Tech News

Google contractors ( often referred to as Google’s “shadow workforce”) wrote an open letter on Medium to Sundar Pichai, CEO, Google, yesterday, demanding him to address their demands of better conditions and equal benefits for contractors, that make up more than half of the company’s total staff. Contractors ( vendors, temps, TVCs) are workers who are employed by different outside agencies within Google for all types of different jobs (coders, managers, marketers, janitors, waiters, etc).   https://twitter.com/GoogleWalkout/status/1070327480601509888 It was just last month when 20,000 Google employees along with TVCs, temps, vendors, and contractors walked out to protest against Google’s handling of sexual harassment and discrimination within the workplace. As a part of the walkout, Google employees had made five demands urging Google to bring about structural changes within the workplace. One of the demands laid out by Google employees was “commitment to ending pay and opportunity inequity” for all levels of the organization, including the contract workers and the sub-contract workers. However, Google didn’t address any of the issues surrounding the TVCs so far. “As TVCs who took equal part in the walkout, your silence has been deafening. Google routinely denies TVCs access to information that is relevant to our jobs and our lives,” reads the letter. An example mentioned in the letter is of the tragic shooting at YouTube headquarters in April, this year, where Google sent security related updates to its employees in real time, “leaving TVCs defenseless in the line of fire”. Moreover, TVCs were not even invited to the post-shooting town hall meeting the following day. Similarly, TVCs were also excluded from the town hall meeting that was conducted six days post walkout. “The exclusion of TVCs from important communications and fair treatment is part of a system of institutional racism, sexism, and discrimination. TVCs are disproportionately people from marginalized groups who are treated as less deserving of compensation, opportunities, workplace protections, and respect”, reads the letter. The letter also points out the fact that contractors wear different colored badges from full-time employees, get low wages despite doing the same work as full-time employees, and are offered minimal benefits as compared to full-time employees. “Google has the power — and the money — to ensure that we are treated equitably, with respect and dignity. However, it is clear that we will continue to be mistreated and ignored if we stay silent. We need transparency, accountability, and structural change to ensure equity for all Google workers, ”reads the letter. Contractors have now reiterated the demands of the walkout: End to pay and opportunity inequity for TVCs. This demand includes better pay and same benefits for contractors as full-time employees such as high-quality healthcare, paid vacations, paid sick days, holiday pay, family leave, and bonuses.  There should also be a consistent and transparent conversion process to full-time employment, along with adopting single badge color for all workers. Access to company-wide information on the same terms as full-time employees. This includes access to town hall discussions, communications about safety, discrimination, sexual misconduct, access to internal forums like Google Groups, career growth, classes, and counseling opportunities, similar to the ones offered to full-time employees. Public response to the letter has been largely positive, with people supporting contractors for speaking out: https://twitter.com/andytliu/status/1070504767674245121 https://twitter.com/mer__edith/status/1070345492406644737 https://twitter.com/ireneista/status/1070375529650372608 https://twitter.com/techworkersco/status/1070337882714365952 https://twitter.com/spoonboy42/status/1070479331196059648 Google hasn’t responded yet regarding the demands and for now, we can only wait and see if and when these demands get addressed by Google. Recode Decode #GoogleWalkout interview shows why data and evidence don’t always lead to right decisions in even the world’s most data-driven company Google bypassed its own security and privacy teams for Project Dragonfly reveals Intercept Google employees join hands with Amnesty International urging Google to drop Project Dragonfly

Yesterday, Google announced that they are shutting down Allo, an instant messaging app for the Android and iOS platforms. This news does not come as a surprise given that Google stopped investing in Allo earlier this year in April. People will be able to use Allo till March 2019, until which users can export all of their existing conversation history from the app. Anil Sabharwal, head of the communications group at Google, shared that they are discontinuing the further development of Allo because it was not able to attract many users. He says, “The product as a whole has not achieved the level of traction we’d hoped for. [...] We set out to build this thing, that it [would be] a product that we would get hundreds of millions of people to get excited about and use. And where we are, we’re not feeling like we’re on that trajectory.” The team working on Allo will now work primarily on the implementation of the carrier-based Rich Communication Services (RCS), under the branding ‘Chat’. This will be included within the Android Messages app used for SMS. RCS is a protocol that will potentially replace SMS and bring more advanced features such as group chat, high-resolution photo sharing, read receipts etc. in mobile messaging. Google now wants to focus more on the development of ‘Messages’, which is described as “Google’s official app for texting”. It has brought some of Allo’s most liked features such as Smart Reply, GIFs, and desktop support into Messages. Since then Messages has shown amazing adoption and is now being used by nearly 175 million users. Along with this announcement they have also shared details of their other two communication platforms, Duo and Hangouts. Duo is now supported in various devices such as iPad, Android Tablet, Chromebook, and Smart Displays. They recently added a feature to allow users to leave video messages and they are planning to introduce more quality improvements based on machine learning. Google also pointed out that their expansion of Hangouts to the enterprise (Hangouts Chat and Meet) has been taken well by users. In the coming months, Chat will allow customers to include people from outside of their organization, making it easy to stay aligned with clients, vendors, partners, and others, all from one place. To know more in detail, check Google’s official announcement. Google bypassed its own security and privacy teams for Project Dragonfly reveals Intercept Google Chrome announces an update on its Autoplay policy and its existing YouTube video annotations Google employees join hands with Amnesty International urging Google to drop Project Dragonfly

Yesterday, Applitools, the creator of Application Visual Management (AVM), introduced the AI based automated root cause analysis tool for developers and QA teams for quickly pinpointing bugs within web applications. Root cause analysis saves time                                                  Source: Applitools Adam Carmi, CTO at Applitools told PR Newswire,“Root cause analysis for visual testing will significantly shorten the meantime for resolution of application bugs from hours down to minutes.” The root cause analysis lets the front-end developers and QA teams target the cause of bugs in application code in lesser time as compared to traditional bug diagnosis practices. With the root cause analysis, developers won’t have to go through thousands of lines of DOM and CSS for finding the root cause, instead, a few lines could also work. This increases productivity as the development and QA teams can function smoothly and deliver the product on time. It makes the process of bug fixing faster. It also saves the time of shift left testing, an approach to system testing and software testing. The root cause analysis also shows the visual difference between a baseline screenshot and a test screenshot. Applitools’ user interface version control now includes DOM and CSS associated with each screenshot. It helps the development teams to experience the visual appearance of a web application and the changes made in DOM and CSS. The Applitools root cause analysis correlates the visual differences to DOM and CSS. The major advantage of Applitools AI tool is that it shows only those DOM differences that highlight the visual bug. Root Cause Analysis is currently working with Applitools SDKs for Selenium WebDriver and Java, JavaScript, C#, Python, and Ruby; WebdriverIO, Cypress, and Storybook. Read more about this news on Applitools. Microsoft fixing and testing the Windows 10 October update after file deletion bug SapFix and Sapienz: Facebook’s hybrid AI tools to automatically find and fix software bugs Microsoft fixes 62 security flaws on Patch Tuesday and re-releases Windows 10 version 1809 and Windows Server 2019

ArangoDB 3.4 has been released today. Major new enhancements include ArangoSearch, a feature which transforms ArangoDB, when combined with traversals or joins in AQL, from a data retrieval to an information retrieval solution.  It also comes with full GeoJSON Support enabled by a Google S2 Geo Index library integration. ArangoSearch This new feature provides a rich set of information retrieval capabilities. It consists of two components – a search engine and an integration layer. The search engine manages the index, querying and scoring. The integration layer provides search capabilities for the end user. ArangoSearch can be combined with all three data models in ArangoDB. It uses materialized view to enable full-text search on multiple collections at once. Users can now perform relevance-based matching, phrase and prefix matching, search with complex Boolean expressions, query time relevance tuning and combine complex traversals, geo-queries, and other access patterns with information retrieval techniques. GeoJSON support GeoJSON is an open standard format designed for representing simple geographical features, along with their non-spatial attributes. ArangoDB comes with full support of all geo primitives, including multi-polygons or multi-line strings. It also includes a Google S2 Geometry Library integration which complements ArangoDB’s RocksDB storage engine. Users can also directly visualize results in OpenStreetMap which is integrated into the Query Editor of ArangoDBs WebUI. Other features Query Profiler: Developers can now execute a query with special instrumentation code resulting in a printed query plan with detailed execution statistics. Cluster Management: Enhancements include faster cluster startup, synchronization and query execution. Streaming Cursors: Includes integrated streaming cursors which provide first results as they become available on the server. RocksDB is now the default Storage Engine, previous versions of ArangoDB used MMfiles as the default storage engine. The full list of features is available in ArangoDB release notes. Introducing TigerGraph Cloud: A database as a service in the Cloud with AI and Machine Learning support RedisGraph v1.0 released, benchmarking proves its 6-600 times faster than existing graph databases. Introducing EuclidesDB, a multi-model machine learning feature database.

At Dockercon Europe 2018 held in Barcelona, Microsoft in collaboration with the Docker community announced Cloud Native Application Bundle (CNAB), which is an open-source, cloud-agnostic specification for packaging and running distributed applications. Cloud Native Application Bundle (CNAB) Cloud Native Application Bundle(CNAB) is the combined effort of Microsoft and the Docker community to provide a single all-in-one packaging format, which unifies management of multi-service, distributed applications across different toolchains. Docker is the first to implement CNAB for containerized applications. It plans to expand CNAB across the Docker platform to support new application development, deployment, and lifecycle management. CNAB allows users to define resources that can be deployed to any combination of runtime environments and tooling including Docker Engine, Kubernetes, Helm, automation tools and cloud services. Patrick Chanezon, technical staff at Docker Inc. writes, “Initially CNAB support will be released as part of our docker-app experimental tool for building, packaging and managing cloud-native applications. Docker lets you package CNAB bundles as Docker images, so you can distribute and share through Docker registry tools including Docker Hub and Docker Trusted Registry.” Docker also plans to enable organizations to deploy and manage CNAB-based applications in Docker Enterprise soon. Scott Johnston, Chief product officer at Docker, said, “this is not a Docker proprietary thing, this is not a Microsoft proprietary thing, it can take Compose files as inputs, it can take Helm charts as inputs, it can take Kubernetes YAML as inputs, it can take serverless artifacts as inputs.” According to Microsoft, they partnered with Docker to solve issues with ISV (Independent Software Vendor) and enterprises including: To be able to describe their application as a single artifact, even when it is composed of a variety of cloud technologies Wanting to provision their applications without having to master dozens of tools They needed to manage lifecycle (particularly installation, upgrade, and deletion) of their applications Added features that CNAB brings include: Manage discrete resources as a single logical unit that comprises an app. Use and define operational verbs for lifecycle management of an app Sign and digitally verify a bundle, even when the underlying technology doesn’t natively support it. Attest and digitally verify that the bundle has achieved that state to control how the bundle can be used. Enable the export of the bundle and all dependencies to reliably reproduce in another environment, including offline environments (IoT edge, air-gapped environments). Store bundles in repositories for remote installation. According to a user review on Hacker News thread, “The goal with CNAB is to be able to version your application with all of its components and then ship that as one logical unit making it reproducible. The package format is flexible enough to let you use the tooling that you're already using”. Another user said, “CNAB makes reproducibility possible by providing unified lifecycle management, packaging, and distribution. Of course, if bundle authors don't take care to work around problems with imperative logic, that's a risk.” To know more about Cloud Native Application Bundle(CNAB) in detail, visit Microsoft blog. Microsoft and Mastercard partner to build a universally-recognized digital identity Creating a Continuous Integration commit pipeline using Docker [Tutorial] Docker faces public outcry as Docker for Mac and Windows can be downloaded only via Docker Store login

According to Reuters, Callas “left for a much lower-paying job at the American Civil Liberties Union this week, the latest sign of increasing activity on policy issues by Silicon Valley privacy specialists and other engineers.” Tarah M. Wheeler, Senior Director, Data Trust & Threat and Vulnerability Management at Splunk, tweeted that the person Apple hired to stop government overreach into iPhones, Jon Callas, has moved to ACLU, who should feel lucky to have hired him. https://twitter.com/tarah/status/1070054837566365696 Ben Wizner, director of the ACLU’s Speech, Privacy and Technology Project, said, “Jon has unparalleled knowledge about the hazards of surveillance backdoors and is also an extremely effective communicator to the public, which is equally important”. Thus, at ACLU, he is expected to provide input on fairness and transparency in AI. He is also expected to fight governments that demand access to tech platforms for surveillance. Wizner further added, “It’s critical for organizations like the ACLU to address the asymmetry of expertise between entities like the National Security Agency and Silicon Valley corporations and those of us who are trying to rein them in.” Why Callas joined ACLU? Callas’ resignation as an Apple security expert comes closely on the heels of the “unprecedented activism by rank and file engineers at Alphabet Inc’s Google, Facebook Inc and other technology powerhouses under fire for enabling the spread of misinformation and government-led misdeeds”, Reuters said. “Callas said that he felt a particular kinship with Google employees pressing to have more of a say in the company’s prospective deal to return to mainland China with a censored search engine”. He also added that phone makers had improved security and he wanted to see progress continue and widen without companies succumbing to pressure to install backdoors. Callas wants technology in fields such as law enforcement to evolve as many who work in public services complain that the devices they are using are simply too slow. Bruce Schneier, a cryptography author encouraged Callas to take up the post at ACLU, Reuters reported. Schneier said he was seeing a broader sense of public obligation, with a hundred applicants for a recent opening at the nonprofit Electronic Frontier Foundation. But he said there need to be more ways to contribute to the public welfare and that technology still lags fields like law, where charity work is expected. To know more about this news in detail, head over to Reuters. Richard DeVaul, Alphabet executive, resigns after being accused of sexual harassment Uber’s Head of corporate development, Cameron Poetzscher, resigns following a report on a 2017 investigation into sexual misconduct Python founder resigns – Guido van Rossum goes ‘on a permanent vacation from being BDFL’

Yesterday, at DockerCon Europe 2018, the Docker community announced the Docker Desktop Enterprise, an easy, fast, and a secure way to build production-ready containerized applications. Docker Desktop Enterprise Docker Desktop Enterprise is a new addition to Docker’s desktop product portfolio, which currently includes the free Docker Desktop Community products for MacOS and Windows. The Docker Desktop Enterprise version enables developers to work with the frameworks and languages they are comfortable with. It will also assist IT teams to safely configure, deploy, and manage development environments while adhering to corporate standards practices. Hence the enterprise version enables organizations to quickly move containerized applications from development to production and reduce their time to market. Features of Docker Desktop Enterprise Enterprise Manageability With Docker Desktop Enterprise, IT teams and application architects can present developers with application templates designed specifically for their team, to bootstrap and standardize the development process and provide a consistent environment all the way to production. For the IT team, the Docker Desktop Enterprise is packaged as standard MSI (Win) and PKG (Mac) distribution files. These files work with existing endpoint management tools with lockable settings via policy files. This edition also provides developers with ready to code, customized and approved application templates. Enterprise Deployment & Configuration Packaging IT desktop admins can deploy and manage Docker Desktop Enterprise across distributed developer teams with their preferred endpoint management tools using standard MSI and PKG files. Desktop administrators can also enable or disable particular settings within Docker Desktop Enterprise to meet corporate standards and provide the best developer experience. Application architects provide developers with trusted, customized application templates through the Application Designer interface in Docker Desktop Enterprise, helping to improve reliability and security by ensuring developers start from approved designs. Increase Developer Productivity and Ship Production-ready Containerized Applications Developers can quickly use company-provided application templates that instantly replicates production-approved application configurations on the local desktop by using the configurable version packs. With these version packs, developers can now synchronize desktop development environment with the same Docker API and Kubernetes versions that are used in production with Docker Enterprise. No Docker CLI commands are required to get started with Configurable Version Packs. Developers can also use the Application Designer interface, template-based workflows for creating containerized applications. If one has never launched a container before, the Application Designer interface provides the foundational container artifacts and user’s organization’s skeleton code to help users get started with containers in minutes. Read more about Docker Desktop Enterprise here. Gremlin makes chaos engineering with Docker easier with new container discovery feature Docker faces public outcry as Docker for Mac and Windows can be downloaded only via Docker Store login Zeit releases Serverless Docker in beta  

Yesterday Microsoft made a handful of announcements at Connect (); 2018. The membership to the .NET foundation is now open, .NET Core 2.2 is released, .NET Core 3 Preview 1 is released and Windows Forms, WinUI are now open source. Membership is now open to the .NET Foundation Found in 2014, the .NET Foundation was formed to foster .NET open source development and collaboration. Microsoft has set the membership open to the community. It is also expanding on the number of board members from three to seven and only one of the seats will be occupied by a Microsoft employee with the remaining elected from the open source community. The board elections will commence in January 2019 and any individual who has contributed to a .NET Foundation open source project is eligible. This criteria also applies to become a member and the election will be held every year. You can apply for a membership on their website. To know more about membership and eligibility, head to the Microsoft Blog. New features in .NET Core 2.2 .NET Core 2.2 comes with diagnostic improvements to the runtime, ARM32 support for Windows and Azure Active Directory for SQL Client. Tiered compilation Tiered compilation enables the runtime to use the Just-In-Time (JIT) compiler more adaptively. This will give better performance at startup to maximize throughput. It is an opt-in option and is enabled by default in .NET Core 3.0. Runtime events With .NET Core 2.2, CoreCLR events can be consumed using the EventListener class. These CoreCLR events describe the behavior of GC, JIT, ThreadPool, and interop. They are the same events exposed as part of the CoreCLR ETW provider on Windows. This allows applications to consume these events or use a transport mechanism to send them to a telemetry aggregation service. Support for AccessToken in SqlConnection Setting the AccessToken property to authenticate SQL Server connections are now supported in the ADO.NET provider for SQL Server, SqlClient. This is done using Azure Active Directory. To use the feature, the access token value can be obtained using Active Directory Authentication Library for .NET. This library is present in the Microsoft.IdentityModel.Clients.ActiveDirectory NuGet package. Injecting code prior to Main .NET Core 2.2 enables injecting code prior to running an application main method. This can be done via a startup hook. Startup hooks allow for a host to customize application behavior after it has been deployed. Windows ARM32 Windows ARM32 is now supported in .NET Core 2.2 just like Linux ARM32 which was added in .NET Core 2.1. A bug prevented publishing of .NET Core builds for Windows ARM32. These builds will be available for .NET Core 2.2.1, in January 2019. .NET Core 3 Preview 1 .NET Core 3 Preview 1 is the first public release of .NET Core 3. Visual Studio 2019 Preview 1 will support development with .NET Core 3. .NET Core 3 is a major update. It adds support for building Windows desktop applications using Windows Presentation Foundation (WPF), Windows Forms, and Entity Framework 6 (EF6). Read more about the preview on the .NET Blog. WPF, Windows Forms, and WinUI are now open source After .NET Core went open source in 2014, it saw many contributions from the community. Microsoft is now open sourcing WPF, Windows Forms, and WinUI. Some code will be available in GitHub now and more will be added over the next few months. Repositories for WPF and WinUI are ready too. WPF and Windows Forms projects are under the .NET Foundation. This happened at the Connect(); conference yesterday when Microsoft employees merged the first two community pull requests on stage. This is another step from Microsoft towards open source, strongly signaling the seriousness of their open source commitment. Microsoft reportedly ditching EdgeHTML for Chromium in the Windows 10 default browser Microsoft becomes the world’s most valuable public company, moves ahead of Apple Microsoft announces official support for Windows 10 to build 64-bit ARM apps

Yesterday, Google announced the release of Flutter 1.0, its first stable release, at the Flutter Live event. They further shared that they are working on a project called Hummingbird, which is a way to bring Flutter apps to the “modern, standards-based web”. https://twitter.com/flutterio/status/1070021432934055936 Flutter Live was held yesterday at the Science Museum on Exhibition Rd, Kensington, London SW7 2DD, UK. At this event, Google shared the latest from Flutter, Google’s free and open source SDK for building high-quality native iOS and Android apps from a single codebase. Flutter 1.0 updates The primary focus of Flutter 1.0 was bug fixes and stabilization. Some of the updates introduced in this release are: They have added support for nearly twenty different Firebase services. Performance is improved and work has been done around reducing the Flutter apps size. Dart platform has been updated to 2.1, which offers smaller code size, faster type checks, and better usability for type errors. They have also introduced previews of two new major features namely, Add to App and platform views, which are estimated to be released in February 2019. Developers can try these features in the preview mode. Add to App Add to App is introduced for the developers who wanted to use Flutter for adding new features in their existing applications or to convert their existing application to Flutter in stages. This feature makes it easier to incrementally adopt Flutter by updating templates, tooling, and guidance for existing apps. Also, the tooling has been reworked to make it easy to attach to an existing Flutter process without launching the debugger with the application. Platform views The newly-added platform view widgets, AndroidView and UiKitView allow you to embed an Android or iPhone platform in a Flutter app. These platform view widgets participate in the composition model, which means that you can integrate it with other Flutter content. Hummingbird to bring Flutter to web Flutter primarily focussed on iOS and Android, but now Google is extending it to a broader set of platforms. To achieve this goal, they recently shared a project called Flutter Desktop Embedding, which aims to brings Flutter to desktop operating systems. Also, to expand Flutter to the web they introduced Hummingbird. It is a web-based implementation of the Flutter runtime that utilizes the capability of Dart to compile not just to native ARM code but also to JavaScript. Google’s product manager for Flutter, Tim Sneath told TechCrunch, ”From the beginning, we designed Flutter to be a portable UI toolkit, not just a mobile UI toolkit. And so we’ve been experimenting with how we can bring Flutter to different places.” To explain more about what Hummingbird exactly is, Mr. Sneath added, “One of the great things about Flutter itself is that it compiles to machine code, to Arm code. But Hummingbird extends that further and says, okay, we’ll also compile to JavaScript and we’ll replace the Flutter engine on the web with the Hummingbird engine which then enables Flutter code to run without changes in web browsers. And that, of course, extends Flutter’s perspective to a whole new ecosystem.” Read the official announcement about Flutter, check out Google’s blog. Google Flutter moves out of beta with release preview 1 Google Dart 2.1 released with improved performance and usability JavaScript mobile frameworks comparison: React Native vs Ionic vs NativeScript

“I’m excited to share some of the latest things we’re working on at Microsoft to help developers achieve more when building the applications of tomorrow, today.” -Scott Guthrie - Executive Vice President, Cloud and Enterprise Group, Microsoft On the 4th of December, at the Microsoft Connect(); 2018 Conference, the tech giant announced a series of updates in its Azure domain. With an aim to make it easy for operators and developers to adopt and use Kubernetes, Microsoft has announced the public preview of Azure Kubernetes Service virtual nodes and Azure Container Instances GPU support. They have also announced Azure Pipelines extension for Visual Studio Code, GitHub Releases, and much more! #1 Azure Kubernetes Service virtual nodes, Azure Container Instances GPU support enters public preview The Azure Kubernetes Service (AKS) is powered by the open source Virtual Kubelet technology. This release will enable customers to fully experience serverless Kubernetes. Customers will be able to extend the consistent, powerful Kubernetes API (provided by AKS) with the scalable, container-based compute capacity of ACI. With AKS virtual nodes, customers can precisely allocate the number of additional containers needed, rather than waiting for additional VM-based nodes to spin up. The ACI is billed by the second, based on the resources that a customer specifies, thus enabling them to match their costs to their workloads. This, in turn, will help the AP provided by Kubernetes to reap the benefits of serverless platforms without having to worry about managing any additional compute resources Adding GPU support to ACI will enable a new class of compute-intensive applications through AKS virtual nodes. The blog says that initially, ACI will support the K80, P100, and V100 GPUs from Nvidia and users can specify the type and number of GPUs that they would like for their container. #2 Azure Pipelines extension for Visual Studio Code The  Azure Pipelines extension for Visual Studio Code will enable developers use VS syntax highlighting and IntelliSense that will be aware of the Azure Pipelines YAML format. Traditionally, in Visual Studio Code, syntax highlighting required developers to remember exactly which keys are legal, causing them to flip back and forth to the documentation while keeping track of the location of the keys. Using this new functionality of Azure, they will now be alerted in red “ink” if they write “tasks:” instead of “task:”. They just need to press Ctrl-Space (or Cmd-Space on macOS) to see what’s accepted at that point in the file. #3 GitHub releases Developers can now seamlessly manage GitHub Releases using Azure Pipelines. This allows them to create new releases, modify drafts, or discard older drafts. The new GitHub Releases task supports actions like attaching binary files, publishing draft releases, and marking a release as pre-release and much more. #4 Azure IoT Edge support in the Azure DevOps project Azure DevOps Projects enables developers to set up a fully functional DevOps pipeline straight from the Azure portal which will be customized to the programming language and application platform they want to use, along with the Azure functionality they want to leverage and deploy to. The community showed a growing interest in using Azure DevOps to build and deploy IoT based solutions. The Azure portal for Azure IoT Edge in the Azure DevOps project workflow will make it easy for customers to achieve this goal. They can easily deploy IoT Edge modules written in Node.js, Python, Java, .NET Core, or C, helping users to develop, build, and deploy their IoT Edge application. This support will provide customers with: A Git code repository with a sample IoT Edge application written in Node.js, Python, Java, .NET Core, or C A build and a release pipeline setup for deployment to Azure Easy provisioning of all Azure resources required for Azure IoT Edge #5 ServiceNow integration with Azure Pipelines Azure has joined forces with ServiceNow, an organization that is focussed on automating routines activities, tasks, and processes at work. They help enterprises gain efficiencies and increase the productivity of their workforce. Developers can now automate the deployment process using Azure Pipelines, and use ServiceNow Change Management for risk assessment, scheduling, approvals, and oversight while updating production. You can head over to Microsoft’s official Blog to know more about these announcements. Microsoft and Mastercard partner to build a universally-recognized digital identity Microsoft open sources (SEAL) Simple Encrypted Arithmetic Library 3.1.0, with aims to standardize homomorphic encryption Microsoft reportedly ditching EdgeHTML for Chromium in the Windows 10 default browser  

The Game studio, who brought the phenomenal online video game Fortnite to life, has launched an Epic games store. In a blog post on the Unreal Engine website, Epic stated that the store will have a “fair economics and a direct relationship with players”. All players who buy a game will be subscribed to a developer’s newsfeed where they can contact them for updates and news about upcoming releases. Developers can also control their game pages and connect with YouTube content creators, Twitch streamers, and bloggers with the recently launched Support-A-Creator program. Epic games store will also follow an 88/12 revenue split. “Developers receive 88% of revenue,” the company wrote. “There are no tiers or thresholds. Epic takes 12%. And if you’re using Unreal Engine, Epic will cover the 5% engine royalty for sales on the Epic Games store, out of Epic’s 12%.” Source: Unreal Engine Epic’s inspiration for the 88/12 split may have possibly been taken from Valve’s Steam store (a major competitor to Epic games) who have tweaked their revenue making process. “Starting from October 1, 2018, when a game makes over $10 million on Steam, the revenue share for that application will adjust to 75 percent/25 percent on earnings beyond $10 million,” Valve wrote in the official blog post. “At $50 million, the revenue share will adjust to 80 percent/20 percent on earnings beyond $50 million. The Epic game store with launch with a few selected games on PC and Mac, then it will open up to other games and to Android and other open platforms throughout 2019. With this move, Epic Games are looking to attract more gamers and developers to their platform. And a better revenue split will automatically do most of the work for them. Developer-favour revenue splitting will also increase the market where previously there was a lack of competition in PC-game distribution by the immovable 30/70 split. Twitteratis were fairly happy with this announcement and expressed their feelings and agreed on it to being a threat to Valve. https://twitter.com/Grummz/status/1069975572984385537 https://twitter.com/SpaceLyon/status/1069979966501208065 https://twitter.com/lucasmtny/status/1069970212424953857 https://twitter.com/nickchester/status/1069970684112265217 The Epic Games team will reveal more details on upcoming game releases at the Game Awards this Thursday. Read the blog post by Epic games to know more. Epic games CEO calls Google “irresponsible” for disclosing the security flaw in Fortnite Android Installer before patch was ready Google is missing out $50 million because of Fortnite’s decision to bypass Play Store Implementing fuzzy logic to bring AI characters alive in Unity based 3D games

Yesterday, HashiCorp announced HashiCorp Vault 1.0. It is a tool that can be used to manage secrets and protect sensitive data for infrastructures and applications. This first major release focuses on high performance and scalability in workloads. Batch tokens in Vault 1.0 They are a new type of token with support for ephemeral, high-performance workloads. Batch tokens do not write to disk, and thereby significantly reduce the performance cost of any operations within the Vault. The tradeoff is that batch tokens are not persistent. Therefore they will not be of much use in long-lived or ongoing operations or any operations that require token resiliency. Due to their ephemeral nature, batch tokens are good for large batches of operations with a single purpose like using a transit secret engine. However, they are not good for operations like persistent secret access within a K/V engine. Cloud Auto Unseal open sourced Cloud Auto Unseal is open sourced in Vault 1.0. This allows Vault users to leverage cloud services like AWS KMS, Azure Key Vault, and GCP CKMS. It is open sourced to simplify storing and reassembling Shamir's keys for users. HSM-based Auto Unseal and Seal-Wrap will remain as features within Vault Enterprise. They are typically deployed to conform with government and regulatory compliance requirements. OpenAPI in Vault 1.0 The latest release of Vault supports the OpenAPI standard by the Open API Initiative. This standard provides vendor-neutral description format for API calls. By using the /sys/internal/specs/openapi endpoint, Vault can now generate an OpenAPI v3 document describing mounted backends and endpoint capabilities for a token’s permissions. A new updated UI There have been significant UI upgrades in vault leading up to 1.0. These upgrades include: Wizards to help introduce new users to get started with Vault New, updated screens to show users how to mount auth methods and secret engines Support to manage key versioning within the K/V v2 secrets engine Other UI updates to help ensure simple Vault deployment, initialization, and management Expanded Alibaba Cloud integration Features for operating Vault with and within Alibaba Cloud is now expanded. In Vault 1.0, Alibaba Cloud KMS is supported as a Seal-Wrap and Auto Unseal target. The Alibaba Cloud Auth Method is now a supported interface for Auto Auth within Vault Agent. GCP CKMS secret engine A new secrets engine is added for managing cryptographic operations within GCP CKMS. With this interface, users can perform tasks like transit-like decrypt/encrypt operations, key creation, and key management within external GCP CKMS systems. Other features The credential used by the AWS secret engine can be rotated to ensure that only Vault knows the credentials. With a new operator migrate command, users can do offline migration of data between two storage backends. Keys in transit secret engine can be trimmed which allows removal of older unused key versions. To know more about Vault, visit the HashiCorp website. Google Titan Security key with secure FIDO two factor authentication is now available for purchase Google introduces Cloud HSM beta hardware security module for crypto key security Kubernetes 1.13 released with new features and fixes to a major security flaw

Mastercard has partnered with Microsoft to help people better manage and use their digital identity. Current identity management systems are complex in proving user identity and managing their data. Following this, Mastercard and Microsoft are provided a way for people to instantly verify their digital identity with whomever they want, whenever they want using a universally-recognized, single digital identity system. https://twitter.com/MastercardNews/status/1069601787852873728 Microsoft CEO Satya Nadella also tweeted about this collaboration. https://twitter.com/satyanadella/status/1069694712464973829 Today’s digital identity landscape is patchy, inconsistent and what works in one country often won’t work in another. We have an opportunity to establish a system that puts people first, giving them control of their identity data and where it is used,” says Ajay Bhalla, president, cyber and intelligence solutions, Mastercard. “Working with Microsoft brings us one step closer to making a globally interoperable digital identity service a reality, and we look forward to sharing more very soon.” This single digital identity initiative will be powered by Microsoft Azure and built in collaboration with leaders in the banking, mobile network operator and government communities. It will be used to solve three major challenges: Identity Inclusion: Improving digital identity for women, children, refugees, and other underrepresented groups to improve their access to health, financial and social services. Identity Verification: To help people interact with a merchant, bank, government agency and countless other digital service providers with greater integrity, lower cost and with less friction. Fraud Prevention: To help reduce payments fraud and identity theft of various forms. It will also streamline and improve the speed of commerce and government, financial,  and digital services. However, a universal identification like this may raise security, and privacy concerns, not to mention the data can be used for surveillance. Microsoft and MasterCard will need to adopt strict measures to protect their user data. Public opinion on this system has also been largely negative. https://twitter.com/ChrisBlec/status/1070169644835766272 https://twitter.com/goretsky/status/1069719344744062976 https://twitter.com/aral/status/1069853577865244672 https://twitter.com/bobofgold/status/1070227010209964033 Mastercard made their decisions clear to a Fast Company editor. The service will allow the data to sit with its rightful owner–the individual–and wouldn’t involve amassing personal data in honeypots vulnerable to attack. In no situation would Mastercard collect users’ identity data, share it or monitor their interactions. Instead, the data would reside with the trusted party, and our service would merely validate the information already provided, once an individual has decided to do so. This is about giving the individual control over who sees their information and how it’s used. Go through the press release on Mastercard Newsroom for more information. Marriott’s Starwood guest database faces a massive data breach affecting 500 million user data. Microsoft announces ‘Decentralized Identity’ in partnership with DIF and W3C Credentials Community Group

Yesterday, Google announced the release of Chrome 71. This version comes with support for displaying relative time, specifying the underline location for vertical text, user activation for speech synthesis, and more. Some of the updates in Chrome 71 are described here: Intl.RelativeTimeFormat() support to display relative time Showing relative time in web apps has become a common practice and many date/time libraries come with localized functions to handle this for us. One of the examples of these libraries is Moment JS. Chrome 71 introduces Intl.RelativeTimeFormat(), a low-level API that allows libraries and frameworks to format relative time in a localized fashion. Specifying the underline location for vertical text Often, browsers are inconsistent with where to put the underline, when it comes to displaying Chinese or Japanese text. This is solved in Chrome 71, as the text-underline-position property now accepts left or right as part of the CSS3 text decoration spec. Speech synthesis requires user activation Sometimes it is quite odd when we open a site and it suddenly starts talking to us. Though autoplay policies prevent these sites from automatically playing audio, they have tried to get around this by using speech synthesis API. To avoid this, in Chrome 71, the speech synthesis API now requires user activation on the page before it will work. If the document has not received a user activation, the speechSynthesis.speak() function now throws an error. Customizable requestFullscreen API Developers can now customize the requestFullscreen API with FullscreenOptions on Android. They can choose between showing the navigation bar or a completely immersive mode where no user agent controls are shown until a gesture is performed. Default credentials mode defaults to same-origin For module script requests, the default credentials mode has been changed from “omit” to “same-origin”. This is done because the previous behavior was misaligned with other high-level features like the Fetch API. Defaulting to origin also caused a second server connection, which is undesirable for developers looking to reduce latency. Deprecations and removals in Chrome 71 WebKitAnimationEvent and WeKitTransitionEvent, the non-standard aliases for two widely supported standard interfaces are now fully replaced by AnimationEvent and TransitionEvent respectively. URL.createObjectURL() has been removed from the MediaStream interface. The document.origin property has been removed as it is now redundant with self.origin which can be used in both window and worker contexts and has wider support. Read more in detail about the Chrome 71 updates on Google Developers blog. Google bypassed its own security and privacy teams for Project Dragonfly reveals Intercept Google Chrome announces an update on its Autoplay policy and its existing YouTube video annotations Project Fi is now Google Fi, will support multiple Android-based phones, offer beta service for iPhone

On 3rd December, Stripe announced the open-sourcing of Skycfg which is a configuration builder for Kubernetes. Skycfg was developed by Stripe as an extension library for the Starlark language. It adds support for constructing Protocol Buffer messages. The team states that as the implementation of Skycfg stabilizes, the public API surface will be expanded so that Skycfg can be combined with other Starlark extensions. Benefits of Skycfg Skycfg ensures Type safety. It uses ‘Protobuf’  which has a statically-typed data model, and the type of every field is known to Skycfg when it's building a configuration. Users are free from the risk of accidentally assigning a string to a number, a struct to a different struct, or forgetting to quote a YAML value. Users can reduce duplicated typing and share logic by defining helper functions. Starlark supports importing modules from other files. This can be used to share common code between configurations. These modules can protect service owners from complex Kubernetes logic. Skycfg supports limited dynamic behavior through the use of context variables, which let the Go caller pass arbitrary key:value pairs in the ctx parameter. Skycfg simplifies the configuration of Kubernetes services, Envoy routes, Terraform resources, and other complex configuration data. Here is what users are saying about Skycfg over at HackerNews: Head over to GitHub for all the code and supporting files. Google Kubernetes Engine was down last Friday, users left clueless of outage status and RCA Introducing Alpha Support for Volume Snapshotting in Kubernetes 1.12 ‘AWS Service Operator’ for Kubernetes now available allowing the creation of AWS resources using kubectl