Red Hat and Microsoft join forces

Two large IT companies work together to bring the best service for their customers
23 August 2017   1500

Microsoft announced the star of cooperation with Red Hat, widely known Linux based products developer.

Let's figure out what exactly this cooperation brings for the user.

  • Windows Server can be launched on Red Hat OpenShift Container Platform.
    • Windows Server containers will be natively supported on Red Hat OpenShift, a container application platform that brings Docker and Kubernetes to the enterprise. Red Hat OpenShift will be the first container application platform built from the open source Kubernetes project to support both Linux and Windows Server container workloads in a single platform across the multiple environments of the hybrid cloud, breaking down silos and making it easier for enterprises to pursue their cloud-native agenda.

      This capability was demonstrated at Red Hat Summit in May 2017, and is expected to be available as a Technology Preview in Spring 2018.

  • Red Hat OpenShift Dedicated on Microsoft Azure and Red Hat Enterprise Linux on Microsoft Azure Stack
    • Red Hat OpenShift Dedicated is a container platform as a cloud service managed by Red Hat. With this announcement, it is planned for availability on Azure, Microsoft’s enterprise-grade cloud platform with availability announced across 42 regions globally — more than any other public cloud provider. Microsoft and Red Hat engineers are working closely to optimize OpenShift while running on Azure, ensuring enterprise performance standards and matching integrated support.

Alongside Microsoft, Red Hat is providing a way for organizations to truly make the technology choices that matter to them, from containerized workloads to public cloud services, without adding an equal burden of complexity. Combined with our integrated support teams, we’re able to offer an achievable pathway to digital transformation that offers the capabilities, flexibility and choice required to power the future of enterprise IT. 
 

Matthew Hicks 

Vice president, Software Engineering, OpenShift and Management, Red Hat

  • SQL Server on Red Hat Enterprise Linux and OpenShift 
    • Red Hat announced the availability of .NET Core 2.0 as a container in OpenShift, and today the two companies are bringing the power and scale of one of the world’s leading relational database management systems to their joint platforms. SQL Server for Linux will be available in the coming months on Red Hat Enterprise Linux and OpenShift.As with all Red Hat and Microsoft joint initiatives, SQL Server for Linux on Red Hat Enterprise Linux and Red Hat OpenShift Container Platform will be jointly supported by both Microsoft and Red Hat

Microsoft and Red Hat are aligned in our commitment to bring enterprise customers the hybrid cloud solutions they need to modernize their businesses as they shift to operate in a cloud-native world. Today, we’re extending this commitment as we again join forces to bring fully interoperable solutions that simplify container adoption and help customers make the most of their hybrid cloud strategies. 
 

John Gossman 

Lead Azure Architect, Microsoft Corp.

Ledger to Discover HSM Vulnerability

HSM is an external device designed to store public and private keys used to generate digital signatures and to encrypt data, used by banks, exchanges, etc
10 June 2019   1123

A group of researchers from Ledger identified several vulnerabilities in the Hardware Security Module (HSM) devices, which can be used to extract keys or perform a remote attack to replace the firmware of an HSM device. The problem report is currently available only in French, the English-language report is scheduled to be published in August during the Blackhat USA 2019 conference. HSM is a specialized external device designed to store public and private keys used to generate digital signatures and to encrypt data.

HSM allows you to significantly increase protection, as it completely isolates keys from the system and applications, only by providing an API to perform basic cryptographic primitives implemented on the device side. Typically, HSM is used in areas where you need to provide the highest protection, for example, in banks, cryptocurrency exchanges, certification centers for checking and generating certificates and digital signatures.

The proposed attack methods allow an unauthenticated user to gain complete control over the contents of the HSM, including extracting all the cryptographic keys and administrative credentials stored on the device. The problems are caused by a buffer overflow in the internal PKCS # 11 command handler and an error in the implementation of the cryptographic protection of the firmware, which bypasses the firmware check using the PKCS # 1v1.5 digital signature and initiates loading the own firmware in the HSM.

The name of the manufacturer, the HSM devices of which have vulnerabilities, has not yet been disclosed, but it is argued that the problem devices are used by some large banks and cloud service providers. At the same time it is reported that information about the problems was previously sent to the manufacturer and it has already eliminated vulnerabilities in the fresh firmware update. Independent researchers suggest that the problem may be in the devices of the company Gemalto, which in May released an update to Sentinel LDK with the elimination of vulnerabilities, access to information about which is still closed.