We discuss just how hard, or not, responsible disclosure really is, share some sad news about the status of BTRFS on RHEL, a few more reasons to use ZFS.

Then, we find out if our passwords have been cracked, reveal Dan’s password hashes live on air & more!

RSS Feeds:

HD Video Feed | MP3 Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Patreon

Show Notes:

Responsible Disclosure Is Hard

  • When a responsible person discovers a security issue, disclosing it properly is difficult

  • Uses Tesla’s policy as a good example of how companies should do this

  • “This is not hard stuff and it basically amounts to text on a page. Consider whether your own organisation has something to this effect and is actually ready to handle disclosure by those who attempt to do so ethically. Listen to these people and be thankful they exist; there’s a whole bunch of others out there who are far less charitable and by the time you hear from those guys, it’s already too late.”

RedHat deprecates Btrfs

  • The Btrfs file system has been in Technology Preview state since the initial release of Red Hat Enterprise Linux 6. Red Hat will not be moving Btrfs to a fully supported feature and it will be removed in a future major release of Red Hat Enterprise Linux.

  • The Btrfs file system did receive numerous updates from the upstream in Red Hat Enterprise Linux 7.4 and will remain available in the Red Hat Enterprise Linux 7 series. However, this is the last planned update to this feature.

320 Million Freely Downloadable Pwned Password hashes

Feedback

Round Up:

Question? Comments? Contact us here!