News for Admins
Tech News
Turing Pi Now Offers a Raspberry Pi Kubernetes Cluster
For admins looking to deploy a robust cloud-native app testing environment, Turing Pi has you covered. This new Raspberry Pi cluster is a mini ITX-size motherboard, designed to run up to seven computers in a cluster. But this isn't just any Raspberry Pi-based cluster. The Turing Pi is designed specifically to support a cloud-native stack.
The Turing Pi clusterboard supports Raspberry Pi compute modules which are interconnected with a 1 Gbps network (although each node is limited to 100 Mbps USB speed) and can share RAM and storage between the nodes. Other features include multiple I/O, nodes power management via an I2C bus, up to 28 cores, 7 x 40 pin GPIO, HDMI, audio jack, and ATX connections, 8 USB ports, real-time clock, flash mode, and boot mode.
The Turing Pi is capable of running Kubernetes and Docker Swarm, can be used as a home server or for cloud-native apps hosting, and can host K8S, K3S, Minecraft, Plex, Owncloud, Nextcloud, Seafile, Minio, Tensorflow, and more.
This cluster board is aimed primarily at developers and researchers, as the Raspberry Pi compute modules are intended for industrial applications. Each compute module has a 1.2 GHz quad-core processor, 1 Gb of RAM and up to 32 Gb eMMC storage. Compute modules sell for approximately $35 USD each.
Constantin Alexandrov, founder of Turing Machines Inc., says of the Turing Pi, "The concept of a cluster board is similar to a PC motherboard, but with Ethernet instead of a PCI bus. Rather than using just one processor, the cluster board can combine multiple processors and multiple types of processors. As an example, general-purpose compute modules can work in tandem with machine learning modules. This heterogeneous approach could open a wider adaptation of machine learning applications at the edge."
The preorder price for the Turing Pi cluster is $189 USD. That price is for the Turing Pi board only (so it doesn't include compute modules).
Original source: https://turingpi.com/media.html
Nextcloud Partners with IONOS
In times of crisis, open source projects step up big. That's exactly what Nextcloud has done. In the current climate, companies have had to quickly migrate to cloud solutions, only to find themselves bumping up against serious privacy and security issues. Because of the 2018 CLOUD Act, authorities could obtain data without prior judicial review for this request.
With so many companies and employees having to migrate from their in-house cloud platforms and turn to various third-party cloud services, Nextcloud and IONOS have come together to ensure sovereignty over customer data. Because both companies are housed in Germany, anyone using the Nextcloud platform on IONOS is guaranteed maximum protection against the US CLOUD Act.
Achim Weiß, CEO of IONOS, had this to say about the partnership:
"Our cooperation, therefore, gives Nextcloud customers the legal security they need. The consistent use of open standards ensures transparency. Anyone can view the code at any time, check it for security gaps and change it if necessary. Moreover, only on an open-source basis is it easy to link data and applications with other systems."
This solution isn't just a response to the US CLOUD Act. In fact, Nextcloud has pulled this off to help lower the barriers to entry and offer a reliable, compliant and safe place to work online. With a fully managed Nextcloud Hub, users can enjoy document editing, file sharing, groupware, audio/video chat, and much more.
Even better, this particular Nextcloud solution is hosted on IONOS, so users don't have to concern themselves with installing the cloud platform software. To find out how to sign up for an account, check out the official Nextcloud IONOS sign up page (https://www.ionos.com/cloud/cloud-apps/nextcloud), where you can get an account for as little as $0.0069/hour with a max of $5 USD per month (for an XS account).
GitHub Accounts Stolen
Many Linux admins use GitHub for various reasons – some for hosting code and others for finding projects to install. No matter why you use this massive collection of software repositories, it's important to know that GitHub users are currently being targeted in an ongoing phishing attack.
Not only have the attackers stolen GitHub account credentials, they are immediately downloading the contents of private repositories, which includes those owned by organizations and their collaborators.
Once the hackers have logged into an account, they can create GitHub personal access tokens or even authorize applications, via OAuth, in order to maintain access to the account, if the user changes their password.
The phishing attack tricks users into clicking a malicious link to check their account activity, which when redirects them to a fake GitHub login page. When an unsuspecting user logs into the fake GitHub site, their credentials are logged. This phishing attack is also capable of gaining access to accounts that employ Two-Factor Authentication. The only accounts that are immune to this attack are those protected by hardware-based security keys.
This particular phishing attack is focused on active GitHub users working for tech companies using email addresses obtained from public commits. To protect yourself against this attack, all GitHub users should change their passwords, reset two-factor recovery codes, review Personal Access Tokens, and employ hardware-based 2FA (if possible).
Original source: https://nakedsecurity.sophos.com/2020/04/17/github-users-targetted-by-sawfish-phishing-campaign/
Buy this article as PDF
(incl. VAT)