The New Stack Icon

The New Stack

The New Stack covers the services and infrastructures that developers build.
thenewstack.io • 19 Stories
All Sources

The New Stack Icon The New Stack

How git changed the way we code

The New Stack takes us on a fun trip down memory lane:

Fifteen years ago a number of the Linux kernel developers tossed their hands in the air and gave up on their version control system, BitKeeper. Why? The man who held the copyright for BitKeeper, Larry McVoy, withdrew free use of his product on claims that one of the kernel devs had reverse engineered one of the BitKeeper protocols.

Linux creator Linus Torvalds sought out a replacement to house the Linux kernel code. After careful consideration, Torvalds realized none of the available options were efficient enough to meet his needs:

The New Stack Icon The New Stack

Why I moved my personal projects to GitLab

To answer the question in the headline:

  1. I find the GitLab UI to be cleaner in general and easier to find my way around. However, this is purely a matter of taste and probably not a strong reason to move.
  2. I also like how GitLab is open source. I am far from an open source zealot, but I do prefer to write and use open source software. While Github is full of Open Source projects, Github itself is proprietary. In contrast, Gitlab has a well-supported open source version.
  3. The project import feature worked very well, so it was trivially easy to move the code, branches and issues over.

The author goes on to describe why GitLab’s project management workflow works well for him.

The New Stack Icon The New Stack

The rise of RISC-V

John Cassel from The New Stack lays out the quiet-yet-effective push toward open source hardware. We first heard about RISC-V from Ron Evans on Go Time. He was very excited about its potential, saying:

it’s an open source set of silicon designs, so that you can build your own custom chips the same way that we’ve been able to build our own custom operating systems; either pieces of Linux to create their own Linux distros - we’ll be able to do the same exact things with custom silicon

The New Stack Icon The New Stack

Why Bruce Perens is proposing "coherent open source"

This is a solid (text) interview with Bruce Perens, former member of the OSI:

… a recognized pioneer of the Open Source movement, 62-year-old Bruce Perens is still thinking about ways to protect the freedoms of software users. “Most people who develop open source don’t have access to lawyers” Perens told the Register last month. “One of the goals for open source was you could use it without having to hire a lawyer. You could put [open source software] on your computer and run it and if you don’t redistribute or modify it, you don’t really have to read the license.”

Bruce suggests we all limit ourselves to just three licenses: AGPL 3, LGPL 3, and Apache 2. He’s a fascinating guy with lots to say on the matter. It’s an exciting time in software licensing, which is a sentence I never expected to write in my life.

The New Stack Icon The New Stack

WireGuard VPN protocol coming the Linux kernel soon

Dan Guido mentioned this might be a thing on our Algo VPN episode. Turns out he was right (once version 5.6 of the Linux kernel hits package mirrors for download).

Linus had this to say about WireGuard:

“Can I just once again state my love for it and hope it gets merged soon? Maybe the code isn’t perfect, but I’ve skimmed it, and compared to the horrors that are OpenVPN and IPSec, it’s a work of art,”

The New Stack Icon The New Stack

Deploy a pod on CentOS with Podman

If you’ve been following along in the open source news cycle lately, you’ve probably heard that Red Hat has dropped the docker container runtime engine from both its Red Hat Enterprise Linux (RHEL) and CentOS Linux distributions.

I must not be following along, because that’s news to me.

That being the case, what do you do when you need to deploy containers? Fortunately, they’ve created a near drop-in replacement for docker, called Podman.

Podman is a rename from kpod, sorta. The new thing is actually called libpod, and Podman exists as the CLI for that library. It’s all a bit confusing, but what’s cool is none of this requires a daemon like the Docker Engine.

If you’d like to give it a go, this walk-through by The New Stack will get you started.

The New Stack Icon The New Stack

The 3 myths of observability

Arijit Mukherji on The New Stack:

We all have our favorite urban legends. From cow tipping to chupacabras, these myths persist despite a lack of definitive proof (and often evidence to the contrary). Technology isn’t immune to this phenomenon. It has its own set of urban legends and myths that emerge alongside new technologies and continue well into mass adoption. As organizations consider the shift from monitoring to Observability, I hear three common misperceptions. It’s time to debunk the myths.

Callback: Observability is for your unknown unknowns

The New Stack Icon The New Stack

New cryptojacking worm found in docker containers

Jack Wallen:

A new cryptojacking worm, named Graboid, has been spread into more than 2,000 Docker hosts, according to the Unit 42 researchers from Palo Alto Networks. This is the first time such a piece of malware has spread via containers within the Docker Engine (specifically docker-ce).

Scary stuff, and (at the moment) difficult to detect & prevent:

We’ve reached a point with containers where security must be constantly on the front burner. Antivirus and anti-malware applications currently have no means of analyzing and cleaning containers and container images. That’s the heart of the issue.

Graboid may be the first malware to target containers, but it certainly won’t be the last.

The New Stack Icon The New Stack

Capital One's cloud misconfiguration woes have been an industry-wide fear

Developers and IT decision-makers should not be surprised by the recent Capital One data breach: Misconfigurations have long been the top cloud security concern. A new StackRox survey of IT decision-makers supports this finding as 60% of respondents are more worried about misconfigurations or exposures, as compared to attacks and generic vulnerabilities.

We’re not 💯 on what exactly happened, but the evidence is pointing toward a misconfigured firewall.

The New Stack Icon The New Stack

Rust creator Graydon Hoare talks about security, history, and Rust

It’s hard to believe it’s already been 9 years since Rust was first announced to the world. The New Stack has a nice interview with Graydon Hoare

sharing his thoughts on everything from the state of systems programming, to the difficulty of defining safety on ever-more complex systems — and whether we’re truly more secure today, or confronting an inherited software mess that will take decades to clean up.

The New Stack Icon The New Stack

How Firecracker is going to set modern infrastructure on fire

One of the most exciting announcements from last week’s AWS re:Invent was Firecracker — an open source project that delivers the speed of containers with the security of VMs.

Firecracker’s focus is transient and short-lived processes, so it differs from containers in that it’s optimized for startup speed.

Why can’t we use containers? The answer is simple — slower cold start. While LXC and Docker are certainly faster and lighter than full-blown virtual machines, they still don’t match the speed expected by functions.

There are also some security wins with how Firecracker is architected:

Firecracker takes a radically different approach to isolation. It takes advantage of the acceleration from KVM, which is built into every Linux Kernel with version 4.14 or above. KVM, the Kernel Virtual Machine, is a type-1 hypervisor that works in tandem with the hardware virtualization capabilities exposed by Intel and AMD.

There’s a lot to be intrigued by here. We should probably line up an episode on Firecracker. In the meantime, click through to go deeper on the topic.

The New Stack Icon The New Stack

The people pushing for a decentralized web

David Cassel has a great recap of the recent Decentralized Web Summit and what it was all about.

It’s a follow-up to a similar event in 2016, though now “People are starting to show real working code and real projects. They’re building whole technology stacks that are more decentralized, in large part fueled by the excitement of the cryptocurrency systems. The altcoins and Bitcoins are proving that interesting and complicated systems are starting to work out there.”

Click through for lots of quotes and takeaways. I think Changelog might have to get involved if they do this again next year…

The New Stack Icon The New Stack

JavaScript breaks into IoT via JerryScript

Michelle Gienow:

The recent release of the Fitbit Ionic marked Fitbit’s first true smartwatch. More significant to the JavaScript developer community, though, is the fact that the Ionic was produced and shipped using JerryScript, a lightweight JavaScript engine built to power the Internet of Things.

I heard some hubbub about JerryScript last year at OSCON EU, but not much since. Fitbit using it in their first attempt at a production smart watch is a big vote of confidence for the project.

The New Stack Icon The New Stack

The inspiring life of John Perry Barlow

David Cassel:

It’s easy to list the achievements of John Perry Barlow — everything from co-founding the Electronic Frontier Foundation to writing lyrics for the Grateful Dead. But it’s harder to quantify the amount of inspiration he delivered to the internet in the early 1990s. In the truest spirit of the word pioneer, he created a vision that helped shape the world that was to come.

This is a great compilation of stories, quotes, and personal remembrances of a man to whom we all owe a debt of gratitude. Whether we know it or not.

0:00 / 0:00