Show Notes: linuxactionnews.com/251

The post Linux Action News 251 first appeared on Jupiter Broadcasting.

Show Notes: linuxactionnews.com/220

The post Linux Action News 220 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/371

The post Cabin Fever | LINUX Unplugged 371 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/358

The post Our Fragmented Favorite | LINUX Unplugged 358 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/355

The post Chris' Data Crisis | LINUX Unplugged 355 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/347

The post Arm is Here | LINUX Unplugged 347 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/336

The post Linus' Filesystem Fluster | LINUX Unplugged 336 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/324

The post RAMburglars | LINUX Unplugged 324 first appeared on Jupiter Broadcasting.

Show Notes/Links: linuxunplugged.com/277

The post Skipping Fedora 31 | LINUX Unplugged 277 first appeared on Jupiter Broadcasting.

RSS Feeds:

HD Video Feed | MP3 Feed | iTunes Feed

Become a supporter on Patreon:

Episode Links:

linuxactionnews.com/66

The post Linux Action News 66 first appeared on Jupiter Broadcasting.

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed | WebM Torrent Feed

Become a supporter on Patreon:

Show Notes:

Follow Up / Catch Up

KDE Neon Developer OS Switches To Plasma Wayland By Default

KDE developers have decided to switch to Wayland by default for KDE Neon’s unstable/developer OS.

• Fedora 25 To Run Wayland By Default

This authorization corrects a bureaucratic mistake: FESCo previously authorized the change for Fedora 24, but the Workstation working group decided to defer the change to Fedora 25, then forgot to request authorization again for Fedora 25 as required. An objection was raised on the grounds that the proper change procedure was not followed, so to sidestep this objection we decided to request permission again from FESCo, which granted the request. Authorization to proceed with the change does not mean the decision to proceed has been made; the change could still be deferred, just as it was for Fedora 24.

• Let’s pretend that by Fedora 25, Wayland becomes the default display server and all of its major bugs are fixed. What tangible benefits would this bring to Linux users — gamers, developers, etc.? : Fedora

ext4 break with 32,000 Files

I ran into a bug with the ext4 filesystem that causes it to fail if there are more than about 32,000 files in a directory. The technical reasons for this are boring and I really don’t care why; I just want to trust that my filesystem will do the right thing.

How to flash Meizu Pro 5 to Ubuntu Touch From the start the Meizu Pro 5

I could have done with this last week Having gone through the process myself, this document is great and all you need

• meizu_pro5_ubuntu.pdf

TING

• Ting – mobile that makes sense

Adobe Flash goes crawling back to Linux for some security

The official announcementsaid: “Today we are updating the beta channel with Linux NPAPI Flash Player by moving it forward and in sync with the modern release branch (currently version 23). We have done this significant change to improve security and provide additional mitigation to the Linux community.”_

FBI Announces Post-Election Attack on Encryption

Comey’s intention to renew the fight against encryption came about because the issue “has dipped below public consciousness now.” The wait to address encryption until 2017 comes because “next year we can have an adult conversation in this country” about it.

KDE Software Store to Soon Offer Downloads in Snap, Flatpak and AppImage Formats

Revealing the fact that users might be able to soon download their favorite open source applications in the new Snap, Flatpak, and AppImage binary formats, which allows you to use those apps on any distro that supports them.

elementary OS has a Countdown

DigitalOcean

• DigitalOcean: SSD Cloud Server, VPS Server, Simple Cloud Hosting

FreeBSD Now Has A Port For CentOS 7 Binary Support

As of yesterday, linux_base-c7 landed in ports for installing the CentOS 7 base packages. This will allow running newer Linux binaries built for modern CentOS/RHEL 7 era systems on FreeBSD, assuming the source isn’t available or isn’t compatible natively with FreeBSD. Previously CentOS 6 was the default port used for this Linux binary compatibility with FreeBSD.

KaOS Brings Serious Relevance Back to KDE | Linux.com | The source for Linux information

If you’ve been looking for a distribution to sway you back to the KDE desktop, look no further than KaOS. It’s beautiful, runs with the snap of a much lighter desktop, and feels as reliable as any other option available for Linux. I

I haven’t been this impressed with KDE for a very, very long time.

• KaOS – A Lean KDE Distribution

Linux Academy

• Linux Academy | Linux and AWS Online Training

Multi-process Firefox brings 400-700% improvement in responsiveness

In the coming weeks, Mozilla will push multi-processing to 100 percent of their initial cohort of users. This group represents 40-50 percent of total users. Within the next six months, a majority of users can expect to have the capabilities. Here is a little cheat sheet of upcoming releases:

• Firefox 49: Enabling for a set of add-ons that work well with multi-processing
• Firefox 50 or 51: Sandboxing and enabling for more add ons
• Firefox 52 or 53: Multiple content processes

Post-Show:

• Zodiac FX OpenFlow Switch – Northbound Networks

• Tough Pi by Brett Swann — Kickstarter

The post A Real Pain in the Flash | LINUX Unplugged 161 first appeared on Jupiter Broadcasting.

Researches have uncovered a weakness in almost all Internet encryption. We’ll explain what LogJam is, how to protect yourself & what the cause is.

Plus Linux gets bit by a filesystem corruption bug, passport id thieves, a great batch of questions & much, much more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

LogJam: How Diffie-Hellman Fails in Practice

• Researches have uncovered several weaknesses in how the Diffie-Hellman key exchange has been deployed.
• Diffie-Hellman key exchange is a popular cryptographic algorithm that allows Internet protocols to agree on a shared key and negotiate a secure connection. It is fundamental to many protocols including HTTPS, SSH, IPsec, SMTPS, and protocols that rely on TLS.
• The vulnerability affects an estimated 8.4 percent of the top one million websites and a slightly bigger percentage of mail servers populating the IPv4 address space, the researchers said.
• The weakness is the result of export restrictions the US government mandated in the 1990s on US developers who wanted their software to be used abroad.
• The regime was established by the Clinton administration so the FBI and other agencies could break the encryption used by foreign entities.
• Attackers with the ability to monitor the connection between an end user and a Diffie-Hellman-enabled server that supports the export cipher can inject a special payload into the traffic that downgrades encrypted connections to use extremely weak 512-bit key material.
• Using precomputed data prepared ahead of time, the attackers can then deduce the encryption key negotiated between the two parties.
• Ironically, Diffie-Hellman is supposed to provide an additional layer of protection because it allows the two connected parties to constantly refresh the cryptographic key securing Web or e-mail sessions.
• The so-called perfect forward secrecy that Diffie-Hellman makes possible significantly increases the work of eavesdropping because attackers must obtain the key anew each time it changes, as opposed to only once with other encryption schemes, such as those based on RSA keys.
• Logjam is significant because it shows that ephemeral Diffie-Hellman—or DHE—can be fatal to TLS when the export-grade ciphers are supported. Logjam is reminiscent of the FREAK attack that also allowed attackers to downgrade HTTPS connections to 512-bit cryptography.
• If you have a web or mail server, you should disable support for export cipher suites and generate a unique 2048-bit Diffie-Hellman group. We have published a Guide to Deploying Diffie-Hellman for TLS with step-by-step instructions. If you use SSH, you should upgrade both your server and client installations to the most recent version of OpenSSH, which prefers Elliptic-Curve Diffie-Hellman Key Exchange.
• Make sure you have the most recent version of your browser installed, and check for updates frequently. Google Chrome (including Android Browser), Mozilla Firefox, Microsoft Internet Explorer, and Apple Safari are all deploying fixes for the Logjam attack.
• Make sure any TLS libraries you use are up-to-date and that you reject Diffie-Hellman Groups smaller than 1024-bit.
• PDF Report: Imperfect Forward Secrecy:
  How Diffie-Hellman Fails in Practice
• Additional Coverage: ArsTechnica
• Logjam Attack Proof of Concept Demonstrations
• How 1990s Encryption Backdoors Put Today’s Internet In Jeopardy
• You can disable all short DH key lengths in Firefox’s about:config

US Passport Agency contractor stole applicants’ data to steal their identities

• Three women from Houston, Texas, stand accused of engaging in an identity theft scheme in which one of them, a contract employee of the Department of State Passport Agency, was in charge of stealing personally identifiable information of persons applying for a passport.
• The information was then used to create counterfeit identification documents, which the other two women would use to successfully impersonate the affected individuals in order to fraudulently obtain commercial lines of credit and to purchase iPhones, iPads and other goods online.
• This scheme went on for over five years.
• No direct details on how the contractors captured the data in question. But we can make a reasonable guess based on recent IT security policy changes.
• According to The Washington Post, the US Passport Agency has decided last month to ban both federal employees and private contractors from bringing devices equipped with a camera into the offices where they review and process requests for passports.
• Apparently, this decision was influenced by the Houston incident, indicating that McClendon likely took pictures of private information on passports.
• Jim Gogolinski, Senior Threats Researcher at Trend Micro, wrote a helpful overview of the malicious insider problem, and offered some advice on how to prevent and mitigate the insider threat:
• Jim’s basic premises is, the insider threat can be broken down into three issues: why do people within become threats, what damage can they do, and how these can be prevented.
• Insider threats 101: The threat within

New Linux kernel corrupting file systems

• It appears that the current Linux 4.0.x kernel is plagued by an EXT4 file-system corruption issue. If there’s any positive note out of the situation, it seems to mostly affect EXT4 Linux RAID users.
• There have been several reports of people affected by an ext4 data corruption bug in Linux 4.0.2.
• All EXT4 RAID0 users on the Linux 4.0.x kernel or current Linux 4.1 Git code are advised to downgrade until the next 4.1 release candidate or 4.0.x stable release otherwise you stand good chances of hosing your file-system.
• It also looks like if dropping the discard mount option you will also avoid being hit by this serious issue. This isn’t a problem for Linux users on distributions like RHEL, Ubuntu, and other fixed-release distributions that don’t tend to update major versions of their kernel post-release.
• The issue was caused by an MD commit late into the Linux 4.0 kernel cycle, a.k.a. a commit that was “md/raid0: fix bug with chunksize not a power of 2..”
• The commit was by SUSE’s Neil Brown.
• Eric Work has devised a small fix to address the corruption problem, but for now it’s only present within the MD Git tree.
• kernel/git/torvalds/linux.git – Linux kernel source tree
• #785672 – Critical ext4 data corruption bug – Debian Bug report logs

Feedback:

• ZFS Fragmentation

• Certificate chain, the Intermediate issuer is interchangeable?

• VMs to Linux

• Double gateways for pfSense squid?

Round-Up:

• U.S. aims to limit exports of undisclosed software flaws – Said another way: US to prohibit the export of penetration testing tools without a license
• CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization
• NSA Planned to Hijack Google App Store to Hack Smartphones
• US Navy Abandons Cloud and Data Center Plans In Favor of New Strategy
• NetUSB Driver Flaw Exposes Millions of Routers to Hacking
• Telstra Says Newly Acquired Pacnet Hacked, Customer Data Exposed
  
• FBI: researcher admitted to hacking plane in-flight, causing it to “climb”
• Trident whistleblower says nuclear subs are insecure, unsafe and ‘a disaster waiting to happen’
• Simple Flaw Exposed Data On Millions of Charter Internet Customers

The post EXTenuating Circumstances | TechSNAP 215 first appeared on Jupiter Broadcasting.

Spy agencies target mobile phones, app stores to implant spyware & the extent of the effort is shocking. Linux 4.0 has a EXT4 corruption bug, YouTube brings the fight to Twitch & Netflix has some big updates.

Then we have a Kickstarter of the week to help you men lucid dream, the penis way.

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Video Feed | Torrent Feed

Become a supporter on Patreon

Show Notes:

Spy agencies target mobile phones, app stores to implant spyware

Electronic intelligence agencies began targeting UC Browser — a massively popular app in China and India with growing use in North America — in late 2011 after discovering it leaked revealing details about its half-billion users.

Their goal, in tapping into UC Browser and also looking for larger app store vulnerabilities, was to collect data on suspected terrorists and other intelligence targets — and, in some cases, implant spyware on targeted smartphones.

The 2012 document shows that the surveillance agencies exploited the weaknesses in certain mobile apps in pursuit of their national security interests, but it appears they didn’t alert the companies or the public to these weaknesses. That potentially put millions of users in danger of their data being accessed by other governments’ agencies, hackers or criminals.

NSA Planned to Hijack Google App Store to Hack Smartphones – The Intercept

Linux 4.0 Has a File-System Corruption Problem, RAID Users Warned

For the past few days kernel developers and Linux users have been investigating an EXT4 file-system corruption issue affecting the latest stable kernel series (Linux 4.0) and the current development code (Linux 4.1). It turns out that Linux users running the EXT4 file-system on a RAID0 configuration can easily destroy their file-system with this newest “stable” kernel. The cause and fix have materialized but it hasn’t yet worked its way out into the mainline kernel, thus users should be warned before quickly upgrading to the new kernel on systems with EXT4 and RAID0.

• Apparently this was fixed in the 4.0.3 Kernel. The current release is 4.0.4.

YouTube eyes Twitch user base, adds 60 FPS live streams with HTML5 playback | Ars Technica

The HTML5 player will not only save users from the CPU and batter__y-eating Flash player, but will also enable variable speed playback, allowing users to “skip backward in a stream while it’s live and watch at 1.5x or 2x speed to catch back up.”

Netflix To Roll Out A New, More Immersive Web Interface Starting In June | TechCrunch

Netflix confirms today that it will roll out a new user interface on the web to all users worldwide beginning next month. A number of Netflix customers are already seeing the updated look-and-feel, however, according to various reports. The interface, which was previously demonstrated at CES and Mobile World Congress, brings the design of Netflix’s website more in line with what users today see on mobile phones, tablets, on gaming consoles and on other streaming media players, like Roku.

NPT Lucid Dreamer by NPT Lucid Dreamer — Kickstarter

Men, trigger lucid dreams using nocturnal penile tumescence (NPT). By far the simplest & most reliable method possible.

The post Corrupt Accomplices | Tech Talk Today 174 first appeared on Jupiter Broadcasting.

Synology’s Linux powered DS412+ is a powerful server, wrapped in a ultra compact near silent enclosure. How does this unit stack up to a FreeNAS server you could build? Is the lack of ZFS support a hindrance? Our answers might surprise you.

Plus: Did Mark Shuttleworth shift the tone of the community dialog by labeling his opposition the open source Tea Party? It’s our blow-by-blow guide to the big stink over the weekend, that we will be smelling for weeks….

AND SO MUCH MORE!

All this week on, The Linux Action Show!

Thanks to:

Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | Ogg Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Feed | Ogg Feed | iTunes Feeds | Torrent Feed

Support the Show:

Synology DS412+ Review

Brought to you by: System76

Check out System76 on G+

• Linux 3.2.40

• 1GB DDR 3

• Intel(R) Atom(TM) CPU D2701 @ 2.13GHz

• 205.68 MB/sec Reading, 182.66 MB/sec Writing (with link aggregation enabled)

• 2 LAN with Failover and Link Aggregation Support

• USB 3.0

• eSATA

• CPU Passive Cooling

• Windows® ADS and ACL Support

• iSCSI support provides a seamless storage solution for virtualization servers

• 44 watts power consumption in operation

• CIFS, AFP, FTP, iSCSI, Telnet, SSH, NFS, SNMP, WebDAV, CalDAV

• File Systems:

• EXT4
  • EXT3 (External Disk Only)
  • FAT (External Disk Only)

• NTFS (External Disk Read Only)

The Synology Hybrid RAID (SHR) automatically builds an optimal RAID
volume with data protection based on the hard drives installed, eliminating
the need to have hard drives of identical

• DS photo+ – Android Apps on Google Play

• DS file – Android Apps on Google Play

• DS download – Android Apps on Google Play

• Amazon.com: Synology DiskStation 4-Bay 12TB

[asa]B008U68UHG[/asa]
[asa]B007JLE84C[/asa]

---

– Picks –

Runs Linux:

• The Navy’s newest warship is powered by Linux
• Newest $3.5 billion navy ship – actually commanded by Captain Kirk – is floating data center with guns

Desktop App Pick

• Clementine Music Player
• Media player indicator – GNOME Shell Extensions
• Perfect Linux Home Server | The Linux Action Show

Weekly Spotlight:

• Antergos

Git yours hands all over our STUFF:

• Jupiter Broadcasting Affiliate Extensions
• Callisto-app – Google Project Hosting
• Quick Update to the Jupiter Broadcasting Android App

---

— NEWS —

• Named Ubuntu 14.04, and the OSS Tea Party

• Aaron Seigo – Google+ – +Mark Shuttleworth, You write in the blog linked below: …

• Mark Shuttleworth Lennart completely misses the point.

• VirtualBox 4.3 )

• Interviews · redecentralize.org

• Is TrueCrypt Audited Yet?

– Feedback: –

• Linux for the Older Generation
  • Zorin OS – Home

• Your missing the point with Ubuntu

Bitmessage:

BM-GuJRSMgViBNXnafzuRQL3tpHHFSJQ5Wm

— Chris’ Stash —

• New updates to the Chrome and Firefox extensions!

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— What’s Matt Doin? —

• [Matt’s Birthday – a huge thank you ]

  — Find us on Google+ —

• Chris

• Matt Hartley

• Jupiter Broadcasting’s Page

— Find us on Twitter —Hang

• Chris – ChrisLAS
• Matt – matthartley

— Follow the network on Facebook: —

• Jupiter Broadcasting on Facebook

— Catch the show LIVE Sunday 10am Pacific / 1pm Eastern / 6pm UTC: —

• https://jblive.tv
• Network Calendar

The post DiskStation vs FreeNAS | LAS s29e03 first appeared on Jupiter Broadcasting.

]]> https://original.jupiterbroadcasting.net/34346/time-to-git-zfs-techsnap-103/ Thu, 28 Mar 2013 16:38:51 +0000 https://original.jupiterbroadcasting.net/?p=34346 How the KDE project avoided a git disaster, the root problem with Java, and the researcher who found many S3 buckets exposed to the public.

The post Time to Git ZFS | TechSNAP 103 first appeared on Jupiter Broadcasting.

]]>

Is your bucket exposed to the public? A security researcher has recently discovered many S3 buckets are publicly available, we’ll share the details.

Plus how the KDE project avoided a git disaster, the root problem with Java, a big batch of your questions, and much much more!

Thanks to:

GoDaddy.com Use our code hostdeal4 to score economy hosting for $1 a month, for one year. 35% off your ENTIRE order just use our code go35off4 until the end of the month!
Ting.com Visit techsnap.ting.com to save $25 off your device or service credits.

Direct Download: HD Video | Mobile Video | MP3 Audio | Ogg Audio | YouTube | HD Torrent | Mobile Torrent RSS Feeds: HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feeds | Torrent Feed

 

Support the Show:

Purchase anything at Amazon.com Purchase anything at Think Geek using this link Purchase anything at Newegg using this link Contribute directly on our donation page or check out our advertising options and reach millions of amazing people! Grab our Chrome Extension and auto-tag your shopping session for us!

   

Show Notes:

Get TechSNAP on your Android:

• Callisto – Android App
• Jupiter Broadcasting – Android App by ShaneQful

Browser Affiliate Extension:

• Jupiter Broadcasting Affiliate Extensions for Chrome and Firefox

Amazon S3 buckets unknowingly exposed?

• Security researcher Digininja was watching an old Hak5 episode about Amazon S3 and decided to give the free trial from Amazon a try
• All S3 buckets are accessed as: bucketname.s3-region.amazonaws.com
• An S3 bucket can be marked as Public or Private
• If you access the root of a Public bucket, you are given a list of the files inside that bucket
• Public S3 buckets can contain files that are marked as either Public, or Private
• Attempting to access a file marked private without an access key will return a HTTP 403 error
• While experimenting, he found that if you try to access a bucket that is assigned to a different region, amazon gives you a helpful redirect message
• Based on this, Digininja decided to try a wordlist against the Amazon S3 subdomain, and see what he could find in other peoples’ buckets
• Digininja was surprised to find that many buckets were marked public, rather than private
• While scraping through the results, he found a number of documents that should have been marked private but were not, including a Ministry of Defence training requisition form (containing personal information including SSN), a spreadsheet containing the accounts of a company, and many personal photos and videos
• It seems a lot of people are unknowingly making the contents of the S3 buckets public
• A number of people also appear to be trying to use S3 as a CDN, using it to host the images for their website (S3 is not a CDN, it can be rather slow, Amazon has a separate service to serve the contents of S3 via a CDN, called CloudFront)
• Researcher’s Blog Post
• Researcher’s Findings Post

---

The narrowly avoided Great KDE Disaster of 2013

• On March 22nd, the server that hosts git.kde.org was shut down for security updates, when it restarted there was evidence of file system corruption
• The original cause of the problem was not determined
• The real problem came, when the anongit mirrors of the 1500 KDE repositories mirrored the corrupt data, and there were no uncorrupt mirrors left
• The problem stems from the fact that in the replication strategy, git.kde.org was always considered to be correct
• The system they had in placed relied on the ability to sync an anongit mirror back upstream if there was a problem with the master
• It seems that git –mirror just copies data from the master, without the usual verification and safety measures that happen in git clone
• Luckily, KDE was in the process of replacing the projects.kde.org server, and it happened to have a mirror of the git repo from before the corruption, and they were able to restore git.kde.org from that
• The article goes on to discuss a number of the steps they are taking to make their system more robust in the future
• Update with more information to responses to common comments
• The update addresses the sysops 101 adage “mirrors are not backups”
• It talks about the problems they have with traditional backup systems
• tar: how do you take a tar archive of a live system? keeping .tar files going back 30+ days would take too much space (or cost to much to use S3 etc)
• rsync: same problem with a live system and rsync creates a mirror, which is not a backup
• Any answer? ZFS
• ZFS RAID Z, and ZFS snapshots are STILL not a backup
• But a ZFS snapshot can allow you to take a tar archive of a consistent version of the repo (no files will change with the tar is being made, since snapshots are read only
• Or better yet, you could store the actual ZFS snapshots (via ZFS send), so that you are basically getting ‘incremental’ backups, only the changed blocks are stored in each snapshot (requires that you keep and initial full snapshot and all incremental snapshots since then). Managing this can be difficult
• Backup software such as Bacula, running off the snapshots, would be the best solution

---

The root of the Java problem

• According to research by Websense, 93.77% of all installs of Java that were surveyed are vulnerable to at least one known exploit
• 75% of devices run a version that is at least 6 months old, 50% more than 2 years old
• 79% of devices are using some version of Java 6, which has now reached its End-Of-Live

---

Feedback:

• How can I go about telling my university that it has a vulnerability?

• pfSense question

• Getting started with KDE on FreeBSD?

• Nginx best-practice user setup

• Dump of username attempts for SSH login

• How I feel, as a Linux user, when Allan mentions ZFS.

---

Round Up:

• Apple finally enabled Two-Factor authentication for My Apple ID
• Mastercard hits PayPal and other Intermediaries with new higher per-transaction fee this June, because they do not disclose what you bought
• DHS to start scanning more internet traffic, moving from just Defense Contractors to ‘Infrastructure’ including banks and some transportation companies
• FBI’s top priority in 2013? Real-time spying on Gmail, Dropbox and Skype
• Server Room Cabling Hell: 15 of the Worst Server Wiring Jobs Ever!
• Paypal To Drop VMware From 80,000 Servers and Replace It With OpenStack
• “Perfect storm” pushes Bitcoin to $1b Market Cap Closer Toward the $100 per-coin mark
• Canadian Supreme Court rules that police need a warrent to read your text messages
• Egyptian navy arrests 3 attempting to sabotage undersea internet cable

---

The post Time to Git ZFS | TechSNAP 103 first appeared on Jupiter Broadcasting.

]]> https://original.jupiterbroadcasting.net/29171/wordpress-lan-recon-techsnap-89/ Thu, 20 Dec 2012 17:50:14 +0000 https://original.jupiterbroadcasting.net/?p=29171 A malicious Apache module that uses some clever tricks so that you'll never find it, a WordPress flaw that exposes your LAN, and a big Samsung exploit.

The post WordPress LAN Recon | TechSNAP 89 first appeared on Jupiter Broadcasting.

]]>



A malicious Apache module that uses some clever tricks so that you’ll never find it, a WordPress flaw that exposes your LAN, and the big Samsung exploit you might not have heard about!

Plus a big batch of your questions, and so much more on this week’s TechSNAP!

Thanks to:

GoDaddy.com

Use our code tech295 to get a .COM for $2.95.

Something else in mind? use go20off5 to save 20% on your entire order!

$4.99 SSL certificates, just use our code 499ssl2. Expires 12-31-12!

Pick your code and save:
techsnap7: $7.49 .com
techsnap10: 10% off
techsnap11: $1.99 hosting for the first 3 months
techsnap20: 20% off 1, 2, 3 year hosting plans
techsnap40: $10 off $40
techsnap25: 25% off new Virtual DataCenter plans
techsnapx: 20% off .xxx domains

 

Direct Download: HD Video | Mobile Video | MP3 Audio | Ogg Audio | YouTube | HD Torrent | Mobile Torrent RSS Feeds: HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feeds | Torrent Feed

 

Support the Show:

Purchase anything at Amazon.com Purchase anything at Think Geek using this link Purchase anything at Newegg using this link Contribute directly on our donation page or check out our advertising options and reach millions of amazing people! Grab our Chrome Extension and auto-tag your shopping session for us!

   

Show Notes:

Get TechSNAP on your Android:

• Callisto – Android App
• Jupiter Broadcasting – Android App by ShaneQful

Browser Affiliate Extension:

• Jupiter Broadcasting Affiliate Extensions for Chrome and Firefox

Updated version of rouge Apache Module injects iframes, but hides from administrators

• The module, known as Linux/Chapro.A and alternately as Darkleech, is loaded into an Apache server and injects iframes into the pages that are served
• The iframes load content from malicious sites, usually the with intent of infecting the visitor with the Zeus trojan (Win32/Zbot), or another malware such as the new Sweet Orange exploit kit
• What makes this module exceedingly clever is that it uses a number of techniques to prevent itself from being discovered and to mask the source of the infection
• For starters, the module checks all open SSH sessions on the host server and will not serve the malware to any website visitors from those IP addresses
• The malware also looks at the user agent string, and purposely does not serve the malware to bots, crawlers (Attempting to avoid detection by the likes of Google’s Safe Browsing system) or machines that are not likely to be vulnerable (it purposely does not inject the iframe for browsers on OS X, Linux or BSD or mobile devices)
• The malware also does not attempt to infect the same user twice, via communications with a C&C server, the module decides whether or not to attempt to infect a user. This means that returning to the site if you are already infected, your IP address has been seen before or you are marked by a cookie, will return in you not being served the malware
• This remote C&C server also determines the content that is injected, allowing the controllers to change the iframe to point to a different exploit without having to change the apache module
• These factors make it much harder for server administrators to determine that it is infact their server that is injecting the iframe, not something on the users’ side, but also makes it harder for users and researchers to determine which site infected them, as they may not see the malicious content on a return visit
• As we know the Zeus trojan targets users of European and Russian banks, and attempts to steal users’ credentials
• Some banks have started adding warnings to their login screen, notifying users that the bank will never ask them for specific pieces of information, like their card PIN, or CVC/CVV value, however machines infected with the trojan do not see the warning, as it is removed by the malware
• The apache module has also been seen to deliver the Sweet Orange exploit kit
• The developers of the new sweet orange exploit kit claim an infection rate of 10–25%
• The developers have 45 dedicated IP addresses and 267 unique domains to allow them to avoid blacklists
• Researchers also found an alarmingly low detection rate when some of the domains and IPs were run through scanners
• It has yet to be seen if this new-comer can compete with the industry-dominating Blackhole Exploit Kit

---

Researcher exploits old design flaw in WordPress to turn it into an Island Hopping Machine

• WordPress and many other blogging platforms use a feature called ‘pingback’ to alert other blogs when they are being mentioned
• In WordPress this causes the blog being mentioned to add a link to the new blog post as a comment, making the connection bidirectional
• The way this works is upon receiving a pingback request the wordpress site will contact the URL included in the pingback and attempt to find links to itself and if found, add the requested comment
• The issue here is that the pingback request may not actually originate from the site mentioned in the pingback
• In a wordpress bug opened in 2007, the reporter describes a scenario where many wordpress sites could be asked to pull large files from a victim site, causing a bandwidth amplification attack on both the requesters and the responder. Additionally an extremely large number of wordpress sites could be used for a regular distributed denial of service attack against a target site
• The severity of this flaw was considered low and while some attempts to write patches to prevent large files from being returned were written for older versions of wordpress, it seemed that the feared attacks never surfaced and nothing was ever done about it
• However, new research by Bogdan Calin (the researcher that developed the ‘hijack your router via an email message to your iOS device’ attack) has found a more novel use for this flaw
• In addition to causing wordpress to execute his existing attacks against routers on the local networks of the wordpress sites he is attacking, he has also managed to map the various error messages wordpress returns to be able to explore and map the local network
• WordPress returns different error messages based on if the host of the requested pingback URL resolves or not or if the port connected to is open or not (connection refused, timeout, or connected)
• This allows anyone with access to the xmlrpc.php (which is typically publically exposed) to determine if specific hostnames (especially unqualified ones) such as svn, subversion, dev, fileserver, exchange, bugzilla, etc exist or not as well as do port scans (request a pingback to https://192.168.0.100:22/ and see which error message you get)

---

Some Samsung devices include full read/write access to all memory, allowing easy rooting and exploitation of the devices

• /dev/exynos-mem has world read/write permissions and seems to be very similar to /dev/mem
• The device seems to be used by the Camera and HDMI interfaces on the devices
• The exploit allows for dumping all device ram, kernel code injection, and possibly malicious app installation
• Additional Coverage
• A new app called ExynosAbuse APK chmod’s the device at boot to prevent world read/write access, however this may disable your camera and HDMI interfaces
• Samsung Exynos kernel exploit offers easy root and malware possibilities | Android Community
• Vulnerable devices include:
• Samsung Galaxy S II, S III and S III LTE
• Samsung Galaxy Camera
• Samsung Galaxy Note, Note II, and Note II LTE
• Samsung Galaxy Note 10.1
• Samsung Galaxy Tab 7.0 Plus
• Samsung Galaxy Tab 7.7
• Hardkernel ODROID-A and Hardkernel ODROID-X
• Lenovo K860
• Meizu MX 2-Core, Meizu MX 4-Core and Meizu MX2
• Newman N2
• ORIGEN 4 Dual and ORIGEN 4 Quad

---

Feedback:

• Hardware Monitoring under FreeBSD?
• Best FS for RAID?
• 3 Points of Note
• A better way to manage configuration for openvpn
• Domain Spotting

HALL OF SHAME:

• Alabama Department of Education USA Hall of shame

Round Up:

• It’s the 90s again, Excel macro viruses make a comeback disgused as Sudoku puzzles
• Java 7u10 (JDK 1.7.0_10-b18) includes new Java control panel option to disable running plugins in your browser
• Researchers find hash collision Denial of Service attack against Btrfs
• Wikipedia moving from MySQL to MariaDB
• Cox Comm. Injects Code Into Web Traffic To Announce Email Outage
• More attacks on SCADA systems, including the HVAC in your office building
• ISP Data caps generate record revenues while doing little to combat congestion
• SSD prices continue to drop while HDD prices remain inflated
• Online game HON (Heros of Newerth) has its password database leaked, live streaming players targeted. Some twitter accounts compromised (DON’T REUSE PASSWORDS!)
• Design flaw in Adobe Shockwave could allow attackers to purposefully cause Shockwave to install/use an older vulnerable version to view their content, allowing them to exploit already patched flaws
• Oracle posts policies for thier cloud offerings, many concerning aspects for potential enterprise customers
• Large donations from Mark Cuban and Markus ‘Notch’ Persson create ‘Mark Cuban Chair to Eliminate Stupid Patents’ at the EFF

The post WordPress LAN Recon | TechSNAP 89 first appeared on Jupiter Broadcasting.

]]> https://original.jupiterbroadcasting.net/26941/lightworks-preview-las-s24e04/ Sun, 04 Nov 2012 14:15:57 +0000 https://original.jupiterbroadcasting.net/?p=26941 We’ve got an exclusive look at Lightworks, one of the most anticipated software launches in desktop Linux history. We’ll share our first thoughts!

The post Lightworks Preview | LAS | s24e04 first appeared on Jupiter Broadcasting.

]]>



We’ve got an exclusive look at Lightworks, one of the most anticipated software launches in desktop Linux history. We’ll share our first thoughts on how this award winning video editor is shaping up.

Plus some good news for those of you not running Ubuntu but still want some Steam, and some highlight clips from the Ubuntu Developer Summit that just wrapped up.

You’ll hear straight from the horse’s mouth why Valve is supporting Linux, how closely Canonical is working with Valve, and why Ubuntu is dropping Alpha’s and a beta!

Then we top that off with some gaming news, Fedora’s challenges, and the climax of the EXT4 corruption drama.

AND SO MUCH MORE!

All this week on, The Linux Action Show!

Thanks to:

GoDaddy.com


Limited time offer:
SPECIAL OFFER! SPECIAL OFFER! .COMs just $5.99* per year up to 3 domains! Additional .COMs just $7.99* per year! – code: 599linux

BONOUS ROUND PROMO:

Save 20% off your order!
Code: go20off6

Download:

HD Video | Mobile Video | Ogg Video | MP3 Audio | Ogg Audio | YouTube | Torrent File

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Feed | Ogg Feed | iTunes Feeds | Torrent Feed

Support the Show:

Purchase anything at Amazon.com Purchase anything at Think Geek using this link Purchase anything at Newegg using this link Contribute directly on our donation page or check out our advertising options and reach millions of amazing people! Grab our Chrome Extension and auto-tag your shopping session for us!

Show Notes:

Lightworks for Linux Preview:




Brought to you by: System76

• Editshare Admit ‘Communication Issues’ Over Lightworks Linux Alpha

Runs Linux:

• The UbiCast, Runs Linux

Android Pick:

• AndroVid Video Trimmer
• Android Picks so far thanks to Madjo in the IRC Chat room!

Desktop App Pick:

• Everpad 2.1
• Picks so far
• Madjo

Distro Of The Day

• Pear Linux 6

Search our past picks:

• Linux Action Show Lookup
• Thanks to sakuramboo!

Git yours hands all over our STUFF:

• Jupiter Broadcasting Afiliate Extensions
• Callisto-app – Google Project Hosting
• Quick Update to the Jupiter Broadcasting Android App

News:

• Valve Talk ‘Steam for Linux’, Give Beta Access to Attendees

• Steam Linux Beta will have Portal, Team Fortress 2 and Serious Sam 3: BFE

• Valve: Linux More Viable Than Windows 8 for Gaming

• Valve’s Drew Bliss at UDS-R: “Ubuntu was the very obvious choice”

• Drew Bliss from Valve:
  • Status of Steam: https://youtu.be/vNrrpnPlBrk?t=17m2s – 17:18
  • Why Linux & Why Ubuntu: https://youtu.be/vNrrpnPlBrk?t=17m46s – 19:16
  • Valve will not block other distros: https://youtu.be/vNrrpnPlBrk?t=28m35s – 29:18
• Jason Warner Ubuntu Desktop Manager:
  • How is the Ubuntu Desktop team working with Valve? https://youtu.be/Sp4E5iuGJl4?t=2m55s – 4:22

• Jupiter Broadcasting Steam Group

• Ubuntu To Drop Alpha Releases, Promises More Stable Development

• The Reason Ubuntu is Droping Betas: https://youtu.be/iQl6qR9yJzk?t=12m9s

• Ubuntu Contributor Channel – YouTube

• Ext4 bug patched

• Re: Apparent serious progressive ext4 data corruption bug in 3.6.3 and other stable branches?

• Theodore Ts’o – Google+ – UPDATE: See update below; it now looks like this was caused…

• Theodore Ts’o – “Phoronix, alas, has perpetrated another example of irresponsible journalism.”

+Fedora 18 Is Challenged By Yet Another Delay
+ he Top Features Of Fedora 18 “Spherical Cow”

• Kickstarter and Game Development: Highlighting Games Coming to Linux Part 1
• Kickstarter and Game Development: Highlighting Games Coming to Linux Part 2
• Kickstarter and Game Development: Highlighting Games Coming to Linux Part 3

Feedback:

• Join Unfilter LIVE on Election night: 6pm PST / 9pm EST / 2am UTC

• Ohio LinuxFest is looking for a Volunteer Coordinator

• Join the Jupiter Broadcasting Steam Group and play with fellow LAS viewers when Steam is released for Linux

• Starting with the basics and OwnCloud

• Handy Arch Tip

• ZFS on Linux

• Confused about Bootloaders

• F-Droid for free only apps

Proxmox or Ubuntu on the Nexus 7 next week?




Chris’ Stash:

• Unfilter is looking for foreign correspondents!

What’s Matt Doin?

• Protecting Your Ubuntu Desktop
• Writing about Linux, sometimes, even asking tough questions
• Offering newbie centric advice, in my articles

Find us on Google+

• Chris
• Matt Hartley
• Jupiter Broadcasting’s Page

Find us on Twitter:

• Chris – ChrisLAS
• Matt – matthartley

Follow the network on Facebook:

• Jupiter Broadcasting on Facebook

Catch the show LIVE Sunday 10am Pacific / 1pm Eastern / 6pm UTC:

• https://jblive.tv
• Network Calendar

The post Lightworks Preview | LAS | s24e04 first appeared on Jupiter Broadcasting.

]]> https://original.jupiterbroadcasting.net/26536/breaking-dkm-techsnap-81/ Thu, 25 Oct 2012 19:41:52 +0000 https://original.jupiterbroadcasting.net/?p=26536 How an aviation blogger unlocked the secrets of the TSA’s barcode, and a serious bug in the Linux Kernel.

The post Breaking DKIM | TechSNAP 81 first appeared on Jupiter Broadcasting.

]]>



How an aviation blogger unlocked the secrets of the TSA’s barcode, if you’re a Barnes and Noble shopper we’ve got a story you need to hear, and a serious bug in the Linux Kernel.

Plus a batch of your questions, and our answers.

All that and so much more, in this week’s TechSNAP.

Thanks to:

GoDaddy.com

Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

BONOUS ROUND PROMO:

Get your .COMs just $5.99 per year up to 3 domains! Additional .COMs just $7.99 per year!
CODE: 599tech

Expires 10/31/12

SPECIAL OFFER! Save 20% off your order!
Code: go20off5

Pick your code and save:
techsnap7: $7.49 .com
techsnap10: 10% off
techsnap11: $1.99 hosting for the first 3 months
techsnap20: 20% off 1, 2, 3 year hosting plans
techsnap40: $10 off $40
techsnap25: 25% off new Virtual DataCenter plans
techsnapx: 20% off .xxx domains

 

Direct Download: HD Video | Mobile Video | MP3 Audio | Ogg Audio | YouTube | HD Torrent | Mobile Torrent RSS Feeds: HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feeds | Torrent Feed

 

Support the Show:

Purchase anything at Amazon.com Purchase anything at Think Geek using this link Purchase anything at Newegg using this link Contribute directly on our donation page or check out our advertising options and reach millions of amazing people! Grab our Chrome Extension and auto-tag your shopping session for us!

   


Show Notes:

Get TechSNAP on your Android:

• Callisto – Android App
• Jupiter Broadcasting – Android App by ShaneQful

Browser Affiliate Extension:

• Jupiter Broadcasting Affiliate Extensions for Chrome and Firefox

Barnes and Noble POS Terminals compromised, debit card pin numbers stolen

• Barnes and Noble discovered on Sept 14th that a number of the PIN Pads for its Point of Sales system had been compromised
• Barnes and Noble did not go public with the information until this week at the request of investigators
• Tampered PIN Pads were found in 63 stores all over the country, including California, Connecticut, Florida, Illinois, Massachusetts, New Jersey, New York, Pennsylvania, and Rhode Island
• The retailer reported that only about 1% of their PIN pads had been tampered with, but when the compromise was discovered on Sept 14th, they disconnected all PIN pads at their 700 stores
• It appears that a coordinated criminal enterprise infected PIN pads with malware that would record credit/debit card numbers and PIN numbers
• B&N recommends that you change your debit card PIN number and watch your debit and credit accounts for unauthorized transactions
• Online purchases were not affected
• Official Announcement from Barnes and Noble

---

Avaition Blogger finds that he can determine what security screening he will get from this boarding pass

• Frequent Flyer John Butler wrote a blog post this week, after he was able to determine what level of security screening he was going to be subjected to at the airport by reading the unencrypted barcode on his boarding pass
• This raises the possibility that terrorist or smuggling groups could buy multiple tickets, then check each and use the ones that subjects them to the less intense screening process
• The barcodes also appear to lack any form of MAC (Message Authentication Code), to protect them from unauthorized modification
• It is unclear if a modified barcode would work, or if it is checked against a central database
• It is illegal under US law to tamper or alter a boarding pass
• The vulnerability appears to be confirmed by reading the specifications for the system published by the IATA (International Air Transport Association)
• Every airport I’ve been through (YYZ, YHM, YYC, CDG, WAW, AMS) has not had any way to avoid the screening process, it appears that only the TSA allows you to pass through security without the basic screening. I have been randomly selected for additional screening (chemical residue test) twice

---

Serious bug in Linux kernel results in EXT4 data corruption

• A bug was accidently introduced in Linux Kernel version 3.6.2, and then backported into 3.4 and 3.5
• The bug has to do with the way the superblock and journal are updated, and can result in extensive data corruption, especially if a filesystem is unmounted shorted after it was mounted
• A patch was posted, but was found to not fully solve the problem, so a second patch was posted later
• Kernel 3.4.x is reaching end of life, and may not get an official patch

---

Dreamhost decides to change its SSH keys without notifying customers

• DreamHost, a large shared web hosting provider, generated new SSH keys for all of its servers on Wednesday
• DreamHost claims it is the “result of a security maintenance which we are performing to prevent exploitation of weak or outdated keys”
• It seems like an excessive step, unless one or more of the SSH host private keys were compromised, in which case that is huge security news
• If the keys were compromised, this means that someone could impersonate the DH server and log the login attempts, capturing valid username and password combinations
• DreamHost made a number of mistakes:
• Not giving users a heads up about the change before it happened, no email was sent, just a blog post that users were directed two when they contacted support about the error message
• The blog post encourages users to just delete the old SSH key from their known_hosts and accept the new one, without verifying its authenticity
• DreamHost did not publish a list of the fingerprints of the new keys, so that customers could verify the authenticity of the new keys they are presented with when they connect
• The purpose of SSH fingerprints is to verify the identity of the remote host, they work in much the same way as SSL certificates except that there is no central certificate authority, it is up to the user to verify the identity of the key the first time. The main goal is to notify the user if the key suddenly changes, suggesting that you are not infact connecting to the intended server, but to some other server that may be trying to get your credentials or perform a man-in-the-middle attack on you
• An attacker that is able to perform a man-in-the-middle attack during a time when a user is willing to just ignore the security warning (or even, take the additional steps OpenSSH requires before allowing you to accept a new key), could be very successful

---

Mathematician finds that Google and others were using weak keys for DKIM

• Mathematician Zachary Harris got an email from a Google headhunter for a job as a Site Reliability Engineer
• Seeing as he is not an expert in that field, he assumed that the email was a phishing scam
• He examined the headers, and determined that it was signed with the proper DKIM keys, appearing to actually be from Google
• DKIM (DomainKeys Identified Mail), is a process where all outbound email is cryptographically signed with a private key, that can then be verified against a public key published in DNS, such that only emails that are actually from the domain can be signed with the key, it is a common anti-spam and anti-phishing mechanism
• He noticed that Google was only using 512bit keys for DKIM,
• Harris explored other sites and found the same problem with the keys used by Amazon, Apple, Dell, eBay, HP, HSBC, LinkedIn, Match.com, PayPal, SBCGlobal, Twitter, US Bank and Yahoo
• He found keys in 384, 512 and 768 bits, despite the fact that the DKIM standard calls for a minimum of 1024 bit keys
• A 384-bit key can factor on a laptop in 24 hours, while a 512-bit keys can be factored in about 72 hours using Amazon EC2 for around $75
• In 1998 it was an academic breakthrough of great concerted effort to crack a 512 bit key. Today anyone can do it by myself in 72 hours on AWS

---

Feedback:

• How do you keep your Linux (and BSD) servers (safely) up to date?
• How to host multiple web servers behind a single external IP?
• FreeBSD on the Raspberry Pi?
• How does FreeBSD Jail Networking…. Work?
• ISP birding by routing through a VPS?
• Sean wants to say THANKS!

While having lunch at EuroBSDCon, a FreeBSD developer recognized me from the Linux Action Show. He just so happened to be one of the main USB developers, and proceeded to correct (yell at) me. He recently expended a great deal of effort to improve support for webcams and other USB devices under FreeBSD 9.1 (and therefore PC-BSD as well). As further evidence of this, once we were done talking, someone walked up and handed him a USB ethernet adapter that was not supported, a hardware donation to drive development.

• Allan and Stefan speaking at EuroBSDCon 2012 another
• Shots of the conference: 1 2 3 4

Roundup

• Apple removes Java from all OS X Web browsers
• Facebook publishes modified version of Open Compute hardware spec to work with regular leased datacenter space
• Diigo Emergency Announcement – Domain Hijacked
• Chinese Telco manufacturer Huawei offers access to its source code to allay security concerns
  
• Demo of “serious” networking vulnerabilities cancelled at HP’s request
• US says it will retaliate against cyber attacks, if it can figure out how, and who did it…
• Obama agrees to exclude social networks for new Cyber Security plans
• CyanogenMod Android ROM accidently logged your swipe to unlock gestures

The post Breaking DKIM | TechSNAP 81 first appeared on Jupiter Broadcasting.

]]> https://original.jupiterbroadcasting.net/19962/fedora-17-review-las-s22e01/ Sun, 27 May 2012 13:04:08 +0000 https://original.jupiterbroadcasting.net/?p=19962 Is Fedora the crazy dancing hippy of Linux distributions? Or just two guys with one Hat? Tune in to find out!

The post Fedora 17 Review | LAS | s22e01 first appeared on Jupiter Broadcasting.

]]>



Is Fedora the crazy dancing hippy of Linux distributions? Or just two guys with one Hat? Tune in to find out!

PLUS: Our thoughts on Linux Mint 13 and how to stash your home folder on it’s own partition!

AND SO MUCH MORE!

All this week on, The Linux Action Show!

Thanks to:

GoDaddy.com
Limited time offer:
New customers 25% off your entire order, code: 25MAY8
Expires: May 31, 2012
Want to save money on your entire order? Use our code LINUX and save 10%!
Direct Download:
HD Video | Mobile Video | Ogg Video | MP3 Audio | Ogg Audio | YouTube | Torrent File
RSS Feeds:
HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Feed | Ogg Feed | iTunes Feeds | Torrent Feed
Support the Show:
Purchase anything at Amazon.com Purchase anything at Think Geek using this link Purchase anything at Newegg using this link Contribute directly on our donation page or check out our advertising options and reach millions of amazing people! Grab our Chrome Extension and auto-tag your shopping session for us!
Show Notes:
Runs Linux:
Runs Linux:
• This Cadillac Is Powered by Linux
Android Pick:
• Poop Salary
• Thanks ToasterJ!
• Android Picks so far thanks to Madjo in the IRC Chat room!
Universal Pick:
• Miro
• Picks so far. Thanks to Madjo!
Random Distro Of The Day
• Hybryde
Linux Action Show Subreddit
• Linux Action Show Subreddit
Search our past picks:
• Linux Action Show Lookup
• Thanks to sakuramboo!
News:
• Linux 3.4 Kernel Released With Many New Features
• Linux Mint 13 “Maya” released!
• No-cost desktop software development is dead on Windows 8
• ownCloud 4 is OUT!
• Fedora 17 goes gold
Fedora 17 Review:
• The Fedora 17 release criteria: “The install completes, the installed system works”
• LVM out of the box + Solid advanced installation options are nice to see compared to Ubuntu
• No Chromium? Is this the 1930s?
• GNOME 3.4
• Linux Kernel 3.3
• Top features for “desktop” users of Fedora 17
• ABRT back-trace de-duplication service to reduce the number of duplicate bug reports submitted automatically upon experiencing a crash
• A tool for customizing fonts on a per language-basis on desktops using fontconfig
• Haskell Platform 2011.4
• Support for EXT4 file-systems beyond 16 terabytes in size
• A Non-Uniform Memory Alignment Daemon
• Virtualization sandbox support
• Supporting OpenStack’s Quantum virtual networking service
• Fedora now uses the Unified structure of organizing the file system. It means, that several directories like “/bin”, “/lib” and “/sbin” have been moved to “/usr/bin” etc. respectively.
What’s Bryan Doin?
• The “Build Something Fun And Win Some Pi” Contest
• BLABA Game Creator
• The Complete History Of The Linux Action Show (abridged)
Chris’ Stash:
• Security Theater Critics | Unfilter
Find us on Google+
• Chris
• Bryan
• Jupiter Broadcasting’s Page
Find us on Twitter:
• Chris – ChrisLAS
• Bryan – BryanLunduke
Matt’s How-to:
Dedicated Home Partitioning
As you discussed during the howto segment, there is a bit flexibility to setting up your partitions. When setting up partitions for Ubuntu, I recommend the following setup.
1. Choose Try Ubuntu, then run Gparted.

2. If you have two drives attached, you will have two drives available from the pull down menu. Select the one you wish to use for your / and swap.

3. Right click select on the unallocated space, choose new.

4. With the new dialog open, choose the Ext4 file system, Extended partition, and place swap in the label. For the partition size, choose double the amount of your RAM. If you have 2 Gbs of RAM (2048 Mbs), then make the swap 4 Gbs. This will make you suspending your PC much smoother and lessen the likelihood of system crashing on resume. Leave the other options alone, click Add.

5. Still with the system drive selected, next you’ll right click on the unallocated space and choose new.

6. For the partition size, choose the remainder of the space available for that drive. This will be the larger unallocated space available, of the two visible. Select Primary partition, and place / in the label. Leave the other options alone, click Add.

7. Now go back to top right of Gparted and toggle the second drive you’ve decided to use as a /home partition.

8. For the partition size, choose the remainder of the space available for that drive. This will be the larger unallocated space available, of the two visible. Select extended partition, and place /home in the label. Leave the other options alone, click Add.

9. With all of this done, click the green check mark at the top of Gparted. This will apply all of your settings changes.

10. Start the installer. Click on continue until you come to the Erase everything or Something Else options. Choose Something Else.

11. You will now see different partitions laid out before you. Below the drive designations, you will see actual “free space” areas, broken up into three sections. The smallest, is your swap. The other two will be your / and /home options.

12. The smallest free space, should be at the top of the list. Click it, then click on Add.
    The only option you change here is the pulldown menu to select Swap Area. Then click Ok.

13. The next free space in the list, should be the one I designated as the system partition. Click it, then click on Change. The only options you change here is the Use As Ext4, toggle format and the pulldown menu to select to / . Click Ok.

14. The last one in the list, is going to be for /home. Click it, then click on Add. Now select the mount point as /home. Click Ok. NOTE: The home partition should only be selected to format is it’s brand new. For future installs, you will want to click on it in this dialog, make sure format is NOT selected, in the future.

15. Make sure at the bottom of the dialog box, you’ve chosen to place the bootloader in the system selected hard drive. While we can also rely on the /boot option in partitioning, it’s rarely used for home systems.

16. Now choose Install Now. You’re all done!
Follow the network on Facebook:
• Jupiter Broadcasting on Facebook
Jupiter Broadcasting Forum:
• Jupiter Colony
Catch the show LIVE Sunday 10am Pacific / 5pm UTC:
• https://jblive.tv
• Network Calendar
The post Fedora 17 Review | LAS | s22e01 first appeared on Jupiter Broadcasting.
]]>