An Amazon Web Services (AWS) virtualization engineer has shown what Windows 10 on Arm could be like if Microsoft licensed its Arm-based OS to the public rather than just to Windows 10 manufacturers. From a report: With Apple's new M1 Arm-based system on chip, Mac users who need to use Windows 10 can't run Microsoft's Arm-based version of Windows using Apple's Bootcamp. The key obstacle is that Microsoft doesn't license Windows 10 on Arm to any entities other than its own Surface group and Windows 10 on Arm OEMs like HP, Asus and Lenovo. Technically, there's nothing stopping owners of the M1 MacBook Air, MacBook Pro 13-inch or Mac mini from running Windows 10 on Arm, as Apple's software engineering chief Craig Federighi recently pointed out. [...]

But Microsoft's reluctance to create a license for Windows 10 on Arm for end users hasn't stopped creative engineers from putting together a working example of what things could be like if it did. AWS principal engineer Alexander Graf did just that, using the open-source QEMU virtualization software for Windows on Arm. QEMU emulates access to hardware such as the CPU and GPU. [...] "Who said Windows wouldn't run well on #AppleSilicon? It's pretty snappy here," Graf wrote in a tweet. Graf previously worked on the Kernel Virtual Machine (KVM) for Linux distribution SUSE for over a decade. Now he's a KVM developer at AWS, which this week announced new Mac instances for AWS Elastic Compute Cloud (EC2) based on Nitro System, an AWS hypervisor for EC2 instances. [...] A developer using the handle @imbushuo on Twitter has posted Geekbench versions 4 and 5 scores that compare Windows 10 on Arm on an M1 computer with the Microsoft-made Surface Pro X. Windows on an M1 got a single-core score of 1,288 and multi-core score of 5,685 whereas the Surface Pro X's scores were roughly 800 and 3,000 in those respective benchmarks.

Comcast has achieved a 10Gbps "technical milestone" that can deliver gigabit-plus download and upload speeds over existing cable wires, not fiber. ZDNet reports: Comcast has achieved a 10Gbps technical milestone by delivering 1.25Gbps upload and download speeds over a live production network using Network Function Virtualization (NFV) combined with the latest Data Over Cable Service Interface Specification (DOCSIS) hardware. This is being done with DOCSIS 4. With this cutting-edge cable internet technology, you can expect to see up to 10Gbps speeds downstream and up to 6Gbps upstream capacity over a hybrid fiber-coaxial (HFC) network. In its first real-world test, to a home in Jacksonville, Fla., technicians achieved its Gigabit plus speed using upon Comcast's Distributed Access Architecture (DAA). This is an edge-based computing model. This architecture has a suite of software-powered networking technologies, including digital fiber optics, "Remote PHY" digital nodes, and a cloud-based, virtualized cable modem termination system platform (vCMTS). The result? Comcast's team consistently measured speeds of 1.25Gbps upload and 1.2Gbps download over the connection.

According to a study by Dr. Raul Katz of Telecom Advisory Services, 10Gbps internet will generate at least $330 billion in total economic output and create more than 676,000 new jobs over the next seven years. It will do by enabling not just 8K video streams for everyone living in your home, but by enabling 5G access points, virtual reality applications, and telehealth. It's not just hardware that's making this possible. Comcast is a major open-source developer and user. As Comcast notes, "The trial was made possible not by a single technological innovation, but rather by a series of interrelated technologies that Comcast continues to test and deploy in its network, all powered by a DAA ecosystem. These include our increasingly virtualized, cloud-based network model." Comcast is working on the "10G" initiative along with NCTA, CableLabs, and SCTE, and other telecom and cable operators from around the world. In addition, Comcast and Charter Communications have worked closely to align on their approaches to 10Gbps and are driving technology standards and architectures to benefit everyone.

"Microsoft has submitted a series of patches to Linux kernel developers," reports ZDNet, "requesting that Linux run as the root partition on the Hyper-V, its hypervisor software for running Windows and non-Windows instances on hardware." Microsoft "wants to create a complete virtualization stack with Linux and Microsoft Hypervisor", according to Microsoft principle software engineer Wei Liu. Liu has proposed an RFC or request for comment that for now merely implements what are only the "absolutely necessary components to get things running... There will be a subsequent patch series to provide a device node (/dev/mshv) such that userspace programs can create and run virtual machines. We've also ported Cloud Hypervisor over and have been able to boot a Linux guest with Virtio devices since late July." Cloud Hypervisor is an experimental open-source hypervisor implementation from Intel written in the Rust programming language. It's a virtual-machine monitor that runs on top of KVM, the Kernel-based Virtual Machine hypervisor in the Linux kernel that's designed for cloud workloads...

Liu points out three more changes beyond amendments to the Hyper-V Top-Level Functional Specification. For example, Microsoft wants Linux to set up existing Hyper-V facilities differently. It also wants Linux kernel developers to change the kernel's behavior when accessing hardware memory in a way that affects driver access to the GPU and CPU that's being managed by an operating system memory manager. It's this issue that Microsoft engineers are least confident about and are asking for Linux developer support, according to Liu....

As Microsoft's executive VP of the cloud and enterprise group, Scott Guthrie, told ZDNet last year, Microsoft's shift to Linux and open source started over a decade ago when it open-sourced ASP.NET. "We recognized open source is something that every developer can benefit from. It's not nice, it's essential. It's not just code, it's community," explained Guthrie.

Microsoft has submitted a series of patches to the Linux kernel with its aim being "to create a complete virtualization stack with Linux and Microsoft Hypervisor." The Register reports: The patches are designated "RFC" (Request for comments) and are a minimal implementation presented for discussion. The key change is that with the patched kernel, Linux will run as the Hyper-V root partition. In the Hyper-V architecture, the root partition has direct access to hardware and creates child partitions for the VMs it hosts. "Just think of it like Xen's Dom0," said Microsoft principal software engineer Wei Liu. Hyper-V's architecture is more similar to Xen than it is to KVM or to VMware's ESXi, and Liu acknowledged that "we drew inspiration from the Xen code in Linux," specifically for code handing interrupts. Until now, the Hyper-V root partition had to run Windows.

Microsoft has also ported Intel's open-source Cloud Hypervisor, a Virtual Machine Monitor (VMM) written in Rust that normally runs on KVM, the hypervisor that is built into the Linux kernel. Cloud Hypervisor itself is currently in "very early pre-alpha stage." Even when Linux is the root partition, it will still run on top of Microsoft's hypervisor, a thin layer running with ring -1 privileges. It will no longer be necessary to run Windows on that hypervisor, though, enabling Microsoft to call the new arrangement "a complete virtualization stack with Linux."

This week saw the release Linux 5.8, which Linus Torvalds called "one of our biggest releases of all time," reports TechRepublic: The new version of the Linux kernel brings a number of updates to Linux 5.7 spanning security, core components, drivers, memory management, networking and improvements to the kernel's design, amongst others. This includes updates for Microsoft's Hyper-V virtualization platform, Intel Tiger Lake Thunderbolt support, improvements to Microsoft's exFAT file system, and support for newer Intel and ARM chips.

Torvalds said the kernel had received over 15,000 merge requests and that around 20% of all the files in the kernel source repository had been modified. "That's really a fairly big percentage, and while some of it is scripted, on the whole it's really just the same pattern: 5.8 has simply seen a lot of development," Torvalds said.

Translated into numbers, Linux 5.8 includes over 800,000 new lines and over 14,000 changed files. It also received one of the biggest number of merge requests during its merge window — over 14,000 non-merge commits and more than 15,000 including merges, according to Torvalds. "5.8 looks big. Really big," he added.

SUSE, a Linux distribution company controlled by private equity firm EQT, has agreed to acquire Rancher Labs, a start-up with technology that helps organizations run software in virtual containers across many servers. From a report: The companies announced the deal Wednesday but didn't disclose the terms. Two people familiar with the deal said SUSE is paying $600 million to $700 million. The transaction suggests that even during a recession, demand remains high for technology that can enable companies to operate more efficiently. Talks between the companies began in the spring, and the process became competitive with additional bids, Ursheet Parikh, a partner at Rancher backer Mayfield Fund, told CNBC on Tuesday. There were "lots of Zoom calls," Parikh said. In the past few years, with the rise of start-ups such as Docker, containers became a trendy alternative to more traditional virtualization technology for running applications on each computer server in a company data center. Amazon, Microsoft and other cloud providers came out with services that developers can use to place code in containers, and in 2017 SUSE introduced its own service for managing containers. The companies haven't finalized integration plans as the deal still faces regulatory approval.

Apple has confirmed that switching to its own, ARM-based Apple silicon will signal the end of Boot Camp support. From a report: Apple will start switching its Macs to its own ARM-based processors later this year, but you won't be able to run Windows in Boot Camp mode on them. Microsoft only licenses Windows 10 on ARM to PC makers to preinstall on new hardware, and the company hasn't made copies of the operating system available for anyone to license or freely install. On John Gruber's WWDC Talk Show, Craig Federighi confirmed that Apple would not support Boot Camp on ARM Macs: "We're not direct booting an alternate operating system. Purely virtualization is the route. These hypervisors can be very efficient, so the need to direct boot shouldn't really be the concern."

At the WWDC 2020 keynote today, Apple announced that the company is going to switch from Intel chips to Apple's own silicon, based on ARM architecture. They also announced that iPad and iPhone apps will be able to run natively on ARM-powered Macs. TechCrunch reports: First, you'll be able to compile your app to run both on Intel-based Macs and ARM-based Macs. You can ship those apps with both executables using a new format called Universal 2. If you've been using a Mac for a while, you know that Apple used the same process when it switched from PowerPC CPUs to Intel CPUs -- one app, two executables. As for unoptimized software, you'll still be able to run those apps. But its performances won't be as good as what you'd get from a native ARM-ready app. Apple is going to ship Rosetta 2, an emulation layer that lets you run old apps on new Macs.

When you install an old app, your Mac will examine the app and try to optimize it for your ARM processor. This way, there will be some level of optimization even before you open the app. But what if it's a web browser or a complicated app with just-in-time code? Rosetta 2 can also translate instructions from x86 to ARM on the fly, while you're running the app. And if you're a developer working on code that is going to run on servers, Apple is also working on a set of virtualization tools. You'll be able to run Linux and Docker on an ARM Mac.

As a bonus, users will also be able to access a much larger library of apps. "Mac users can for the first time run iOS and iPadOS apps on the Mac," Apple CEO Tim Cook said. While the company didn't share a lot of details, Apple isn't talking about Catalyst, its own framework that makes it easier to port iOS apps to macOS. You should be able to download and run apps even if the developer never optimized those apps for macOS.

For years, Parallels has provided virtualization software so you could run full Windows installs on a Mac, but today they're tackling a new OS. From a report: The company just announced that it is partnering with Google to work on bringing full Windows application support to Chrome OS enterprise devices. That's a big deal for the many businesses out there that run various pieces of legacy Windows software -- or just any business that wants to run Microsoft's Office software natively. It could Chrome OS devices a lot more viable in a variety of workspaces that may have previously had to rely on Windows hardware, though of course that'll depend on how well it is implemented. How exactly this will work remains to be seen; Parallels only said that partnership would "seamlessly add full-featured Windows apps, including Microsoft Office, to Chromebook Enterprise devices."

Security and software development company Quarkslab played around with Google's new Fuchsia operating system, which could one day replace Android on smartphones and Chrome OS on laptops. The researchers "decided to give a quick look at Fuchsia, learn about its inner design, security properties, strengths and weaknesses, and find ways to attack it." Here's what they concluded: Fuchsia's micro kernel is called Zircon. It is written in C++. [...] Contrary to every other major OS, it appears rather difficult to target the Zircon kernel directly. A successful RCE (Remote Code Execution) on the world-facing parts of the system (USB, Bluetooth, network stack, etc) will only give you control over the targeted components, but they run in independent userland processes, not in the kernel. From a component, you then need to escalate privileges to the kernel using the limited number of syscalls you can access with the handles you have. Overall, it seems easier to target other components rather than the kernel, and to focus on components that you can talk to via IPC and that you know have interesting handles.

Overall, Fuchsia exhibits interesting security properties compared to other OSes such as Android. A few days of vulnerability research allowed us to conclude that the common programming bugs found in other OSes can also be found in Fuchsia. However, while these bugs can often be considered as vulnerabilities in other OSes, they turn out to be uninteresting on Fuchsia, because their impact is, for the most part, mitigated by Fuchsia's security properties. We note however that these security properties do not -- and in fact, cannot -- hold in the lowest layers of the kernel related to virtualization, exception handling and scheduling, and that any bug here remains exploitable just like on any other OS. All the bugs we found were reported to Google, and are now fixed.

Again, it is not clear where Fuchsia is heading, and whether it is just a research OS as Google claims or a real OS that is vowed to be used on future products. What's clear, though, is that it has the potential to significantly increase the difficulty for attackers to compromise devices.

The Washington Post describes it as "the next internet." Wikipedia defines it as "a collective virtual shared space...including the sum of all virtual worlds, augmented reality, and the Internet." But it was Neal Stephenson who named it "the metaverse" in his 1992 science fiction novel Snow Crash.

Are we closer to seeing it happen? The Washington Post reports: In the past month, office culture has coalesced around video chat platforms like Zoom, while personal cultural milestones like weddings and graduations are being conducted in Nintendo's Animal Crossing: New Horizons. The Metaverse not only seems realistic — it would probably be pretty useful right about now. The Metaverse reality is still years, possibly decades, away. But Epic Games CEO Tim Sweeney has been publicly pushing for its creation, and he isn't alone in his desire to push for the Metaverse, where the online world echoes and fulfills real-world needs and activities. Constructing the virtual Internet space is Silicon Valley's macro goal, many of whom are obsessed with Neal Stephenson's 1992 book, "Snow Crash," which defined the term.

In recent years, Facebook, Google and Samsung have all made heavy investments in cloud computing and virtual reality companies in anticipation of a Metaverse... But it's Epic Games, with Fortnite, that has the most viable path forward in terms of creating the Metaverse, according to an essay by venture capitalist and former Amazon executive Matthew Ball... [The article also notes other "traits" of the metaverse in Minecraft and Roblox.] The most widely agreed core attributes of a Metaverse include always being live and persistent — with both planned and spontaneous events always occurring — while at the same time providing an experience that spans and operates across platforms and the real world. A Metaverse must also have no real cap on audience, and have its own fully functioning economy... Fortnite hasn't reached Metaverse status yet. But Fortnite as a social network and impossible-to-ignore cultural phenomenon, Ball says, provides Epic Games a key advantage for leading in the Metaverse race. Fortnite draws a massive, willing and excited audience online to engage with chaotically clashing intellectual properties... "This organic evolution can't be overemphasized," Ball writes in his essay. "If you 'declared' your intent to start a Metaverse, these parties would never embrace interoperability or entrust their IP. But Fortnite has become so popular and so unique that most counterparties have no choice but to participate... Fortnite is too valuable a platform...."

The current swarm to an online-only social and capitalist economy has only highlighted the current Internet's failings, and what the Metaverse needs to do, Ball said. Big sites like Facebook, Google and Amazon continue to dominate online activity, as do larger streaming services like YouTube and Netflix. But each location requires its own membership and has separate ecosystems. "Right now, the digital world basically operates as though every restaurant and bar you go to requires a different ID card, has a different currency, requires their own dress codes and has their own units [of service and measurement]," Ball said. "It is clear that this really advantages the biggest services. People are just sticking to the big games, really. However there's a clear argument that reducing network lock-in can really raise all boats here."

Sweeney said as much in his DICE Summit keynote speech February. If the game industry wants to reshape the Internet and move away from Silicon Valley's walled gardens, Sweeney stressed that publishers need to rethink economies in the same way email was standardized... "We need to give up our attempts to each create our own private walled gardens and private monopoly and agree to work together and recognize we're all far better off if we connect our systems and grow our social graphs together.
Neal Stephenson answered questions from Slashdot readers back in 2004.

Hailing it as its most significant update to its vSphere virtualization manager in a decade, VMware today is overhauling its portfolio of products to include native support of the Kubernetes orchestration manager for software containers along with a host of new tools for shifting and managing applications across multiple on-premises and cloud infrastructure stacks. From a report: The announcement continues VMware's multiyear odyssey from a supplier of virtualization software for on-premises data centers to an enabler of cloud migration and multicloud management. It also showcases the rapid integration of several acquisitions the company made last year. VMware was once seen as a prime potential victim of containers, which are portable and self-contained software environments bundled with applications, but it has responded by embracing the technology and is now building the red-hot Kubernetes manager into its flagship platform. "In the early days of virtualization VMware was a layer that lived across multiple environments; they're looking now to do the same in the cloud," Stu Miniman, senior analyst at Wikibon, a sister research firm to SiliconANGLE, said.

Intel's sale of its consumer 5G modem unit signaled its exit from the smartphone business last year, but the company remains heavily committed to participating in the growing 5G marketplace -- primarily on the carrier and enterprise sides. Today, the company announced three chips built for various types of 5G computers, plus a 5G-optimized network adapter for PCs. From a report: Up first is an updated second-generation Xeon Scalable processor, now at a top speed of 3.9GHz and bolstered by additional AI capabilities to aid with inference applications. The new chip promises up to 36% more performance than the first-generation version, with up to 42% more performance per dollar, though early second-generation chips were introduced in April 2019. Intel says the Xeon Scalable is the "only CPU with AI built in" -- a pitch that's not exactly accurate, given the range of existing laptop and mobile CPUs with AI features, but one Intel further explains means "the only CPU on the market that features integrated deep learning acceleration." Xeon Scalable's Deep Learning Boost feature set promises up to 6 times more AI performance than AMD's Rome processors, though Intel won't quantify the number of TOPS available for AI processing, calling the metric "theoretical." Regardless, Intel says Xeon Scalable will support the cloud AI needs of Alibaba, AWS, Baidu, Microsoft, and Tencent, as well as other major companies.

Network-optimized "N-SKUs" of the new Xeon Scalable will also be available, offering up to 58% more performance for network function virtualization workloads compared with the first chip. Customers such as China Mobile, SK Telecom, Sprint, and T-Mobile Poland are all using Xeon Scalable in their 5G networks. The boosted Xeon Scalable chips are officially available starting today. Intel is also introducing the Atom P5900, billed as the first Intel architecture SoC for base stations and designed from the ground up for radio access network (RAN) needs. It's a 10-nanometer chip with hardware-based network acceleration features, including integrated packet processing, ultra low latency, and a switch for inline cryptographic acceleration.

"Not sure if this is good news (Oracle is very busy patching their stuff) or bad news (Oracle is very busy patching their stuff) but this quarterly cycle they tied their all-time high number of vulnerability fixes released," writes Slashdot reader bobthesungeek76036. "And they are urging folks to not drag their feet in deploying these patches." Threatpost reports: The software giant patched 300+ bugs in its quarterly update. Oracle has patched 334 vulnerabilities across all of its product families in its January 2020 quarterly Critical Patch Update (CPU). Out of these, 43 are critical/severe flaws carrying CVSS scores of 9.1 and above. The CPU ties for Oracle's previous all-time high for number of patches issued, in July 2019, which overtook its previous record of 308 in July 2017. The company said in a pre-release announcement that some of the vulnerabilities affect multiple products. "Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update patches as soon as possible," it added.

"Some of these vulnerabilities were remotely exploitable, not requiring any login data; therefore posing an extremely high risk of exposure," said Boris Cipot, senior security engineer at Synopsys, speaking to Threatpost. "Additionally, there were database, system-level, Java and virtualization patches within the scope of this update. These are all critical elements within a company's infrastructure, and for this reason the update should be considered mandatory. At the same time, organizations need to take into account the impact that this update could have on their systems, scheduling downtime accordingly."

This week a former engineer for the Microsoft Windows Core OS Division shared an insightful (and very entertaining) list with "some changes I have noticed over the last 20 years" in the computer programming world. Some excerpts: - Some programming concepts that were mostly theoretical 20 years ago have since made it to mainstream including many functional programming paradigms like immutability, tail recursion, lazily evaluated collections, pattern matching, first class functions and looking down upon anyone who don't use them...

- 3 billion devices run Java. That number hasn't changed in the last 10 years though...

- A package management ecosystem is essential for programming languages now. People simply don't want to go through the hassle of finding, downloading and installing libraries anymore. 20 years ago we used to visit web sites, downloaded zip files, copied them to correct locations, added them to the paths in the build configuration and prayed that they worked.

- Being a software development team now involves all team members performing a mysterious ritual of standing up together for 15 minutes in the morning and drawing occult symbols with post-its....

- Since we have much faster CPUs now, numerical calculations are done in Python which is much slower than Fortran. So numerical calculations basically take the same amount of time as they did 20 years ago...

- Even programming languages took a side on the debate on Tabs vs Spaces....

- Code must run behind at least three levels of virtualization now. Code that runs on bare metal is unnecessarily performant....

- A tutorial isn't really helpful if it's not a video recording that takes orders of magnitude longer to understand than its text.

- There is StackOverflow which simply didn't exist back then. Asking a programming question involved talking to your colleagues.

- People develop software on Macs.
In our new world where internet connectivity is the norm and being offline the exception, "Security is something we have to think about now... Because of side-channel attacks we can't even trust the physical processor anymore."

And of course, "We don't use IRC for communication anymore. We prefer a bloated version called Slack because we just didn't want to type in a server address...."

An anonymous reader quotes a report from Ars Technica: Apple has expanded a lawsuit against an iOS virtualization company, claiming that its actions facilitate jailbreaking and violate the Digital Millennium Copyright Act (DMCA) prohibition on circumvention of copyright-protection systems. Apple sued Corellium, a company that sells access to virtual machines that run copies of the operating system used in iPhones and iPads, in August 2019. Apple said that Corellium sells "perfect replicas" of iOS without a license from Apple and markets its software as "a research tool for those trying to discover security vulnerabilities and other flaws in Apple's software." But instead of aiding good-faith security research, Corellium "encourages its users to sell any discovered information on the open market to the highest bidder," Apple alleged.

The first version of Apple's lawsuit accused Corellium of copyright infringement. A new version filed on December 27 alleges both copyright infringement and "unlawful trafficking of a product used to circumvent security measures in violation of 17 U.S.C. 1201," a statute that's part of the DMCA. Apple argued that Corellium gives users the ability to jailbreak iOS for either benign or malicious purposes. In response to the new allegations, Corellium CEO Amanda Gorton said "Apple's latest filing against Corellium should give all security researchers, app developers, and jailbreakers reason to be concerned."

Corellium is "deeply disappointed by Apple's persistent demonization of jailbreaking," with Gorton writing that "developers and researchers rely on jailbreaks to test the security of both their own apps and third-party apps." Apple's filing, according to Corellium, essentially "assert[s] that anyone who provides a tool that allows other people to jailbreak, and anyone who assists in creating such a tool, is violating the DMCA." Apple, Gorton wrote, "is using this case as a trial balloon in a new angle to crack down on jailbreaking" and "is seeking to set a precedent to eliminate public jailbreaks."

InfoWorld's Matt Asay argues we're in (or near) "the golden age of open source." Here and there an open source company might struggle to make a buck, but as a community of communities, open source has never been healthier. There are a few good indicators for this.

The first is that the clouds -- yes, all of them -- are open sourcing essential building blocks that expose their operations. Google rightly gets credit for moving first on this with projects like Kubernetes and TensorFlow, but the others have followed suit. For example, Microsoft Azure released Azure Functions, which "extends the existing Azure application platform with capabilities to implement code triggered by events occurring in virtually any Azure or third-party service as well as on-premises systems...." More recently, AWS released Firecracker, a lightweight, open source virtualization technology for running multi-tenant container workloads that emerged from AWS' serverless products (Lambda and Fargate). In a textbook example of how open source is supposed to work, Firecracker was derived from the Google-spawned crosvm but then spawned its own upgrade in the form of Weave Ignite, which made Firecracker much easier to manage.

These are just a few examples of the interesting open source projects emerging from the public clouds. (Across the ocean, Alibaba has been open sourcing its chip architecture, among other things.) More remains to be done, but these offer hope that the public clouds come not to bury open source, but rather to raise it...

it's not hard to believe that the more companies get serious about becoming software companies, the more they're going to encourage their developers to get involved in the open source communities upon which they depend... [I]t's not just the upstarts. Old-school enterprises like Home Depot host code on GitHub, while financial services companies like Capital One go even further, sponsoring open source events to help foster community around their proliferating projects.... So, again, not everybody is doing it. Not yet. But far more organizations are involved in open source today than were back in 2008... Such involvement is happening both at the elite level (public clouds) and in more mainstream ways, ushering in a golden era of open source.

The last RHEL release, RHEL 7.7, is now available for current Red Hat Enterprise Linux subscribers via the Red Hat Customer Portal. ZDNet reports on what's new: RHEL 7.7's most important updates are support for the latest generation of enterprise hardware and remediation for the recently disclosed ZombieLoad vulnerabilities. The latest RHEL 7 also includes network stack performance enhancements. With this release, you can offload virtual switching operations to network interface card (NIC) hardware. What that means for you is, if you're using virtual switching and network function virtualization (NFV), you'll see better network performance on cloud and container platforms such as Red Hat OpenStack Platform and Red Hat OpenShift.

RHEL 7.7 users can also use Red Hat's new predictive problem shooter: Red Hat Insights. This uses a software-as-a-service (SaaS)-based predictive analytics approach to spot, assess, and mitigate potential problems to their systems before they can cause trouble. For developers, RHEL 7.7 comes with Python 3.6 interpreter, and the pip and setup tools utilities. Previously, Python 3 versions were available only as a part of Red Hat Software Collections. Moving on to the cloud, RHEL 7.7 Red Hat Image Builder is now supported. This feature, which is also in RHEL 8, enables you to easily create custom RHEL system images for cloud and virtualization platforms such as Amazon Web Services (AWS), VMware vSphere, and OpenStack. To help cloud-native developers, RHEL 7.7 includes full support for Red Hat's distributed-container toolkit -- buildah, podman, and skopeo -- on RHEL workstations. After building on the desktop, programmers can use Red Hat Universal Base Image to build, run, and manage containerized applications across the hybrid cloud.

"For over a decade, VMware has been accused of illegally using Linux code in its VMware ESX bare-metal virtual machine hypervisor," reports ZDNet, adding that "A German court has dismissed the case, but the struggle may not be over." VMware stood accused of illegally using Linux code in its flagship VMware ESX bare-metal virtual machine (VM) hypervisor... In 2011, the Software Freedom Conservancy, a non-profit organization that promotes open-source software, discovered that VMware had failed to properly license any Linux or BusyBox, a popular embedded Linux toolkit, source code... In 2015, having exhausted all other means, [Linux kernel developer Christoph] Hellweg and the Software Freedom Conservancy sued VMware in the district court of Hamburg in Germany. Besides the general violation of the GPLv2, "Conservancy and Hellwig specifically assert that VMware has combined copyrighted Linux code, licensed under GPLv2, with their own proprietary code called 'vmkernel' and distributed the entire combined work without providing nor offering complete, corresponding source code for that combined work under terms of the GPLv2."

The German court disagreed in November 2018. Helwig appealed and continued the fight, saying "The lower court dismissed the case as a result of evidentiary rules and likely an incomplete understanding of the documentation of the code in question...." [Monday] VMware rather mysteriously announced: "VMware is pleased with the Feb. 28, 2019 decision of the German appellate court in Hamburg to dismiss Mr. Hellwig's appeal and let stand the regional court's decision to dismiss Mr. Hellwig's lawsuit. "
Karen Sandler, attorney and the Conservancy's executive director, told ZDNet that "We strongly believe that litigation is necessary against willful GPL violators, particularly in cases like VMware where this is strong community consensus that their behavior is wrong. Litigation moves slowly. We will continue to discuss this with Christoph and his lawyers and hope to say more about it in the coming weeks -- after the courts provide their rationale for their decision to the parties (which has not yet occurred)."

Meanwhile, VMware stated that it "continues to be a strong supporter of open source software development," adding that it's been "actively" working on removing vmklinux from vSphere in an upcoming release as part of a multi-year project -- "for reasons unrelated to the litigation."

Exploit vendor Zerodium said today it would pay up to $500,000 for zero-days in popular cloud products and services such as Microsoft's Hyper-V and (Dell) VMware's vSphere. From a report: Both Hyper-V and vSphere are what experts call virtualization software, also called hypervisors -- software that lets a single "host" server create and run one or more virtual "guest" operating systems. Virtualization software is often found in cloud-powered data centers. Hyper-V is the technology at the core of Microsoft's Azure cloud computing platform, while VMware's vSphere is used by Amazon Web Services and SAP.

With cloud services growing in adoption, especially for hosting websites and crucial IT infrastructure, the importance of both technologies has been slowly increasing in recent years. This paradigm shift hasn't gone unnoticed in the exploit market, where Zerodium -- a Washington, DC-based exploit vendor -- is by far the leading company. In a tweet earlier today, Zerodium announced plans to pay up to $500,000 for fully-working zero-days in Hyper-V and vSphere that would allow an attacker to escape from the virtualized guest operating system to the host server's OS.