Show Notes: podcast.asknoahshow.com/85

The post Does This Make FOSS Better or Worse | Ask Noah Show 85 first appeared on Jupiter Broadcasting.

Frank & Jos of Nextcloud join us to discuss their fork of ownCloud, some of the history behind the fork, the reaction by ownCloud, & what they plan to do differently this time around.

Plus we debate if Valve’s Steam Machines are a bust, a bit more on Oracle vs Google & much more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | OGG Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

Brought to you by: Linux Academy

What is nextcloud?

• OwnCloud foundation announcement:

nextcloud announcement: About – Nextcloud | nextcloud.com

• OwnCloud Has Been Forked By Former Developers, Founder – Phoronix
• Frank Karlitschek_ » Nextcloud
• all mine!: Nextcloud is the future of open source file sync and share
• Lukas: Farewell, ownCloud Inc.
• Nextcloud · GitHub

ownCloud reacts to nextcloud: ownCloud Statement concerning nextcloud

• ​OwnCloud closes US office, blames Nextcloud | ZDNet

nextCloud reacts to ownCloud’s reaction:

Wow. ownCloud Inc. collapses only 12 hours after the Nextcloud announcement. I didn't expect it to be so fragile. Sad day.

— Frank Karlitschek (@fkarlitschek) June 3, 2016

Nextcloud GmbH has enough funding to hire everyone from ownCloud who is looking for a job.

— Frank Karlitschek (@fkarlitschek) June 3, 2016

Contributors to owncloud/core · GitHub

— PICKS —

Runs Linux

This Good old country wedding runs Linux

Desktop App Pick

Turtl: A secure, encrypted Evernote alternative | Turtl

Turtl lets you take notes, bookmark websites, and store documents
for sensitive projects. From sharing passwords with your
coworkers to tracking research on an article you’re writing,
Turtl keeps it all safe from everyone but you and those you
share with.

Spotlight

QLC Plus

QLC+ is a free software to control DMX or analog lighting systems like moving heads, dimmers, scanners etc.

This project is a fork of the great QLC project written by Heikki Junnila that aims to continue the development of QLC and to introduce new features.

The primary goal is to bring QLC+ at the level of other lighting control commercial softwares.

https://www.amazon.com/RioRand-Interface-Adapter-Lighting-Controller/dp/B00V7MQ99G/ref=sr_1_9?ie=UTF8&qid=1465147589&sr=8-9&keywords=USB+DMX

— NEWS —

• https://slexy.org/view/s29Xzr9wZr

Seven months later, Valve’s Steam Machines look dead in the water

_Put it together, and you find that there have been less than half a million Steam Machines sold over a span of more than half a year.

_

Google’s fair use victory is good for open source

Let me first explain the main facts and claims in the lawsuit, and then why Google’s fair use victory is a good thing not only for Google but also for open source developers, for software developers more generally, and for the public.

So why is this a victory for the open source community as well as for Google? The main reason is because open source programs are often designed to interoperate with, either as complements or substitutes for, existing programs.

Hurst is wrong in asserting that Google’s fair use victory means that anyone can freely appropriate whatever they want from open source and other programs.

Mail Bag

• https://slexy.org/view/s2yZF9Wwwl
• https://slexy.org/view/s21Hz2u1PH
• https://slexy.org/view/s20f9jXkOO

Call Box

• Chris’ call out for the community to help him with his background

Catch the show LIVE SUNDAY:

• Noon Pacific
• https://jblive.tv
• Network Calendar

— CHRIS’ STASH —

Chris’s Twitter account has changed, you’ll need to follow!

Chris Fisher (@ChrisLAS) | Twitter

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— NOAH’S STASH —

Noah’s Day Job

Altispeed Technologies

Contact Noah

noah [at] jupiterbroadcasting.com

Find us on Google+

• Chris
• Noah J. Chelliah
• Jupiter Broadcasting’s Page

Find us on Twitter

• Chris – ChrisLAS
• Noah – Kernellinux

Follow us on Facebook

• Jupiter Broadcasting on Facebook
• Noah – Kernellinux

The post Jumping to the Nextcloud | LAS 420 first appeared on Jupiter Broadcasting.

Ballmer calls out Microsoft’s bogus revenue numbers over Azure, & we expand on his point to discuss an overall trend towards “hero CEOs”.

But the majority of our discussion this week is around the open sourcing of Swift, what Apple got really right & what areas still really need improvement.

Plus the real possibility of replacing your laptop with a large tablet, starting your first app the “easy way” vs the “hard way” & more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

MP3 Audio | OGG Audio | Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | Video Feed | Torrent Feed | iTunes Audio | iTunes Video

Become a supporter on Patreon:

• Coder Radio SWAG for the Holidays

Show Notes:

Hoopla:

Ballmer: Microsoft’s cloud revenue numbers are “bullshit”

_Rather than reporting these figures, Microsoft has reported its annualized revenue run rate—a hypothetical value that describes what the company’s revenue ___would___be if the current level of sales were sustained over the full year

• Impact of your show on me

Swift.org – Welcome to Swift.org

We are excited by this new chapter in the story of Swift. After Apple unveiled the Swift programming language, it quickly became one of the fastest growing languages in history. Swift makes it easy to write software that is incredibly fast and safe by design. Now that Swift is open source, you can help make the best general purpose programming language available everywhere.

• Swift open source · Jesse Squires

Not only is Swift on GitHub, but the Swift team will be working completely in the open. Apple did a spectacular job with the release. Not only do we have the source code, but we have the entire commit history for each project, a very detailed view into the Swift team’s development process, and access to the Swift evolution process. Everything you need to know is on Swift.org.

• initial checkin, nothing much to see here. ·

initial checkin, nothing much to see here.

• Package Manager

The Swift Package Manager is a tool for managing the distribution of Swift code.
It’s integrated with the Swift build system
to automate the process of downloading, compiling, and linking dependencies.

TL;DR: Apache 2.0 License + Full Standard and Core Libraries included + Compiler + copyright owned by the contributor (i.e. no assignment or CLA) + good community structure and documentation + code of conduct.

Saying goodbye to Carousel and Mailbox

We’re committed to making the transitions from these products as painless as possible. We’ve posted more information on the Carousel blog and the Mailbox blog, and we’ll be communicating details directly to users of both apps in the coming days. Mailbox will be shut down on February 26th, 2016, and Carousel will be shut down on March 31st, 2016.

• Mailbox Cost Dropbox Around $100 Million

The post-pivot startup cost the storage company “well over” $50 million, according to multiple sources. And we’ve heard that that the price was around $100 million in cash and stock.

Feedback:

• First mobile app done right

The post Open Season on Swift | CR 182 first appeared on Jupiter Broadcasting.

Manufactures claims software integrated with hardware means the end user never truly owns the device, and simply owns a license to use it. Our panel discusses the real world ramifications of this.

Plus MacBook Linux woes, the quick look at the ThinkPad Yoga 3 running Linux, the biggest systemd myth busted & more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed | WebM Torrent Feed

Become a supporter on Patreon:

Show Notes:

Pre-Show:

Novena | Crowd Supply

A new open-hardware computing platform, flexible and powerful, designed for use as a desktop, laptop, or standalone board.

Novena is a 1.2GHz, Freescale quad-core ARM architecture computer closely coupled with a Xilinx FPGA. It’s designed for users who care about Free Software and open source, and/or want to modify and extend their hardware: all the documentation for the PCBs is open and free to download, the entire OS is buildable from source, and it comes with a variety of features that facilitate rapid prototyping.

Catch Up:

• elogind — The systemd project’s “logind”, extracted to a standalone package

Elogind is an attempt to rip logind out of systemd. logind integrates with PAM to expose the org.freedesktop.login1 interface over D-Bus. It also integrates with polkit to let polkit know who is logged in at the console. Gnome-session and gnome-settings-daemon both have logind integration of some kind, using the d-bus interface, and actually the logind support is necessary for basic things to work like backlight control and suspend/resume.
Anyway. I forked the systemd repo and removed most of the non-logind parts.

• andywingo/elogind

• Neil McGovern Elected Debian Project Lead his Platform included adding PPA’s to Debian

The votes have been tallied and Neil McGovern has been elected as the new Debian Project Leader. Neil McGovern was elected on a platform which promotes the implementation of personal package archives (PPAs) which have been popular in the Ubuntu community for years

DigitalOcean

• DigitalOcean: SSD Cloud Server, VPS Server, Simple Cloud Hosting

• Tendering with Ubuntu | Ubuntu Insights

Today we count over 25 million users and the numbers keep growing rapidly. The demand is coming both from enterprise and consumer segments.

• Instant Messaging in Fedora Workstation | Brno’s hat

Because Empathy no longer has any user experience advantages and its development prospects are zero, we’ve been thinking about replacing it with something else. Pretty much the only other GTK+ IM client with support for a wide range of networks is _Pidgin_which used to be the default client before it was replaced by Empathy

LinuxFest Northwest 2015

Bellingham, WA • April 25th & 26th

tl;dr

• Going to LFNW 2015: LFNW 2015 – Jupiter Broadcasting Meetup please register, thaaaank you.

• Want to attend future JB events in Seattle, or your area? Join our group: Jupiter Broadcasting Meetup – Meetup

• Contact | LinuxFest Northwest 2015

• Easy rollback after update (btrfs and grub).

Linux Academy

• Linux Academy | Linux and AWS Online Training

ebay Macbook Auction Support Angerz Running Linux

TING

• Ting – mobile that makes sense

We Can’t Let John Deere Destroy the Very Idea of Ownership | WIRED

• In a particularly spectacular display of corporate delusion, John Deere—the world’s largest agricultural machinery maker —told the Copyright Office that farmers don’t own their tractors. Because computer code snakes through the DNA of modern tractors, farmers receive “an implied license for the life of the vehicle to operate the vehicle.”

It’s John Deere’s tractor, folks. You’re just driving it.

• Several manufacturers recently submitted similar comments to the Copyright Office under an inquiry into the Digital Millennium Copyright Act

• Kerry Adams, hasn’t been able to fix an expensive transplanter because he doesn’t have access to the diagnostic software he needs. He’s not alone: many farmers are opting for older, computer-free equipment.

• Some companies have even leveraged the DMCA to stop owners from modifying the programming on those products.

• What does any of that have to do with copyright? Owners, tinkerers, and homebrew “hackers” must copy programming so they can modify it. Product makers don’t like people messing with their stuff, so some manufacturers place digital locks over software. Breaking the lock, making the copy, and changing something could be construed as a violation of copyright law.

• And that’s how manufacturers turn tinkerers into “pirates”—even if said “pirates” aren’t circulating illegal copies of anything.

• John Deere: The company argues that allowing people to alter the software—even for the purpose of repair—would “make it possible for pirates, third-party developers, and less innovative competitors to free-ride off the creativity, unique expression and ingenuity of vehicle software.”

• The pièce de résistance in John Deere’s argument: permitting owners to root around in a tractor’s programming might lead to pirating music through a vehicle’s entertainment system.

• General Motors told the Copyright Office that proponents of copyright reform mistakenly “conflate ownership of a vehicle with ownership of the underlying computer software in a vehicle.”

• Other automakers pointed out that owners who make unsanctioned modifications could alter their vehicles in bad ways. They could tweak them to go faster. Or change engine parameters to run afoul of emissions regulations.

• GM went so far as to argue locking people out helps innovation.

• This week, Senator Ron Wyden and Representative Jared Polis will introduce the “Breaking Down Barriers to Innovation Act of 2015, which would substantially improve the DMCA process. Lawmakers in Minnesota and New York have introduced “Fair Repair” legislation that assert an owner’s right to repair electronic equipment they’ve purchased. They want equal access to repair information, replacement parts, and security updates.

Runs Linux from the people:

• Send in a pic/video of your runs Linux.
• Please upload videos to YouTube and submit a link via email or the subreddit.

Support Jupiter Broadcasting on Patreon

The post Oh Deere, RMS was Right | LINUX Unplugged 89 first appeared on Jupiter Broadcasting.

Twitch gets hacked, Microsoft rolls back its Windows 10 for pirates pledge, Glass will be sticking around & hacking computers with heat!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Video Feed | Torrent Feed

Become a supporter on Patreon

Show Notes:

Twitch Accounts Were Compromised, All Passwords Reset

Uh oh, game streaming service Twitch has posted a short notice to its blog warning that there “may have been” some unauthorized access to some Twitch user information.

Upgrading to Windows 10 on pirated versions won’t get you a valid license

Unfortunately, the company had scaled back a bit on its plans saying that the free upgrade, though available, won’t actually change the license state of a user’s OS. In plain speak this means that if you were running a pirated copy of Windows, you’ll still be running a pirated copy even after upgrading to Windows 10.

Google Isn’t Giving Up on Glass, Eric Schmidt Says – Digits – WSJ

“It is a big and very fundamental platform for Google,” Schmidt said. “We ended the Explorer program and the press conflated this into us canceling the whole project, which isn’t true. Google is about taking risks and there’s nothing about adjusting Glass that suggests we’re ending it.”

He said Glass, like Google’s self-driving car, is a long-term project. “That’s like saying the self-driving car is a disappointment because it’s not driving me around now,” he said. “These things take time.”

Hack Air-Gapped Computers Using Heat – Slashdot

Ben-Gurion University of the Negev (BGU) researchers have discovered a new method to breach air-gapped computer systems called “BitWhisper,” which enables two-way communications between adjacent, unconnected PC computers using heat. BitWhisper bridges the air-gap between the two computers, approximately 15 inches apart that are infected with malware by using their heat emissions and built-in thermal sensors to communicate. It establishes a covert, bi-directional channel by emitting heat from one PC to the other in a controlled manner.

The post Computers In Heat | Tech Talk Today 148 first appeared on Jupiter Broadcasting.

This time on the show, we’ll be talking to Ian Sutton about his new BSD compatibility wrappers for various systemd dependencies. Don’t worry, systemd is not being ported to BSD! We’re still safe! We’ve also got all the week’s news and answers to your emails, coming up on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

Introducing OPNsense, a pfSense fork

• OPNsense is a new BSD-based firewall project that was recently started, forked from the pfSense codebase
• Even though it’s just been announced, they already have a formal release based on FreeBSD 10 (pfSense’s latest stable release is based on 8.3)
• The core team includes a well-known DragonFlyBSD developer
• You can check out their code on Github now, or download an image and try it out – let us know if you do and what you think about it
• They also have a nice wiki and some instructions on getting started for new users
• We plan on having them on the show next week to learn a bit more about how the project got started and why you might want to use it – stay tuned

Code rot and why I chose OpenBSD

• Here we have a blog post about rotting codebases – a core banking system in this example
• The author tells the story of how his last days spent at the job were mostly removing old, dead code from a giant project
• He goes on to compare it to OpenSSL and the heartbleed disaster, from which LibreSSL was born
• Instead of just bikeshedding like the rest of the internet, OpenBSD “silently started putting the beast into shape” as he puts it
• The article continues on to mention OpenBSD’s code review process, and how it catches any bugs so we don’t have more heartbleeds
• “In OpenBSD you are encouraged to run current and the whole team tries its best to make current as stable as it can. You know why? They eat their own dog food. That’s so simple yet so amazing that it blows my mind. Developers actually run OpenBSD on their machines daily.”
• It’s a very long and detailed story about how the author has gotten more involved with BSD, learned from the mailing lists and even started contributing back – he says “In summary, I’m learning more than ever – computing is fun again”
• Look for the phrase “Getting Started” in the blog post for a nice little gem

ZFS vs HAMMER FS

• One of the topics we’ve seen come up from time to time is how FreeBSD’s ZFS and DragonFly’s HAMMER FS compare to each other
• They both have a lot of features that traditional filesystems lack
• A forum thread was opened for discussion about them both and what they’re typically used for
• It compares resource requirements, ideal hardware and pros/cons of each
• Hopefully someone will do another new comparison when HAMMER 2 is finished
• This is not to be confused with the other “hammer” filesystem

Portable OpenNTPD revived

• With ISC’s NTPd having so many security vulnerabilities recently, people need an alternative NTP daemon
• OpenBSD has developed OpenNTPD since 2004, but the portable version for other operating systems hasn’t been actively maintained in a few years
• The older version still works fine, and is in FreeBSD ports and NetBSD pkgsrc, but it would be nice to have some of the newer features and fixes from the native version
• Brent Cook, who we’ve had on the show before to talk about LibreSSL, decided it was time to fix this
• While looking through the code, he also found some fixes for the native version as well
• You can grab it from Github now, or just wait for the updated release to hit the repos of your OS of choice

Interview – Ian Sutton – ian@kremlin.cc

BSD replacements for systemd dependencies

News Roundup

pkgng adds OS X support

• FreeBSD’s next-gen package manager has just added support for Mac OS X
• Why would you want that? Well.. we don’t really know, but it’s cool
• The author of the patch may have some insight about what his goal is though
• This could open up the door for a cross-platform pkgng solution, similar to NetBSD’s pkgsrc
• There’s also the possibility of pkgng being used as a packaging format for MacPorts in the future
• While we’re on the topic of pkgng, you can also watch bapt‘s latest presentation about it from ruBSD 2014 – “four years of pkg“

Secure secure shell

• Almost everyone watching BSD Now probably uses OpenSSH and has set up a server at one point or another
• This guide provides a list of best practices beyond the typical “disable root login and use keys” advice you’ll often hear
• It specifically goes in-depth with server and client configuration with the best key types, KEX methods and encryption ciphers to use
• There are also good explanations for all the choices, based both on history and probability
• Minimal backwards compatibility is kept, but most of the old and insecure stuff gets disabled
• We’ve also got a handy chart to show which SSH implementations support which ciphers, in case you need to support Windows users or people who use weird clients

Dissecting OpenBSD’s divert(4)

• PF has a cool feature that not a lot of people seem to know about: divert
• It lets you send packets to userspace, allowing you to inspect them a lot easier
• This blog post, the first in a series, details all the cool things you can do with divert and how to use it
• A very common example is with intrusion detection systems like Snort

Screen recording on FreeBSD

• This is a neat article about a topic we don’t cover very often: making video content on BSD
• In the post, you’ll learn how to make screencasts with FreeBSD, using kdenlive and ffmpeg
• There are also notes about getting a USB microphone working, so you can do commentary on whatever you’re showing
• It also includes lots of details and helpful screenshots throughout the process
• You should make cool screencasts and send them to us

Feedback/Questions

• Camio writes in
• ezpzy writes in
• Emett writes in
• Ben writes in
• Laszlo writes in

Mailing List Gold

• Protocol X97
• My thoughts echoed
• Vulnerability sample

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv – we’ve highlighted some pretty cool BSD blog posts recently, but you need to tell us if you write one!
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)

The post System Disaster | BSD Now 71 first appeared on Jupiter Broadcasting.

This week in the big show, we’ll be interviewing Benedict Reuschling of the FreeBSD documentation team, and he has a special surprise in store for Allan.

As always, answers to your questions and all the latest news, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

FreeBSD moves to Bugzilla

• Historically, FreeBSD has used the old GNATS system for keeping track of bug reports
• After years and years of wanting to switch, they’ve finally moved away from GNATS to Bugzilla
• It offers a lot of advantages, is much more modern and actively maintained and
• There’s a new workflow chart for developers to illustrate the new way of doing things
• The old “send-pr” command will still work for the time being, but will eventually be phased out in favor of native Bugzilla reporting tools (of which there are multiple in ports)
• This will hopefully make reporting bugs a lot less painful

DIY NAS: EconoNAS 2014

• We previously covered this blog last year, but the 2014 edition is up
• More of a hardware-focused article, the author details the parts he’s using for a budget NAS
• Details the motherboard, RAM, CPU, hard drives, case, etc
• With a set goal of $500 max, he goes just over it – $550 for all the parts
• Lots of nice pictures of the hardware and step by step instructions for assembly, as well as software configuration instructions

DragonflyBSD 3.8 released

• Justin announced the availability of DragonflyBSD 3.8.0
• Binaries in /bin and /sbin are dynamic now, enabling the use of PAM and NSS to manage user accounts
• It includes a new HAMMER FS backup script and lots of FreeBSD tools have been synced with their latest versions
• Work continues on for the Intel graphics drivers, but it’s currently limited to the HD4000 and Ivy Bridge series
• See the release page for more info and check the link for source-based upgrade instructions

OpenZFS European conference 2014

• There was an OpenZFS conference held in Europe recently, and now the videos are online for your viewing pleasure
• Matt Ahrens, Introduction
• Michael Alexander, FhGFS performance on ZFS
• Andriy Gapon, Testing ZFS on FreeBSD
• Luke Marsden, HybridCluster: ZFS in the cloud
• Vadim Comănescu, Syneto: continuously delivering a ZFS-based OS
• Chris George, DDRdrive ZIL accelerator: random write revelation
• Grenville Whelan, High-Availability
• Phil Harman, Harman Holistic
• Mark Rees, Storiant and OpenZFS
• Andrew Holway, EraStor ZFS appliances
• Dan Vâtca, Syneto and OpenZFS
• Luke Marsden, HybridCluster and OpenZFS
• Matt Ahrens, Delphix and OpenZFS
• Check the link for slides and other goodies

Interview – Benedict Reuschling – bcr@freebsd.org

BSD documentation, getting commit access, unix education, various topics

News Roundup

Getting to know your portmgr, Steve Wills

• “It is my pleasure to introduce Steve Wills, the newest member of the portmgr team”
• swills is an all-round good guy, does a lot for ports (especially the ruby ports)
• In this interview, we learn why he uses FreeBSD, the most embarrassing moment in his FreeBSD career and much more
• He used to work for Red Hat, wow

BSDTalk episode 242

• This time on BSDTalk, Will interviews Chris Buechler from pfSense
• Topics include: the heartbleed vulnerability and how it affected pfSense, how people usually leave their firewalls unpatched for a long time (or even forget about them!), changes between major versions, the upgrade process, upcoming features in their 10-based version, backporting drivers and security fixes
• They also touch on recent concerns in the pfSense community about their license change, that they may be “going commercial” and closing the source – so tune in to find out what their future plans are for all of that

Turn old PC hardware into a killer home server

• Lots of us have old hardware lying around doing nothing but collecting dust
• Why not turn that old box into a modern file server with FreeNAS and ZFS?
• This article goes through the process of setting up a NAS, gives a little history behind the project and highlights some of the different protocols FreeNAS can use (NFS, SMB, AFS, etc)
• Most of our users are already familiar with all of this stuff, nothing too advanced
• Good to see BSD getting some well-deserved attention on a big mainstream site

Unbloating the VAX install CD

• After a discussion on the VAX mailing list, something very important came to the attention of the developers…
• You can’t boot NetBSD on a VAX box with 16MB of RAM from the CD image
• This blog post goes through the developer’s adventure in trying to fix that through emulation and stripping various things out of the kernel to make it smaller
• In the end, he got it booting – and now all three VAX users who want to run NetBSD can do so on their systems with 16MB of RAM…

Feedback/Questions

• Thomas writes in
• Reynold writes in
• Bostjan writes in
• Paul writes in
• John writes in

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• If you want to come on for an interview or have a tutorial you’d like to see, let us know
• The DNSCrypt tutorial has been updated to reflect the newest version
• There were some more serious OpenSSL security problems, make sure your systems get patched as soon as possible
• Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post Commit This Bit | BSD Now 41 first appeared on Jupiter Broadcasting.

The TrueCrypt project has shut down, and we’ll run down what we think is the most likely answer to this sudden mystery is.

Plus the good news for openSSL, the top 10 Windows configuration mistakes, and big batch of your questions, our answers, and much much more!

Thanks to:

— Show Notes: —

TrueCrypt shuts down unexpectedly

• TrueCrypt is a cross-platform image or whole disk encryption system
• The website for TrueCrypt changed yesterday, stating that “it may contain unfixed security issues”
• The page states now that Windows XP is EOL and all supported versions of Windows support ‘BitLocker’ disk encryption, TrueCrypt is no longer necessary
• The website provides information about transitioning data from TrueCrypt to the OS disk encryption system for various different OSs
• The website has been updated with version 7.2 of TrueCrypt, which only allows the user to decrypt their files, not encrypt any new files
• This was originally thought to be a hack of the site, or a hoax
• The new binary is signed with the correct key, the same as previous versions of TrueCrypt, suggesting that this post is legitimate
• While the code is available, the license is restrictive
• The developers of TrueCrypt are anonymous
• GIST tracking various bits of information and speculating about possible causes
• ThreatPost coverage
• One of the suspicious things about the announcement is the recommendation to use BitLocker, the authors of TrueCrypt had previously expressed concerns about how BitLocker stores the secret keys in the TPM (Trusted Platform Module), which may also allow the NSA to access the secret key
• There is some speculation that this could be a ‘warrant canary’, the authors’ way to telling the public that they were forced to do something to TrueCrypt, or divulge something about TrueCrypt
• However, it is more likely that the developers just no longer have an interest in maintaining TrueCrypt
• The last major version release was 3 years ago, and the most recent release before the announcement was over a year ago. An actively developed project would likely have had at least some maintenance releases in that time
• The code for TrueCrypt was being audited after a crowdfunding effort. The first phase of the audit found no obvious backdoors, but the actual cryptography had not been analyzed yet.
• Additional Coverage – Krebs On Security

Core Infrastructure Initiative provides OpenSSL with 2 full time developers and funds a security audit

• The CII has announced its Advisory board and the list of projects it is going to support
• Advisory Board members include:
• longtime Linux kernel developer and open source advocate Alan Cox
• Matt Green of Open Crypto Audit Project
• Dan Meredith of the Radio Free Asia’s Open Technology Fund
• Eben Moglen of Software Freedom Law Center
• Bruce Schneier of the Berkman Center for Internet & Society at Harvard Law School
• Eric Sears of the MacArthur Foundation
• Ted T’so of Google and the Linux kernel community
• Projects identified as core infrastructure:
• Network Time Protocol
• OpenSSH
• OpenSSL
• Open Crypto Audit Project to conduct security audit of OpenSSL
• The security audit will be difficult due to the lack of a consistent style in the code and the maze of ifdef and ifndef segments
• the OCAP (Open Crypto Audit Project) team, which includes Johns Hopkins professor and cryptographer Matthew Green and Kenn White, will now have the money to fund an audit of OpenSSL
• OCAP was originally created by a crowdfunded project to audit TrueCrypt

The top 10 windows server security misconfigurations

• NCCGroup does what it calls ‘Build Surveys’, where they check production environments to ensure they are configured properly
• The following is the result of an analysis of their last 50 such surveys:
  • Missing Microsoft Patches: 82%
  • Insufficient Auditing: 50%
  • Third-Party Software Updates: 48%
  • Weak Password Policy: 38%
  • UAC Disabled for Administrator Account: 34%
  • Disabled Host-Based Firewall: 34%
  • Clear Text Passwords and Other Sensitive Information: 24%
  • Account Lockout Disabled: 20%
  • Out-of-Date Virus Definitions: 18%
  • No Antivirus Installed: 12%
• Conclusions: Everyone makes the same mistakes, over and over
• Most of these problems are trivial to fix
• Part of the problem is this culture of ‘patch averseness’, partly this is the fault of software vendors often issuing patches that break more things than they fix, but in general Microsoft has actually done a good job of ensuring their patches apply smoothly and do not break things
• Part of this is the fact that they only issue updates once a month, and only once they have been tested
• In the study, most of the machines that were missing patches, were missing patches that were more than a year old, so it isn’t just conservatism, but just a complete lack of proper patch management

Feedback:

• FreeBSD Developers Summit

• BSDCan 2014 videos

• Replacing failed disk in Freenas

• Am I too old?

• Bacula Retention and Storage Guidance

• VLAN Tag You\’re It

• Virtualisation as a Work LAN Solution

• devops is specialization

• DevOps – Wikipedia, the free encyclopedia

• Can you please talk about load balancing?

• Update on me not getting a job.

Round-Up:

• DISH Teams Up with Coinbase to Become Largest Company to Accept Bitcoin
• Post Mortem at Joyent — Opps, I accidently rebooted every server in the data center at once
• Official Google Blog: Getting to work on diversity at Google
• PeakScale’s list of PostMortems from all around the web
• YouTube starts rating U.S. ISPs, puts its weight behind settlement-free peering
• Why you don’t want to use AES-XTS encryption for anything except FDE
• Apple Forgets to Renew SSL Certificate, Breaking OS X Software Update [Fixed]
• Security concerns about HTTP/2.0 — rushing to finish and cutting corners
• Separate from the recent eBay hack, an XSS vulnerability that has not been fixed
• Last night on IRC to topic changes to VGA, and Peter Wemm dug out his old dual cpu Pentium 90mhz running FreeBSD
• Windows XP hack to get updates — Not a great idea

The post Tales from the TrueCrypt | TechSNAP 164 first appeared on Jupiter Broadcasting.

This week we\’ll be talking to Richard Stallman about the upcoming GPLv4 and how it will protect our software from being stolen. After that, we\’ll show you how to recover from those pesky ZFS on Linux corruption issues, as well as some tips on how to explain to your boss that all the production boxes were compromised. Your questions and all the latest GNUs, on Linux Now – the place to Lin.. ux.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

Preorders for cool BSD stuff

• The 2nd edition of The Design and Implementation of the FreeBSD Operating System is up for preorder
• We talked to GNN briefly about it, but he and Kirk have apparently finally finished the book
• \”For many years, The Design and Implementation of the FreeBSD Operating System has been recognized as the most complete, up-to-date, and authoritative technical guide to FreeBSD\’s internal structure. Now, this definitive guide has been extensively updated to reflect all major FreeBSD improvements between Versions 5 and Versions 11\”
• OpenBSD 5.5 preorders are also up, so you can buy a CD set now
• You can help support the project, and even get the -release of the OS before it\’s available publicly
• 5.5 is a huge release with lots of big changes, so now is the right time to purchase one of these – tell Austin we sent you!

pkgsrcCon 2014 CFP

• This year\’s pkgsrcCon is in London, on June 21st and 22nd
• There\’s a Call For Papers out now, so you can submit your talks
• Anything related to pkgsrc is fine, it\’s pretty informal
• Does anyone in the audience know if the talks will be recorded? This con is relatively unknown

BSDMag issue for March 2014

• The monthly BSD magazine releases its newest issue
• Topics this time include: deploying NetBSD using AWS EC2, creating a multi-purpose file server with NetBSD, DragonflyBSD as a backup server, more GIMP lessons, network analysis with wireshark and a general security article
• The Linux article trend seems to continue… hmm

Non-ECC RAM in FreeNAS

• We\’ve gotten a few questions about ECC RAM with ZFS
• Here we\’ve got a surprising blog post about why someone did not go with ECC RAM for his NAS build
• The article mentions the benefits of ECC and admits it is a better choice in nearly all instances, but unfortunately it\’s not very widespread in consumer hardware motherboards and it\’s more expensive
• Regular RAM also has \”special\” issues with ZFS and pool corruption
• Long post, so check out the whole thing if you\’ve been considering your memory options and weighing the benefits
• While we\’re on the topic of FreeNAS…

This episode was brought to you by

Interview – Pierre Pronchery – khorben@edgebsd.org / @khorben

EdgeBSD (slides)

Tutorial

Building an OpenBSD desktop

News Roundup

Getting to know your portmgr-lurkers

• This week we get to hear from Frederic Culot, colut@
• Originally an OpenBSD user from France, Frederic joined as a ports committer in 2010 and recently joined the portmgr lurkers team
• \”FreeBSD is also one of my sources of inspiration when it comes to how
  organizations behave and innovate, and I find it very interesting to compare FreeBSD with
  the for-profit companies I work for\”
• We get to find out a little bit about him, why he loves FreeBSD and what he does for the project

NetBSD on the Playstation 2

• Who doesn\’t want to run NetBSD on their old PS2?
• The PS2 port of NetBSD was sadly removed in 2009, but it has been revived
• It\’s using a slightly unusual MIPS CPU that didn\’t have much GCC support
• Hopefully a bootable kernel will be available soon

The FreeBSD Challenge update

• Our friend from the Linux Foundation continues his FreeBSD switching journey
• This time he starts off by discovering virtual machines suck at keeping accurate time, and some ports weren\’t working because of his clock being way off
• After polling the IRC for help, he finally learns the difference between ntpdate and ntpd and both of their use cases
• Maybe he should\’ve just read our NTP tutorial!

PCBSD weekly digest

• The mount tray icon got lots of updates and fixes
• The faulty distribution server has finally been tracked down and… destroyed
• New language localization project is in progress
• Many many updates to ports and PBIs, new -STABLE builds

Feedback/Questions

• Antonio writes in
• Patrick writes in
• Chris writes in
• Ron writes in
• Tyler writes in

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• If you\’ve got something cool to talk about and want to come on for an interview, shoot us an email
• Also if you have any tutorial requests, we\’d be glad to show whatever the viewers want to see
• Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post Edgy BSD Users | BSD Now 31 first appeared on Jupiter Broadcasting.

On today\’s show we have an interview with Joe Marcus Clark, one of the original portmgr members in FreeBSD, and one of the key GNOME porters. Keeping along with that topic, we have a FreeBSD ports tutorial for you as well. The latest news and answers to your BSD questions, right here on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

Tailoring OpenBSD for an old, strange computer

• The author of this article had an OmniBook 800CT, which comes with a pop-out mouse, black and white display, 32MB of RAM and a 133MHz CPU
• Obviously he had to install some kind of BSD on it!
• This post goes through all his efforts of trimming down OpenBSD to work on such a limited device
• He goes through the trial and error of \”compile, break it, rebuild, try again\”
• After cutting a lot out from the kernel, saving a precious megabyte here and there, he eventually gets it working

pkgsrcCon and BSDCan

• pkgsrccon is \”a technical conference for people working on the NetBSD Packages Collection, focusing on existing technologies, research projects, and works-in-progress in pkgsrc infrastructure\”
• This year it will be on June 21st and 22nd
• The schedule is still being worked out, so if you want to give a talk, submit it
• BSDCan\’s schedule was also announced
• We\’ll be having presentations about ARM on NetBSD and FreeBSD, PF on OpenBSD, Capsicum and casperd, ASLR in FreeBSD, more about migrating from Linux to BSD, FreeNAS stuff and much more
• Kris\’ presentation was accepted!
• Tons of topics, look forward to the recorded versions of all of them hopefully!

Two factor auth with pushover

• A new write-up from our friend Ted Unangst
• Pushover is \”a web hook to smartphone push notification gateway\” – you sent a POST to a web server and it sends a code to your phone
• His post goes through the steps of editing your login.conf and setting it all up to work
• Now you can get a two factor authenticated login for ssh!

The status of GNOME 3 on BSD

• It\’s no secret that the GNOME team is a Linux-obsessed bunch, almost to the point of being hostile towards other operating systems
• OpenBSD keeps their GNOME 3 ports up to date very well, and Antoine Jacoutot writes about his work on that and how easy it is to use
• This post goes through the process of how simple it is to get GNOME 3 set up on OpenBSD and even includes a screencast
• A few recent posts from some GNOME developers show that they\’re finally working with the BSD guys to improve portability
• The FreeBSD and OpenBSD teams are working together to bring the latest GNOME to all of us – it\’s a beautiful thing
• This goes right along with our interview today!

This episode was brought to you by

Interview – Joe Marcus Clark – marcus@freebsd.org

The life and daily activities of portmgr, GNOME 3, Tinderbox, portlint, various topics

Tutorial

The FreeBSD Ports Collection

News Roundup

DragonflyBSD 3.8 goals and 3.6.1 release

• The Dragonfly team is thinking about what should be in version 3.8
• On their bug tracker, it lists some of the things they\’d like to get done before then
• In the meantime, 3.6.1 was released with lots of bugfixes

NYCBSDCon 2014 wrap-up piece

• We\’ve got a nice wrap-up titled \”NYCBSDCon 2014 Heats Up a Cold Winter Weekend\”
• The author also interviews GNN about the conference
• There\’s even a little \”beginner introduction\” to BSD segment
• Includes a mention of the recently-launched journal and lots of pictures from the event

FreeBSD and Linux, a comparative analysis

• GNN in yet another story – he gave a presentation at the NYLUG about the differences between FreeBSD and Linux
• He mentions the history of BSD, the patch set and 386BSD, the lawsuit, philosophy and license differences, a complete system vs \”distros,\” development models, BSD-only features and technologies, how to become a committer, overall comparisons, different hats and roles, the different bsds and their goals and actual code differences
• Serves as a good introduction you can show your Linux friends

PCBSD CFT and weekly digest

• Upgrade tools have gotten a major rewrite
• You have to help test it, there is no choice! Read more here
• How dare Kris be \”unimpressed with\” freebsd-update and pkgng!?
• Various updates and fixes

Feedback/Questions

• Jeffrey writes in: https://slexy.org/view/s213KxUdVj
• Shane writes in: https://slexy.org/view/s20lwkjLVK
• Ferdinand writes in: https://slexy.org/view/s21DqJs77g
• Curtis writes in: https://slexy.org/view/s20eXKEqJc
• Clint writes in: https://slexy.org/view/s21XMVFuVu
• Peter writes in: https://slexy.org/view/s20Xk05MHe

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• Our email backlog is totally caught up now, so email us all your questions!
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)

The post Port Authority | BSD Now 26 first appeared on Jupiter Broadcasting.

We\’ll be talking with Ted Unangst of the OpenBSD team about their new signing infrastructure. After that, we\’ve got a tutorial on how to run your own NTP server. News, your feedback and even… the winner of our tutorial contest! It\’s a big show, so stay tuned to BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

FreeBSD foundation\’s 2013 fundraising results

• The FreeBSD foundation finally counted all the money they made in 2013
• $768,562 from 1659 donors
• Nice little blog post from the team with a giant beastie picture
• \”We have already started our 2014 fundraising efforts. As of the end of January we are just under $40,000. Our goal is to raise $1,000,000. We are currently finalizing our 2014 budget. We plan to publish both our 2013 financial report and our 2014 budget soon.\”
• A special thanks to all the BSD Now listeners that contributed, the foundation was really glad that we sent some people their way (and they mentioned us on Facebook)

OpenSSH 6.5 released

• We mentioned the CFT last week, and it\’s finally here!
• New key exchange using elliptic-curve Diffie Hellman in Daniel Bernstein\’s Curve25519 (now the default when both clients support it)
• Ed25519 public keys are now available for host keys and user keys, considered more secure than DSA and ECDSA
• Funny side effect: if you ONLY enable ed25519 host keys, all the compromised Linux boxes can\’t even attempt to login
• New bcrypt private key type, 500,000,000 times harder to brute force
• Chacha20-poly1305 transport cipher that builds an encrypted and authenticated stream in one
• Portable version already in FreeBSD -CURRENT, and ports
• Lots more bugfixes and features, see the full release note or our interview with Damien
• Work has already started on 6.6, which can be used without OpenSSL!

Crazed Ferrets in a Berkeley Shower

• In 2000, MWL wrote an essay for linux.com about why he uses the BSD license: \”It’s actually stood up fairly well to the test of time, but it’s fourteen years old now.\”
• This is basically an updated version about why he uses the BSD license, in response to recent idiocy from Richard Stallman
• Very nice post that gives some history about Berkeley, the basics of the BSD-style licenses and their contrast to the GNU GPL
• Check out the full post if you\’re one of those people that gets into license arguments
• The takeaway is \”BSD is about making the world a better place. For everyone.\”

OpenBSD on BeagleBone Black

• Beaglebone Blacks are cheap little ARM devices similar to a Raspberry Pi
• A blog post about installing OpenBSD on a BBB from.. our guest for today!
• He describes it as \”everything I wish I knew before installing the newly renamed armv7 port on a BeagleBone Black\”
• It goes through the whole process, details different storage options and some workarounds
• Could be a really fun weekend project if you\’re interested in small or embedded devices

This episode was brought to you by

Interview – Ted Unangst – tedu@openbsd.org / @tedunangst

OpenBSD\’s signify infrastructure

Tutorial

Running an NTP server

News Roundup

Getting started with FreeBSD

• A new video and blog series about starting out with FreeBSD
• The author has been a fan since the 90s and has installed it on every server he\’s worked with
• He mentioned some of the advantages of BSD over Linux and how to approach explaining them to new users
• The first video is the installation, then he goes on to packages and other topics – 4 videos so far

More OpenBSD hackathon reports

• As a followup to last week, this time Kenneth Westerback writes about his NZ hackathon experience
• He arrived with two goals: disklabel fixes for drives with 4k sectors and some dhclient work
• This summary goes into detail about all the stuff he got done there

X11 in a jail

• We\’ve gotten at least one feedback email about running X in a jail Well.. with this commit, looks like now you can!
• A new tunable option will let jails access /dev/kmem and similar device nodes
• Along with a change to DRM, this allows full X11 in a jail
• Be sure to check out our jail tutorial and jailed VNC tutorial for ideas
• Ongoing Discussion

PCBSD weekly digest

• 10.0 \”Joule Edition\” finally released!
• AMD graphics are now officially supported
• GNOME3, MATE and Cinnamon desktops are available
• PCBSD also got a mention in eweek

Feedback/Questions

• Justin writes in: https://slexy.org/view/s21VnbKZsH
• Daniel writes in: https://slexy.org/view/s2nD7RF6bo
• Martin writes in: https://slexy.org/view/s2jwRrj7UV
• Alex writes in: https://slexy.org/view/s201koMD2c
  + unofficial FreeBSD RPI Images
• James writes in: https://slexy.org/view/s2AntZmtRU
• John writes in: https://slexy.org/view/s20bGjMsIQ

• All the tutorials are posted in their entirety at bsdnow.tv
• The ssh tutorial has been updated with some new 6.5 stuff
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)
• Reminder: if you\’re on FreeBSD 8.3 for some reason, upgrade soon – it\’s reaching EOL
• Reminder: if you\’re using pkgng, be sure to update to 1.2.6 for a security issue
• The winner of the tutorial contest is… Dusko! We didn\’t get as many submissions as we wanted, but his Nagios monitoring tutorial was extremely well-done. It\’ll be featured in a future episode. Congrats! Send us a picture when it arrives.
• Allan got his pillow in the mail as well, it\’s super awesome

The post Time Signatures | BSD Now 23 first appeared on Jupiter Broadcasting.

Some have called JavaScript the “Assembly Language for the Web”. Is this an insane argument, or is there some truth that we should acknowledge?

Plus we lay down the first blocks in our new open source Jupiter Broadcasting community app.

Then Michael shares a great tool for beginners or longtimers looking to refresh their skills.

And we’ve got a big patch of your feedback, and much more!

Direct Download:

MP3 Audio | OGG Audio | Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | Video Feed | Torrent Feed | iTunes Audio | iTunes Video

Show Notes:

Feedback

• JB project licensing clarification
• A number of junior devs would like to know about getting involved in open-source.
• A lot of you would like more resources geared toward beginners.
• Scot asks if we could/should use Google Drive to host a community project?
• John reminds us of ‘dark matter developers’
• About that community project…
• About those code snippets…
  
  Grab the Firefox Afiliate Extension for Jupiter Broadcasting

The Argument

• The argument pt 1
• The argument pt 2
• The argument pt 3

But wait! What is JavaScript anyway?

• Papa ECMA
• Isn’t JavaScript related to Java
• Classical vs Prototype inheritance

So how did things ever get so bad?

• Opinion: it has a lot to do with object oriented issue
• And of course browsers…. especially IE.
• Book recommendation: JavaScript The Good Parts
  [asa]0596517742[/asa]

Support Jupiter Broadcasting, and keep ads to a minium

JB Project Announcement

• Mike’s Github
• New to Git or Github?
• PhoneGap
• How you can help.

Tool of the week

• Code School Aflitate Link
  The affiliate program is setup!

Mentioned:

• Email is:
• Live Monday 9am PDT
• Music by: Ronald Jenkees
• Mike on Twitter
• Mike on Google Plus
• Mike’s website
• Chris on twitter

The post JavaScript != Assembly | CR 03 first appeared on Jupiter Broadcasting.