DevOps based artifact management platform has announced a $165 million Series D funding, yesterday. This funding round was led by Insight Venture Partners. The secured funding is expected to drive JFrog product innovation, support rapid expansion into new markets, and accelerate both organic and inorganic growth. Other new investors included Spark Capital and Geodesic Capital, as well as existing investors including Battery Ventures, Sapphire Ventures, Scale Venture Partners, Dell Technologies Capital and Vintage Investment Partners. Additional JFrog investors include JFrog Gemini VC Israel, Qumra Capital and VMware. JFrog transforms the way software is updated by offering an end-to-end, universal, highly-available software release platform. This platform is used for storing, securing, monitoring and distributing binaries for all technologies, including Docker, Go, Helm, Maven, npm, Nuget, PyPi, and more. As of now, according to the company, more than 5 million developers use JFrog Artifactory as their system of record when they build and release software. It also supports multiple deployment options, with its products available in a hybrid model, on-premise, and across major cloud platforms: Amazon Web Services, Google Cloud Platform, and Microsoft Azure. The announcement comes on the heels of Microsoft’s $7.5 billion purchase of coding-collaboration site GitHub earlier this year. Since its Series C funding round in 2016, the company has seen more than 500% sales growth and expanded its reach to over 4,500 customers, including more than 70% of the Fortune 100. It continues to add 100 new commercial logos per month and supports the world’s open source communities with its Bintray binary hub. Bintray powers 700K community projects distributing over 5.5M unique software releases that generate over 3 billion downloads a month. Read more about the announcement on JFrog official press release. OmniSci, formerly MapD, gets $55 million in series C funding. Microsoft’s GitHub acquisition is good for the open source community. Chaos engineering platform Gremlin announces $18 million series B funding and new feature for “full-stack resiliency”

On Monday, Django 2.1.2 was released, which has addressed a security issue regarding password hash disclosure. Along with that, this version fixes several other bugs in 2.1.1 and also comes with the latest string translations from Transifex. Users password hash visible to “view only” admin users In Django 2.1.1, the admin users who had permissions to change the user model could see a part of the password hash in the change form. Also, admin users with “view only” permission to the user model were allowed to see the entire hash. This could prove to be a big problem if the password is weak or your site uses weaker password hashing algorithms such as MD5 or SHA1. This vulnerability has been named CVE-2018-16984 since 13th September, 2018. This issue has been solved in this new security release. Bug fixes A  bug is fixed where lookup using F() on a non-existing model field didn't raised FieldError. The migrations loader now ignores the files starting with a tilde or underscore. Migrations correctly detects changes made to Meta.default_related_name. Support for cx_Oracle 7 is added. Quoting of unique index names is now fixed. Sliced queries with multiple columns with the same name will not result in crash on Oracle 12.1 anymore. A crash is fixed when a user with the view only (but not change) permission made a POST request to an admin user change form. To read the release notes of Django, head over to its official website. Django 2.1 released with new model view permission and more Python web development: Django vs Flask in 2018

On Monday, Twitter shared an update on their work on maintaining conversational health and protecting the integrity of the mid-term US elections, which will be held in November this year. This work ranged from updating their rules, detecting and removing several fake accounts, and introducing new features like electoral labels for election candidates. Twitter’s actions against misinformation, fake accounts, and other malpractices The post highlights their efforts in three key areas: Updates to the Twitter Rules Twitter Rules now clearly reflect how it identifies fake accounts and what behaviors violate their guidelines. Any account using stolen avatar photos, stolen or copied bios, misleading profile information and location will be considered a fake account. According to the "attributed activity" policy, action will be taken on all accounts associated to an entity known to violate the Twitter Rules. Now the accounts that deliberately mimic or are intended to replace accounts which have been previously suspended for violating rules will also face action against them. Furthermore, to address the issue of distribution of hacked material they have expanded the criteria for taking action on accounts which claim responsibility for a hack. This will include threats and public incentives to hack specific people and accounts. Detection and enforcement Twitter is serious about maintaining electoral integrity and for this they have partnered with the RNC, DNC, and state election institutions to better handle misinformation. Accounts sharing misleading election-related content have been and will be under the radar of Twitter now. In August, they removed up to 50 accounts that were misrepresenting themselves as members of various state Republican parties. They have also taken actions against tweets sharing media regarding elections and political issues with misleading or incorrect party affiliation information. Their automated detectors or bots were able to identify millions of potentially spammy and automated accounts per week. These steps have helped the social media site decrease the number of spam-related reports they receive each day. In future, we will see more improvements to their enforcement against common policy violations. Product developments With the recently updated personalization setting, users can view posts in reverse-chronological experience, without any recommended content and recaps. This gives users more control over how they want to experience what’s happening on Twitter. In May, it launched an election labels beta for candidates in the 2018 U.S. midterm elections. More new features will be added to show the context about accounts on Twitter. To ensure safety of their accounts a message will be sent to the candidates to ensure they have two-factor authentication enabled on their account. They are offering electoral institutions a elections-specific support portal to receive and review critical feedback about emerging issues as quickly as possible. As part of their civic engagement efforts, Twitter is building conversation around the hashtag #BeAVoter with a custom emoji. This will be shown on the home timeline of U.S.-based users informing them about how to register to vote. It is clear that, Twitter has become an important electoral communication medium between candidates, parties, and their specific constituencies. At the same time, it is also a place of political fake news and misleading content. These actions are definitely a step forward towards stopping malicious accounts and Tweets from spreading lies and divisive discourse. To read the full update, check out Twitter’s official announcement. Twitter takes action towards dehumanizing speech with its new policy How Twitter is defending against the Silhouette attack that discovers user identity The much loved reverse chronological Twitter timeline is back as Twitter attempts to break the ‘filter bubble’

OmniSci, previously named as MapD, is a data-visualization startup that provides real-time analytics solutions. Yesterday, they bagged $55 million in Series C funding from top investors. The company was founded in 2013 and has raised a total of $92m in funding till now. A global investment firm called Tiger Global Management led the funding round. Other investors include In-Q-Tel, New Enterprise Associates, NVIDIA, Vanedge Capital, and Verizon Ventures. Todd Mosak, CEO of OmniSci stated: “It was clear that they [Tiger Global Management] held a strong thesis around the massive market opportunity in front of our company, and were fully aligned with our vision of the disruptive power of GPU-accelerated analytics..” What is OmniSci? Mostak originally built the technology behind OmniSci as a researcher at Harvard and MIT. He realized the speed advantages of GPUs over CPUs while querying and visualizing large datasets. The SQL database engine in OmniSci exploits GPUs to their full potential. This results in-memory access to big data. OmniSci’s software allows customers to perform operations on data to present graphics and visualizations from billions of data points. Their mission is to make analytics instantly available, powerful, and effortlessly accessible to everyone. Mosak stated: “Our goal is to give our customers a competitive advantage through painstakingly optimizing our software to take full advantage of modern hardware, particularly the massive parallelism of GPUs. Obsession with shaving off milliseconds is a particular quirk of our culture, and yet simultaneously existential, as it is ultimately the source of the differentiated value we deliver our customers and open source community.” OmniSci runs on AWS and Google Cloud and can be installed on-premises. It makes use of NVIDIA GPUs. OmniSci Cloud is a fast open source SQL engine and visual analytics software that can be launched from a web browser in under 60 seconds. OmniSci founders plan to use the $55m funding to accelerate research and development, while also supporting the open source community. For more information, visit the OmniSci website. 8 ways to improve your data visualizations A libre GPU effort based on RISC-V, Rust, LLVM and Vulkan by the developer of an earth-friendly computer Chaos engineering platform Gremlin announces $18 million series B funding and new feature for “full-stack resiliency”

Facebook revealed last Friday that a major security breach compromised 50 million user accounts on Facebook. The security attack not only affected user’s Facebook accounts but also impacted other accounts that were linked to Facebook. The hackers had exploited Facebook’s “View As” feature that lets people see what their own profile looks like to someone else. The hackers had stolen Facebook access tokens to hack into other user’s accounts. These tokens provide hackers with full control over victim’s account, including logging into third-party applications that use Facebook Login. “We wanted to provide an update on the security attack that we announced last week. We fixed the vulnerability and we reset the access tokens for a total of 90 million accounts — 50 million that had access tokens stolen and 40 million that were subject to a “View As” look-up in the last year” wrote Guy Rosen, VP of product management. Resetting the tokens required users to login into their Facebook accounts again as well as re-login into any accounts or apps that use Facebook. As far as questions about the effects of this attack on the apps that used Facebook are concerned, Facebook is yet to find any impact. “We have now analyzed our logs for all third-party apps installed or logged in during the attack we discovered last week. That investigation has so far found no evidence that the attackers accessed any apps using Facebook Login”, states the Facebook post. All the developers leveraging the official Facebook SDKs along with people checking the validity of their users’ access tokens were automatically protected, on resetting the access tokens. However, to be extra careful, Facebook is developing a tool which will allow developers to manually identify users of the apps affected by the security breach so that they can be logged out. This will also prove to be beneficial for all those developers who don’t leverage Facebook’s SDKs or who don’t regularly check whether Facebook access tokens are valid. Additionally, Facebook recommends that developers always use Facebook Login security best practices as a guideline. It recommends that a developer use Facebook’s official SDKs for Android, iOS, and JavaScript, as these automatically check the validity of access tokens. These also force a fresh login every time the tokens are reset by Facebook, thereby protecting users accounts. Another thing to keep in mind is that Facebook wants developers to use the Graph API. This keeps the information updated regularly and makes sure that users are logged out of apps in case they show any Facebook session as invalid. “Security is incredibly important to Facebook. We’re sorry that this attack happened — and we’ll continue to update people as we find out more” reads the post. For more information, check out the official announcement. How far will Facebook go to fix what it broke: Democracy, Trust, Reality Ex-employee on contract sues Facebook for not protecting content moderators from mental trauma Did you know Facebook shares the data you share with them for ‘security’ reasons with advertisers?

Yesterday, FireEye revealed a new group of hackers named APT38, a financially motivated North Korean regime-backed group responsible for conducting destructive attacks against financial institutions, as well as for some of the world's largest cyber heists. FireEye Inc. is a cybersecurity firm that provides products and services to protect against advanced persistent threats and spear phishing. Earlier this year, FireEye helped Facebook find suspicious accounts linked to Russia and Iran on its platform and also alerted Google of election influence operations linked to Iranian groups. Now FireEye cybersecurity researchers released a special report titled APT38: Un-usual Suspects, to expose the methods used by the APT38 group. In the report, they said,“Based on observed activity, we judge that APT38's primary mission is targeting financial institutions and manipulating inter-bank financial systems to raise large sums of money for the North Korean regime.” The researchers also state that the group has attempted to steal more than $1.1 billion and were also responsible for some of the more high-profile attacks on financial institutions in the last few years.  Some of the publicly reported attempted heists attributable to APT38 include: Vietnam TP Bank in December 2015 Bangladesh Bank in February 2016 Far Eastern International Bank in Taiwan in October 2017 Bancomext in January 2018 Banco de Chile in May 2018 Sandra Joyce, FireEye’s vice president of global intelligence says, “The hallmark of this group is that it deploys destructive malware after stealing money from an organization, not only to cover its tracks, but [also]  in order to distract defenders, complicate the incident response process, and gain time to get out the door.” Some details of the APT38 targeting Since at least 2014, APT38 has conducted operations in more than 16 organizations in at least 11 countries. The total number of organizations targeted by APT38 may be even higher when considering the probable low incident reporting rate from affected organizations. The group is careful, calculated, and has demonstrated a desire to maintain access to a victim environment for as long as necessary to understand the network layout, required permissions, and system technologies to achieve its goals. On average, they have observed that APT38 remain within a victim network for approximately 155 days, with the longest time within a compromised environment believed to be almost two years. In just the publicly reported heists alone, APT38 has attempted to steal over $1.1 billion dollars from financial institutions. APT38 Attack Lifecycle FireEye researchers believe that APT38’s financial motivation, unique toolset, tactics, techniques and procedures (TTPs) observed during their carefully executed operations are distinct enough to be tracked separately from other North Korean cyber activity. The APT38 group overlaps characteristics with other operations, known as ‘Lazarus’ and the actor they call as TEMP.Hermit. On Tuesday, the U.S. government released details on malware it alleges Pyongyang’s computer operatives have used to fraudulently withdraw money from ATMs in various countries. The unmasking of APT38 comes weeks after the Justice Department announced charges against Park Jin Hyok, a North Korean computer programmer, in connection with the 2014 hack of Sony Pictures and the 2017 WannaCry ransomware attack. According to Jacqueline O’Leary, a senior threat intelligence analyst at FireEye, Park has likely contributed to both APT38 and TEMP.Hermit operations. However, the North Korean government has denied allegations that it sponsors such hacking. Reddit posts an update to the FireEye’s report on suspected Iranian influence operation Facebook COO, Sandberg’s Senate testimony Google’s Protect your Election program  

Yesterday, the Oath network automation team open sourced Panoptes, a distributed system for collecting, enriching and distributing network telemetry. This pluggable, distributed and high-performance data collection system supports multiple polling formats, including SNMP and vendor-specific APIs. It also supports emerging streaming telemetry standards including gNMI. Panoptes is written primarily in Python. It leverages multiple open-source technologies to provide the most value for the least development effort. Panoptes Architecture Source: Yahoo Developers The architecture is designed to enable easy data distribution and integration with other systems. The plugin to push metrics into InfluxDB allows Panoptes to evolve with industry standards. Teams can quickly set up a fully-featured monitoring environment because of the combination of Grafana and the InfluxData ecosystem. There were multiple issues inherent in legacy polling systems, including overpolling due to multiple point solutions for metrics, a lack of data normalization, consistent data enrichment and integration with infrastructure discovery systems. Panoptes aims to overcome all these issues. Check scheduling is accomplished using Celery, which is a horizontally scalable, open-source scheduler that utilizes a Redis data store. Panoptes ships with a simple, CSV-based discovery system. It can be integrated with a CMDB. From there, Panoptes will manage the task of scheduling polling for the desired devices. Users can also develop custom discovery plugins to integrate with their CMDB and other device inventory data sources. Vendors are moving towards a more streamlined model of telemetry. Panoptes’ flexible architecture will minimize the effort required to adopt these new protocols. The metric bus at the center of the model is implemented on Kafka. All data plane transactions flow across this bus. Discovery plugins publish devices to the bus and polling plugins publish metrics to the bus. Similarly, numerous clients read the data off of the bus for additional processing and forwarding. This architecture enables easy data distribution and integration with other systems. The team at Oath has deployed Panoptes in a tiered, federated model. They have developed numerous custom applications on the platform, including a load balancer monitor, a BGP session monitor, and a topology discovery application. All this was done at a reduced cost, thanks to Panoptes. This open-source release is packaged for easy deployment into any Linux-based environment and available on Github. You can head over to Yahoo Developer Network for deeper insights into this news. Performing Vehicle Telemetry job analysis with Azure Stream Analytics tools Anaconda 5.3.0 released, takes advantage of Python’s Speed and feature improvements Arm releases free Cortex-M processor cores for FPGAs, includes measures to combat FOSSi threat

Looks like Christmas has come early this year!  After the latest iPhone range announced by Apple, Amazon’s wide range of Alex products that even included a voice-activated microwave, Microsoft unveiled a host of devices ahead of the holiday shopping season. With a vision to empower people and organizations to achieve more, Microsoft's tools focus on life experiences as a whole. To manage the emerging digital lifestyle, they have been delivering technology that empowers users rather than overwhelm them. The lineup of announcements includes a new version of its desktop computer, called the Surface Studio 2, and its first pair of smart headphones. It also announced the Surface Pro 6 and Surface Laptop 2. Let’s take a brief look at these devices: #1 Surface Pro 6 Surface Pro 6 is 67% faster than its predecessor with an Intel 8th Gen Quad Core processor. With ultimate portable mobility, this device offers hassle-free connectivity, uncompromising mobility, and exceptional power and performance. With an all day battery, full friction hinge, 12.3” PixelSense Display and multi-screen docking to present content beautifully, Surface Pro 6 is something to watch out for! Source: Microsoft #2 Surface Laptop 2 This ultra-light, fast-charging laptop has been beautifully designed and crafted. It gets supercharged with Intel 8th Gen Quad Core Processor, while offering up to 14.5 hours of battery life with faster and quieter typing. The 13.5” PixelSense Display screen offers an immersive touchscreen for faster, more natural navigation Source: Microsoft   #3 Surface Studio 2 As compared to its predecessor, Surface Studio 2 has 50% more graphics performance. With a 28” PixelSense Display, the gadget offers USB-C support and Xbox Wireless built-in gaming-class performance. It includes the latest Surface Pen with tilt sensibility and 4096 levels of pressure. Source: Microsoft #4 Surface Headphones This is Microsoft’s first premium and smart headphone includes a smarter way to listen, with rich audio and hands-free calling. With adjustable noise cancellation and automatic pause and play, Microsoft is aiming to change the way users listen to music! Source: Microsoft #5 Surface All Access Surface All Access offers the option of paying monthly for the Surface products and starts at just $24.99 per month for 24 months. This comes with an Office 365 subscription, access to in-store training and top-tier support. Other Windows 10 & Office 365 Announcements 1. Your Phone App The Your Phone App helps users access their texts and photos in their Android phone to their PC. This ensures users maintain their focus while working on a PC as pausing a task on their PC to respond to a text or notification on your phone can break focus. 2. Windows Timeline on Phone To combat the challenging issue of finding files and documents or web pages accessed throughout the day across different devices, Windows Timeline enables a user to scroll back in time and find the files and websites they were using across their devices. 3. To-Do Integration with Outlook.com & Skype The To-Do integration with Outlook.com, drags tasks into an open slot on a user’s calendar and blocks time to complete it. In Skype, users need to select the message and tap “Create a task” to open the tasks pane.They can then add, edit, and check off tasks. Tasks will be saved and available in Skype, or in the To-Do app. 4. Family Safety for Microsoft Launcher With Microsoft Launcher installed and a Microsoft family group of accounts set up on a family’s Android devices, parents can stay up to date on their kids’ location to ensure their safety. Parents can check in on kids’ app activity on their Android device, including which apps are accessed and the time spent on each app. 5. Inking in PowerPoint Powerpoint users can now transform an inked bulleted list into perfectly formatted text. While inking a flow chart or diagram, users can design their slide using ink, and Designer will use AI to recommend slides to choose from. 6. Inking in Word The Ink Editor, allows users to add a word, split words or add new lines to their document without touching a keyboard. They can edit a Word document from start to finish using their digital pen and touch-enabled device. 7. Embedded 3D Animations In PowerPoint and Word, dynamically animated movements are built into 3D objects. This makes it effortless to incorporate 3D and animation into a user’s project. Surface All Access is already available at Microsoft retail stores in the U.S. The rest of the products are expected to launch by the end of this year. To know more, you can visit Microsoft's official page. Microsoft Ignite 2018: New Azure announcements you need to know Neural Network Intelligence: Microsoft’s open source automated machine learning toolkit Microsoft’s new neural text-to-speech service lets machines speak like people  

.NET Core 2.0 was released mid August 2017. It has now reached end of life (EOL) and will no longer be supported by Microsoft. .NET Core 2.0 EOL .NET Core 2.1 was released towards the end of May 2018 and .NET Core 2.0 reached EOL on October 1. This was supposed to happen on September 1 but was pushed by a month since users experienced issues in upgrading to the newer version. .NET Core 2.1 is a long-term support (LTS) release and should be supported till at least August 2021. It is recommended to upgrade to and use .NET Core 2.1 for your projects. There are no major changes in the newer version. .NET Core 2.0 is no longer supported and updates won’t be provided. The installers, zips and Docker images of .NET Core 2.0 will still remain available, but they won’t be supported. Downloads for 2.0 will still be accessible via the Download Archives. However, .NET Core 2.0 is removed from the microsoft/dotnet repository README file. All the existing images will still be available in that repository. Microsoft’s support policy The ‘LTS’ releases contain stabilized features and components. They require fewer updates over their longer support release lifetime. The LTS releases are a good choice for applications that developers do not intend to update very often. The ‘current’ releases include features that are new and may undergo changes in the future based on feedback/issues. They give access to the latest features and improvements and hence are a good choice for applications in active development. Upgrades to newer .NET Core releases is required more frequently to stay in support. Some of the new features in .NET Core 2.1 include performance improvements, long term support, Brotli compression, and new cryptography APIs. To migrate from .NET Core 2.0 to .NET Core 2.1, visit the Microsoft website. You can read the official announcement on GitHub. Note: article amended 08.10.2018 - .NET Core 2.0 reached EOL on October 1, not .NET Core 2.1. The installers, zips and Docker images will still remain available but won't be supported, not unsupported. .NET announcements: Preview 2 of .NET Core 2.2 and Entity Framework Core 2.2, C# 7.3, and ML.NET 0.5 Microsoft’s .NET Core 2.1 now powers Bing.com Use App Metrics to analyze HTTP traffic, errors & network performance of a .NET Core app [Tutorial]

Cloudera and Hortonworks have announced a corporate partnership to jointly become a data platform provider, spanning multi-cloud, on-premises and the Edge. They will also accelerate innovation in IoT, streaming, data warehouse, and Artificial Intelligence. This merger will also expand market opportunities for Hortonworks DataFlow and Cloudera Data Science Workbench along with partnerships with public cloud vendors and systems integrators. Tom Reilly, chief executive officer at Cloudera, called their merger as highly complementary and strategic. He said, “By bringing together Hortonworks’ investments in end-to-end data management with Cloudera’s investments in data warehousing and machine learning, we will deliver the industry’s first enterprise data cloud from the Edge to AI.” Rob Bearden, chief executive officer of Hortonworks agrees saying that, “Together, we are well positioned to continue growing and competing in the streaming and IoT, data management, data warehousing, machine learning/AI and hybrid cloud markets.” The terms of the transaction agreement are: Cloudera stockholders will own approximately 60% of the equity of the combined company. Hortonworks stockholders will own approximately 40% of the equity of the combined company. Hortonworks stockholders will receive 1.305 common shares of Cloudera for each share of Hortonworks stock owned, which is based on the 10-day average exchange ratio of the two companies’ prices through October 1, 2018. The companies have a combined fully-diluted equity value of $5.2 billion based on closing prices on October 2, 2018. This merger is expected to generate significant financial benefits and improved margin profile for both the companies which includes: Approximately $720 million in revenue More than 2,500 customers More than 800 customers over $100,000 ARR More than 120 customers over $1 million ARR More than $125 million in annual cost synergies More than $150 million cash flow in CY20 Over $500 million cash, no debt Read more about the announcement on the Hortonworks blog. Hortonworks Data Platform 3.0 is now generally available. Hortonworks partner with Google Cloud to enhance their Big Data strategy. Cloudera Altus Analytic DB: Modernizing the cloud-based data warehouses.

Viavi Solutions, a San Jose-based network test, measurement, and assurance technology company, released version 17.5 of Observer, a popular NPMD ( Network Performance Managment and Diagnostics) tool earlier this week. Observer 17.5 has features such as end-user experience scores, full 100 GB support, improved user experience, and enhanced analytic processing among others. Observer is recognized as a Leader in Gartner's Network Performance Management and Diagnostics (NPMD) Magic Quadrant. It is the network administrator's ultimate toolbox. It enables you to discover your network, capture and decode network traffic, as well as use real-time statistics to solve network problems. Observer 17.5 aims to replace the detailed KPIs that are provided to network engineers with a single result-oriented End-User Experience Score. This will help reduce the guesswork and dead ends that result from troubleshooting processes used by network teams. Let’s discuss Observer 17.5 key features. End-User Experience Scoring and Workflows Observer 17.5 comprises End User Experience Scores integrated with out-of-the-box workflows. This empowers any engineer to navigate a guided path to resolution. Observer 17.5 is backed by complete wire-data, the filtered and relevant insight which can be provided to appropriate IT parties to take corrective actions. Full 100 GB interface support Observer provides full-fidelity forensics for investigations with interfaces for 10, and 40 GB. With Observer 17.5, it now also offers support for 100 GB. This ensures the accuracy and completeness of Observer's performance analytics in high-speed network environments. With the increase in network traffic volumes, it makes sure that every metric reported by the IT team is supported by wire data for root-cause analysis and granular reconstruction. Enhanced User Experience Understanding Observer Apex implements adaptive machine learning that delivers intelligent user insight. This helps reduces the false positives as it enforces enhanced understanding of normal environment behavior and user experience. Improved Interfaces and Analytic Processing User interfaces have been redesigned in Observer 17.5 that help with easier navigation and interaction across different key elements of the Observer platform. Also, the real-time analytical performance has improved in this version. For more information, check out the official blog post. Top 10 IT certifications for cloud and networking professionals in 2018 Top 5 cybersecurity assessment tools for networking professionals Ansible 2 for automating networking tasks on Google Cloud Platform [Tutorial]

Yesterday, the Cloud Native Computing Foundation (CNCF) accepted Cloud Native Buildpacks (CNB) into the CNCF Sandbox. With this collaboration, Buildpacks will be able to leverage the vendor neutrality of CNCF to leverage cloud native virtues. The Cloud Native Buildpacks project was initiated by Pivotal and Heroku in January 2018. The project aims to unify the buildpack ecosystems with a platform-to-buildpack contract. This project incorporates learnings from maintaining production-grade buildpacks at both Pivotal and Heroku. What are Cloud Native Buildpacks? At the high level, Cloud Native Buildpacks turn source code into production ready Docker images that are OCI image compatible. This gives users more options to customize runtime while making their apps portable. Buildpacks minimize initial time to production thus reducing the operational burden on developers, and supports enterprise operators who manage apps at scale. Buildpacks were first created by Heroku in 2011. Since then, they have been adopted by Cloud Foundry as well as Gitlab, Knative, Microsoft, Dokku, and Drie. The Buildpack API was open sourced in 2012 with Heroku-specific elements removed. This was done to make sure that each vendor that adopted buildpacks evolved the API independently, which led to isolated ecosystems. As a part of the Cloud Native Sandbox project, the Buildpack API is standardized for all platforms. They are also opening the tooling they work with and will run buildpacks under the Buildpack GitHub organization. “Anyone can create a buildpack for any Linux-based technology and share it with the world. Buildpacks’ ease of use and flexibility are why millions of developers rely on them for their mission critical apps,” said Joe Kutner, architect at Heroku. “Cloud Native Buildpacks will bring these attributes inline with modern container standards, allowing developers to focus on their apps instead of their infrastructure.” Developers can start using Cloud Native Buildpacks by forking one of the Buildpack Samples. You can also read up on the implementation specifics laid out in the Buildpack API documentation. CNCF Sandbox, the home for evolving cloud native projects, accepts Google’s OpenMetrics Project. Google Cloud hands over Kubernetes project operations to CNCF, grants $9M in GCP credits. Cortex, an open source, horizontally scalable, multi-tenant Prometheus-as-a-service becomes a CNCF Sandbox project.