Merge pull request #4 from LCTT/master

update from lctt

sources/tech/20210323 3 new Java tools to try in 2021.md

@@ -0,0 +1,74 @@
+[#]: subject: (3 new Java tools to try in 2021)
+[#]: via: (https://opensource.com/article/21/3/enterprise-java-tools)
+[#]: author: (Daniel Oh https://opensource.com/users/daniel-oh)
+[#]: collector: (lujun9972)
+[#]: translator: ( )
+[#]: reviewer: ( )
+[#]: publisher: ( )
+[#]: url: ( )
+
+3 new Java tools to try in 2021
+======
+Empower your enterprise Java applications and your career with these
+three tools and frameworks.
+![Person drinking a hot drink at the computer][1]
+
+Despite the popularity of [Python][2], [Go][3], and [Node.js][4] for implementing [artificial intelligence][5] and machine learning applications and [serverless functions][6] on Kubernetes, Java technologies still play a key role in developing enterprise applications. According to [_Developer Economics_][7], in Q3 2020, there were 8 million enterprise Java developers worldwide.
+
+Although the programming language has been around for more than 25 years, there are always new trends, tools, and frameworks in the Java world that can empower your applications and your career.
+
+The vast majority of Java frameworks are designed for long-running processes with dynamic behaviors for running mutable application servers such as physical servers and virtual machines. Things have changed since Kubernetes containers were unleashed in 2014. The biggest issue with using Java applications on Kubernetes is with optimizing application performance by decreasing memory footprints, speeding start and response times, and reducing file sizes.
+
+### 3 new Java frameworks and tools to consider
+
+Java developers are also always looking for easier ways to integrate shiny new open source tools and projects into their Java applications and daily work. This significantly increases development productivity and motivates more enterprises and individual developers to keep using the Java stack.
+
+When trying to meet the expectations listed above for the enterprise Java ecosystem, these three new Java frameworks and tools are worth your attention.
+
+#### 1\. Quarkus
+
+[Quarkus][8] is designed to develop cloud-native microservices and serverless with amazingly fast boot time, incredibly low resident set size (RSS) memory, and high-density memory utilization in container orchestration platforms like Kubernetes. According to JRebel's [9th annual global Java developer productivity report][9], the usage of Quarkus by Java developers rose 6% from less than 1%, and [Micronaut][10] and [Vert.x][11] grew to 4% and 2%, respectively, both up from roughly 1% last year.
+
+#### 2\. Eclipse JKube
+
+[Eclipse JKube][12] enables Java developers to build container images based on cloud-native Java applications using [Docker][13], [Jib][14], or [Source-To-Image][15] build strategies. It also generates Kubernetes and OpenShift manifests at compile time and improves developers' experience with debug, watch, and logging tools.
+
+#### 3\. MicroProfile
+
+[MicroProfile][16] solves the biggest problems related to optimizing enterprise Java for a microservices architecture without adopting new frameworks or refactoring entire applications. Furthermore, MicroProfile [specifications][17] (i.e., Health, Open Tracing, Open API, Fault Tolerance, Metrics, Config) continue to develop in alignment with [Jakarta EE][18] implementation.
+
+### Conclusion
+
+It's hard to say which Java frameworks or tools are the best choices for enterprise Java developers to implement. As long as there is room for improvement in the Java stack and accelerating enterprise businesses, we can expect new frameworks, tools, and platforms, like the three above, to become available. Spend some time looking at them to see if they can improve your enterprise Java applications in 2021.
+
+--------------------------------------------------------------------------------
+
+via: https://opensource.com/article/21/3/enterprise-java-tools
+
+作者：[Daniel Oh][a]
+选题：[lujun9972][b]
+译者：[译者ID](https://github.com/译者ID)
+校对：[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译，[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]: https://opensource.com/users/daniel-oh
+[b]: https://github.com/lujun9972
+[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/coffee_tea_laptop_computer_work_desk.png?itok=D5yMx_Dr (Person drinking a hot drink at the computer)
+[2]: https://opensource.com/resources/python
+[3]: https://opensource.com/article/18/11/learning-golang
+[4]: https://opensource.com/article/18/7/node-js-interactive-cli
+[5]: https://opensource.com/article/18/12/how-get-started-ai
+[6]: https://opensource.com/article/19/4/enabling-serverless-kubernetes
+[7]: https://developereconomics.com/
+[8]: https://quarkus.io/
+[9]: https://www.jrebel.com/resources/java-developer-productivity-report-2021
+[10]: https://micronaut.io/
+[11]: https://vertx.io/
+[12]: https://www.eclipse.org/jkube/
+[13]: https://opensource.com/resources/what-docker
+[14]: https://github.com/GoogleContainerTools/jib
+[15]: https://www.openshift.com/blog/create-s2i-builder-image
+[16]: https://opensource.com/article/18/1/eclipse-microprofile
+[17]: https://microprofile.io/
+[18]: https://opensource.com/article/18/5/jakarta-ee

sources/tech/20210323 Affordable high-temperature 3D printers at home.md

@@ -0,0 +1,75 @@
+[#]: subject: (Affordable high-temperature 3D printers at home)
+[#]: via: (https://opensource.com/article/21/3/desktop-3d-printer)
+[#]: author: (Joshua Pearce https://opensource.com/users/jmpearce)
+[#]: collector: (lujun9972)
+[#]: translator: ( )
+[#]: reviewer: ( )
+[#]: publisher: ( )
+[#]: url: ( )
+
+Affordable high-temperature 3D printers at home
+======
+How affordable? Under $1,000 USD
+![High-temperature 3D-printed mask][1]
+
+3D printers have been around since the 1980s, but they didn't gain popular attention until they became open source, thanks to the [RepRap][2] project. RepRap stands for self-replicating rapid prototyper; it's a 3D printer that can largely print itself. The open source plans were released [in 2004][3] and led to 3D printer costs dropping from hundreds of thousands of dollars to a few hundred dollars.
+
+These open source desktop tools have been limited to low-performance, low-temperature thermoplastics like ABS (e.g., Lego blocks). There are several high-temperature printers on the market, but their high costs (tens to hundreds of thousands of dollars) make them inaccessible to most people. They didn't have a lot of competition until recently because they were locked up by a patent (US6722872B1), which [expired][4] on February 27, 2021.
+
+With this roadblock removed, we are about to see an explosion of high-temperature, low-cost, fused-filament 3D printers.
+
+How low? How about under $1,000.
+
+During the height of the pandemic, my team rushed to publish designs for an [open source high-temperature 3D printer][5] for manufacturing heat-sterilizable personal protective equipment (PPE). The project's idea is to enable people [to print PPE][6] (e.g., masks) with high-temperature materials and pop them in their home oven to sterilize them. We call our device the Cerberus, and it has the following features:
+
+  1. 200°C capable heated bed
+  2. 500°C capable hot end
+  3. Isolated heated chamber with 1kW space heater core
+  4. Mains (AC power) voltage chamber and bed heating for rapid start
+
+
+
+You can build this project from readily available parts, some of which you can print, for under $1,000. It successfully prints polyetherketoneketone (PEKK) and polyetherimide (PEI, which sells under the trade name Ultem). Both materials are much stronger than anything that can be printed today on low-cost printers.
+
+![PPE printer][7]
+
+(J.M.Pearce, [GNU Free Documentation License][8])
+
+The high-temperature 3D printer was designed to have three heads, but we released it with only one. The Cerberus is named after Greek mythology's three-headed watchdog of the underworld. Normally we would not have released the printer with only one head, but the pandemic shifted our priorities. The [open source community rallied][9] to help solve supply deficits early on, and many desktop 3D printers were spitting out useful products to help protect people from COVID.
+
+What about the other two heads?
+
+The other two heads were intended for high-temperature fused particle fabricators (e.g., the high-temperature version of this open source [3D printer hack][10]) and laying in metal wire (like in [this design][11]) to build an open source heat exchanger. Other functionalities for the Cerberus printer might be an automatic nozzle cleaner and a method to print continuous fibers at high temperatures. Also, you can mount anything you like on the turret to manufacture high-end products.
+
+The expiration of the [obvious patent][12] for putting a box around a 3D printer while leaving the electronics on the outside paves the way for high-temperature home 3D printers, which will enable these devices to graduate from mere toys to industrial tools at reasonable costs.
+
+Companies are already building on the RepRap tradition and bringing these low-cost systems to the market (e.g., the $1,250 [Creality3D CR-5 Pro][13] 3D printer that can get to 300°C). Creality sells the most popular desktop 3D printer and has open sourced some of its designs.
+
+To print super-high-end engineering polymers, however, these printers will need to get over 350°C. Open source plans are already available to help desktop 3D printer manufacturers start competing with the lumbering companies that have held back 3D printing for 20 years as they hid behind patents. Expect the competition for low-cost, high-temperature desktop 3D printers to really heat up!
+
+--------------------------------------------------------------------------------
+
+via: https://opensource.com/article/21/3/desktop-3d-printer
+
+作者：[Joshua Pearce][a]
+选题：[lujun9972][b]
+译者：[译者ID](https://github.com/译者ID)
+校对：[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译，[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]: https://opensource.com/users/jmpearce
+[b]: https://github.com/lujun9972
+[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/3d_printer_mask.jpg?itok=5ePZghTW (High-temperature 3D-printed mask)
+[2]: https://reprap.org/wiki/RepRap
+[3]: https://reprap.org/wiki/Wealth_Without_Money
+[4]: https://3dprintingindustry.com/news/stratasys-heated-build-chamber-for-3d-printer-patent-us6722872b1-set-to-expire-this-week-185012/
+[5]: https://doi.org/10.1016/j.ohx.2020.e00130
+[6]: https://www.appropedia.org/Open_Source_High-Temperature_Reprap_for_3-D_Printing_Heat-Sterilizable_PPE_and_Other_Applications
+[7]: https://opensource.com/sites/default/files/uploads/ppe-hight3dp.png (PPE printer)
+[8]: https://www.gnu.org/licenses/fdl-1.3.html
+[9]: https://opensource.com/article/20/3/volunteer-covid19
+[10]: https://www.liebertpub.com/doi/10.1089/3dp.2019.0195
+[11]: https://www.appropedia.org/Open_Source_Multi-Head_3D_Printer_for_Polymer-Metal_Composite_Component_Manufacturing
+[12]: https://www.academia.edu/17609790/A_Novel_Approach_to_Obviousness_An_Algorithm_for_Identifying_Prior_Art_Concerning_3-D_Printing_Materials
+[13]: https://creality3d.shop/collections/cr-series/products/cr-5-pro-h-3d-printer

sources/tech/20210323 WebAssembly Security, Now and in the Future.md

@@ -0,0 +1,87 @@
+[#]: subject: (WebAssembly Security, Now and in the Future)
+[#]: via: (https://www.linux.com/news/webassembly-security-now-and-in-the-future/)
+[#]: author: (Dan Brown https://training.linuxfoundation.org/announcements/webassembly-security-now-and-in-the-future/)
+[#]: collector: (lujun9972)
+[#]: translator: ( )
+[#]: reviewer: ( )
+[#]: publisher: ( )
+[#]: url: ( )
+
+WebAssembly Security, Now and in the Future
+======
+
+_By Marco Fioretti_
+
+**Introduction**
+
+WebAssembly is, as we [explained recently][1], a binary format for software written in any language, designed to eventually run on any platform without changes. The first application of WebAssembly is inside web browsers, to make websites faster and more interactive. Plans to push WebAssembly beyond the Web, from servers of all sorts to the Internet of Things (IoT), create as many opportunities as security issues. This post is an introductory overview of those issues and of the WebAssembly security model.
+
+**WebAssembly is like JavaScript**
+
+Inside web browsers, WebAssembly modules are managed by the same Virtual Machine (VM) that executes JavaScript code. Therefore, WebAssembly may be used to do much of the same harm that is doable with JavaScript, just more efficiently and less visibly. Since JavaScript is plain text that the browser will compile, and WebAssembly a ready-to-run binary format, the latter runs faster, and is also harder to scan (even by antivirus software) for malicious instructions.
+
+This “code obfuscation” effect of WebAssembly has been already used, among other things, to pop up unwanted advertising or to open fake “tech support” windows that ask for sensitive data. Another trick is to automatically redirect browsers to “landing” pages that contain the really dangerous malware.
+
+Finally, WebAssembly may be used, just like JavaScript, to “steal” processing power instead of data. In 2019, an [analysis of 150 different Wasm modules][2] found out that about _32%_ of them were used for cryptocurrency-mining.
+
+**WebAssembly sandbox, and interfaces**
+
+WebAssembly code runs closed into a [sandbox][3] managed by the VM, not by the operating system. This gives it no visibility of the host computer, or ways to interact directly with it. Access to system resources, be they files, hardware or internet connections, can only happen through the WebAssembly System Interface (WASI) provided by that VM.
+
+The WASI is different from most other application programming interfaces, with unique security characteristics that are truly driving the adoption of WASM on servers/edge computing scenarios, and will be the topic of the next post. Here, it is enough to say that its security implications greatly vary, when moving from the web to other environments. Modern web browsers are terribly complex pieces of software, but lay on decades of experience, and of daily tests from billions of people. Compared to browsers, servers or IoT devices are almost uncharted lands. The VMs for those platforms will require extensions of WASI and thus, in turn, surely introduce new security challenges.
+
+**Memory and code management in WebAssembly**
+
+Compared to normal compiled programs, WebAssembly applications have very restricted access to memory, and to themselves too. WebAssembly code cannot directly access functions or variables that are not yet called, jump to arbitrary addresses or execute data in memory as bytecode instructions.
+
+Inside browsers, a Wasm module only gets one, global array (“linear memory”) of contiguous bytes to play with. WebAssembly can directly read and write any location in that area, or request an increase in its size, but that’s all. This linear memory is also separated from the areas that contain its actual code, execution stack, and of course the virtual machine that runs WebAssembly. For browsers, all these data structures are ordinary JavaScript objects, insulated from all the others using standard procedures.
+
+**The result: good, but not perfect**
+
+All these restrictions make it quite hard for a WebAssembly module to misbehave, but not impossible.
+
+The sandboxed memory that makes it almost impossible for WebAssembly to touch what is _outside_ also makes it harder for the operating system to prevent bad things from happening _inside_. Traditional memory monitoring mechanisms like [“stack canaries”][4], which notice if some code tries to mess with objects that it should not touch, [cannot work there][5].
+
+The fact that WebAssembly can only access its own linear memory, but directly, may also _facilitate_ the work of attackers. With those constraints, and access to the source code of a module, it is much easier to guess which memory locations could be overwritten to make the most damage. It also seems [possible][6] to corrupt local variables, because they stay in an unsupervised stack in the linear memory.
+
+A 2020 paper on the [binary security of WebAssembly][5] noted that WebAssembly code can still overwrite string literals in supposedly constant memory. The same paper describes other ways in which WebAssembly may be less secure than when compiled to a native binary, on three different platforms (browsers, server-side applications on Node.js, and applications for stand-alone WebAssembly VMs) and is recommended further reading on this topic.
+
+In general, the idea that WebAssembly can only damage what’s inside its own sandbox can be misleading. WebAssembly modules do the heavy work for the JavaScript code that calls them, exchanging variables every time. If they write into any of those variables code that may cause crashes or data leaks in the unsafe JavaScript that called WebAssembly, those things _will_ happen.
+
+**The road ahead**
+
+Two emerging features of WebAssembly that will surely impact its security (how and how much, it’s too early to tell) are [concurrency][7], and internal garbage collection.
+
+Concurrency is what allows several WebAssembly modules to run in the same VM simultaneously. Today this is possible only through JavaScript [web workers][8], but better mechanisms are under development. Security-wise, they may bring in [“a lot of code… that did not previously need to be”][9], that is more ways for things to go wrong.
+
+A [native Garbage Collector][10] is needed to increase performance and security, but above all to use WebAssembly outside the well-tested Java VMs of browsers, that collect all the garbage inside themselves anyway. Even this new code, of course, may become another entry point for bugs and attacks.
+
+On the positive side, general strategies to make WebAssembly even safer than it is today also exist. Quoting again from [here][5], they include compiler improvements, _separate_ linear memories for stack, heap and constant data, and avoiding to compile as WebAssembly modules code in “unsafe languages, such as C”.
+
+The post [WebAssembly Security, Now and in the Future][11] appeared first on [Linux Foundation – Training][12].
+
+--------------------------------------------------------------------------------
+
+via: https://www.linux.com/news/webassembly-security-now-and-in-the-future/
+
+作者：[Dan Brown][a]
+选题：[lujun9972][b]
+译者：[译者ID](https://github.com/译者ID)
+校对：[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译，[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]: https://training.linuxfoundation.org/announcements/webassembly-security-now-and-in-the-future/
+[b]: https://github.com/lujun9972
+[1]: https://training.linuxfoundation.org/announcements/an-introduction-to-webassembly/
+[2]: https://www.sec.cs.tu-bs.de/pubs/2019a-dimva.pdf
+[3]: https://webassembly.org/docs/security/
+[4]: https://ctf101.org/binary-exploitation/stack-canaries/
+[5]: https://www.usenix.org/system/files/sec20-lehmann.pdf
+[6]: https://spectrum.ieee.org/tech-talk/telecom/security/more-worries-over-the-security-of-web-assembly
+[7]: https://github.com/WebAssembly/threads
+[8]: https://en.wikipedia.org/wiki/Web_worker
+[9]: https://googleprojectzero.blogspot.com/2018/08/the-problems-and-promise-of-webassembly.html
+[10]: https://github.com/WebAssembly/gc/blob/master/proposals/gc/Overview.md
+[11]: https://training.linuxfoundation.org/announcements/webassembly-security-now-and-in-the-future/
+[12]: https://training.linuxfoundation.org/