We review Linux Mint 18 & our experience turns out to be a roller coaster ride from impressed glee to cautious concern. We’ve never felt more conflicted over a version of Linux Mint.

Plus we discuss the Ubuntu Forum hack, a Fedora bug that’s bricking some laptops & why we just can’t quit FreeNAS.

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | OGG Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

Brought to you by: Linux Academy

Mint 18 Review

​Linux Mint 18: The best desktop — period

I’ve been using Linux desktops since the leading desktop front-end was Bash. Things have changed in those 25 years. Today, the best Linux desktop is the latest version of Linux Mint: Linux Mint 18 Sarah with the Cinnamon 3.0 interface.

Linux Mint 18 Cinnamon: Quick Screenshot Tour

Linux Mint 18 improves security, but at a cost – TechRepublic

While this is a much-needed improvement, the explanation of this change on the Linux Mint website is baffling. The website claims that kernel updates “aren’t really updates, but the availability of packages for newer kernels.” Aside from the fact that this is literally the definition of an update, this appears to be an attempt at minimizing the importance of kernel updates. In Linux Mint 18, users are only notified of kernel updates, but they are not installed by default.

• How to upgrade to Linux Mint 18

As excited as we are about Linux Mint 18, upgrading blindly for the sake of running the latest version does not make much sense, especially if you’re already happy and everything is working perfectly.

• Bug#830624: ITP: xplayer — Simple media player based on GStreamer.

Given the history of Linux Mint with their weird view on security (Linux
Mint is the very definition of a FrankenDebian [1]) where they withhold
important security updates because their weird mixture of packages would
otherwise break too often or their hijacking of package names (mdm, for
example), I don’t really trust them to come up with a clean design for
desktop agnostic applications. Heck, the first thing they wanted to do
was naming their forked version of Pluma “xedit”.

— PICKS —

Runs Linux

Fors Fusion RUnS LINUX on a Raspberry Pi

Desktop App Pick

recalbox.com

Recalbox allows you to re-play a variety of videogame consoles and platforms in your living room, with ease! RecalboxOS is free, open source and designed to let you create your very own recalbox in no time! Raspberry Pi.

• RecalboxOS v4.0.0-beta4 release | Blog recalbox

Spotlight

Felony: Next Level PGP

Felony is an open-source pgp keychain built on the modern web with Electron, React, and Redux. Felony is the first PGP app that’s easy for anyone to use, without a tutorial. Security++ to the greatest extreme!

Coder Radio Coding Challenge

— NEWS —

Ubuntu Forums Hacked, 2 Million Users’ Details Stolen

Canonical CEO Jane Silber explains: “We were able to confirm there had been an exposure of data and shut down the Forums as a precautionary measure. Deeper investigation revealed that there was a known SQL injection vulnerability in the Forumrunner add-on in the Forums which had not yet been patched.”

The attacker was able to “download portions of the ‘user’ table which contained usernames, email addresses and IPs for 2 million users.”

• Notice of security breach on Ubuntu Forums | Ubuntu Insights

​Early Look at Skype for Linux and Chromebooks

Skype for Linux is no longer an afterthought for Microsoft as the company introduces new versions of Skype for Linux Chromebooks and the Chrome web browser.

GNOME Maps Hits A Dead End, Can No Longer Display Maps

As of this week the nifty desktop navigation app canno longer fetch maps tiles to display.

MapQuest, the application’s tile provider, has amended its usage policy and discontinued direct tile access. GNOME developers have the choice of paying to keep using the service or, ultimately, using a new one.

PSA: Failure to boot after kernel update on Skylake systems

So in the last couple of days a significant issue in all Fedora releases has come to our attention, affecting (so far) several systems that use the Intel ‘Skylake’ hardware platform.

• Virtualization Revelation | Linux Action Show 418

• Bug #1569479 “Graphics glitches with Skylake Intel HD Graphics 5…”

• Intel Skylake Graphics: Windows 10 vs. Ubuntu Linux Performance
• Well Known Linux Kernel Developer Recommends Against Buying Skylake Systems
• Early Intel Skylake Linux Users May Run Into A Silly Issue
• Screen flickering on Ubuntu 16.04 LTS

CrossOver For Android Now Running On Chromebooks

CodeWeavers confirmed today that it’s possible to run CrossOver on Chromebooks now via the Android support. CodeWeavers was even able to install Steam for Windows on the Chromebooks via the CrossOver support.

Mail Bag

• https://pastebin.com/jMJPAeXY

• https://pastebin.com/s9NWc85s

Call Box

• Chris’ call out for the community to help him with his background

Catch the show LIVE SUNDAY:

• Noon Pacific
• https://jblive.tv
• Network Calendar

— CHRIS’ STASH —

Chris’s Twitter account has changed, you’ll need to follow!

Chris Fisher (@ChrisLAS) | Twitter

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— NOAH’S STASH —

Noah’s Day Job

Altispeed Technologies

Contact Noah

noah [at] jupiterbroadcasting.com

Find us on Google+

• Chris
• Noah J. Chelliah
• Jupiter Broadcasting’s Page

Find us on Twitter

• Chris – ChrisLAS
• Noah – Kernellinux

Follow us on Facebook

• Jupiter Broadcasting on Facebook
• Noah – Kernellinux

The post Mint 18: Convenience Over Security | LAS 426 first appeared on Jupiter Broadcasting.

Fiaura is a semi-pro gamer & community contributor for many games & loves tanks. She enjoys all aspects of games which includes playing, reviewing & competing!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed

Become a supporter on Patreon:

Show Notes:

Interview – Fiaura – @Fiaura_Tanks

• Fiaura The Tank Girl – YouTube
• FiauraTankGirl (@Fiaura_Tanks) | Twitter

Are you looking for the transcription? Please let us know you use it and we may bring it back!

• WTR Transcription Poll

The post Fiaura The Gamer | WTR 58 first appeared on Jupiter Broadcasting.

A huge amount of SIM cards are susceptible to an Over the Air attack, Allan’s got the details, Apple’s hacker outs himself, and the trouble with the Ubuntu forums!

Plus a batch of your questions, and much much more!

Thanks to:

GoDaddy.com Use our code tech249 to score .COM for $2.49! Get private registration FOR FREE with a .COM! code: free5
Ting.com Visit techsnap.ting.com to save $25 off your device or service credits.

Security Researcher Claims Apple Developer Website Hack

• Apple\’s Developer Center first went offline last Thursday, and on Sunday, Apple revealed that it had been taken down as a precaution after a security breach. It is unclear who was responsible for the hacking, but a security researcher, Ibrahim Balic has suggested that he might be to blame for the outage.
• The company added that critical developer data had not been compromised and that they were working day n’ night to fix the vulnerability and bring the site back online.
• According to 9 to 5 Mac adds that, “In an email… Balic … is persistent in stating he did this for security research purposes and does not plan to use the information in any malicious manner.”
• The comment comes from independent security researcher Ibrahim Balic, who claims that his effort was not intended to be malicious and that he reported his findings to Apple just hours before the developer site was taken down by the company.
• Balic, who has reported 13 different bugs to Apple, originally discovered an iAd Workbench vulnerability on June 18 that allowed a request sent to the server to be manipulated. This security hole could be used to acquire the names and email addresses of iTunes users (even non-developers).
• After finding the loophole, Balic wrote a Python script to harvest data from the vulnerability and then displayed it in a YouTube video, which may have put him on Apple\’s radar.
• In addition to the iAd Workbench bug, Balic also discovered and submitted a report on a bug that caused the Dev Center site to be vulnerable to a stored XSS attack. While Balic says that it was possible to access user data by exploiting the Dev Center issue, he claims that he did not do so.
• New Details Emerge on Security Researcher Potentially Responsible for Dev Center Outage s
• Apple Outlines Plan for Bringing Developer Center Back Online
  Additional Coverage

Ubuntu Forums compromised

• The forums were defaced and the database compromised
• There were approximately 1.82 million registered accounts in the forum database
• Attackers have access to each of these user\’s username, password and email address
• The passwords were salted hashes, but by which algorithm was not made clear. Where these cryptographic hashes, or just md5(salt+md5(password)) or similar like some forum software?
• If you were a registered user, and reused that password anywhere else, you are likely going to have a bad time
• “Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach”
• Timeline:
• 2013-07-20 2011 UTC: Reports of defacement
• 2013-07-20 2015 UTC: Site taken down, this splash page put in place while investigation continues.
• 2013-07-21: we believe the root cause of the breach has been identified. We are currently reinstalling the forums software from scratch. No data (posts, private messages etc.) will be lost as part of this process.
• 2013-07-22: work on reinstalling the forums continues.

Feedback:

TechSNAP Bitmessage: BM-GuGEaEtsqQjqgHRAfag5FW33Dy2KHUmZ

• Voicemail from OSCON
• 389 Directory Server (Open Source LDAP)

The enterprise-class Open Source LDAP server for Linux. It is hardened by real-world use, is full-featured, supports multi-master replication, and already handles many of the largest LDAP deployments in the world. The 389 Directory Server can be downloaded for free and set up in less than an hour using the graphical console.

• Too many VMs in One Place?

• An Excellent Chance to Talk about FreeBSD for Allan!

• PPA for PHP5 : Ondřej Surý

• How does one learn how to become a PenTester?

  • Metaspolitable
  • Backtrack view by example
• Linux Drive Recovery | LAS s27e10 | Jupiter Broadcasting

Round Up:

• Feds Demand the Keys, Preparing for the Death of Public-Key Encryption
• The UNIX Issue of the Bell System Technical Journal turns 35 Spotted by Poul-Henning Kamp @bsdphk
• UK MP leading the charge for default blocking porn, has website hacked and filled with porn, accuses random blogger who comments on it of being behind the attack #doesnotknowhowtheinternetworks
• MIT Uses Machine Learning Algorithm To Make TCP Twice As Fast
• NSA says it cannot search its own emails to fulfill FOIA requests
• US-CERT releases advisory about DNS Amplification attacks, includes configuration suggestions to prevent your servers from being part of an attack
• True tales of white-hat hacking

The post Ethically Hacked | TechSNAP 120 first appeared on Jupiter Broadcasting.

Some of the best tools to save and recover data from a failing drive are free, and built for Linux. We’ll demo some of the best tools to save your data, and make the best of a bad situation. Plus a few tips to prevent data loss and monitor the health of your drives.

PLUS: Setting up a Honeypot for security and fun, things to keep in mind, and using a Raspberry Pi as the Honeypot.

Then: A big batch of your emails, dev drama of the week, Ubuntu Forums is hacked…

AND SO MUCH MORE!

All this week on, The Linux Action Show!

Thanks to:

GoDaddy.com Use our code linux249 to score .COM for just $2.49! Free Private Registration with your .COM just use our code free3 until the end of the month!
Ting.com Visit las.ting.com to save $25 off your device or service credits.

Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | Ogg Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Feed | Ogg Feed | iTunes Feeds | Torrent Feed

Support the Show: