Welcome to cron.weekly issue #97 for Sunday, September 10th, 2017.

Last week was an interesting issue, in the time between me writing and sending the newsletter, one of the featured projects got deprecated . On top of that, it looks like my URL manipulations caused one webserver to throw errors instead of the page I wanted . Ah well, lessons learned!

Meanwhile, major open source projects have been holding of on releasing new major versions for the beginning of September it seems! Many new releases in this issue, which makes it a pretty big one.

Happy reading!

News#

Kernel 4.13 is released #

Quite a few new security improvements in this release, better huge-page swapping & better handling of asynchronous I/O , TLS support directly in the kernel & many more improvements landed in this release.

New 4.14 Kernel = new LTS release #

If everything goes according to plan, the next 4.14 kernel is going to be the new LTS release, receiving up to 2 years of support & patches.

TLS in the Linux Kernel #

This is the very technical explanation of how the 4.13 kernel uses TLS directly in the kernel. An alternative read would be Filippo Valsorda’s, where he looks at the kernel patch & how it fits in with Go’s TLS implementation .

The Sizzle #

Struggling to keep up with the flow of tech news? Need to improve your signal to noise ratio? One email a day, five must read tech news stories, sent in time for your commute home. Stay in the loop without burning all your free time. Read the first two weeks for free.  (Sponsored)

IPv10 #

IP version 10 (IPv10) is a new version of the Internet Protocol, designed to allow IPv6 [RFC-2460 ] to communicate to IPv4 [RFC-791 ] and vice versa.

Oracle fires everyone on Solaris, SPARC teams #

This is essentially the end of the Solaris distribution.

The two metrics that matter for host security #

This is an interesting approach to looking at the security or state of your systems: monitoring reverse uptime and golden image freshness.

CAA record checking now mandatory for Certificate Authorities #

As of this month, every Certificate Authority has to check for CAA DNS records before it issues a new certificate. If you haven’t already, it’s a great way to better protect your domain(s) from getting unwanted certificates.

Why open source success is increasingly dependent on corporate cash #

More and more of the strong, successful open source projects, are relying on money from either investments (see previous cron.weekly’s, plenty of seed rounds & venture capital) or from major companies behind the project, deciding to open source it.

Greg Kroah-Hartman: The Commander-in-Chief of the Linux Stable Branch #

In this interview, Greg Kroah-Hartman – who’s responsible for the Linux releases making it out the door – shares his background & history with Linux and how he came to join the Linux Foundation.

Tools & Projects#

Get full-stack observability with Datadog #

Go from a global view of your infrastructure to inspecting an individual request trace, all in one developer-friendly platform. Start a free 14-day trial . (Sponsored)

zzupdate #

A simple command to fully update an Ubuntu PC/server via apt. Mostly hands-off and unattended.

LLVM 5.0 #

This new release adds support for C++17, co-routines, improved optimizations, new compiler warnings, many bug fixes.

keyexec #

Collection of Scripts to Automatically Unlock LUKS Devices on kexec Reboot. (kexec is a method to reload to a new kernel faster, without a full system reboot .)

Yarn 1.0 #

The Yarn JavaScript package manager reaches its first stable release. It’s main focus at first was to be much faster than npm, the native/official package manager, but has since grown to support lots of new features like version locking etc.

Vagrant 2.0 #

Who hasn’t used Vagrant by now? Vagrant is a tool for building and distributing development environments, the 2.0 version includes support for provisioning on VirtualBox, VMware, Hyper-V, Docker, AWS, GCP. It can virtualize Linux, Windows & Mac.

Ansible “tower” AWX #

Ansible Tower is now open source and the project is called “AWX”. Jeff Geerling wrote up more details & how to get started with AWX on his blog .

Nginx Unit #

Nginx has always been a powerful webserver & proxy, but it could never run your application code (Go/Java/PHP/…) directly. With Nginx Unit, it now can. It’s a new application server that can run your code, across multiple versions. It’s better explained in the Nginx Application Platform blogpost .

fbctf #

The Facebook CTF is a platform to host Jeopardy and “King of the Hill” style Capture the Flag competitions. In short, it’s a game to test your hacking & infosec skills.

Raddit #

Now that Reddit decided to close its source code, Raddit is a new Reddit-like clone that’s fully open sourced.

HTTrack #

Judging by the website, you’d think this project hasn’t been updated in 10 years, but it’s still in active development. HTTrack is an “offline website browser” and allows you to copy a website locally, crawling all pages.

container-diff #

container-diff is an image analysis command line tool. container-diff can analyze images along several different criteria, currently including Docker Image History, file system, apt-get + pip installed packages & more.

Guides & Tutorials#

Jenkins vs. GoCD #

GoCD or Jenkins? In this blog, we compare GoCD with Jenkins on philosophy, getting started, continuous delivery, and plugins. Understand more about how these CI/CD tools fit your needs . (Sponsored)

Solaris to Linux Migration 2017 #

A very good guide on what you’d need to migrate from Solaris to Linux, not only the actual data migration, but how to transfer your skillset from Solaris to modern Linux.

Rosetta Stone for Unix #

This is a giant matrix of comparisons between different Unix flavors (AIX, BSD, Linux, …) comparing terminology, tools, methods, …  Looks like a good place to fallback to if you’re ever switching from one Unix kind to another.

Optimizing web servers for high throughput and low latency #

Dropbox has some experience with operating at scale, so when they write up guides, I read them. In this one, they look at everything that makes up a webserver; from the hardware to the network & software.

How to set up an Nginx HTTPS website with an ECDSA certificate #

Another set of practical commands to get the latest ECDSA certificates with your Nginx installation.

Bash Scripts Quickstart Guide #

This is a list of some of the most often used bash features and constructs.

Why favor PostgreSQL over MariaDB / MySQL #

A really technical in-depth look at PostgreSQL vs. MySQL to try and persuade you to switch to Postgres.

Time for Makefiles to Make a Comeback #

Every week it seems a new “task runner” is open sourced and announced, adding another layer of complexity to development. This post looks at using Makefiles instead of over-engineered tools to accomplish the same thing, but simpler.

Ask cron.weekly!#

It’s been a bit quiet on the forum in the last few weeks, but that’s OK. It doesn’t need to be the most active forum, but it’s a good last resort to ask questions if you’re stuk elsewhere. After all, if cron.weekly readers don’t know the answer, you’re doomed – right? 😉

What file storage technology/system to use when accessing files remotely? #

Are you looking at SAMBA or web-based tools like Owncloud?

Videos#

SHA2017 #

All videos from this hacker camp, held a few months ago, are now available. Ranging from hardware hacking to security info & plenty of open source tools.