Show Notes: techsnap.systems/429

The post Curious About Caddy | TechSNAP 429 first appeared on Jupiter Broadcasting.

Show Notes: techsnap.systems/427

The post Gigahertz Games | TechSNAP 427 first appeared on Jupiter Broadcasting.

Show Notes:

techtalk.today/279

The post Tech Talk Today 279 first appeared on Jupiter Broadcasting.

Video Feed | MP3 Feed | HD Torrent | iTunes

Become an Unfilter supporter on Patreon:

— Show Notes —

Links:

• Judge Andrew Napolitano: The incredible new chapter in the Hillary Clinton chronicles | Fox News
• Exclusive: Secret witness in Senate Clinton probe is ex-lobbyist for Russian firm | Article [AMP] | Reuters
• ‘What About Bill?’ Sexual Misconduct Debate Revives Questions About Clinton – The New York Times
• Kaspersky: Yes, we obtained NSA secrets. No, we didn’t help steal them | Ars Technica
• Keystone pipeline spills 210,000 gallons of oil on eve of permitting decision for TransCanada – The Washington Post
• How Trump walked into Putin’s web | News | The Guardian
• Pentagon Says It’s Staying In Syria, Even Though ISIS Appears Defeated : Parallels : NPR
• This Is The FBI Informant For Uranium One | The Daily Caller
• Cannabis is Canada’s moment to lead the world – The Globe and Mail
• Page not found – Anonymous
• No, We Didn’t Just See The First Marijuana Overdose Death
• Trump administration updates demands as NAFTA talks continue – LA Times
• Trump administration threatens to shut down Palestinian delegation in Washington – LA Times
• The Uncounted – The New York Times
• ‘I Want This for George’ – POLITICO Magazine
• Special counsel sends wide-ranging request for documents to Justice Department
• Kushner’s attorney accuses senators of playing ‘gotcha’
• Al Franken: Second woman accuses senator of groping her in 2010
• Eight women say Charlie Rose sexually harassed them — with nudity, groping and lewd calls – The Washington Post
• paul mcleary on Twitter: “There are over 1,700 US troops in Syria, including over 600 Marines. A few more than the 500 total the DoD has claimed, Pentagon documents s… https://t.co/FAtO0rDU1R”
• Three CBS employees accuse Charlie Rose of sexual harassment – CBS News
• Charlie Rose fired by CBS, PBS and Bloomberg over sexual misconduct allegations – NBC News
• ‘CBS This Morning’ is ‘begging’ Oprah to fill in for Charlie Rose | Page Six
• Political media engulfed by sexual harassment crisis | TheHill
• CNN Senior Reporter Apologizes For Tweet on Sexual Harassment
• In Yemen’s “60 Minutes” Moment, No Mention That the U.S. Is Fueling the Conflict
• 60 Minutes, barred from Yemen, still got the footage – CBS News
• How Yemen’s civil war is starving its children – 60 Minutes Videos – CBS News
• Amazon.com: The Master Switch: The Rise and Fall of Information Empires (Audible Audio Edition): Tim Wu, Marc Vietor, Audible Studios: Books

The post What if Net Neutrality Dies? | Unfilter 260 first appeared on Jupiter Broadcasting.

HD Video Feed | MP3 Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Net Neutrality – mail your Congressional Reps and Senators & state

governor – do not email or fax them. Put it in the mail.

• FYI, but mail them instead: Redditor shares a text bot that will send a fax to your state representative, senators, and governor, with message to fight for net neutrality

• Net Neutrality subreddit

• Hacker News: what can you do to help net neutrality

Security Alerts from GitHub

• define dependencies in one of the supported manifest file types, like package.json or Gemfile.

• similar to FreeBSD vuxml database – uses dependencies already listed in each FreeBSD port

here are over a billion outdated Android devices in use

• It’s common knowledge that Android device tend to be more out of date than iOS devices, but what does this actually mean?

• People sometimes compare Android to Windows XP because there are a large number of both in the wild and in both cases, most devices will not get security updates. However, this is tremendously unfair to Windows XP, which was released on 10/2001 and got security updates until 4/2014, twelve and a half years later.

• Another difference between Android and Windows is that Android’s scale is unprecedented in the desktop world. The were roughly 200 million PCs sold in 2017. Samsung alone has been selling that many mobile devices per year since 2008.

• If we look at the newest Android release (8.0, 8/2017), it looks like you’re quite lucky if you have a two year old device that will get the latest update. The oldest “Google” phone supported is the Nexus 6P (9/2015), giving it just under two years of support.

• But even with the data we have, we can take a guess at how many outdated devices are in use. In May 2017, Google announced that there are over two billion active Android devices. If we look at the latest stats (the far right edge), we can see that nearly half of these devices are two years out of date. At this point, we should expect that there are more than one billion devices that are two years out of date! Given Android’s update model, we should expect approximately 0% of those devices to ever get updated to a modern version of Android.

• Project Treble

Flight rules for git

A guide for astronauts (now, programmers using git) about what to do when things go wrong.

• Flight Rules are the hard-earned body of knowledge recorded in manuals that list, step-by-step, what to do if X occurs, and why. Essentially, they are extremely detailed, scenario-specific standard operating procedures. […]

• NASA has been capturing our missteps, disasters and solutions since the early 1960s, when Mercury-era ground teams first started gathering “lessons learned” into a compendium that now lists thousands of problematic situations, from engine failure to busted hatch handles to computer glitches, and their solutions.

• What did I just commit?

• I wrote the wrong thing in a commit message

• I committed with the wrong name and email configured

• I want to remove a file from a commit

Feedback

• Dan announces he is leaving the show.

• postgres and shared memory

• containers vs VM

Round Up:

• StartCom gets out of the certificates business – some background

• Massive US military social media spying archive left wide open in AWS S3 buckets

• ZFS from a MySQL perspective

• Announcing Prometheus 2.0

  • Node Exporter
  • Installation overview of node_exporter, prometheus and grafana

• The 3-Minute SQL Indexing Quiz That 60% Fail

The post Neutral Nets | TechSNAP 346 first appeared on Jupiter Broadcasting.

RSS Feeds:

MP3 Feed | Video Feed | iTunes Feed

Become a supporter on Patreon:

Links

• XPS 13 Developer Edition
• rikailp – Twitch
• GeekGamerTV – Twitch
• MNGrrl comments on FCC Now Says There Is No Documented ‘Analysis’ of the Cyberattack It Claims Crippled Its Website in May
• Verizon accused of throttling Netflix and YouTube, admits to “video optimization”
• FCC Now Says There Is No Documented ‘Analysis’ of the Cyberattack It Claims Crippled Its Website in May
• Open Internet
• Super Nintendo Entertainment System: Super NES Classic Edition – Official site

The post Selling Your Soul | User Error 18 first appeared on Jupiter Broadcasting.

HD Video Feed | MP3 Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Cisco’s Talos Intelligence Group Blog: Player 3 Has Entered the Game: Say Hello to ‘WannaCry’

FCC Filings Overwhelmingly Support Net Neutrality Once Anti-Net Neutrality Spam is Removed

• Net Neutrality II: Last Week Tonight with John Oliver (HBO)

• Because of a procedural quirk, the FCC will not be considering any comments on the issue of net neutrality that are submitted over the next week or so.

• https://youtu.be/qI5y-_sqJT0 — follow up video

Feedback

• IPv6 only

• ZoL and other Linux Filesystems

Round Up:

• Ways in which the WannaCry ransomware could have been much worse

• Postmortem for outage of us-east-1

• 1.9 million Bell customer email addresses stolen by ‘anonymous hacker’ – Technology & Science – CBC News

• Appcanary – Everything you need to know about HTTP security headers

• GitHub – schollz/howmanypeoplearearound: Count the number of people around you by monitoring wifi signals

The post Kill Switch Engage | TechSNAP 320 first appeared on Jupiter Broadcasting.

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Internet privacy

• The House just voted to wipe out the FCC’s landmark Internet privacy protections

• Vote Summary

• Who represents You in the U.S. Congress

• Five Ways Cybersecurity Will Suffer If Congress Repeals the FCC Privacy Rules

• A VPN can stop internet companies from selling your data — but it’s not a magic bullet

• How ISPs can sell your Web history—and how to stop them

Alleged vDOS Owners Poised to Stand Trial

• Police in Israel are recommending that the state attorney’s office indict and prosecute two 18-year-olds suspected of operating vDOS, until recently the most popular attack service for knocking Web sites offline.

• On Sept. 8, 2016, KrebsOnSecurity published a story about the hacking of vDOS, a service that attracted tens of thousands of paying customers and facilitated countless distributed denial-of-service (DDoS) attacks over the four year period it was in business. That story named two young Israelis — Yarden Bidani and Itay Huri — as the likely owners and operators of vDOS, and within hours of its publication the two were arrested by Israeli police, placed on house arrest for 10 days, and forbidden from using the Internet for a month.

• According to a story published Sunday by Israeli news outlet TheMarker.com, the government of Sweden also is urging Israeli prosecutors to pursue formal charges.

• Law enforcement officials both in the United States and abroad say stresser services enable illegal activity, and they’ve recently begun arresting both owners and users of these services.

ZFS is what you want, even though you may not know – Dan talks about why he likes ZFS

• The following is an ugly generalization and must not be read in isolation
• Listen to the podcast for the following to make sense
• Makes sysadmin life easier
• treats the disks as a bucket source for filesystem
• different file system attributes for different purposes, all on the same set of disks
• Interesting things you didn’t know you could do with ZFS

Feedback

• Dealing with waste heat

• PostgreSQL vs MySQL

The following were referenced during the above Feedback segments:

• Dan has bought custom & standard size air filters for computers from these folks

• Dan’s first MySQL post from January 2000

• 17-Year-Old Corrects NASA Mistake In Data From The ISS

• Dan’s first PostgreSQL post from September 2000

Round Up:

• Setting the Record Straight: containers vs. Zones vs. Jails vs. VMs

• Dishwasher has directory traversal bug

• Apple Says It Fixed CIA Vulnerabilities Years Ago

• Data breach disclosure 101: How to succeed after you’ve failed

• LastPass releases fix browser extension security flaws

• Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs

• 17-Year-Old Corrects NASA Mistake In Data From The ISS

• That Time I Trolled the Entire Internet

• Dan’s external Nagios instance

The post Privacy is Dead | TechSNAP 312 first appeared on Jupiter Broadcasting.

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

Brought to you by: Linux Academy

What’s Next for LAS

• 6 episodes of LAS after this episode.
• Chris gone next week, driving to Texas

• Linux Action Show goes to Dell, and why.

• Noah and Special Guest the week I am gone.

• Then live from Dell, plus inside look at all their Linux.

Live From Dell

• Chris and Noah go to Austin
• Meet the teams behind Sputnik, Servers/Cloud, IoT, networking, HPC.
• Meet up with Texas JB community members.
• Going to try and vlog the entire thing
• Rover Tracker will be LIVE again

Final LAS

• Final LAS May 7th Live at LinuxFest Northwest 2017
• Please come join us and hang out!

What’s New:

• Two new shows, one revival
• User Error relaunch, with more the Linux content that was cut to hold for LAS.

Linux News Show, with Chris Fisher and Joe Ressington

• Live Sunday’s during LAS’ old time slot.
• Going to add a new voice, and more focus on one of the most liked segments of LAS.
• Released to the LAS rss feeds, and its own dedicated YouTube channel.
• More details to come.

Ask Noah

• Launching April 3rd
• New user content, howtos, and questions answered.
• Simulcasted on KEQQ 88.3 LPFM
• Ask Noah Show
• Telegram Group

We’re going to do our best

• This will mean more, and better weekly Linux content.
• We’re creating new content, with better focus, that better reflects the kind of stuff we are passionate about making.
• We know we will lose some of you, please remember how hard we’ve worked every Sunday for a decade when you flame us.
• We know we could lose sponsors and Patrons too.
• If you grok what we are doin, we are going to need your help more than ever

— PICKS —

Runs Linux

Crashed Display in Walmart, Runs Linux

• LILO for bootloader
• SysVinit-2.78-15.i386 RPM

Build date: Wed Apr 4 15:06:04 2001

• thanks to twiggy99999 for the link

Desktop App Pick

Best password manager for iOS, Android, Windows, Linux, Mac

Secure them with Enpass password manager

— NEWS —

GNOME 3.24 Release Notes

GNOME 3.24 is the latest version of GNOME 3, and is the result
of 6 months’ hard work by the GNOME community. It contains major new
features, as well as many smaller improvements and bug fixes. In total, the
release incorporates 28459 changes, made by approximately 753
contributors.

• Firefox Sync Support Is Coming to GNOME Web – OMG! Ubuntu!

Ubuntu 17.04 (Zesty Zapus) Final Beta Released with Linux Kernel 4.10, Mesa 17.0

Canonical released today, as expected, the Final Beta of the upcoming Ubuntu 17.04 (Zesty Zapus) operating system, due for release on April 13, 2017, along with the rest of the opt-in flavors, such as Kubuntu, Xubuntu, Lubuntu, Ubuntu GNOME, etc.

• Ubuntu MATE 17.04 Beta 2

We’re absolutely chuffed to bits to announce, what is quite possibly,
the best Ubuntu MATE beta we’ve ever released. We didn’t participate
in the Beta 1 so we have quite the change log from Alpha 2 that was
released in January. We still have some fixes to land for the themes
but overall this release is shaping up to be really great.

• 99900 – [NVC1] nouveau: freeze / crash after kernel update to 4.10

Xorg is now crashing whenever my monitors are going to sleep (happens always in my lunch time) – after returning its crashed and i need todo a hard reset to get the gpu running again.

State of Linux on the MacBook Pro 2016

The following document provides an overview about Linux support for the Apple
MacBook Pro 2016 line.

Stack Overflow Developer Survey 2017

Linux Desktop was the most loved platform. Sharepoint was the most dreaded. And finally, more developers wanted to work with Android this year than any other platform.

Senate votes to let ISPs sell your Web browsing history to advertisers

The US Senate today voted to eliminate broadband privacy rules that would have required ISPs to get consumers’ explicit consent before selling or sharing Web browsing data and other private information with advertisers and other companies.

Private Internet Access, a VPN provider, takes out a full page ad in the @nytimes calling out 50 senators #Broadbandprivacy pic.twitter.com/Gg62Fwycb7

— Zuri Berry (@zuriberry) March 26, 2017

• US Senate votes to allow sale of people’s browsing history without consent

Following the vote, Senator Ed Markey said “ISP” should stand for “information sold for profit,” and “invading subscriber privacy,”

How ISPs can sell your Web history—and how to stop them

So what has changed for Internet users? In one sense, nothing changed this week, because the requirement to obtain customer consent before sharing or selling data is not scheduled to take effect until at least December 4, 2017. ISPs didn’t have to follow the rules yesterday or the day before, and they won’t ever have to follow them if the rules are eliminated.

Feedback

Re: our call out for engagement

• We know not all, maybe even the majority are very active on social networks/reddit.
• We are making a plea to those that are, those that reshare and are active. Help us please.

Feedback Takeaways

• Each feedback medium reflects the era of the show when it was created to a degree.

• r/las: Turns into a mob after a couple of days, misses our replies, accuses us of not replying. Often critical of Noah, tends to be nostalgic of the past.

• Telegram: Loves Noah, mostly likes the show as is. Most of them have suggestions/ideas. All of which seem the best so far. Say I’ll keep following whatever you do.

• Email: A lot of love, def some strong ideas for change.

• Twitter: Mixed bag, but majority is positive.

• YouTube: Similar to the r/LAS.

• Patreon: Positive, and encouraging.

Catch the show LIVE SUNDAY:

• Noon Pacific
• https://jblive.tv
• Network Calendar

— CHRIS’ STASH —

Chris’s Twitter account has changed, you’ll need to follow!

Chris Fisher (@ChrisLAS) | Twitter

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— NOAH’S STASH —

Noah’s Day Job

Altispeed Technologies

Contact Noah

noah [at] jupiterbroadcasting.com

Find us on Twitter

• Chris – ChrisLAS
• Noah – Kernellinux
• Altispeed Technologies
• System76 – system76

The post The Final Countdown | LAS 462 first appeared on Jupiter Broadcasting.

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Announcing the first SHA1 collision

• Not just Google on this, they worked with CWI

• SHA1 is a Cryptographic hash function

• SHA-1 was developed as part of the U.S. Government’s Capstone project. The original specification of the algorithm was published in 1993

• two PDFs that have identical SHA-1 hashes but different content

• Lifetimes of cryptographic hash functions – by Valerie Aurora

• Git fscked by SHA-1 collision? Not so fast, says Linus Torvalds – Attack is hard, discovery is easy, so fix it right
  rather than right now

• Suggestion: Don’t panic. Things aren’t suddenly going to become vulnerable. Take your time, review your systems looking for SHA-1 usage and evaluate the risk, but best to get it of it all if you have not already.

CloudBleed

• Affects millions of websites, literally.

• Google Project Zero

• Could someone from cloudflare security urgently contact me. – 0011 UTC – 18 Feb 2018 UTC 0011

• bug report on chromium.org – 17:15 UTC – 19 Feb 2017

• Corpus distillation? What is that?

• Incident report on memory leak caused by Cloudflare parser bug 23 Feb 2017

• My work here is done 9:24 PM – 23 Feb 2017

• HIPPA implications

• List of Sites possibly affected by Cloudflare’s #Cloudbleed HTTPS Traffic Leak

Feedback

• Transmission Permission Follow-up (see original question in episode 305

• Dan’s pfSense box

Round Up:

• Hello False Flags! The Art of Deception in Targeted Attack Attribution – see also False Flag and Perfidy

• Researchers exfiltrate data by blinking the LEDs on the hard drives

• ZFS based replication and failover script from bolthole.com – note: ksh required

• FCC reverses net neutrality ISP transparency rules

• security analysis on the most popular Android password manager applications

• AWS service status about s3 outage couldn’t be updated b/c of s3

• Data from connected CloudPets teddy bears leaked and ransomed, exposing kids’ voice messages

The post Cloudy with a Chance of Leaks | TechSNAP 308 first appeared on Jupiter Broadcasting.

A potential solution to Ransomware, the 15 year bug that cost CitiGroup $7 Million dollars, Dropbox’s new middle out compression & another flaw that affects all versions of Windows.

Plus your questions, our answers, a packed roundup & more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

CitiGroup hit with $7 million fine over software bug dating back to 1999

• CitiGroup, a large US Financial institution, is being fined for failing to properly report to the US Securities and Exchange Commission (SEC)
• According to the SEC, the error [PDF] resulted in the financial regulator being sent incomplete “blue sheet” information for a remarkable 15 years – from May 1999 to April 2014.
• The bank was required to send details of all stock transactions, and due to a bug, a number of branches were never included in those reports
• The details are quite amusing
• “The mistake was discovered by Citigroup itself when it was asked to send a large but precise chunk of trading data to the SEC in April 2014 and asked its technical support team to help identify which internal ID numbers they should run a request on.”
• “That team quickly noticed that some branches’ trades were not being included in the automated system and alerted those above them. Four days later a patch was in place, but it wasn’t until eight months later that the company received a formal report noting that the error had affected SEC reports going back more than a decade. The next month, January 2015, Citigroup fessed up to the SEC.”
• “It turned out that the error was a result of how the company introduced new alphanumeric branch codes. When the system was introduced in the mid-1990s, the program code filtered out any transactions that were given three-digit branch codes from 089 to 100 and used those prefixes for testing purposes.”
• So any transaction with a branch code in that range, was considered test data, and not reported to the government
• “But in 1998, the company started using alphanumeric branch codes as it expanded its business. Among them were the codes 10B, 10C and so on, which the system treated as being within the excluded range, and so their transactions were removed from any reports sent to the SEC.”
• “The SEC routinely sends requests to financial institutions asking them to send all details on transactions between specific dates as a way of checking that nothing untoward is going on. The coding error had resulted in Citigroup failing to send information on 26,810 transactions in over 2,300 such requests.”
• “The SEC was not impressed and said in a statement announcing the fine that the “failure to discover the coding error and to produce the missing data for many years potentially impacted numerous Commission investigations.””
• “Broker-dealers have a core responsibility to promptly provide the SEC with accurate and complete trading data for us to analyze during enforcement investigations,” said Robert Cohen, co-chief of the SEC enforcement division’s market abuse unit. “Citigroup did not live up to that responsibility for an inexcusably long period of time, and it must pay the largest penalty to date for blue sheet violations.”
• 7 Million seems like a relatively small fine for such a large screw up, but it does not appear to have been malicious.

New system to detect ransomware by looking at filesystem patterns

• “Our system is more of an early-warning system. It doesn’t prevent the ransomware from starting … it prevents the ransomware from completing its task … so you lose only a couple of pictures or a couple of documents rather than everything that’s on your hard drive, and it relieves you of the burden of having to pay the ransom,” said Nolen Scaife, a UF doctoral student and founding member of UF’s Florida Institute for Cybersecurity Research.
• “Attacks most often show up in the form of an email that appears to be from someone familiar. The recipient clicks on a link in the email and unknowingly unleashes malware that encrypts his or her data. The next thing to appear is a message demanding the ransom, typically anywhere from a few hundred to a few thousand dollars.”
• “It’s an incredibly easy way to monetize a bad use of software,” said Patrick Traynor, an associate professor in UF’s department of computer and information science and engineering at UF and also a member of the Florida Institute for Cybersecurity Research. He and Scaife worked together on developing CryptoDrop.
• “We ran our detector against several hundred ransomware samples that were live,” Scaife said, “and in those case it detected 100 percent of those malware samples and it did so after only a median of 10 files were encrypted.”
• “About one-tenth of 1 percent of the files were lost,” Traynor said, “but the advantage is that it’s flexible. We don’t have to wait for that anti-virus update. If you have a new version of your ransomware, our system can detect that.”
• Video – Extortion extinction: Ransomware
  
• It seems like it would be fairly trivial to detect the pattern that ransomware uses. I imagine most ransomware creates a new file, named original.ext.locked and then encrypts the contents of the original file, then removes the original
• It is possible newer ransomware could use new patterns, like renaming files and overwriting in place, or encrypting files in random order instead of walking the directory tree to make it harder to detect
• Additional Coveragge: Phys.org

Dropbox open sources Lepton image compression algorithm, save 22% by losslessly compressing JPEGs

• “Lepton achieves a 22% savings reduction for existing JPEG images, by predicting coefficients in JPEG blocks and feeding those predictions as context into an arithmetic coder. Lepton preserves the original file bit-for-bit perfectly. It compresses JPEG files at a rate of 5 megabytes per second and decodes them back to the original bits at 15 megabytes per second, securely, deterministically, and in under 24 megabytes of memory.”
• Speed seems very slow, compression is 5 MB/s, and decompression is 15 MB/s
• It is not clear if the encoding can be multithreaded across many cores to increase speed, like xz can do. Even without that, in most cases you would be dealing with many image files at once, but even compressing many files at once, that is quite slow
• “We have used Lepton to encode 16 billion images saved to Dropbox, and are rapidly recoding our older images. Lepton has already saved Dropbox multiple petabytes of space.”
• The article has a very good description of how JPEG encoding works
• “The DC coefficient (brightness in each 8×8 block) takes up a lot of room (over 8%) in a typical iPhone photograph so it’s important to compress it well. Most image formats put the DC coefficients before any AC coefficients in the file format. Lepton gets a compression advantage by coding the DC as the last value in each block. Since the DCs are serialized last, there is a wealth of information from the AC coefficients available to predict the DC coefficient. By defining a good and reproducible prediction, we can subtract the actual DC coefficient from the predicted DC coefficient, and only encode the delta. Then in the future we can use the prediction along with the saved delta to get the original DC coefficient. In almost all cases, this technique results in a significantly reduced number of symbols to feed into our arithmetic coder.”
• “Lepton can decompress significantly faster than line-speed for typical consumer and business connections. Lepton is a fully streamable format, meaning the decompression can be applied to any file as that file is being transferred over the network. Hence, streaming overlaps the computational work of the decompression with the file transfer itself, hiding latency from the user.”
• Because it can be streamed, this means that mobile devices could work via a proxy, that compresses all JPEG content before transmitting it to the mobile device, then an application on the mobile device could decompression it and display the resulting JPEG

Flaw in Windows Printing subsystem affects all versions of Windows

• “A remote code execution vulnerability exists when the Windows Print Spooler service does not properly validate print drivers while installing a printer from servers. An attacker who successfully exploited this vulnerability could use it to execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”
• “Most organizations try to apply the principle of least privilege to the devices in their networks. This works pretty well for things like laptops or desktops since the hardware they use doesn’t change that often. However printers are a bit different. While they still need drivers, printers need to support virtually any user that wants to connect to them. As end-users move through a building, they naturally want to use the printer closest to them. Mobile users expect to be able to easily connect and use a printer when they come into the office. In addition, most organizations don’t standardize on a single printer, and will have multiple models and manufacturers often within a single network.”
• “So instead of having system administrators push all possible printer drivers to all workstations in the network, the solution was to develop a way to deliver the driver to a user device right before the printer is used. And this is where Point-and-Print showed up. This approach stores a shared driver on the printer or print server, and only the users of that printer receive the driver that they need. At first glance, this is a practical and simple solution to driver deployment. The user gets access to the printer driver they need without requiring an administrator – a nice win-win.”
• “By default, in corporate networks, network admins allow printers to deliver the necessary drivers to workstations connected to the network. These drivers are silently installed without any user interaction and run under the SYSTEM user, with all the available privileges.”
• The researchers managed to dissect a firmware update for an existing printer, and modify it to infect Windows clients that load its driver with malware
• The malware allowed them access to the target Windows client, as the SYSTEM user
• They detail a number of other ways this vulnerability could be exploited:
• Watering hole attacks:
• Backdooring an existing printer or printer server.
• Microsoft print server: driver path: c:\windows\system32\spool\drivers*\3...
• Linux/BSD cups server: check for share driver print$ in the configuration.
• Multiple vendors support Point-and-Print on the printer itself
• Re-flash printer with backdoored drivers.
• Create a fake print server and broadcast with auto discovery.
• Privilege escalation:
• Use the add printer as a privileged escalation mechanism to get system access.
• Mitm attack to the printer and inject the backdoored driver instead of the real one.
• Going more global with IPP and Webpnp. Send users email with a link, when clicked, it attempts to connect to the (fake?) printer in question, and results in the driver being installed on the target computer
• There is more detail in the blog post about infecting a computer remotely
• Researcher blog post
• Microsoft released a fix for this vulnerability as part of the July patch Tuesday
• Official Microsoft Bulletin
• Additional Coverage: softpedia

Feedback:

• How secure is the passphrase?

• FreeNAS On the Go

• https://www.zfsbook.com — FreeBSD Mastery: Advanced ZFS

Round Up:

• Microsoft wins landmark appeal over seizure of foreign emails
• Over 6000 redis installs found exposed directly to the Internet with no authentication
• Comcast Expands Usage Caps
• From the researcher who brought us the MD5 collision story last week, “Bypass AllTheThings”, 5 Application Whitelisting bypasses for Windows in one binary
• BitTorrent Launches News Network at Republican Convention
• Sega Saturn DRM cracked, 23 years after launch. Play games from USB
• MIT’s anonymous online communications protocol Riffle could beat Tor at its own game
• NBC/Universal patents new way to detect bittorrent swarms. Originally applied for in 2009, not clear if the technology is current or useful
• Tor Project, a Digital Privacy Group, Reboots With New Board
• New password reuse checking tool. Enter your username and password and see which sites it is reused on.
• Terms of Mozilla/Yahoo deal from 2014 say that if Yahoo is sold, and Mozilla doesn’t like the new owner, they still get paid $375 million/year until 2019, even if they switch search/advertising to someone else
• WebhostingTalk.com and other forums breached, databases for same on underground forum
• Database left open to internet with no authentication, researcher able to access images of various doors, locks, RFID access panels, and the controller board of an alarm system

The post Ending Ransomware | TechSNAP 275 first appeared on Jupiter Broadcasting.

It’s a good day for net Neutrality, Microsoft is getting competitive with Chrome & the DMCA is ugly & busted.

Plus a 3d Printed bus, Marvin gets named & our Kickstarter of the week!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Video Feed | Torrent Feed

Become a supporter on Patreon

Show Notes:

Links

• U.S. Appeals Court Upholds Net Neutrality Rules In Full
• Microsoft shows how bad Chrome is for your laptop’s battery
• BitTorrent, Inc. Separates Out Sync Business to Focus on Media
• Google Sees DMCA Notices Quadruple In Two Years
• NASA Electric Research Plane Gets X Number, New Name
• Olli, a 3D printed, self-driving minibus, to hit the road in US

Kickstarter of the Week

• LELO HEX

The post Winning with Lelo Hex | TTT 249 first appeared on Jupiter Broadcasting.

Facebook pushes back that it’s been hacked, the PS4 has been jailbroken & Congress snuck a surveillance bill into the federal budget last night.

Plus the FCC wants to talk to T-Mobile and AT&T about their sponsored data plans & our Kickstarter of the week!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Video Feed | Torrent Feed

Become a supporter on Patreon

• FauxShow SWAG for the Holidays

Show Notes:

— Episode Links —

• Developer Claims ‘PS4 Officially Jailbroken’ – Slashdot
• The Netflix Tech Blog: Per-Title Encode Optimization
• Regulators want to talk to AT&T, Comcast and T-Mobile about sponsored data – The Washington Post
• Congress snuck a surveillance bill into the federal budget last night | The Verge
• Instagram HACKED! Researcher Hacked Into Instagram Server and Admin Panel
• Man arrested in toymaker hack that exposed data for millions of kids | Ars Technica
• Windows’ authentication ‘flaw’ exposed in detail • The Register

Kickstarter of the Week:

• Fleye – Your Personal Flying Robot by Fleye — Kickstarter

Fleye is a whole new kind of drone. Safe, fun and autonomous. Invent the future of flying robots thanks to its open API and SDK.

The post Instahacked & Jailbroken | TTT 227 first appeared on Jupiter Broadcasting.

We start from a town that has no internet and reflect on how quickly the last 8 years of progress feel very distant, then discuss the recent extreme examples of companies challenging Net Neutrality. Ballmer says Windows Phones should run Android apps & maybe he’s right?

Google’s Chromebooks make up half of US classroom devices. As parents, are we comfortable with Google having a lifetime of history on our kids?

Plus some follow up on a previous Kickstarter of the week with a special guest, the likely conclusion to a five year old tech story & the inside scoop on the Jupiter Broadcasting SWAG for the Holidays giveaway!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Video Feed | Torrent Feed

Become a supporter on Patreon

Show Notes:

— Episode Links —

• Town that has no cell phone service loses its primary Internet provider | Ars Technica
• AT&T vs. FCC, net neutrality: AT&T says it’s had to kill ideas | BGR
• Comcast Tests Net Neutrality By Letting Its Own Streaming Service Bypass Usage Caps | Techdirt
• Windows Server 2016 moving to per core, not per socket, licensing | Ars Technica
• Ballmer: Microsoft Mobile Should Focus On Android Apps Not Universal Apps – Slashdot
• Google’s Chromebooks make up half of US classroom devices
• Sticky disc makes any watch a smartwatch – BBC News
• Samsung finally agrees to pay Apple $548 million, with a few caveats | The Verge
• PopcornTimeCE/desktop · GitHub

The post Children of the Chromebook | TTT 225 first appeared on Jupiter Broadcasting.

We traveled to Denver Colorado to meet the folks behind System76, tour their office & record a live show on location. Join us as we go behind the scenes of a dedicated Linux hardware manufacture.

Plus Linux goes to space, Firefox OS has a new trick, the good news for open source router firmware & more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | OGG Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

Brought to you by: System76

LAS Visits System76

• System76 – Ubuntu Laptops, Desktops, and Servers

System76 is a Denver, Colorado-based computer manufacturer specializing in the sale of notebooks, desktops, and servers. They are notable for their support of open-source software, only offering Ubuntu as the installed operating system.

The #system76fan roundtable discussion has begun! @ubuntu @thelinuxgamer @brianfagioli @ChrisLAS pic.twitter.com/6WHFxm43Sw

— System76 (@system76) November 13, 2015

#system76fan winners sit down with Dr.Emma to find out if they are human, robot, or cyborg. pic.twitter.com/s4Tuq6D6DI

— System76 (@system76) November 13, 2015

Playing NXS game created by Kevin Kane. this was a lot of fun. check it out at https://t.co/oqjD442J73 pic.twitter.com/ygHRuIF8Aj

— System76 (@system76) November 13, 2015

Video games with #system76fan winners! Fun challenging the @thelinuxgamer while he's here with us! @steam_games pic.twitter.com/6rYXMLLFhi

— System76 (@system76) November 13, 2015

System76 girls pose with the incredibly talented Helena. #creatormakerbuilder #womenintech https://t.co/Pp9sl2RBoI pic.twitter.com/wJ10fevT87

— System76 (@system76) November 13, 2015

— PICKS —

Runs Linux

Son’s Lego Robotics Club RUNS LINUX!

9 nine year old son wanted to join the Lego Robotics club

Hey guys, I’ve got a runs Linux for you. My 9 nine year old son wanted to join the Lego Robotics club at his elementary school. Because it is a volunteer-run program, I got roped into it. I ended up actually teaching the program and have been having a great time teaching the kids how to program their Lego EV3 robots. There are 12 kids in the group and the school district was supposed to configure 6 Apple laptops with the Lego programming software for us to use. Wouldn’t you know, there were some bureaucratic issues getting the laptops set up. Luckily, since my friends and family know I like to tinker with computers, I have 6 laptops at the house, most of which had been given to me because they had issues, that I subsequently fixed. Poking around in the menus on the Lego robot, I saw that the robot ran Linux (see attached pic). Honestly, I had more than half expected they would run Linux. Imagine my dismay when I went to the Lego website to download the software to write the programs to control the robots, only to discover that the Lego software was only available for Mac and Windows! So I spent a couple of evenings updating the Windows installs on the dual boot machines, and reinstalling Windows on the Linux-only machines, and for the last 6 weeks the kids have been downloading their robot controller programs from Windows machines onto the Linux robots. So the Lego EV3 robots run Linux, and the kids have been having a blast.

Regards
Ed

Desktop App Pick

TiddlyWiki

Have you ever had the feeling that your head is not quite big enough to hold everything you need to remember?

Welcome to TiddlyWiki, a unique non-linear notebook for capturing, organising and sharing complex information.

Use it to keep your to-do list, to plan an essay or novel, or to organise your wedding. Record every thought that crosses your brain, or build a flexible and responsive website.

Weekly Spotlight

Novacut

• Novacut – direct to fan TV & film, plus the tools to help artists win

Novacut is a collaborative video editor that aims to bring the agile, distributed workflow pioneered by free software to professional movie and TV production

— NEWS —

International Space Station Planning for Linux

Keith Chuvala of United Space Alliance, a NASA contractor deeply involved in Space Shuttle and International Space Station (ISS) operations, decided to migrate to Linux. As leader of the Laptops and Network Integration Teams, Chuvala oversees the developers in charge of writing and integrating software for the Station’s “OpsLAN” – a network of laptops that provide the ISS crew with vital capabilities for day-to-day operations, from telling the astronauts where they are, to inventory control of the equipment used, to interfacing with the cameras that capture photos and videos.

Let’s Encrypt Public Beta: December 3, 2015

Let’s Encrypt will enter Public Beta on December 3, 2015. Once we’ve entered Public Beta our systems will be open to anyone who would like to request a certificate. There will no longer be a requirement to sign up and wait for an invitation.

Our Limited Beta started on September 12, 2015. We’ve issued over 11,000 certificates since then, and this operational experience has given us confidence that our systems are ready for an open Public Beta.

• Let’s Encrypt on Linux Crazy Easyt

If you have Apache web server on Debian-based Linux Distribution, you can try the Apache module with automated renewal and installing:

Firefox OS 2.5 Developer Preview, an experimental Android app

• Add-ons: Just like the add-ons we’ve come to love in desktop browsers, Firefox OS add-ons can extend just one app, several, or all of them, including the system app itself.
• Private Browsing with Tracking Protection: A new Firefox privacy feature, Tracking Protection allows users to control how their browsing activity is tracked across many sites.

• Pin the Web: Pin the Web removes the artificial distinction between web apps and web sites and lets you pin any web site or web page to your home screen for later usage.

• Firefox OS Preview Android App

Introducing Firefox OS 2.5 Developer Preview, an experimental app that lets you use Firefox OS on your Android device.

The next big Gnome thing

Alex’s incredible work with xdg-app is a subject that gets talked about a lot, but it really can’t be emphasised how significant it is for GNOME as a project.

FCC: We aren’t banning DD-WRT on Wi-Fi routers

“We were not, but we agree that the guidance we provide to manufacturers must be crystal-clear to avoid confusion,” he wrote. “So, today we released a revision to that guidance to clarify that our instructions were narrowly focused on modifications that would take a device out of compliance.”

Feedback:

• https://slexy.org/view/s214FkOi8T

• https://slexy.org/view/s21ZHDxPup

Rover Log Playlist

Watch the adventures, productions, road trips, trails, mistakes, and fun of the Jupiter Broadcasting mobile studio.

• Support Jupiter Broadcasting on Patreon

Chris’s Twitter account has changed, you’ll need to follow!

Chris Fisher (@ChrisLAS) | Twitter

— CHRIS’ STASH —

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— NOAH’S STASH —

Noah’s Day Job

Altispeed Technologies

Contact Noah

noah [at] jupiterbroadcasting.com

Find us on Google+

• Chris
• Noah J. Chelliah
• Jupiter Broadcasting’s Page

Find us on Twitter

• Chris – ChrisLAS
• Noah – Kernellinux

Follow us on Facebook

• Jupiter Broadcasting on Facebook
• Noah – Kernellinux

Catch the show LIVE Friday:

• https://jblive.tv
• Network Calendar

The post Live From System76 | LAS 391 first appeared on Jupiter Broadcasting.

Hillary Clinton’s latest email scandal sheds a terrifying light on the data security practices of top US officials, how they act above the law, and is likely to kick off a long series of political battles.

The latest ISIS propaganda, Snowden wants to come home, recent Net Neutrality developments & much more!

Direct Download:

Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

Video Feed | MP3 Feed | OGG Feed | HD Torrent | Mobile Torrent | iTunes

Become an Unfilter supporter on Patreon:

Show Notes:

Snowden Has Always Been ‘Ready’ to Return to the US

Edward Snowden’s Russian lawyer reiterated today that Snowden is willing to return to the US, so long as he is given a fair trial, according to​ the AFP.

“He is thinking about it. He has a desire to return and we are doing everything we can to make it happen,” said Anatoly Kucherena, the AFP reports.

It may seem particularly notable that arguably the biggest whistleblower in the history of the US—and one of the few whose life hasn’t been completely r​uined by coming forward—wants to come home. But this has long be​en Snowden’s stance. In a​n interview with the New Yorker in October, for example, the NSA whistleblower said he tried to negotiate with the US government to ensure a fair and open trial.

“The question there was: would the American justice system be open to that?” Snowden told the New Yorker. “I have told the government again and again in negotiations that if they’re prepared to offer an open trial, a fair trial, in the same way that Dan Ellsberg got, and I’m allowed to make my case to the jury, I would love to do so.”

Insignificant ‘Putin critic’ gunned down by someone who hates Putin

Boris Nemtsov was shot in the back last night as he walked with his Ukrainian girlfriend near the Kremlin in Moscow. Nemtsov ran unsuccessfully for office in 1989 before eventually being elected to Russia’s parliament in 1990. As deputy minister for economic reform under Yeltsin, he failed to actually deliver economic reform amid the August 1998 economic crisis and it cost him his job.

In 1999 he founded the Union of Right Forces (SPS), along with fellow liberals Anatoly Chubais and Yegor Gaidar. The SPS was directly sponsored by the US government (via USAID) in 2002, after which it became openly critical of Russia’s new President Putin (surprise!). This fact alone establishes Nemtsov and SPS as agents of Western efforts to destabilize Russia and therefore not representative of any significant section of the Russian people. Indeed, in the 2003 election, the SPS failed to reach even the 5% threshold needed to enter parliament.

Virginia teen accused of being ISIS recruiter

A 17-year-old Virginia student has been charged with helping recruit for ISIS, federal law enforcement officials said Wednesday.

The teen, whose name was not disclosed, was taken into custody last week, the officials said.

Prosecutors are seeking to charge him as an adult but currently have charged him as a juvenile, one of the law enforcement officials said.

The case remains under seal. It was first reported by The Washington Post on Wednesday.

The Post, citing officials and neighbors, reported that investigators spent more than a month watching the teen and his home before he was arrested. The teen is a “brilliant kid,” a man who hired him to write for a website told the Post. “His English wasn’t perfect, but I was willing to overlook that because the content was great.”

The teen, who lives in a Virginia suburb of Washington, is accused of helping a slightly older adult travel to Syria. The adult is believed to have joined ISIS there, a separate law enforcement official said.

Hillary Clinton Ran Homebrew Computer System For Official Emails

It was not immediately clear exactly where Clinton’s computer server was run, but a business record for the Internet connection it used was registered under the home address for her residence as early as August 2010. The customer was listed as Eric Hoteham.

An aide to then-first lady Clinton was identified in a 2002 congressional report as Eric Hothem, whose name is spelled differently than in the Internet records. Hothem, a financial adviser in Washington, was not available to take an AP reporter’s phone call at his office Wednesday. He was a special assistant to Clinton as far back as 1997 and considered one of the family’s information technology experts.

Operating her own server would have afforded Clinton additional legal opportunities to block government or private subpoenas in criminal, administrative or civil cases because her lawyers could object in court before being forced to turn over any emails. And since the Secret Service was guarding Clinton’s home, an email server there would have been well protected from theft or a physical hacking.

• Security nightmare: Clinton ran state business from personal email account — RT USA

New revelations about Clinton’s personal email account are
continuing to complicate matters for the Democratic Party’s
presumed nominee for president. The New York Times first reported
on the “hdr22@clintonemail.com” email address used by Clinton
while secretary of state. This immediately prompted inquiries as
to why a government-sanctioned account wasn’t used. The Federal
Records Act requires government employees to use departmental
servers for communications.

By operating her own server, Clinton may have been able to take advantage of “additional legal opportunities to block government or private subpoenas in criminal, administrative or civil cases because her lawyers could object in court before being forced to turn over any emails,” the AP journalists said.

• House committee subpoenas Clinton emails in Benghazi probe

A House committee investigating the Benghazi, Libya, attacks issued subpoenas Wednesday for the emails of Hillary Rodham Clinton, who used a private account exclusively for official business when she was secretary of state — and also used a computer email server now traced back to her family’s New York home.

• Hillary Clinton email flap not likely to end soon – Josh Gerstein – POLITICO

The first public sign of the email imbroglio now enveloping former Secretary of State Hillary Clinton may have come more than a month ago in an obscure court filing in a lawsuit demanding details of Clinton’s response to the attacks on U.S. facilities in Benghazi, Libya.

But all signs Tuesday pointed toward a protracted legal morass as advocacy groups, the courts and Congress try to determine whether Clinton’s practice denied them access to critical information during her four years in the Obama Cabinet and thereafter.

Clinton aides and State Department officials argued that the impact of her use of personal email on the government’s permanent files was limited because she turned over 55,000 pages of the emails in December at the department’s request. They also contend that most of Clinton’s work-related emails were preserved on work accounts used by other officials.

Insignificant ‘Putin critic’ gunned down by someone who hates Putin — Puppet Masters — Sott.net

Of course, the suggestion that Putin, with an 85% approval rating, would have thought it necessary to publicly assassinate a non-entity former politician who couldn’t muster 5% of the vote, on the doorstep of the Kremlin no less, and one day before an opposition rally in which the deceased was scheduled to take part, is utterly ridiculous**. The point being, by killing Nemtsov in this way, the reaction of Western governments and their media was always going to be as if Putin himself pulled the trigger and posted a selfie of the event on FB. Ergo, if, as the ranks of Western yellow journalists claim, Putin is responsible… where’s the freaking selfie!?? Maybe US State Dept. muppet Jen Psaki has it on her Facebook page?

The post Hillary's Got Mail | Unfilter 135 first appeared on Jupiter Broadcasting.

After sliding for weeks, the price of oil has started to rise again. We’ll look at the real market force that’s setting the price, how long it will stay down & chat about some of the more interesting theories. It’s a fascinating behind the scenes look at something that impacts your everyday life.

Plus we discuss the big boost Net Neutrality got this week, and the pending debate, why the ISIS fear is at new levels & much more.

Direct Download:

Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

Video Feed | MP3 Feed | OGG Feed | HD Torrent | Mobile Torrent | iTunes

Become an Unfilter supporter on Patreon:

Show Notes:

News

Saudi Oil Is Seen as Lever to Pry Russian Support From Syria’s Assad – NYTimes.com

Saudi Arabia_has been trying to pressure President Vladimir V. Putin_of _Russia_to abandon his support for President _Bashar al-Assad_of _Syria, using its dominance of the global oil markets at a time when the Russian government is reeling from the effects of plummeting oil prices._

Saudi Arabia and Russia have had numerous discussions over the past several months that have yet to produce a significant breakthrough, according to American and Saudi officials. It is unclear how explicitly Saudi officials have linked oil to the issue of Syria during the talks, but Saudi officials say — and they have told the United States — that they think they have some leverage over Mr. Putin because of their ability to reduce the supply of oil and possibly drive up prices.

Syria was a major topic for a Saudi delegation that went to Moscow in November, according to an Obama administration official, who said that there had been a steady dialogue between the two countries over the past several months. It is unclear what effect the Jan. 23 death of King Abdullah of Saudi Arabia might have on these discussions, which the Saudis have conducted in secret.

The monarchy has about $733 billion in savings invested in low-risk assets abroad, and it can afford to dip into that for a few years without much pain. Russia and Iran have no such luxury, and neither do shale-fracking oil producers in North America.

The Saudis have offered economic enticements to Russian leaders in return for concessions on regional issues like Syria before, but never with oil prices so low. It is unclear what effect, if any, the discussions are having. While the United States would support initiatives to end Russian backing for Mr. Assad, any success by the Saudis to cut production and raise global oil prices could hurt many parts of the American economy.

FCC Chief Unveils Sweeping Net Neutrality Rules

The Federal Communications Commission plans to enact President Obama’s proposal for net neutrality regulations that would claim expansive new powers over Internet providers.

In an op-ed in the technology magazine Wired Wednesday, FCC Chairman Tom Wheeler said his rules will assure “the rights of internet users to go where they want, when they want, and the rights of innovators to introduce new products without asking anyone’s permission.”

He plans to fully apply “bright-line rules” to both Internet connections at home and on mobile devices.

The move is a devastating blow to Internet providers like Comcast, Verizon, and AT&T, who warn that treating the Internet like a utility will strangle investment, leading to worse service for everyone. They have all vowed to fight the rules in court.

But it’s a stunning victory for net neutrality advocates, who organized a massive public campaign over the past year to pressure the FCC to enact strong regulations. More than 4 million people filed comments with the FCC, the most for any proceeding ever. In November, President Obama sided with the activists and urged the FCC, an independent agency, to enact the “strongest possible” rules.

FCC strikes in Net neutrality war: Run Internet like a utility – CNET

Wheeler confirmed Wednesday that he intends to regulate wired and wireless broadband services under the Title II of the Communications Act of 1934, subjecting them to the same utility-style rules that oversee telephone service. He said Title II would ensure that the Internet remains open to everyone, a concept known as Net neutrality.

How Netflix helped change the FCC’s definition of net neutrality | The Verge

Today, the FCC did just that. “For the first time the commission would have authority to hear complaints and take appropriate enforcement action if necessary, if it determines the interconnection activities of ISPs are not just and reasonable, thus allowing it to address issues that may arise in the exchange of traffic between mass-market broadband providers and edge providers.”

ISIS

Fight against ISIS needs troops to be effective, Michael Morell says

“Unless the coalition is willing to put more ground troops into Iraq and possibly into Syria, there is very little we can do to respond,” said CBS News senior security contributor Michael Morell, the former No. 2 at the CIA.

Morell made the comments following ISIS’ release of a video Tuesday purportedly showing captive Jordanian pilot Lt. Muath Al-Kaseasbeh being burned to death. The killing led Jordanian officials to execute two Iraqi al Qaeda-linked prisoners.

Morell said the will to commit such a large number of troops “simply does not exist” in the U.S. or in Western Europe.

Burning Victims to Death: Still a Common Practice – The Intercept

The most immediate consequence of drone strikes is, of course, death and injury to those targeted or near a strike. The missiles fired from drones kill or injure in several ways, including through incineration[3], shrapnel, and the release of powerful blast waves capable of crushing internal organs. Those who do survive drone strikes often suffer disfiguring burns and shrapnel wounds, limb amputations, as well as vision and hearing loss. . . .

In addition, because the Hellfire missiles fired from drones often incinerate the victims’ bodies, and leave them in pieces and unidentifiable, traditional burial processes are rendered impossible.

As Firoz Ali Khan, a shopkeeper whose father-in-law’s home was struck, graphically described, “These missiles are very powerful. They destroy human beings . . .There is nobody left and small pieces left behind. Pieces. Whatever is left is just little pieces of bodies and cloth.” **A doctor who has treated drone victims described how “[s]kin is burned so that you can’t tell cattle from human.” When another interviewee came upon the site of the strike that killed his father, “[t]he entire place looked as if it was burned completely, so much so that even [the victims’] own clothes had burnt.

All the stones in the vicinity had become black.”** Ahmed Jan, who lost his foot in the March 17 jirga strike, discussed the challenges rescuers face in identifying bodies: “People were trying to find the body parts. We find the body parts of some people, but sometimes we do not find anything.”

UN claim: ISIS selling, crucifying, burying children alive in Iraq | News24

Islamic State militants are selling abducted Iraqi children at markets as sex slaves, and killing other youth, including by crucifixion or burying them alive, a United Nations watchdog said on Wednesday.

Iraqi boys aged under 18 are increasingly being used by the militant group as suicide bombers, bomb makers, informants or human shields to protect facilities against US-led air strikes, the UN Committee on the Rights of the Child said.

High Note:

Silk Road Mastermind Ross Ulbricht Convicted of All 7 Charges | WIRED

A jury has spoken, and the mask is off: Ross Ulbricht has been convicted of being the Dread Pirate Roberts, secret mastermind of the Silk Road online narcotics empire.

On Wednesday, less than a month after his trial began in a downtown Manhattan courtroom, 30-year-old Ulbricht was convicted of all seven crimes he was charged with, including narcotics and money laundering conspiracies and a “kingpin” charge usually reserved for mafia dons and drug cartel leaders. It took the jury only 3.5 hours to return a verdict. Ulbricht faces a minimum of 30 years in prison; the maximum is life. But Ulbricht’s legal team has said it will appeal the decision, and cited its frequent calls for a mistrial and protests against the judge’s decisions throughout the case.

As the verdict was read, Ulbricht stared straight ahead. His mother Lyn Ulbricht slowly shook her head, and his father Kirk put a hand to his temple. After the verdict, Ulbricht turned around to give his family a stoic smile.

U.S. Surgeon General Vivek Murthy Says Marijuana ‘Can Be Helpful’ For Some Medical Conditions

While Murthy didn’t take the opportunity to endorse legalization of marijuana for medical or recreational purposes, he did add that he believes U.S. marijuana policy should be driven by science and what it reveals about the efficacy of using the plant for medical purposes.

“I think we’re going to get a lot more data about that,” Murthy said. “I’m very interested to see where that takes us.”

State looks to share marijuana taxes with cities

Washington state legalized marijuana more than two years ago, but in much of the state, there’s still no place to get the sanctioned stuff: More than 100 cities and counties have banned pot businesses, making it tough to undermine the black market.

Lawmakers think they have at least a partial solution: paying the locals to let licensed weed come to town.

Under bills introduced in both houses in Olympia, the state would share a chunk of its marijuana tax revenue with cities and counties – but only if they allow approved marijuana businesses in their jurisdictions. It’s an approach that has worked to some degree in Colorado, said Kevin Bommer, deputy director of the Colorado Municipal League.

“It definitely made a difference,” he said Monday. “Without it, you would not have as many municipalities in Colorado approving retail marijuana sales.”

• White House Sneaks D.C. Marijuana Legalization Into Budget | The Daily Caller

President Barack Obama’s massive budget unveiled on Monday makes a foray into Washington, D.C. politics by removing the restriction Congress placed on the city’s budget to prohibit the use of public funds for regulating and taxing the sale of marijuana.

If Congress doesn’t fight back against Obama’s budget request, marijuana may achieve legal status as early as March, Marijuana.com reports. A regulatory system implemented by the city would then follow likely by the end of 2015, and with a framework in place to satisfy local politicians, marijuana dispensaries would crop up soon after. However, the budget first needs to pass through a watchful, Republican-dominated Congress, although since the Republicans took over, there has been little pushback against legal marijuana in the states.

Seattle just got an awesome, high-tech pot vending machine

It's Seattle's first pot vending machine. Show your I.D., slide in your money, push button & out pops pot. #ZaZZZ pic.twitter.com/l7T0OkWao1

— diane lewis (@dianelewis48) February 3, 2015

Sometimes you just want to pick up your pot without talking to a human. Well here’s some good news for people in Seattle, Wash.: You can now grab your medical marijuana from a vending machine.

The post Oil Rigged | Unfilter 132 first appeared on Jupiter Broadcasting.

The FCC Chairman makes it clear, he plans to push for Title II classification of the Internet. Is Net Neutrality going to save us all? We’ll debate & discuss the mounting counter battle.

Plus Valve is about to reveal their openGL replacement & we take a look at an open source device that’s NSFW.

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Video Feed | Torrent Feed

Become a supporter on Patreon

Show Notes:

FCC Chairman Tom Wheeler: This Is How We Will Ensure Net Neutrality

After more than a decade of debate and a record-setting proceeding that attracted nearly 4 million public comments, the time to settle the Net Neutrality question has arrived. This week, I will circulate to the members of the Federal Communications Commission (FCC) proposed new rules to preserve the internet as an open platform for innovation and free expression. This proposal is rooted in long-standing regulatory principles, marketplace experience, and public input received over the last several months.

Broadband network operators have an understandable motivation to manage their network to maximize their business interests. But their actions may not always be optimal for network users. The Congress gave the FCC broad authority to update its rules to reflect changes in technology and marketplace behavior in a way that protects consumers. Over the years, the Commission has used this authority to the public’s great benefit.

AT&T previews lawsuit it plans to file against FCC over net neutrality | Ars Technica

AT&T seems resigned to the near-certainty that the Federal Communications Commission will reclassify broadband as a common carrier service in order to enforce net neutrality rules. But it isn’t going to let the decision stand without a legal challenge, and the company is already telling the world what it’s going to argue in court.

“I have no illusions that any of this will change what happens on February 26,” when the FCC is expected to vote, AT&T Federal Regulatory VP Hank Hultquist wrote in a blog post yesterday. “But when the FCC has to defend reclassification before an appellate court, it will have to grapple with these and other arguments. Those who oppose efforts at compromise because they assume Title II rests on bullet proof legal theories are only deceiving themselves.”

Toshiba releases super-secure Encrypted USB Flash Drive with hardware-based encryption

“Available in 4GB ($95), 8GB ($112), 16GB ($140) and 32GB ($200) capacities, the Toshiba Encrypted USB Flash Drive uses a built-in mini-keyboard to authenticate access, incorporating a rechargeable battery so the user can enter a secure code before plugging into a USB port. Users simply enter their secure PIN and plug the drive into any USB 2.0 port on a compatible device. Once access is granted, the drive ‘unlocks’ the media, permitting clearance to all of the content stored on the drive. When the drive is removed from a USB port, the drive automatically re-locks and encrypts the stored media”, says Toshiba.

Serious bug in fully patched Internet Explorer puts user credentials at risk | Ars Technica

A vulnerability in fully patched versions of Internet Explorer allows attackers to steal login credentials and inject malicious content into users’ browsing sessions. Microsoft officials said they’re working on a fix for the bug, which works successfully on IE 11 running on both Windows 7 and 8.1.

The vulnerability is known as a universal cross-site scripting (XSS) bug. It allows attackers to bypass the same origin policy, a crucially important principle in Web application models that prevents one site from accessing or modifying browser cookies or other content set by any other site. A proof-of-concept exploit published in the past few days shows how websites can violate this rule when people use supported versions of Internet Explorer running the latest patches to visit maliciously crafted pages.

glNext: The Future of High Performance Graphics (Presented by Valve)

Join us for the unveiling of Khronos’ glNext initiative, the upcoming cross-platform graphics API designed for modern programming techniques and processors. glNext will be the singular choice for developers who demand peak performance in their applications. We will present a technical breakdown of the API, advanced techniques and live demos of real-world applications running on glNext drivers and hardware.

KICKSTARTER OF THE WEEK: The Mod – Multivibrating Open-Source Dildo | Indiegogo

The Mod is a great vibrator. It’s made from 100% silicone.
Its three powerful motors create amazing sensations, ranging from a lovely low
frequency rumble to patterns that move up and down the shaft. It is USB rechargeable,
and its built in buttons make it easy to control vibration patterns and
intensities.

The post Open-source Market Penetration | Tech Talk Today 127 first appeared on Jupiter Broadcasting.

Google could be setting up to compete head to head with Uber, leveraging their self driving car technology. Radio Shack is about to shutter & you won’t believe what they are doing with the leftovers. Plus, Pebble has something big in the works & more!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Video Feed | Torrent Feed

Become a supporter on Patreon

Show Notes:

Exclusive: Google and Uber Are Going to War Over Taxis

Uber faces an ever-growing cast of adversaries that includes dubious regulators, litigious drivers, hostile members of the press, and some well-funded rivals. But the most significant threat to the app-based transportation company may be much closer to home: one of its biggest investors, Google.

Google Ventures, the search giant’s venture capital arm, invested $258 million in Uber in August 2013. It was Google Ventures’ largest investment deal ever, and the company put more money into Uber’s next funding round less than a year later. Back then, it was easy for observers to imagine Google teaming closely with Uber, or even one day acquiring it. David Drummond, Google’s chief legal officer and senior vice president of corporate development, joined the Uber board of directors in 2013 and has served on it ever since.

Uber Chases Google in Self-Driving Cars With Carnegie Mellon Deal – Digits – WSJ

But a person familiar with the matter said news that Google is developing an app to rival Uber has been blown out of proportion. The person said a Google engineer has been testing an internal app that helps Google employees carpool to work, and the app isn’t associated with the company’s driverless cars program.

Two people familiar with the matter said they weren’t aware that Drummond had been asked by anyone to step down and believe he would do so of his own volition if he sees a potential conflict. One of these people added that Uber probably doesn’t want to give information to a potential competitor, but wasn’t aware of any plans to cut off Google’s access to Uber information. The other person said that Uber and Google had been working at arms length for some time and that it was unlikely Uber would stop using Google Maps to help power its service.

Uber declined to comment on Drummond’s board status. A Google spokeswoman referred to a cryptic tweet the company posted late Monday: “We think you’ll find Uber and Lyft work quite well. We use them all the time.” Lyft is a car-hailing service that competes with Uber.

Google is still working closely with the car-hailing services. Uber is integrated directly into the Google Maps smartphone app, allowing users seeking directions to jump into Uber’s app to call a car. Separately, Lyft has worked with Google to integrate its service with Android Wear, Google’s operating system for smartwatches, as well as Google Now, the company’s smart digital assistant app.

RadioShack in Talks to Sell Half Its Stores to Sprint, Shutter the Rest – Bloomberg Business

The locations sold to Sprint would operate under the
wireless carrier’s name, meaning RadioShack would cease to exist
as a stand-alone retailer, said the people, who asked not to be
identified because the talks aren’t public.

Amazon in Talks to Buy Some of RadioShack’s Stores – Bloomberg Business

The possible move, discussed as part of RadioShack’s
looming trip to bankruptcy court, would represent Amazon’s
biggest push into traditional retail. Amazon joins other
potential bidders, including Sprint Corp. and the investment
group behind Brookstone, in evaluating RadioShack stores, people
familiar with the situation said. RadioShack has more than 4,000
U.S. locations and is moving toward a deal to sell a portion and
close the rest, according to some of the people. Sprint has
discussed buying 1,300 to 2,000, they said.

Apple to Convert Failed Arizona Sapphire Plant Into Data Center – Bloomberg Business

Apple Inc. plans to invest $2 billion to
convert an Arizona factory into a data center after the facility
failed to produce sapphire screens for iPhones.

GT Advanced Technologies Inc. filed for bankruptcy
protection in October after the supplier wasn’t able to produce
screens of usable quality at the Apple-owned factory in Mesa,
near Phoenix. The smaller company wasn’t able to fulfill the
terms of an agreement with Apple.

The more than 1.3 million-square-foot building, which was
once a solar-panel factory, was a key part of Apple’s efforts to
bring manufacturing back to the U.S. after years of relying on
Asian suppliers to build the company’s iPhones, iPads and Mac
computers. While Apple had promised to bring jobs to the area
even after the bankruptcy, the data center will probably employ
fewer staff compared with an operation churning out components
for iPhones.

F.C.C. Chief Wants to Override State Laws Curbing Community Net Services – NYTimes.com

The proposal focuses on laws in two states, North Carolina and Tennessee, but it would create a policy framework for other states. About 21 states, by the F.C.C.’s count, have laws that restrict the activities of community broadband services. The initiative by Mr. Wheeler, if endorsed by the full commission, would be the first time the F.C.C. has tried to override such state laws.

Pebble has now sold over 1 million smartwatches | The Verge

According to Migicovsky, Pebble plans to carry its momentum through 2015 with new products and a new software platform that is unlike anything else used on smartwatches to date. While Google and Apple’s smartwatches have been focused on app paradigms, similar to smartphones, Pebble’s new software will apparently be quite different. “We’ve found a new framework to use as an interaction model on the watch,” boasts Migicovsky, before adding that while apps will continue to exist on Pebble, they won’t be the main focus of the platform. “It doesn’t look like what we have today, and it doesn’t look like what’s on your smartphone,” added Migicovsky. Following the launch of the Pebble Steel in January, the company used 2014 as an “investment year,” increasing its headcount from around 30 to over 100 and bringing aboard some of the webOS TV design team from LG, many of whom have been tasked with building the new software platform.

The post Robocar War Begins | Tech Talk Today 126 first appeared on Jupiter Broadcasting.

A Uber exec is caught plotting against journalists, TOR considers crowdfunding after a rough 15-months & the FCC calls AT&T’s Net Neutrality bluff.

Plus our Kickstarter of the week & more!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Uber Executive Suggests Digging Up Dirt On Journalists

A senior executive at Uber suggested that the company should consider hiring a team of opposition researchers to dig up dirt on its critics in the media — and specifically to spread details of the personal life of a female journalist who has criticized the company.

The executive, Emil Michael, made the comments in a conversation he later said he believed was off the record. In a statement through Uber Monday evening, he said he regretted them and that they didn’t reflect his or the company’s views.

Michael, who Kalanick described as “one of the top deal guys in the Valley” when he joined the company, is a charismatic and well-regarded figure who came to Uber from Klout. He also sits on a board that advises the Department of Defense.

Over dinner, he outlined the notion of spending “a million dollars” to hire four top opposition researchers and four journalists. That team could, he said, help Uber fight back against the press — they’d look into “your personal lives, your families,” and give the media a taste of its own medicine.

In a statement through an Uber spokeswoman, Michael said: “The remarks attributed to me at a private dinner — borne out of frustration during an informal debate over what I feel is sensationalistic media coverage of the company I am proud to work for — do not reflect my actual views and have no relation to the company’s views or approach. They were wrong no matter the circumstance and I regret them.”

The spokeswoman, Nairi Hourdajian, said the company does not do “oppo research” of any sort on journalists, and has never considered doing it. She also said Uber does not consider Lacy’s personal life fair game, or believe that she is responsible for women being sexually assaulted.

FCC calls AT&T’s fiber bluff, demands detailed construction plans | Ars Technica

Two days after AT&T claimed it has to “pause” a 100-city fiber build because of uncertainty over network neutrality rules, the Federal Communications Commission today asked the company to finally detail its vague plans for fiber construction.

Despite making all sorts of bold promises about bringing fiber to customers and claiming its fiber construction is contingent on the government giving it what it wants, AT&T has never detailed its exact fiber plans. For one thing, AT&T never promised to build in all of the 100 cities and towns it named as potential fiber spots. The company would only build in cities and towns where local leaders gave AT&T whatever it wanted. In all likelihood, only a small portion of the 100 municipalities were likely to get fiber, and nobody knows which ones.

Today, the FCC challenged AT&T to finally reveal some facts about its fiber plans in a letter to AT&T Senior VP Robert Quinn.

Ferris asked Quinn for a response by November 21. AT&T told Re/code that it is “happy to respond to the questions posed by the FCC in its review of our merger with DirecTV. As we made clear earlier this week, we remain committed to our DirecTV merger-related build-out plans.”

Tor eyes crowdfunding campaign to upgrade its hidden services

The Tor Project is currently considering a crowdfunding campaign to overhaul the network’s anonymous websites after years of design and security criticisms, Tor executive director Andrew Lewman told the Daily Dot.

In the last 15 months, several of the biggest anonymous websites on the Tor network have been identified and seized by police. In most cases, no one is quite sure how it happened.

The details of such a campaign have yet to be revealed.

Hush | The World’s First Smart Earplugs by Hush — Kickstarter

Wireless noise masking earplugs that block out the world while still letting you hear the things that matter most.

The post Support Your Tor | Tech Talk Today 93 first appeared on Jupiter Broadcasting.