Anita Sengupta discusses the future of transportation with an eye towards how machine learning and AI will help shape the future.

In competing visions of the future of Kubernetes, Paul Czarkowski, principal technologist at Pivotal, predicts that VMs will replace containers, and Joe Fernandes, a VP at Red Hat, considers that VMs usage is evolving for Kubernetes rather than replacing containers. In addition, Chris Short, Red Hat's principal product marketing manager, said that Kubernetes is close to replacing the hypervisor.

Vehicles collect a lot of unusual data. But who owns it?

TL;DR: containers are not VMs; stop calling everything "Docker"; don't use Kubernetes for tiny projects, use Swarm instead; Kubernetes will only solve your org's problems if you are willing to go all-in, anything in between will fail the same way it failed before.

Today, Cisco is taking a big step towards empowering developers with more comprehensive and practical tools for building conversational applications by open-sourcing the MindMeld Conversational AI Platform.

Why a Traffic Flow Suddenly Turns Into a Traffic Jam: Those aggravating slowdowns aren’t one driver’s fault. They’re everybody’s fault.

Halbjahresbericht der Melde- und Analysestelle Informationssicherung

When it’s time to package up your Python application into a Docker image, the natural thing to do is search the web for some examples. And a quick search will provide you with plenty of simple, easy examples. Unfortunately, these simple, easy examples are often broken in a variety of ways, some obvious, some less so.

Öffentliche Daten nützen, private Daten schützen! 👍🏻

Es ist wichtig, wieder mehr über Programme nachzudenken, die nicht von großen Konzernen lizenziert werden – und damit Teil von Machtpolitik werden können. Gerade in Europa.

Red Balloon Security, Inc. is disclosing two vulnerabilities affecting the products of Cisco Systems, Inc. (“Cisco”). The first, known as 😾😾😾, allows an attacker to fully bypass Cisco’s Trust Anchor module (TAm) via Field Programmable Gate Array (FPGA) bitstream manipulation. The second is a remote command injection vulnerability against Cisco IOS XE version 16 that allows remote code execution as root. By chaining the 😾😾😾 and remote command injection vulnerabilities, an attacker can remotely and persistently bypass Cisco’s secure boot mechanism and lock out all future software updates to the TAm.

Red Hat Enterprise Linux 8 now generally available.

The basic premise of this attack is that FollowSymlinkInScope suffers
from a fairly fundamental TOCTOU attack. The purpose of
FollowSymlinkInScope is to take a given path and safely resolve it as
though the process was inside the container. After the full path has
been resolved, the resolved path is passed around a bit and then
operated on a bit later (in the case of 'docker cp' it is opened when
creating the archive that is streamed to the client). If an attacker can
add a symlink component to the path after the resolution but before
it is operated on, then you could end up resolving the symlink path
component on the host as root. In the case of 'docker cp' this gives you
read and write access to any path on the host.

After Meltdown, Spectre, and Foreshadow, we discovered more critical vulnerabilities in modern processors. The ZombieLoad attack allows stealing sensitive data and keys while the computer accesses them.

Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the root user.

This unit is an alphanumeric character generator which produces deflection and banking signals to trace out a display on an oscilloscope screen. The display produced consists of 128 programmable characters arranged in 8 rows of 16. The complete character set is comprised of the numbers 0 through 9 and the letters a through f, giving a total of 16 unique characters in addition to a blank space. The unit is therefore suitable for the display of computer data in hexadecimal format.