Show Notes: linuxunplugged.com/417

The post Run Every Distro At Once | LINUX Unplugged 417 first appeared on Jupiter Broadcasting.

We’re at BSDCan this week, but fear not! We’ve got a great interview with Sepherosa Ziehau, a DragonFly developer, about their network stack. After that, we’ll be discussing different methods of containment and privilege separation. Assuming no polar bears eat us, we’ll be back next week with more BSD Now – the place to B.. SD.

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Interview – Sepherosa Ziehau – sephe@dragonflybsd.org

Features of DragonFlyBSD’s network stack

Discussion

Comparing containment methods and privilege separation

• chroot, jails, systrace, capsicum, filesystem permissions, separating users

Feedback/Questions

• Brad writes in
• Anonymous writes in
• Benjamin writes in
• Jeroen writes in

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• We’ll be back from BSDCan next week, hopefully with some interesting interviews

The post Stacked in Our Favor | BSD Now 93 first appeared on Jupiter Broadcasting.

The founder of Bedrock Linux joins us to discuss their ambitious distribution that lets you utilize the userland of all your favorite distributions at once

Plus Alienware slaps Linux users in the face with a dead fish, your feedback, and more!

Thanks to:

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed | WebM Torrent Feed

Show Notes:

FU:

• Have to tease you arch users

• Ubuntu on H2L

• Ting!

Bedrock Linux

Bedrock Linux is a Linux distribution created with the aim of making most of the (often seemingly mutually-exclusive) benefits of various other Linux distributions available simultaneously and transparently.

• Introducing Bedrock Linux | Linux Action Show 316

Alienware refits its Steam Machine with Windows and will launch it as a living-room PC

Alienware is launching its Alpha console-like gaming PC at the Electronic Entertainment Expo (E3) trade show today. But instead of running Valve\’s Steam OS, the machine will run Microsoft\’s Windows operating system and use an Xbox 360 wireless controller.

The Alpha will ship at $549 during the 2014 holiday season.

Civilization V Strategy Game Launches Natively On SteamOS Linux | GamingOnLinux

Aspyr Media is pleased to announce our first Linux and SteamOS title, Sid Meier\’s Civilization V. The SteamOS release includes all Civilization V DLC and expansion content, including Gods & Kings and Brave New World.

Krita: open source digital painting | Accelerate Development by Krita Foundation

Krita is the leading, professional-level open source digital painting application. Help us add 24 (or more!) powerful new features.

New Show: Tech Talk Today (Mon – Thur)

• Tech Talk Today Today | Jupiter Broadcasting

The post Bedrock: A New Paradigm | LINUX Unplugged 44 first appeared on Jupiter Broadcasting.

With Bedrock Linux you are longer restricted to any single Linux distro’s userland. Mix CentOS, Arch, Debian, Ubuntu and more all on the same installation! You can have your cake and eat it too! Want X11 from Debian and Chromium from Arch? No problem! We’ll show you how Bedrock Linux makes it all possible.

Plus: A new round of SSL vulnerabilities strike Linux, the FSF helps you encrypt your emails and a quick steam roundup…

AND SO MUCH MORE!

All this week on, The Linux Action Show!

Thanks to:

Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | Ogg Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Feed | Ogg Feed | iTunes Feeds | Torrent Feed

— Show Notes: —

Bedrock Linux:

Brought to you by: System76

Bedrock Linux

• Bedrock Linux 1.0alpha4 Flopsie

Bedrock Linux is a Linux distribution created with the aim of making most of the (often seemingly mutually-exclusive) benefits of various other Linux distributions available simultaneously and transparently.

If one would like a rock-solid stable base (for example, from Debian or a RHEL clone) yet still have easy access to cutting-edge packages (from, say, Arch Linux), automate compiling packages with Gentoo\’s portage, and ensure that software aimed only for the ever popular Ubuntu will run smoothly – all at the same time, in the same distribution – Bedrock Linux will provide a means to achieve this.

Bedrock Linux: Introduction

brc (\”BedRock Chroot\”)

_brc__provides the ability to run commands in clients, properly chrooting to
avoid conflicts. Once Bedrock Linux is properly set up, it will allow the user
to transparently run commands other__wise not available in a given client. For
example, if _firefox__is installed in a Arch client but not in a Debian client,
and a program from the Debian client tries to execute __firefox_, the Arch
_firefox__will be executed as though it were installed locally in Debian.

If __firefox__is installed in multiple clients (such as Arch and Fedora), and
the user would like to specify which is to run (rather than allowing Bedrock
Linux to chose the default), one can explicitly call __brc_, like so: _brc
fedora firefox_._

If no command is given, brc will attempt to use the user\’s current $SHELL.
If the value of $SHELL is not available in the client it will fail.

Bedrock Linux presentation at Ohio Linuxfest 2012 – YouTube

The audio from the Bedrock Linux presentation at the Ohio Linuxfest 2012 was recorded; however, the video was not. For convenience this is played over the slides here. Sadly, no demos are visible here.

— Picks —

Runs Linux

OPI – Reclaim Your Digital Life

OPI is your private cloud with no third party eyes on your information. Still OPI will also allow you to share information with others, on your conditions.

• Private file and mail server gizmo runs Ubuntu

Desktop App Pick

Otter Browser

Otter Browser, project aiming to recreate classic Opera (12.x) UI using Qt5.

Weekly Spotlight

Tech Talk Today

HowTo Linux

Minimum Workspaces – GNOME Shell Extensions

— NEWS —

A New Round Of OpenSSL Vulnerabilities Discovered

• Heartbleed 2: OpenSSL Shows More Security Flaws

The latest flaw is less of a risk than Heartbleed, because it would require hackers to locate themselves between computers communicating, such as over a public Wi-Fi network.

• Heartbleed Redux: Another Gaping Wound in Web Encryption Uncovered | Threat Level | WIRED

The new attack does have other limitations: It can only be used when both ends of a connection are running OpenSSL. Most browsers use other SSL implementations and so aren’t affected, says Ivan Ristic, director of engineering at the security firm Qualys, though he adds that Android web clients likely do use the vulnerable code. Among servers, only those using more recent versions of SSL are affected–about 24 percent of the 150,000 servers that Qualys has scanned. He also warns that many VPNs may use OpenSSL and thus be vulnerable. “VPNs are a very juicy target,” Ristic says. “People who really care about security use them, and there’s likely to be sensitive data there.”

GnuTLS Flaw Leaves Many Linux Users Open To Attacks

A new flaw has been discovered in the GnuTLS cryptographic library that ships with several popular Linux distributions and hundreds of software implementations. According to the bug report, \”A malicious server could use this flaw to send an excessively long session id value and trigger a buffer overflow in a connecting TLS/SSL client using GnuTLS, causing it to crash or, possibly, execute arbitrary code.\” A patch is currently available, but it will take time for all of the software maintainers to implement it.
A lengthy technical analysis is available. \”There don\’t appear to be any obvious signs that an attack is under way, making it possible to exploit the vulnerability in surreptitious \”drive-by\” attacks. There are no reports that the vulnerability is actively being exploited in the wild.\”

Reset the Net with our email self-defense guide

Google Online Security Blog: Making end-to-end encryption easier to use

Today, we’re adding to that list the alpha version of a new tool. It’s called End-to-End and it’s a Chrome extension intended for users who need additional security

• end-to-end – End-To-End – Google Project Hosting

ChromeBrew: 3rd party package manager for Chrome OS.

Chromebooks with Chrome OS run a linux kernel – the only missing piece to use them as full-featured linux distro was gcc and make with their dependencies. Well, the piece isn\’t missing anymore. Say hello to chromebrew!

Steam Hits The Big 500 For Linux Games

• Steam Reached 500 Linux Games

That is one heck of a milestone isn\’t it? 500 Linux compatible games are now on Steam which is a pretty great number to point anyone at. No longer will people keep stating \”but Linux has no games\”

— Feedback —

• Texas Linux Fest 2014 JB Check-In

• South East Linux Fest 2014 JB Check-in

• June 13-14th
• q5sys will be giving away two RPi.
• Check in on the LAS sub thread, and say hi to q5sys at SELF.
• One on Friday, and one on Saturday.

• Also catch his talk 5:15-6:15: Puppy Linux Deconstructed: About all the technical wizardry behind puppy which makes it work like it does.

• Tech Talk Today launched!

• Support Tech Talk Today and JB on Patreon

• The Jolla – Imgur

— Chris\’ Stash —

• jupiterbroadcasting on Instagram

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— What’s Matt Doin? —

• Check out LINUX Unplugged
  +Are Ubuntu Derivatives a Bad Idea?
  +BattleBlock Theater – Part 3 | Geek And The Gamer

— Find us on Google+ —

• Chris
• Matt Hartley
• Jupiter Broadcasting’s Page

— Find us on Twitter —

• Chris – ChrisLAS
• Matt – matthartley

— Follow the network on Facebook: —

• Jupiter Broadcasting on Facebook

— Catch the show LIVE Sunday 10am Pacific / 1pm Eastern / 6pm UTC: —

• https://jblive.tv
• Network Calendar

The post Introducing Bedrock Linux | LAS 316 first appeared on Jupiter Broadcasting.

This time on the show we\’ll be talking with Jon Anderson about Capsicum and Casper to securely sandbox processes. After that, our tutorial will show you how to encrypt all your DNS lookups, either on a single system or for your whole network. News, emails and all the usual fun, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

BSDCan 2014 talks and reports

• The majority of the BSDCan talks are finally uploaded, so prepare to be flooded with links
• Karl Lehenbauer\’s keynote (he\’s on next week\’s episode)
• Mariusz Zaborski and Pawel Jakub Dawidek,
  Capsicum and Casper (relevant to today\’s interview)
• Luigi Rizzo,
  In-kernel OpenvSwitch on FreeBSD
• Dwayne Hart, Migrating from Linux to FreeBSD for Backend Data Storage
• Warner Losh, NAND Flash and FreeBSD
• Simon Gerraty, FreeBSD bmake and Meta Mode
• Bob Beck, LibreSSL – The First 30 Days
• Henning Brauer, OpenBGPD Turns 10 Years Old
• Arun Thomas, BSD ARM Kernel Internals
• Peter Hessler, Using BGP for Realtime Spam Lists
• Pedro Giffuni, Features and Status of FreeBSD\’s Ext2 Implementation
  
• Matt Ahrens, OpenZFS Upcoming Features and Performance Enhancements
• Daichi Goto, Shellscripts and Commands
• Benno Rice, Keeping Current
• Sean Bruno, MIPS Router Hacking
• John-Mark Gurney, Optimizing GELI Performance
• Patrick Kelsey, Userspace Networking with libuinet
• Massimiliano Stucchi, IPv6 Transitioning Mechanisms
• Roger Pau Monné, Taking the Red Pill
• Shawn Webb, Introducing ASLR in FreeBSD
• There\’s also a trip report from Peter Hessler and one from Julio Merino
• The latter report also talks about how, unfortunately, NetBSD basically had no presence in the event at all (and how that\’s a recurring trend)

Defend your network and privacy with a VPN and OpenBSD

• After all the recent news about spying, backdoored routers, deep packet inspection and everything else, you might want to start taking steps at getting some privacy back
• This article describes how to set up a secure network gateway and VPN using OpenBSD and related crypto utilities
• There are bits for DHCP, DNS, OpenVPN, DNSCrypt and a watchdog script to make sure your tunnel is always being used
• You can transparently tunnel all your outbound traffic over the VPN with this configuration, nothing is needed on any of the client systems – this could also be used with Tor (but it would be very slow)
• It also includes a few general privacy tips, recommended browser extensions, etc
• The intro to the article is especially great, so give the whole thing a read
• He mentions our OpenBSD router guide and other tutorials being a big help for this setup, so hello if you\’re watching!

You should try FreeBSD

• In this blog post, the author talks a bit about how some Linux people aren\’t familiar with the BSDs and how we can take steps to change that
• He goes into some FreeBSD history specifically, then talks about some of the apparent (and not-so-apparent) differences between the two
• Possibly the most useful part is how to address the question \”my server already works, why bother switching?\”
• \”Stackoverflow’s answers assume I have apt-get installed\” ← lol
• It includes mention of the great documentation, stability, ports, improved security and much more
• A takeaway quote for would-be Linux switchers: \”I like to compare FreeBSD to a really tidy room where you can find everything with your eyes closed. Once you know where the closets are, it is easy to just grab what you need, even if you have never touched it before\”

OpenBSD and the little Mauritian contributor

• This is a story about a guy from Mauritius named Logan, one of OpenBSD\’s newest developers
• Back in 2010, he started sending in patched for OpenBSD\’s \”mg\” editor, among other small things, and eventually added file transfer resume support for SFTP
• The article talks about his journey from just a guy who submits a patch here and there to joining the developer ranks and even getting his picture taken with Theo at a recent hackathon
• It really shows how easy it is to get involved with the different BSDs and contribute back to the software ecosystem
• Congrats to Logan, and hopefully this will inspire more people to start helping out and contributing code back

Interview – Jon Anderson – jonathan@freebsd.org

Capsicum and Casperd

Tutorial

Encrypting DNS lookups

News Roundup

FreeBSD Journal, May 2014 issue

• The newest issue of the FreeBSD Journal is out, following the bi-monthly release cycle
• This time the topics include: a letter from the foundation, a ports report, some 9.3-RELEASE plans, an events calendar, an overview of ipfw, exploring network activity with dtrace, an article about kqueue, data distribution with dnssec and finally an article about TCP scaling
• Pick up your (digital) copy at Amazon, Google Play or on iTunes and have a read

LibreSSL porting update

• Since the last LibreSSL post we covered, a couple unofficial \”portable\” versions have died off
• Unfortunately, people still think they can just port LibreSSL to other BSDs and Linux all willy-nilly – stop doing that!
• This post reiterates that LibreSSL currently relies on a lot of OpenBSD-specific security functions that are not present in other systems, and also gives a very eye-opening example
• Please wait for an official portable version instead of wasting time with these dime-a-dozen github clones that do more harm than good

BSDMag May 2014 issue is out

• The usual monthly release from BSDMag, covering a variety of subjects
• This time around the topics include: managing large development projects using RCS, working with HAMMER FS and PFSes, running MeteorJS on FreeBSD 11, another bhyve article, more GIMP tutorials and a few other things
• It\’s a free PDF, go grab it

BSDTalk episode 241

• A new episode of BSDTalk is out, this time with Bob Beck
• He talks about the OpenBSD foundation\’s recent activities, his own work in the project, some stories about the hardware in Theo\’s basement and a lot more
• The interview itself isn\’t about LibreSSL at all, but they do touch on it a bit too
• Really interesting stuff, covers a lot of different topics in a short amount of time

Feedback/Questions

• We got a number of replies about last week\’s VPN question, so thanks to everyone who sent in an email about it – the vpnc package seems to be what we were looking for
• Tim writes in
• AJ writes in
• Peter writes in
• Thomas writes in
• Martin writes in

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• We\’re looking for new tutorial ideas, so if there\’s something specific you\’d like to learn about, let us know
• FreeBSD core team elections are in progress – nominations ended today. There are 21 candidates, and voting is open for the next month. We\’ll let you know how it goes in a future episode.
• Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post The Friendly Sandbox | BSD Now 39 first appeared on Jupiter Broadcasting.

We had a chance to chat with folks from Firefox, the EFF, SUSE, and more. Plus we discuss the real benefits to Linux conventions like LinuxFest Northwest.

Thanks to:

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed | WebM Torrent Feed

Show Notes:

LFNW Overtime Interviews

• dnschneid/crouton · GitHub

crouton is a set of scripts that bundle up into an easy-to-use, Chromium OS-centric chroot generator. Currently Ubuntu and Debian are supported (using debootstrap behind the scenes), but \”Chromium OS Debian, Ubuntu, and Probably Other Distros Eventually Chroot Environment\” doesn\’t acronymize as well (crodupodece is admittedly pretty fun to say, though).

• Firefox OS — The Adaptive Phone — Great Smartphone Features, Apps and More — Mozilla

Your needs change from one moment to the next. That\’s why Firefox OS does the same. It gives you the power to live every moment to its fullest and participate in a better world.

• Electronic Frontier Foundation

Defending your rights in the digital world

The post The Rest of the Fest | LINUX Unplugged 38 first appeared on Jupiter Broadcasting.

This week on BSD Now… a wrap-up from NYCBSDCon! We\’ll also be talking to Luke Marsden, CEO of HybridCluster, about how they use BSD at large. Following that, our tutorial will show you how to securely share files with SFTP in a chroot. The latest news and answers to your questions, of course it\’s BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

FreeBSD 10 as a firewall

• Back in 2012, the author of this site wrote an article stating you should avoid FreeBSD 9 for a firewall and use OpenBSD instead
• Now, with the release of 10.0, he\’s apparently changed his mind and switched back over
• It mentions the SMP version of pf, general performance advantages and more modern features
• The author is a regular listener of BSD Now, hi Joe!

Network Noise Reduction Using Free Tools

• Really long blog post, based on a BSDCan presentation, about fighting spam with OpenBSD
• Peter Hansteen, author of the book of PF, goes through how he uses OpenBSD\’s spamd and other security features to combat spam and malware
• He goes through his experiences with content filtering and disappointment with a certain proprietary vendor
• Not totally BSD-specific, lots of people can enjoy the article – lots of virus history as well

FreeBSD ASLR patches submitted

• So far, FreeBSD hasn\’t had Address Space Layout Randomization
• ASLR is a nice security feature, see wikipedia for more information
• With a giant patch from Shawn Webb, it might be integrated into a future version (after a vicious review from the security team of course)
• We might have Shawn on the show to talk about it, but he\’s also giving a presentation at BSDCan about his work with ASLR

Old-style pkg_ tools retired

• At last the old pkg_add tools are being retired in FreeBSD
• pkgng is a huge improvement, and now portmgr@ thinks it\’s time to cut the cord on the legacy toolset
• Ports aren\’t going away, and probably never will, but for binary package fans and new users that are used to things like apt, pkgng is the way to go
• All pkg_ tools will be considered unsupported on September 1, 2014 – even on older branches

This episode was brought to you by

Interview – Luke Marsden – luke@hybridcluster.com / @lmarsden

BSD at HybridCluster

Tutorial

Filesharing with chrooted SFTP

News Roundup

FreeBSD on OpenStack

• OpenStack is a cloud computing project
• It consists of \”a series of interrelated projects that control pools of processing, storage, and networking resources throughout a datacenter, able to be managed or provisioned through a web-based dashboard, command-line tools, or a RESTful API.\”
• Until now, there wasn\’t a good way to run a full BSD instance on OpenStack
• With a project in the vein of Colin Percival\’s AWS startup scripts, now that\’s no longer the case!

FOSDEM BSD videos

• This year\’s FOSDEM had seven BSD presentations
• The videos are slowly being uploaded for your viewing pleasure
• Not all of the BSD ones are up yet, but by the time you\’re watching this they might be!
• Check this directory for most of \’em
• The BSD dev room was full, lots of interest in what\’s going on from the other communities

The FreeBSD challenge finally returns!

• Due to prodding from a certain guy of a certain podcast, the \”FreeBSD Challenge\” series has finally resumed
• Our friend from the Linux foundation picks up with day 11 and day 12 on his switching from Linux journey
• This time he outlines the upgrade process of going from 9 to 10, using freebsd-update
• There\’s also some notes about different options for upgrading ports and some extra tips

PCBSD weekly digest

• After the big 10.0 release, the PCBSD crew is focusing on bug fixes for a while
• During their \”fine tuning phase\” users are encouraged to submit any and all bugs via the trac system
• Warden got some fixes and the package manager got some updates as well
• Huge size reduction in PBI format

Feedback/Questions

• After today\’s questions, our email backlog will be just about caught up. Now\’s a great time to send us something – questions, stories, ideas, requests, anything you want
• Derrick writes in: https://slexy.org/view/s21nbJKYmb
• Sean writes in: https://slexy.org/view/s2yhziVsBP
• Patrick writes in: https://slexy.org/view/s20PuccWbo
• Peter writes in: https://slexy.org/view/s22PL0SbUO
• Sean writes in: https://slexy.org/view/s20dkbjuOK

• All the tutorials are posted in their entirety at bsdnow.tv
• Last week\’s NTP tutorial got a small update if you\’re running a LAN-only server, as well as a couple links on how to turn it into a stratum 1 server with a GPS device
• The SSH tutorial also got some updates
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)
• Lastly, the BSD Now t-shirt is close to being ready… stay tuned!

The post The Cluster & The Cloud | BSD Now 24 first appeared on Jupiter Broadcasting.

Much more than just a touch of Ubuntu, we take a deep dive into the Ubuntu Touch Preview and how they’ve pulled it off, the surprising components of Android that are being used, and why it means Ubuntu Touch will be on hundreds of popular devices soon.

Plus we’ve got an explanation of Linus’ recent blow up, the big news for Btrfs, some Steam secrets revealed…

AND SO MUCH MORE!

All this week on, The Linux Action Show!

Thanks to:

Use our code linux295 to get a .COM for $2.95.

28% off your ENTIRE order just use our code go28off3 until the end of the month!

Download:

HD Video | Mobile Video | Ogg Video | MP3 Audio | Ogg Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Feed | Ogg Feed | iTunes Feeds | Torrent Feed

Support the Show: