This Saturday, 60,000-plus people will be converging on New York’s Central Park for the seventh Global Citizen Festival, a marquee gathering for worldwide changemaking and social good.

Microsoft will be there, on stage, as a partner to Global Citizen. We’re excited to announce that this year’s festival is going to be the launchpad for Digital Peace Now, a campaign to encourage world leaders to achieve digital peace.

The world’s digital citizens, and the digital world in which we all participate, have to be protected.  You can help by joining the Digital Peace Now movement.

This is the time, this is the moment, when we must take action to protect the digital world where we live, work and learn. Last year, close to a billion people were victims of a cyberattack or digital crime. But if you haven’t fallen victim to a digital attack yet, you probably know a victim. New research, being announced today, shows people like you are concerned and want to take action.

We know that nation-states are behind the worst digital attacks against both innocent people and the infrastructure that underpins societies – energy, transportation, health care, food and water. A peaceful digital global society is something truly worth fighting to achieve. Not least because virtually every digital attack ripples beyond its intended target and harms the lives of innocent citizens.

For example, the 2017 “WannaCry” attack – a true wake-up call – tore through cyberspace, hijacking more than 300,000 computers across 150 countries, including computers used by families, hospitals, governments and businesses. WannaCry was followed closely by “NotPetya,” an attack estimated to have caused $10 billion in damage ranging far beyond the initial targets in Ukraine.

WannaCry and NotPetya were our wake-up moments; they raised an alarm: if we don’t act now, global cyberattacks will continue to inflict grave economic harm and risk human lives and well-being.

At Microsoft, we are fighting to prevent digital attacks. We are not alone; others in industry and government have joined us in this fight. Now we need to amplify the voice of the people who cherish all that the digital world has given us – the digital citizens – all of you – who can make a difference by acting now to tell those in power that we want and demand digital peace.

So, we invite you to join the Global Citizen webcast this Saturday for the annual Global Citizen Festival.

Digital Peace Now is going to be all about people – people banding together in one collective voice to tell their world leaders that the internet must be a peaceful, shared community. Not a battlefield.

Also on Saturday, we’ll be launching the Digital Peace Now Petition and urging everyone – including anybody reading this – to head to digitalpeacenow.org and sign the petition:

We, as Digital Citizens, will not stand by silently as governments weaponize our shared online community — endangering individuals, organizations, and entire countries. In our digital world we create, connect, express ourselves and improve our lives and the lives of others.  Our online community must not be a battlefield. We demand Digital Peace.

Together, we will use our voices and our votes to defend the global digital society on which we depend. Our world leaders must act now to protect us.

There is no peace without Digital Peace.

The effort to achieve Digital Peace cannot be done by any company acting alone. We’re proud to launch this initiative with the founding members of the Digital Peace Campaign Advisory Board – ICT4Peace, Civicus and Observer Research Foundation. Achieving digital peace also must involve a coalition of governments, nonprofits, industry leaders, civil-society entities and global organizations. But most importantly, we need people like you to stand against those that endanger digital peace.

We all are digital citizens. We demand digital peace. Join us.

Tags: cybersecurity

Click Here!

At gamescom 2018, we gave a first glimpse at Forsaken Shores, our latest free content update coming to Sea of Thieves. As part of our ongoing commitment to deliver new Sea of Thieves content throughout the year and beyond, Forsaken Shores offers our biggest update yet at no charge for those who own the game or access it through Xbox Game Pass. There has never been a better time to set sail and adventure with other pirates in the Sea of Thieves community.

Today, Forsaken Shores invites players to venture into a new volcanic region called The Devil’s Roar. This perilous and challenging area of the Sea of Thieves will have players encountering volcano eruptions raining down hot rocks and flowing lava, terrifying earthquakes, unpredictable geysers that can fling players into the air and dangerous super-heated water around islands.

Also new to Forsaken Shores is the Row Boat, which will be key to assisting the navigation of this dangerous new region, but also enriching all journeys across every area of the world. Players can also take on new Devil’s Roar Voyages, with increased challenge that allows players to reap greater rewards.

This permanent new content will be introduced into Sea of Thieves with a time-limited campaign, running for four weeks from today, September 27, where players will be able to discover exactly what happened to the first crew that managed to make their way to The Devil’s Roar. As part of the campaign, players can also find new quests with the Merchant Alliance, taking on Cargo Runs across the world, keeping their cargo safe and delivering it in pristine condition for the highest rewards. Cargo Runs will arrive in week three of the campaign and remain a permanent fixture of the Merchant Alliance moving forward.

This Forsaken Shores campaign and content update will be available free and without charge to all Sea of Thieves players who have bought the game across the Xbox One family of devices or on Windows 10 PC, or who have access to it as part of Xbox Game Pass. Simply download and install the latest Sea of Thieves update to get access. And don’t worry, if you’re unable to take part in the time-limited campaign, all the features introduced with this campaign will remain in the Sea of Thieves world for everyone to see and experience.

In celebration of the launch of Forsaken Shores, the Xbox team asked Matt Berry to deliver our most epic update yet. Matt eschewed the traditional tropes of a pirate performance and instead, bellowed out each point out in his unique fashion. The second the first syllable was uttered on set there were smiles all round, so we hope you have as much fun watching the above video as we had making it.

We are also proud to announce that Sea of Thieves will officially support Traditional Chinese as an official language option starting on November 8. We believe that by enabling the game in more languages, more players will be able to enjoy Sea of Thieves the way they are most comfortable, so they can fully immerse themselves in their very own pirate adventure.

Thank you to the entire Sea of Thieves community for your patience in waiting for Forsaken Shores. The team worked tirelessly behind the scenes to ensure that Forsaken Shores lives up to our collective quality and performance standards. We cannot wait to explore the Devil’s Roar with you. See you on the seas.

New to Sea of Thieves? Join the adventure at xbox.com/seaofthieves, and visit the Sea of Thieves website at SeaofThieves.com to embark on an epic journey with one of gaming’s most welcoming communities.

It’s still a bit unsettling to see a Microsoft speaker at a Linux Foundation conference. Yet, at the recent Linux Security Summit, Ryan Fairfax, Microsoft’s head of OS development for Azure Sphere, quickly put the audience at ease with his knowledge of tuxified tech. His presentation on “Azure Sphere: Fitting Linux Security in 4 MiB of RAM” fits into the genre of stories in which developers are challenged to strip down their precious code to the spartan essentials for IoT.

As we saw last year in Michael Opdenacker’s presentation about reducing the Linux kernel and filesystem for IoT, Linux can be made to run — just barely — in as little as 4MB of RAM. That was Microsoft’s target for Azure Sphere OS, the open source Linux-based distribution at the heart of the Azure Sphere platform for IoT. Azure Sphere also includes a proprietary crypto/secure boot stack called the Microsoft Pluton Security Subsystem, which runs on an MCU, as well an Azure Sphere Security Service, a turnkey cloud service for secure device-to-device and device-to-cloud communication.

Last week, Seeed launched the first dev kit for Azure Sphere. The Azure Sphere MT3620 Development Kit features MediaTek’s MT3620, a 500MHz Cortex-A7/Cortex-M4F hybrid SoC that runs the lightweight Azure Sphere OS on a single -A7 core. The SoC’s 4MB of RAM is the only RAM on Seeed’s Grove compatible dev board. Other SoC vendors besides MediaTek will offer their own Cortex-A/Cortex-M SoCs for Azure Sphere, says Microsoft.

Major shrinkage

Fitting an entire Linux stack into 4MB was a tall order considering that “most of us hadn’t touched Linux in 10 years,” said Fairfax. Yet, the hard part of creating Azure Sphere OS was not so much the kernel modification, as it was the development of the rest of the stack. This includes the custom Linux Security Module, which coordinates with the Cortex-M4’s proprietary Pluton security code using a mailbox-based protocol.

“We decided early on to go with Linux,” said Fairfax. “Most of our changes to the kernel were small, and the core Linux features ‘just worked’ even with limited resources. That’s a credit to the effort of the community and flexibility of the kernel.”

Fairfax’s team started working on Azure Sphere in secret in 2016 after struggling to convince Microsoft leadership that working with a Linux kernel “was viable,” said Fairfax. The project was unveiled in April 2018, and the first public preview will be released soon.

One of the main goals of Azure Sphere was to bring security to the MCU world where “security is basically nonexistent,” said Fairfax. Microsoft somewhat confusingly refers to the MediaTek MT3620 as an MCU rather than an application processor due to its inclusion of Cortex-M4 MCU cores. In part, this may be a marketing ploy since Microsoft intends to compete directly with the Cortex-M oriented Amazon FreeRTOS.

Sign up to receive updates on Open Source Summit and ELC+OpenIoT Europe:

Azure Sphere OS sits on top of the MCU’s Pluton stack, architecturally speaking, and the base layer is a security stack based on Arm TrustZone. This is followed by the custom Linux kernel, which in turn is topped by a cloud services update connectivity layer. The top level is for POSIX and real-time I/O app containers.

The custom kernel is currently based on mainline Linux 4.9. Patches are merged upstream every month, and there are plans to upgrade to LTS branches yearly.

The first step in reducing the kernel was “to avoid putting text into memory,” said Fairfax. To do this, the OS depends a lot on Execute-In-Place (XiP) technology, which is commonly integrated in MCU flash controllers. “XiP lets you take a flash region and map it into the address space in read only, but also in a mode where you can execute it as code.”

In addition, “we tuned the kernel to make things modular so we could turn things off,” explained Fairfax. “We tuned cache sizes and patched to tweak default sizes.”

The team turned off a lot of the memory tracking options and things like kallsyms. They reluctantly cut sysfs, which saved almost 1MB, but for Fairfax was the coder equivalent of the writer’s challenge to kill your darlings. In the end, much of the kernel space was taken up by the network stack and hardware drivers.”

A lightweight Linux Security Module

Initially, the Azure Sphere OS team tried using SSH server with a fixed root password for security, but they quickly realized that this “was not going to cut it long term,” said Fairfax. To reduce the attack surface, they experimented with different security models, including “baking things into the file system and leveraging set UID and SGID to create predictable environments.”

These approaches caused some IPC problems and were otherwise flawed because “they put all the burden at build time,” said Fairfax. “Any mistake would propagate through the system and leave you vulnerable.”

Fairfax and his team revisited existing Linux technologies that might help make permissions more granular and “create a model where apps can access resources with the principle of least privilege,” said Fairfax. They finally decided on a stripped-down version of the Linux Security Model (LSM), a set of kernel extensions that “would reduce attack surface by taking certain features completely off the table. There’s no shell or user account management, which really isn’t relevant for an IoT device, and there’s no sophisticated job and process management.”

Fairfax also added fields that created an app identity for every task. “Applications and kernel modules can use these new fields for extended access control,” said Fairfax. “Values are immutable — once set, they inherit by default.”

The developers “experimented a lot with file systems,” said Fairfax. They tried the read-only cramfs with XIP patches, as well as writable file systems like ext2, jfffs, and yaffs, but “they all took hundreds of kilobytes to initialize, or about 1/16th of the total system memory available.” In the end, they ported the ultra-lightweight littlefs from Arm’s Mbed OS to Linux as a VFS module.

One problem with securing a Linux IoT device is that “Linux treats the entire GPIO infrastructure as a single resource,” said Fairfax. “In the real world not everything connected to your chip has the same sensitivity. I might have one GPIO pin that toggles an LED saying I’m connected to the network, which is not super sensitive, but another GPIO might open the solenoid on my furnace to start gas flow, which is more worrisome.” To compensate, the team added access control to existing features like GPIO to provide more granular access control.

User and application model

If Azure Sphere’s kernel is not radically different than any other extremely reduced Linux kernel, the user mode differs considerably. “The current Linux model is not designed for resource constrained environments,” said Fairfax. “So we built a custom init called the application manager that loads apps, configures their security environments, and launches them. It’s the only traditional process that runs on our system — everything else is part of an application.”

Azure Sphere applications are self describing and independently updatable. In fact, “they’re actually their own independent file systems,” explained Fairfax. “They run isolated from each other and cannot access any resource from another app.”

There are initially four pre-loaded system applications: network management, updates, command and control via USB, hardware crypto and RNG acceleration. GDBServer is optional, and OEMs can “add one or two apps that contain their own business logic,” said Fairfax.

One Azure Sphere rule is that “everything is OTA updatable and everything is renewable,” said Fairfax. In addition, because “quick OTA is critical” in responding to new threats, the team is aiming for OTA security patch updates within 24 hours of public disclosure, a feat they achieved with the Crack virus. Microsoft will manage all the OS updates, but OEMs control their own app updates.

The Microsoft team tried hard to find a way to run containers, including using LXC, but “we couldn’t get it to fit,” said Fairfax. “Containers are great, but they have some serious RAM overhead.”  They also tried using namespaces to create self-contained apps but found that “many peripherals such as GPIO don’t play right with namespaces.”

For now, “we have pivoted off of containers and are focused on isolating apps and making sure that our permission model is sane,” said Fairfax. “We ensure that a buffer overrun in an application only gives you what that application can already do. We build each app as its own file system so they mount or unmount as part of install or uninstall. There’s no copying of files around for installation.

“Each application has metadata in the file system that says: ‘Here’s how to run me and here’s what I need,” continued Fairfax. “By default, all you get is compute and RAM — even network access must be declared as part of the manifest. This helps us reason about the security state and helps developers to do least privilege in apps.”

Future plans call for revisiting namespaces to create “something like a container,” and there’s a plan to “reduce cap_sys_admin or make it more granular,” says Fairfax. He also wants to explore integrating parts of SELinux or AppArmor. More immediately, the team plans to upstream some of the work in memory improvements and file systems, which Fairfax says “are applicable elsewhere even if you’re talking about something like a Raspberry Pi.”

You can find more information about Azure Sphere on Microsoft’s product page, and you can watch the complete presentation below.

[embedded content]

Join us at Open Source Summit + Embedded Linux Conference Europe in Edinburgh, UK on October 22-24, 2018, for 100+ sessions on Linux, Cloud, Containers, AI, Community, and more.

In an effort to identify early edge applications, we recently partnered with IHS Markit to interview edge thought leaders representing major telcos, manufacturers, MSOs, equipment vendors, and chip vendors that hail from open source, startups, and large corporations from all over the globe. The survey revealed that edge application deployments are still young but they will require new innovation and investment requiring open source.

The research investigated not only which applications will run on the edge, but also deployment timing, revenue potential and existing and expected barriers and difficulties of deployment. Presented onsite at ONS Europe by IHS Markit analyst Michael Howard, the results represent an early look at where organizations are headed in their edge application journeys.

Key findings which were presented onstage at ONS Europe by IHS analyst Michael Howard, indicate:

Video and other big-bandwidth applications and connected things that move drive top services, expected revenue.

Read more at The Linux Foundation

Engineering  |  Research  |  UW Today blog

September 27, 2018

In this 2018 GDC session, key team members Raph Koster, Starr Long, Richard Garriott de Cayeux & Rich Vogel talk about the things that went wrong and right during the development and operation of the trailblazing MMORPG Ultima Online.

Ultima Online is Kind Of A Big Deal in the history of game development, not least of which because it was among the first wave of massively multiplayer RPGs with graphics (i.e. not MUDs) that helped lay the foundation for industry-shaping hits like World of Warcraft.

But of course, there’s so much more to be learned from the story of Ultima Online. Kal Ort Por! The death of Lord British. Simulated ecologies. Playerkillers. The Bank of Britain. City sieges. Weddings. Sports events. Players who were orcs. Living the Virtues. As the game turns 20 this year, there’s never been a better time to look back at how it was built.

So if you missed this postmortem talk at GDC this year, or just want to refresh yourself, make sure to take advantage of the fact that it’s now freely available on the official GDC YouTube channel!

In addition to this presentation, the GDC Vault and its accompanying YouTube channel offers numerous other free videos, audio recordings, and slides from many of the recent Game Developers Conference events, and the service offers even more members-only content for GDC Vault subscribers.

Those who purchased All Access passes to recent events like GDC or VRDC already have full access to GDC Vault, and interested parties can apply for the individual subscription via a GDC Vault subscription page. Group subscriptions are also available: game-related schools and development studios who sign up for GDC Vault Studio Subscriptions can receive access for their entire office or company by contacting staff via the GDC Vault group subscription page. Finally, current subscribers with access issues can contact GDC Vault technical support.

Gamasutra and GDC are sibling organizations under parent company Informa.