Category Archives: Cloud Hosting
Global Bare Metal Cloud Market Is Set For A Rapid Growth And Is Expected To Reach Around $14.32 Billion Globally By 2024 | Exclusive Report by…
GET SAMPLE REPORTBUY COMPLETE REPORT
Esticast Research has published a new report titledBare Metal Cloud Market: by Component (Solutions and Services [Integration & Migration, Consulting & Assessment, and Maintenance Services]), by End-User (Advertising, BFSI, Government, Healthcare, Manufacturing, Telecommunication & IT, and Others): Global Industry Perspective, Comprehensive Analysis, and Forecast, 2017-2024.According to the report, Bare Metal Cloud Market Is Set For A Rapid Growth And Is Expected To Reach Around USD 14.32 Billion Globally By 2024.
The top Leading Market Players Covered in this Report are :IBM Corp., Oracle Corporation, Centurylink Incorporation, Rackspace Hosting Incorporation, Internap Corporation, Packet, Joyent Inc., BIGSTEP, Scaleway, and Liquid Web Inc. among others.
Download Free PDF Sample Reportwith Complete TOC and Figures & Graphs (withcovid 19Impact Analysis):https://www.esticastresearch.com/request-for-sample/?utm_source=PR&utm_medium=Bare-Metal-Cloud-Market
Bare Metal Cloud Market analysis report is the representation of strategic research methodologies and market tactics. In order to fuel the business growth, knowing future scenario of the market and product sale is important and market research is the best way of obtaining forecasting of entire market scenario. Marketing strategy is also covered here to divide the market into different segments and target customers. Customers demands are also depicted in this Bare Metal Cloud Market report to aware industries and increase the productivity rate of products and services. It segments the market into different categories such as behavioral segmentations and demographic segmentation for the key regions such as North America, Europe, Middle East, Africa, Asia Pacific and Latin America..
Segments:
The primary market segments and their sub-segments covered in this study provide information on the overall business climate. The categories in this research are built by analyzing supply and demand scenario that provides a thorough view of the market. The segment study provides a detailed view of the fastest-growing market sector as well as the factors influencing the fast/slow growth of the other segments. This section includes a comprehensive market share and revenue analysis.
Geography
Esticast Research most recent market report is divided into North America, Europe, Asia Pacific, Latin America, and the Middle East & Africa. The report includes thorough financials for every region based on its segments. In addition, detailed revenue and market share analysis is given for major countries within every region.
GetExclusive Discount on this report: https://www.esticastresearch.com/inquiry-before-buying/?utm_source=PR&utm_medium=Bare-Metal-Cloud-Market
In order to perform significant actions to lead business towards successful path, it is important to obtain all the market growth related data and nothing is better than referring Bare Metal Cloud Market survey report. It covers current market scenario and forecasting of upcoming market scenario for the period 2022-2028. This Bare Metal Cloud Market survey report signifies how trends will affect the entire business development and growth. It further makes available some profit making business opportunities to make the most out of it. It further does the key observation of the framework of the market within economy. Market trade statistics, key players, their adopted strategies, market share, leading suppliers, trade statistics and trend analysis are some of the key factors provided in this Bare Metal Cloud Market survey report to help business participants in making their business gainful and obtain best investment options.
Exact details regarding market performance is also provided in the Bare Metal Cloud Market analysis along with complete overview on competitive landscape, pricing structure, trend convergence, digital transformation, sales effectiveness, latest innovations, customer buying nature and pricing analysis. All these factors greatly contribute in enhancing the business growth and knowing the market performance. It becomes easy for central participants to track the business performance regularly with the help of this Bare Metal Cloud Market survey report. It talks about successful market strategies implemented by company players such as mergers, acquisitions, collaborations and novel item releases. It further aims at looking over all the compelling viewpoints from different major players, manufacturers to end buyer. Annual revenue, industry growth factors and market tactics are some of the significant factors covered in the Bare Metal Cloud Market research report. It also covers all the latest data regarding CORONA-19 virus effects on world economy. It further helps industry players to survive in the competitive market.
What Does This Report Provide?
This report provides a detailed understanding of the global Bare Metal Cloud Market from qualitative and quantitative perspectives during the forecast period. The major market drivers, challenges, and opportunities for the global Bare Metal Cloud Market have been covered in the report. This report further includes the market shares of the leading companies operating in the global market, along with their production capacities and the growth strategies adopted by them.
Inquiry Before Buying https://www.esticastresearch.com/get-discount/?utm_source=PR&utm_medium=Bare-Metal-Cloud-Market
Objectives of this Report:
Key Questioned Answered in the Report:
Customization of the market analysis:
You can buy the complete report@https://www.esticastresearch.com/cart-share/nFzkB/?utm_source=PR&utm_medium=Bare-Metal-Cloud-Market
Report includes Competitors Landscape:
Major trends and growth projections by region and countryKey winning strategies followed by the competitorsWho are the key competitors in this industry?What shall be the potential of this industry over the forecast tenure?What are the factors propelling the demand for theBare Metal Cloud Market ?What are the opportunities that shall aid in significant proliferation of the market growth?What are the regional and country wise regulations that shall either hamper or boost the demand for Bare Metal Cloud Market?How has the covid-19 impacted the growth of the market?Has the supply chain disruption caused changes in the entire value chain?
About Esticast Research:
Esticast Researchis a research firm providing research reports on various industries with a unique combination of authenticity, extensive research, and infallibility. We provide syndicated market research reports, customization services, and consulting services to help businesses across the world in achieving their goals and overcoming complex challenges. We specialize in providing 360-degree view of the markets to assist clients in determining new opportunities and develop business strategies for the future with data and statistics on changing market dynamics. Esticast Research & Consulting has expert analysts and consultants with an ability to work in collaboration with clients to meet their business needs and give opportunities to thrive in a competitive world. A comprehensive analysis of industries ranging from healthcare to consumer goods and ICT to BFSI is provided by covering hundreds of industry segments. The research reports offering market forecasts, market entry strategies, and customer intelligence will help clients across the world in harnessing maximum value on their investment and realize their optimum potential.
Contact:
Mr. Ashish GedamkarEsticast Research & Consulting LLP.Office No.407, Navale Icon IT ParkNarhe,Pune 411041USA:+1-213-262-0704APAC:+91-959-503-5024Email:sales@esticastresearch.comVisit Our Web Site:https://www.esticastresearch.com/
Tesla to disable ‘self-driving’ feature that allowed vehicles to roll past stop signs at junctions – The Register
Tesla will switch off a feature in its Full Self-Driving software, present in more than 50,000 vehicles in the US, that allowed the cars and SUVs to roll past stop signs at junctions without coming to a halt.
Aerial view of an all-way stop
According to recall documents on America's National Highway Traffic Safety Administration's website [PDF], Tesla has agreed to disable the feature via an over-the-air (OTA) software update. It is expected to begin deploying the update to affected vehicles in the next week or so.
It appears Tesla's Full Self-Driving (Beta) software included a feature that emulates driver behavior found to be common in some places in the US, but which is also against the law in most if not all states.
This is the practice of slowing to a crawl at a junction, and not actually coming to a complete halt. Instead, the driver is able to pick up speed again if the way is clear.
However, the NHTSA has taken the view that failing to halt for a stop sign at junctions could increase the risk of a crash, and sought meetings with Tesla to get it to change this feature. According to the documents, this covers the 2016-2022 Model S and Model X, 2017-2022 Model 3, and 2020-2022 Model Y vehicles.
The Associated Press reports that Selected Tesla drivers are effectively being allowed to beta test the Full Self-Driving software on public roads, as long as the owner enables the function.
Once enabled, the Tesla would be able to go through an all-way stop junction without coming to a complete halt. It would have to be traveling below 5.6 MPH (9 KPH) while approaching the junction, so long as no moving cars, pedestrians or bicyclists are detected nearby.
The incident is just the latest in the long-running saga of Tesla and its driver assistance software support. Last month, a Tesla driver was charged with vehicular manslaughter after a crash in Los Angeles in which the vehicle's Autopilot mode was engaged.
Last year, five police officers filed a lawsuit against Tesla after a Model X ploughed into two parked police cars in Texas, and Tesla was forced to pull the Full Self-Driving software from vehicles that were testing it after a number of issues were found.
Tesla has previously insisted that its vehicles are not capable of fully autonomous driving: "The currently enabled Autopilot and Full Self-Driving features require active driver supervision and do not make the vehicle autonomous."
The rest is here:
Tesla to disable 'self-driving' feature that allowed vehicles to roll past stop signs at junctions - The Register
Citrix acquired by private equity, will be paired with Tibco in $16.5bn deal – The Register
Citrix is to be acquired by Vista Equity Partners and Evergreen Coast Capital in a deal worth $16.5bn. The move will see Citrix taken into private ownership and combined with Tibco, another firm already in Vista's portfolio.
Under the terms of the agreement announced today, Citrix shareholders will receive $104 per share, a price which represents a premium of 24 per cent over the over the closing price on December 20, the last trading day before rumours began to leak regarding a potential takeover.
Citrix also put out its financial results for the fourth quarter of its fiscal year 2021 today, reporting revenue of $851m compared to $810m for the same quarter in 2020, representing 5 per cent growth.
Citrix is one of the veterans of the IT industry, pioneering remote desktop access for applications hosted on Windows server in the 1990s, before expanding into other areas of the application delivery stack.
Vista and Evergreen have stated their intention to combine Citrix with Tibco Software, a business intelligence and enterprise data management firm, one of Vista's portfolio companies. However, Citrix will continue to operate under the Citrix name and brand.
Post-acquisition, the pair will be positioned to provide "complete, secure and optimised infrastructure for enterprise application and desktop delivery and data management to advance hybrid cloud IT strategies and meet the needs of the modern enterprise," according to a statement by the companies.
The interim CEO for Citrix Bob Calderoni claimed that as a private company, it will have increased financial and strategic flexibility to invest in high-growth opportunities such as desktop-as-a-service (DaaS) and accelerate its ongoing cloud transition.
"Together with Tibco, we will be able to operate with greater scale and provide a larger customer base with a broader range of solutions to accelerate their digital transformations and enable them to deliver the future of hybrid work," he said.
Calderoni has been interim CEO since October last year, when the previous incumbent David Henshall suddenly stepped aside from the role.
Tibco CEO Dan Streetman said that: "There has never been a better time to be in the business of connected intelligent analytics," and added that his firm was "thrilled to bring our industry-leading solutions to Citrixs global customers."
Detailing the reasons for the acquisition, Vista managing director John Stalder explained that Citrix and Tibco provided mission-critical software and services to many the world's most successful businesses, and he saw value in combining their respective portfolios.
This time last year, Citrix bought Wrike, a project management and team-based collaboration tool, for $2.25bn. Vista was the seller in that deal.
"Both businesses have now completed transitions to approximately 90 percent recurring revenue, poising the go-forward combined business to drive future growth," Stalder purred.
The transaction has apparently been unanimously approved by members of the Citrix board of directors, and is expected to close mid-year.
Read the rest here:
Citrix acquired by private equity, will be paired with Tibco in $16.5bn deal - The Register
US House passes bill to boost chip manufacturing and R&D – The Register
On Friday the US House of Representatives passed a bill that will to equip America to boost semiconductor production and lift its economy to better compete better with China.
The law bill, called America Competes Act of 2022, includes $52bn in funding to help semiconductor companies build new factories, and to fund research and development.
The draft legislation also earmarks $45bn in funding to boost the supply chain and alleviate problems related to chip shortages, which have hit key sectors, such as consumer electronics and automotive.
The next step is reconciliation with the US Senate's version of the bill, the US Innovation and Competition Act, which passed in last June, before final passage.
In a statement on Friday, US President Joe Biden said, "I look forward to the House and Senate quickly coming together to find a path forward and putting a bill on my desk as soon as possible for my signature. America cant afford to wait."
Biden had been urging the House to pass the bill, last week saying that it will bring manufacturing jobs back the US, and ease semiconductor supply chain bottlenecks, and "create good-paying jobs for all Americans."
But the House passage of the America Competes Act was a one-sided affair with the vote split 222-210 along party lines, with support from Democrats, and Republicans opposing it.
Chip makers, especially Intel and Samsung, have been vocal about quick passage and reconciliation of the House and Senate bills. Both the companies are building new factories Intel is spending $20bn for fabs in Ohio, and Samsung $17bn in Texas and see the semiconductor funding as incentivizing their investments.
In a tweet on Friday, Intel CEO Pat Gelsinger lauded progression of the act. In an earnings call last week, Gelsinger said he had spoken at length on the topic with House Speaker Nancy Pelosi (D-CA) ahead of the floor debate, adding, "I'd say everybody is now more optimistic on this coming across the line in the near future."
In a tweet on Friday, Pelosi said the act "helps to address supply chain disruptions while creating good-paying union jobs for American families with $52bn in investments in facilities and equipment to produce American-made semiconductor chips."
House Minority Leader Kevin McCarthy (R-CA) earlier this week criticized the bill as not being tough enough on China, bringing up that the Middle Kingdom was where COVID-19 originated, and that throwing billions of dollars at the chip world would negatively impact the US economy and further raise prices of products.
But the semiconductor industry is happy.
We urge leaders in the House and Senate to work together promptly on a bipartisan, bicameral competitiveness bill ... that can be passed by both chambers and signed into law by the president. Getting this legislation across the finish line will help strengthen US chip production and innovation for many years to come, said John Neuffer, president and CEO of chip consortium Semiconductor Industry Association, in a statement.
The United States today has only a 12 per cent share of the global semiconductor manufacturing capacity, decreasing from 37 per cent in 1990, largely due to substantial government incentives, according to SIA. US investment in semiconductor research has been flat as a share of GDP, while other countries have boosted research initiatives to strengthen semiconductor capabilities.
The bill ensures access of grants for equipment and materials suppliers, which will strengthen the semiconductor supply chain in the US and attract new manufacturing facilities, said Ajit Manocha, president and CEO of SEMI, in a statement to The Register. SEMI represents semiconductor organizations worldwide.
"The bill will also bolster workforce development programs, helping to equip workers with the skills needed in todays semiconductor industry. We look forward to working with Congress and the Biden Administration to enact this funding into law, Manocha said.
See more here:
US House passes bill to boost chip manufacturing and R&D - The Register
Worried about occasional npm malware scares? It’s more common than you may think – The Register
Malware gets spotted in GitHub's npm registry every few months, elevating concerns about the software supply chain until attention gets diverted and worries recede until the next fire drill.
Incidents like the sudden removal of left-pad from npm in 2016 or the subversion of faker.js and colors.js last month get noticed, but much of the mischief on npm flies under the radar.
WhiteSource, a security firm based in Israel, says that in 2021, it detected 1,300 malicious npm packages. It reported them to npm, which subsequently removed the malware without fanfare.
The npm registry is an online repository for distributing code packages that provide ready-made functions to developers using JavaScript and related languages. Because npm is open to anyone, and allows code uploads without rigorous review, malicious code shows up from time to time and those overseeing the registry are then obligated to make some effort to remove the code and minimize the damage.
The potential for damage is significant because npm packages often include other packages as dependencies, so a given app may have several layers of potential attack surface. As one 2019 study [PDF] found, "Installing an average npm package introduces an implicit trust on 79 third-party packages and 39 maintainers."
The situation is similar though less extreme at package registries for other languages like the Python Package Index (PyPI), RubyGems.org, and the Comprehensive Perl Archive Network (CPAN).
The npm registry is larger than its peers, with 1.8 million packages, each of which has an average of about 12 different versions. The closest contender is Java's Maven Central, with about 457,000 packages at the moment.
WhiteSource, in a report titled "Popular Javascript Package Registry Is a Playground For Malicious Actors," summarizes what it found in the 1,300 malicious packages spotted last year by company researchers.
The npm registry receives some 17,000 new packages daily or 6.2 million over the course of a year. And while finding 1,300 bad apples among the new and the preexisting packages during that time period shows that poisoned packages are rather rare overall, there's still reason to be concerned given the consequences of being victimized.
"A worrying fact is that almost 14 per cent of all the packages detected were designed to steal sensitive information like credentials and other data present in environment variables," the WhiteSource report says.
Most of the malware detected (~82 per cent) is designed for reconnaissance gathering information that may be useful for targeting future attacks. Just over 2 per cent of the malware was crafted for remote code execution.
The company notes that while most of the malicious packages detected have no specific target, some, like @grubhubprod/cookbook, clearly have a specific victim in mind.
"This package and a couple of similar ones were used in an attempt to get into the company, Grubhub," the report says. "The probable vector of this attack was the dependency confusion approach. Upon installation of this package, it would intercept all available environment variables data and send it to a remote location."
The company makes a number of recommendations, which largely boil down to not trusting packages blindly, paying attention to changes, and generally taking reasonable precautions. And if history is any guide, these will largely be ignored.
The npm registry, however, looks likely to avoid the risk of noncompliance by making security a requirement, at least in the context of login authentication. On Tuesday, Myles Borins, staff product manager for open source at GitHub, announced mandatory use of two-factor authentication (2FA) for the maintainers of the top 100 npm packages, as measured by dependents. Obligatory 2FA will eventually be required for all those publishing packages via npm.
GitHub is also working on implementing WebAuthn for hardware security keys; both of these initiatives make it less likely that miscreants will be able to hijack the accounts of those maintaining popular packages in order to push poisoned updates to a mass audience.
"We are committed to improving the security of the JavaScript and broader open source supply chain," explained Borins. "As we make progress on larger initiatives like WebAuth and enrolling all high-impact package maintainers in 2FA, we will continue to make smaller iterative improvements in the registry."
More here:
Worried about occasional npm malware scares? It's more common than you may think - The Register
America’s EARN IT Act attacking Section 230 is back and once again threatening the internet, critics say – The Register
The EARN IT Act, a legislative bill intended "to encourage the tech industry to take online child sexual exploitation seriously" has been revived in the US Senate after it died in committee back in 2020.
And advocacy groups have once again decried the bill for threatening free speech and access to encryption, and for imperiling the liability protection that allows online service providers to host third-party content. In other words, the bill's reception has been much the same as it was two years ago.
US Senators Lindsey Graham (R-SC) and Richard Blumenthal (D-CT) on Tuesday reintroduced the bill [PDF] claiming that online service providers are disinterested in keeping child sexual abuse material (CSAM) off their platforms.
"Tech companies have long had ready access to low-cost, or even free tools to combat the scourge of child sexual abuse material but have failed to act," said Blumenthal in a statement. "Millions of these horrifying images go unidentified and unreported by the tech platforms that host them because there are so few consequences when these companies look the other way. That ends with the EARN IT Act."
The EARN IT ACT, which stands for Eliminating Abusive and Rampant Neglect of Interactive Technologies Act, removes the liability protection afforded to internet services under Section 230 of the Communications Decency Act in the context of CSAM.
Section 230 largely protects online service providers from being held responsible for what their users do; removing protection where CSAM is involved would open service providers to costly litigation and liability for failing to police their customers.
The bill also creates a government panel responsible for developing best practices for content policing, though these would not be legally binding obligations.
The bill's backers posit that big tech firms ignore CSAM, though that's clearly not the case. Google, for example, says it made 3.4 million reports to the National Center for Exploited and Missing Children (NCMEC) during the first half of 2021 and disabled more than 129,000 accounts during this period.
Meta (Facebook) says it took action on 20.9 million instances of CSAM in Q3 2021. Social media companies do actually have an incentive to prevent ad customer product pitches from appearing next to child abuse images or the like, and they spend money to do it.
Despite such evidence, the lawmakers supporting the bill contend that exposing companies to legal liability for allowing CSAM on their services will make them even more attentive, a claim critics of the bill dispute.
"The EARN IT Act assumes that Internet companies could do more to fight CSAM, but Section 230 reduces their motivation to do so," wrote Eric Goldman, law professor at Santa Clara University, in a blog post back in 2020. "Any such assumption is unquestionably false. Internet services have always treated CSAM as toxic content."
More likely, Goldman argued, what the bill will do, if it becomes law, is either encourage overbroad censorship to reduce the chance of being sued, spur efforts to encrypt everything to prevent awareness of unlawful content, or force companies to shut down to avoid the otherwise unsupportable legal risk.
However, the possibility that the bill will prompt internet providers to censor too broadly for their own protection bodes ill for free speech.
"The EARN IT Act is one of the most poorly conceived and dangerous pieces of Internet legislation I have seen in my entire career, and thats saying a lot," said Evan Greer, director of Fight the Future, in a statement.
"This bill will make children less safe, not more safe. And in the process, it will trample human rights and online free expression, particularly for trans and queer folks."
Greer expressed frustration that Congress has chosen to waste energy on a misguided proposal while failing to actually address the issues raised by large technology platforms, like the need for a federal data privacy law, for meaningful antitrust enforcement, and for curtailing algorithmic harms like biased AI systems.
The Center for Democracy and Technology argues that the bill, despite language that tries to create a safe harbor by ruling out liability solely on the basis of the use of encryption, would still punish encryption.
"Under the new version of the bill, offering users encrypted services can be considered evidence of an intermediarys liability for these claims, even if it cannot be considered an 'independent basis' for that liability," the rights group said in a blog post.
"By dramatically expanding the risk of lawsuits intermediaries will face over user-generated content and their use of end-to-end encryption, the bill will cause intermediaries to over-remove even lawful content and disincentivize them from offering encrypted services, to the detriment of all internet users."
The Chamber of Progress, a "center-left tech industry policy coalition," pointed to the 2018 FOSTA-SESTA legislation as an example of the undesirable consequences that have arisen from meddling with Section 230.
"The last time the Senate chipped away at Section 230, the results were disastrous, said Chamber of Progress CEO Adam Kovacevich, in an emailed statement.
"The EARN It Act goes even farther, giving platforms one of two options: quit moderating content altogether, or enforce invasive content moderation with outsized impacts on LGBTQ people and other marginalized communities. As Democrats, we need to think critically about the harm this legislation could do to groups that have a long history of being excluded and overlooked."
Read the rest here:
America's EARN IT Act attacking Section 230 is back and once again threatening the internet, critics say - The Register
Working in Arm’s engineering team? You’re probably happy with your pay rise – The Register
Arm has agreed a pay increase for employees following the scrapping of a wellbeing allowance last year, yet it appears that while engineers were offered an 8 per cent jump, other types of worker fared less well.
As revealed by The Register in May 2021, Arm ended its FlexPot scheme, an annual allowance granted to employees and fixed-term contract workers, a move seen by some as effectively being a pay cut.
The chip designer had also imposed an engineering hiring freeze that meant departments around the world were blocked from hiring new staff, even to fill any vacancies caused by employees leaving the firm.
The hiring freeze was expected to last until the current owners Softbank sold Arm to US chipmaker Nvidia. At the time, this was anticipated to be done and dusted by April 2022, however the sale is delayed due to regulatory concerns and doubts were recently cast over whether the transaction will even go ahead at all.
Perhaps in response to the delays, Arm CEO Simon Segars wrote to staff late last year saying he has spoken to Softbank about rewards.
"This was in the context of the demand for Arm talent and the pace at which wages are increasing, and it is also something that many of you rightly raised as an area we needed to look at," he said in the email that was seen by us.
As an extraordinary pay rise and in advance of an Annual Pay Review in April staff were given a salary increase for 1 January "based on wage inflation in their location, the type of work they do and the level of competition for their role in the market."
According to company insiders, Arm agreed a pay increase of 8 per cent for staff working in its engineering teams. Research teams were offered 6 per cent, and those working in IT, administration and finance got 4 per cent.
Many will regard it as only natural that Arm should reward most the engineering brains that the company depends upon for its continued success, especially during a difficult period when some might be tempted to jump ship. However, it seems that some employees at the company believe that this is a tactic which penalises lower paid employees, for whom the loss of FlexPot has had a greater impact.
"Arm engineers are relatively well paid," said a source close to the company.
Before cancellation, the FlexPot allowance stood at 4,500 per person for UK staff, and $8,500 in the US. This could be used to support an employee and their family's health and financial wellbeing in any number of ways.
In a statement, the company told us: "Arm operates in an industry where competition for talent is intense, and our people are core to our success. Arm regularly reviews employee reward and makes updates as needed to ensure that our package is competitive across locations and job types."
According to the email from Segars: "The Annual Bonus remains with the current design of 100 per cent maximum company performance, and we are tracking towards achieving this... this is the first in a series of reward updates. In addition to our usual Annual Review, Annual Bonus, Partnership Awards and Partnership Award Accelerators, there will be further updates."
Segars signed off by saying: "Arm is an incredible company with a bright future. I know it's been a tough year, but we've achieved great things together, our strategy is working, and our partners want more and more from us."
Meanwhile, the situation at Arm has now attracted the attention of union Unite's Cambridge Engineering Branch, which claims that with the UK retail price inflation (RPI) measure currently somewhere in the region of 7.1 per cent, a pay increase of just 4 per cent actually represents a real-terms pay cut for those employees that have been offered this amount.
In a Facebook posting that seems aimed at recruiting Arm staff, Unite lays out its official grievance and states that it believes all employees should have been awarded an 8 per cent uplift, taking into account the loss of the FlexPot scheme and the impact of inflation on the cost of living.
All in all, it looks like 2022 will be an interesting year for Arm. The firm may or may not be sold to GPU giant Nvidia, and if that deal falls through, it may or may not be spun out by current owner SoftBank through an IPO. On top of all this, it looks like it may have to contend with disgruntled employees.
Continue reading here:
Working in Arm's engineering team? You're probably happy with your pay rise - The Register
Whistleblower claims NSO offered ‘bags of cash’ for access to US phone networks – The Register
Updated A whistleblower's allegations about spyware maker NSO Group should be investigated by American prosecutors, US House Rep Ted Lieu (D-CA) has said.
The informant claimed senior NSO executives offered "bags of cash" to California-based telecoms security and monitoring outfit Mobileum to assist in its surveillance work, according to the Washington Post on Tuesday.
Specifically, it's alleged NSO wanted to gain, with Mobileum's help, Signaling System 7-level access to US cellular networks, a position that can be abused to determine a cellphone's location, redirect and read its incoming text messages, snoop on calls, and more. SS7 is the glue between telecommunications providers, and subverting it opens up a wealth of opportunities for spies and miscreants.
Gerry Miller, who spent over six years at Mobileum and rose to veep of network security and client solutions, claimed that in August 2017, when asked how Mobileum would get paid, NSO co-founder Omri Lavie said: We drop bags of cash at your office.
No business was undertaken with Mobileum, NSO said in a statement. Mr Lavie has no recollection of using the phrase bags of cash, and believes he did not do so. However if those words were used, they will have been entirely in jest.
Also apparently on the call was Eran Gorev of private-equity biz Francisco Partners, which had a majority stake in NSO, before reportedly selling the biz back to the founders in 2019. Gorev offered a very similar statement.
If such a meeting actually took place, I would absolutely never make a comment like this," he said. "If someone else made that comment, it would clearly have been made in jest and a colloquial expression or cultural misunderstanding.
Both Mobileum and NSO Group denied they had any kind of business relationship.
Miller complained about NSO's intentions to the FBI's whistleblower tip line in 2017 and, after receiving no response, he filed a more detailed report to the Dept of Justice, copying in the FCC and SEC. He also shared his report with Congressman Lieu, a Democratic member of the US House of Representatives who has a computer science degree.
"The NSO Group, which sells phone hacking software, tried to gain access to cellular networks by offering 'bags of cash', according to a whistleblower," Lieu tweeted Tuesday, adding that he has asked US prosecutors to look into the claims.
"I made a criminal referral to the Justice Dept," he noted. Lieu also said "no one's phone is safe," due to the insecurities of the SS7 protocol.
It's certainly not a good time for NSO. In November, the US Department of Commerce put the Israeli software maker on Uncle Sam's Entity List, making it all but impossible for the outfit to legally do business with American companies, following revelations that its Pegasus spyware was being used to snoop on people. Legislators are calling for further sanctions against the surveillance company as well.
Meanwhile, weeks after the Dept of Commerce took action, Apple sued what it called the "amoral 21st century mercenaries" at NSO for infecting iPhones and breaking Cupertino's terms and conditions. A similar lawsuit from Meta over WhatsApp hacking is also going through the courts.
"Mobileum does not have - and has never had - any business relationship with NSO Group," a Mobileum spokesperson told The Register.
"Mobileum does not have any direct access to the customers network and is unable to provide any kind of access, including SS7 access, to any third party. Mobileums products work towards the benefit of the operator, and not to their or their subscribers detriment."
Read more:
Whistleblower claims NSO offered 'bags of cash' for access to US phone networks - The Register
OpenStack-to-the-edge darling StarlingX hits 6.0, makes useful config tweaks – The Register
StarlingX, an open-source platform for edge computing based on OpenStack, has hit release 6.0 with a Linux Kernel upgrade plus security and deployment enhancements to make it easier to manage systems.
The StarlingX project offers a complete software stack for edge and IoT deployments, with support for code running in containers or virtual machines. It was started by Intel and Wind River, but is now an independent project supported by the Open Infrastructure Foundation, with code available under the Apache 2 licence.
Companies using StarlingX in production systems include T-Systems, Verizon and Vodafone, with the code freely available to download from the StarlingX website.
One of the major updates in this release is the Linux kernel at the core of the stack, with the StarlingX team stating that in light of previous CentOS announcements, the community decided to move over to Debian. In practice, this meant an upgrade to the 5.10 version of the kernel, which also had a side effect of providing the user space tooling to configure the routing and forwarding interfaces.
Another issue addressed is that of deployment and configuration. Edge use cases tend to vary a lot in deployment configurations and users need to build up their infrastructure and later change and evolve it in response to changing requirements, according to the StarlingX team.
Starting from the 6.0 release, users can migrate their deployment to a duplex configuration which includes two controller nodes. This means that the process of moving from one subcloud deployment to another does not require a fresh installation.
The StarlingX community is also making efforts to support disaster recovery scenarios. As part of this, users can now apparently move subclouds between distributed cloud systems while restoring the system controller.
Security is a key issue with edge deployments, and StarlingX 6.0 offers management of security certificates through cert-manager, which simplifies the process of maintaining platform certificates, including auto-renewals. Admins can also now update the Kubernetes Root Certificate Authority certificate on a running system by uploading or auto-generating a new one.
StarlingX even comes with monitoring and alerts to warn admins about certificate expiry dates. In version 6.0, this extends to separate severity levels for certificates that are about to expire and those that have passed their due date.
Also new is support for auditd, the Linux Auditing System, to help administrators track security violation events based on preconfigured audit rules.
Wind River provides a commercially supported version of StarlingX known as Wind River Studio, aimed at mission-critical intelligent edge systems. In a statement, Wind River CTO Paul Miller said that StarlingX 6.0 is another milestone that would advance cloud technologies for mission-critical industries.
StarlingX is described as being suitable for a wide range of edge use cases and applications from telecoms through retail to industrial IoT. It supports ultra-low latency, extremely high service uptime, and small-footprint deployments.
The Open Infrastructure Foundation's Ildiko Vancsa, who is senior manager for its Community & Ecosystem division, said of the release: "StarlingX is already delivering the essential functionality to build out infrastructure from the core to the edge by providing a robust, flexible and scalable foundation with OpenStack that can be used to build your central cloud as well as get installed on the edge to manage a smaller pool of resources."
Excerpt from:
OpenStack-to-the-edge darling StarlingX hits 6.0, makes useful config tweaks - The Register
The future of work is hybrid, says Cisco, so here’s Wi-Fi 6E access points and Private 5G – The Register
Cisco has rolled out new technologies including Wi-Fi 6E access points and Private 5G services to help organisations adapt to hybrid work scenarios.
Businesses of all sizes have had to adjust to major transitions over the past two years, and these have reshaped IT plans and operations. Adopting a hybrid work strategy with staff working from home, at the office, or anywhere calls for ubiquitous wireless connectivity, Switchzilla says.
But what is hybrid work? In a blog post, Greg Dorai, VP for Cisco's secure-access product portfolio, said that every organisation has to define what it means for them.
"A big difference from before the pandemic is that the remote worker will no longer be a minority," he said. This means that organisations will need infrastructure to handle a greater level of rich video traffic, and need to consider what kind of a network will be required to deliver this and enable the best experience.
To address these requirements, Cisco has released a bunch of new solutions. These comprise a pair of Wi-Fi 6E access points, the Catalyst 9136 and Meraki MR57; a Private 5G managed service for enterprises; and new Catalyst 9000X switch models based on its Silicon One Q200 chip.
Cisco claims that its Private 5G service will be different from rival solutions in that it will integrate with a customer's Wi-Fi and IT operations environments. Rather than deploying a carrier-centric 5G solution, Cisco also states it will handle all the complexities of the mobile network stack, and provide a simple management portal that integrates with existing enterprise tools.
However, the managed service will also be delivered through service provider and technology partners, whose first task will be to perform a site survey to scope out the required networking and radio coverage, Cisco said. It will be delivered on a "pay-as-you-use" model that minimises upfront infrastructure costs, while the monthly subscription includes 24/7 support and upgrades.
Wi-Fi 6E adds support for frequencies in the 6GHz portion of the spectrum, providing gigabit speeds and greater throughput.
The Catalyst 9136 is an enterprise-class access point built for large-scale deployments. It supports features such as band steering, which automatically switches Wi-Fi 6E devices to the 6GHz band, freeing the 2.4 and 5GHz bands for other devices, and intelligent power management that will adjust to the number of wireless clients connected.
On the other hand, the Meraki MR57 is aimed more at environments with "a highly dynamic hybrid workforce," which appears to mean offices, schools, hospitals, retail shops, and hotels. Like other Meraki products, it is managed via a cloud-hosted dashboard that enables rapid deployment management of devices across highly distributed networks.
On the switch side, the new Catalyst 9000X models are based on the Cisco Silicon One chip architecture, originally deployed in kit for web scale and service provider networks, but now also powering enterprise switches. The new silicon provides the bandwidth capacity and scale needed to support 100G/400G network access for transitions to hybrid work in the campus, according to Cisco.