AWS Budgets lets customers set custom budgets and receive alerts if their costs or usage exceed (or are forecasted to exceed) their budgeted amount.
Quelle: aws.amazon.com
View the updated agenda and additional speakers added to the lineup for the OpenShift Commons Gathering in Austin Texas on December 5, 2017 and make your plans to meet with 400+ developers, DevOps professionals, sysadmins, and cloud-native practitioners to explore the next steps for making container technologies successful and secure.
Quelle: OpenShift
Microsoft hat den vierten Teil der Echtzeitstrategiespiel-Serie Age of Empires angekündigt.
Quelle: Heise Tech News
Vasily Fedosenko / Reuters
The Daily Stormer’s unceremonious booting from large swathes of the internet has made plenty of headlines; tech companies, the story goes, are “joining the resistance.” Silicon Valley is conducting a “Nazi purge,” and Charlottesville is “reshaping the fight against online hate.”
But the demise of this hateful website has also raised a new debate about an old problem: Silicon Valley’s control of our online speech.
Companies like Facebook and Twitter have been making hard decisions about hate speech for a long time. These platforms, as well as web-hosting companies and other intermediaries, are not governed by the First Amendment. Instead, they must obey 47 U.S.C. § 230, known colloquially as “CDA 230.” This gives them immunity from liability for most of the content they host, and says they are free to host (or not host) whatever they want.
Those rights are important, but they also come with great responsibility. And I believe these companies are failing to live up to that responsibility.
The truth is companies get these decisions wrong a lot of the time. And because they’re not transparent about how their rules are enforced or about how much content is taken down, we only hear about the bad decisions when they make headlines. That is happening increasingly often these days, as those in media circles take more interest in the issue.
Just this summer, Facebook used its hate speech policies to censor queer artists and activists for using words like “dyke” and “fag”; Twitter booted several leftist activists, apparently for engaging in uncivil counterspeech; and YouTube’s algorithms deleted masses of videos from the Syrian civil war that activists had archived for use in war crimes investigations.
This is nothing new. Over the years, I’ve watched as Silicon Valley companies have made globally important decisions that have stirred less debate than this week’s Daily Stormer episode. Last year, when Twitter boasted that it deleted 235,000 “terrorism-related” accounts from their service, hardly anyone blinked. But in that case, as in this one, we need to ensure that these companies are accountable to their users, and that people have a path of recourse when they are wronged.
I’m not so worried about companies censoring Nazis, but I am worried about the implications it has for everyone else. I’m worried about the unelected bros of Silicon Valley being the judge and jury, and thinking that mere censorship solves the problem. I’m worried that, just like Cloudflare CEO Matthew Prince woke up one morning and decided he’d had enough of the Daily Stormer, some other CEO might wake up and do the same for Black Lives Matter or antifa. I’m worried that we’re not thinking about this problem holistically.
In the case of the Daily Stormer, companies were undoubtedly very aware of the site’s presence on their platforms and made not just a moral decision, but a business one as well. But that’s not how content moderation typically works: In most instances, companies rely on their users to report one another. The reports enter a queue that is then moderated either by humans — often low-wage workers abroad whose job requires them to look at horrible images so you don’t have to — or by algorithms. A decision is made and the content is either left up or removed.
Some platforms, like Facebook, mete out punishment to their users, temporarily suspending them for up to 30 days; others may boot users for their first or second infraction. Users are only able to appeal these corporate decisions in certain circumstances.
How comfortable you are with this kind of set up depends on your view of speech and who should police it. There are different kinds of free speech advocates — some believe that a pluralistic, democratic society is nothing without freedom of expression, and that we must protect the rights of all if we want to protect the most vulnerable. The “slippery slope” argument is popular, although it’s not always convincing.
There are others who will fight to the death for your right to be a hateful Nazi, although I’m not one of them.
Rather, my belief in the need for freedom of expression has strengthened over time as I’ve watched governments and corporations restrict the speech rights of vulnerable groups, and questioned their ability — and sometimes their intent — to get it right. I’m also deeply unconvinced that censorship, especially when decoupled from education, is an effective means of change. Finally, even if one platform bans a user, another might be there to welcome them with open arms.
Cloudflare’s CEO, fresh from making what he admits was a dangerously arbitrary decision to cut off a neo-Nazi site, says we need to have a conversation about this, with clear rules and clear frameworks. I agree. What we need is for companies to choose openness, transparency, and due process.
In practice, that means giving experts and the public greater input into speech policies and their implementation — something that, right now, companies only do behind the secrecy of a nondisclosure agreement, if at all.
It means offering users a way to consent to policies and policy changes, and being open about how rules are made and enforced. And it means ensuring that every user has the ability to appeal decisions made against them. Even assholes.
Quelle: <a href="Silicon Valley's "Nazi Purge" Shows Who Really Controls Our Online Speech“>BuzzFeed
Google hat Android 8 veröffentlicht, Codename Oreo. Zuerst landet es auf den hauseigenen Smartphones und Tablets, andere Hersteller dürften in den kommenden Wochen folgen.
Quelle: Heise Tech News
I’ve been at Docker for just over two years now, and I’ve worked with every version of Docker Enterprise Edition (née Docker Datacenter) since before there even was a Docker Enterprise Edition (EE). I’m more excited about this new release than any previous release.
There are several new features that are going to ease the management of your applications (both traditional and cloud-native) wherever you need them to run: the cloud or the data center, virtual or physical, Linux or Windows – and now even IBM Z mainframes.
It would take too long to discuss all of the new features, so with that in mind, I’m going to talk about my three favorite features in Docker EE 17.06.
Hybrid-OS Clusters
Docker and Microsoft introduced support for Windows Server containers last fall. This was a major milestone that helped Docker move towards the goal of embracing apps across the entirety of the data center. With this latest release Docker extends hybrid OS operations even further: IT admins can now build and manage clusters comprised of Linux, Windows Server 2016, and IBM Z mainframes – all from the same management plane. This means you can manage applications comprised of both Windows and Linux components from Docker Universal Control Plane. For instance, you can run your web front end on Linux and connect that to Microsoft SQL Server running on Windows.
Docker EE 17.06 is the first Containers-as-a-Service platform to offer production-level support for the integrated management and security of Windows Server Containers.
For more information on hybrid-OS clusters, check out this video.
Enhanced Role-based Access Control (RBAC)
Docker EE has always featured RBAC. With Docker EE 17.06 we’ve enhanced these capabilities to further extend the way administrators manage access to cluster resources.
To better understand how RBAC works in Docker EE 17.06 it’s probably best if I define four concepts:
Custom Roles: A role is essentially a set of permissions that define what operations someone can perform on cluster resources. As in previous releases, Docker EE 17.06 has a set of predefined roles (View Only, Full Control, etc). What’s new in this release is the ability for administrators to choose from dozens of individual capabilities to define custom roles.
For instance, an admin could define a ‘network-ops’ role that only grants the ability to perform a subset of tasks specifically related to network functionality.
Note: This image only shows a small subset of all the various operation permissions available in Docker EE 17.06
In short roles are what someone can do when working with your Docker EE cluster.
Subject: Subjects define who can perform certain tasks. Subjects can be Docker EE users, teams or organizations.
Collections: Collections are a new concept in Docker EE. They provide a mechanism for administrators to group cluster resources (services, containers, volumes, networks, secrets, etc) together. An admin assigns a special Docker label (com.docker.ucp.access.label) to a particular resource to define what collection the resource belongs to.
Collections can be nested into a directory-like hierarchy. For instance an admin user can create a prod collection, and then a webserver collection beneath that.
Nested collections will inherit permissions from their parent collections.
You can think of collections as where someone can perform tasks.
Grant: A grant defines who (subject) can do what (role) where (collection). For example, you can create a grant that specifies that the “Dev Team” gets “View Only” access against resources in the “/Production” collection.
In addition to these new capabilities, Docker EE Advanced 17.06 extends the concept of RBAC to nodes as well. So now administrators can subdivide cluster servers between teams, and ensure that those dedicated resources are only accessed by individuals who have been explicitly granted permission. These features give administrators nearly infinite flexibility with regards to how they want to secure their cluster resources.
For more information on RBAC in Docker EE 17.06 check out this video.
Automated Image Promotion and Immutable Repos
Ok, this is technically two features, but they’re both awesome: Automated Image Promotion and Immutable Repos. These two capabilities allow administrators to further ensure the integrity of Docker images.
Automated image promotion gives IT practitioners the ability to define criteria that, when met, will automatically promote an image from one Docker Trusted Registry (DTR) repository to another.
For instance, today you might create a new version of an application, run it through QA, and then – if it passes – manually promote it to the production repo. The QA process could include steps such as scanning for vulnerabilities or the usage of components with certain licenses.
With Docker EE 17.06, you can automate portions of this process. You can define criteria based on the the image tag, the number of vulnerabilities in the image, presence of certain packages, or the type of license found in the image. If those criteria are met, the image will automatically be promoted from one repo to the other.
Additionally, you can apply multiple policies to create sophisticated automated promotion scenarios.
Immutable repos work alongside image promotion (as well as the existing security scanning and image signing features) to help protect the integrity of your Docker images. As the name implies, immutable repos allow administrators to prevent image tags from being changed in a given repository.
This is aimed at stopping a scenario where someone pushes a version of an image with a given tag, and then someone else overwrites that image by pushing a different version using the same tag as the original user. With immutable repos you can be assured that your images will not be accidentally (or intentionally) overwritten.
For more information on image promotion and immutable repos, please see this video.
Secure and Manage More Applications
Ok – I know I said I was going to talk about my three favorite new features, but I have to add my other favorite new feature: Docker Security Scanning for Windows images. Docker Security Scanning, part of Docker EE Advanced, automatically scans images for common vulnerabilities and exploits as they are pushed to DTR. Previously this has only worked with Linux images, but with Docker EE Advanced 17.06 it now also works with Windows images!
So there you have it: my three (or four or five depending on how you counted) favorite new features in Docker EE 17.06.
Thanks for taking the time to learn what’s new in Docker EE 17.06. Like I said, there are plenty of other new features. Heck, I didn’t even talk about multi-stage builds or the new UI. I hope after reading this, that you’re as excited about Docker EE 17.06 as I am.
Continue your Docker journey with these helpful links:
Try Docker Enterprise Edition for free
Register for an upcoming Docker webinar
Review What’s New with Docker EE
Read the documentation
Are you excited about #Docker EE ? @mikegcoleman is – read about his fave featuresClick To Tweet
The post My Three Favorite New Features in Docker Enterprise Edition appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/
How many fart noise generators does one smart home device have to have?
Because I'm an American patriot, I celebrated Amazon Prime Day and bought a discounted ($35 instead of $50!) Amazon Dot. The Dot is the smaller, cheaper version of the Echo. I have heard good things about the Echo, and I was excited to try it out the smart speaker life.
I start to set it up, eagerly looking for cool “skills” (Alexa lingo for apps, basically) to add to it. Obviously, add the BuzzFeed News flash briefing (start your morning with it!). But then…. I'm looking at this list and it's like last call at Club Penguin in here.
The “skills” interface seems to offer no differentiation between an official or essential skill versus some random gimmick a teenager probably made. It appears it's quite easy you make own, which means there's a lot of super amateur ones, or ones that seems tailored for one person.
I imagined my new sleek and efficient life where I was chatting happily to Alexa, telling her to fire up my Juicero, put Tide pods on my shopping list, and add dinner dates to my calendar.
That's not exactly how things went….
Quelle: <a href="17 Alexa Skills That Don't Need To Exist“>BuzzFeed
Google hat die fertige Version von Android O veröffentlicht. Die neue Hauptversion des Mobilbetriebssystems trägt den Beinamen Oreo. (Android O, Google)
Quelle: Golem
Nicole Nguyen / BuzzFeed News
The company is commemorating the announcement with an Android statue near Chelsea Market, the location of the original Nabisco factory where Oreo cookies were once made and, coincidentally, the site of Google’s New York offices.
The name of each release is the subject of much speculation and anticipation among Android superfans leading up to the unveil. Every major Android release is named after a dessert in alphabetical order (e.g., Lollipop, Marshmallow, and Nougat). “We have these microkitchens everywhere at Google, and they’ve always been full of Oreos,” Dave Burke, Android’s VP of engineering told BuzzFeed News. “I think we subliminally have been waiting to get to O.”
But, for most, what really matters is: Why should I update my phone and when can I do it?
Dave Burke / Google
Rather than a radical redesign, Android users should expect more incremental refinements in O—many of which affect performance under the hood, to things like battery life and speed.
App developers will be able to add picture-in-picture capability (like Netflix, shown here). That means users will be able to continue watching the video they’re streaming while using other parts of their device. At launch, only subscribers to YouTube Red ($10 for ad-free music and YouTube videos) will be able to use the feature with the YouTube app.
Two other user-friendly, time-saving features coming to Oreo are notification dots, which allow users to long press apps on the homescreen to view what’s new, and autofill, which will automatically populate logins/passwords saved to Chrome directly to apps.
The bigger improvements, though, are less visible. A new feature called “smart text selection” uses artificial intelligence to automatically select related groups of words. For example, if you tap to select one part of a home address, Android will automatically select the entire thing, as well as suggest pasting the text into the Maps app.
Google Play Protect is a new program designed to detect harmful apps, and will help make Android phones more secure. Meanwhile, Android Oreo will make app boot times and device restarting up to twice as fast.
Your battery life will get better too, which is something the Android team has steadily been working to improve since the previous two releases, Marshmallow and Nougat. More battery management is in the pipeline for Android P, Q, and beyond, according to Burke.
“One of the things about Android from the very beginning is that it was very open — and so apps could do anything they wanted,” said Burke. “I think for us, we were a little too open; we weren’t managing the system enough. So we’re slowly trying to take more control and throttle things.”
Background check, for example, is a new feature that restricts how much any app can run in the background, which is a significant power suck.
Google had initially aimed to release Android Oreo today. “The date we’re rolling out is close to what we originally planned. It’s probably a couple of days out. But we’re not way off,” said Burke. The Android O beta testing group will be updated first, and the final build is currently going out for carrier testing.
Android O will be released in stages, depending on carrier and country, and Google has been working with Essential, General Mobile, HMD Global Home of Nokia, Huawei, HTC, Kyocera, LG, Motorola, Samsung, Sharp, and Sony to launch new devices with Android 8.0.
“It’s a huge change for us. We literally spent most of our engineering work on it. It’s one of these things where it’ll pay out in the future, we just have to make a big investment,” said Burke.
Treble, which will ship with Android O, essentially separates the code that’s specific to a specific phone model, and the code that’s specific to Android. That easily-updateable Android layer means that phone makers won’t have to spend as much time or resources making Android updates compatible with their devices, which is a big problem (there are now two billion monthly active devices on the platform) for many non-Google hardware manufacturers who are often slow to ship updates to their users, like Samsung.
Makers of low-cost Android phones, who aren’t typically incentivized to pour engineering energy into a device that can sell for as low as $40, would have the most to gain from Project Treble. Burke said, “What we’re trying to do is reduce that cost, so that if you’re a device maker that wants to do a security update or a full dessert update, we want to make it as effortless as possible.”
But consumers won’t see this impact in O. Treble is laying the foundation for the releases that come after it. In the future, Burke hopes expensive flagship phones, like Samsung’s Galaxy, will see updates closer to Google’s initial announcement (instead of months, or sometimes years, after) and budget phones will actually update to bigger dessert releases at all.
The main challenge in implementing Treble was maintaining performance which, according to Burke, was the reason the team fell “a little bit behind.”
Dave Burke, VP of Engineering at Android
Stephen Lam / Reuters
“We’re actually really proud of what we did because if you have a Pixel 2016 that device has had a huge surgery, and you just don’t notice. It works the same. But it’s profoundly different inside.”
While Android Oreo, in terms of major user-facing improvements, isn’t as spectacular as previous releases, Burke sees the update as a pivotal turning point for Android: “I think of O as pivotal changes for device makers and developers — in terms of what we’re doing with Treble for device makers, and also what we’re doing with Kotlin, which is a new programming language for developers — and sort of linear on user facing features.”
In May, Google announced it will support Kotlin on Android. The programming language has cleaner, less verbose syntax for coding and some enhancements over Java, which is the language most Android developers use to build apps.
Android O features some hints at AI-powered elements, like smart text select, but Burke said that even more is coming this year and in future versions of Android.
“Going forward, you’re going to see a change in the phone getting smarter and just being more intelligent, and so when we look back it’ll be a turning point … if we doing everything right,” he said.
Quelle: <a href="The Next Version Of Android Is Called Android Oreo“>BuzzFeed
The post Cloud as the disruptor for organisational change appeared first on Mirantis | Pure Play Open Cloud.
Cloud and agile are tools used to build a technology business.
There are two things that cloud computing and agile development techniques have in common. First, in order to take advantage of either, the processes that you follow to build new products and define new business markets needs to change. Second, the point at which you start to have an impact on the people in the organization who actually deliver these new products is the point at which you start making those changes — not, as you may think, the point at which you complete the implementation of the new technology.
The reality is that like the changes that came with agile, the changes cloud computing brings can, and likely will, have a wide-reaching and large impact on not just the way work is delivered, but also how it is planned and measured. The traditional top down approach to planning and measuring delivery provides for certainty in the timeline for delivery of work but provides no guarantees as to the quality and completeness of the work. The result is that whilst it gives managers and budget holders a certain amount of peace of mind when it comes to spend, it does nothing to ensure that work delivered is of the highest quality and is actually what is required by the business.
Like cloud computing, the introduction of agile development methodologies in an organization can be very disruptive and cause a lot of growing pains while everyone is ramping up and getting used to the new mechanisms and processes. These mechanisms, contrary to the way they seem, do not require that managers give up their budget controls and deliverables, only that they participate in the process in a more regular and granular way. What’s more, these changes need to happen at all layers of the organization. For example:
Cloud supports rapid deployment and rapid development cycles, as developers are able to quickly and automatically test applications. This reduces the time needed to find bugs and to fix them, enabling them to deploy more often, and with better results.
Hardware agnostic or reduced dependence on specific hardware means greater choice in hardware vendors, as well as the ability to move workloads across regions to maximize performance or minimize cost.
Cloud architectures enable you to move services closer to the consumer, reducing latency and better distributing the load throughout the network.
Cloud native architectures drive cost reduction through standardization and better utilization of available resources. Additionally, the provide the opportunity to manage greater numbers of servers with fewer people.
Cloud can remove many traditional bottlenecks enabling service pivoting. This is important, because the quicker we can grow, adapt or change a service to meet consumer needs, the more uptake that service will get.
Support for automation helps drive down development cost and enables rapid deployment and a host of other advantages.
Cloud enables better resource utilization; sharing resources allows for costs to be distributed, and can reduce the impact of maintaining legacy equipment.
Democratizing access to resources, as cloud computing does, supports faster application development and reduces lag in go to market strategies.
Cloud based applications can be provided to a wider audience, as they typically don’t need client applications.
Cloud provides better uptime due to more resilient design strategies, as well as far more rapid recovery through automation. This also provides support for self healing through automation and the ability to redirect traffic and service automatically.
To reiterate, the change wrought on business by cloud is not only in the change of technologies, but primarily on the people and process within the organisation. When embraced, these changes can help a company be better able to deliver its products and take advantage of newer and possibly more efficient ways of working at all levels. These process, if implemented effectively, will also drive in a more collaborative approach to developing products and tools, breaking down the traditional silos between business and IT.
The post Cloud as the disruptor for organisational change appeared first on Mirantis | Pure Play Open Cloud.
Quelle: Mirantis
