Nazis try to get on the ballot in Massachusetts – but may not have collected enough signatures – Universal Hub

Dianna Ploss used to just be another screamy Trump crank, but now she's running for governor - as an independent - with a platform that calls for a crusade against Jews in Massachusetts.

Today's the deadline to file enough signatures statewide to get a place on the November ballot; Ploss said Sunday she doesn't think she'll have enough.

Her would-be lieutenant-governor candidate, Jim Rizoli, is a "proud" Holocaust denier who used to froth about Brazilian immigrants in Framingham but now concentrates on hating Jews and she's assisted by a woman she calls her "minister of Third Reich Advocacy."

In one video, Ploss said she'd keep bitching about the Jews until they hang her. But then, she continued, "they don't do that, that's too easy." Instead, she said, Jews punish their enemies by cutting open their stomachs, and reaching for their intestines, which they then tie to a pole and make the victims run around the pole.

"Maybe that's where they got the Maypole from," she said.

She won't come anywhere close to winning, of course, but worth remembering, perhaps: In 2018, virulent homophobe and forced-birth advocate Scott Lively got 98,214 votes in the Republican primary against Charlie Baker.

Link:

Nazis try to get on the ballot in Massachusetts - but may not have collected enough signatures - Universal Hub

Microsoft, UMD Team Up for Diversity in Robotics – Maryland Today

The Maryland Robotics Center and Microsoft Corp. have announced a new strategic partnership focused on enhancing diversity and innovation in robotics and autonomy, helping to meet the growing demand for talent in engineering even as trends show a downturn in enrollment of students from diverse backgrounds in the field.

The Microsoft Robotics and Diversity Initiative is a one-year, $100,000 partnership starting in the Fall 2022 semester; it will support Ph.D. fellowships, a seminar series, an undergraduate course and student-led STEM diversity groups.

Its exciting to receive this level of support and generosity from Microsoft to amplify our ongoing diversity initiatives, said Professor Derek Paley, director of the Maryland Robotics Center with a joint appointment in the Department of Aerospace Engineering and the Institute for Systems Research. This gift will especially support activities in robotics and applied autonomy, complementing our other ongoing efforts in AI and machine learning.

The partnership includes several components, starting with the Microsoft Diversity in Robotics and Autonomy Ph.D. Fellowships. They will support two Ph.D. students for one academic year as they conduct research in robotics and autonomous systems modeling, simulation and experimentation. The Maryland Robotics Center will leverage Microsofts support, funding tuition and benefits for these Microsoft Fellows.

The Microsoft Future Leaders in Robotics and Autonomy Seminar Series will enable Maryland students to learn from rising experts in robotics and autonomy, in a context celebrating diversity and innovation.

A hands-on undergraduate course in robotics programming will be part of the Robotics and Autonomous Systems minor program. Students use the open-source Robot Operating System and other tools to design, implement and test a robotic system. Microsoft will contribute to the cost of providing students with additional robotics programming devices.

The partnership also will provide support for student-led STEM diversity groups, supporting their missions and robotics-related activities for the academic year. They include the Black Engineers Society, the Society for Professional Hispanic Engineers, Women in Aeronautics and Astronautics, and the Society of Women Engineers.

With the exciting future of robotics and autonomy in view, Microsoft enthusiastically supports the Maryland Robotics Centers efforts to foster the next generation of tech leaders, said Timothy Chung, senior director of robotics at Microsoft. We celebrate and embrace the positive benefits of diversity and inclusion as part of the broad robotics community.

See the article here:
Microsoft, UMD Team Up for Diversity in Robotics - Maryland Today

Coding the future | Business | insidetucsonbusiness.com – Inside Tucson Business

At Quantum Quest, an all-girls quantum computing camp, 20 teenage female students recently stood on the precipice of a brand new technology: quantum coding.

(Scientists) use quantum computers, program manager Gabbie Meis said. (Quantum computers) actually use quantum mechanics to solve some of the worlds largest problems, like things with lots of data or simulations that our classical computers just dont have enough power to do. Instead of our classical computers, quantum computers are actually an entirely different type of machine that is still being developed today.

This kind of computer requires quantum coding and when programmed could be used to help solve problems like mitigating the impacts of climate change; transportation mapping, such as figuring out how to remap the entire country of Australia with more efficient roadways; or even biomedical research, such as protein folding for vaccine development or drug discovery research.

Back in 2019 Google ran a problem on their quantum computer that they estimated would take the most powerful supercomputer about 10,000 years to solve, Meis said. They said they got their (quantum) computers to solve it in less than two days.

During the camp, students learned the programming language, Qiskit, an open source (free) software development kit. Meis called it a Python-backed library, Python being a programming language. Qiskit allows the students classical computers the kind most of use at home to communicate with quantum computers. Ironically, although the students all had their laptops open, the learning was done on dry erase boards.

Quantum is interdisciplinary so theyre learning the basics in linear algebra, Meis said. Theyre learning computer science and how to code in Python, and theyre learning quantum physics, all wrapped in this single week.

The Coding School, located in Southern California, has a quantum coding initiative called Qubit by Qubit, the most basic unit of information in quantum computing. The initiative seeks to make quantum computing education accessible to students in K-12, because as it stands right now, according to Meis, students dont usually see quantum computing until they are graduate students.

To bring quantum coding to the masses, the school developed the Quantum Quest camp and partners with other organizations to offer it locally. For Tucson, they partnered with the University of Arizonas Office of Societal Impact and the Girl Scouts of Southern Arizona (GSSA).

When this all came about it was the perfect marriage between the Coding School, the U of A and the Girl Scouts in trying to bring accessibility to this more advanced part of STEM, said Colleen McDonald, director of staff supported programs for the GSSA. As Girl Scouts we see ourselves as the connector. We want to make sure that all girls have access to it.

The Coding School has been offering this camp for some time this is its 10th camp but its the first time its been offered in Tucson. Camp topics included everything from foundational concepts that make up the quantum world such as entanglement and qubits, and end with teaching girls how to code real quantum computers.

Its all new science. These students are at the very foundation of quantum coding, according to Meis, and that is part of why it is so important to offer this to young women. One, they are introduced to quantum computing, but two, so they are not alone and do not feel alone in their interest in this field, Meis said.

This is a hard science, right? Meis said. We really want our students to feel that theres a place in this for girls. Were really trying to empower them now while theyre still in high school.

Ive worked with girls for two decades doing STEM with them and one of the biggest things I hear is they think that theyre alone in liking STEM, that they dont realize there are other girls who are also willing to push themselves, Michelle Higgins added. Shes the associate director of the Office of Societal Impact.

The lead instructor for this camp is herself an example to these students. Emily Van Milligen is a doctoral student at the UArizona department of physics. Her field of study is quantum entanglement and routing protocols. She noticed that not one student fell behind; they all listened.

They love it, Van Milligen said. They like the lectures Im giving, which is exciting because that means they enjoy the content. Im not doing anything that special.

One student, 18-year-old Sagan Friskey and future Pima Community College student, spoke enthusiastically about the camp.

I think its super interesting to learn about, especially since were at the very beginning of it becoming a part of something that you can learn about and work with, she said.

Gabriela Malo-Molina, 14, and a student at Catalina Foothills High School, said shes never seen this before but could be interested in looking deeper into it.

I think this is a very special opportunity, and that this field will definitely be more commonly used in the future, she said. And quantum computing in the future will be very helpful for discoveries, especially in the medical field.

Go here to see the original:
Coding the future | Business | insidetucsonbusiness.com - Inside Tucson Business

A Comprehensive Guide To Network Security Scanning And How To Get Started – Programming Insider

To sign up for our daily email newsletter, CLICK HERE

Businesses rely on their network to keep critical data and systems safe from unauthorized access or attack. However, security on a network is frequently an afterthought until its too late. This comprehensive guide will show you how to get started with network security scanning, including the benefits and types of scanning available, so you can protect your business data and systems.

Network security scanning is the process of identifying weaknesses and vulnerabilities in a network in order to secure it against potential threats. You may detect and repair any flaws before they can be exploited by criminals by conducting regular network monitoring.

The use of advanced technology and data science to create a dynamic cloud-based environment has made network security more essential than ever. Cyber attacks are becoming more sophisticated, and organizations must take proactive steps to protect their data and systems in order to meet the challenges they confront. Network security scanning may assist you in doing so. By detecting flaws and vulnerabilities in your network, you can act now to correct them before they are used by attackers.

Live hosts and computers, open ports, and the IP address of a target are all detected by network scanning. It aids in identifying any host computers services. It can identify the architecture of any target and the operating system. The strategy aids in the detection and identification of security vulnerabilities in a live host.

Scanners are used to check for open doors, which the hacker will be able to access. It attempts to figure out the path of the hacker in order to discover live hosts, the organizations operating system, and installed firewalls as well as network topology.

A hacker can use a port scanner to find out the IP address and ports of the intended victim organization. After obtaining the target companys IP address and ports using UDP and TCP, he may map the network and save it to his collection. A port scanner is a tool that helps with port scanning.

The vulnerability scanning approach is an automated procedure that helps to determine whether the network is safe or vulnerable. To do this sort of scanning, your computer must be hooked up to the internet.

Network security scanning can be used for a variety of purposes, including:

There are several best practices for minimizing network security risks, including the following:

Astra Security is a top-rated network security scanning business. Astra has a team of highly trained network penetration testers and security managers that are capable of conducting network vulnerability testing and managing network security.

Astra provides their clients with the most effective network vulnerability scanning and network security services available. They help you avoid harm by providing you with the appropriate combination of technologies and services. Their network vulnerability scanning services cover everything from network pentesting to network auditing to network monitoring, as well as other areas.

The Metasploit framework is a powerful tool that cybercriminals and ethical hackers may employ to scan for network and server vulnerabilities. Because its open-source software, you may readily modify it to work with most operating systems.

Metasploit can be used to pen test a network in order to search for weak spots. The pen testing team may use ready-made or custom code to launch a penetration test into an organizations network and look for vulnerabilities. Once flaws are discovered and recorded, the knowledge may be utilized to address system-wide issues while also prioritizing solutions.

Nmap is a popular command to scan IP addresses and ports on a network in order to discover installed applications. Nmap is a popular open-source Linux program that may be used to scan IP addresses and ports as well as detect vulnerabilities. It allows network administrators to identify which devices are operating on their network, check whether any ports or services are open, and assess cybersecurity risks.

Wireshark is a software application that captures packets from a network connection, such as between your computer and its home office or the internet. In an Ethernet network, the term packet refers to a discrete piece of data.

The process of detecting vulnerabilities on a network is known as network security scanning. The importance of network security scanning can not be understated, as it can help organizations meet compliance requirements, optimize network performance, and prevent data breaches. There are a number of different types of network security scans, and the best way to choose one is to consult with a network security expert.

Go here to read the rest:
A Comprehensive Guide To Network Security Scanning And How To Get Started - Programming Insider

Ahead of Saturday’s Ward 7 Open Streets, Mayor Bowser Announces Dates of Upcoming Open Streets | mayormb – Executive Office of the Mayor

Washington, DCOn Saturday, July 30 from 9 amto 1pm, the District Department of Transportation (DDOT) will host the third Open Streets DC event of the year along Benning Road NE in Ward 7. During the event, 0.75 miles of Benning Road NE will be closed to carsallowing people to ride, bike, walk, socialize, and participate in fun programming. Beginning at the corner of Benning Road NE and Minnesota Avenue and ending at East Capitol Street NE, residents can stop by various city, transportation, health, and neighborhood programming.

Open Streets supports community and local businesses along the corridor and encourages residents to experience their streets in an enjoyable new way. Several sponsored activation zones on the route will host hourly programmed classes and demonstrations including yoga, live music and performance by Black Alley, double dutch, traffic gardens, pop-up bike lanes, learn to scoot/roller skate classes, Capital Bike Share e-bike demonstrations, childrens foam party, dancing, a youth traffic safety town hall road show, and more. Additionally, local businesses along the route will provide extra space for outdoor dining and other activation activities to showcase their business in the parking lane as the Taste of Ward 7 returns to the corridor.

Open Streets in Your Neighborhood kicked off earlier this year with an event in Ward 8 and in June, DDOT hosted an event along 7th Street NW in Wards 2 and 6. Upcoming Open Streets events are scheduled in Ward 5 on August 27, Wards 1 and 4 as the Georgia Avenue Signature Open Streets Event on October 1, and in Ward 3 on November 11.

For details on all the planned activities and performances, visit openstreets.dc.gov.

Social Media:Mayor Bowser Twitter:@MayorBowserMayor Bowser Instagram:@Mayor_BowserMayor Bowser Facebook:facebook.com/MayorMurielBowserMayor Bowser YouTube:https://www.bit.ly/eomvideos

See the original post:
Ahead of Saturday's Ward 7 Open Streets, Mayor Bowser Announces Dates of Upcoming Open Streets | mayormb - Executive Office of the Mayor

Penetration Testing: What It Is, Importance, Types, & Top Tools – Programming Insider

To sign up for our daily email newsletter, CLICK HERE

Penetration testing, often referred to as pentesting, is a process of identifying and exploiting vulnerabilities in a computer system or network. Pentesting can be performed on individual systems, networks, or applications. There are several different types of penetration tests, each with its own set of goals and methods. In this blog post, we will discuss the different types of penetration tests, the tools used for pentesting, and how you can get started with penetration testing.

Penetration testing software is essential since it allows firms and organizations to discover and repair holes in their computer systems and networks before they are attacked. By identifying these vulnerabilities, penetration testing can help prevent data breach, financial loss, and reputational damage.

A penetration testing device is a piece of hardware or software that is used to test the security of a computer system or network. Scanners, firewalls, and honeypots are just a few of the many types of penetration testing devices.

Software (Operating systems, services, applications), Hardware, Networks, Processes, and End-user behaviour are also parts of a penetration testing device.

Penetration tests are typically conducted in four stages: reconnaissance, scanning, exploitation, and post-exploitation.

The Astra Security product, the Astra Pentest, is based on one fundamental idea: making the pentest process as simple as possible for clients. Its rather unusual to see Astra putting out efforts to make self-serving solutions while also remaining always accessible and on schedule with support. Making detecting, exploring, and resolving flaws as easy as performing a Google search is something that Astra has done.

The user is provided with a dedicated dashboard to see the vulnerabilities, read CVSS scores, contact security personnel, and get remediation assistance.

Astra has added a number of new clients over the last year, including ICICI, UN, and Dream 11 to an already impressive list that includes Ford, Gillette, and GoDaddy.

The term Nmap refers to a popular network exploration and scanning program. It uses port scanning and other techniques to scan ports, detect operating systems, and produce a list of devices with the services running on them as part of its mapping process.

NMAP generates different-shaped packets for various transport layer protocols, which include IP addresses and other data. You may use this data to discover hosts, develop a fingerprint of the OS, discover services, and conduct security monitoring.

Nmap is a versatile tool that can map large networks with hundreds of ports.

Metasploitable is a great example of a vulnerable web application that has been exploited in the wild. Metasploit is both utilized by hackers and security professionals to identify widespread vulnerabilities. Its a powerful platform with elements of fuzzing, anti-forensic, and evasion tools included.

Installations are simple and can be done on a variety of operating systems. Its popularity among hackers is due in part to this fact. That is one of the reasons why Metasploit is considered such a valuable hacking tool.

Metasploit now includes nearly 1677 exploits in addition to around 500 payloads, which include command shell payloads, dynamic payloads, meterpreter payloads, and static payloads.

A popular open-source tool for protocol analysis, WireShark is a well-known brand. You may observe network activity at a subcellular level using this software. Its flexibility, ease of use, and features make it one of the best pentest tools available. Hundreds of security experts from all over the world contribute to its development, making it one of the most advanced pentesting tools available.

Its vital to remember that WireShark isnt an intrusion detection system or IDS. It can show you where there are problems, but it cannot sound the alarm if there is any malicious behavior on the network because a protocol analyzer may not disclose this information.

Intruder is a powerful vulnerability scanner that identifies cybersecurity flaws in your digital assets, assesses the risks and guides you through the process of fixing them before a breach can occur. Its an excellent tool to automate your penetration testing activities.

Penetration testing is the process of detecting and exploiting security flaws in a system in order to gain access to sensitive information or systems. It is important because it helps organizations to find and fix security weaknesses before they can be exploited by attackers.

Tools like Astras Pentest, NMAP, Metasploit, WireShark, and Intruder can help you conduct penetration tests more effectively.

View post:
Penetration Testing: What It Is, Importance, Types, & Top Tools - Programming Insider

Confidential Computing with WebAssembly The New Stack – thenewstack.io

AUSTIN, TEX. Back when they worked at Red Hat, Mike Bursell and Nathaniel McCallum grappled with the challenges of confidential computing isolating an organizations most sensitive data in a secure enclave while processing it.

Confidential computing is of particular use to organizations that deal in sensitive, high value data such as financial institutions, but also a wide variety of organizations.

We felt that confidential computing was going to be a very big thing be that it should be easy to use, said Bursell, was then chief security architect in the office of Red Hats chief technology officer. And rather than having to rewrite all the applications and learn how to use confidential computing, it should be simple.

But it wasnt simple. Among the biggest puzzles: attestation, the mechanism by which a host measures a workload cryptographically and communicates that measurement to a third party.

One of the significant challenges that we have is that all the attestation processes are different, said McCallum, who led Red Hats confidential computing strategy as a virtualization security architect.

And all of the technologies within confidential computing are different. And so theyre all going to produce different cryptographic caches, even if its the same underlying code thats running on all.

And with more organizations deploying their workloads to multicloud and hybrid environments, these differences pose a technical problem for workload equivalence. If a single workload is deployed to three different architectures, with three different technologies running their confidential computing, McCallum asked, how do I know that those are all the same?

At Red Hat, McCallum and Bursell worked on a solution to this issue and initiated a project called Enarx, an open source framework for running applications in Trusted Execution Environments (TEEs). Red Hat donated Enarx to the Linux Foundations Confidential Computing Consortium.

In 2021, Bursell, based near Cambridge, England, and McCallum, who lives near Raleigh, N.C., co-founded a company, Profian, built around Enarx. In doing so, they planted a flag in the rapidly growing WebAssembly territory.

At the Linux Foundations Open Source Summit North America in June, Profians two co-founders told The New Stack about their plans for the project, which CEO Bursell said include releasing a minimum viable product (MVP) this quarter.

The solution to the attestation challenge, McCallum said, was to use some sort of bytecode, like WebAssembly (Wasm). (McCallum, Profians chief technology officer, was a founding member of the Bytecode Alliance while at Red Hat; Bursell serves as a director on its governing board.)

Wasm, a binary instruction format for a stack-based virtual machine, works as a portable compilation target for programming languages, enabling deployment on the web for client and server applications.

WebAssembly allows you to say, Ive created a single application, and I can prove that that is exactly the application thats running on all of these instances. Cryptographic proof. And thats the big win.

Mike Bursell, co-founder and CEO, Profian

WebAssemblys vaunted advantage build once, run anywhere avoids having to build systems to manage all the cryptographic caches generated from the various attestation technologies in the various deployment environments.

Enarx provides a single run-time TEE and attestation based on WebAssembly, allowing developers to deploy applications using their preferred language, such as Rust, C/C++, C#, Go, Java, Python, Haskell and more. Even COBOL.

The framework is both hardware and cloud service provider neutral; in keeping with Wasms promise of build once, run anywhere, developers can deploy the same code transparently across multiple targets.

WebAssembly allows you to say, Ive created a single application, and I can prove that that is exactly the application thats running on all of these instances. Cryptographic proof, Bursell said.

And thats the big win, quite apart from the fact that WebAssembly allows us to run on Intel boxes, ARM boxes, AMD boxes, with exactly the same binary bytecode, which is just fantastic for us.

The problem that Enarx is designed to address is widespread.

Its difficult to find people who dont have the problem, Bursell said. If youve got sensitive data or sensitive applications, and youre highly regulated, or strongly audited, or just risk-averse, you just cant put certain workloads in the cloud. Banks cant, health care, pharmaceutical, energy, telco, government, defense, security not to mention just standard enterprises.

As a result, he added, those organizations have to keep that data on-premises, forgoing the benefits of the cloud. And that means that its not just the cost of keeping all that going. Its the inability to be able to surge out into the cloud and scale up quickly, as things take off.

Mike Bursell, CEO and co-founder of Profian.

If youve got a new application, and suddenly everyones using it, can you afford to wait five weeks to get a new server? No, you cant; you want to be able to put it straight in the cloud.

Confidential computing offers the promise of ironclad privacy, Bursell noted: Not even the cloud service provider can look in, or change your application or your data. For an organization that not only deals with sensitive customer data but also proprietary information, such as an investment algorithm for a financial-service company.

The crown jewels of the investment bank are actually in the application, rather than the data, he said.

Also, McCallum said, new use cases are just around the corner, due to the increasingly distributed nature of networks, through the edge and the Internet of Things (IoT).

The perimeter is gone, Profians CTO said. If theres anything the last 15, 20 years told us, the attacks are both external and internal. And so if youre going to protect this stuff, even internally, even on-prem, you still need all of the same guarantees.

As it continues to develop Enarx and move toward an MVP, Profian has established partnerships with a number of tech companies, including Enarx project sponsors Equinix and PhoenixNAP. It is also working closely with chip manufacturers IBM, Intel, AMD and ARM.

Profians solution requires server chips at least the level of the Ice Lake Xeon Scalable or the AMD Milan Epyc, which the major cloud providers are now in the midst of deploying, McCallum said. The company is also making plans to support ARMs Version 9 CCA Realms and Intels forthcoming TDX.

One of the things were about is allowing people to deploy wherever the hardware is, Bursell said. There may be particular reasons to select a particular CSP or particular geography. But you get the same assurances whether youre deploying in Dublin or in San Francisco or in Shanghai because youre using the same chips with the same cryptographic proofs.

Nathaniel McCallum, co-founder and CTO of Profian.

And because Enarx is built on WebAssembly, he added, it doesnt matter where the workload is deployed.

McCallum echoes this notion. There are some people who are in desperate amounts of pain, who need this stuff yesterday, he said. And theyre deploying on existing infrastructures. So theyre coding specifically to that hardware technology. But if that becomes vulnerable, right, what are your options to switch to another hardware technology?

One of the key advantages that WebAssembly gives us is that, if there is a hardware vulnerability on one platform, youre not sunk. You can just deploy on another platform, whilst we created the mitigation with the hardware vendor.

And, he added, as new platforms become available, such as ARMs, you dont have to modify your workload at all, your workload stays exactly the same. And all of a sudden you just get new platform support. And then as soon as the hardware is available, you continue to deploy, exactly the way youve always deployed in the past.

As a model for how to introduce a new project to the developer community, Bursell looks to Docker, the Platform as a Service project that allows devs to build, test and deploy apps quickly.

One of these Docker got right in the early days, just make it really easy for people try stuff out, he said. And thats absolutely the approach that we think is right.

Therefore, Profian launched a demo of Enarx at the end of July. Anyone can use it, anyone can play with it, Bursell said. Because we want to make it easy to play with.

All of a sudden, WebAssembly is going to emerge very quickly as a mature stable platform, with very broad language support.

Nathaniel McCallum, co-founder and CTO, Profian

The demo, McCallum said, will allow users to deploy a workload for a short period of time, without having to set anything up: The hardware or the kernel, all the cloud resources, everything is set up for you. And it gives you a chance to actually experiment with the platform with zero friction, essentially.

The ease of debugging in confidential computing will be showcased as part of the demo, Bursell said. The debugging environment Profian will provide, he said, will use the same environment and the Wasm runtime.

You can test it on your Linux box, on your Mac, on your Windows box, or even on a Raspberry Pi. So you can test it and know what youre running once, then deploy it into a Trusted Execution Environment with Profian, and itll still work.

As it leaves the browser, WebAssembly is just beginning to deliver on its promise, said McCallum.

For a lot of people, it feels like its a long time coming and never here, he said. But theres a lot of work happening. And its happening in precisely those ways that dont draw a lot of attention to the people who are working on them. And so all of a sudden, WebAssembly is going to emerge very quickly as a mature stable platform, with very broad language support.

For more on whats new in Wasm, check out this recent episode of The New Stacks Makers podcast, recorded at Open Source Summit North America in June:

The New Stack is a wholly owned subsidiary of Insight Partners, an investor in the following companies mentioned in this article: Docker.

Featured image by Jason Pofahl via Unsplash.

Go here to read the rest:
Confidential Computing with WebAssembly The New Stack - thenewstack.io

Goodbye FTL Kioxia reconstructing flash drives with software-enabled flash Blocks and Files – Blocks and Files

Kioxia is redesigning SSDs without a traditional Flash Translation Layer (FTL), a minimal drive microcontroller, and an API for hyperscaler host software to have pretty direct flash hardware control for latency, garbage collection and more.

This is part of the Linux Foundations open source Software-Enabled Flash (SEF) project, and is being presented at this weeks Flash Memory Summit Conference & Expo. The aim is to get rid of hard disk drive-era thinking regarding SSD controllers, and provide hyperscaler customers with a way to make their flash media operate more efficiently and consistently. SSDs contain flash dies as before, but the existing FTL-running controller is no more, replaced by a minimal processor running low-level SSD operations and a much-reduced scope FTL.

Eric Ries, SVP, Memory Storage Strategy Division (MSSD) at Kioxia America, said in a statement: Software-Enabled Flash technology fundamentally redefines the relationship between the host and solid-state storage, offering our hyperscaler customers real value while enabling new markets and increasing demand for our flash solutions.

A SEF web page identifies five SEF attributes:

An overview web page tells us that the project is based around purpose-built, media-centric NAND hardware, called a SEF unit, focused on hyperscaler requirements, together with an optimized command set at the PCIe- and NVMe-level for communicating with the host.

We are told: The SEF hardware unit is architected to combine the most recent flash memory generation with a small onboard SoC controller that resides on a PCB module. As an option, the SEF architecture supports an on-device DRAM controller allowing the module to be populated with DRAM, based upon the needs of each hyperscale user. This combination of components comprise a SEF unit that is designed to deliver flash-based storage across a PCIe connection.

Behind the interface, individual SEF units handle all aspects of block and page programming (such as timing, ECC and endurance) for any type or generation of flash memory being used. SEF units also handle low-level read tasks that include error correction, flash memory cell health and life extension algorithms.

The small SEF onboard microcontroller that resides on the PCB module is responsible for managing flash-based media. It abstracts and controls generational differences in flash memory relating to page sizes, endurance control and the way that flash dies are programmed. Through the software API, new generations of flash memory can be deployed quickly, cost-effectively and efficiently, providing developers with full control over data placement, latency, storage management, data recovery, data refreshing and data persistence.

The SEF unit also delivers advanced scheduling functionality that provides developers with a flexible mechanism for implementing separate prioritized queues used for read, write, copy and erase operations. This capability, in combination with die time scheduling features, enables weighted fair queuing (WFQ) and command prioritization in hardware that is accessible from the API.

There is an open source, low-level API and an open source, high-level software development kit (SDK).

Read a trio of downloadable white papers to find out more.

Or watch one of, or all of, up to eight videos discussing the technology ideas involved.

Judging by the white papers and videos above, a lot of marketing effort has gone into SEF already it looks like a fairly mature project. Only Kioxia amongst the NAND and SSD manufacturers seems to be involved. If the hyperscalers react positively and wed guess they have all been approached already then the other suppliers will probably get involved alongside Kioxia.

At this stage it doesnt look as if there is an enterprise (on-premises) market for this, as enterprises would be loath to put the effort into developing the software involved. But if a third party were to develop SEF hardware vendor-agnostic software, then that picture could change. Were thinking of JBOFD (Just a Bunch of Flash Dies) software equivalent to Kioxias array-led JBOF (Just a Bunch of Flash) Kumoscale software, but vendor agnostic at the SEF hardware level.

View original post here:
Goodbye FTL Kioxia reconstructing flash drives with software-enabled flash Blocks and Files - Blocks and Files

AAIS & The Linux Foundation Welcome Jefferson Braswell as openIDL Project Executive Director – The Bakersfield Californian

Lisle, IL, Aug. 03, 2022 (GLOBE NEWSWIRE) -- The American Association of Insurance Services (AAIS) and the Linux Foundation welcome Jefferson Braswell as the new Executive Director of the openIDL Project.

AAIS is excited about the expansion of openIDL in the insurance space and the addition of Jefferson as Executive Director signals even more strength and momentum to the fast-developing project, said Ed Kelly, AAIS Executive Director. We are happy to continue to work with the Linux Foundation to help affect meaningful, positive change for the insurance ecosystem.

openIDL is a Linux Foundation Open Governance Network and the first of its kind in the insurance industry, said Daniela Barbosa, General Manager of Blockchain, Healthcare and Identity at the Linux Foundation. It leverages open source code and community governance for objective transparency and accountability among participants with strong executive leadership helping shepherd this type of open governance networks. Jeff Braswells background and experience in financial standards initiatives and consortium building aligns very well with openIDLs next growth and expansion period.

Braswell has been successfully providing leading-edge business solutions for information-intensive enterprises for over 30 years. As a founding Director, he recently completed a 6-year term on the Board of the Global Legal Entity Identifier Foundation (GLEIF), where he chaired the Technology, Operations and Standards Committee. He is also the Chair of the Algorithmic Contract Types Unified Standards Foundation (ACTUS), and he has actively participated in international financial data standards initiatives.

Previously, as Co-Founder and President of Berkeley-based Risk Management Technologies (RMT), Braswell designed and led the successful implementation of advanced, firm-wide risk management solutions integrated with enterprise-wide data management tools. They were used by many of the worlds largest financial institutions, including Wells Fargo, Credit Suisse, Chase, PNC, Sumitomo Mitsui Banking Corporation, Mellon, Wachovia, Union Bank and ANZ.

We appreciate the foundation that AAIS laid for openIDL, and I look forward to bringing my expertise and knowledge to progress this project forward, shared Braswell. Continuing the work with the Linux Foundation to positively impact insurance services through open-source technology is exciting and will surely change the industry for the better moving forward.

openIDL, an open source, distributed ledger platform, infuses efficiency, transparency and security into regulatory reporting.With openIDL, insurers fulfill requirements while retaining the privacy of their data. Regulators have the transparency and insights they need, when they need them.Initially developed by AAIS, expressly for its Members, openIDL is now being further advanced by the Linux Foundation as an open-source ecosystem for the entire insurance industry.

ABOUT AAIS

Established in 1936, AAIS serves the Property & Casualty insurance industry as the only national nonprofit advisory organization governed by its Member insurance carriers. AAIS delivers tailored advisory solutions including best-in-class policy forms, rating information and data management capabilities for commercial lines, inland marine, farm & agriculture and personal lines insurers. Its consultative approach, unrivaled customer service and modern technical capabilities underscore a focused commitment to the success of its members. AAIS also serves as the administrator of openIDL, the insurance industrys regulatory blockchain, providing unbiased governance within existing insurance regulatory frameworks. For more information about AAIS, please visit http://www.aaisonline.com.

ABOUT THE LINUX FOUNDATION

Founded in 2000, the Linux Foundation and its projects are supported by more than 2,950 members. The Linux Foundation is the worlds leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the worlds infrastructure including Linux, Kubernetes, Node.js, ONAP, Hyperledger, RISC-V, and more. The Linux Foundations methodology focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

ABOUT openIDL

openIDL (open Insurance Data Link) is an open blockchain network that streamlines regulatory reporting and provides new insights for insurers, while enhancing timeliness, accuracy, and value for regulators. openIDL is the first open blockchain platform that enables the efficient, secure, and permissioned-based collection and sharing of statistical data. For more information, please visit http://www.openidl.org.

John Greene American Association of Insurance Services (AAIS) 630.457.3238 johng@aaisonline.com Dan Whiting Linux Foundation 202.531.9091 dwhiting@linuxfoundation.org

More here:
AAIS & The Linux Foundation Welcome Jefferson Braswell as openIDL Project Executive Director - The Bakersfield Californian

Wicked Good Development Episode 13: Hacks and Ax, July Edition – Security Boulevard

Wicked Good Development is dedicated to the future of open source. This space is to learn about the latest in the developer community and talk shop with open source software innovators and experts in the industry.

Ax Sharma, a security researcher at Sonatype and tech journalist at large, joins Kadi and Omar for his monthly malware update. Ax breaks down the latest on protestware and ransomware.

Wicked Good Development is available wherever you find your podcasts. Visit our page on Spotifys anchor.fm

Kadi 0:10 Hi, my name is Kadi Grigg, and welcome to another episode of Wicked Good Development, where we talk shop with OSS innovators, experts in industry and dig into really whats happening in the developer community.

Omar 0:21 Hola, my name is Omar, and Ill be your co-host for Wicked Good Development and today, we have an awesome Ax Sharma update.

Ax 0:35 Yes, hi, Kadi and Omar, everyone. Thanks for having me here. Im Ax Sharma, a security researcher and a tech journalist. I just love to analyze malware and novel vulnerabilities and write about them. So here I am with you today.

Kadi 0:50Well, thanks for coming back on, Ax. Lets dive in. The last time I spoke with you, I believe we were both reporting on the Log4Shell or Spring4Shell event that happened back in April. Can you bring us up to date on what youve seen happening in the cybersecurity space since (Read more...)

View original post here:
Wicked Good Development Episode 13: Hacks and Ax, July Edition - Security Boulevard