In a famous essay from the early 1930s called “Economic Possibilities for Our Grandchildren,” Keynes imagined the world 100 years in the future. He spotted phenomena like job automation (which he called “technological unemployment”) coming, but those changes, he believed, augured progress: progress toward a better society, progress toward collective liberation from work.

Well, we know the grandchildren in the title of Keynes’s essay: they’re the kids and younger adults of today. The prime-age workforce of 2030 was born between 1976 and 2005. And though the precise predictions he made about the rate of economic growth and accumulation were strikingly accurate, what they mean for this generation is very different from what he imagined.

In the introductory article of this series I wrote that one of disadvantages of Podman and Buildah is that the technology is still pretty new and moves fast. This final article you are reading appeared with much delay because from Podman 1.3.1 to 1.4.1, one of the key features that we will look at in this article was broken.

Luckily, Podman 1.4.1 and above not only fixes features that were broken for a few weeks, but also has these features finally covered with tests. Hopefully, there will be no such dramatic loss in functionality in future releases. My original warning still applies though: new container technology toolchain is new and sometimes unstable. Keep that in mind.

Back in 2017, we noticed that developers creating Kubernetes-native applications spent a long time building and managing container images across registries, manually updating their Kubernetes manifests, and redeploying their applications every time they made even the smallest code changes. We set out to create a tool to automate these tasks, helping them focus on writing and maintaining code rather than managing the repetitive steps required during the edit-debug-deploy ‘inner loop’. From this observation, Skaffold was born.

Today, we're announcing our first generally available release of Skaffold. Skaffold simplifies common operational tasks that you perform when doing Kubernetes development, letting you focus on your code changes and see them rapidly reflected on your cluster. It's the underlying engine that drives Cloud Code, and a powerful tool in and of itself for improving developer productivity.

Kubernetes has rapidly become a key ingredient in edge computing. With Kubernetes, companies can run containers at the edge in a way that maximizes resources, makes testing easier and allows DevOps teams to move faster and more effectively as these organizations consume and analyze more data in the field.

Exchange Web Services (EWS) provides the functionality to enable client applications to communicate with the Exchange server. EWS provides access to much of the same data that is made available through Microsoft OfficeOutlook. EWS clients can integrate Outlook data into Line-of-Business (LOB) applications. SOAP provides the messaging framework for messages sent between the client application and the Exchange server. The SOAP messages are sent by HTTP.

Spring Boot makes it easy to create stand-alone, production-grade Spring based Applications that you can "just run".

We take an opinionated view of the Spring platform and third-party libraries so you can get started with minimum fuss. Most Spring Boot applications need very little Spring configuration.

Learn fast from my years of being a container consultant and Docker implementer. Come join me for a jam-packed session of decisions you need to make and key technical factors you should know. No fluff, all practicals. Updated for 2019 and based on my 3 years of top-10 DockerCon talks.
You should show up if:
• You are planning or involved with building/using a Docker production system.
• You are thinking of using Swarm and/or Kubernetes (but not required).
• You like random 80's/90's video game trivia thrown at you.
DevOps in the Real World is far from perfect, yet we all dream of that amazing auto-healing fully-automated micro-service infrastructure that we'll have "someday." But until then, how can you really start using containers today, and what decisions do you need to make to get there?
This session is designed for practitioners who are looking for ways to get started now with Docker and container orchestration in production. This is not a Docker 101, but rather it's to help you be successful on your way to Containerizing [...]

The protocols discussed here cover SAML 2.0, OpenID Connect (OIDC) and OAuth2. Note that OAuth2 is not an authentication protocol, but because of the popularity of its use in cases such as enabling users to sign in with a social provider such as Facebook or Amazon, it is included here.
Identity, authentication and authorization protocols

These three protocols overlap frequently in functionality:

• Identity protocols supply information about a user — such as a persistent identifier, phone or email address — that may be used for long-term identification of that user to your system and hence for authenticating the user and authorizing access to resources. SAML and OIDC are the best-known examples.

• Authentication protocols do not necessarily carry a personal identifier. For example, the Kerberos system is based on the exchange of transient anonymous keys that, in themselves, include no identification data.

• Authorization protocols, such as OAuth2 and UMA provide a means to acquire access-protected resources without requiring the resource owner to share credentials. Interactive user consent is an important aspect of these protocols. The OAuth2 protocol is often used, casually, for identity and authentication using user data, such as an identifier, returned in the OAuth2 process.

#staatstrojaner #bundestrojaner

Human rights abuse and a decimated reputation killed Hacking Team. The new owners want to rebuild.
Lezzi is the owner of Memento Labs and its parent company, InTheCyber. Memento Labs was formed in March when Lezzi acquired Hacking Team.

The company provides what it calls a “trusted implant” to get KRAIT onto the target’s device, meaning the malware will be delivered from what looks to the victim like a known source. It’s a service “making effortless the social engineering campaign.” KRAIT is a small agent and hides inside legitimate applications.

The result of 15 years of development, RCS X offers “invisible” infection of “99% of the most used platforms in the world,” including macOS, Linux, Android, iOS, and BlackBerry.

The specific use case for a vTPM on vSphere is to support Windows 10 and 2016 security features. The HTML5 UI is designed with this in mind. Enablement of VBS does not require a vTPM.

Enablement of vTPM for any VM other than Windows 10 and 2016 is done via API. More on that in the future.

Let’s get a question I get asked about out of the way up front.

“Does this mean I can run Bitlocker on a Windows VM now?!”

Well, technically, all the parts are now there to run Bitlocker but I have to ask “Why??”. Remember, in order to enable vTPM you have to already have VM Encryption!

This means you already have a virtual machine encryption solution that’s easy to manage and works for every virtual machine that’s supported on vSphere, regardless of the guest operating system. Not to mention, you don’t have to manage the encryption “in guest” which lowers your overall workload significantly. #NoSecuritySnowflakes

If you want to test software which exploits TPM 2.0 functionality inside the qemu-kvm emulator, this can be challenging because the software stack is still quite new. Here is how I did it.

To login to the vm run: virsh console test
Please then complete the following steps:
dhclient should get an address for the vm
dnf install tpm2-tools tpm2-tss tpm2-abrmd

Then run the abrmd as root:
/usr/sbin/tpm2-abrmd --allow-root &

You should now be able to query the tpm with a command such as tpm2_pcrlist

In this blog, I am going to explain how you could configure SAML SSO between wso2 identity server and was sample application snoop. You can find the port number of the was applications through the following the doc [1] and take the port number of WC_defaulthost_secure for the applications. Also please note that I have tested the SAML SSO configuration between wso2-is-5.7.0 and IBM WAS-8.0.0.12.

Vielleicht hat selten jemand Foucault so konsequent und düster zu Ende gedacht wie Mark Fisher, vielleicht hat es auch kaum jemand wirklich ausgehalten, ihn so zu Ende zu denken, wie man sagt, zu Ende denken, wenn es das überhaupt gibt, etwas zu Ende zu denken, jemanden zu Ende zu denken, überhaupt etwas irgendwann zu Ende zu denken – vielleicht sollte man auch einfach viele Gedanken lieber erst gar nicht zu Ende zu denken, damit man sich selbst nicht aus Versehen dabei auch noch zu Ende denkt, vielleicht ist das aber auch schon eine Spur der Macht, dass wir bestimmte Gedanken nicht zu Ende denken, weil wir wissen, was auf uns warten würde, würden wir einen bestimmten Gedanken bis an sein Ende durchspielen.

• Edit /etc/systemd/logind.conf file:
• Find text #HandleLidSwitch=suspend
• Change suspend to ignore and remove the #
• Save file with changes

Back in 2017, I was building a rich text editor in the browser. Unsatisfied with existing libraries that used ContentEditable, I thought to myself “hey, I’ll just reimplement text selection myself! How difficult could it possibly be?” I was young. Naive. I estimated it would take two weeks. In reality, attempting to solve this problem would consume several years of my life, and even landed me a full time job for a year implementing text editing for a new operating system.

Rendering text, how hard could it be? As it turns out, incredibly hard! To my knowledge, literally no system renders text "perfectly". It's all best-effort, although some efforts are more important than others.

Freedom is a funny word. It's a hard thing to talk about because to a degree, if this kind of thing cuts down, let's say, on random crime, then it's going to make people effectively freer. Especially if you're a woman or someone who is vulnerable to being the victim of random crime, if some kind of surveillance system renders that less likely to happen, then effectively you've been granted a freedom that you didn't have before. But it's not the kind of statutory freedom that we tend to talk about when we're talking about politics.

Here's the point of the whole thing. The IETF people, when they were thinking about IPv6, saw this mess getting made - and maybe predicted some of the additional mess that would happen, though I doubt they could have predicted SDN and wifi repeater modes - and they said, hey wait a minute, stop right there. We don't need any of this crap! What if instead the world worked like this?