Show Notes/Links: https://www.bsdnow.tv/309

The post Get Your Telnet Fix | BSD Now 309 first appeared on Jupiter Broadcasting.

Show Notes: techsnap.systems/397

The post Quality Tools | TechSNAP 397 first appeared on Jupiter Broadcasting.

Is it possible to make a truly private phone call anymore? The answer might surprise you. Cisco and Level 3 battle a huge SSH botnet & how to Build a successful Information Security career.

Plus a great batch of your questions, a rocking round up, and much, much more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

How to make secret phone calls

• “There’s a lot you can find in the depths of the dark web, but in 2013, photographer and artist Curtis Wallen managed to buy the ingredients of a new identity”
• “After purchasing a Chromebook with cash, Wallen used Tor, virtual marketplaces, and a bitcoin wallet to purchase a fake driver’s license, insurance card, social security number, and cable bill, among other identifying documents. Wallen saw his new identity, Aaron Brown, as more than just art: Brown was a political statement on the techno-surveillance age.”
• The article sets out the steps required to conduct untraceable phone calls
• The instructions are based on looking at how CIA OpSec was compromised by cell phones in the cases of the 2005 extraordinary rendition of Hassan Mustafa Osama in Italy and their surveillance of Lebanese Hezbollah
• “using a prepaid “burner” phone, posting its phone number publicly on Twitter as an encrypted message, and waiting for your partner to decrypt the message and call you at a later time”
• Analyze your daily movements, paying special attention to anchor points (basis of operation like home or work) and dormant periods in schedules (8-12 p.m. or when cell phones aren’t changing locations);
• Leave your daily cell phone behind during dormant periods and purchase a prepaid no-contract cell phone (“burner phone”);
• After storing burner phone in a Faraday bag, activate it using a clean computer connected to a public Wi-Fi network;
• Encrypt the cell phone number using a onetime pad (OTP) system and rename an image file with the encrypted code. Using Tor to hide your web traffic, post the image to an agreed upon anonymous Twitter account, which signals a communications request to your partner;
• Leave cell phone behind, avoid anchor points, and receive phone call from partner on burner phone at 9:30 p.m.—or another pre-arranged “dormant” time—on the following day;
• Wipe down and destroy handset.
• “The approach is “very passive” says Wallen. For example, “Posting an image to Twitter is a very common thing to do, [and] it’s also very common for image names to have random numbers and letters as a file name,” he says. “So, if I’ve prearranged an account where I’m going to post an encrypted message, and that message comes in the form of a ‘random’ filename, someone can see that image posted to a public Twitter account, and write down the filename—to decrypt by hand—without ever actually loading the image. Access that Twitter account from Tor, from a public Internet network, and there’s hardly any trace that an interaction even happened.””
• “This is not easy, of course. In fact, it’s really, comically hard. “If the CIA can’t even keep from getting betrayed by their cell phones, what chance do we have?””
• “Central to good privacy, says Wallen, is eliminating or reducing anomalies that would pop up on surveillance radars, like robust encryption or SIM card swapping. To understand the risks of bringing unwanted attention to one’s privacy practices, Wallen examined the United States Marine Corps’ “Combat Hunter” program, which deals with threat assessment through observation, profiling, and tracking.”
• “Anomalies are really bad for what I’m trying to accomplish—that means any overt encryption is bad, because it’s a giant red flag,” Wallen said. “I tried to design the whole system to have as small a footprint as possible, and avoid creating any analyzable links.”
• “I was going out and actually buying phones, learning about different ways to buy them, to activate them, to store them, and so on,” said Wallen, who eventually bought a burner phone from a Rite Aid. “I kept doing it until I felt like I’d considered it from every angle.”
• “After consulting on commercially available Faraday bags, Wallen settled on the Ramsey Electronics STP1100”
• Wallen cautions his audience about taking his instructions too literally. The project, he says, “was less about arriving at a necessarily practical system for evading cell phone tracking, than it was about the enjoyment of the ‘game’ of it all. In fact, I think that it is so impractical says a lot.”
• “Bottom line,” he adds. “If your adversary is a nation state, don’t use a cellphone.”
• Guide to creating and using One-Time Pads
• John Oliver: Government Surveillance — Interview with Edward Snowden

Cisco and Level 3 battle a huge SSH botnet

• “Talos has been monitoring a persistent threat for quite some time, a group we refer to as SSHPsychos or Group 93. This group is well known for creating significant amounts of scanning traffic across the Internet. Although our research efforts help inform and protect Cisco customers globally, sometimes it is our relationships that can multiply this impact. Today Cisco and Level 3 Communications took action to help ensure a significantly larger portion of the Internet is also protected.”
• “The behavior consists of large amounts of SSH brute force login attempts from 103.41.124.0/23, only attempting to guess the password for the root user, with over 300,000 unique passwords. Once a successful login is achieved the brute forcing stops. The next step involves a login from a completely different IP ranges owned by shared hosting companies based out of the United States. After login is achieved a wget request is sent outbound for a single file which has been identified as a DDoS rootkit. “
• “Once the rootkit is installed additional instructions are downloaded via an XOR encoded file from one of the C2 servers. The config file is largely constructed of a list of IP addresses that are being denied and filenames, and files to be deleted.”
• “At times, this single attacker accounted for more than 35% of total Internet SSH traffic”
• Level 3 then worked to block the malicious traffic
• “Our goal, when confirming an Internet risk, is to remove it as broadly as possible; however, before removing anything from the Internet, it is important to fully understand the impact that may have to more benign hosts. To do this, we must understand more details of the attacker’s tools and infrastructure.”
• “As part of the process, Level 3 worked to notify the appropriate providers regarding the change. On March 30th SSHPsychos suddenly pivoted. The original /23 network went from a huge volume of SSH brute force attempts to almost no activity and a new /23 network began large amounts of SSH brute forcing following the exact same behavior associated with SSHPsychos. The new network is 43.255.190.0/23 and its traffic was more than 99% SSH immediately after starting communication. The host serving the malware also changed and a new host (23.234.19.202) was seen providing the same file as discussed before a DDoS Rootkit.”
• “Based on this sudden shift, immediate action was taken. Talos and Level 3 decided to remove the routing capabilities for 103.41.124.0/23, but also add the new netblock 43.255.190.0/23. The removal of these two netblocks introduced another hurdle for SSHPsychos, and hopefully slows their activity, if only for a short period.”
• “For those of you who have Linux machines running sshd on the open Internet, be sure to follow the best practice of disabling root login in your sshd config file. That step alone would stop this particular attacker from being successful in your environment.”
• Remote root login should never be allowed anyway
• Hopefully this will send a clear message to the providers that allow these type of attackers to operate on their network. If you don’t clean up your act, you’ll find large swaths of your IP space unusable on the public internet.

How to Build a Successful Information Security Career

• A question I often get is “how do I get into InfoSec”
• Myself, not actually being an InfoSec professional, and never having really worked in that space, do not have the answer
• Luckily, someone who is in that space, finally wrote it all down
• “One of the most important things for any infosec professional is a good set of inputs for news, articles, tools, etc.”
  • So, keep watching TechSNAP
• Basic Steps:
• Education (Sysadmin, Networking, Development)
• Building Your Lab (VMs, VPSs from Digital Ocean)
• You Are Your Projects (Build something)
• Have a Presence (Website, Blog, Twitter, etc)
• Certifications (“Things have the value that others place on them”)
• Networking With Others (Find a mentor, be an intern)
• Conferences (Go to Conferences. Speak at them)
• Mastering Professionalism (Dependability, Well Written, Good Speaker)
• Understanding the Business (Businesses want to quantify risk so they can decide how much should be spent on mitigating it)
• Having Passion (90% of being successful is simply getting 100,000 chances to do so. You get chances by showing up)
• Becoming Guru
• It is a very good read, broken down into easy to understand steps, with the justification for each requirement, as well as some alternatives, because one size does not fit all
• Related, but Roundup is already full enough: How to Avoid a Phone Call from Brian Krebs – The Basics of Intrusion Detection and Prevention with Judy Novak

Feedback:

• Data Delivery/Syncing over WAN

• TOR Question

• Upgrading password hash algorithm

Round Up:

• Announcing Git Large File Storage (LFS)
• Amazon EFS
• One in seven employees will self corporate passwords for $150 or less
• Hidden backdoor API to root privileges in Apple OS X
• Vulnerability in Firefox forced Mozilla to disable opportunistic encryption
• The FBI Has Its Own Secret Brand of Malware
• AT&T Call Center staff sold hundres of thousands of customer records to criminals
• Expired SSL certificate
• Google lets the Root CA certificate that issues the smtp.gmail.com certificate expire
• Congress must end mass NSA surveillance with next Patriot Act vote
• Greenwald criticized universities which open up their campuses to government agencies in exchange for funding
• 8 Ways You Didn’t Know Hackers Could Steal Your Identity
• Apple did not remove CNNIC Root CA from trust lists in latest security update
• Every Wi-Fi Router Should Look Like The USS Enterprise
• IT Security in a nutshell

The post Day-0 of an InfoSec Career | TechSNAP 209 first appeared on Jupiter Broadcasting.

Samsung files to block Nvidia chips from entering the US, a judge unseals 500+ Stingray records potentially by mistake. Plus Comcast’s big plans to get you to use the Internet less.

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Samsung Files Complaint to Block Nvidia Chips From U.S. – Bloomberg

Samsung filed a complaint yesterday against Nvidia with the
U.S. International Trade Commission in Washington, according to
a notice on the agency’s website. A copy of the complaint wasn’t
immediately available.

The legal battle began in September when Nvidia filed its
own ITC complaint against Qualcomm Inc. and Samsung over
patented ways to improve graphics. It’s asking the agency to
block imports of the latest Galaxy phones and tablets that use
Qualcomm’s Snapdragon graphics processing units or Samsung’s
Exynos processors.

Samsung retaliated Nov. 4 with a patent-infringement suit
in federal court in Richmond, Virginia. In that case, Suwon,
South Korea-based Samsung claims Nvidia and one of its customers
infringe as many as eight patents. That lawsuit targets Nvidia’s
Shield tablet computers.

Each company has denied using the other’s technology. In a
Nov. 11 statement, Nvidia called Samsung’s lawsuit “a
predictable tactic.”

‘We have not seen the complaint so can’t comment, but we
look forward to pursuing our earlier filed ITC action against
Samsung products,” Hector Marinez, a spokesman for Santa Clara,
California-based Nvidia, said in an e-mailed statement.

Judge Unseals 500+ Stingray Records

A judge in Charlotte, North Carolina, has unsealed a set of 529 court documents in hundreds of criminal cases detailing the use of a stingray, or cell-site simulator, by local police. This move, which took place earlier this week, marks a rare example of a court opening up a vast trove of applications made by police to a judge, who authorized each use of the powerful and potentially invasive device

According to the Charlotte Observer, the records seem to suggest that judges likely did not fully understand what they were authorizing. Law enforcement agencies nationwide have taken extraordinary steps to preserve stingray secrecy. As recently as this week, prosecutors in a Baltimore robbery case dropped key evidence that stemmed from stingray use rather than fully disclose how the device was used.

Eyes-on with Streaming Photoshop: Adobe’s plan to bring PS to the cloud | Ars Technica

“Streaming Photoshop” is Adobe and Google’s plan to bring the incomparable photo editor to Chrome OS and the Chrome Browser.

“Streaming Photoshop” is a Chrome App that you download from the Chrome store (provided you are whitelisted). The app opens in a window that looks just like a local version of Photoshop—there’s no browser UI of any kind. Photoshop lives on a computer in the cloud, and a video feed of it is streamed to the Chrome app. The app captures clicks and sends them to the server. It sounds like using it would be a clunky mess, but the whole process looked indistinguishable from a local install of Photoshop.

Chrome OS has taken off as a competitor to Windows—the NPD’s last estimate put it at 35% of commercial notebook sales—but it lacks a few killer apps like Photoshop. The other benefit is that you can now run Photoshop on just about any computer without having to worry about RAM and CPU usage, since all the computer has to display is a video stream. Adobe says even the $200 Chromebooks on the market today should be fast enough to handle Streaming Photoshop.

Three to 4MB/s will get you the best results, and Adobe says Streaming Photoshop should still be usable on connections as slow as 1MB/s. There’s no offline support, of course.

Streaming Photoshop runs version 15.2.1 (the latest version) on a Windows box from Google Compute Engine.

That means you’ll be getting the Windows title bar and menus regardless of what your host OS is. The app will remap hotkeys, though, so other than a few minor visual differences, it shouldn’t feel too weird. Right now there’s no GPU support, so things like 3D functions are currently off-limits—the whole menu was grayed-out. There’s also no way to print directly from Photoshop.

Storage used Google Drive—it does not currently work with Creative Cloud—and if your file is in Google’s cloud, it opens instantly, no uploading required. We’d imagine most people have their Photoshop files backed up 24/7 in Creative Cloud, Dropbox, or Google Drive, so this shouldn’t be a big change for most people. Adobe says Creative Cloud support is coming, but for now, on Google’s platform, Drive support comes free.

What XFINITY Internet Data Usage Plans will Comcast be Launching?

In the Tucson, Arizona market, we announced in 2012 that the data amount included with Economy Plus through Performance XFINITY Internet tiers would increase from 250 GB to 300 GB. Those customers subscribed to the Blast! Internet tier, have received an increase in their data usage plan to 350 GB; Extreme 50 customers have received an increase to 450 GB; Extreme 105 customers have received an increase to 600 GB. As in our other trial market areas, we offer additional gigabytes in increments/blocks of 50 GB for $10.00 each in the event the customer exceeds their included data amount.

In Huntsville and Mobile, Alabama; Atlanta, Augusta and Savannah, Georgia; Central Kentucky;Maine;Jackson,Mississippi;Knoxville and Memphis, Tennessee and Charleston,South Carolina, we have begun a trial which will increase our data usage plan for all XFINITY Internet tiers to 300 GB per month and will offer additional gigabytes in increments/blocks (e.g., $10.00 per 50 GB). In this trial, XFINITY Internet Economy Plus customers can choose to enroll in the Flexible-Data Option to receive a $5.00 credit on their monthly bill and reduce their data usage plan from 300 GB to 5 GB. If customers choose this option and use more than 5 GB of data in any given month, they will not receive the $5.00 credit and will be charged an additional $1.00 for each gigabyte of data used over the 5 GB included in the Flexible-Data Option.

The post Dark Age of the Internet | Tech Talk Today 96 first appeared on Jupiter Broadcasting.

We sit down for an interview with Chris Buechler, from the pfSense project, to learn just how easy it can be to deploy a BSD firewall. We\’ll also be showing you a walkthrough of the pfSense interface so you can get an idea of just how convenient and powerful it is. Answers to your questions and the latest headlines, here on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

EuroBSDCon and AsiaBSDCon

• This year, EuroBSDCon will be in September in Sofia, Bulgaria
• They\’ve got a call for papers up now, so everyone can submit the talks they want to present
• There will also be a tutorial section of the conference
• AsiaBSDCon will be next month, in March!
• All the info about the registration, tutorials, hotels, timetable and location have been posted
• Check the link for all the details on the talks – if you plan on going to Tokyo next month, hang out with Allan and Kris and lots of BSD developers!

FreeBSD 10 on Ubiquiti EdgeRouter Lite

• The Ubiquiti EdgeRouter Lite is a router that costs less than $100 and has a MIPS CPU
• This article goes through the process of installing and configuring FreeBSD on it to use as a home router
• Lots of good pictures of the hardware and specific details needed to get you set up
• It also includes the scripts to create your own images if you don\’t want to use the ones rolled by someone else
• For such a cheap price, might be a really fun weekend project to replace your shitty consumer router
• Of course if you\’re more of an OpenBSD guy, you can always see our tutorial for that too

Signed pkgsrc package guide

• We got a request on IRC for more pkgsrc stuff on the show, and a listener provided a nice write-up
• It shows you how to set up signed packages with pkgsrc, which works on quite a few OSes (not just NetBSD)
• He goes through the process of signing packages with a public key and how to verify the packages when you install them
• The author also happens to be an EdgeBSD developer

Big batch of OpenBSD hackathon reports

• Five trip reports from the OpenBSD hackathon in New Zealand! In the first one, jmatthew details his work on fiber channel controller drivers, some octeon USB work and ARM fixes for AHCI
• In the second, ketennis gets into his work with running interrupt handlers without holding the kernel lock, some SPARC64 improvements and a few other things
• In the third, jsg updated libdrm and mesa and did various work on xenocara
• In the fourth, dlg came with the intention to improve SMP support, but got distracted and did SCSI stuff instead – but he talks a little bit about the struggle OpenBSD has with SMP and some of the work he\’s done
• In the fifth, claudio talks about some stuff he did for routing tables and misc. other things

This episode was brought to you by

Interview – Chris Buechler – cmb@pfsense.com / @cbuechler

pfSense

Tutorial

pfSense walkthrough

News Roundup

FreeBSD challenge continues

• Our buddy from the Linux foundation continues his switching to BSD journey
• In day 13, he covers some tips for new users, mentions trying things out in a VM first
• In day 14, he starts setting up XFCE and X11, feels like he\’s starting over as a new Linux user learning the ropes again – concludes that ports are the way to go
• In day 15, he finishes up his XFCE configuration and details different versions of ports with different names, as well as learns how to apply his first patch
• In day 16, he dives into the world of FreeBSD jails!

BSD books in 2014

• BSD books are some of the highest quality technical writings available, and MWL has written a good number of them
• In this post, he details some of his plans for 2014
• In includes at least one OpenBSD book, at least one FreeBSD book and…
• Very strong possibility of Absolute FreeBSD 3rd edition (watch our interview with him)
• Check the link for all the details

How to build FreeBSD/EC2 images

• Our friend Colin Percival details how to build EC2 images in a new blog post
• Most people just use the images he makes on their instances, but some people will want to make their own from scratch
• You build a regular disk image and then turn it into an AMI
• It requires a couple ports be installed on your system, but the whole process is pretty straightforward

PCBSD weekly digest

• This time around we discuss how you can become a developer
• Kris also details the length of supported releases
• Expect lots of new features in 10.1

Feedback/Questions

• Sean writes in: https://slexy.org/view/s216xJoCVG
• Jake writes in: https://slexy.org/view/s2gLrR3VVf
• Niclas writes in: https://slexy.org/view/s21gfG3Iho
• Steffan writes in: https://slexy.org/view/s2JNyw5BCn
• Antonio writes in: https://slexy.org/view/s2kg3zoRfm
• Chris writes in: https://slexy.org/view/s2ZwSIfRjm

• Our email backlog is pretty much caught up. Now\’s a great time to send us something – questions, stories, ideas, requests for something you want to see, anything
• All the tutorials are posted in their entirety at bsdnow.tv
• The OpenBSD router tutorial got a couple improvements and fixes
• Just because our tutorial contest is over doesn\’t mean you can\’t submit any, we would love if more listeners wrote up a tutorial on interesting things they\’re doing with BSD
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)
• The BSD Now shirt design has been finalized, we have the files and are working out the printing details… expect them to be available in early-to-mid March!

The post A Sixth pfSense | BSD 25 first appeared on Jupiter Broadcasting.

A zero day flaw has Microsoft scrambling, and the banking hack that only requires a nice jacket.

Then it’s a great big batch of your questions, our answers, and much much more!

On this week’s TechSNAP.

Thanks to:

— Show Notes: —

Crooks Hijack Retirement Funds Via Social Security Administration Portal

• Traditional SSA fraud involves identity thieves tricking the beneficiary’s bank into diverting the payments to another account, either through Social Security’s 800 number or through a financial institution, or through Treasury’s Direct Express program
• The newer version of this fraud involves the abuse of the SSA’s my Social Security Web portal
• The SSA added the ability to change direct deposit information via their my Social Security Web portal. Shortly thereafter, the agency began receiving complaints that identity thieves were using the portal to hijack the benefits of individuals who had not yet created an account at the site.
• As of August 23, 2013, the SSA has received 18,417 allegations of possibly fraudulent mySocialSecurity account activity.
• There is no suggestion that SSA’s systems have been compromised; this is an identity theft scheme aimed at redirecting existing benefits, often to prepaid debit cards.” – via Jonathan Lasher, assistant inspector general for external relations at the SSA’s Office of Inspector General.
• Banks usually will alert customers if the beneficiary account for SSA payments is changed. But she said those communications typically are sent via snail mail.
• Many customers will overlook such notices.
• If you receive direct deposits from the Social Security Administration but haven’t yet registered at the agency’s new online account management portal, now would be a good time take care of that.
• Because it’s possible to create just one my Social Security account per Social Security number, registering an account on the portal is one basic way that consumers can avoid becoming victims of this scam.
• In Canada, registering on the Canada Revenue Agency’s website, requires information from your previous years tax returns, and an activation code is snail mailed to you

Microsoft warns of a 0day in all versions of Internet Explorer, working on a patch for IE 6 – 11

• The flaw in question makes remote code execution possible if you browse to a website containing malicious content for your specific browser type
• Actively being exploited against IE8 and 9
• Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll.
• The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
• The company is offering the following workarounds and mitigations:
• Apply the Microsoft Fix it solution, \”CVE-2013-3893 MSHTML Shim Workaround,\” that prevents exploitation of this issue. Note: This ‘fixit’ solution only works for 32bit versions of IE
• Set Internet and local intranet security zone settings to \”High\” to block ActiveX Controls and Active Scripting in these zones.
• Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and local intranet security zones.
• CVE-2013-3893
• Additional Coverage

Cyber Police Arrest 12 Over Santander Bank Heist Plot

• The Metropolitan Police’s Central e-Crime Unit (PCeU) has arrested 12 men as part of an investigation into an “audacious” plot to take control of a Santander Banking computer.
• The PCeU is committed to tackling cyber-crime and the damage it can cause to individuals, organisations and the wider economy.”
• According to the police, the group sent a man in dressed as a maintenance engineer, who managed to attach a IP-KVM (keyboard video mouse) device to a machine in the bank, allowing the attackers to remotely carry out actions on the computer
• The men, aged between 23 and 50, were arrested yesterday, whilst searches were carried out addresses in Westminster, Hounslow, Hillingdon, Brent, Richmond and Slou

Feedback

• Worried about listentobitcoin.com Malware

• FreeNAS NFS Mount FAIL

10.1.10.254:/mnt/fart /mnt/nfs nfs auto,noatime,nolock,defaults,user=1001 0 0

• Fingerprint reader and Software vs Hardware RAID

• I have several questions for the double show. I hope you\’ll discus them all.

• DNS + Rasberry Pi Questions

• Contacts Sync

Round Up:

iOS 7 Swamps the Internet

• Traffic Spotlight: iOS 7 Pre-Launch
• iOS7 release traffic

• iOS 7 downloads causing network outages at several school campuses, activation server failures

• Hackers crowdfund bounty to hack iPhone 5S fingerprint scanner

• Netflix exec: Canada’s broadband caps “almost a human rights violation”
• Abandoned NHS IT system costing British tax payers over 10 billion GBP
• Today we announce OpenZFS: the truly open source successor to the ZFS project.
• pfSense 2.1-RELEASE now available!
• SSD failure rate only 1.5% per year, compared to 5% for HDDs
• USB Condoms now for sale, protect your devices from evil charging ports
• Honey docs – Service creates fake documents on your computer, and notifies you if anyone ever tries to access them
• Schneier on Security: New NSA Leak Shows MITM Attacks Against Major Internet Services

The post Gentlemen, Start Your NGINX | TechSNAP 128 first appeared on Jupiter Broadcasting.

Our tools to benchmark and monitor your network.

Plus: Formspring leaks your password, Microsoft finally kills off old certificates and how to steal a BMW in a few seconds!

All that and more, in this week’s TechSNAP!

Thanks to:

Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

Limited time offers:

$1.99/mo economy hosting for 3 months – special offer!
Code:  199tech
Expires:  June 30, 2012

$3.99 .US domain!
Code:  399us4

Support the Show:

   

Show Notes: