Electron could be the Adobe Air we all hoped for. At least Microsoft, Github, Docker, and others think so. But is it all hype? We debate Electron’s potential, and review Visual Studio Code which is built on-top of Electron.

Has Agile become a failure? We discuss what can lead to a failed Agile development implementation, and some secrets to success.

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

MP3 Audio | OGG Audio | Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | Video Feed | Torrent Feed | iTunes Audio | iTunes Video

Become a supporter on Patreon:

Show Notes:

Dev Hoopla

The Failure of Agile
Disney’s Evil

Electron

Electron
What? Why? When?
Atom Shell is now Electron
Atom Blog

Visual Studio Code

Thoughts After a full week of use
Rails Support
Themes
Bottom Line

The post Bearded Buzzwords | CR 153 first appeared on Jupiter Broadcasting.

The first big release of LXQt is out, and we give it our first look. Where does this minimal desktop fit? And is it taking a direct shot at XFCE’s crown?

Plus the community demonstrates their passion to Unreal, FireFox OS news AND do YOU trust Btrfs?

All this week on, The Linux Action Show!

Thanks to:

Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | Ogg Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Feed | Ogg Feed | iTunes Feeds | Torrent Feed

— Show Notes: —

LXQt First Look:

Brought to you by: System76

Stefan Wrote in: LXQt, the next Generation???

It has been almost a year since the Razor-qt project and the LXDE-Qt
project decided to merge. Since then, the LXQt desktop has been under
active development by 13 developers and dozens of contributors and
translators.

Aaron Seigo wrote

[with LXQt focus on low system requirements KDE is] able to focus on Plasma as a full-featured, multi-device offering, it shows how collaboration can bring great rewards. How much more exciting than Yet Another Fork with little to no chance of long term survival!”

• LXDE, Razor-Qt merge to create awesome LXQt project | Muktware

• The inclusion of PCManFM-Qt, the Qt port of LXDE\’s desktop and file manager

• An all-new modular architecture, allowing users and maintainers to
  easily swap out components of the desktop for third party apps.

• Ongoing work on Qt 5 compatibility. Most of our components already
  build on Qt 5!

• Ongoing work on Wayland support. Some components, including
  PCManFM-Qt, can run on Wayland if QtWayland is available.

• Several performance improvements

• Experimental Raspberry Pi support

• Partial FreeBSD support

Some Numbers About LXQt for Those Who Are Curious | LXDE Blog

Test environment is the latest Debian stable installed in VirtualBox with 512 MB of RAM and 1 CPU core assigned. After cold boot, the memory usage is as follows.

• Plain Openbox only: 58 MB
• XFCE: 89 MB (with default configuration of Debian)
• LXDE (gtk+ 2 version): 78 MB (add 20 MB to openbox)
• LXQt: 95 MB (add 37 MB to openbox)

Next-Gen Linux Desktop \’LXQt\’ Available to Test on Ubuntu Through PPA

Bright Future:

Jerome Leclanche writes

“The KDE Project has, in their efforts in building the modular KDE Frameworks, opened new doors for Qt developers working with desktop libraries. KF5 libraries may soon power some LXQt components!

Though it’s not a GTK Holy War

It does not really matter for users what toolkit you’re using given the final result works. Let’s save some time not arguing which is better and focus on what we can do with them.

• Siduction LXQt Dev Release

The released image, that is only available for 64-bit for now is a snapshot of Debian unstable, that also goes by the name of Sid, from 2014-05-08. They are enhanced with the lightweight LXQt desktop environment, some useful packages and scripts, our own installer and a custom patched version of the linux-kernel 3.14-3, accompanied by X-Server 1.15.1.

— Picks —

Runs Linux

Flying 3D printer, Runs Linux

Desktop App Pick

Atom

Atom is an open source \”hackable text editor for the 21st Century\” developed by GitHub, which is currently in beta.

• Atom under MIT

Today, we\’re excited to announce that we are open-sourcing Atom under the
MIT License.

• Install Atom Text Editor In Ubuntu Via PPA
• AUR (en) – atom-editor

Weekly Spotlight

KaOS | A lean KDE Distribution

KaOS is a build from scratch distribution, every package in every repository is build by and for KaOS. By July 2013 the initial goal of about 1500 packages was reached.

— NEWS —

New Unreal Tournament Game Will Be Available For Linux, Free

It also goes to show how they also believe in Linux to release their engine and new flagship game on Linux.

They want to involve the community in it as much as possible and see what people want from it. They have asked you to go to their forum and let rip on what you want.

Speaking on cost they said it themselves that it will be free. It\’s not \”free 2 play\”, it\’s just 100% free (and no I don\’t mean open-source). That\’s absolutely crazy to have a game as high calibre as Unreal Tournament being free.

They mentioned they will start with Deathmatch and that the game has only started today, so it\’s a long way off.

• The Future of Unreal Tournament Begins Today

From the very first line of code, the very first art created and design decision made, development will happen in the open, as a collaboration between Epic, UT fans and UE4 developers. We\’ll be using forums for discussion, and Twitch streams for regular updates.

Development will be focused on Windows, Mac and Linux.

• Community ports UE4 Linux editor before Epic can

• Epic Games Unreal Engine 4 DEMO! – Inside Gaming GDC 2013 – YouTube

GNOME Wayland Is Approved For Fedora 21

The Wayland change for Fedora 21 is about better supporting GNOME Wayland sessions. Fedora 20 already brought experimental GNOME Shell Wayland support while Fedora 21 is building upon more polished support thanks to upstream improvements landing with GNOME 3.14 due out in September.

It\’s not for sure yet that a Wayland-based environment would replace the X.Org Server by default for Fedora 21, but at least the support will be in good standing.

In time for Fedora 21 will also be X.Org Server 1.16 which integrates basic XWayland support for running X11 applications atop Wayland without requiring separate X.Org patches.

XBMC 13.0 Gotham Released

• Linux: XBMC now cooperates nicely with the pulseaudio server and provides real pulseaudio support;
  • Linux: Improved VAAPI and VDPAU support;
  • Linux: added VA-API (libva) support for decoding videos with larger resolutions than 1080p (such as 4K resolution);

ZTE Starts Sales of Open C Firefox OS Phone on eBay

ZTE announced today that sales of the ZTE Open C Firefox OS phone have started on eBay. Targeted at first time smartphone users and early adopters wanting to try out Firefox OS, the Open C offers a 3MP camera and 4-inch WVGA screen, and is the first commercially available phone running the latest version of Firefox OS.

• First Phone with Firefox OS 1.3 Hits Ebay Priced at $100

The ZTE Open C boasts:

• 4-inch 800 x 480 touchscreen display
• A dual-core 1.2 GHz CPU
• 512 MB of RAM
• 3-megapixel camera
• 4 GB of on board storage

— Feedback —

• Celebrate Coder Radio Episode 100

• MS Office Coming to Linux?

• BTRFS Experiment

• Straw Poll: Do you trust critical data to Btrfs?

— Chris\’ Stash —

• jupiterbroadcasting on Instagram

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— What’s Matt Doin? —

• Check out LINUX Unplugged

• Should You Upgrade to Ubuntu 14.04?

• Fez – Part 2 | Geek And The Gamer

— Find us on Google+ —

• Chris
• Matt Hartley
• Jupiter Broadcasting’s Page

— Find us on Twitter —

• Chris – ChrisLAS
• Matt – matthartley

— Follow the network on Facebook: —

• Jupiter Broadcasting on Facebook

— Catch the show LIVE Sunday 10am Pacific / 1pm Eastern / 6pm UTC: —

• https://jblive.tv
• Network Calendar

The post LXQt the Xfce Killer? | LAS 312 first appeared on Jupiter Broadcasting.

Preventing data at rest from rotting, Microsoft puts out the warning signal on RC4, and the International Space Station gets infected by malware.

Plus a fantastic batch of your questions, our answers, and much much more!

Thanks to:

Show Notes:

6 in 10 malware analysts in US have investigated or addressed a data breach that was never disclosed by their company

• “The independent blind survey of 200 security professionals dealing with malware analysis within U.S. enterprises was conducted by Opinion Matters on behalf of ThreatTrack Security in October 2013”
• “These results indicate that known data breaches may be significantly underreported and are putting customers and partners at risk”
• “according the survey, companies with more than 500 employees are even more likely to have had an unreported breach”
• A device used by a member of senior management is most likely to be infected by:
• Clicking on a malicious link in a phishing email (56%)
• Allowing a family member to use a company-owned device (45%)
• Visiting a pornographic website (40%)
• Installing a malicious mobile app (33%)
• “When asked to identify the most difficult aspects of defending their companies\’ networks from advanced malware, 67% said the complexity of malware is a chief factor; 67% said the volume of malware attacks; and 58% cited the ineffectiveness of anti-malware solutions.”

Microsoft tells developers to drop RC4 from their applications

• They also recommend against using SHA-1, and will stop recognizing the validity of SHA-1 based certificates after 2016
• “Since 2005 there have been known collision attacks (where multiple inputs can produce the same output), meaning that SHA-1 no longer meets the security standards for a producing a cryptographically secure message digest”
• Additional Coverage
• Jacob Appelbaum: RC4 is broken in real time by the #NSA – stop using it.

International Space Station infected by malware

• The Malware came aboard on a USB stick carried by a Russian Astronaut
• “Kaspersky revealed that Russian astronauts carried a removable device into space which infected systems on the space station. He did not elaborate on the impact of the infection on operations of the International Space Station (ISS).”
• “Kaspersky said he had been told that from time to time there were \”virus epidemics\” on the station.”
• Until recently, the dozens of laptops on the ISS all ran Windows XP
• Kaspersky also revealed that an unnamed Russian nuclear facility, which is also cut off from the public internet, was infected with the infamous Stuxnet malware.
• “Russian security expert Eugene Kaspersky has also told journalists that the infamous Stuxnet had infected an unnamed Russian nuclear plant and that in terms of cyber-espionage \”all the data is stolen globally… at least twice.\””
• Additional Coverage

Feedback:

• Did you guys do a segment on Cryptlocker? I would really like to watch that

• FreeBSD as transparent DNS?

• Data Integrity

• New Job Blues

Round Up:

• While the FAA will allow passengers to use Kindles during flight, European regulators will allow 3g and 4g broadband
• Backblaze Blog » How long do disk drives last?
• Skype investigating adding ‘typing suprression’
• Cisco threatening the open switch design coming from Facebook, Intel and Broadcom
• GCHQ created fake LinkedIn to comprimise specific users’ information
• Amazon offering virtualized workspaces started at $35 per month
• Netflix and Youtube now make up 50.2% of US traffic during peak time
• XSplit does password reset after apparent compromise

The post Predicting Drive Failures | TechSNAP 136 first appeared on Jupiter Broadcasting.

What does a post Ubuntu world look like, which distro would rise to the top? Our specially crafted team of armed and dangerous Linux users weigh in.

PLUS: Rise up against your bearded distro gatekeepers! If you\’re an experienced Linux user, it might be time to break out of your distro box and help push upstream forward.

Thanks to:

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed | WebM Torrent Feed

— Show Notes: —

FU

• Learning the nuts and bolts

• RE: The Ubuntu Situation

• Some comments from \”The Ubuntu Situation\”

• Canonical\’s problem: Extraordinary Vision, Crippling Hubris, Underwhelming Execution

The Big Picture for Linux

• The Linux Action Show’s Ubuntu 13.10 Review

• Coder Radio 71: The Back Story to Chris’ Dash Woes

• I use old crusty Debian Stable and I love it

• It\’s not just about updates breaking stuff, it\’s about general stability, compatibility, functionality

The Linux desktop is easily still a good 5 years behind Windows and OSX and without LTS Linux wouldn\’t even be in the ballpark.

Linux outlasts Any Distro, Experienced End-Users Should Embrace that.

Watching the events around Ubuntu unfold it\’s once again teaching us something that anyone who\’s watched Linux for a long time, has noticed, but like my self, refuses to fully accept it. Many (maybe all? In the grand scheme) die or change for the worse.

And yet many Linux users are afraid of a \”raw\” Linux experience without the protection of their distro masters. They fear total system havoc without some bearded keeper of the repo gates preventing mass chaos from entering their system during some random update.

Four months into using Arch as my daily driver, in production and play, has taught me a big lesson. Not about how l33t Arch is, or that Wiki\’s can actually not suck, but that upstream is amazing. The near real time work that is being done is inspiring and encouraging to watch and enjoy.

Some examples of cutting edge:

• \’Corebird\’ – New GTK3-based Twitter App In Development
• \’Polari\’ – An Awesome New IRC App for GNOME

Maybe there is a case to be made, that if you, like me, often enjoy toying with computer instead of playing a video game, then perhaps it in Linux and all upstream code\’s best future interests to try and live outside the box a little.

• irrationalNumber comments on Ubuntu 13.10 Review | LAS s29e02

I\’ve spent a lot of time with each of the main-line distros (Debian, Fedora, Gentoo, Arch, openSUSE, Slackware), and I have to say that if I weren\’t using Arch, I really don\’t know what else I would use.

Mail Sack:

• In Defense of KDE

Chris points out that Gene wanted the Enterprise to be clean, and streamlined. Because the technology had become so perfected by that point it was natural and comfortable to use.

• Good and Bad Advice for Linux Noobs

The post The Ubuntu Hangover | LINUX Unplugged 10 first appeared on Jupiter Broadcasting.

A zero day flaw has Microsoft scrambling, and the banking hack that only requires a nice jacket.

Then it’s a great big batch of your questions, our answers, and much much more!

On this week’s TechSNAP.

Thanks to:

— Show Notes: —

Crooks Hijack Retirement Funds Via Social Security Administration Portal

• Traditional SSA fraud involves identity thieves tricking the beneficiary’s bank into diverting the payments to another account, either through Social Security’s 800 number or through a financial institution, or through Treasury’s Direct Express program
• The newer version of this fraud involves the abuse of the SSA’s my Social Security Web portal
• The SSA added the ability to change direct deposit information via their my Social Security Web portal. Shortly thereafter, the agency began receiving complaints that identity thieves were using the portal to hijack the benefits of individuals who had not yet created an account at the site.
• As of August 23, 2013, the SSA has received 18,417 allegations of possibly fraudulent mySocialSecurity account activity.
• There is no suggestion that SSA’s systems have been compromised; this is an identity theft scheme aimed at redirecting existing benefits, often to prepaid debit cards.” – via Jonathan Lasher, assistant inspector general for external relations at the SSA’s Office of Inspector General.
• Banks usually will alert customers if the beneficiary account for SSA payments is changed. But she said those communications typically are sent via snail mail.
• Many customers will overlook such notices.
• If you receive direct deposits from the Social Security Administration but haven’t yet registered at the agency’s new online account management portal, now would be a good time take care of that.
• Because it’s possible to create just one my Social Security account per Social Security number, registering an account on the portal is one basic way that consumers can avoid becoming victims of this scam.
• In Canada, registering on the Canada Revenue Agency’s website, requires information from your previous years tax returns, and an activation code is snail mailed to you

Microsoft warns of a 0day in all versions of Internet Explorer, working on a patch for IE 6 – 11

• The flaw in question makes remote code execution possible if you browse to a website containing malicious content for your specific browser type
• Actively being exploited against IE8 and 9
• Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll.
• The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
• The company is offering the following workarounds and mitigations:
• Apply the Microsoft Fix it solution, \”CVE-2013-3893 MSHTML Shim Workaround,\” that prevents exploitation of this issue. Note: This ‘fixit’ solution only works for 32bit versions of IE
• Set Internet and local intranet security zone settings to \”High\” to block ActiveX Controls and Active Scripting in these zones.
• Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and local intranet security zones.
• CVE-2013-3893
• Additional Coverage

Cyber Police Arrest 12 Over Santander Bank Heist Plot

• The Metropolitan Police’s Central e-Crime Unit (PCeU) has arrested 12 men as part of an investigation into an “audacious” plot to take control of a Santander Banking computer.
• The PCeU is committed to tackling cyber-crime and the damage it can cause to individuals, organisations and the wider economy.”
• According to the police, the group sent a man in dressed as a maintenance engineer, who managed to attach a IP-KVM (keyboard video mouse) device to a machine in the bank, allowing the attackers to remotely carry out actions on the computer
• The men, aged between 23 and 50, were arrested yesterday, whilst searches were carried out addresses in Westminster, Hounslow, Hillingdon, Brent, Richmond and Slou

Feedback

• Worried about listentobitcoin.com Malware

• FreeNAS NFS Mount FAIL

10.1.10.254:/mnt/fart /mnt/nfs nfs auto,noatime,nolock,defaults,user=1001 0 0

• Fingerprint reader and Software vs Hardware RAID

• I have several questions for the double show. I hope you\’ll discus them all.

• DNS + Rasberry Pi Questions

• Contacts Sync

Round Up:

iOS 7 Swamps the Internet

• Traffic Spotlight: iOS 7 Pre-Launch
• iOS7 release traffic

• iOS 7 downloads causing network outages at several school campuses, activation server failures

• Hackers crowdfund bounty to hack iPhone 5S fingerprint scanner

• Netflix exec: Canada’s broadband caps “almost a human rights violation”
• Abandoned NHS IT system costing British tax payers over 10 billion GBP
• Today we announce OpenZFS: the truly open source successor to the ZFS project.
• pfSense 2.1-RELEASE now available!
• SSD failure rate only 1.5% per year, compared to 5% for HDDs
• USB Condoms now for sale, protect your devices from evil charging ports
• Honey docs – Service creates fake documents on your computer, and notifies you if anyone ever tries to access them
• Schneier on Security: New NSA Leak Shows MITM Attacks Against Major Internet Services

The post Gentlemen, Start Your NGINX | TechSNAP 128 first appeared on Jupiter Broadcasting.

RAM Prices are getting hot, we’ll tell you why.

Plus the router flaw you need to know about, a pfSense disaster, your questions our answers, and much much more.

On this week’s TechSNAP!

Thanks to:

— Show Notes: —

Hynix factory in China suffers damage in Fire. RAM prices shoot up

• The factory in Wuxi, China is responsible for 40 – 50% of Hynix’s output and 12 – 15% of all DRAM manufacturing capacity around the globe
• The fire started at 07:50 GMT and was extinguished at 09:20 GMT
• The fire apparently started while Hynix was installing some new equipment
• There was only one minor injury during the file
• Hynix has suspended operations at the plant while it evaluates the damage and makes repairs
• “Following news of the shutdown all memory suppliers have apparently stopped quoting prices”
• Reuters followup article
• Hynix reports that the damage is not as bad as initially reported, the huge plumes of black smoke were caused by the fact that the fire was in the air purification system
• Shares in Hynix’s competitors rose sharply, but then slackened off once it was reported that the damage was not severe. Micron shares were up 4 percent to $14.615 at midday Thursday, after surging almost 9 percent at one point. Sandisk was up 2.3 percent at $56.60, after climbing 6 percent at its peak.
• Samsung had 32.7 percent of the global DRAM market in the second quarter, Hynix 30 percent and Micron owned 12.9 percent
• Hynix has published a statement: \”Currently, there is no material damage to the fab equipment in the clean room, thus we expect to resume operations in a short time period so that overall production and supply volume would not be materially affected\”
• DRAM chip prices nearly doubled in the first six months of this year due to tight supply during the summer, prices had been starting to return to normal but this event will undoubtedly keep them inflated for some time to come

Amazon looking to hire 100 IT staff who can get Top Secret security clearance to work on CIA private cloud

• After IBM won a lawsuit to restart the bidding to decide who would build the CIA’s private cloud, Amazon has started a new recruiting drive
• The job openings include: software developers, operations managers and cloud support engineers, among others
• Candidates must meet all requirements to get a Top Secret security clearance, including passing a federally administered polygraph exam
• “Amazon\’s hiring effort includes an invitation-only recruiting event for systems support engineers at its Herndon, Va., facility on Sept. 24 and 25. “
• In filings, Amazon is claiming that it is uniquely qualified to deliver ‘cloud computing’, while analysts have responded by saying that Cloud computing \”simply describes one approach to data center asset provisioning, one that has been around and been practiced by vendors including IBM for many years\”
• The government originally accepted Amazon’s bid at $148 million over the IBM bid at $93 million
• Part of the problem was the way the government wrote the original RFP
• “The vendors were required to address hypothetical scenarios. In one instance, it involved the processing of 100 terabytes of data. But the scenario was ambiguous, and the vendors priced it in different ways, making it impossible to compare prices”
• Analysts also said that the CIA \”too casually brush off Amazon\’s outages\” when considering their bid
• Amazon\’s effort to get government cloud work includes being certified by the U.S. under its Federal Risk and Authorization Program, or FEDRAMP.

Kingcope finds vulnerabilities in Mikrotik routerOS sshd

• Mikrotik RouterOS uses ROSSSH rather than OpenSSH
• Kingcope found that ROSSSH is vulnerable to a remote pre-authentication heap corruption
• ShodanHQ shows that there are nearly 300,000 devices running ROSSSH
• There is an undocumented built-in user account, you can login as ‘devel’ using the admin password, if the file /etc/devel-login exists
• By sending a login name consisting of the letter A 100,000 times, you can crash the ssh daemon
• Exploitation of this vulnerability will allow full access to the router device

Feedback:

• FreeBSD 10\’s removal of GNU

  • Why FreeBSD Deprecated GCC

• pfsense goes down in flames

• IP Leak Follow up

• Hard drive diagnostics before installing FreeNAS ?

• Setting up your own private certificate authority?

• Create a Public Key Infrastructure Using the easy-rsa Scripts – ArchWiki

• Data Recovery business

• Linux Drive Recovery | LAS s27e10

Round up:

• Security researcher releases MegaPWN, displays your Mega private master key and RSA exponent – Just as Mega announces new email service to replace Lavabit and SilentCircle
• The search engine was invented 20 years ago
• Hilariously bad video about the power of IP KVM
• Building a VNC client in 200 lines of javascript (node.js)
• Unusual TOR growth continues, over 1 million new clients, important updates released to try to help the network scale
• NetworkWorld tries out Huawei’s first enterprise managed switch for the North American market – Good power consumption and acceptable performance, but a few rough spots
• The NSA hacks other countries by buying millions of dollars’ worth of computer vulnerabilities
• Godaddy sysadmin blog explains why you shouldn’t cluster your database based on GUIDs
• MyOpenID service shutting down due to lack of adoption
• Intel launches new i7 4690X extreme edition processor. 6x 3.6ghz with turbo up to 4.0ghz – confusingly named, other i7 4*** series are the new Haswell, which features better single core performance at the same clock speeds
• Thoughts on Snowden from a Counterintelligence Agent

The post Random Access Fires | TechSNAP 126 first appeared on Jupiter Broadcasting.

A treasure trove of data was found on an open FTP site, leaving AMI BIOS users open to attack.

Plus a look at PunkSPIDER, a batch of your questions, and so much more!

On this week’s of TechSNAP.

Thanks to:

GoDaddy.com Use our code hostdeal4 to score economy hosting for $1 a month, for one year. 35% off your ENTIRE order just use our code go35off4 until the end of the month!

Support the Show: