HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

iOS 10.3.1 update prevents: attacker within range may be able to execute arbitrary code on the Wi-Fi chip

• What is a stack buffer overflow?

• What is a stack?

Hackers Are Emptying ATMs With a Single Drilled Hole and $15 Worth of Gear

• NOT SO LONG ago, enterprising thieves who wanted to steal the entire contents of an ATM had to blow it up. Today, a more discreet sort of cash-machine burglar can walk away with an ATM’s stash and leave behind only a tell-tale three-inch hole in its front panel.

• The dispenser will obey and dispense money, and it can all be done with a very simple microcomputer.

• They found that the machine’s only encryption was a weak XOR cipher they were able to easily break, and that there was no real authentication between the machine’s modules

• In practical terms, that means any part of the ATM could essentially send commands to any other part, allowing an attacker to spoof commands to the dispenser, giving them the appearance of coming from the ATM’s own trusted computer.

Let’s Encrypt

• Using Let’s Encrypt within FreeBSD.org

Feedback

• Epiosode 311 & future topics

• SQLite

• New laws

• Privacy is Dead? and for FTC vs FCC

• Internet privacy

• Free DNS

Round Up:

• Smart TV hack embeds attack code into broadcast signal—no access required

• Spotify’s Love/Hate Relationship with DNS

• What Killed Adobe Flash?

Dan mentioned these URLs during the podcast:

• Adding a 10Gb NIC to an r610

The post Wifi Stack Overfloweth | TechSNAP 313 first appeared on Jupiter Broadcasting.

The Hacking Team fallout continues with more zero day patches you need to install, a new attack against RC4 might finally kill it & how to save yourself from a DDoS attack.

Plus a great batch of your questions, our answers & much, much more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

Hacking Team fallout includes more Flash patches

• After a number of flash 0-days were found in the data stolen from “Hacking Team”, there has been a mad dash to fix the vulnerabilities before they are actively exploited further
• This resulted in nearly back-to-back Adobe Flash updates, confusing some users who thought they had already patched for the vulnerabilities
• Additional Coverage: Krebs
• Adobe Bulletin – July 8th, released 18.0.0.203
• Adobe Advisory – July 10th, Upcoming patch
• Adobe Bulletin – July 14th, released 18.0.0.209
• This has started quite a few conversations about Flash
• Facebook CSO wants Adobe to announce an EOL date for flash ~18-24 months from now
• Mozilla has taken the unusual step of disabling flash by default requiring click to activate
• Additional Coverage: BBC

New attack against RC4 cipher might finally kill it

• RC4 is one of the oldest ciphers still used as part of HTTPS
• It was often selected for its lower CPU overhead, but as processors got faster and ssl terminators offloaded the work, this became less of a reason to use RC4
• It looked like RC4 would finally die, but then attacks against SSL/TLS that only affected block ciphers emerged: BEAST, Lucky 13, and POODLE
• This propelled RC4 back up the priority list
• RC4 is also the most compatible cipher, older systems that do not support stronger crypto, all have RC4
• RFC 7465 proposed by Microsoft and others, was approved by the IETF and requires that RC4 not be used
• Researchers have presented a new paper at the USENIX Security conference that details a new attack against RC4
• RC4 is still widely used for HTTPS and also for some types of WiFi
• The flaw allows the attacker to steal cookies and other encrypted information in your HTTPS session
• This might allow the attack to impersonate / login as you on the site. Posting to your Twitter account, or initiating a transfer from your PayPal account.
• “The research behind the attack will be presented at USENIX Security. Summarized, an attacker can decrypt a cookie within 75 hours. In contrast to previous attacks, this short execution time allows us to perform the attack in practice. When we tested the attack against real devices, it took merely 52 hours to successfully perform the attack”
• “When the victim visits an unencrypted website, the attacker inserts malicious JavaScript code inside the website. This code will induce the victim to transmit encrypted requests which contain the victim’s web cookie. By monitoring numerous of these encrypted requests, a list of likely cookie values can be recovered. All cookies in this list are tested until the correct one is found.”
• Attack Method:
  • Step 1: Attacker injects code into victims HTTP stream, causing them to make known requests to a secure site with their cookie
  • Step 2: Attacker captures the encrypted requests going to the site secured with RC4
  • Step 3: Attacker computes likely cookies and tries each one until they successfully guess the correct cookie
  • Step 4: Profit, empty the bank account
• “To successfully decrypt a 16-character cookie with a success probability of 94%, roughly 9⋅2^27 encryptions of the cookie need to be captured. Since we can make the client transmit 4450 requests per seconds, this amount can be collected in merely 75 hours. If the attacker has some luck, less encryptions need to be captured. In our demonstration 52 hours was enough to execute the attack, at which point 6.2⋅2^27 requests were captured. Generating these requests can even be spread out over time: they do not have to be captured all at once. During the final step of the attack, the captured requests are transformed into a list of 2^23 likely cookie values. All cookies in this list can be tested in less than 7 minutes.”
• “In the paper we not only present attacks against TLS/HTTPS, but also against WPA-TKIP. Our attack against WPA-TKIP takes only an hour to execute, and allows an attacker to inject and decrypt arbitrary packets.”
• How does this compare to previous attacks? “The first attack against RC4 as used in TLS was estimated to take more than 2000 hours”
• Paper: All Your Biases Belong to Us: Breaking RC4 in WPA-TKIP and TLS

Feedback:

• Anybody got recommendation for a DDoS protection service?
  • EuroBSDCon 2013 – Mitigating DDoS Attacks at Layer 7

• Wi-fi security

• Internet routing

• Linux Compatible KVM Crash Cart Adapter

Round Up:

• Pawn Storm APT group using first new Java 0-day exploit in 2 years
• Pawn Storm APT group adds TrendMicro IPs as C&C servers, no one is sure why. Could be DDoS, to get IPs blacklisted, etc
• Facebook security lead wants Adobe to say when it’s killing Flash
• HD Moore interview on the Social Engineering podcast
• FBI used Hacking Team services to unmask Tor user
• Netflix: Tracking Down Villains, finding servers that have more errors than their peers
• Shocking: Software Used To Monitor UK Students Against Radicalization Found To Be Exploitable
• Defender’s Dilemma vs Intruder’s Dilemma

The post A Bias to Insecurity | TechSNAP 223 first appeared on Jupiter Broadcasting.

We\’ll be showing you how to do a fully-encrypted installation of FreeBSD and OpenBSD. We also have an interview with Damien Miller – one of the lead developers of OpenSSH – about some recent crypto changes in the project. If you\’re into data security, today\’s the show for you. The latest news and all your burning questions answered, right here on BSD Now – the place to B.. SD.

Thanks to:

• iXsystems: This is what 80 cores and 1TB of RAM looks like!

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

Secure communications with OpenBSD and OpenVPN

• Starting off today\’s theme of encryption…
• A new blog series about combining OpenBSD and OpenVPN to secure your internet traffic
• Part 1 covers installing OpenBSD with full disk encryption (which we\’ll be doing later on in the show)
• Part 2 covers the initial setup of OpenVPN certificates and keys
• Parts 3 and 4 are the OpenVPN server and client configuration
• Part 5 is some updates and closing remarks

FreeBSD Foundation Newsletter

• The December 2013 semi-annual newsletter was sent out from the foundation
• In the newsletter you will find the president\’s letter, articles on the current development projects they sponsor and reports from all the conferences and summits they sponsored
• The president\’s letter alone is worth the read, really amazing
• Really long, with lots of details and stories from the conferences and projects

Use of NetBSD with Marvell Kirkwood Processors

• Article that gives a brief history of NetBSD and how to use it on an IP-Plug computer
• The IP-Plug is a \”multi-functional mini-server was developed by Promwad engineers by the order of AK-Systems. It is designed for solving a wide range of tasks in IP networks and can perform the functions of a computer or a server. The IP-Plug is powered from a 220V network and has low power consumption, as well as a small size (which can be compared to the size of a mobile phone charger).\”
• Really cool little NetBSD ARM project with lots of graphs, pictures and details

Experimenting with zero-copy network IO

• Long blog post from Adrian Chad about zero-copy network IO on FreeBSD
• Discusses the different OS\’ implementations and options
• He\’s able to get 35 gbit/sec out of 70,000 active TCP sockets, but isn\’t stopping there
• Tons of details, check the full post

Interview – Damien Miller – djm@openbsd.org / @damienmiller

Cryptography in OpenBSD and OpenSSH

Full disk encryption in FreeBSD & OpenBSD

• Shows how to install both FreeBSD and OpenBSD with full disk encryption
• We\’ll be using geli and bioctl and doing it step by step

News Roundup

OpenZFS office hours

• Our buddy George Wilson sat down to take some ZFS questions from the community
• You can see more info about it here

License summaries in pkgng

• A discussion between Justin Sherill and some NYCBUG guys about license frameworks in pkgng
• Similar to pkgsrc\’s \”ACCEPTABLE_LICENSES\” setting, pkgng could let the user decide which software licenses he wants to allow
• Maybe we could get a \”pkg licenses\” command to display the license of all installed packages
• Ok bapt, do it

The post Cryptocrystalline | BSD Now 16 first appeared on Jupiter Broadcasting.

This week is the long-awaited episode you\’ve been asking for! We\’ll be giving you a crash course on becoming a ZFS wizard, as well as having a chat with George Wilson about the OpenZFS project\’s recent developments. We have answers to your feedback emails and there are some great news items to get caught up on too, so stay tuned to BSD Now – the place to B.. SD.

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

pkgng 1.2 released

• bapt and bdrewery from the portmgr team released pkgng 1.2 final
• New features include an improved build system, plugin improvements, new bootstrapping command, SRV mirror improvements, a new \”pkg config\” command, repo improvements, vuXML is now default, new fingerprint features and much more
• Really simple to upgrade, check our pkgng tutorial if you want some easy instructions
• It\’s also made its way into Dragonfly
• See the show notes for the full list of new features and fixes

ChaCha20 and Poly1305 in OpenSSH

• Damien Miller recently committed support for a new authenticated encryption cipher for OpenSSH, chacha20-poly1305
• Long blog post explaining what these are and why we need them
• This cipher combines two primitives: the ChaCha20 cipher and the Poly1305 MAC
• RC4 is broken, we needed an authenticated encryption mode to complement AES-GCM that doesn\’t show the packet length in cleartext
• Great explanation of the differences between EtM, MtE and EaM and their advantages
• \”Both AES-GCM and the EtM MAC modes have a small downside though: because we no longer desire to decrypt the packet as we go, the packet length must be transmitted in plaintext. This unfortunately makes some forms of traffic analysis easier as the attacker can just read the packet lengths directly.\”

Is it time to dump Linux and move to BSD

• ITworld did an article about switching from Linux to BSD
• The author\’s interest was sparked from a review he was reading that said \”I feel the BSD communities, especially the FreeBSD-based projects, are where the interesting developments are happening these days. Over in FreeBSD land we have efficient PBI bundles, a mature advanced file system in the form of ZFS, new friendly and powerful system installers, a new package manager (pkgng), a powerful jail manager and there will soon be new virtualization technology coming with the release of FreeBSD 10.0\”
• The whole article can be summed up with \”yes\” – ok, next story!

OpenZFS devsummit videos

• Kicking off the ZFS episode, we\’ve got…
• The OpenZFS developer summit discussion and presentation videos are up
• People from various operating systems (FreeBSD, Mac OS X, illumos, etc.) were there to discuss ZFS on their platforms and the challenges they faced
• Question and answer session from representatives of every OS – had a couple FreeBSD guys there including one from the foundation
• Presentations both about ZFS itself and some hardware-based solutions for implementing ZFS in production
• TONS of video, about 6 hours\’ worth
• This leads us into our interview, which is…

Interview – George Wilson – Soft Eng at Delphix – wilzun@gmail.com / @zfsdude

• KM: Can you tell us a little about yourself how you first got involved with ZFS?
• AJ: Which features have you worked on in the past?
• KM: Which platform do you personally use ZFS on, and for what tasks?
• AJ: So what exactly is the OpenZFS project about?
• KM: What do you hope the future of OpenZFS will bring?
• AJ: When are we going to see native encryption?
• KM: Are there some new features you\’re currently hacking on?
• AJ: Is there anything specific you\’d like to see added to ZFS in the future?
• KM: How did the developer summit and hackathon go?
• AJ: Where can people go to get involved with development, and what\’s currently needed?
• KM: Anything else you\’d like to mention?

Tutorial

A crash course on ZFS

• Everything you need to know to get acquainted with the world\’s most powerful filesystem on the world\’s most powerful OS
• Includes both beginner and advanced topics

News Roundup

ruBSD 2013 information

• The ruBSD 2013 conference will take place on Saturday December 14, 2013 at 10:30 AM in Moscow, Russia
• Speakers include three OpenBSD developers, Theo de Raadt, Henning Brauer and Mike Belopuhov
• Their talks are titled \”The bane of backwards compatibility,\” \”OpenBSD\’s pf: Design, Implementation and Future\” and \”OpenBSD: Where crypto is going?\”
• No word on if there will be video recordings, but we\’ll let you know if that changes

DragonFly roadmap, post 3.6

• John Marino posted a possible roadmap for DragonFly, now that they\’re past the 3.6 release
• He wants some third party vendor software updated from very old versions (WPA supplicant, bmake, binutils)
• Plans to replace GCC44 with Clang, but GCC47 will probably be the primary compiler still
• Bring in fixes and new stuff from FreeBSD 10

BSDCan 2014 CFP

• BSDCan 2014 will be held on May 16-17 in Ottawa, Canada
• They\’re now accepting proposals for talks
• If you are doing something interesting with a BSD operating system, please submit a proposal
• We\’ll be getting lots of interviews there

casperd added to -CURRENT

• \”It (and its services) will be responsible forgiving access to functionality that is not available in capability modes and box. The functionality can be precisely restricted.\”
• Lists some sysctls that can be controlled

ZFS corruption bug fixed in -CURRENT

• Just a quick follow-up from last week, the ZFS corruption bug in FreeBSD -CURRENT was very quickly fixed, before that episode was even uploaded

Feedback/Questions

• Chris writes in: https://slexy.org/view/s2JDWKjs7l
• SW writes in: https://slexy.org/view/s20BLqxTWD
• Jason writes in: https://slexy.org/view/s2939tUOf5
• Clint writes in: https://slexy.org/view/s21qKY6qIb
• Chris writes in: https://slexy.org/view/s20LWlmhoK

• The written versions of the Tor, jails and OpenBSD router tutorials have gotten a few small improvements and fixes
• The poudriere and pkgng tutorials have been updated for the new 1.2 repository syntax
• All the tutorials are posted in their entirety at bsdnow.tv, including today\’s HUGE ZFS one
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• If you have stories about how you or your company uses BSD, interesting things you\’ve done, crazy network stories or cool projects, send them to us!
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)
• Kris\’ Skype video was coming straight from PCBSD this week!

The post Zettabytes for Days | BSD Now 14 first appeared on Jupiter Broadcasting.

Hello everyone and welcome back to SciByte!

We take a look at the Space Station resupply mission, dinosaurs, Mars, Snake Oil, Asteroids, cryptography, and take another peek at what’s up in the sky this week.

Direct Download:

MP3 Download | Ogg Download

RSS Feeds:

MP3 Feed | Ogg Feed | iTunes Feed