nmap – Jupiter Broadcasting

Midlife is tough: the idealism of youth has faded, as has inevitably some of its fitness and vigor. At the same time, the responsibilities of adulthood have grown. Making things more challenging, while you are navigating the turbulence of teenagers, your own parents are likely entering life’s twilight, needing help in new ways from their adult children. By midlife, in addition to the singular joys of life, you have also likely experienced its terrible sorrows: death, heartbreak, betrayal. Taken together, the fading of youth, the growth in responsibility and the endurance of misfortune can lead to cynicism or (worse) drastic and poorly thought-out choices. Add in a little fear of mortality and some existential dread, and you have the stuff of which midlife crises are made…
I raise this not because of my own adventures at midlife, but because it is clear to me that open source — now several decades old and fully adult — is going through its own midlife crisis. This has long been in the making: for years, I (and others) have been critical of service providers’ parasitic relationship with open source, as cloud service providers turn open source software into a service offering without giving back to the communities upon which they implicitly depend. At the same time, open source has been (rightfully) entirely unsympathetic to the proprietary software models that have been burned to the ground — but also seemingly oblivious as to the larger economic waves that have buoyed them.
So it seemed like only a matter of time before the companies built around open source software would have to confront their own crisis of confidence: open source business models are really tough, selling software-as-a-service is one of the most natural of them, the cloud service providers are really good at it — and their commercial appetites seem boundless. And, like a new cherry red two-seater sports car next to a minivan in a suburban driveway, some open source companies are dealing with this crisis exceptionally poorly: they are trying to restrict the way that their open source software can be used. These companies want it both ways: they want the advantages of open source — the community, the positivity, the energy, the adoption, the downloads — but they also want to enjoy the fruits of proprietary software companies in software lock-in and its monopolistic rents. If this were entirely transparent (that is, if some bits were merely being made explicitly proprietary), it would be fine: we could accept these companies as essentially proprietary software companies, albeit with an open source loss-leader. But instead, these companies are trying to license their way into this self-contradictory world: continuing to claim to be entirely open source, but perverting the license under which portions of that source are available. Most gallingly, they are doing this by hijacking open source nomenclature. Of these, the laughably named commons clause is the worst offender (it is plainly designed to be confused with the purely virtuous creative commons), but others (including CockroachDB’s Community License, MongoDB’s Server Side Public License, and Confluent’s Community License) are little better. And in particular, as it apparently needs to be said: no, “community” is not the opposite of “open source” — please stop sullying its good name by attaching it to licenses that are deliberately not open source! But even if they were more aptly named (e.g. “the restricted clause” or “the controlled use license” or — perhaps most honest of all — “the please-don’t-put-me-out-of-business-during-the-next-reInvent-keynote clause”), these licenses suffer from a serious problem: they are almost certainly asserting rights that the copyright holder doesn’t in fact have.
If I sell you a book that I wrote, I can restrict your right to read it aloud for an audience, or sell a translation, or write a sequel; these restrictions are rights afforded the copyright holder. I cannot, however, tell you that you can’t put the book on the same bookshelf as that of my rival, or that you can’t read the book while flying a particular airline I dislike, or that you aren’t allowed to read the book and also work for a company that competes with mine. (Lest you think that last example absurd, that’s almost verbatim the language in the new Confluent Community (sic) License.) I personally think that none of these licenses would withstand a court challenge, but I also don’t think it will come to that: because the vendors behind these licenses will surely fear that they wouldn’t survive litigation, they will deliberately avoid inviting such challenges. In some ways, this netherworld is even worse, as the license becomes a vessel for unverifiable fear of arbitrary liability.
let me put this to you as directly as possible: cloud services providers are emphatically not going to license your proprietary software. I mean, you knew that, right? The whole premise with your proprietary license is that you are finding that there is no way to compete with the operational dominance of the cloud services providers; did you really believe that those same dominant cloud services providers can’t simply reimplement your LDAP integration or whatever? The cloud services providers are currently reproprietarizing all of computing — they are making their own CPUs for crying out loud! — reimplementing the bits of your software that they need in the name of the service that their customers want (and will pay for!) won’t even move the needle in terms of their effort.
Worse than all of this (and the reason why this madness needs to stop): licenses that are vague with respect to permitted use are corporate toxin. Any company that has been through an acquisition can speak of the peril of the due diligence license audit: the acquiring entity is almost always deep pocketed and (not unrelatedly) risk averse; the last thing that any company wants is for a deal to go sideways because of concern over unbounded liability to some third-party knuckle-head. So companies that engage in license tomfoolery are doing worse than merely not solving their own problem: they are potentially poisoning the wellspring of their own community.
in the end, open source will survive its midlife questioning just as people in midlife get through theirs: by returning to its core values and by finding rejuvenation in its communities. Indeed, we can all find solace in the fact that while life is finite, our values and our communities survive us — and that our engagement with them is our most important legacy.

See the article for the rest

###Donald Knuth – The Yoda of Silicon Valley

For half a century, the Stanford computer scientist Donald Knuth, who bears a slight resemblance to Yoda — albeit standing 6-foot-4 and wearing glasses — has reigned as the spirit-guide of the algorithmic realm.
He is the author of “The Art of Computer Programming,” a continuing four-volume opus that is his life’s work. The first volume debuted in 1968, and the collected volumes (sold as a boxed set for about $250) were included by American Scientist in 2013 on its list of books that shaped the last century of science — alongside a special edition of “The Autobiography of Charles Darwin,” Tom Wolfe’s “The Right Stuff,” Rachel Carson’s “Silent Spring” and monographs by Albert Einstein, John von Neumann and Richard Feynman.
With more than one million copies in print, “The Art of Computer Programming” is the Bible of its field. “Like an actual bible, it is long and comprehensive; no other book is as comprehensive,” said Peter Norvig, a director of research at Google. After 652 pages, volume one closes with a blurb on the back cover from Bill Gates: “You should definitely send me a résumé if you can read the whole thing.”
The volume opens with an excerpt from “McCall’s Cookbook”:

Here is your book, the one your thousands of letters have asked us to publish. It has taken us years to do, checking and rechecking countless recipes to bring you only the best, only the interesting, only the perfect.

Inside are algorithms, the recipes that feed the digital age — although, as Dr. Knuth likes to point out, algorithms can also be found on Babylonian tablets from 3,800 years ago. He is an esteemed algorithmist; his name is attached to some of the field’s most important specimens, such as the Knuth-Morris-Pratt string-searching algorithm. Devised in 1970, it finds all occurrences of a given word or pattern of letters in a text — for instance, when you hit Command+F to search for a keyword in a document.
Now 80, Dr. Knuth usually dresses like the youthful geek he was when he embarked on this odyssey: long-sleeved T-shirt under a short-sleeved T-shirt, with jeans, at least at this time of year. In those early days, he worked close to the machine, writing “in the raw,” tinkering with the zeros and ones.

See the article for the rest

##News Roundup
###Let’s Encrypt: Certbot For OpenBSD’s httpd

Intro

Let’s Encrypt is “a free, automated, and open Certificate Authority”.
Certbot is “an easy-to-use automatic client that fetches and deploys SSL/TLS certificates for your web server”, well known as “the official Let’s Encrypt client”.
I remember well how excited I felt when I read Let’s Encrypt’s “Our First Certificate Is Now Live” in 2015.
How wonderful the goal of them is; it’s to “give people the digital certificates they need in order to enable HTTPS (SSL/TLS) for websites, for free” “to create a more secure and privacy-respecting Web”!
Since this year, they have begun to support even ACME v2 and Wildcard Certificate!
Well, in OpenBSD as well as other operating systems, it’s easy and comfortable to have their big help

Environment
OS: OpenBSD 6.4 amd64
Web Server: OpenBSD’s httpd
Certification: Let’s Encrypt with Certbot 0.27
Reference: OpenBSD’s httpd

###FreeBSD 12 released: Here is how to upgrade FreeBSD 11 to 12

The FreeBSD project announces the availability of FreeBSD 12.0-RELEASE. It is the first release of the stable/12 branch. The new version comes with updated software and features for a wild variety of architectures. The latest release provides performance improvements and better support for FreeBSD jails and more. One can benefit greatly using an upgraded version of FreeBSD.

FreeBSD 12.0 supports amd64, i386, powerpc, powerpc64, powerpcspe, sparc64, armv6, armv7, and aarch64 architectures. One can run it on a standalone server or desktop system. Another option is to run it on Raspberry PI computer. FreeBSD 12 also runs on popular cloud service providers such as AWS EC2/Lightsail or Google compute VM.

New features and highlights:
OpenSSL version 1.1.1a (LTS)
OpenSSH server 7.8p1
Unbound server 1.8.1
Clang and co 6.0.1
The FreeBSD installer supports EFI+GELI as an installation option
VIMAGE FreeBSD kernel configuration option has been enabled by default. VIMAGE was the main reason I custom compiled FreeBSD for the last few years. No more custom compile for me.
Graphics drivers for modern ATI/AMD and Intel graphics cards are now available in the FreeBSD ports collection
ZFS has been updated to include new sysctl(s), vfs.zfs.arc_min_prefetch_ms and vfs.zfs.arc_min_prescient_prefetch_ms, which improve performance of the zpool scrub subcommand
The pf packet filter is now usable within a jail using vnet
KDE updated to version 5.12.5
The NFS version 4.1 includes pNFS server support
Perl 5.26.2
The default PAGER now defaults to less for most commands
The dd utility has been updated to add the status=progress option to match GNU/Linux dd command to show progress bar while running dd
FreeBSD now supports ext4 for read/write operation
Python 2.7
much more

###Six Ways to Level Up Your nmap Game

nmap is a network exploration tool and security / port scanner.
If you’ve heard of it, and you’re like me, you’ve most likely used it like this:
ie, you’ve pointed it at an IP address and observed the output which tells you the open ports on a host.
I used nmap like this for years, but only recently grokked the manual to see what else it could do. Here’s a quick look and some of the more useful things I found out.

1. Scan a Network
1. Scan All Ports
1. Get service versions
1. Use -A for more data
1. Find out what nmap is up to
1. Script your own scans with NSE

###[NetBSD Desktop]

##Beastie Bits

##Feedback/Questions

Warren – Ep.273: OpenZFS on OS X
cogoman – tarsnap security and using SSDs in raid
Andrew – Portland BSD Pizza Night

Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

The post Nmap Level Up | BSD Now 277 first appeared on Jupiter Broadcasting.

What Is KDE Neon? | LAS 409

chris — Sun, 20 Mar 2016 18:01:54 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

Jonathan Riddell joins us to discuss the KDE Neon project, the latest & greatest of KDE community software packaged on a rock-solid base. We kick the tires & give you our first impressions. Is this finally the Plasma Desktop just the way we’ve always wanted it?

Thanks to:

Get Paid to Write for DigitalOcean

Direct Download:

RSS Feeds:

Become a supporter on Patreon:

— Show Notes: —

Brought to you by: Linux Academy

KDE neon

KDE Plasma 5.6 Screenshot

The latest and greatest of KDE community software
packaged on a rock-solid base.

FOSDEM: Announcing KDE neon

At FOSDEM this weekend KDE is announcing our newest project, KDE neon. Neon will provide a way to get the latest KDE software on the day its released.

— PICKS —

Runs Linux

Sears RUNS LINUX

Hi Chris,

I spotted linux in the wild today at Sears. While the register was booting up it looked like the ubuntu boot screen with the 4 loading dots, but it was customized to show Sears instead of ubuntu. When the boot process had finished, a gtk dialog box popped up and I was able to snap a picture before it brought up the POS interface.

I also saw they were running desktop linux in the optical department. I only got a glimpse of it, but it looked like it might have been a really old customized version of kde.

Desktop App Pick

Bombono DVD Creator

Excellent video viewer: Timeline and Monitor
Real WYSIWYG Menu Editor with Live THumbnails
Comfortable Drag-n-Drop support
Transcoding, if necessary
Motion menus
Subtitles Support
Author to Folder, ISO or directly to DVD
Reauthoring: You can import video from DVD discs.

Weekly Spotlight

Blue Griffon

BlueGriffon is a new WYSIWYG content editor for the World Wide Web. Powered by Gecko, the rendering engine of Firefox, it’s a modern and robust solution to edit Web pages in conformance to the latest Web Standards.

Because Gecko lives inside BlueGriffon, the document you edit will look exactly the same in Firefox. Advanced users can always use the Source View to hard-code their page.

BlueGriffon is tri-licensed under the Mozilla Public License 1.1, the GNU General Public License Version 2 and the GNU Lesser General Public License Version 2.1.

The FESTS are Coming

2016 | LinuxFest Northwest 2016

With 80 general sessions, 10 postgres sessions, and 6 tutorials, LinuxFest Northwest will be quite the full weekend of learning and fun. View the accepted sessions.

Call For Speakers | SouthEast LinuxFest

Call for speakers for SELF 2016 is now open. The deadline for submissions is Friday April 1st at 11:59 PM ET. Click here to submit a talk

— NEWS —

The 4.5 kernel has been released

Linus has released the 4.5 kernel.
“So this is later on a Sunday than my usual schedule, because I just
couldn’t make up my mind whether I should do another rc8 or not, and
kept just waffling about it. In the end, I obviously decided not to,
but it could have gone either way.”
Some of the headline features from the development cycle are
dm-verity forward error
correction,
optional mandatory locking,
the new copy_file_range() system
call,
the SOCK_DESTROY operation,
another set of persistent-memory
improvements,
extended address-space layout randomization
on 32-bit systems,
the MADV_FREE option for
madvise(),
the UBSAN checker tool,
some extensions to
epoll_wait(),
project quotas for the ext4 filesystem,
and more.

Linux 4.6 Staging Has 1600+ Patches, ~400 Patches From Outreachy

So it looks like almost a quarter of the patches are from Outreachy, the group providing paid internships for women and other “underrepresented groups in tech” to work on the Linux kernel and related open-source projects.

XDG-App Is Becoming More Feature Complete

With today’s xdg-app 0.5 release, Alex considers this GNOME sandboxing tech to be feature complete for making it possible for third-parties to create and distribute applications that work across distributions. With this sandboxing, these packaged applications have minimal access to the host as needed for functionality.

Nmap 7.10 Security Scanner Adds Hundreds of OS/Version Fingerprints, New Scripts

“I’m pleased to announce the release of Nmap 7.10 with many great improvements,” says Fyodor in today’s announcement. “It’s got 12 new NSE scripts, hundreds of new OS/version fingerprints, and dozens if smaller improvements and bug fixes. And that’s not even counting the changes in Nmap 7.01, which we released in December 2015.”

Feedback:

Brought to you by: System76

Mail Bag

Linux Action Show – “Here’s the Thing” Supercut – YouTube
https://slexy.org/view/s2TYU8vWSa
https://slexy.org/view/s20FhANiiK

Emma v. Noah Who: Switching People to Linux

Can not already be running Linux.
Must agree to install Linux, or have Linux installed
Will take place Sat during Linux Fest NW (Location TBD)
Come find Noah let him switch you to Linux and get a free SSD installed.

Call Box

Catch the show LIVE SUNDAY:

— CHRIS’ STASH —

Chris’s Twitter account has changed, you’ll need to follow!

Chris Fisher (@ChrisLAS) | Twitter

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— NOAH’S STASH —

Noah’s Day Job

Altispeed Technologies

Contact Noah

noah [at] jupiterbroadcasting.com

Find us on Google+

Find us on Twitter

Follow us on Facebook

The post What Is KDE Neon? | LAS 409 first appeared on Jupiter Broadcasting.

The Evolution of Solus | LAS 392

chris — Sun, 22 Nov 2015 10:08:54 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

We review Solus OS, a new distribution from scratch with it’s own GTK-based desktop called Budgie. Budgie is the flagship desktop of the Solus Operating System & we give you our first impressions.

Plus projects like Jolla & Canonical’s convergence have been doomed from the start, the big changes coming to GTK, the Plasma desktop gets another great release, highlights from the 2015 kernel summit & more!

Thanks to:

Get Paid to Write for DigitalOcean

Direct Download:

RSS Feeds:

Become a supporter on Patreon:

— Show Notes: —

Brought to you by: System76

Solus Project

View post on imgur.com

— PICKS —

Runs Linux

D-Link’s Komfy Switch with Camera, Runs Linux

D-Link’s Linux-powered, WiFi-enabled “Komfy Switch with Camera” also includes a cloud service, sensors for temperature, humidity, and CO2, and IFTT support.

Desktop App Pick

Pitivi 0.95

Hey everyone! It’s time for a new Pitivi release, 0.95. This one packs a lot of bugfixes and architectural work to further stabilize the GES backend. In this blog post, I’ll give you an overview of the new and interesting stuff this release brings, coming out from a year of hard work.

Weekly Spotlight

Nmap 7 Release Notes

The Nmap Project is pleased to announce the immediate, free availability of the Nmap Security Scanner version 7.00 from https://nmap.org/. It is the product of three and a half years of work, nearly 3200 code commits, and more than a dozen point releases since the big Nmap 6 release in May 2012. Nmap turned 18 years old in September this year and celebrates its birthday

— NEWS —

Jolla files for debt restructuring

Jolla Ltd, the mobile company from Finland today announced that its latest financing round which aimed to end in November, has been postponed and the company needs to adjust its operations accordingly. At the same time the company has filed for a debt restructuring program in Finland, to ensure the continuity of its business. Jolla will also temporarily lay off a big part of its personnel.

Jolla Goes For Debt Restructuring

Months after the smartphone company Jolla announced its split and intent to focus on Sailfish OS licensing, its financial situation has not improved. Jolla’s latest financing round has been delayed and so they have had to file for debt restructuring in Finland. As part of that, the company is temporarily laying off a big part of its personnel (Google translation of Finnish original). Jolla co-founder Antti Saarnio said, “Our operating system Sailfish OS is in great shape currently and it is commercially ready. Unfortunately the development until this point has required quite a lot of time and money (PDF). To get out of this death valley we need to move from a development phase into a growth phase. At the same time we need to adapt our cost levels to the new situation. One of the main actions is to tailor the operating system to fit the needs of different clients. We have several major and smaller potential clients who are interested in using Sailfish OS in their projects.”

A GTK+ update

You may have noticed that GTK+ master has a large number of changes in the CSS area. As some like to put it:

Oh NO! they’re breaking themes again!

GTK+ 3.19.2, More CSS Changes For The Toolkit

KDE Ships Plasma 5.5 Beta Release

In response to feedback, we’ve rewritten support for legacy applications not using the StatusNotifier standard for system tray icons.

The 2015 Kernel Summit Highlights

Power-management knobs

Rafael Wysocki started off his 2015 Kernel Summit session by noting that
every generation of hardware promises to be more power-efficient than its
predecessor. But that efficiency is not always experienced by users. In
an ideal world, systems should run in the most power-efficient mode
whenever possible and only employ the less-efficient modes when performance
requirements demand it. Real-world systems, though, tend not to run as
efficiently as they can. Rafael came with a proposal that, he thought,
might improve the situation, but it’s not clear that the idea will be
implemented.

Benchmarking and performance trends

Mel took over to say that, from his point of view (watching
over performance for SUSE), there have not been that many scheduler
problems. His biggest complaint, instead, was with the Intel “pstate”
driver, which handles CPU frequency and voltage management on Intel
processors. This driver, he said, is making poor decisions. CPUs never
seem to go above the minimum frequency on lightly-loaded machines, with
results that look like a 10-20% scheduler performance regression,
but are really due to pstate. This is, he said, a serious issue; we are at
a point where we are extremely efficient at doing nothing, but not so good
at actually doing work. As a result, a lot of users are disabling pstate
altogether.

QEMU 2.5-RC0 Released, Supports VirtIO-GPU 3D Mode

QEMU-side of the work for supporting 3D with VirtIO-GPU. With the Linux 4.4 kernel there is now the new DRM driver for supporting VirtIO GPU DRM with 3D support.

Feedback:

https://slexy.org/view/s21KIUdqEt
https://slexy.org/view/s2vE0gP3qK

Rover Log Playlist

Watch the adventures, productions, road trips, trails, mistakes, and fun of the Jupiter Broadcasting mobile studio.

Support Jupiter Broadcasting on Patreon

Chris’s Twitter account has changed, you’ll need to follow!

Chris Fisher (@ChrisLAS) | Twitter

— CHRIS’ STASH —

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— NOAH’S STASH —

Noah’s Day Job

Altispeed Technologies

Contact Noah

noah [at] jupiterbroadcasting.com

Find us on Google+

Find us on Twitter

Follow us on Facebook

Catch the show LIVE Friday:

The post The Evolution of Solus | LAS 392 first appeared on Jupiter Broadcasting.

Fun with Port Scanning | In Depth Look

chris — Fri, 13 Jan 2012 18:34:45 +0000

It\’s just good computer hygiene to check what ports you have open from time to time. And its also a good security practice. In this week\’s episode, we\’re going to have FUN with port scanning… Yes really!

How to check your own computer, other systems on your LAN, and audit your firewall from an outside host.

Direct Download:

HD Download | Mobile Download | MP3 Download | Ogg Download | YouTube

RSS Feeds:

HD Feed | Mobile Feed | MP3 Feed | Ogg Feed | iTunes HD Feed

Support Jupiter Broadcasting with your Purchase:

[asa book]0979958717[/asa]
[asa book]1449902529[/asa]

Self Audit:

nmap localhost

Find all active IPs on your network:

nmap -sP 10.1.10.*

Get info about remote host ports and OS detection

nmap -sS -P0 -sV -O

Check your router/firewall from the outside:

All web servers on my local network:

nmap -sT -p 80 -oG – 10.1.10.* | grep open

Extra Fun:

The post Fun with Port Scanning | In Depth Look first appeared on Jupiter Broadcasting.