Google: Pixel Drop bringt Betrugserkennung nach Deutschland
Google bringt neue Funktionen für seine Pixel-Smartphones. Neu ist unter anderem eine Betrugserkennung beim Telefonieren. (Google Pixel, Smartphone)
Quelle: Golem
Announcing Docker Hardened System Packages
Your Package Manager, Now with a Security Upgrade
Last December, we made Docker Hardened Images (DHI) free because we believe secure, minimal, production-ready images should be the default. Every developer deserves strong security at no cost. It should not be complicated or locked behind a paywall.
From the start, flexibility mattered just as much as security. Unlike opaque, proprietary hardened alternatives, DHI is built on trusted open source foundations like Alpine and Debian. That gives teams true multi-distro flexibility without forcing change. If you run Alpine, stay on Alpine. If Debian is your standard, keep it. DHI strengthens what you already use. It does not require you to replace it.
Today, we are extending that philosophy beyond images.
With Docker Hardened System Packages, we’re driving security deeper into the stack. Every package is built on the same secure supply chain foundation: source-built and patched by Docker, cryptographically attested, and backed by an SLA.
The best part? Multi-distro support by design.
The result is consistent, end-to-end hardening across environments with the production-grade reliability teams expect.
Since introducing DHI Community (our OSS tier), interest has surged. The DHI catalog has expanded from more than 1,000 to over 2,000 hardened container images. Its openness and ability to meet teams where they are have accelerated adoption across the ecosystem. Companies of all sizes, along with a growing number of open source projects, are making DHI their standard for secure containers.
Just consider this short selection of examples:
n8n.io has moved its production infrastructure to DHI, they share why and how in this recent webinar
Medplum, an open-source electronic health records platform (managing data of 20+ million patients) has now standardized to DHI
Adobe uses DHI because of great alignment with its security posture and developer tooling compatibility
Attentive co-authored this e-book with Docker on helping others move from POC to production with DHI
Docker Hardened System Packages: Going deeper into the container
From day one, Docker has built and secured the most critical operating system packages to deliver on our CVE remediation commitments. That’s how we continuously maintain near-zero CVEs in DHI images. At the same time, we recognize that many teams extend our minimal base images with additional upstream packages to meet their specific requirements. To support that reality, we are expanding our catalog with more than 8,000 hardened Alpine packages, with Debian coverage coming soon.
This expansion gives teams greater flexibility without weakening their security posture. You can start with a DHI base image and tailor it to your needs while maintaining the same hardened supply chain guarantees. There is no need to switch distros to get continuous patching, verified builds through a SLSA Build Level 3 pipeline, and enterprise-grade assurances. Your teams can continue working with the Alpine and Debian environments they know, now backed by Docker’s secure build system from base image to system package.
Why this matters for your security posture:
Complete provenance chain. Every package is built from source by Docker, attested, and cryptographically signed. From base image to final container, your provenance stays intact.
Faster vulnerability remediation. When a vulnerability is identified, we patch it at the package level and publish it to the catalog. Not image by image. That means fixes move faster and remediation scales across your entire container fleet.
Extending the near-zero CVE guarantee. DHI images maintain near-zero. Hardened System Packages extend that guarantee more broadly across the software ecosystem, covering packages you add during customization.
Use hardened packages with your containers. DHI Enterprise customers get access to the secure packages repository, making it possible to use Hardened System Packages beyond DHI images. Integrate them into your own pipelines and across Alpine and Debian workloads throughout your environment.
The work we’re doing on our users’ behalf: Maintaining thousands of packages is continuous work. We monitor upstream projects, backport patches, test compatibility, rebuild when dependencies change, and generate attestations for every release. Alpine alone accounts for more than 8,000 packages today, soon approaching 10,000, with Debian next.
Making enterprise-grade security even more accessible
We’re also simplifying how teams access DHI. The full catalog of thousands of open-source images under Apache 2.0 now has a new name: DHI Community. There are no licensing changes, this is just a name change, so all of that free goodness has an easy name to refer to.
For teams that need SLA-backed CVE remediation and customization capabilities at a more accessible price point, we’re announcing a new pricing tier today, DHI Select. This new tier brings enterprise-grade security at a price of $5,000 per repo.
For organizations with more demanding requirements, including unlimited customizations, access to the Hardened System Packages repo, and extended lifecycle coverage for up to five years after upstream EOL, DHI Enterprise and the DHI Extended Lifecycle Support add-on remain available.
More options means more teams can adopt the right level of security for where they are today.
Build with the standard that’s redefining container security
Docker’s momentum in securing the software supply chain is accelerating. We’re bringing security to more layers of the stack, making it easier for teams to build securely by default, for open source-based containers as well as your company’s internally-developed software. We’re also pushing toward a one-day (or shorter) timeline for critical CVE fixes. Each step builds on the last, moving us closer to end-to-end supply chain security for all of your critical applications.
Get started:
Join the n8n webinar to see how they’re running production workloads on DHI
Start your free trial and get access to the full DHI catalog, now with Docker Hardened System Packages
Quelle: https://blog.docker.com/feed/
AWS Elemental MediaLive Now Supports SRT Listener Mode
AWS Elemental MediaLive now supports Secure Reliable Transport (SRT) Listener mode for both inputs and outputs. With SRT Listener mode, MediaLive waits for connections rather than initiating them. Upstream sources push live video directly to MediaLive, and downstream systems pull encoded streams on demand. This simplifies network setup by removing the need for complex firewall configurations or static, publicly accessible IP addresses on the source or destination side. SRT Listener mode complements MediaLive’s existing SRT Caller mode, giving you full control over which side of the connection initiates the SRT handshake.
SRT Listener mode enables flexible contribution and distribution workflows. On the input side, you can push streams from on-premises encoders or remote production sites, including MediaLive Anywhere deployments, directly to MediaLive in the cloud without coordinating firewall changes with your network team. On the output side, downstream distribution partners can connect to MediaLive and pull encoded streams when ready, without requiring MediaLive to initiate outbound connections. Both SRT Listener inputs and outputs support configurable latency settings and mandatory AES encryption to help ensure content security.
SRT Listener mode is available in all AWS Regions where AWS Elemental MediaLive is offered. To get started, see Setting up an SRT Listener input and Creating SRT outputs in listener mode in the AWS Elemental MediaLive User Guide.
Quelle: aws.amazon.com
Anzeige: Schnäppchen-ANC-Kopfhörer unter 30 Euro
Mit dem Soundcore by Anker Q20i jetzt für nur 29,99 Euro bei Amazon. Nie war Geräuschunterdrückung so günstig. Angebot endet am 16. März! (ANC, Amazon)
Quelle: Golem
Anzeige: Endgeräteverwaltung mit Microsoft Intune
Mobile Device Management mit Microsoft Intune schafft zentrale Kontrolle über Endgeräte und Richtlinien in heterogenen Umgebungen. (Golem Karrierewelt, Betriebssysteme)
Quelle: Golem
Europaparlament: Innenausschuss stimmt gegen freiwillige Chatkontrolle
Überraschende Abstimmung im Europaparlament: Die Verlängerung der freiwilligen Chatkontrolle wird abgelehnt. Nun muss das Plenum entscheiden. (Chatkontrolle, Instant Messenger)
Quelle: Golem
Bildschirm: Apple löst das Pro Display XDR ab
Apple stellt mit dem Studio Display XDR einen neu entwickelten Profi-Monitor vor – und schickt das Pro Display XDR in Rente. (Apple, Display)
Quelle: Golem
Anzeige: Pink Floyds Wish You Were Here auf Vinyl Deluxe im Preisfall
Deutlich günstiger als üblicherweise gibt es bei Amazon Wish You Were Here von Pink Floyd als Vinyl Deluxe zum 50. Jubiläum. (Unterhaltung & Hobby)
Quelle: Golem
AWS Batch now supports configurable scale down delay
AWS Batch now allows you to configure a scale down delay for managed compute environments, helping reduce job processing delays for intermittent and periodic workloads. With the new minScaleDownDelayMinutes parameter, you can specify how long AWS Batch keeps instances running after their jobs complete (from 20 minutes to 1 week), preventing unnecessary instance terminations and relaunches that can delay subsequent job processing. You can configure the scale down delay when creating or updating a compute environment via the AWS Batch API (CreateComputeEnvironment or UpdateComputeEnvironment) or the AWS Batch Management Console. The delay is applied at the instance level, based on when each instance last completed a job. Scale down delay is supported today in all AWS Regions where AWS Batch is available. For more information, see the AWS Batch API Guide.
Quelle: aws.amazon.com
Tötung des Anführers: Wie Israel Chamenei jahrelang verfolgt hat
Gehackte Verkehrskameras, Handynetze und ein CIA-Informant vor Ort: Die Tötung von Ali Chamenei ist das Ergebnis einer jahrelangen Geheimdienstoperation gewesen. (Überwachung, Server)
Quelle: Golem
