All posts by Rene Millman

Red Hat pushes hybrid cloud to the edge


Rene Millman

18 Nov, 2020

Red Hat has unveiled new edge capabilities for Red Hat Enterprise Linux. The firm has also expanded the number of supported environments for Red Hat OpenShift, including leading public clouds and multiple data centre architectures, like IBM Z and Power Systems.

At this year’s KubeCon + CloudNativeCon, Red Hat launched several edge-focused updates to Red Hat Enterprise Linux, including the rapid creation of operating system images for the edge through the Image Builder capability. 

The firm said this would enable IT organisations to create purpose-built images optimized for architectural challenges inherent to edge computing but customized for the needs of a given deployment.

Red Hat also unveiled remote device update mirroring to stage and apply updates at the next device reboot or power cycle, helping limit downtime and manual intervention from IT response teams.

The edge update sports over-the-air updates that transfer less data while still pushing necessary code. Red Hat aims this update at sites with limited or intermittent connectivity. 

Another feature announced is Intelligent rollback built on OSTree capabilities, enabling users to provide workload-specific health checks to detect conflicts or code issues. When it detects a problem, it automatically reverts the image to the last good update to prevent unnecessary downtime at the edge.

Red Hat also announced updates to Red Hat OpenShift 4.6 intended to help enterprises accelerate cloud-native application development. The latest update to OpenShift Serverless with Red Hat OpenShift Serverless 1.11 brings full support for Knative eventing, enabling containerized applications to consume only the resources they need at a given time, which prevents over- or under-consumption.

There is also a Red Hat build of Quarkus, a Kubernetes-native Java stack fully supported by Red Hat. With a single Red Hat OpenShift subscription, customers now have full access to Quarkus, enabling developers to repurpose mission-critical Java applications on Kubernetes, backed by Red Hat’s enterprise support.

Red Hat OpenShift 4.6 now includes new edge computing features with remote worker nodes, extending processing power to space-constrained environments. This enables IT organizations to scale remotely while maintaining centralized operations and management.

OpenShift 4.6 will also extend capabilities for public-sector Kubernetes deployments, including availability on AWS GovCloud and Azure Government Cloud, extended OpenSCAP support and more. 

Further extending OpenShift’s reach into the public cloud domain is Azure Red Hat OpenShift, a jointly-managed, engineered and supported offering on Microsoft Azure backed by Microsoft and Red Hat’s expertise. A similar service is expected to launch on AWS with joint management and support from Red Hat and Amazon.

Microsoft 365 outage blamed on botched network driver update


Rene Millman

6 Nov, 2020

A network driver problem resulted in some users being unable to access their Exchange Online mailboxes on Microsoft 365 for approximately 12 hours.
In a tweet on 5 November at 8.13PM, Microsoft said that it was investigating an issue “wherein some users may be unable to access their mailboxes through Exchange Online via all connection methods”.
Around an hour later, it discovered that a recent service update to a portion of its infrastructure was “causing impact to mailbox access via Exchange Online from any connection method”. It then identified a network driver issue as the underlying cause of the outage.

However, in the early morning on 6 November, Microsoft admitted that the fix was “taking longer than anticipated”.
“Concurrently, we’re narrowing down alternate mitigation options for faster relief to customers.”
It was another two hours after that tweet when Microsoft finally found a solution and began rolling out a fix. It was only until three hours ago at the time of writing that Microsoft finally confirmed that the initial problem had been fixed for all users.
Just over a month ago, Microsoft suffered a global outage leaving users being unable to access their Outlook accounts. As reported by Cloud Pro, Microsoft blamed that outage on a configuration update to components that route user requests. This led to the company “reverting” the update and monitoring the service to ensure it came back up again.
This outage was the second in a week for Microsoft following an issue that caused Azure, Outlook, Office, Power Platform, Dynamics365, and Microsoft Teams to be down for around five hours.

Hackers target flaws in PBX system to hijack VoIP calls


Rene Millman

6 Nov, 2020

Cyber criminals have launched a new campaign that targets Sangoma PBX, an open source web GUI that manages communications toolkit Asterisk, security researchers have said.

The attack exploits CVE-2019-19006, a critical vulnerability in Sangoma private branch exchange (PBX), which grants the attacker admin access to the system and gives them control over its functions.

Nearly 1,200 organisations worldwide over past 12 months are said to have been targeted, with the main purpose of the campaign being to lift phone numbers and gain live access to compromised VoIP services, according to a blog by researchers at Check Point Software.

Countries targeted include the Netherlands, Belgium, US, Columbia, and Germany. However, over half of the attacks so far have been aimed at companies based in the UK, in industries such as government, military, insurance, finance, and manufacturing.

“While investigating the exploitations, researchers identified several online profiles associated with private Facebook groups that deal with VoIP, and more specifically, SIP server exploitation,” said researchers Ido Solomon, Ori Hamama and Omer Ventura, in a joint blog post. 

They added that investigations into the source of the attacks suggested that most hackers were based in Gaza, the West Bank, and Egypt.

It was also concluded that the group has mostly tried to gain access to phone numbers, and sell these on to other groups, and grant access to compromised VoIP services “to the highest bidders, who can then exploit those services for their own purposes”.

Researchers said that hackers could also use the compromised systems to support further attacks, such as using the system resources for cryptocurrency mining, spreading laterally across the company network, or launching attacks on outside targets, while masquerading as representatives from the compromised company.

Companies using vulnerable systems have been urged to change all default passwords and analyse call billings on a regular basis as well as applying patches to close the CVE-2019-19006 vulnerability that hackers are exploiting.

AWS launches next-gen GPU instances for machine learning


Rene Millman

4 Nov, 2020

AWS has launched its latest GPU-equipped instances aimed at machine learning and high-performance computing (HPC) workloads.

Called P4d, the new instances come ten years the first set of GPU instances were launched. They feature Intel Cascade Lake processors and eight of Nvidia’s A100 Tensor Core GPUs. These connect via NVLink with support for Nvidia GPUDirect and offer 2.5 PetaFLOPS of floating-point performance and 320GB of high-bandwidth GPU memory.

AWS claimed that the instances offer 2.5x the deep learning performance, and up to 60% lower cost to train when compared to P3 instances.

In addition, the P4 instances include 1.1TB of system memory and 8TB of NVME-based SSD storage with up to 16 gigabytes of read throughput per second. The instances can combine over 4,000 GPUs into an on-demand EC2 UltraCluster. 

Among the use cases touted by AWS for these instances include supercomputer-scale machine learning and HPC workloads: natural language processing, object detection & classification, scene understanding, seismic analysis, weather forecasting, financial modelling, etc. 

The P4 instances are available in one size (p4d.24xlarge) and can be launched in the US East (N.Virginia) and US West (Oregon) Regions with immediate effect.

Among the companies that have already been working with the P4 instances include Toyota Research Institute (TRI), GE Healthcare and Aon.

“At TRI, we’re working to build a future where everyone has the freedom to move,” said Mike Garrison, technical lead, Infrastructure Engineering at TRI.

“The previous generation P3 instances helped us reduce our time to train machine learning models from days to hours and we are looking forward to utilizing P4d instances, as the additional GPU memory and more efficient float formats will allow our machine learning team to train with more complex models at an even faster speed.”

Its on-demand price will be $32.77 per hour, going down to approximately $20 per hour for one-year reserved instances, and $11.57 for three-year reserved instances.

Intel buys data science startup Cnvrg.io


Rene Millman

4 Nov, 2020

Intel has reportedly acquired Israeli data science startup Cnvrg.io in a bid to strengthen its artificial intelligence (AI) and machine learning credentials.

In a statement given to TechCrunch, Intel confirmed the deal and said in a short statement that “Cnvrg will be an independent Intel company and will continue to serve its existing and future customers”. The company did not disclose any terms of the deal. 

Cnvrg.io was started in 2016 and runs a data science platform aimed at helping enterprises to manage and build up AI efforts. It claims that it is a pioneer in building cutting-edge machine learning development solutions to help customers rapidly build machine learning models.

The platform offers paid and free tiers and works in on-premise, cloud and hybrid environments.

Among the Israeli firm’s partners include Red Hat, NetApp and Nvidia, while its customers include Lightricks, ST Unitas and Playtika.

In a recent blog post, co-founder and CEO Yochay Ettun said that its machine learning dashboard could improve visibility and increase machine learning server usage by up to 80%. Its dashboard helps IT teams see allocation and utilisation of different jobs, clusters, by user and by job.

Admins can monitor and compare overall capacity versus allocation and utilisation with graphs to identify gaps in efficiency.

Recently, Cnvrg.io raised $8 million in venture capital funding from investors such as Hanaco Venture Capital and Jerusalem Venture Partners. 

Barely a week ago, Intel made another acquisition in the AI sector with the purchase of SigOpt for an undisclosed amount. The company provides a software platform for research groups such as OpenAI to increase AI model performance.

Industrial IoT connections will reach 37 billion by 2025


Rene Millman

3 Nov, 2020

Smart manufacturing looks set to drive growth in the industrial IoT market over the next five years.

According to a recent study by Jupiter Research, the number of Industrial IoT connections will increase from 17.7 billion in 2020 to 36.8 billion in 2025, representing an overall growth rate of 207%. 

The new research, Industrial IoT: Future Market Outlook, Technology Analysis & Key Players 2020-2025, predicts that 5G and LPWA (Low Power Wide Area) networks will play vital roles in creating service offerings to the manufacturing industry.

These technologies will also enable the realisation of the ‘smart factory’ concept, in which real-time data transmission and high connection densities allow highly autonomous operations for manufacturers, researchers said.

Private 5G services will also be a crucial step in maximising the value of a smart factory to service users, by leveraging the technology to enable superior levels of autonomy amongst operations. These networks should be valuable to manufacturers when used for the transmission of large amounts of data in environments with a high density of connections, Juniper said, and where significant levels of data are generated. 

The report said that this would enable large-scale manufacturers to reduce operational spend through efficiency gains.

The research predicts that over 80% of global Industrial IoT market value will be attributable to software spend by 2025, reaching $216 billion. Software tools leveraging machine learning for enhanced data analysis and the identification of network vulnerabilities are now essential to connected manufacturing operations.

“Manufacturers must exercise caution when implementing IoT technology; resisting the temptation to introduce connectivity to all aspects of operations. Instead, manufacturers must focus on the collection of data on the most valuable areas to drive efficiency gains,” said research author Scarlett Woodford.

Oracle releases emergency WebLogic Server patch to fix RCE flaw


Rene Millman

3 Nov, 2020

Oracle has been forced to issue an out-of-band patch to fix a critical remote code execution (RCE) flaw affecting multiple Oracle WebLogic Server versions.

The vulnerability, tracked as CVE-2020-14750, could enable hackers to remotely exploit the server via an HTTP GET through the server’s console component, without any user interaction and may be exploited over a network without the need for a username and password.

“Due to the severity of this vulnerability and the publication of exploit code on various sites, Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible,” Oracle explained in an https://www.oracle.com/security-alerts/alert-cve-2020-14750.html advisory.

The advisory said that the supported Oracle WebLogic Server versions that are affected by CVE-2020-14750 include 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0.

Proof-of-concept code that could exploit the bug was made public on GitHub. According to security firm Spyse, around 3,300 WebLogic servers are exposed at the moment and could be vulnerable to the flaw.

In a blog post, Eric Maurice, director of Security Assurance at Oracle, shared a link to help users harden affected servers.

He also said that the vulnerability is related to CVE-2020-14882, which was addressed in the October 2020 Critical Patch Update. That particular flaw could enable hackers network access via HTTP to achieve total compromise and takeover of vulnerable Oracle WebLogic Servers.

The US Cybersecurity and Infrastructure Security Agency (CISA) also warned users about the dangers of the vulnerability and encouraged administrators to apply the patch as soon as possible. 

AWS to launch Zurich data centres in 2022


Rene Millman

2 Nov, 2020

AWS has announced it will be launching a new Europe region in Zurich, slated for opening in the latter half of 2022.

Zurich will be the firm’s eighth region in Europe, alongside those Dublin, Frankfurt, London, Paris, Stockholm, Milan, and Spain.

AWS currently has 77 Availability Zones across 24 regions worldwide with today’s announcement bringing the total number of global regions (operational and in the works) up to 27. AWS has already announced plans for 12 more Availability Zones and four more AWS Regions in Switzerland, Indonesia, Japan, and Spain.

AWS said that the new region will give Swiss customers the ability to run applications that must comply with strict data sovereignty requirements in Switzerland. It will also enable customers to run apps from data centres in the country, lowering latencies in applications across the region.

“For more than 14 years, AWS has supported organisations across almost every industry in Switzerland to speed up innovation, lower their IT costs, and transform their operations,” said Peter DeSantis, senior vice president of Global Infrastructure and Customer Support at AWS.

“AWS is excited to announce our upcoming region in Switzerland and help Swiss institutions, innovative startups, and world-leading pharma companies deliver cloud-powered applications to fuel economic development across the country.”

AWS opened its first Swiss office in Zurich in April 2016 and in 2017 it announced an Amazon CloudFront Edge Location and Direct Connect location in Zurich as well as a second office in Geneva.

AWS said it would continue to build up a team of account managers, technical account managers, partner managers, systems engineers, solutions architects, professional services to help customers in the country move to the cloud.

Google Chrome is losing market share to Microsoft Edge


Rene Millman

2 Nov, 2020

Google Chrome is losing its share in the browser market to Microsoft Edge for the first time, according to new stats from NetMarketShare.

In its latest report for October 2020, Chrome usage decreased from 69.94% in September 2020 to 69.25% a month later.

At the same time, Edge increased from 8.84% to 10.22%. It is thought the increase may be because of Microsoft promoting Edge as part of its latest Windows 10 20H2 update with a taskbar ad that urges people to use the browser.

The report also found that Firefox gained a little ground on Chrome, edging up from 7.19% in September to 7.22% a month later.

In its operating systems report NetMarketShare found that Windows 10’s market share increased from 61.26% in September 2020 to 64.04% in October. Unsurprisingly, Windows 7 share also decreased from 22.77% to 20.41% over the same period. Apple’s macOS 10.15 also declined from 5.11% to 4.88%.

Seperately, NetMarketShare signalled that it would be “retiring” its browser market report in its current form as an upcoming change in browsers will “break our device detection technology and will cause inaccuracies for a long period of time”.

It added that as it has focused on bot detection and removal as a key part of the quality control process, but noted that “as time has gone on, it has become increasingly difficult to manage this process. So, instead of accepting increasing levels of inaccuracy, we thought it would be a good time to call it a day.”

It added that Netmarketshare will “re-emerge at some point with a focus on ecommerce trends and verifiable user data”.

Cloud infrastructure spending surges 33% in Q3


Rene Millman

2 Nov, 2020

Enterprise spending on cloud infrastructure services in the third quarter of this year increased by 33% to $33 billion, according to new research from an analyst firm.

Figures from Synergy Research Group showed that the year-on-year growth rate for Q3 was higher than the 32% growth seen in the previous quarter. This, said analysts, demonstrated the health of the market.

The research found that Amazon and Microsoft continue to account for over half of the global market, with Amazon’s market share staying at around 33%, while Microsoft’s share was over 18%.

Google, Alibaba and Tencent are all growing quicker than the overall market and are increasing market share, Synergy said. Together they account for 17% of the market.

The other cloud providers in the top ten rankings include IBM, Salesforce, Oracle, NTT and SAP. In aggregate, the top ten providers account for 80% of the worldwide market, with the remaining 20% coming from a range of small cloud providers or large companies with only a small position in the market.

“While we were fully expecting continued robust growth in the market, the scale of the growth in Q3 was a little surprising,” said John Dinsdale, chief analyst at Synergy Research Group. “Total revenues were up by $2.5 billion from the previous quarter causing the year-on-year growth rate to nudge upwards, which is unusual for such a large market.”

He added that companies competing for a share of the market have settled into three camps: “Amazon and Microsoft are in a league of their own, while others are either aggressively seeking to grow their position in the market or are more focused on specific services, geographies or customer groupings,” he added.

With most of the major cloud providers having now released their earnings data for Q3, Synergy estimates that quarterly cloud infrastructure service revenues (including IaaS, PaaS and hosted private cloud services) were $32.8 billion, with trailing twelve-month revenues reaching $119 billion.

The research firm also found that Public IaaS and PaaS services account for the bulk of the market and those grew by 35% in Q3.

The dominance of the major cloud providers is even more distinct in public cloud, where the top five control almost 80% of the market. Analysts said that the cloud market continues to grow strongly in all regions of the world.