Technology

Back in 2014, when the wave of containers, Kubernetes, and distributed computing was breaking over the technology industry, Torkel Ödegaard was working as a platform engineer at eBay Sweden. Like other devops pioneers, Ödegaard was grappling with the new form factor of microservices and containers and struggling to climb the steep Kubernetes operations and troubleshooting learning curve. 

As an engineer striving to make continuous delivery both safe and easy for developers, Ödegaard needed a way to visualize the production state of the Kubernetes system and the behavior of users. Unfortunately, there was no specific playbook for how to extract, aggregate, and visualize the telemetry data from these systems. Ödegaard’s search eventually led him to a nascent monitoring tool called Graphite, and to another tool called Kibana that simplified the experience of creating visualizations.

To read this article in full, please click here

Back in the ancient days of machine learning, before you could use large language models (LLMs) as foundations for tuned models, you essentially had to train every possible machine learning model on all of your data to find the best (or least bad) fit. By ancient, I mean prior to the seminal paper on the transformer neural network architecture, “Attention is all you need,” in 2017.

To read this article in full, please click here

• Solar Storm Knocks Out Farmers' Tractor GPS Systems During Peak Planting Season
• Apple Closes in on Deal With OpenAI to Put ChatGPT on iPhone
• Apple Will Revamp Siri to Catch Up to Its Chatbot Competitors
• Google is getting even worse for independent sites
• Musk Plans More Layoffs as Two Senior Tesla Executives Depart
• At Tesla, a Wild Week That Defined the Company's Future
• TikTok Sues US Government Over Potential Ban
• Telegram vs. Signal
• Sony reverses unpopular Helldivers 2 decision after blistering player reaction
• Apple apologizes for 'Crush' iPad Pro ad that sparked controversy

Host: Leo Laporte

Guests: Paris Martineau, Sam Abuelsamid, and Mike Elgan

Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

Sponsors:

• bitwarden.com/twit
• NetSuite.com/TWIT
• mintmobile.com/twit
• eufy.com
• ZipRecruiter.com/Twit

Red Hat is extending its Lightspeed generative AI technology to work with the company’s Red Hat OpenShift hybrid cloud application platform as well as with Red Hat Enterprise Linux (RHEL).

Announced May 7, Red Hat OpenShift Lightspeed and Red Hat Enterprise Linux Lightspeed will offer intelligent, natural language processing capabilities, intended to make OpenShift and RHEL easier for novices to use and more efficient for experienced professionals, Red Hat said. Red Hat OpenShift Lightspeed is slated for availability in late 2024. Red Hat Enterprise Linux is in the planning stage.

To read this article in full, please click here

The first beta of Python 3.13 has just been released. This article presents a rundown of the most significant new features in Python 3.13 and what they mean for Python developers. Things may change between now and the first production release of 3.13, but the first beta means all the major feature additions and changes are now frozen.

Here's a first look at these new features in the Python 3.13 beta release:

• The experimental JIT
• The no-GIL build of Python
• A new REPL
• Improved error messages
• Enhancements to Python types
• No more "dead batteries"

Python 3.11 introduced the Specializing Adaptive Interpreter. When the interpreter detects that some operations predictably involve the same types, those operations are "specialized." The generic bytecode used for that code is swapped with bytecode specific to working with those types, which delivers speed boosts of anywhere from 10% to 25% for those regions of the code.

To read this article in full, please click here

The Big Three cloud providers, AWS, Microsoft, and Google, are going like gangbusters. The most likely reason is two letters: AI. The first quarter of 2024 saw the strongest growth since the third quarter of 2022. Enterprise spending on cloud infrastructure services topped $76 billion during Q1 2024, up by $13.5 billion (a 21% increase) compared with Q1 of 2023.

The Big Three cloud providers now account for 67% of global cloud spending. Amazon still retains its lead at 31%, but its share is shrinking compared with Microsoft (25%) and Google (11%), which showed stronger year-on-year growth, according to Synergy Research Group.

To read this article in full, please click here

When developing database-driven .NET and .NET Core, regardless of the database we intend to deploy in the end, we will often want to work with a database engine that is lightweight and fast, in order to execute tests quickly and speed up development. Here SQLite is an ideal choice.

You can use SQLite to gain both faster data access and a smaller footprint. The SQLite database is usually stored as a single disk file, although it can also work as an in-memory database. However, unlike an in-memory database, SQLite allows you to query data without having to load the entire data set in memory.

To read this article in full, please click here

In a bid to “deepen the public conversation about how AI models should behave,” AI company OpenAI has introduced Model Spec, a document that shares the company’s approach to shaping desired model behavior.

Model Spec, now in a first draft, was introduced May 8. The document specifies OpenAI’s approach to shaping desired model behavior and how the company evaluates trade-offs when conflicts arise. The approach includes objectives, rules, and default behaviors that will guide OpenAI’s researchers and AI trainers who work on reinforcement learning from human feedback (RLHF). The company will also explore how much its models can learn directly from the Model Spec.

To read this article in full, please click here

GitHub has introduced Artifact Attestations, a software signing and verification feature based on Sigstore that protects the integrity of software builds in GitHub Actions workflows. Artifiact Attestations is now available in a public beta.

Announced May 2, Artifact Attestations allows project maintainers to create a “tamper-proof, unforgeable paper trail” that links software artifacts to the process that created them. “Downstream consumers of this metadata can use it as a foundation for new security and validity checks through policy evaluations via tools like Rego and Cue,” GitHub wrote in the announcement.

To read this article in full, please click here

Django has been a leading “batteries included” Python web framework for more than a decade. The fifth major release, which arrived in December, brought even more power and ease to Django.

Curious about the latest Django development trends? JetBrains’ PyCharm team, in collaboration with the Django Foundation, surveyed over 4,000 developers worldwide to analyze framework usage. Here’s what we found:

• Django remains the top pick for 74% of developers.
• One in three Django developers also uses Flask or FastAPI.
• Django is commonly used for full-stack and API development.
• Developers are shifting to HTMX, Alpine.js, and Tailwind for front-end development.
• GitHub Actions leads in continuous integration (CI) adoption.
• 39% of Django developers implement infrastructure as code (IaC).

Prefer to watch? View the discussion video featuring Django Board Member Sarah Abderemane, Django Fellow Sarah Boyce, and JetBrains Developer Advocate Paul Everitt as they explore the findings from the Django Developer Survey.

To read this article in full, please click here

Both extremely promising and extremely risky, generative AI has distinct failure modes that we need to defend against to protect our users and our code. We’ve all seen the news, where chatbots are encouraged to be insulting or racist, or large language models (LLMs) are exploited for malicious purposes, and where outputs are at best fanciful and at worst dangerous.

None of this is particularly surprising. It’s possible to craft complex prompts that force undesired outputs, pushing the input window past the guidelines and guardrails we’re using. At the same time, we can see outputs that go beyond the data in the foundation model, generating text that’s no longer grounded in reality, producing plausible, semantically correct nonsense.

To read this article in full, please click here

Red Hat has unveiled Podman AI Lab, an extension to the Podman Desktop graphical interface that lets developers build generative AI-powered applications in containers.

Announced May 7, Podman AI Lab is intended to make it easier to develop with AI in a local environment. The Podman AI Lab extension supports the adoption of generative AI for building intelligent applications or enhancing their workflow using AI-augmented development capabilities, Red Had said. 

To read this article in full, please click here

Red Hat has launched Red Hat Enterprise Linux AI (RHEL AI), described as a foundation model platform that allows users to more seamlessly develop and deploy generative AI models.

Announced May 7 and available now as a developer preview, RHEL AI includes the Granite family of open-source large language models (LLMs) from IBM, InstructLab model alignment tools based on the LAB (Large-Scale Alignment for Chatbots) methodology, and a community-driven approach to model development through the InstructLab project, Red Hat said.

To read this article in full, please click here

Research suggests there are seven JavaScript language elements developers lookup more than any other. While you might not be able to write a complete JavaScript program using only these features, you most certainly won't get far without them. Beginners need to learn them, but they're also great brain refreshers for JavaScript veterans. Let’s take a look at the JavaScript language features every developer needs.

• for loop
• map
• foreach
• substring
• array
• switch
• reduce

Collections of values are an essential aspect of all programming languages. In JavaScript, we use arrays to store collections. JavaScript arrays are incredibly flexible, which is largely due to JavaScript’s dynamic typing system. You can declare an empty array or one that already holds values:

To read this article in full, please click here

For decades, when I got to work in the morning, I would start Microsoft Visual Studio (or one of its predecessors, such as Visual C++ or Visual InterDev), then brew tea and possibly attend a morning meeting while it went through its laborious startup. I would keep the IDE open all day as I went through develop/test/debug cycles to avoid another startup delay.

When I worked on a C++ project with ~2 million lines of code, I also jump-started each day’s work by automatically running a batch script that did a code checkout and full rebuild of the product in the wee hours.

But that was then. The startup overhead of Visual Studio has decreased significantly over the years. It’s now a non-issue even in huge Visual Studio 2022 projects.

To read this article in full, please click here

Microservices architectures solve some problems but introduce others. Dividing applications into independent services simplifies development, updates, and scaling. But it also gives you many more moving parts to connect and secure. Managing all the network services—load balancing, traffic management, authentication and authorization, and so on—can become stupendously complex.

The term for this networked space between the services in your Kubernetes cluster is service mesh. A Google project, Istio, is all about providing a way to manage your cluster’s service mesh before it turns into a bramble snarl.

To read this article in full, please click here

• The vulnerability of GPS
• Is the sky falling on all VPN systems?
• Multi-user Passkeys, YubiKeys?
• The iCloud Keychain
• The UK and Google's Topics

Show Notes - https://www.grc.com/sn/SN-973-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• Melissa.com/twit
• kolide.com/securitynow
• lookout.com
• bitwarden.com/twit

With newly introduced Deno 1.43, the developers of the JavaScript/TypeScript runtime have enhanced its language server, speeding up auto-completion performance and improving memory consumption.

Introduced May 1, Deno 1.43 can be accessed via running the deno upgrade command in a terminal.

Deno Land developers have reworked many aspects of the Deno language server, commonly referred to as Deno LSP, which provides auto-completion in the editor and other capabilities. With Deno 1.43, auto-completion now takes less than one second in larger projects when it used to take six to eight seconds, Deno Land said. As for memory consumption, projects that previously caused out-of-memory errors in the LSP now operate without issue.

To read this article in full, please click here

The United States joined the United Kingdom and Australia today in sanctioning 31-year-old Russian national Dmitry Yuryevich Khoroshev as the alleged leader of the infamous ransomware group LockBit. The U.S. Department of Justice also indicted Khoroshev and charged him with using Lockbit to attack more than 2,000 victims and extort at least $100 million in ransomware payments.

Image: U.K. National Crime Agency.

Khoroshev (Дмитрий Юрьевич Хорошев), a resident of Voronezh, Russia, was charged in a 26-count indictment by a grand jury in New Jersey.

“Dmitry Khoroshev conceived, developed, and administered Lockbit, the most prolific ransomware variant and group in the world, enabling himself and his affiliates to wreak havoc and cause billions of dollars in damage to thousands of victims around the globe,” U.S. Attorney Philip R. Sellinger said in a statement released by the Justice Department.

The indictment alleges Khoroshev acted as the LockBit ransomware group’s developer and administrator from its inception in September 2019 through May 2024, and that he typically received a 20 percent share of each ransom payment extorted from LockBit victims.

The government says LockBit victims included individuals, small businesses, multinational corporations, hospitals, schools, nonprofit organizations, critical infrastructure, and government and law-enforcement agencies.

“Khoroshev and his co-conspirators extracted at least $500 million in ransom payments from their victims and caused billions of dollars in broader losses, such as lost revenue, incident response, and recovery,” the DOJ said. “The LockBit ransomware group attacked more than 2,500 victims in at least 120 countries, including 1,800 victims in the United States.”

The unmasking of LockBitSupp comes nearly three months after U.S. and U.K. authorities seized the darknet websites run by LockBit, retrofitting it with press releases about the law enforcement action and free tools to help LockBit victims decrypt infected systems.

The feds used the existing design on LockBit’s victim shaming website to feature press releases and free decryption tools.

One of the blog captions that authorities left on the seized site was a teaser page that read, “Who is LockbitSupp?,” which promised to reveal the true identity of the ransomware group leader. That item featured a countdown clock until the big reveal, but when the site’s timer expired no such details were offered.

Following the FBI’s raid, LockBitSupp took to Russian cybercrime forums to assure his partners and affiliates that the ransomware operation was still fully operational. LockBitSupp also raised another set of darknet websites that soon promised to release data stolen from a number of LockBit victims ransomed prior to the FBI raid.

One of the victims LockBitSupp continued extorting was Fulton County, Ga. Following the FBI raid, LockbitSupp vowed to release sensitive documents stolen from the county court system unless paid a ransom demand before LockBit’s countdown timer expired. But when Fulton County officials refused to pay and the timer expired, no stolen records were ever published. Experts said it was likely the FBI had in fact seized all of LockBit’s stolen data.

LockBitSupp also bragged that their real identity would never be revealed, and at one point offered to pay $10 million to anyone who could discover their real name.

KrebsOnSecurity has been in intermittent contact with LockBitSupp for several months over the course of reporting on different LockBit victims. Reached at the same ToX instant messenger identity that the ransomware group leader has promoted on Russian cybercrime forums, LockBitSupp claimed the authorities named the wrong guy.

“It’s not me,” LockBitSupp replied in Russian. “I don’t understand how the FBI was able to connect me with this poor guy. Where is the logical chain that it is me? Don’t you feel sorry for a random innocent person?”

LockBitSupp, who now has a $10 million bounty for his arrest from the U.S. Department of State, has been known to be flexible with the truth. The Lockbit group routinely practiced “double extortion” against its victims — requiring one ransom payment for a key to unlock hijacked systems, and a separate payment in exchange for a promise to delete data stolen from its victims.

But Justice Department officials say LockBit never deleted its victim data, regardless of whether those organizations paid a ransom to keep the information from being published on LockBit’s victim shaming website.

Khoroshev is the sixth person officially indicted as active members of LockBit. The government says Russian national Artur Sungatov used LockBit ransomware against victims in manufacturing, logistics, insurance and other companies throughout the United States.

Ivan Gennadievich Kondratyev, a.k.a. “Bassterlord,” allegedly deployed LockBit against targets in the United States, Singapore, Taiwan, and Lebanon. Kondratyev is also charged (PDF) with three criminal counts arising from his alleged use of the Sodinokibi (aka “REvil“) ransomware variant to encrypt data, exfiltrate victim information, and extort a ransom payment from a corporate victim based in Alameda County, California.

In May 2023, U.S. authorities unsealed indictments against two alleged LockBit affiliates, Mikhail “Wazawaka” Matveev and Mikhail Vasiliev. In January 2022, KrebsOnSecurity published Who is the Network Access Broker ‘Wazawaka,’ which followed clues from Wazawaka’s many pseudonyms and contact details on the Russian-language cybercrime forums back to a 31-year-old Mikhail Matveev from Abaza, RU.

Matveev remains at large, presumably still in Russia. Meanwhile, the U.S. Department of State has a standing $10 million reward offer for information leading to Matveev’s arrest.

Vasiliev, 35, of Bradford, Ontario, Canada, is in custody in Canada awaiting extradition to the United States (the complaint against Vasiliev is at this PDF).

In June 2023, Russian national Ruslan Magomedovich Astamirov was charged in New Jersey for his participation in the LockBit conspiracy, including the deployment of LockBit against victims in Florida, Japan, France, and Kenya. Astamirov is currently in custody in the United States awaiting trial.

The Justice Department is urging victims targeted by LockBit to contact the FBI at https://lockbitvictims.ic3.gov/ to file an official complaint, and to determine whether affected systems can be successfully decrypted.