• VMs vs. Containers for Microservices

    What makes more sense for an enterprise?In my previous blog, I talked about how enterprises can achieve continuous delivery of applications using microservices and containers. Here, I delve deeper to compare containers and VMs from a microservices architecture viewpoint.In this software era of constant evolution, we hear a lot of talk about using containers for microservices and the need to modernize monolithic applications. But, there is always an impending question for an enterprise that arises next and is rarely addressed — Why not use VMs instead of containers?Virtual Machines offer virtualization of hardware as well as the OS and create an efficient, isolated duplicate of a real machine. In the case of containers, only the OS is virtualized and not the hardware, creating a (...)

    #application-delivery #enterprise-application #microservice-architecture #app-deployment #docker

  • #google releases 10 new and updated enterprise focused security tools and services

    In March, Google announced ​more than 20 security enhancements​, deciding that apparently, that number wasn’t enough today they are announcing:Context-aware access capabilities, available now for select customers in beta for VPC Service Controls, and coming soon to beta for Cloud IAM, Cloud IAP and Cloud IdentityTitan Security Key, available now to Cloud customers, and coming soon to the Google StoreShielded VMs, available now in betaBinary Authorization, coming soon to betaContainer Registry Vulnerability Scanning, coming soon to betaCloud Armor geo-based access control, available now in betaCloud HSM, coming soon to betaAccess Transparency, soon to be generally availableG Suite security center investigation tool, available now via Early Adopter ProgramG Suite data regions, now generally (...)

    #google-cloud-platform #amazon #cloud-computing #kubernetes

  • Scaling Effectively: when #kubernetes met Celery

    This is a story about software architecture, about a personal itch, and about scalability. And like any good tech story, it begins with a shaky architecture.At Panorays, we help large enterprises to measure the security posture of their suppliers. But I’m not going to get into the whole 3rd party security management extravaganza with you. we came to talk about our architecture and process.In the beginning, there was bash. and scripts to manage VMs. a lot of scripts.There was a VM instance for each company we assessed.Every VM executed sequential batch jobs that imitate the whole reconnaissance phase of the hacker’s lifecycle.Company level parallelism is achieved by firing up more VMs.We built an internal orchestration system via Cron & Bash (imagine how fun was that…).Problems:The (...)

    #startup-lessons #kubernetes-and-celery #docker #python

  • Indonesia Turns to Google in War on Illegal Fishing – gCaptain

    But it’s not game over for the minister: she says local boats are still working with “global pirates” who catch fish just outside the permitted zone, which are then shipped to foreign destinations. And that’s where Google comes in.

    They still steal from us. We see it on Google fishing watch,” [Indonesia’s Fisheries Minister Susi] Pudjiastuti said, referring to Global Fishing Watch, an online mapping platform co-founded by Google. “They use Indonesian-affiliated companies and businesses and basically take their catch a few miles beyond the exclusive economic zone, where a refrigerated mothership is waiting.

    Indonesia last year became the first nation to share its Vessel Monitoring System information — government-owned data used to monitor maritime traffic — with the global monitoring platform, founded by Google, Oceana and SkyTruth, and funded by partners including the Leonardo DiCaprio Foundation and Bloomberg Philanthropies.

    Pudjiastuti’s initiative instantly made nearly 5,000 previously invisible boats viewable. She has called for other nations to follow her lead, with Peru last year committing to making its fishing data available.

    Brian Sullivan, the manager of Google Ocean and Earth Outreach, said information from Indonesia’s VMS was fed through the same algorithm used by Global Fishing Watch to produce a new set of analytics. That was then added to raw satellite imagery to produce an even more detailed footprint of fishing activities in near-real time.

    Susi reached out to us and said ’I like what you’re working on, we’d like to see how we could use that information in Indonesia,” California-based Sullivan said in a telephone interview. “She has been probably one of the most progressive ministers within fisheries for taking something that historically all governments had kept extremely close.

    By using machine learning and watching how a vessel moves, Google’s technology is able to establish patterns, and determine whether a vessel is in transit or fishing.

    A study published last month found that foreign fishing in Indonesia dropped by more than 90 percent and total fishing by 25 percent following the tough policies introduced by Pudjiastuti, which also included a ban on all foreign-owned and -made boats from fishing in Indonesia and the restriction of transfers of fish at sea.

    We know what it looks like when a vessel is broadcasting because we see that vessel’s position,” said Sullivan. “And if it then goes quiet for a while and then reappears on the other side of a marine-protected area that would be considered suspicious activity.

  • Chrome OS will soon let you run Linux VMs

    It could soon be possible to run Linux apps on a Chromebook without jumping through hoops. Recent commits to the Chrome OS source code suggests that Google is preparing to introduce support for virtual machines, specifically Linux containers. Such a feature would unlock a stack of possibilities for developers and for Chrome OS — but […] This post, Chrome OS will soon let you run Linux VMs, was written by Joey Sneddon and first appeared on OMG! Ubuntu!.

  • Lynx Users Guide v2.7

    Le plus ancien web browser encore en service est toujours d’actualité. A l’époque du #paywall il permet de contourner pas mal d’obstacles parce qu’il est considéré comme inoffensif par pas mal de scriptes qui bloquent l’accès à des pages pour le reste des visiteurs non connectés au sites payants.

    Bonus gratuit : Avec Lynx on est à totalement l’abri des scripts nocifs sur les pages web, enfin prèsque.

    Lynx a un seul inconvénient : les pages qui ne marchent qu’àvec #javascript restent inaccessibles - mais ne faites pas confiance au message d’erreur qui s’affiche quand vous éteignez JS dans votre brouteur habituel ; assez souvent Lynx affiche joliment des pages web qui exigent du JS dans Chrome, Firefox et d’autres systèmes plus « modernes ».

    Lynx is a fully-featured World Wide Web (WWW) client for users running cursor-addressable, character-cell display devices (e.g., vt100 terminals, vt100 emulators running on PCs or Macs, or any other character-cell display). It will display Hypertext Markup Language (HTML) documents containing links to files on the local system, as well as files on remote systems running http, gopher, ftp, wais, nntp, finger, or cso/ph/qi servers, and services accessible via logins to telnet, tn3270 or rlogin accounts (see URL Schemes Supported by Lynx). Current versions of Lynx run on Unix and VMS.

    Lynx can be used to access information on the WWW, or to build information systems intended primarily for local access. For example, Lynx has been used to build several Campus Wide Information Systems (CWIS). In addition, Lynx can be used to build systems isolated within a single LAN.

    Pour le #mail c’est pareil, je redécouvre #Mutt qui est très puissant aussi.

    The Mutt E-Mail Client

    “All mail clients suck. This one just sucks less.” -me, circa 1995

    web browser - Using Lynx on potentially malicious websites - Information Security Stack Exchange

    in theory, you are still vulnerable. Even in Lynx there are still components that parse HTML, interact with the network, keep track of cookies, etc (tip: use curl or wget to just download the page without even parsing it to be even more careful). That is still quite a big attack surface, though I would consider it safe enough at this point. Maybe not safe enough against a targeted attack from a powerful attacker, but definitely safe enough for random Android websites.

    Deluge of Browser Security Issues Drives Mass Migration | Netcraft

    April Erste, Public Relations Manager at the First National Bank of Oki Koki, told Netcraft that users are migrating to Lynx because of its speed and advanced security features. She added: “Lynx has not once suffered a buffer overflow in its image processing, and indeed has suffered no security vulnerabilities at all in the last 2 years.” By comparison, the most recent Firefox security update was only 4 days ago.

    The bank also notes that Telnet remains popular with a small group of its customers. Although it lacks the sophisticated user interface of Lynx, many security experts argue that Telnet is significantly more secure and has the largest installed base of any browser.

    Erste said that while the bank is dedicated to providing an accessible online banking experience, some customers still report difficulties when trying to make HTTPS requests through Telnet without the aid of an extended keyboard layout.


    Lynx Information

    Many user questions are answered in the online help provided with Lynx. Press the ’?’ key to find this help.

    LYNX – The Text Web-Browser

    This is the toplevel page for the Lynx software distribution site.

    The current development sources have the latest version of Lynx available (development towards 2.8.9).
    The main help page for lynx-current is online; the current User Guide is part of the online documentation.
    The most recent stable release is lynx2.8.8.

    P.S. Lynx marche très bien sous Windows ;-)

    #WWW #censure #privatisation

  • Ten sailors missing after U.S. warship, tanker collide near Singapore
    ça devient une habitude…
    mais cette fois à babord, donc, a priori, c’est lui qui a priorité…

    Ten sailors are missing after a U.S. warship collided with an oil tanker east of Singapore before dawn on Monday, tearing a hole beneath the waterline and flooding compartments that include a crew sleeping area, the U.S. Navy said.

    The collision between the guided-missile destroyer USS John S. McCain and the tanker Alnic MC was the second involving U.S. Navy destroyers and merchant vessels in Asian waters in little more than two months.

    The ships collided while the U.S. warship was heading to Singapore for a routine port call, the Navy said in a statement.

    • Ici, il est hors de question d’imaginer une quelconque défaillance de la veille sur l’un ou l’autre navire : ça doit être l’endroit où le trafic est le plus dense au monde et on est aux abords immédiats du port…

      En revanche, le communiqué de la Navy laisse songeur. Le John McCain est abordé à babord (à l’arrière de sa seconde cheminée), vraisemblablement à l’endroit où s’achève la dernière ligne droite de la trajectoire) alors que le pétrolier vient de l’est et se dirige vers le terminal pétrolier (dans l’axe de cette ligne droite). Difficile à imaginer si le John McCain entrait au port ; normalement, il présentait son flanc tribord…

      Au vu des photos, et de l’enfoncement des tôles, il semblerait que le pétrolier venait de l’arrière.

    • Stricken destroyer John S. McCain arrives in Singapore, 10 crew still missing

      Mounting questions
      The details of how the collisions occurred remain unkown, But incidents such as those with the McCain and Fitzgerald incidents are troubling, said Jan van Tol, a retired commander of three war ships who now serves as an analyst with the Center for Strategic and Budgetary Assessments.

      Navy destroyers are remarkably nimble and responsive, including rapid acceleration ability, thus should certainly be able to get out of the way of almost anything approaching ‘too close,’” van Tol said in an email.

      Such close quarters situations should NEVER be allowed to develop without various watchstanders and watchteams being well aware that they are developing,” he said.

      It is unknown whether McCain had suffered any kind of casualty to its engineering or steering systems ahead of the collision that would have contributed to the disaster.

      The collision was the fourth significant safety incident of 2017 involving a U.S. 7th Fleet ship. In January, the cruiser Antietam ran aground in Tokyo Bay and in May, the cruiser Lake Champlain collided with a Korean fishing boat in the Sea of Japan.

      (outre le Fitzgerald)

    • Complètement dingue !

      La collision a eu lieu nettement plus à l’est, juste à l’entrée du dispositif de séparation de trafic. Dans les derniers instants, on voit l’Alnic NC abattre en grand sur la gauche en ralentissant fortement, indice évident d’une manœuvre en catastrophe, qui ne peut se justifier (on est dans le rail, bon sang !) que par une tentative d’évitement désespérée…

      Mille sabords !, que fabriquait cet amiral de bateau-lavoir de USS John S. McCain à cet endroit là ?
      (NB : le père et le grand-père du sénateur, John S. McCain III, ont tous les deux terminé leur carrière comme amiral et, pour faire simple portaient également le même middle name, Sidney. On fait dans la dynastie ou pas…)

      Comment a-t-il pu couper la route d’un bateau dont la route est absolument rectiligne et prévisible (il est dans le rail) ? Peut-être le McCain n’y était-il pas et a-t-il manœuvré brutalement pour s’y placer ?

      EDIT (24/08)
      pour gCaptain, l’abattée à gauche est le résultat de la collision, ce qui parait tout à fait crédible et explique bien la forme de l’enfoncement sur l’arrière de l’ouverture. Le McCain devait filer vite pour dévier à ce point la trajectore.
      Du coup, on peut élaborer un scénario où le McCain coupe, pour des raisons qu’il reste à préciser, le rail « conformément aux règles internationales » : perpendiculairement et le plus vite possible. Et dans ce cas, il est responsable à 100%…

      Comment, elle a dit déjà l’amirauté ? ah oui, #poor_seamanship


    • The Latest: US Navy vessel arrives to help damaged destroyer - The Washington Post

      5:00 p.m.
      The oil tanker involved in a collision with the USS John S. McCain destroyer in busy Southeast Asian waters had four deficiencies including navigation safety violations in its last port inspection.

      An official database for ports in Asia shows the Alnic MC was inspected in the Chinese port of Dongying on July 29 and had one document deficiency, one fire safety deficiency and two safety of navigation problems.

      The database doesn’t go into details and the problems were apparently not serious enough for the Liberian-flagged and Greek-owned vessel to be detained by the port authority.
      4:10 p.m.
      The chief of Malaysia’s Maritime Enforcement Agency says the collision between an oil tanker and the USS John S. McCain guided missile destroyer early Monday occurred at the start of a designated sea lane for ships sailing into the Singapore Strait, one of the world’s busiest shipping lanes.

      Zulkifli Abu Bakar said the incident occurred 4.5 nautical miles (8.3 kilometers) from Malaysia’s coast. He said a Malaysian warship was in the area monitoring the cleanup of an oil spill from an unrelated collision of two merchant ships and was contacted by the McCain.

      Both Malaysia and Singapore say the accident happened in their waters, likely reflecting a dispute about ownership of some rocky outcrops in the area.

      It happened in Malaysian territorial waters, specifically in Teluk Ramunia waters,” Zulkifli said. “For this moment, we shouldn’t argue about whose waters. Most important thing is we focus on the search and rescue.

    • Frontière entre la Malaisie et Singapour — Wikipédia

      La délimitation de cette frontière maritime a fait l’objet d’un recours devant la Cour internationale de justice, effectué conjointement le 24 juillet 2003 par la Malaisie et Singapour. Le différend portait sur l’île de Pedra Branca, les Middle Rocks (deux rochers inhabités) et South Ledge, un haut-fond découvrant. Par un arrêt du 23 mai 2008, la Cour a attribué Pedra Blanca à Singapour, les Middle Rocks à la Malaisie, et South Ledge à l’État dans les eaux territoriales duquel il se trouve (la Cour n’ayant pas reçu mandat des parties pour délimiter leurs eaux territoriales respectives).

      L’arrêt de la CIJ
      Affaire relative à la souveraineté sur Pedra Blanca/Pulau Batu Puteh, Middle Rocks et South Ledge –(Malaisie/Singapour)
      Arrêt du 23 mai 2008

      (il me semblait avoir vu passer ce contentieux ici)

      (extrait de l’arrêt de la CIJ)

    • Serrage de boulons généralisé…

      Admiral to order operational pause in Navy after warship, merchant ship collide - CNN

      Chief of Naval Operations Adm. John Richardson is expected to order a one-day pause in operations “to ensure we are taking all appropriate immediate measures to enhance the Navy’s safe and effective operation around the world,” according to a US Defense official and an advanced copy of Richardson’s statement obtained by CNN.

      The stand-down will take place over the next couple of weeks, at the discretion of individual commands, the defense official said.

      The order comes after a US Navy guided-missile destroyer collided early Monday with an oil tanker east of Singapore, the fourth accident this year involving a US warship in Asian waters.

      This is the second major collision in the last three months, and is the latest in a series of major incidents, particularly in the Pacific theater. This trend demands more forceful action,” Richardson’s statement says.

      C’est le moment de ressortir la vanne éculée du phare et du porte-avions états-unien… #lighthouse_vs_US_Navy


    • US Navy also considering ’cyber intrusion or sabotage’ as possible causes for USS John McCain collision

      A steering failure, or maybe even hacked systems – the US Navy is considering all possible reasons after launching a broad investigation into the collision of the US guided-missile destroyer USS John McCain with an oil tanker off the coast of Singapore on Monday (21 August).

      Plusieurs médias reprennent l’hypothèse, apparemment émise par l’US Navy, de panne de l’appareil à gouverner (#avarie_de_barre, un des entrainements les plus fréquents en passerelle dans mon souvenir, presqu’autant que #un_homme_à_la_mer à babord/tribord suivie du Boutakov règlementaire…) Je ne trouve pas le communiqué original. Pas plus que, l’évocation officielle d’une #cyber-attaque qui aurait déjà été plus ou moins éliminée par la marine.

      Apparemment, la source initiale est CNN

      Ships, aircraft search for crashed US destroyer’s 10 missing crew - CNNPolitics

      What caused the accident?
      The warship suffered a steering failure as the warship was beginning its approach into the Strait of Malacca, causing it to collide with a commercial tanker Monday, a US Navy official told CNN.
      The official said it was unclear why the crew couldn’t utilize the ship’s backup steering systems to maintain control of ship.
      Earlier, another US Navy official told CNN there were indications the destroyer experienced a loss of steering right before the collision, but steering had been regained after the collision.

      Évidemment, l’option #hacker circule pas mal (déjà pour l’USS Fitzgerald), Popular Mechanics explique de son côté que ça ne peut pas être du #GPS_spoofing, etc.
      No, the USS McCain Wasn’t a Victim of GPS Spoofing

    • Ah, ben Les Échos relaient le complotisme, bravo…
      (oubliant au passage l’hypothèse de l’avarie de barre, mise en avant par l’amiral Richardson (CNO : Chief of naval operations)

      Après la collision d’un destroyer américain, des experts agitent la piste de la cyberattaque

      L’amiral n’a pas exclu que la collision ait pu être provoquée par un facteur extérieur ou une cyberattaque. Cet accident n’est pas le premier (voir encadré) et intrigue certains spécialistes de la Défense.

      « Il y a quelque chose de plus que la simple erreur humaine car sinon cela impliquerait énormément de gens », avance par exemple Jeff Stutzman interrogé par le site McClatchyDC.

      Pour cet ancien spécialiste de la guerre de l’information et de la marine, qui travaille désormais chez Wapack Labs, une société de sécurité informatique, tout bâtiment qui s’avance dans le détroit de Singapour aura sur le pont une équipe complète de vigiles et d’opérateurs radars.

      De son côté, interrogé par le site « International Business Times », Todd Humphreys, un professeur à l’Université du Texas et spécialiste en systèmes de navigation par satellite, va plus loin dans la suspicion.

      Pour lui, cet accident semble « statistiquement très suspect ». Et il n’hésite pas à faire un parallèle avec un incident intervenu en juin en Mer noire et au cours duquel des signaux GPS auraient été trafiqués via, selon lui, « un signal qui provenait du continent russe ».

      La piste russe n’est cependant pas la seule à être soulevée. Interrogé par le site australien news.com, Itay Glick, un autre expert de cybersécurité qui a travaillé pour les services de renseignements israéliens, avance que si la Russie a les capacités d’effectuer une telle attaque, la Chine l’a également.

      « Je ne crois pas aux coïncidences », explique-t-il encore en rappelant que « l’erreur humaine » est toujours une solution de facilité pour expliquer un accident.

      À « l’expert » dont les pontifications concluent l’article, on fera remarquer que la Navy a viré tout l’état-major de l’USS Fitzgerald et on rappellera aux Échos que l’amiral Richardson met en avant une deuxième hypothèse « matérielle ».

      Certains font remarquer que les nombreuses gesticulations de la Navy dans un contexte où le nombre de bâtiments baisse pourraient avoir aboutir à une fatigue des équipements et des équipages…

      Enfin, on sourira à la légende de la photo (bizarrement fournie par le SIPA) ouvrant l’article…

      Toutes les pistes sont envisagées y compris celle d’une cyberattaque, a laissé entendre l’amiral John Richardson, chef des opérations de la marine américaine.
      Daniel Chan/AP/SIPA

      … où on a un peu de mal à reconnaître l’amiral Richardson…

      la légende d’AP est la suivante
      Malaysian Maritime Director Indera Abu Bakar points to damage on USS John S. McCain at press conference in Putrajaya on Monday.
      AP Photo/Daniel Chan

    • China Calls U.S. Navy ’Arrogant’ After USS John Mccain Collision Accident

      A Chinese state-run newspaper claimed Monday that the most recent collision of a U.S. Navy destroyer with a merchant ship was an example of the U.S.’s “arrogance” in conducting patrols in and around the South China Sea.

      The nationalist Global Times ran an editorial Monday shortly after the USS John S. McCain was hit by an oil tanker east of Singapore in the Strait of Malacca and 10 sailors were reported missing.

      While stating the collision was an example of the U.S. military’s decline and that Chinese society’s “applause” was tantamount to the nation’s feelings toward the U.S. encroaching on its territory, the opinion piece also claimed that the U.S. is not trying to avoid such collisions.

      U.S. warships are constantly involved in accidents around the South China Sea,” the op-ed, which is often considered direct thoughts from the Chinese government, read. “On the one hand, the U.S. Navy has behaved arrogantly in the Asia-Pacific region. It lacks respect for huge merchant ships and fails to take evasive action in time, thus resulting in serious accidents.

      On n’est pas loin de la blague du phare…
      Blague qu’évoque le deuxième commentateur de l’article du Monde sur le sujet.

    • CNN sur la même – et évidente – question, mais beaucoup plus terre à terre : quand il y a série, c’est qu’il y a problème de fond…

      Why are so many Navy ships crashing ? - CNNPolitics

      The US Navy is facing difficult questions about the health of its fleet in the aftermath of the USS John S. McCain’s collision with an oil tanker east of Singapore on Monday, the latest in a series of naval accidents in the Pacific.

      Chief of Naval Operations Adm. John Richardson ordered a rare, one-day operational pause in response to the latest collision. And while the cause of the USS McCain crash is still to be determined, the spate of accidents — four since January — suggests there could be a more systemic issue.
      Lawmakers and defense analysts are warning that the Navy’s readiness problems — which have led to longer deployments for ships and less time and money for maintenance and training — could be playing a role in the uptick in crashes.
      In addition to the Navy’s stand-down, the Marine Corps grounded all of its aircraft for 24 hours earlier this month on the heels of two deadly crashes “to focus on the fundamentals of safe flight operations, standardization, and combat readiness.

      House Armed Services Committee Chairman Mac Thornberry, R-Texas, said it was unprecedented that “two military services have now had to take a knee to review safety and training procedures.
      Former Virginia Republican Rep. Randy Forbes, who is now a fellow at the Naval War College, said the concern over the recent incidents goes beyond just determining why the collisions occurred, but points to a broader issue if the Navy had to ramp up in a significant conflict.

      When our ships are having this much difficulty sailing in open waters, it gives us a lot of concern about what would happen if we were in a major conflict and how we would operate there,” Forbes said. “The Navy is in desperate need of additional resources so that they can do the kind of training they need, they can do the kind of ship maintenance they need.
      Thomas Callender, a defense analyst at the Heritage Foundation and former Navy submarine officer, noted that the destroyer collisions occurred in low-light times of day and highly trafficked areas.

      Those are some of the most difficult times, sunset and sunrise, of trying to determine what your contact picture is, what you’re really seeing with this,” Callender said.
      Forbes said traffic congestion would likely be a commonality, too.

      It’s like when you have accidents on roads: Normally it’s going to be where more vehicles are,” he said. “It still doesn’t justify it — we’ve got to operate in those waters.
      But the fact that all four Navy collisions this year occurred in the Pacific could also point to issues with training that are specific to the region, Hendrix said.
      The fact this is so regional ... it strikes me there’s a degradation in training standards and operational procedures,” he said.

    • Déclaration, ce soir à Singapour, de l’amiral Scott Swift, commandant de la Flotte du Pacifique (3è et 7è flotte)

      pas d’info particulière dans la déclaration liminaire (tout bien, tout corporate)

      • toute première question (7:00) (on ne les entend pas bien, mais les réponses permettent de les reconstituer) : cyberattaque ?
      – j’ai entendu cette hypothèse, mais on n’a rien vu qui puisse laisser penser à quelque chose de cette nature, mais nous (il cite le CNO) n’écartons aucune hypothèse

      • des modifications dans la chaîne de commandement
      – c’est trop tôt pour conclure quoi que ce soit, laisser se dérouler l’enquête

      • la flotte n’est-elle pas épuisée ? y a-t-il eu des négligences ?
      – ce n’est pas ce que j’ai vu ce matin lors de ma visite du navire, les équipages sont déterminés et opérationnels, ils ont bien bossé pour le damage control

      • découverte de corps ?
      – la marine malaisienne a récupéré un corps (en mer, donc) et va nous le restituer ; les plongeurs ont trouvé des corps, nous sommes en train de les identifier

    • U.S. Navy to relieve admiral of command after collisions: WSJ

      The U.S. Navy plans to remove from duty the commander of the fleet that has suffered four recent collisions in Asia and the deaths of a number of sailors, the _Wall Street Journal _reported on Tuesday, citing U.S. officials.

      Vice Admiral Joseph Aucoin, the three-star commander of the U.S. Seventh Fleet based in Yokosuka, Japan, will be relieved of command on Wednesday in connection with four collisions since January, including two involving fatalities, two U.S. officials said, according to the Journal. It said Navy officials declined to comment.

    • La Chine remet une couche…

      After U.S. destroyer collision, Chinese paper says U.S. navy a hazard

      The state-run China Daily said in an editorial on Tuesday that people will wonder why such a sophisticated navy keeps having these problems.

      The investigations into the latest collision will take time to reach their conclusions, but there is no denying the fact that the increased activities by U.S. warships in Asia-Pacific since Washington initiated its rebalancing to the region are making them a growing risk to commercial shipping,” it said.

      China has been upset at U.S. freedom of navigation operations near Chinese controlled islands in the disputed South China Sea, where China has been reclaiming land, building air bases and increasing its military presence.

      While the U.S. Navy is becoming a dangerous obstacle in Asian waters, China has been making joint efforts with the members of the Association of Southeast Asian Nations to draw up a Code of Conduct for the South China Sea and it has boosted navigational safety by constructing five lighthouses on its islands,” the China Daily said.

      Anyone should be able to tell who is to blame for militarizing the waters and posing a threat to navigation.

    • Ah, quand même, on se décide enfin à demander leur avis à des experts en autre chose que les cyberattaques !

      US Navy 7th Fleet commander dismissed, Navy says - CNNPolitics

      Carl Schuster, a Hawaii Pacific University professor and former director of operations at the US Pacific Command’s Joint Intelligence Center, said that he thought it was unlikely that the ship would have been hacked.

      Navigating a ship in a shipping channel is a manual operation. It comes down to watch attention and awareness. It’s a training procedure issue and a watch qualification issue,” he said.

      He added that even if the steering had been compromised it would be possible for the McCain to outrun the tanker, and that some degree of directionality would be possible by changing the speed of the port and starboard propellers.

      The “traffic situation” in the shipping channel at that time should be the focus of investigation, Ridzwan Rahmat, a senior defense and security analyst at Jane’s suggests.

      The signs were that the merchant ship was in compliance and the damage on the USS John S. McCain suggests that it wasn’t in compliance” of traffic rules at the time, he said.

    • Si vous ne l’avez pas déjà lu, peut-être faites un petit détour sur le fil concernant le Fitzgerald, l’article de gCaptain, Red over red, concernant le rapport préliminaire sur l’abordage d’il y a deux mois est à lire absolument.

      Je reprends ici mon commentaire qui concernait plutôt les événements du McCain (je finis par m’y perdre…)

      Sur l’incompétence des commentateurs, je remarque qu’aucun n’a fait la remarque que le navire de guerre coupe la route d’un bâtiment de commerce dans un rail…

      L’hypothèse d’une cyberattaque relève du délire. Mais peut-être que les hackers russes ou chinois dont déjà capables aujourd’hui de liquéfier les cervelles d’une équipe de quart en passerelle, après tout de quoi ne sont-ils pas capables ?

      Si le GPS est tombé en rade ou a été piraté, on dispose d’autres moyens de navigation, mille sabords, notamment en vue de terre. Bon sang, l’abordage a eu lieu à 5 miles du principal phare de la région et à 10 miles de la côte ! Si la passerelle a besoin du GPS pour naviguer, il y a lieu de s’interroger sur les compétences requises pour être officier de quart dans l’US Navy.

      Mais, de fait, on en est bien là : couper la route d’un navire dans le rail (je sais je me répète, mais ça ne passe pas !…)

      d’où mon soulagement (enfin, presque…) dans le commentaire précédant immédiatement celui-ci…

    • Search for Missing U.S. Sailors Slowed by Extensive Damage to Vessel - The New York Times

      In the McCain case, the search is taking longer because the damage to the vessel appears to be more extensive. According to one Navy official, who spoke on the condition of anonymity because investigations were underway, the Alnic appears to have hit the McCain nearly head-on, whereas the Fitzgerald suffered more of a glancing blow.

      C’est en effet compatible avec l’enregistrement de la trajectoire de l’Alnic MC (j’ai complété mon commentaire de la vidéo des relevés AIS https://seenthis.net/messages/623510#message623551 )

      Par ailleurs, le corps repêché par la marine malaisienne n’avait pas de lien avec l’abordage.

      A Malaysian Navy vessel found a body at sea on Tuesday, but it turned out to be the decomposed corpse of an elderly man and was unrelated to the collision, the United States Navy said.

    • China suspected after crashes of USS John S McCain and USS Fitzgerald | World | The Times & The Sunday Times

      The collision on Monday between a Liberian tanker and a US warship, the latest in a series of incidents in Asia, has provoked questions about possible Chinese involvement.

      A former Royal Navy officer said that the movements of the Guang Zhou Wan, a Chinese commercial vessel, could be significant in explaining the fatal crash off Singapore that left at least one sailor dead. A further nine are missing.

      Tracking data indicates that the tanker that collided with U_SS John S McCain_ was followed by the Chinese vessel, which appeared to steer out of the way before the incident.

      “You get the impression that fleet forces command are going to be looking at wider potential problems — hacking, crew training, how they are navigating, validating of ship-watch…

    • With the USS McCain collision, even Navy tech can’t overcome human shortcomings | Ars Technica

      Initial reports from the organization suggest that a “steering casualty”—a loss of control over steering from the bridge—contributed to the McCain’s fatal collision. That, and the nature of the ship’s steering and navigation system, has led to speculation that the McCain was “hacked” and that perhaps some sort of malicious electronic attack was also involved in the Fitzgerald’s collision.

      But so far, available evidence suggests something much less sinister—though potentially more threatening to the overall readiness of the service. There was no hacking, no GPS spoofing or jamming, nor any other deliberate enemy electronic attack on the Navy ships involved in this year’s accidents. Instead, much more human factors were at work—and some of them are endemic to the Navy’s current management culture and operational readiness.
      Watch standers aboard modern warships may have more technology to help them, but they still face a daunting task when they enter high-traffic areas as treacherous as the Strait of Gibraltar—or the Strait of Malacca, the approaches to the Bosporus and Dardanelles, and the approaches to Tokyo Bay. In each, hundreds of other vessels may be visible to the naked eye or on the radar scope. The resulting sea of data points can overwhelm even an experienced bridge crew regardless of how good their technology is.

      Long article, où je finis par perdre le fil de ce qu’il cherche à dire…

    • U.S. Navy Provides Details of Surface Fleet Review In Wake of ’Disturbing Trend’ of Accidents – gCaptain

      The U.S. Navy has provided details of a comprehensive review of the Navy’s global surface fleet operations after the destroyers USS Fitzgerald and John S. McCain were both involved in major collisions with commercial vessels just two months apart.


      2. You are directed to lead a Comprehensive Review of surface fleet operations and incidents at sea that have occurred over the past decade with emphasis on SEVENTH Fleet operational employment to inform improvements Navy-wide. This review should address the follow areas:

      a. Individual training and professional development, to include seamanship, navigation, voyage planning, leadership development, officer and enlisted tactical training in formal schools and on the job;

      b. Unit level training and operational performance, to including manning, personnel management, watchbill management, bridge (and CIC) team resource management, contact management, contact avoidance, leadership oversight and risk assessment/mitigation at all levels of the chain of command;

      c. Development and certification of deployed operational and mission standards (Force Generation) with particular emphasis on Forward Deployed Naval Force (FDNF), to include validation of required certification standards, gaps between required standards and actual employment practices, effectiveness of leadership and oversight at all levels of administrative and operational chains of command, maintaining and enforcing standards throughout FDNF assignment including self-assessment practices, external inspection reinforcement, remedial action mitigation plans;

      d. Deployed Operational Employment and Risk Management (Force Employment), to include Combatant Commander mission requirements, theater security cooperation requirements, maintenance impacts, other competing priorities (fleet experimentation, concept development), and their corresponding impact to operational tempo (OPTEMPO) and fundamental mariner and seamanship proficiency;

      e. Material Readiness of electronic systems to include navigation equipment (e.g. AIS, radars, ECDIS, VMS, WSNs), propulsion machinery to include steering systems, combat system modernization, and material availability;

      f. Practical Utility of current navigation equipment and combat systems including sensors, tracking systems, displays, and internal communications networks to evaluate their effectiveness at integrating tactical data and providing situational awareness to our people.

    • Fatigue and Training Gaps Spell Disaster at Sea, Sailors Warn - The New York Times

      The bridge of each Navy destroyer is controlled by a round-the-clock shift of young officers, who must pass written and oral exams to qualify for the positions. Still, they typically are under 25 and may have little shipboard experience. Junior officers also move on to other assignments after limited tours.

      Are we shortchanging their basic training, especially as we rotate our junior officers every 18 to 24 months?” asked Admiral Crowder.

      Training for junior ship officers has changed significantly in recent years. In 2003, the Navy dropped what had been an intensive six-month training course on navigation, basic seamanship, engineering and maintenance before new officers were assigned to their first ship.

      Instead, the new officers were sent directly to a ship where they were supposed to learn on the job. Some said they got practical training on deployments, and noted that the Seventh Fleet had a reputation as being the most experienced in the Navy. But, many commanders said, crews were too busy to provide that kind of instruction.

      By last year, the Navy had largely reversed course, sandwiching a junior officer’s first sea tour between 14 weeks of classroom work.
      Most ships use a traditional “five and dime” watch rotation, in which sailors serve five hours of watch, then have 10 hours off, he said. But during those 10 hours, sailors often have daytime duties.

      The rotation can lead to a watch officer pulling a 20-hour day every three days, Mr. Cordle said, adding that even designated sleep time can be interrupted by drills or refueling operations that can keep sailors up for days at a time. A recent Government Accountability Office report said sailors were on duty up to 108 hours each week.

      I averaged 3 hours of sleep a night,” someone described as a Japan-based Navy officer wrote on Reddit last week. “I have personally gone without sleep for so long that I have seen and heard things that weren’t there. I’ve witnessed accidents that could have been avoided because the person was so tired they had no right to be operating heavy machinery.

      Navy tests of sailors on the five-and-dime schedule found lack of sleep led to blunted decision-making and reflexes that were roughly the same as those of sailors who had downed several beers.

      The Naval Postgraduate School has developed a shorter watch schedule to match circadian rhythms, which uses three hours of watch duty and nine hours off. Recognizing the benefits, submarines were ordered to move to a similar schedule in 2015.

      Mr. Cordle said adopting the schedule could result in greater safety. But the Navy has left scheduling up to individual captains, and three quarters of ships still use the five and dime.

    • Ship Collisions : Address the Underlying Causes, Including Culture | U.S. Naval Institute

      Un think tank naval, grosse institution privée (estd 1873…), entre dans la danse (après plusieurs autres dont gCaptain). Dans le collimateur :
      • l’organisation des tours de quart
      • la non-spécialisation des officiers entre pont et machine
      • la (non-)formation au quart
      (j’ai lu sur un blog que, sur les navires modernes de la Navy (classe Ticonderoga !), il n’y aurait plus de table à carte en passerelle (support traditionnel du point à la main) mais uniquement de l’électronique…, à confirmer)

      In the wake of the USS Fitzgerald (DDG-62) and USS John S. McCain (DDG-56) collisions, the Navy is conducting investigations, relieving commanding officers, conducting safety stand downs (operational pauses), and retraining. This is a similar response to past mishaps, but this time the Navy must include true root cause analysis . Analysis after mishaps invariably uncovers human error and training deficiencies as causal factors. Some people get fired and others retrained. The Navy has begun to dig deeper with the CNO’s mandate for a fleet-wide investigation last week. I predict some of the findings of root causes will include the Navy’s approach to training and career development, surface warfare officer (SWO) culture, and high operational tempo (OpTempo) driving mission over people. 

      When a junior officer (JO) reports to a warship, he or she immediately has three jobs: standing watch under instruction, running a division, and earning qualifications (first as an officer of the deck and then as a SWO). Once qualified to be a watchstander, a JO is on the watch bill and expected to train the next batch of JOs. Depending on the number of qualified watchstanders on board, the watch rotation varies: “port and starboard” (6 hours on watch and 6 hours off); “five and dime” (5 hours on and 10 hours off watch, rotating); three or four section “chow to chow” rotating (based around mealtimes); “3 on/9 off” or “4 on/8 off” with two watches per day that do not change for a given underway. The “off” time is when a JO can accomplish day work, run the division, and work on qualifications—along with a little sleep and maybe squeeze in a run on the treadmill.
      The U.S. Navy appears to be the only maritime organization in the world that does not have dedicated watchstanders and separate dedicated professional tracks for deck and engineering.
      Another root cause likely will be the alertness level of those watchstanders. Watch rotations vary greatly in the fleet, partly because of the variability in the number of qualified watchstanders and partly because of SWO culture. Many COs will direct the watches be run the way he or she experienced as a JO. The vast majority of Navy ships still use rotating watches, which is completely against human circadian rhythms. With rotating watches, everyone sleeps when they are off watch because they are in a constant state of exhaustion. Myriad sleep deprivation studies have proven that lack of sleep is cumulative. You can’t “catch up” on sleep, and decision-making is impaired just like being under the influence of alcohol or drugs. Yet the Navy has not addressed watch rotations to maximize crew rest. Instead, it perpetuates a culture where lack of sleep is a rite of passage, and the main risk assessment tool does not account for crew rest.

    • Singapore-led safety investigation underway into USS John S McCain collision - Channel NewsAsia

      The Singapore Transport Safety Investigation Bureau (TSIB) launched a marine safety investigation following the collision of the USS John S McCain and Liberian-flagged oil tanker Alnic MC on Aug 21. 

      A TSIB spokesperson said on Thursday (Aug 31) that the investigation was launched immediately after the collision, and the probe was being conducted in accordance with the International Maritime Organization’s Casualty Investigation Code in Singapore’s capacity as a coastal state.

      The US Coast Guard, on behalf of the US National Transportation Safety Board, and the Liberian Maritime Administration are participating in Singapore’s safety investigation as Substantially Interested States,” the spokesperson said. 

      To date, investigators have interviewed the crew members of the Alnic, while TSIB has been coordinating with the US Coast Guard to gather relevant information on the US guided-missile destroyer, including statements of account from its crew. 

      TISB has also obtained shipboard data from the Alnic and other ships in the vicinity at the time of the collision to support the Singapore-led safety investigation, the spokesperson said.

      Si on lit entre les lignes, il semblerait que le TSIB rende public l’ouverture de leur enquête (avec 10 jours de retard) pour faire pression sur la Navy qui, à son habitude, ne semble pas particulièrement coopérative…

      Clairement, il n’est pas prévu qu’ils aient accès directement aux témoignages des marins du McCain

    • U.S. Navy to Haul Damaged Destroyer John S. McCain to Japan for Damage Assessment – gCaptain

      The U.S. Navy is planning to haul the damaged guided missile destroyer USS John S. McCain to its ship repair facility in Yokosuka, Japan where damage assessments will continue to take place.

      The Navy said Tuesday it intends to issue a task order on an existing contract, for the salvage patching and transport via heavy lift of USS John S McCain (DDG 56) from Changi Naval Base in Singapore to the U.S. Navy’s Ship Repair Facility-Japan Regional Maintenance Center in Yokosuka, Japan. The Navy did not specify which existing contract it was referring to.

    • Une hypothèse circule depuis quelques jours : l’USS John S McCain aurait été en train de doubler l’Alnic NC, suffisamment près (ie beaucoup trop près…) pour que, vers la fin du dépassement, la perturbation hydrodynamique due à la vague d’étrave de l’Alnic vienne perturber le safran du McCain, provoquant une embardée à gauche, voire mettant en panne l’appareil à gouverner.

    • Un peu de ménage…
      Pour l’instant, l’état-major du destroyer n’a pas été touché.

      Admiral, Captain Removed in Ongoing Investigations into USS John S. McCain, USS Fitzgerald Collisions

      The commander of the Navy’s largest operational battle force and his subordinate in charge of the attached destroyer squadron have been removed from their positions as a result of ongoing investigations into a string of incidents this year that resulted in the death of 17 sailors and hundreds of millions of dollars in damages, USNI News has learned.

      U.S. 7th Fleet Commander Vice Adm. Philip Sawyer removed Rear Adm. Charles Williams, commander of Combined Task Force 70, and Capt. Jeffery Bennett, commodore of Destroyer Squadron 15, from their positions on Monday (Tuesday local time) due to a loss of confidence in their ability to command, two Navy officials told USNI News and later confirmed by a statement from the service.

    • Les réparations auront lieu « localement », à Yokosuka. Localement, parce qu’il faut encore acheminer l’USS John S McCain de Singapour à Yokosuka (transfert prévu dans le courant de ce mois). Contrairement à l’USS Fitzgerald qui lui était à Yokosuka et va être acheminé à Pascagoula dans le Mississippi (probablement en décembre).

      USS John S. McCain to Be Repaired in Japan – gCaptain

      The U.S. Navy will repair the guided-missile destroyer USS John S. McCain (DDG 56) at the U.S. Naval Ship Repair Facility-Japan Regional Maintenance Center in Yokosuka, Japan.

      Repairs will begin upon arrival from Singapore aboard a heavy lift vessel in October, the Navy said.

      Accessoirement, on profitera de l’immobilisation pour faire un peu de remise à niveau :

      In addition to supporting repairs, the McCain’s crew will focus on training, readiness, and certifications to prepare the ship for its return to the Seventh Fleet, according to the Navy.
      On Thursday, the USS John S. McCain departed Changi Naval Base to meet the heavy lift transport vessel MV Treasure, which will transport it to Fleet Activities Yokosuka for repairs.

    • U.S. Navy says deadly McCain collision was #preventable, relieves ship commander

      The commanding officer exercised poor judgment, and the executive officer exercised poor leadership of the ship’s training program,” the USS Seventh Fleet said in a statement released in Japan on Wednesday.
      The McCain’s captain, Commander A. Sanchez, and his executive officer, Commander J. Sanchez, were reassigned to other duties in Japan, where the Seventh Fleet is headquartered, the Navy said.

      On attend le rapport préliminaire d’enquête…

  • Ubuntu 18.04 To Ship with GNOME Desktop, Not Unity

    Ubuntu 18.04 LTS will use GNOME as its default desktop environment, not Unity. In an extraordinary blog post that I have yet to fully digest, Mark Shuttleworth has announced that Canonical is to end its investment in Unity 8, Ubuntu for Phones and tablets, and end its ambition to seek “convergence”. “I’m writing to let […] This post, Ubuntu 18.04 To Ship with GNOME Desktop, Not Unity, was written by Joey Sneddon and first appeared on OMG! Ubuntu!.

    • Le post original qui ne « serait » pas un poisson :

      This is a post by Mark Shuttleworth, Founder of Ubuntu and Canonical

      We are wrapping up an excellent quarter and an excellent year for the company, with performance in many teams and products that we can be proud of. As we head into the new fiscal year, it’s appropriate to reassess each of our initiatives. I’m writing to let you know that we will end our investment in Unity8, the phone and convergence shell. We will shift our default Ubuntu desktop back to GNOME for Ubuntu 18.04 LTS.

      I’d like to emphasise our ongoing passion for, investment in, and commitment to, the Ubuntu desktop that millions rely on. We will continue to produce the most usable open source desktop in the world, to maintain the existing LTS releases, to work with our commercial partners to distribute that desktop, to support our corporate customers who rely on it, and to delight the millions of IoT and cloud developers who innovate on top of it.

      We care that Ubuntu is widely useful to people who use Linux every day, for personal or commercial projects. That’s why we maintain a wide range of Ubuntu flavours from both Canonical and the Ubuntu community, and why we have invested in the Ubuntu Phone.

      I took the view that, if convergence was the future and we could deliver it as free software, that would be widely appreciated both in the free software community and in the technology industry, where there is substantial frustration with the existing, closed, alternatives available to manufacturers. I was wrong on both counts.
      In the community, our efforts were seen fragmentation not innovation. And industry has not rallied to the possibility, instead taking a ‘better the devil you know’ approach to those form factors, or investing in home-grown platforms. What the Unity8 team has delivered so far is beautiful, usable and solid, but I respect that markets, and community, ultimately decide which products grow and which disappear.

      The cloud and IoT story for Ubuntu is excellent and continues to improve. You all probably know that most public cloud workloads, and most private Linux cloud infrastructures, depend on Ubuntu. You might also know that most of the IoT work in auto, robotics, networking, and machine learning is also on Ubuntu, with Canonical providing commercial services on many of those initiatives. The number and size of commercial engagements around Ubuntu on cloud and IoT has grown materially and consistently.

      This has been, personally, a very difficult decision, because of the force of my conviction in the convergence future, and my personal engagement with the people and the product, both of which are amazing. We feel like a family, but this choice is shaped by commercial constraints, and those two are hard to reconcile.

      The choice, ultimately, is to invest in the areas which are contributing to the growth of the company. Those are Ubuntu itself, for desktops, servers and VMs, our cloud infrastructure products (OpenStack and Kubernetes) our cloud operations capabilities (MAAS, LXD, Juju, BootStack), and our IoT story in snaps and Ubuntu Core. All of those have communities, customers, revenue and growth, the ingredients for a great and independent company, with scale and momentum. This is the time for us to ensure, across the board, that we have the fitness and rigour for that path.


      Ubuntu Unity is dead : Desktop will switch back to GNOME next year


    • C’est vrai, ce n’est pas un poisson d’avril. Il y a eu depuis d’autres nouvelles qui se sont accumulées sur celle-ci : licenciements suite à la fermetures de ces projets, relance de la comm’ d’Ubuntu pour redonner confiance dans cette distrib…
      Donc c’est fini Unity, Mir, Mobile…
      Remarquez, vu la force brute que va être #Vulkan ces prochaines années sur le panorama du libre, c’est peut être bien d’arrêter ce projet institutionnel qu’était Ubuntu pour laisser mûrir le reste autour de nouvelles dynamiques.

      Par contre dommage de choisir Gnome (3 Shell) qui bafoue certains paradigmes ancestraux des interfaces H/M (comme la continuité des actions utilisateurs).
      Vieil article sur le sujet, mais y’en a eu tellement d’autres : http://www.thelinuxrain.com/articles/over-a-month-on-conclusion-to-the-gnome-shell-challenge

    • The VMs provided by Microsoft will not pass the Windows Genuine Advantage and cannot be activated. Unfortunately for us, that means our VMs will lock us out after 30 days of unactivated use. By reverting to the clean snapshot the countdown to the activation apocalypse is reset, effectively allowing your VM to work indefinitely.