Show Notes: linuxunplugged.com/410

The post Ye Olde Linux Distro | LINUX Unplugged 410 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/323

The post It's Pronounced 19.10 | LINUX Unplugged 323 first appeared on Jupiter Broadcasting.

Show Notes: coder.show/352

The post Self Driving Disaster | Coder Radio 352 first appeared on Jupiter Broadcasting.

We’ve finally reached a hundred episodes, and this week we’ll be talking to Sebastian Wiedenroth about pkgsrc. Though originally a NetBSD project, now it runs pretty much everywhere & he even runs a conference about it!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

Remote DoS in the TCP stack

• A pretty devious bug in the BSD network stack has been making its rounds for a while now, allowing remote attackers to exhaust the resources of a system with nothing more than TCP connections
• While in the LAST_ACK state, which is one of the final stages of a connection’s lifetime, the connection can get stuck and hang there indefinitely
• This problem has a slightly confusing history that involves different fixes at different points in time from different people
• Juniper originally discovered the bug and announced a fix for their proprietary networking gear on June 8th
• On June 29th, FreeBSD caught wind of it and fixed the bug in their -current branch, but did not issue a security notice or MFC the fix back to the -stable branches
• On July 13th, two weeks later, OpenBSD fixed the issue in their -current branch with a slightly different patch, citing the FreeBSD revision from which the problem was found
• Immediately afterwards, they merged it back to -stable and issued an errata notice for 5.7 and 5.6
• On July 21st, three weeks after their original fix, FreeBSD committed yet another slightly different fix and issued a security notice for the problem (which didn’t include the first fix)
• After the second fix from FreeBSD, OpenBSD gave them both another look and found their single fix to be sufficient, covering the timer issue in a more general way
• NetBSD confirmed they were vulnerable too, and applied another completely different fix to -current on July 24th, but haven’t released a security notice yet
• DragonFly is also investigating the issue now to see if they’re affected as well

c2k15 hackathon reports

• Reports from OpenBSD’s latest hackathon, held in Calgary this time, are starting to roll in (there were over 40 devs there, so we might see a lot more of these)
• The first one, from Ingo Schwarze, talks about some of the mandoc work he did at the event
• He writes, “Did you ever look at a huge page in man, wanted to jump to the definition of a specific term – say, in ksh, to the definition of the “command” built-in command – and had to step through dozens of false positives with the less ‘/’ and ‘n’ search keys before you finally found the actual definition?”
• With mandoc’s new internal jump targets, this is a problem of the past now
• Jasper also sent in a report, doing his usual work with Puppet (and specifically “Facter,” a tool used by Puppet to gather various bits of system information)
• Aside from that and various ports-related work, Jasper worked on adding tame support to some userland tools, fixing some Octeon stuff and introduced something that OpenBSD has oddly lacked until now: an “-i” flag for sed (hooray!)
• Antoine Jacoutot gave a report on what he did at the hackathon as well, including improvements to the rcctl tool (for configuring startup services)
• It now has an “ls” subcommand with status parsing, allowing you to list running services, stopped services or even ones that failed to start or are supposed to be running (he calls this “the poor man’s service monitoring tool”)
• He also reworked some of the rc.d system to allow smoother operation of multiple instances of the same daemon to run (using tor with different config files as an example)
• His list also included updating ports, updating ports documentation, updating the hotplug daemon and laying out some plans for automatic sysmerge for future upgrades
• Foundation director Ken Westerback was also there, getting some disk-related and laptop work done
• He cleaned up and committed the 4k sector softraid code that he’d been working on, as well as fixing some trackpad issues
• Stefan Sperling, OpenBSD’s token “wireless guy,” had a lot to say about the hackathon and what he did there (and even sent in his write-up before he got home)
• He taught tcpdump about some new things, including 802.11n metadata beacons (there’s a lot more specific detail about this one in the report)
• Bringing a bag full of USB wireless devices with him, he set out to get the unsupported ones working, as well as fix some driver bugs in the ones that already did work
• One quote from Stefan’s report that a lot of people seem to be talking about: “Partway through the hackathon tedu proposed an old diff of his to make our base ls utility display multi-byte characters. This led to a long discussion about how to expand UTF-8 support in base. The conclusion so far indicates that single-byte locales (such as ISO-8859-1 and KOI-8) will be removed from the base OS after the 5.8 release is cut. This simplifies things because the whole system only has to care about a single character encoding. We’ll then have a full release cycle to bring UTF-8 support to more base system utilities such as vi, ksh, and mg. To help with this plan, I started organizing a UTF-8-focused hackathon for some time later this year.”
• Jeremy Evans wrote in to talk about updating lots of ports, moving the ruby ports up to the latest version and also creating perl and ruby wrappers for the new tame subsystem
• While he’s mainly a ports guy, he got to commit fixes to ports, the base system and even the kernel during the hackathon
• Rafael Zalamena, who got commit access at the event, gives his very first report on his networking-related hackathon activities
• With Rafael’s diffs and help from a couple other developers, OpenBSD now has support for VPLS
• Jonathan Gray got a lot done in the area of graphics, working on OpenGL and Mesa, updating libdrm and even working with upstream projects to remove some GNU-specific code
• As he’s become somewhat known for, Jonathan was also busy running three things in the background: clang’s fuzzer, cppcheck and AFL (looking for any potential crashes to fix)
• Martin Pieuchot gave an write-up on his experience: “I always though that hackathons were the best place to write code, but what’s even more important is that they are the best (well actually only) moment where one can discuss and coordinate projects with other developers IRL. And that’s what I did.”
• He laid out some plans for the wireless stack, discussed future plans for PF, made some routing table improvements and did various other bits to the network stack
• Unfortunately, most of Martin’s secret plans seem to have been left intentionally vague, and will start to take form in the next release cycle
• We’re still eagerly awaiting a report from one of OpenBSD’s newest developers, Alexandr Nedvedicky (the Oracle guy who’s working on SMP PF and some other PF fixes)
• OpenBSD 5.8’s “beta” status was recently reverted, with the message “take that as a hint,” so that may mean more big changes are still to come…

FreeBSD quarterly status report

• FreeBSD has published their quarterly status report for the months of April to June, citing it to be the largest one so far
• It’s broken down into a number of sections: team reports, projects, kernel, architectures, userland programs, ports, documentation, Google Summer of Code and miscellaneous others
• Starting off with the cluster admin, some machines were moved to the datacenter at New York Internet, email services are now more resilient to failure, the svn mirrors (now just “svn.freebsd.org”) are now using GeoGNS with official SSL certs and general redundancy was increased
• In the release engineering space, ARM and ARM64 work continues to improve on the Cavium ThunderX, more focus is being put into cloud platforms and the 10.2-RELEASE cycle is reaching its final stages
• The core team has been working on phabricator, the fancy review system, and is considering to integrate oauth support soon
• Work also continues on bhyve, and more operating systems are slowly gaining support (including the much-rumored Windows Server 2012)
• The report also covers recent developments in the Linux emulation layer, and encourages people using 11-CURRENT to help test out the 64bit support
• Multipath TCP was also a hot topic, and there’s a brief summary of the current status on that patch (it will be available publicly soon)
• ZFSguru, a project we haven’t talked about a lot, also gets some attention in the report – version 0.3 is set to be completed in early August
• PCIe hotplug support is also mentioned, though it’s still in the development stages (basic hot-swap functions are working though)
• The official binary packages are now built more frequently than before with the help of additional hardware, so AMD64 and i386 users will have fresher ports without the need for compiling
• Various other small updates on specific areas of ports (KDE, XFCE, X11…) are also included in the report
• Documentation is a strong focus as always, a number of new documentation committers were added and some of the translations have been improved a lot
• Many other topics were covered, including foundation updates, conference plans, pkgsrc support in pkgng, ZFS support for UEFI boot and much more

The OpenSSH bug that wasn’t

• There’s been a lot of discussion about a supposed flaw in OpenSSH, allowing attackers to substantially amplify the number of password attempts they can try per session (without leaving any abnormal log traces, even)
• There’s no actual exploit to speak of; this bug would only help someone get more bruteforce tries in with a fewer number of connections
• FreeBSD in its default configuration, with PAM and ChallengeResponseAuthentication enabled, was the only one vulnerable to the problem – not upstream OpenSSH, nor any of the other BSDs, and not even the majority of Linux distros
• If you disable all forms of authentication except public keys, like you’re supposed to, then this is also not a big deal for FreeBSD systems
• Realistically speaking, it’s more of a PAM bug than anything else
• OpenSSH added an additional check for this type of setup that will be in 7.0, but simply changing your sshd_config is enough to mitigate the issue for now on FreeBSD (or you can run freebsd-update)

Interview – Sebastian Wiedenroth – wiedi@netbsd.org / @wied0r

pkgsrc and pkgsrcCon

News Roundup

Now served by OpenBSD

• We’ve mentioned that you can also install OpenBSD on DO droplets, and this blog post is about someone who actually did it
• The use case for the author was for a webserver, so he decided to try out the httpd in base
• Configuration is ridiculously simple, and the config file in his example provides an HTTPS-only webserver, with plaintext requests automatically redirecting
• TLS 1.2 by default, strong ciphers with LibreSSL and HSTS combined give you a pretty secure web server

FreeBSD laptop playbooks

• A new project has started up on Github for configuring FreeBSD on various laptops, unsurprisingly named “freebsd-laptops”
• It’s based on ansible, and uses the playbook format for automatic set up and configuration
• Right now, it’s only working on a single Lenovo laptop, but the plan is to add instructions for many more models
• Check the Github page for instructions on how to get started, and maybe get involved if you’re running FreeBSD on a laptop

NetBSD on the NVIDIA Jetson TK1

• If you’ve never heard of the Jetson TK1, we can go ahead and spoil the secret here: NetBSD runs on it
• As for the specs, it has a quad-core ARMv7 CPU at 2.3GHz, 2 gigs of RAM, gigabit ethernet, SATA, HDMI and mini-PCIE
• This blog post shows which parts of the board are working with NetBSD -current (which seems to be almost everything)
• You can even run X11 on it, pretty sweet

DragonFly power mangement options

• DragonFly developer Sepherosa, who we’ve had on the show, has been doing some ACPI work over there
• In this email, he presents some of DragonFly’s different power management options: ACPI P-states, C-states, mwait C-states and some Intel-specific bits as well
• He also did some testing with each of them and gave his findings about power saving
• If you’ve been thinking about running DragonFly on a laptop, this would be a good one to read

OpenBSD router under FreeBSD bhyve

• If one BSD just isn’t enough for you, and you’ve only got one machine, why not run two at once
• This article talks about taking a FreeBSD server running bhyve and making a virtualized OpenBSD router with it
• If you’ve been considering switching over your router at home or the office, doing it in a virtual machine is a good way to test the waters before committing to real hardware
• The author also includes a little bit of history on how he got into both operating systems
• There are lots of mixed opinions about virtualizing core network components, so we’ll leave it up to you to do your research
• Of course, the next logical step is to put that bhyve host under Xen on NetBSD…

Feedback/Questions

• Kevin writes in
• Logan writes in
• Peter writes in
• Randy writes in

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• We’re always looking for interviews – get in touch if you’re doing anything cool with BSD that you’d like to talk about (or want to suggest someone else)

The post Straight from the Src | BSD Now 100 first appeared on Jupiter Broadcasting.

Can a 20 year old Star Trek game contain the secrets to a fantastic Action Adventure game for anyone? Well I think so, and in this episode I\’ll attempt to make my case!

Why I think Star Trek the 25th Anniversary has the key ingredients to a great game!

Direct Download:

HD Download | Mobile Download | MP3 Download | Ogg Download | YouTube

RSS Feeds:

HD Feed | Mobile Feed | MP3 Feed | Ogg Feed | iTunes HD Feed

Intro:

Instead of a game in which you simply rehash events that have been modified into a playable format, Star Trek: 25th Anniversary presents you with all new scenarios that run in the same vein as the original television series.

Graphics
Although the game graphics are clearly unspectacular by today\’s standard, they serve their purpose well. They were able to bring scenes to life that the TV shows budget, would never have allowed for.

Not afraid to have a more advanced look.

Fans got to see well known locations re-imagined, or in one mission, all beat up!

Voices
The digitized voices are available only on the Enhanced CD-ROM version. Playing the CD-ROM version is like acting out as an episode of Star Trek.

The Floppy disk version of the game was too limited on space for the voices.

Voice overs, multiple choice, often funny

**A real challenge*
NO hand holding, you have to look up facts, use tools in the scene. Find them your self.

First scene is a battle, no tutorial. Later in the game there are rather clever things you have to pick up on, to solve locks and puzzles. (This was pre-Google too).

Many missions had a sub-game wherein the player would figure out how to get the redshirt killed, although this would diminish their rating at the end of the mission.

The use of your crew is a key game play element. Turning them from token tagalongs, to full fledged helpers. And they act/help in the way you expect for their character.

Adorable copy protection
As a holdover from the Floppy Disk version, the CD-ROM version retains the copy protection in the form of a star chart inside the instruction manual. This chart must be used in order to choose the correct destination star system for each mission. This is a simple but effective copy protection scheme that fits well into the context of the game, unlike the traditional but tiresome \”find the fifth word on the third page\” routine.

Copy protection via the manual / sector map

The game contains a copy-protection system that asks the player to consult the game\’s manual to find out what star system to warp to on the navigation map. Warping to the wrong system sends the player into either Klingon or Romulan neutral zones, and initiates an extremely difficult battle that often ends in the destruction of the Enterprise.

The lost 4th Season

When the writers wrote this game, they viewed it as the never aired 4th season. And wanted it to feature stories and characters that would have been in that season.

Combined with the voice overs, this gives the game a nearly episodic feel to it. And sucks in the player.

This game manages to cross blur the lines between game and dramatic entertainment. Much how TOR does for me now.

Final Notes:

• One of DeForest Kelley\’s last roles
• When a closeup of Harry Mudd is displayed on Enterprise\’s viewscreen, his facial features are obscured by shadows. This is because Paramount required that when likenesses of real actors or actresses were used in the game, the approval of the actor or actress in question was needed. However, Roger C. Carmel, who played Mudd originally, had passed away by the time the game was made. This problem was only noted near the end of development, and negotiating a solution with Paramount would have delayed the release. Therefore the decision was made not to actually show Mudd\’s face clearly.

Abandonware

Download Star Trek – 25th Anniversary | Abandonia

Download Star Trek – Judgment Rites | Abandonia

Support Jupiter Broadcasting with your Purchase:

[asa book]B00001QEQ1[/asa]

Links:

• Star Trek: 25th Anniversary (PC) – Memory Alpha, the Star Trek Wiki
• DOSBox, an x86 emulator with DOS

The post Classic Adventure Gaming | In Depth Look first appeared on Jupiter Broadcasting.

It’s our review of Mandriva 2011!

Plus we cover the early rumors of MeeGo’s death, Mark Shuttleworth’s bet against the mobile operators, and the major security issues that struck Linux this week.

All this week on, The Linux Action Show!

Thanks to:

GoDaddy.com Use our codes LINUX to save 10% at checkout, or LINUX20 to save 20% on hosting!

Subscribe…— The Linux Action Show! —iTunes MP3iTunes Large VideoiTunes iPod VideoLarge Video RSSiPod Video RSSMP3 Audio RSSOgg Audio RSS— ALL SHOWS —iTunes Large VideoiTunes MP3Large Video RSSMP3 Audio RSSOGG Audio RSS— PODCAST NETWORKS —StitcherMiroZuneiTunes

[ad#shownotes]

Episode Show Notes:

Runs Linux:

Dual-band Wi-Fi router, Runs Linux

Android Pick:

• ETERNITY WARRIORS
• Android Picks so far thanks to Madjo in the IRC Chat room!

Linux Pick:

• wibom: Wine bottle management
• Linux App Picks so far. Thanks to Madjo!

News:

• MeeGo OS fading fast? Intel says it’s ‘still committed’
• Ohio LinuxFest 2011
• Oracle retires licence for distributing its Java with Linux
• Mark Shuttleworth donates USD$400k to the Serval Batphone – Peer to Peer telephony using Android
• Upcoming Linux Game ‘Blocks That Matter’ Wins $ 40,000 playable demo is out for download
• Watch Jupiter Broadcasting rock PAX
• Kernel.org security breach
• Kernel.org attackers did not know what they had
• Debian and Ubuntu patch apache from the ‘killer’ DoS
• More info on both stories in this week’s TechSNAP

Mandriva 2011 Review:

• Mandriva Desktop 2011 review
• 2011.0 Mandriva Tour
• 2011.0 Release Notes
• Mageia – Based on Mandriva Distribution
• Mandriva 2011 vs Mageia 1

Find us on Google+

• Allan
• Chris

Find us on Twitter:

• Allan – Allanjude
• Chris – ChrisLAS

Follow the network on Facebook:

• Jupiter Broadcasting on Facebook

Catch the show LIVE at 10am on Sunday:

• https://jblive.tv

The post Mandriva 2011 Review | LAS | s18e05 first appeared on Jupiter Broadcasting.

Apache and PHP have hooked up at the fail party, and we’ll share all the details to motivate you to patch your box!

Then Microsoft takes a stab at AES and we wrap it all up with a complete run down of Nagios, and how this amazing tool can alert you to a potential disaster!

All that and more, on this week’s TechSNAP!

Direct Download Links:

HD Video | Large Video | Mobile Video | WebM Video | MP3 Audio | OGG Audio | YouTube

Subscribe via RSS and iTunes:
Subscribe... --RSS-- TechSNAP HD TechSNAP Large TechSNAP Mobile TechSNAP MP3 TechSNAP OGG --iTunes-- TechSNAP iTunes HD TechSNAP iTunes Mobile TechSNAP iTunes Large TechSNAP iTunes MP3

[ad#shownotes]

Show Notes: