Open Container Initiative Announces Image Format Project

Open Container Initiative (OCI), a Linux Foundation Collaborative Project, has announced a new initiative called the OCI Image Format project. The primary goal of the new project is to create a software container image format spec with security and federated naming as key components. The OCI Image Format project is hosted on GitHub.

According to the announcement, "This represents an expansion of the OCI's first project, OCI Runtime Spec, that focuses on how to run containers. Industry leaders are collaborating to enable users to package and sign their application, then run it in any container runtime environment of their choice – such as Docker or rkt. With the development of the new OCI Image Specification for container images, both vendors and users can benefit from a common standard that is widely deployable across any supporting environment of the user's choice."

Jonathan Boulle of CoreOS, a company that develops a lightweight Linux distribution for container deployment, praised the formation of the OCI Image Format project and wrote in a blog post, "An open, and openly implementable container image format specification underpins all the portability goals of containers, allowing users to build and package a container once, sign it, and run it in a variety of vendor implementations and platforms, in the cloud and on-premises."

Qualcomm Bug Threatens Millions of Android Devices

FireEye, a cybersecurity firm, has found a flaw in Android devices running Qualcomm chips. The vulnerability has existed in Android devices for the last five years, and it affects devices with Qualcomm processors running Android 4.3 and older Android systems. Devices running newer versions of Android take advantage of SEAndroid, but FireEye says they are still affected to some extent.

According to a FireEye blog post, "This vulnerability allows a seemingly benign application to access sensitive user data, including SMS and call history, and the ability to perform potentially sensitive actions, such as changing system settings or disabling the lock screen."

FireEye informed Qualcomm of the bug in January, and Qualcomm released a fix by April, making it available to all vendors. Google pushed the fix to Nexus devices in May. Although Google secured its own Nexus devices, the company has no control over the rest of the Android ecosystem. Carriers and Android hardware vendors control software updates on their own Android devices, and users of these devices will remain vulnerable unless these companies update the software.

Windows 10 Pro Loses Critical Features

Business customers running Windows 10 Pro will no longer be able to use the Group Policy feature to restrict employees from accessing the Windows Store. Microsoft made this change last month with the upgrade to version 1511 of Windows 10. After this upgrade, users can't disable Windows Store access through Group Policy. According to Microsoft's support page, "This behavior is by design. In Windows 10 version 1511, these policies are applicable to users of the Enterprise and Education editions only."

A Microsoft spokesperson told ZDNet "Windows 10 Pro offers a subset of those capabilities and is recommended for small and mid-size businesses looking for some management controls, but not the full suite necessary for IT pros at larger enterprises."

Businesses need tighter control over their systems, and Microsoft is encouraging enterprise customers to use the Windows 10 Enterprise edition, which lets customers restrict access to Windows Store through AppLocker or Group Policy.