Show Notes: linuxactionnews.com/253

The post Linux Action News 253 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/468

The post The Read Only Scenario | LINUX Unplugged 468 first appeared on Jupiter Broadcasting.

Show Notes: linuxactionnews.com/250

The post Linux Action News 250 first appeared on Jupiter Broadcasting.

Show Notes: linuxactionnews.com/233

The post Linux Action News 234 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/411

The post The Best of Both OSs | LINUX Unplugged 411 first appeared on Jupiter Broadcasting.

Show Notes: techsnap.systems/425

The post Ryzen Gets Real | TechSNAP 425 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/344

The post Our Week with Windows | LINUX Unplugged 344 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/327

The post Distro Disco | LINUX Unplugged 327 first appeared on Jupiter Broadcasting.

Show Notes/Links: linuxunplugged.com/285

The post Pain the APT | LINUX Unplugged 285 first appeared on Jupiter Broadcasting.

Is the “Dark Cloud” hype, or a real technology? Using DNS tunneling for remote command and control & the big problem with 1-Day exploits.

Plus your great question, our answers, a breaking news roundup & more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

APT Groups still successfully exploiting Microsoft Office flaw patched 6 months ago

• “A Microsoft Office vulnerability patched six months ago continues to be a valuable tool for APT gangs operating primarily in Southeast Asia and the Far East.”
• “CVE-2015-2545 is a vulnerability discovered in 2015 and corrected with Microsoft’s update MS15-099. The vulnerability affects Microsoft Office versions 2007 SP3, 2010 SP2, 2013 SP1 and 2013 RT SP1.”
• “The error enables an attacker to execute arbitrary code using a specially crafted EPS image file. The exploit uses PostScript and can evade Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) protection methods.”
• One of the groups using the exploit targeted the Japanese military industrial complex
• “In December 2015, Kaspersky Lab became aware of a targeted attack against the Japanese defense sector. In order to infect victims, the attacker sent an email with an attached DOCX file exploiting the CVE-2015-2545 vulnerability in Microsoft Office using an embedded EPS (Encapsulated Postscript) object. The EPS object contained a shellcode that dropped and loaded a 32-bit or 64-bit DLL file depending on the system architecture. This, in turn exploited another vulnerability to elevate privileges to Local System (CVE-2015-1701) and download additional malware components from the C&C server.”
• “The C&C server used in the attack was located in Japan and appears to have been compromised. However, there is no indication that it has ever been used for any other malicious purpose. Monitoring of the server activity for a period of several months did not result in any new findings. We believe the attackers either lost access to the server or realized that it resulted in too much attention from security researchers, as the attack was widely discussed by the Japanese security community.”
• The report details a number of different teams, with different targets
• Some or all of the teams may be related
• “The attackers used at least one known 1-day exploit: the exploit for CVE-2015-2545 – EPS parsing vulnerability in EPSIMP32.FLT module, reported by FireEye, and patched by Microsoft on 8 September 2015 with MS15-099. We are currently aware of about four different variants of the exploit. The original one was used in August 2015 against targets in India by the Platinum (TwoForOne) APT group.”
• Kaspersky Lab Report

Krebs investigates the “Dark Cloud”

• “Crooks who peddle stolen credit cards on the Internet face a constant challenge: Keeping their shops online and reachable in the face of meddling from law enforcement officials, security firms, researchers and vigilantes.”
• “In this post, we’ll examine a large collection of hacked computers around the world that currently serves as a criminal cloud hosting environment for a variety of cybercrime operations, from sending spam to hosting malicious software and stolen credit card shops.”
• How do you keep your site online while hosting it on hacked machines you do not control
• How do you keep the data secure? Who is going to pay for stolen credit cards when they can just hack one of the compromised machines hosting your site?
• “I first became aware of this botnet, which I’ve been referring to as the “Dark Cloud” for want of a better term, after hearing from Noah Dunker, director of security labs at Kansas City-based vendor RiskAnalytics. Dunker reached out after watching a Youtube video I posted that featured some existing and historic credit card fraud sites. He asked what I knew about one of the carding sites in the video: A fraud shop called “Uncle Sam,” whose home page pictures a pointing Uncle Sam saying “I want YOU to swipe.””
• “I confessed that I knew little of this shop other than its existence, and asked why he was so interested in this particular crime store. Dunker showed me how the Uncle Sam card shop and at least four others were hosted by the same Dark Cloud, and how the system changed the Internet address of each Web site roughly every three minutes. The entire robot network, or “botnet,” consisted of thousands of hacked home computers spread across virtually every time zone in the world, he said.”
• So, most of these hacked machines are likely just “repeaters”, accepting connections from end users and then relaying those connections back to the secret central server
• This also works fairly well as a DDoS mitigation mechanism
• “the Windows-based malware that powers the botnet assigns infected hosts different roles, depending on the victim machine’s strengths or weaknesses: More powerful systems might be used as DNS servers, while infected systems behind home routers may be infected with a “reverse proxy,” which lets the attackers control the system remotely”
• “It’s unclear whether this botnet is being used by more than one individual or group. The variety of crimeware campaigns that RiskAnalytics has tracked operated through the network suggests that it may be rented out to multiple different cybercrooks. Still, other clues suggests the whole thing may have been orchestrated by the same gang.”
• A more indepth report on the botnet is expected next week
• “If you liked this story, check out this piece about another carding forum called Joker’s Stash, which also uses a unique communications system to keep itself online and reachable to all comers.”

Wekby APT gang using DNS tunneling for C&C

• “Palo Alto Networks is reporting a shift in malware tactics used by the APT group Wekby that has added a rare but effective new tool to its bag of tricks. Wekby attackers are turning to the technique known as DNS tunneling in lieu of more conventional HTTP delivery of command and controls for remote access control of infected computer networks.”
• “Wekby is a group that has been active for a number of years, targeting various industries such as healthcare, telecommunications, aerospace, defense, and high tech. The group is known to leverage recently released exploits very shortly after those exploits are available, such as in the case of HackingTeam’s Flash zero-day exploit.”
• “The malware used by the Wekby group has ties to the HTTPBrowser malware family, and uses DNS requests as a command and control mechanism. Additionally, it uses various obfuscation techniques to thwart researchers during analysis. Based on metadata seen in the discussed samples, Palo Alto Networks has named this malware family ‘pisloader’.”
• “The initial dropper contains very simple code that is responsible for setting persistence via the Run registry key, and dropping and executing an embedded Windows executable. Limited obfuscation was encountered, where the authors split up strings into smaller sub-strings and used ‘strcpy’ and ‘strcat’ calls to re-build them prior to use. They also used this same technique to generate garbage strings that are never used. This is likely to deter detection and analysis of the sample.”
• “The payload is heavily obfuscated using a return-oriented programming (ROP) technique, as well as a number of garbage assembly instructions. In the example below, code highlighted in red essentially serves no purpose other than to deter reverse-engineering of the sample. This code can be treated as garbage and ignored. The entirety of the function is highlighted in green, where two function offsets are pushed to the stack, followed by a return instruction. This return instruction will point code execution first at the null function, which in turn will point code execution to the ‘next_function’. This technique is used throughout the runtime of the payload, making static analysis difficult.”
• “The malware is actually quite simplistic once the obfuscation and garbage code is ignored. It will begin by generating a random 10-byte alpha-numeric header. The remaining data is base32-encoded, with padding removed. This data will be used to populate a subdomain that will be used in a subsequent DNS request for a TXT record.”
• “The use of DNS as a C2 protocol has historically not been widely adopted by malware authors.”
• “The use of DNS as a C2 allows pisloader to bypass certain security products that may not be inspecting this traffic correctly.”
• “The C2 server will respond with a TXT record that is encoded similar to the initial request. In the response, the first byte is ignored, and the remaining data is base32-encoded. An example of this can be found below.”
• The Malware also looks for specific flags in the DNS response, to prevent it being spoofed by a DNS server not run by the authors. Palo Alto Networks has reverse engineered the malware and found the special flags
• The following commands, and their descriptions are supported by the malware:
  • sifo – Collect victim system information
  • drive – List drives on victim machine
  • list – List file information for provided directory
  • upload – Upload a file to the victim machine
  • open – Spawn a command shell
• “The Wekby group continues to target various high profile organizations using sophisticated malware. The pisloader malware family uses various novel techniques, such as using DNS as a C2 protocol, as well as making use of return-oriented programming and other anti-analysis tactics.”
• Palo Alto Networks Report

Feedback:

• Colo

• Snapshot best practices

• SELinux is cruel to animals

• Work in IT, got this in the mail today.

• Parts of a computer labeled by someone who thinks they know how a computer works

Round up:

• Tor To Use Distributed RNG To Generate Truly Random Numbers
• Skimmers Found at Walmart: A Closer Look
• Foxconn replaces ‘60,000 factory workers with robots’
• FBI warns of wireless keystroke loggers that look like harmless USB chargers
• A third of new cellular customers last quarter were cars
• NIST publishes guide on: Security for Full Virtualization Technologies
• Google aims to kill passwords by the end of this year
• DARPA gives out 7 multi-million dollar grants for research into DDoS mitigation
• Fox ‘Stole’ a Game Clip, Used it in Family Guy & DMCA’d the Original
• Analog malicious hardware, how to slip a backdoor into a chip
• Microsoft promises to stop tricking people into upgrading to Windows 10 when they clearly do not want to
• Google might name and shame slow-to-update Android vendors
• Foul-mouthed worm takes control of wireless ISPs around the globe

The post PIS Poor DNS | TechSNAP 268 first appeared on Jupiter Broadcasting.

Linux Mint 17.3 proves you can based a Linux desktop on a stable core (Ubuntu 14.04) & still deliver an innovative and polished desktop. We take back some of our concerns about Linux Mint & discuss the areas where they are pushing user experience forward.

Plus Mozilla plans to dump Thunderbird, the big release that completely ignores Windows & more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | OGG Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

• LAS SWAG for the Holidays

— Show Notes: —

Brought to you by: Linux Academy

New features in Linux Mint 17.3 Cinnamon

Linux Mint 17.3 is a long term support release which will be supported until 2019. It comes with updated software and brings refinements and many new features to make your desktop experience more comfortable to use.

Linux Mint 17.3 available for download.

• Simplify Command-Line Package Management with APT instead of apt-get

APT, the Advanced Package Tool from the Debian project, is for managing packages by using a lot of separate tools to accomplish various tasks. In the past, users needed to know multiple command structures like apt-get, apt-cache, apt-config, and many more to utilize the full feature-set of APT.

— PICKS —

Runs Linux

Race Cars Runs LINUX!

Sent in by: Nathan S.

Hi guys, I found a cool project run by castrol edge. They are racing two cars on a race track with the drivers wearing virtual reality helmets. Cameras and sensors on the cars feed information into an Ubuntu laptop inside the car and generate the VR display. Thanks for producing the great content that gets me through a 300 mile a week bus commute to school.

Desktop App Pick

Free Astronomical Observatory Software

Alexander Wolf has had the great pleasure of announcing the immediate availability for download of the first maintenance release of Stellarium 0.14, the best free and open-source astronomical observatory software.

According to the internal release notes, which we’ve attached at the end of the article for reference, Stellarium 0.14.1 is mostly a bugfix update that resolves some of the issues reported by users since the previous release of the software, Stellarium 0.14.

• Stellarium

Weekly Spotlight

$276.00 worth of Raspberry Pi / Arduino

Humble Books Bundle: Learn Raspberry Pi and Arduino

Treat yourself to Raspberry Pi (and Arduino too)! Have an appetite for making? Satisfy your craving with these Make: books and magazines while serving up support for Maker Ed too!

Pay what you want for Make: Raspberry Pi and AVR Projects, MintDuino: Building an Arduino-compatible Breadboard Microcontroller, Make: Getting Started with Adafruit Trinket, Make: Getting Started with Adafruit FLORA, Make: Making Simple Robots, and Make: Arduino Bots and Gadgets.

Pay more than the average price to also receive Make: A Raspberry Pi-Controlled Robot; MAKE 38: High-Tech DIY; MAKE 36: Boards and Microcontrollers; Make: The Maker’s Manual; Make: JavaScript Robotics; Make: Getting Started with Sensors; Make: Getting Started with Arduino, 3rd Edition; Make: Getting Started with Raspberry Pi, 2nd Edition; and Make: AVR Programming.

Pay $15 or more for all of that plus Making Things Talk and Make: Sensors.

Plus, everyone who buys the bundle receives $10 off a print and $5 off a digital Make: Magazine subscription

Choose the price. Together, these books cost up to $276. Here at Humble Bundle, though, you choose the price!

Read them anywhere. These books are available in PDF, ePUB, and MOBI formats, meaning you can read them anywhere at anytime. Instructions and a list of recommended reading programs can be found here.

Sent in by Avatar C.

LAS Jacket Returns!

• LAS Jacket Returns! | US

Celebrate your new year with Linux on your mind and on your body!

• LAS Jacket in the EU!

We are excited to offer this LAS zip up hooded jacket that will ship from the
EU!

— NEWS —

Mozilla Wants To Split Off Its Thunderbird Email/Chat Client, Says Mitchell Baker Memo

“I believe Thunderbird should would thrive best by separating itself from reliance on Mozilla development systems and in some cases, Mozilla technology,” Baker wrote in her open memo, posted on Mozilla’s public governance forum. “The current setting isn’t stable, and we should start actively looking into how we can transition in an orderly way to a future where Thunderbird and Firefox are un-coupled.”

• Mozilla’s conundrum: What to do about Thunderbird?

Baker, who says she uses Thunderbird to organize vast parts of her life, now believes that the email client will thrive best if it does not rely on Mozilla for development resources and, in some cases, on Mozilla technology. “The current setting isn’t stable, and we should start actively looking into how we can transition in an orderly way to a future where Thunderbird and Firefox are un-coupled,” she wrote in Mozilla’s public governance forum on Monday.

Mozilla ends the advertisements in Firefox new tab tiles

Apple’s Swift programming language is now open source

As promised earlier in the year, Apple’s Swift team has now posted source code for the Swift compiler and standard library functions and objects.

• Apple releases its Swift programming language with explicit Ubuntu support

• Here’s why an open source Swift doesn’t support Windows (yet)

MATRIX – The World’s First Smart Home App Ecosystem by AdMobilize —Kickstarter

Feedback:

Brought to you by: System76

• https://slexy.org/view/s2UwyZkrlG

• Local(host) DNS Server from LinuxActionShow

• How to set up Dolphin as default file manager? – Ask Ubuntu

I’ve recently came back to Ubuntu from Kubuntu, but I really like Dolphin. Is there any way how to set it up as default file manager?

Thank you to our sponsors, and our audience support!

Trine 3 Stream Giveaway

Rover Log Playlist

Watch the adventures, productions, road trips, trails, mistakes, and fun of the Jupiter Broadcasting mobile studio.

• Support Jupiter Broadcasting on Patreon

Chris’s Twitter account has changed, you’ll need to follow!

Chris Fisher (@ChrisLAS) | Twitter

— CHRIS’ STASH —

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— NOAH’S STASH —

Noah’s Day Job

Altispeed Technologies

Contact Noah

noah [at] jupiterbroadcasting.com

Find us on Google+

• Chris
• Noah J. Chelliah
• Jupiter Broadcasting’s Page

Find us on Twitter

• Chris – ChrisLAS
• Noah – Kernellinux

Follow us on Facebook

• Jupiter Broadcasting on Facebook
• Noah – Kernellinux

Catch the show LIVE Friday:

• https://jblive.tv
• Network Calendar

The post Linux in Mint Condition | LAS 394 first appeared on Jupiter Broadcasting.

Fedora 23 has hit the web and we think this is the release that changes everything, forever. Find out why we think the changes made in Fedora 23 make this nearly a future proof distribution in some work cases.

Plus Linus Torvalds is under attack this week from multiple sources, we’ll break down one of the more technical assaults, Ubuntu is finally killing the software center & the biggest feature coming to systemd ever, just got delayed.

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | OGG Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

Brought to you by: System76

Fedora 23 Review

What’s new in Fedora 23 Workstation – Fedora Magazine

Fedora 23 Workstation is now released. It’s a reliable, user-friendly, and powerful operating system aimed at home users, hobbyists, students, and software developers. Fedora 23 Workstation features the latest GNOME 3.18 release courtesy of the GNOME community. This release of GNOME includes updates to the Files browser, and the new Calendar and Todo applications. Fedora 23 Workstation is the first release of Fedora to include LibreOffice 5.

Gnome Software can update Firmware

This means that if your hardware supports it and your vendor uploads the needed firmware to lvfs you can update your system firmware through GNOME Software. So no more struggling with proprietary tools or bootable DVDs.

Files

The Files browser, also known as Nautilus, now gives progress feedback when copying or moving large files. A button in the header bar allows you to see progress at a glance. Searching and renaming files in the file browser is now also quicker and easier to use.

There’s now better support for your Google Drive contents, too. If you’ve set up a Google online account in the Control Center, you’ll see your Google Drive contents in Files, with a shortcut to Drive in the sidebar.

LibreOffice 5 w/beta GTK3 support

Fedora 23 Workstation ships with LibreOffice 5, the newest version of the widely used productivity suite. LibreOffice features LibreOffice Writer for creating documents, LibreOffice Calc for spreadsheets, and LibreOffice Impress for presentations. LibreOffice 5 comes with many new features and improvements, including:

• Style previews in the sidebar
• Built-in image crop
• UI for data bars in Calc
• Support for Time-Stamp Protocol in PDF export
• Improved import and export to a variety of different types of files
• Improved support for HiDPI screens
• …and more!

xdg-app Tech Preview

• Testing rawhide apps using xdg-app

xdg-app is our new technology for packaging desktop applications. While still early stage it provides a way for software developers to package their software in a way that is both usable across multiple distributions and with improved security through the use of the LXC container technology.

• Torrent Server for the Fedora Project

• Download Fedora Workstation

• Fedora 23: A walk through my favorite Linux installer – Anaconda | ZDNet

I know that a lot of people don’t agree with me about this, and I always see a number of moans and groans about Anaconda when a new Fedora release comes along. But I believe that Linux installation is not a simple task, and installers which try to treat it as if it were will eventually either come up short, or get into trouble. In the simplest cases, Anaconda can get you through the installation with something like six or seven mouse clicks. But when the going gets tough, or complicated, Anaconda has the wherewithal to handle that as well.

• Fedora Workstation 23 and LibreOffice

Another major piece of engineering that I have covered that we did for Fedora Workstation 23 is the GTK3 port of LibreOffice. Those of you who follow Caolán McNamaras blog are probably aware of the details. The motivation for the port wasn’t improved look and feel integration, there was easier ways to achieve that, but to help us have LibreOffice deal well with a range of new technologies we are supporting in Fedora Workstation namely: Touch support, Wayland support and HiDPI.

DNF system upgrade – FedoraProject

Shift to DNF for system upgrades

One important new change is the shift to DNF for system upgrades. Fedora’s old fedup tool for upgrading from one release of Fedora to another is gone. Operating system upgrades are now handled by DNF, Fedora’s new package management tool that replaced yum back in Fedora 22 . This uses systemd‘s support for offline system updates and can roll them back if necessary. If you’re upgrading from one version of Fedora to another, you’ll need to use the DNF tools instead.

What is DNF system upgrade?

dnf-plugin-system-upgrade is a plugin for the Dnf package manager which handles system upgrades. It is the recommended upgrade method for Fedora since the release of Fedora 23 Beta. The Changes/DNF_System_Upgrades page documents the initial introduction of this mechanism.

What does DNF system upgrade do?

DNF system upgrade can upgrade your system to a newer release of Fedora, using a mechanism similar to that used for offline package updates. The updated packages are downloaded while the system is running normally, then the system reboots to a special environment (implemented as a systemd target) to install them. Once installation of the updated packages is complete, the system reboots again to the new Fedora release.

How do I use it?

1. Update your system using the standard updater for your desktop or pkcon or dnf:
   • sudo dnf update
   • It is wise to reboot the computer, especially if you’ve just installed a new kernel.
   • Please note that there is an issue if you use a non-default plymouth boot theme. If you do, please follow the issue description to make sure your upgrade will not be affected.
2. Install the [![Package-x-generic-16.png](https://fedoraproject.org/w/uploads/a/a4/Package-x-generic-16.png)][4][dnf-plugin-system-upgrade][5] package:
   • sudo dnf install dnf-plugin-system-upgrade --best
3. Download the updated packages:
   • sudo dnf system-upgrade download --releasever=24
   • If some of your packages would have unsatisfied dependencies, the upgrade will refuse to continue until you run it again with an extra –allowerasing option. This often happens with packages installed from third-party repositories for which an updated repositories hasn’t been yet published. Please study very careful the output and examine which packages are going to be removed. None of them should be essential for system functionality, but some of them might be important for your productivity.
   • In case of unsatisfied dependencies, you can see more details if you add –best option to the command line.
4. Trigger the upgrade process:
   • sudo dnf system-upgrade reboot
5. Wait for the upgrade process to complete.

Fedora Server

Fedora Server Roles

A Featured Server role is an installable component of Fedora Server that provides a well-integrated service on top of the Fedora Server platform. These prepared roles simplify deployment and management of a service compared to setting up an upstream server from scratch; their use is recommended but optional;

Domain Controller Server Role

Fedora Server can deploy a domain controller powered by FreeIPA. The role greatly simplifies configuration of a primary domain controller.

Database Server Role

Rapidly deploy instances of the powerful postgresql database server using the new Database Server Role for rolekit.

Cockpit Management Console

The Cockpit Management Console (the Cockpit package) is available by default in Fedora Server. This tool provides a powerful, easy to use, web-based graphical interface for managing multiple Linux servers. Features include:

• systemd service management
• Journal log viewer
• Storage configuration including LVM
• Docker container management
• Basic network configuration
• Adding and removing local users

Any user known to the server can log in to the Cockpit console by opening https://_server-ip-address_:9090.

New features for Cockpit in Fedora 23 include:

• Secondary Server Authentication via SSH keys

A single Cockpit instance can be used to manage many devices by connecting to them over ssh. Cockpit can now manage SSH keys to implement this securely. Read more at https://files.Cockpit-project.org/guide/latest/authentication.html

• Manage User SSH keys

Cockpit’s user management interface can also manage a user’s authorized keys.

• Kubernetes dashboard

Cockpit has grown a basic dashboard for managing container deployments with Kubernetes.

• Time Zone management

You now can use Cockpit to adjust the system time zone.

Other Fedora 23 Reviews

• Review of Fedora 23 | Unixmen

Fedora 23 is great for small business who are looking at options for cutting down on IT costs related to software. If Fedora doesn’t suit the task at hand, we remind our readers not to forget about CentOS 7.0. Sure, Ubuntu is also an equal potential option with solid and reliable performance. But it’s difficult to look past Fedora’s fine polish and overall friendly take on a server operating system. Additionally, the simple fact that Cockpit is so well equipped and installed by default with the core system, makes Fedora 23 that little bit more tempting.

• Fedora 23 lands with GNOME 3.18, Wayland progress, and a new upgrade system | PCWorld

Wayland is a new graphical server technology designed to replace X.org. Almost all Linux distributions—except for Ubuntu, which is forging its own path with Mir—plan on using it. Fedora 23 has an optional Wayland session you can enable and play with today, and developers are hopeful Fedora 24 can switch to Wayland by default. This will also bring mixed high-DPI support, so you can use a laptop with a high-DPI display and connect it to a low-DPI external monitor. Each display will be able to have its own DPI settings. Work is also ongoing to make LibreOffice and Firefox run normally under Wayland.

• Fedora 23 Now Available, Highlights Fedora.next Successes – MarketWatch

Matthew Miller, Fedora Project Leader

“Two years ago, the
Fedora Project started the Fedora.next initiative, which helped us look
at what the Fedora Project needed to accomplish in the next 10 years to
adapt to a changing technology landscape, one where open source
development and cloud computing are becoming more prevalent across the
IT landscape. The Fedora operating system needed to be both more
flexible and more targeted, and last year, we released the first Fedora
distribution with three separate editions for users in the cloud, for
those in the server room, and for users looking for a desktop platform.
The release of Fedora 23 highlights the important successes of this
initiative, including the delivery of these three distinct editions as
well as infrastructure improvements to help our community continue
Fedora’s role as a leader within the open source operating system world.”

— PICKS —

Runs Linux

Group of neighbors Runs Linux

1:29

When you live somewhere with slow and unreliable Internet access, it usually seems like there’s nothing to do but complain. And that’s exactly what residents of Orcas Island, one of the San Juan Islands in Washington state, were doing in late 2013. Faced with CenturyLink service that was slow and outage-prone, residents gathered at a community potluck and lamented their current connectivity.

• Doe Bay Internet Users Association | Doe Bay Internet Users Assocation

Desktop App Pick

Trine 3 Released For Linux

Trine 3 is currently on sale for 50% off ($10) via the Steam Store. Trine 3 on Linux requires OpenGL 4.1 support and the developers explicitly recommend using the proprietary drivers over the open-source drivers for best results.

Weekly Spotlight

Architect Linux

Architect Linux – the successor to “Evo/Lution Linux” – provides a powerful, user-friendly, and flexible installer for Arch Linux.

The net-based Architect Installation Framework will download the latest packages from the Arch repositories to build the most up-to-date system possible. It can be used to provide just the Arch base alone, or also to provide a large choice of full desktop environments, window managers, display managers, and network managers.

Sent in by Wolf B.

— NEWS —

Linus’s Thoughts on Linux Security

The Washington Post has a lengthy article on Linus Torvalds and his thoughts on Linux security. Quoting: “…while Linux is fast, flexible and free, a growing chorus of critics warn that it has security weaknesses that could be fixed but haven’t been. Worse, as Internet security has surged as a subject of international concern, Torvalds has engaged in an occasionally profane standoff with experts on the subject. …

His broader message was this: Security of any system can never be perfect. So it always must be weighed against other priorities — such as speed, flexibility and ease of use — in a series of inherently nuanced trade-offs. This is a process, Torvalds suggested, poorly understood by his critics. ‘The people who care most about this stuff are completely crazy. They are very black and white,’ he said … ‘Security in itself is useless. The upside is always somewhere else. The security is never the thing that you really care about.'”

Of course, contradictory points of view are presented, too: “While I don’t think that the Linux kernel has a terrible track record, it’s certainly much worse than a lot of people would like it to be,” said Matthew Garrett, principal security engineer for CoreOS, a San Francisco company that produces an operating system based on Linux. At a time when research into protecting software has grown increasingly sophisticated, Garrett said, “very little of that research has been incorporated into Linux.”

• Linus Torvalds fires off angry ‘compiler-masturbation’ rant

Linux Lord Linus Torvalds has unloaded as only he can in a post to the Linux Kernel Mailing List.

Red Hat Enterprise Linux to become officially supported on Azure (at last)

Azure will become a Red Hat Certified Cloud and Services Provider. In the coming months, Red Hat system images will become available to buy on a pay-as-you-go basis through the Azure Marketplace. In the meantime, Red Hat Cloud Access subscribers will be able to provide their own virtual machine images for running in Azure.

• What’s behind the odd couple Microsoft-Red Hat partnership | Network World

There’s more to the Microsoft-Red Hat deal though. Both Microsoft Executive Vice President Scott Guthrie and Red Hat Executive Vice President of Products Paul Cormier said that this is one of the deepest partnerships that their companies have signed. Microsoft and Red Hat are organizing a team of engineers from both companies in Redmond (where Microsoft is headquartered) that will provide joint support to common customers. “There’ll be no finger pointing,” Cormier said.

• Red Hat and Microsoft making .NET on Linux work for Enterprises | Red Hat Developer Blog

What was announced —

• Developers will be able build .NET applications and deploy them on Red Hat Enterprise Linux, OpenShift, Red Hat Enterprise Linux Atomic Host, and Red Hat Enterprise Linux OpenStack Platform.

• Red Hat and Microsoft engineers are engaged in building and certifying .NET with Red Hat technologies for enterprise use.

• Red Hat will ship Microsoft .NET certified for Red Hat environments through Red Hat Software Collections — aimed at developers.
• Red Hat will provide direct support for installation, configuration, and environmental issues related .NET and Red Hat technologies.

Ubuntu Software Centre To Be Replaced in 16.04 LTS

GNOME’sSoftware application will — according to current plans — take its place as the default and package management utility on the Unity 7-based desktop.

MATE 1.12 released

The headline changes in MATE 1.12 are:

• Fixes and improvements for GTK3 support across the entire MATE Desktop including GTK 3.18 support.

• Touchpad support is significantly improved and now features multi touch and natural scrolling.

• Multi monitor support has been improved so the display settings use output names and the revised UI lets you set the primary monitor.
• The power applet now displays model and vendor information so you can distinguish between multiple battery powered devices.
• Improved session management which now includes screensaver inhibition while playing media.
• MATE now listens to the org.gnome.SessionManager namespace.

• Extended systemd support.

• Long standing bugs and many little usability paper-cuts were fixed.

• For example, panel applets are no longer reordered when changing screen resolutions.
• Translations updated and a number of components now retrieve strings directly from gschema (requires intltool 0.50.1).
• Dropped support for win32 and osx.

KDBUS Is Being Removed From Fedora, Could Be A While Before Being Mainlined

In somewhat of an embarrassing move and indicating that KDBUS likely won’t be proposed for Linux 4.4, this in-kernel IPC mechanism is being temporarily stripped out of Fedora.

• Videos Begin From The First-Ever Systemd Conference

The first-ever systemd conference began today in Berlin and runs through Saturday.

If you are interested in systemd but weren’t able to attend, the session videos are already being uploaded to the Internet.

You can see the systemd 2015 conference videos via this YouTube channel. Stay tuned for more coverage over the next two days.

• Systemd conference: “kdbus is not dead”

The systemd maintainer Lennart Poettering reaffirmed a developer conference that kdbus will continue hand and “not dead”. The implementation in the kernel and userspace will however rebuilt. How long that will take, is not yet clear.

Feedback:

• https://slexy.org/view/s2Bwa6yBlW

• https://slexy.org/view/s2lKCasIga

• https://slexy.org/view/s2TmGfuxAh

• Tell Us About Your Favorite Podcast Episodes

Rover Log Playlist

Watch the adventures, productions, road trips, trails, mistakes, and fun of the Jupiter Broadcasting mobile studio.

• Support Jupiter Broadcasting on Patreon

Chris’s Twitter account has changed, you’ll need to follow!

Chris Fisher (@ChrisLAS) | Twitter

— CHRIS’ STASH —

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— NOAH’S STASH —

Noah’s Day Job

Altispeed Technologies

Contact Noah

noah [at] jupiterbroadcasting.com

Find us on Google+

• Chris
• Noah J. Chelliah
• Jupiter Broadcasting’s Page

Find us on Twitter

• Chris – ChrisLAS
• Noah – Kernellinux

Follow us on Facebook

• Jupiter Broadcasting on Facebook
• Noah – Kernellinux

Catch the show LIVE Friday:

• https://jblive.tv
• Network Calendar

The post Fedora from the Cockpit | LAS 390 first appeared on Jupiter Broadcasting.

Lenovo PCs ship with man-in-the-middle adware that breaks HTTPS connections, we’ll break down how this is possible, the danger that still exists & more.

Plus the story of a billion dollar cyber heist anyone could pull off, the Equation group, your questions, our answers & much much more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

APT Attack robs banks

• A staggering APT attack has been conducted against over 100 banks in 30 countries, and has reportedly managed to steal as much as 1 billion USD.
• “In late 2013, an A.T.M. in Kiev started dispensing cash at seemingly random times of day. No one had put in a card or touched a button. Cameras showed that the piles of money had been swept up by customers who appeared lucky to be there at the right moment.”
• While investigating, Kaspersky Labs found no malware on the ATM, just a strange VPN connection
• Later, they were called into the bank’s headquarters, after the bank’s security officer got an alert about a connection from their domain controller to China
• Kaspersky Video
• “In order to infiltrate the bank’s intranet, the attackers used spear phishing emails, luring users to open them, infecting machines with malware. A backdoor was installed onto the victim’s PC based on the Carberp malicious code, which, in turn gave the name to the campaign — Carbanak.”
• “After obtaining control over the compromised machine, cybecriminals used it as an entry point; they probed the bank’s intranet and infected other PCs to find out which of them could be used to access critical financial systems.”
• “That done, the criminals studied the financial tools used by the banks, using keyloggers and stealth screenshot capabilities.”
• “Then, to wrap up the scheme, the hackers withdrew funds, defining the most convenient methods on a case-by-case basis, whether using a SWIFT transfer or creating faux bank accounts with cash withdrawn by ‘mules’ or via a remote command to an ATM.”
• On average, it took from two to four months to drain each victim bank, starting from the Day 1 of infection to cash withdrawal.
• The oldest code that could be found related to these attacks was from August 2013
• Additional Coverage – NY Times
• Additional Coverage – ThreatPost
• Additional Coverage – SecureList
• Report PDF
• This attack is related to the malware installed directly on ATMs that we have reported on before

Lenovo spyware installs own Root CA

• It has been discovered that Lenovo has been shipping devices preinstalled with an advertising application called SuperFish
• This “Visual Discovery” advertising system injects picture ads for items related to search terms into your google search results, and other websites
• While this is bad enough, and upsets many people, the bigger problem is how they do it
• In order to snoop upon the search terms you are using, SuperFish must intercept your encrypted communications with Google and others
• In order to do this, the SuperFish software installs its own SSL Root Certificate Authority into the trusted certificate store
• This makes your machine trust every certificate signed by SuperFish
• The proxy that SuperFish installs, intercepts all of your web traffic, when it sees you trying to make a secure connection, which it would not be able to snoop on, what it does is create (on the fly), a new certificate for the site you are trying to visit (google.com, bankofamerica.com, whatever), and signs it with its private key
• Now your browser trusts the authenticity of this fake certificate, so it does not issue a warning, and you are completely unaware that SuperFish is intercepting all of your communications
• There are a number of security problems with this, including, does SuperFish sign a ‘valid’ certificate even for invalid certificates, like self signed certificates, meaning that an attack could trick you into going to a website, and seeing it as authentic when it is not, because SuperFish has signed a fresh certificate for it
• Worse, because of the way SuperFish works, rather than relying on the SuperFish backend infrastructure to generate these bogus certificates, instead SuperFish ships the private key for their fake Root CA with their software
• Researchers at Errata Security were able to crack the password used to encrypt the private key in only 3 hours
• The password was: komodia
• He found it fairly easily, first using procdump to defeat the self-encryption used by SuperFish (procdump wrote out the binary as it was in memory after it had decrypted it self)
• Next, he ran the standard unix tool ‘strings’ on the resulting file, and found the encrypted SSL private key
• After failed attempts to brute force it, or run a dictionary attack against it, he went back to his ‘strings’ file
• After filtering it down to only include short all lowercase words, he used it as a dictionary, and found the password
• Now, anyone can download the SuperFish software, extract the certificate and private key, and start signing bogus certificates for any website they wish, and every Lenovo or other machine that has the SuperFish software installed, will happily accept it as genuine
• SuperFish CEO Adi Pinhas tells Ars that “Superfish has not been active on Lenovo laptops since December. We standby this Lenovo statement
• While Lenovo and SuperFish disabled the server side component of SuperFish, which will prevent it from showing the ads, it seems that even uninstalling the SuperFish software, does not remove the trusted root certificate, leaving the users vulnerable to Man-In-the-Middle attacks
• It is unclear what the certificate pinning feature in Google’s Chrome browser did not prevent this from working
• Given that this same technique is popular in corporate security software, and there are also open source application proxies that can do it (OpenBSD’s relayd for one), it may be that Google had to relax their requirements to be compatible with corporate networks
• Lenovo Forums
• Additional Coverage – ThreatPost
• Additional Coverage – TheNextWeb
• Additional Coverage – TechSpot
• Additional Coverage – ZDNet

The Equation Group — Part of the NSA?

• Researchers at Kaspersky Lab have uncovered a cyberespionage group that has been operating for at least 15 years and has worked with and supported the attackers behind Stuxnet, Flame and other highly sophisticated operations.
• Known as the Equation Group, used two of the zero days contained in Stuxnet before that worm employed them and have used a number of other infection methods +
• Beginning in 2001, and possibly as early as 1996, the Equation Group began conducting highly targeted and complex exploitation and espionage operations against victims in countries around the world. The group’s toolkit includes components for infection, a self-propagating worm that gathers data from air-gapped targets, a full-featured bootkit that maintains control of a compromised machine and a “validator” module that determines whether infected PCs are interesting enough to install the full attack platform on.
• An unusual if not truly novel way of bypassing code-signing restrictions in modern versions of Windows, which require that all third-party software interfacing with the operating system kernel be digitally signed by a recognized certificate authority. To circumvent this restriction, Equation Group malware exploited a known vulnerability in an already signed driver for CloneCD to achieve kernel-level code execution.
• The trump card for the Equation Group attackers is their ability to inject an infected machine’s hard drive firmware. This module, known only by a cryptic name – “nls_933w.dll”, essentially allows the attackers to reprogram the HDD or SSD firmware with a custom payload of their own creation.
• One of the Equation Group’s malware platforms, for instance, rewrote the hard-drive firmware of infected computers—a never-before-seen engineering marvel that worked on 12 drive categories from manufacturers including Western Digital, Maxtor, Samsung, IBM, Micron, Toshiba, and Seagate.
• Additional Coverage – Ars Technica
• Additional Coverage – ZDNet
• Additional Coverage – Digital Munitition

Feedback:

• ZFS expansion on iSCSI or LUN on FreeBSD

• Towers and Bread Racks posing as a Data Center.. I’ve got that beat!!

• FreeBSD as Xen Dom0 host?
  • FreeBSD Xen Dom0

• Exclude a specific device from my VPN

• Vizio TV Broadcasting SSID

Round-Up:

• French government has its own malware capable of eavesdropping on Skype, MSN, Yahoo Messanger and the like
• HTTP/2 is Done
• Even your car wash is on Facebook
• m0n0wall – End of the m0n0wall project
• TrueCrypt 7.1a audit stirs back to life
• UK parliament calls for Internet to be classified as a public utility
• Vint Cerf: we need to do a better job of recording the history of what we do on computers
• The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle
• After Microsoft spat, Google will allow 14 days of flexibility beyond the 90 day disclosure window
• Payment Processor Stripe Now Allows Any Business to Accept Bitcoin
• Flaw in netgear wi-fi routers exposes admin password and WLAN settings
• Russian man extradited to US while visiting NL, charged with Heartland and Dow Jones hacks
• BadUSB in SCADA/ICS gear too
• AOL Email went down for many hours starting at 4am this morning

The post SuperFishy Mistake | TechSNAP 202 first appeared on Jupiter Broadcasting.

More and more data breaches are leading to blackmail but the stats don’t tell the whole story. We’ll explain.

Plus the latest in the Sony hack, and the wider reaction. Plus a great batch of emails & much, much more!

Thanks to:

• Get Paid to Write for DigitalOcean

Become a supporter on Patreon:

— Show Notes: —

Illinois Hospital being blackmailed with stolen Patient Data

• “An Illinois hospital says someone attempted to blackmail it to stop the release of data about some of its patients.”
• The hospital chain received an anonymous email asking for a substantial amount of money in order to prevent the release of patient data. A sample of the data was included in the email as proof
• “The hospital says it immediately notified law enforcement agencies.”
• “An investigation discovered the data relates to patients who visited Clay County Hospital clinics on or before February 2012. A hospital representative declined to disclose how many people are involved but said the data is limited to their names, addresses, Social Security numbers and dates of birth. No medical information was compromised in the breach”
• “The hospital believes the data has not been released so far. It didn’t disclose how the data was obtained but said an audit by an outside expert concluded the hospital hadn’t been hacked.”
• The age of the data suggests that the compromise may have involved backups and/or cold storage
• It is not clear of the Hospital stores the older data themselves, or if they rely on a 3rd party provider that may have been compromised
• “A recent report by the Identity Theft Report Center found that by early December there had been 304 breaches so far this year in the U.S. healthcare sector. That’s 42 percent of the 720 breaches reported across the country. But, in part because of the massive breaches at major retailers, the entire healthcare sector only accounted for 9.7 percent of all records compromised in reported breaches so far in 2014.”

Sony cancels the release of “The Interview” – plays the victim

• Sony has apparently cancelled the release of the film that is apparently the cause of the hack of their systems
• A number of cinemas had declined to screen the file after vague threats of physical violence were made
• “We are deeply saddened at this brazen effort to suppress the distribution of a movie, and in the process do damage to our company, our employees, and the American public,” Sony’s statement continues. “We stand by our filmmakers and their right to free expression and are extremely disappointed by this outcome.”
• If they stand for freedom of expression, they wouldn’t have cancelled the movie
• A number of people believe that the hackers may have found something especially damaging to Sony, and Sony is hoping to avoid the disclosure
• Bruce Schneier – “It’s really a phenomenally awesome hack—they completely owned this company,”
• “this is like Snowden, only with Sony.” He said that releases from the hack could go on for months.
• That seems to suggest that the hackers will soon leak something that will look very, very bad for the company, Schneier says.
• Earlier this week, Sony sent a letter to news outlets reporting on the leaks, saying that they could face prosecution for downloading stolen information. That letter, Schneier said, was a signal that the worst is still to come.
• Gawker posts a copy of the threatening letter
• “The fact that they sent that letter tells me there is stuff still to be found that Sony is terrified of. There’s some really bad stuff in there—stuff they did, stuff they said, stuff that’s illegal. Someone [from Sony] is going to jail for this.”
• Reaction to the Sony hack is beyond the realm of stupid – This is not terrorism
• Cisco analysis of Wiper malware used at Sony
• Newer version of Wiper malware signed with stolen Sony certificate
• ThreatPost Digital Undergound Podcast – Details of the Sony Breach
• The leak has also covered a number of different plans and plots by the MPAA
• Inclusing the MPAA’s post-SOPA plan to make ISP DNS Servers block sites

Feedback:

• FW Question

• IP management with 257 devices

• Isolating a server

• Certificate for web site
  • Mozilla TLS Server Side settings

• OpenYourMouth · GitHub

• Cipherli.st – Strong Ciphers for Apache, nginx and Lighttpd

Round Up:

• Viber calls out ESET for flagging them, ESET responds with a digital uppercut
• Yahoo releases new disclosure policy, all new bugs it finds will be disclosed within 90 days
• Report: Mysterious Russian Malware Is Infecting 100,000+ WordPress Sites
• Red October APT team is back, with the CloudAtlas APT attack
• Verizon’s new “end-to-end” encrypted calling app, includes “Government Access Option” – Cellcrypt’s vice president for North America, disputes the idea that building technology to allow wiretapping is a security risk. “It’s only creating a weakness for government agencies,” he says. “Just because a government access option exists, it doesn’t mean other companies can access it.”
• Leaked Government documents reveal Canadian Telco’s offering the Government “Surveillance Ready Networks”, to avoid legislation, and to force small operators out of the market
• Ars was briefly hacked yesterday; here’s what we know (Ars uses PHPass to hash passwords, that is 2048 rounds of MD5. Not as bad as it sounds: If you want to put this into “OL Hashcat” terms, a single R9 290X (video card) can pull ~ 12.2 GH/s on raw MD5, but only 3 MH/s against PHPass. Divide that by 1,071,734 unique salts, and that means our effective speed is only 2.86 H/s. That’s beyond properly slow.)
• A small bank in Kansas may be the future of banking, replacing ‘batched processed’ ACH transfers with instant transfers backed by the existing ATM processing network
• phpBB Status Update
• Study by Dell SecureWorks researchers finds that prices on the Internet Underground are rising

The post Don’t Fire IT | TechSNAP 193 first appeared on Jupiter Broadcasting.

Why Hyping Cyber Threats is Counterproductive & not knowing is never good enough. Plus the malware that targets Hotel visitors, FreeNAS themed questions, our answers & much, much more!

Thanks to:

• Get Paid to Write for DigitalOcean

Become a supporter on Patreon:

— Show Notes: —

“Do Diligence”? Why, not knowing is safer…

• “As I travel around speaking, performing network assessments, and discussing security with various corporate leaders, I often hear a fairly consistent and disturbing mantra.”
• “If you find vulnerabilities and risks in our environment, then we will have to fix it.”
• The problem seems to be, especially in larger more bureaucratic organizations, that if you know about a problem and do not fix it, you are at fault; but if you didn’t know there was a problem, you are blameless
• At some point, in order for security to actually be advanced, people need to take responsibility.
• The CTO/CIO/CSO didn’t know that that “might be a problem” and that it “needed to be investigated”, or that the 3rd party vendor access to our “secure” network was a gaping back door, then the person who hired that C*O should be fired, for hiring an incompetent person
• I am not saying that a breach is the fault of the security officer, but if there is no plan in place about what to do in the event of a breach (because it is a question of WHEN it will happen, not IF), then that is the fault of the security officer
• “The old adage comes to mind, “ignorance of the law is no excuse” and this holds true in information security as well.”
• “A common perspective is that cyber security is primarily the responsibility of the IT department. If a data breach incident occurred, the senior IT executive was the only one to take the fall, and usually only if there was incompetence involved vs. simply bad luck.”
• There is always going to be some adversary out there that is smarter than you, so you have to plan in advance. Defense in depth, early detection and isolation, mitigation and remediation, disaster recovery planning, disclosure and compliance procedures, and just generally having procedures to follow in times of crisis are just some of the things that can be done to handle these situations more gracefully

Schneier: Why Hyping Cyber Threats is Counterproductive

• Schneier highlights a pair of essays on the topic, and his blog has a number of interesting comments as well
• The first article details reasons why ‘Cyber-Angst’ rather than real critical thinking and problem solving, are likely to cause more problems
• OMG Cyber! Thirteen Reasons Why Hype Makes For Bad Policy
• In 2014, the market for information-security spending topped $70 billion
• “Several parties think that overstating ‘cyber’ is in their own best interest. Security firms like a clearly stated threat in order to sell their security products. Contractors capitalise on fear to get funding from the executive branch. The Pentagon finds a bit of hype useful to keep the money coming in. The armed services each eye a larger slice of the budget pie. The White House love some good cyber-angst to nudge law-makers into action. Fear of Chinese cyber-attack makes it easier for members of Congress to relate to voters. Reporting cyber-war means that journalists sell more copy. Academics get quotations and attention from the buzz. Hype up cyber, and everybody wins”
• Hype Creates Confusion
• Hype Limits Results
• Hype Betrays Purpose
• Hype Erodes Talent
• Hype Creates Friction
• Hype Breeds Cynicism
• Hype Degrades Quality
• Hype Weakens Products
• Hype Clouds Analysis
• Hype Kills Nuance
• Hype Escalates Conflict
• Hype Feeds Hypocrisy
• Hype Undermines Trust
• A few other great headlines and quotes in the article:
• Most journalists writing about leaked documents do not understand their limitations
• Hype damages the public’s trust and confidence in the Internet
• “in the bureaucratic setup of a large intelligence agency, presentation skills can become more valuable than coding skills. It gets worse once it dawns on ‘PowerPoint warriors’ that technical jargon works like magic on superiors who may not fully grasp the details”
• The second article Schneier links to makes similar points
• Enough! Stop hyping every new security threat
• “Here’s how it works these days: A security firm finds out about a vulnerability, then sends its PR folks into overdrive to promote it as the biggest of all time”
• It started with ‘code names’ for operations, like: Night Dragon, Project Aurora, and Operation Shady Rat, then it got into “proactive marketing of individual exploits with supercool names — Shellshock, Heartbleed, Sandworm — some of which even have logos”
• “Is this the new norm? You find a vulnerability, then get your PR team and graphic designers involved to gin up the most hype that can possibly be created?”
• “I understand why these firms are doing this. They want to get maximum exposure to sell their products and services, like ambulance-chasing lawyers. But McAfee and Symantec made billions after Code Red, Slammer, and Blaster without creating and pushing logos”
• The tone of the article is somewhat dampened by the inline advertisement for other Infoworld articles: “Watch out for 11 signs you’ve been hacked — and learn how to fight back, in InfoWorld’s PDF special report. | Discover how to secure your systems with InfoWorld’s Security newsletter.”
• And I couldn’t help but pull this quote: “Can you imagine how a real “big one” will be marketed in the future? Cue the operatic music and overlay graphics. Will it be like the Weather Channel’s “Storm of the Century” full-time news cycle with cyber security pros blown around in heavy winds, showing crying website widows holding wet cat GIFs among digital portal ruins?”

DarkHotel APT – Infecting Corporate travellers since 2007

• Kaspersky Labs details a newly disclosed Advanced Persistent Threat that targets executives that stay in high end hotels
• “This APT precisely drives its campaigns by spear-phishing targets with highly advanced Flash zero-day exploits that effectively evade the latest Windows and Adobe defenses, and yet they also imprecisely spread among large numbers of vague targets with peer-to-peer spreading tactics.”
• The APT takes over the WiFi networks of hotels, using a Man-In-the-Middle style attack tricks guests using the wifi into installing a “software update” or other such thing “required to access the internet”
• “… they delegitimize Certificate Authorities to further their attacks. They abuse weakly implemented digital certificates to sign their malcode. The actor abused the trust of at least ten CAs in this manner. Currently they are stealing and re-using other legitimate certificates to sign their mostly static backdoor and infostealer toolset.”
• The updates look legitimate because they are digitally signed, so even corporate security software that blocks unsigned applications is ineffective
• Once the malware is installed, it can start stealing sensitive documents, and keep doing so even after the guest leaves the hotel
• “The more interesting travelling targets include top executives from the US and Asia doing business and investment in the APAC region.” including victims in a number of industries:
• Very large electronics manufacturing
• Investment capital and private equity
• Pharmaceuticals
• Cosmetics and chemicals manufacturing offshoring and sales
• Automotive manufacturer offshoring services
• Automotive assembly, distribution, sales, and services
• Defense industrial base
• Law enforcement and military services
• Non-governmental organizations
• “When Kaspersky Lab researchers visited Darkhotel incident destinations with honeypot machines they did not attract Darkhotel attacks, which suggests the APT acts selectively. Further work demonstrated just how careful these attackers were to hide their activity – as soon as a target was effectively infected, they deleted their tools from the hotel network staging point, maintaining a hidden status”

Feedback:

• New FreeNAS plugins available

• Building a server for FreeNAS and could use some help!

Round Up:

• Unscheduled Windows update kills critical security bug under active attack
• Post Mortem on Azure Storage outage
• Linux Kernel 3.2 has bad performance, it should be avoided, 2.6 best or 3.13 or later the best of the 3.x
• Cricket, one of the US telcos blocking STARTSSL named and shamed
• US spies on mobile phones from the sky, report says
• Computer scientists claim to have developed software that not only detects and eradicates never-before-seen viruses and other malware, but also automatically repairs damage caused by them
• US Cert issues advisory about iOS Masque flaw

The post Security Hype Machine | TechSNAP 189 first appeared on Jupiter Broadcasting.

Live in the Linux file system with a straightforward and simple explanation, how to clean up Ubuntu’s dash search results, installing software you download from the web, and how to scan a Linux box for viruses when you really want to.

Thanks to:

Direct Download:

HD Video | Video | HD Torrent | MP3 Audio | OGG Audio | YouTube

RSS Feeds:

HD Video Feed | HD Torrent Feed | MP3 Feed | OGG Feed

Become a HowTo Linux supporter on Patreon:

Show Notes:

Links:

GDebi Package Installer — Ubuntu Apps Directory

gdebi lets you install local deb packages resolving and installing its dependencies. apt does the same, but only for remote (http, ftp) located packages.

How To Disable Amazon/Product Suggestions And Other Unity Scopes In Ubuntu 14.04.

1. Open Settings.
2. Click Security and Privacy.
3. Open on the Search tab.
4. Switch off toggle “Include online search results”

Linux Directory Structure (File System Structure) Explained with Examples

In this article, let us review the Linux filesystem structures and understand the meaning of individual high-level directories.

Support HowTo Linux on Patreon

The post 3 Linux Complaints Solved | HowTo Linux 2 first appeared on Jupiter Broadcasting.

Adobe’s latest flaw has being exploited by an advanced persistent threat, we’ve got the details, Heartbleed follow ups, and getting started with Virtualization.

Plus our thoughts on the fate of net neutrality, your questions, our answers, and much much more!

On this week’s episode of TechSNAP!

Thanks to:

— Show Notes: —

Adobe releases patch for critical Flash flaw affecting all OSs

• A new exploit has been discovered that works against all versions of Adobe Flash Player
• This is a zero-day exploit, meaning that even a fully patched computer can be exploited
• Adobe has since released the fix, and users are encouraged to apply the patch as soon as possible
• The attack used two different exploits, one general exploit against Flash and the other exploiting a flaw in Internet Explorer
• One of the malware files was detected by Kaspersky using a heuristic signature, but the other was new
• The exploits slightly alter the attack methodology if Windows 8 or newer is detected, to work around mitigations provided by the OS
• The first bit of malware (movie.swf) was generic, downloading more malware from a URL and running it
• The second bit of malware (include.swf) was very specific, targeting “Cisco MeetingPlace Express Add-In version 5”
• “This add-in is used by web-conference participants to view documents and images from presenter\’s screen. It should be noted that the exploit will not work if the required versions of Adobe Flash Player ActiveX and Cisco MPE are not present on the system”
• This suggests that the malware was written with a very specific target in mind, rather than designed to target the general Internet
• The malware was hosted on an official Syrian government website, although it appears that the site may have been compromised to store the files there
• Kaspersky was not able to examine the payload of the second exploit because the files had already been taken down from the website, and there is evidence to suggest there was a 3rd payload (stream.swf)
• “We are sure that all these tricks were used in order to carry out malicious activity against a very specific group of users without attracting the attention of security solutions. We believe that the Cisco add-in mentioned above may be used to download/implement the payload as well as to spy directly on the infected computer.”
• “It\’s likely that the attack was carefully planned and that professionals of a pretty high caliber were behind it. The use of professionally written 0-day exploits that were used to infect a single resource testifies to this.”
• CVE-2015-0515
• Adobe Security Bulletin
• Additional Coverage – ARS Technica
• Additional Coverage – Krebs on Security
• Since IE uses a separate version of Flash from other browsers (Firefox, Chrome, Opera, etc), Windows users will need to apply the patch twice, one to their browser and once to IE, which is used as a component in many other applications including Skype and Steam

Exploit used in the wild against all versions of Internet Explorer 6 through 11

• As part of the same attack from the previous story, an exploit for all versions of Internet Explorer was found
• The exploit was used as part of a watering hole attack
• CVE-2014-1776
• This was to be the first of many 0day exploits that will not be fixed on Windows XP, however Microsoft issued a statement and released the update for Windows XP , inspite of the fact that it is no longer supported

[Heartbleed Followups]

• The heartbleed bug was used to attack and compromise a number of blackhat and underground forums – Many sites were compromised, upgraded OpenSSL but did not revoke SSL certificates or reset passwords
• US-CERT issues advisory warning business and users to update their Apple AirPort devices that are vulnerable to Heartbleed
• CERT has issued an advisory about the NetSSL library failing to properly validate wildcard certificates
• Whitehouse comments, says they did not know about Heartbleed before hand
• Even heartbleed can’t convince people to change their passwords and stop reusing passwords
• Android 4.1.1 has not received OpenSSL patches yet

Feedback:

• Kids WiFi

• Looking for virtualization advice

• XP in a VM

• What advice do you have to help tech geeks find their dream job?

• Suggestion for Brett for backup

• Mondo Rescue – Disaster recovery solution

Round-Up:

• Sony\’s 185TB data tape puts your hard drive to shame
• CERT issues advisory about Toshiba Point-of-Sales systems using weak hashing algorithm for passwords
• SanDisk Announces 4TB SSDs, 8TB & 16TB SSDs to Follow
• Phishers hack email accounts and divert home loan funds
• AOL Finally Admits They Were Hacked
• MIT students raise half million dollars to give every undergraduate student $100 in bitcoins next semester in an effort to build the first true cryptocurrency economy
• FCC chairman \’won\’t hesitate\’ to regulate broadband like a utility if proposed rules fail
• What the internet might look like without Net Neutrality
• Netflix researching “large-scale peer-to-peer technology” for streaming
• This trend shows with Net Neutrality is important — Sonic.net comments on net neutrality
• CISPA 3.0 introduced to the senate
• AT&T’s possible acquisition of DirecTV increases net neutrality concerns

The post Not Neutrality | TechSNAP 161 first appeared on Jupiter Broadcasting.

The Mask, an advanced persistent threat is revealed, a slew of various home router models are actively being exploited, we’ll share the important details.

Plus some routing basics explained, and much much more.

On this week’s TechSNAP

Thanks to:

— Show Notes: —

Kaspersky discovered “The Mask” APT

• We got some hints about Careto (also know as “The Mask” or “The Masked APT”) a few weeks ago, and speculation suggested that the unusual native language of the attackers was Korean
• In an even bigger surprise, it turns out the attackers are Spanish speaking
• the Spanish-speaking attackers targeted government institutions, energy, oil & gas companies and other high-profile victims via a cross-platform malware toolkit
• Full Research PDF
• The APT has been going on since 2007 or earlier
• “More than 380 unique victims in 31 countries have been observed to date”
• “What makes “The Mask” special is the complexity of the toolset used by the
  attackers. This includes an extremely sophisticated malware, a rootkit, a bootkit, 32 and 64 bit Windows versions, Mac OS X and Linux versions and possibly versions for Android and iPad/iPhone (Apple iOS)”
• “The Mask also uses a customized attack against older versions of Kaspersky Lab products to hide in the system, putting them above Duqu in terms of sophistication and making it one of the most advanced threats at the moment. This and several other factors make us believe this could be a nation state sponsored campaign”
• “When active in a victim system, The Mask can intercept network traffic, keystrokes, Skype conversations, PGP keys, analyse WiFi traffic, fetch all information from Nokia devices, screen captures and monitor all file operations”
• “The malware collects a large list of documents from the infected system, including encryption keys, VPN configurations, SSH keys and RDP files. There are also several extensions being monitored that we have not been able to identify and could be related to custom military/government level encryption tools”
• “Overall, we have found exploits for Java, Flash SWF (CVE-2012-0773), as well as malicious plugins for Chrome and Firefox, on Windows, Linux and OS X. The names of the subdirectories give some information about the kind of attack they launch, for instance we can find /jupd where JavaUpdate.jar downloads and executes javaupdt.exe”
• “CVE-2012-0773 has an interesting history. It was originally discovered by French
  company VUPEN and used to win the “pwn2own” contest in 2012. This was the first
  known exploit to escape the Chrome sandbox. VUPEN refused to share the exploit
  with the contest organizers, claiming that it plans to sell it to its customers”
• “A Google engineer offered Bekrar (of VUPEN) $60,000 on top of the $60,000 he had already won for the Pwn2Own contest if he would hand over the sandbox exploit and the details so Google could fix the vulnerability. Bekrar declined and joked that he might consider the offer if Google bumped it up to $1 million, but he later told WIRED he wouldn’t hand it over for even $1 million.”
• This suggests that the threat actor may be a government
• However, Chaouki Bekrar denies the VUPEN exploit was used
• “Several attacks against browsers supporting Java have been observed.
  Unfortunately, we weren’t able to retrieve all the components from these attacks, as
  they were no longer available on the server at the time of checking”
• Also exploits CVE-2011-3544 against Java
• Additional Coverage

Linksys Router Malware

• Researchers say they have uncovered an ongoing attack that infects home and small-office wireless routers from Linksys with self-replicating malware, most likely by exploiting a code-execution vulnerability in the device firmware.
• Johannes B. Ullrich, CTO of the Sans Institute, told Ars he has been able to confirm that the malicious worm has infected around 1,000 Linksys E1000, E1200, and E2400 routers, although the actual number of hijacked devices worldwide could be much higher.
• A blog post Sans published shortly after this article was posted expanded the range of vulnerable models to virtually the entire Linksys E product line. Once a device is compromised, it scans the Internet for other vulnerable devices to infect.
• Compromised routers remain infected until they are rebooted. Once the devices are restarted, they appear to return to their normal state. People who are wondering if their device is infected should check for heavy outbound scanning on port 80 and 8080, and inbound connection attempts to miscellaneous ports below 1024.
• The attack begins with a remote call to the Home Network Administration Protocol (HNAP), an interface that allows ISPs and others to remotely manage home and office routers. The remote function is exposed by a built-in Web server that listens for commands sent over the Internet.
• Typically, it requires the remote user to enter a valid administrative password before executing commands, although previous bugs in HNAP implementations have left routers vulnerable to attack.
• After using HNAP to identify vulnerable routers, the worm exploits an authentication bypass vulnerability in a CGI script.
• Infected devices are highly selective about the IP ranges they will scan when searching for other vulnerable routers. The sample Ullrich obtained listed just 627 blocks of /21 and /24 subnets.
• The discovery comes a week after researchers in Poland reported an ongoing attack used to steal online banking credentials, in part by modifying home routers\’ DNS settings.
• The phony domain name resolvers listed in the router settings redirected victims\’ computers, tablets, and smartphones to fraudulent websites masquerading as an authentic bank service; the sites would then steal the victims\’ login credentials.
• The objective behind this ongoing attack remains unclear. Given that the only observable behavior is to temporarily infect a highly select range of devices, one possible motivation is to test how viable a self-replicating worm can be in targeting routers.
• Two days after this article was published, Linksys representatives issued the following statement:

Linksys is aware of the malware called “The Moon” that has affected select older Linksys E-Series routers and select older Wireless-N access points and routers. The exploit to bypass the admin authentication used by the worm only works when the Remote Management Access feature is enabled. Linksys ships these products with the Remote Management Access feature turned off by default. Customers who have not enabled the Remote Management Access feature are not susceptible to this specific malware.
+ Additional Coverage Internet Storm Center
+ These are not the only routers that have problems
+ Home Routers pose the biggest threat to consumer security
+ An old backdoor from 2005 was found in brand new Cisco home “Gigabit Security Routers”
+ As the covered last year, 40-50 million routers have uPnP flaw
+ Yesterday, researchers found a stack overflow bug in Linksys WRT120N routers
+ The new protocol that proposes to make “security” easier on the next generation of home routers may cause more harm than good
+ Asus Routers are also vulnerable including the RT-AC66R, RT-AC66U, RT-N66R, RT-N66U, RT-AC56U, RT-N56R, RT-N56U, RT-N14U, RT-N16, and RT-N16R

Feedback:

• Do you do disk or filesystem level encryption? If so, how do you manage the keys?

• confused about default routes

• Migrating ZFS

  • ZFS Replication

• Smart Wire Modems

• \”I just don\’t want to see the internet just walled off in different areas of the world\”

Round Up:

• Email attack on Vendor was source of Target breach
• Target\’s cybersecurity team raised concerns months before hack
• Schneier on Security: My Talk on the NSA
• Are 400gbps DDoS attacks the new normal?
• Verizon seeks payment for carrying Netflix traffic, WSJ reports
• RAID reliability calculator
• More than 2000 Tesco.com accounts leaked
• The History of Data Storage
• Important Kickstarter Security Notice
• FreeBSD PEFS file system security audit
• Tour of the Verizon Terremark Data Center
• Intel introduces new 15 core Xeon CPU, Xeon E7-8893 v2 (LGA2011), 3.4 GHz (3.7 GHz turbo), 37.5 MB cache, 1536 GB max ram, 8 way system would have 240 logical CPUs
• US Health care sector vulnerable to Hackers

The post 7 Year Malware | TechSNAP 150 first appeared on Jupiter Broadcasting.

It all started with a simple phishing attack, we’ll share the story about a small bank that had a major compromise, plus the Washington Post gets hacked…

A great batch of questions, our answers, and much much more!

Thanks to:

GoDaddy.com Use our code techsnap249 to get a .COM for $2.49.
UnitySync Visit dirwiz.com/unitysync use code tech for an extended trial and a year of maintenance.
Ting.com Visit techsnap.ting.com to save $25 off your device or service credits.

Direct Download: HD Video | Mobile Video | MP3 Audio | Ogg Audio | YouTube | HD Torrent | Mobile Torrent RSS Feeds: HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feeds | Torrent Feed

— Show Notes: —

Attackers use DDoS attack on banks as cover to conduct APT attack on wire transfer switches, stealing millions of dollars

• Rather than attacks like we have previously discussed where the the fraudsters targeted individuals and companies with malware and then drained their bank accounts, this newer series of attacks has targeted the banks and credit unions directly
• Many of these attacks have been against smaller banks and credit unions because of their more limited IT security infrastructure
• It is unclear exactly how the attackers infiltrated the banks’ networks, but attacks similar to those against The Washington Post and The Onion are likely, fairly well executed spear phishing attacks
• Once the computer of someone inside the bank has been compromised, it can be loaded up with keyloggers, remote administration trojans and other malware
• The attacker can then use the ‘trusted’ computer to escalate their privileges, either directly, or by impersonating the person whos PC has been compromised, and sending more phishing emails internally
• Once a computer with access to the ‘wire transfer switch’ (usually an application) is compromised, the attacker can initiate a wire transfer from any account
• Individual bank accounts and bank employees often have limits on the amount they can transfer, however with escalated privileges, the attackers were able to increase or remote these limits in some cases
• Some banks have instituted anti-fraud systems that require a second employee to authorize any large wire transfer, however attackers had managed to compromise multiple employee accounts inside the bank, and were able to provide the secondary approval of their fraudulent transfers
• “In at least one instance, actors browsed through multiple accounts, apparently selecting the accounts with the largest balance”
• Then, to cover their tracks, the attackers launch a Distributed Denial of Service attack against the banks website, and/or online banking portal. This disruption is designed to keep the IT staff at the bank busy and keep attention of other bank employees away from the wire transfer system
• If successful, the DDoS attack distracts the bank long enough to prevent them clawing back the wire transfer. The bank has a much better chance of getting the money back if they can report the transfer as fraudulent within the first few minutes
• \”The service portal is down, the bank is losing money and reliability, and the security team is juggling the priorities of what to fix first. That\’s when the switch attack – which is very rare because those systems are not easily compromised [and require] high-privilege level in a more advanced persistent threat style case – takes place.\”
• Internet Crime Complaint Center (IC3) issues warning in Sept 2012
• Gartner Report
• Dell SecureWorks Report

Washington Post hacked by Syrian Electronic Army

• The attackers managed to modify specific pages of the Washington Post website to redirect traffic to the site of the attackers for about 30 minutes
• The Syrian Electronic Army (SEA) is a pro-Assad group known for hacking many twitter accounts, as well as other newspapers including The Financial Post, The Onion and the Associated Press
• SEA originally hacked an employee’s twitter account and used it to spread their message
• Some time after that, pages on the website started being redirected
• It is unclear if the employee’s credentials were used to execute the redirect attack
• The method of attack was exactly the same as that used against the Financial Post and The Onion, phishing emails appearing to come from other employees inside the same company, that redirected users to a fake email login page, that captured their credentials. It is unclear if WP uses gmail as the FP and the Onion did
• In a tweet, SEA claimed they had compromised ‘Outbrain’, a business partner of the newspaper that provides ‘content discovery’ mechanisms
• The tweet also claimed that this compromise gave them access to not only the WP, but also CNN and TIME Magazine
• The newspaper promptly disabled the Outbrain module and enacted other defensive measures
• Outbrain acknowledged the problem last Thursday. “We are aware that Outbrain was hacked earlier today. In an effort to protect our publishers and readers, we took down service as soon as it was apparent. The breach now seems to be secured and the hackers blocked out, but we are keeping the service down for a little longer until we can be sure it’s safe to turn it back on securely. We are working hard to prevent future attacks of this nature.”
• This type of attack is especially dangerous. If the SEA had redirected users to a site containing malware, rather than just their own site feature a political message in arabic, the results could have been much worse, and it could have gone on much longer before it was noticed
• This is the type of attack that is the most dangerous, it is like a watering hole attack, except it targets a mass audience, instead of a small one
• Additional Coverage

Feedback:

• Project Byzantium

• getvau.lt passwords

• Geek Choices

  • Switch: Netgear GS724T-300NAS
  • Router: Soekris net6501

• em0 watchdog timeout

Send us a Bitmessage: BM-GuGEaEtsqQjqgHRAfag5FW33Dy2KHUmZ

Round-Up:

• EFF wins court battle to release document showing FISC court ruled NSA Surveillance unconstitutional in 2011
• Poison Ivy RAT used in 3 new attacks
• Microsoft re-releases patch for vulnerability in Active Directory Federation Services after it caused many servers to stop working
• Twitter oauth token data leaked, attacker claims to have tokens for every twitter user, posts 15k tokens
• Microsoft pulls back patch for Exchange Server 2013, fixes Oracle bug that could allow a malicious .PDF to compromise the SERVER when viewed by a client with OWA
• Microsoft announces that in 6 months they will issue an update that will disable digital certificates with MD5 fingerprints. An optional version of the patch is available for testing, before the patch goes live on all supported OSs. Certifications should use SHA1 or SHA256 hashes
• Jekyll transforming malware developed by Georgia Institute of Technology passed through Apple iOS Review process undetected. Apparently the app was only tested by Apple for 7 seconds. Malware is able to post tweets, take photos, send email and SMS, and even attack other apps – all without the user’s knowledge
• Bruce Schneier’s comments on the Cryptopocalypse
• Trading on NASDAQ halted by unknown technical glitch
• Programming via voice recognition – developing a custom spoken language to express programming concepts like curley braces
• Groklaw shuts down because it can no longer trust the security of email

The post Little Phish Big Breach | TechSNAP 124 first appeared on Jupiter Broadcasting.

Tips, trick, and software to secure your Linux desktop, laptop, or server. Most people think antivirus software when we say desktop security. This week, we’ll show you how there is a lot more to securing your Linux box then installing ClamAV!

Plus: Valve opens the floodgates, and we run down the community resources cropping up for future Steam beta testers, plus the cool new Linux hardware and games on the way!

AND SO MUCH MORE!

All this week on, The Linux Action Show!

Thanks to:

GoDaddy.com


Limited time offer:
SPECIAL OFFER! SPECIAL OFFER! .COMs just $5.99* per year up to 3 domains! Additional .COMs just $7.99* per year! – code: 599linux

BONOUS ROUND PROMO:

Save 20% off your order!
Code: go20off6

Expires 10/31/12

Download:

HD Video | Mobile Video | Ogg Video | MP3 Audio | Ogg Audio | YouTube | Torrent File

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Feed | Ogg Feed | iTunes Feeds | Torrent Feed

Support the Show:

[asa]1133935613[/asa]

Purchase anything at Amazon.com Purchase anything at Think Geek using this link Purchase anything at Newegg using this link Contribute directly on our donation page or check out our advertising options and reach millions of amazing people! Grab our Chrome Extension and auto-tag your shopping session for us!

Show Notes:

Secure Your Linux Box:

Brought to you by: System76

Matt’s Protecting Your Ubuntu Desktop Article

• Fail2ban

• Welcome to DenyHosts

• Logcheck – Logfile Scanner

• Logcheck: Keep an eye on your Linux server logs

• Installing Tripwire on Ubuntu

• Tiger – The UNIX Security audit and intrusion detection tool
  • Tiger in Action
  • Tiger Report

• 3 3 4 Chris Jenks Intro to Linux system hardening

Runs Linux:

• Parallella: A Supercomputer For Everyone, Runs Linux
• $99 Raspberry Pi-sized “supercomputer” hits Kickstarter goal

Android Pick:

• dSploit – Android Network Penetration Suite
• Android Picks so far thanks to Madjo in the IRC Chat room!

Search our past picks:

• Linux Action Show Lookup
• Thanks to sakuramboo!

Git yours hands all over our STUFF:

• Jupiter Broadcasting Afiliate Extensions
• Callisto-app – Google Project Hosting
• Quick Update to the Jupiter Broadcasting Android App

News:

• Apply To Be Part Of The Valve Linux Beta

• Ubuntu Nexus 7 Installer App Released to Devs

• Mark Shuttleworth Singles Out Red Hat in Open Development Brouhaha

• Ubuntu Looks To An SDK, Improved App Development

• AppDevUploadProcess – Ubuntu Wiki

• An update about the ext4 corruption report that has spread…

• PLANETARY ANNIHILATION: Coming to Linux

• Raspberry Pi Gets Open Sourced Down to the Hardware Core

• Airlie: raspberry pi drivers are NOT useful

Feedback:

• Free as in?
• Linux or FreeNAS?
• OakRaider4Life APT Backup Script

Chris’ Stash:

• Unfilter is looking for foreign correspondents!

What’s Matt Doin?

• Protecting Your Ubuntu Desktop
• Writing about Linux, sometimes, even asking tough questions
• Offering newbie centric advice, in my articles

Find us on Google+

• Chris
• Matt Hartley
• Jupiter Broadcasting’s Page

Find us on Twitter:

• Chris – ChrisLAS
• Matt – matthartley

Follow the network on Facebook:

• Jupiter Broadcasting on Facebook

Catch the show LIVE Sunday 10am Pacific / 1pm Eastern / 5pm UTC:

• https://jblive.tv
• Network Calendar

The post Secure Your Linux Box | LAS | s24e03 first appeared on Jupiter Broadcasting.

]]>