RAM Prices are getting hot, we’ll tell you why.

Plus the router flaw you need to know about, a pfSense disaster, your questions our answers, and much much more.

On this week’s TechSNAP!

Thanks to:

— Show Notes: —

Hynix factory in China suffers damage in Fire. RAM prices shoot up

• The factory in Wuxi, China is responsible for 40 – 50% of Hynix’s output and 12 – 15% of all DRAM manufacturing capacity around the globe
• The fire started at 07:50 GMT and was extinguished at 09:20 GMT
• The fire apparently started while Hynix was installing some new equipment
• There was only one minor injury during the file
• Hynix has suspended operations at the plant while it evaluates the damage and makes repairs
• “Following news of the shutdown all memory suppliers have apparently stopped quoting prices”
• Reuters followup article
• Hynix reports that the damage is not as bad as initially reported, the huge plumes of black smoke were caused by the fact that the fire was in the air purification system
• Shares in Hynix’s competitors rose sharply, but then slackened off once it was reported that the damage was not severe. Micron shares were up 4 percent to $14.615 at midday Thursday, after surging almost 9 percent at one point. Sandisk was up 2.3 percent at $56.60, after climbing 6 percent at its peak.
• Samsung had 32.7 percent of the global DRAM market in the second quarter, Hynix 30 percent and Micron owned 12.9 percent
• Hynix has published a statement: \”Currently, there is no material damage to the fab equipment in the clean room, thus we expect to resume operations in a short time period so that overall production and supply volume would not be materially affected\”
• DRAM chip prices nearly doubled in the first six months of this year due to tight supply during the summer, prices had been starting to return to normal but this event will undoubtedly keep them inflated for some time to come

Amazon looking to hire 100 IT staff who can get Top Secret security clearance to work on CIA private cloud

• After IBM won a lawsuit to restart the bidding to decide who would build the CIA’s private cloud, Amazon has started a new recruiting drive
• The job openings include: software developers, operations managers and cloud support engineers, among others
• Candidates must meet all requirements to get a Top Secret security clearance, including passing a federally administered polygraph exam
• “Amazon\’s hiring effort includes an invitation-only recruiting event for systems support engineers at its Herndon, Va., facility on Sept. 24 and 25. “
• In filings, Amazon is claiming that it is uniquely qualified to deliver ‘cloud computing’, while analysts have responded by saying that Cloud computing \”simply describes one approach to data center asset provisioning, one that has been around and been practiced by vendors including IBM for many years\”
• The government originally accepted Amazon’s bid at $148 million over the IBM bid at $93 million
• Part of the problem was the way the government wrote the original RFP
• “The vendors were required to address hypothetical scenarios. In one instance, it involved the processing of 100 terabytes of data. But the scenario was ambiguous, and the vendors priced it in different ways, making it impossible to compare prices”
• Analysts also said that the CIA \”too casually brush off Amazon\’s outages\” when considering their bid
• Amazon\’s effort to get government cloud work includes being certified by the U.S. under its Federal Risk and Authorization Program, or FEDRAMP.

Kingcope finds vulnerabilities in Mikrotik routerOS sshd

• Mikrotik RouterOS uses ROSSSH rather than OpenSSH
• Kingcope found that ROSSSH is vulnerable to a remote pre-authentication heap corruption
• ShodanHQ shows that there are nearly 300,000 devices running ROSSSH
• There is an undocumented built-in user account, you can login as ‘devel’ using the admin password, if the file /etc/devel-login exists
• By sending a login name consisting of the letter A 100,000 times, you can crash the ssh daemon
• Exploitation of this vulnerability will allow full access to the router device

Feedback:

• FreeBSD 10\’s removal of GNU

  • Why FreeBSD Deprecated GCC

• pfsense goes down in flames

• IP Leak Follow up

• Hard drive diagnostics before installing FreeNAS ?

• Setting up your own private certificate authority?

• Create a Public Key Infrastructure Using the easy-rsa Scripts – ArchWiki

• Data Recovery business

• Linux Drive Recovery | LAS s27e10

Round up:

• Security researcher releases MegaPWN, displays your Mega private master key and RSA exponent – Just as Mega announces new email service to replace Lavabit and SilentCircle
• The search engine was invented 20 years ago
• Hilariously bad video about the power of IP KVM
• Building a VNC client in 200 lines of javascript (node.js)
• Unusual TOR growth continues, over 1 million new clients, important updates released to try to help the network scale
• NetworkWorld tries out Huawei’s first enterprise managed switch for the North American market – Good power consumption and acceptable performance, but a few rough spots
• The NSA hacks other countries by buying millions of dollars’ worth of computer vulnerabilities
• Godaddy sysadmin blog explains why you shouldn’t cluster your database based on GUIDs
• MyOpenID service shutting down due to lack of adoption
• Intel launches new i7 4690X extreme edition processor. 6x 3.6ghz with turbo up to 4.0ghz – confusingly named, other i7 4*** series are the new Haswell, which features better single core performance at the same clock speeds
• Thoughts on Snowden from a Counterintelligence Agent