Cisco announces plans to buy OpenDNS, the European Government agrees on Net Neutrality rules, Microsoft selling Bing imaging to Uber & display ads to AOL, PayPal kills it’s terrible robocalling policy & more!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Video Feed | Torrent Feed

Become a supporter on Patreon

Show Notes:

— Episode Links —

• European Government Agrees On Net Neutrality Rules, With Exemptions
• Cisco to buy cybersecurity firm OpenDNS in $635m deal | ZDNet
• Two keys to rule them all: Cisco warns of default SSH keys on appliances | Ars Technica
• Microsoft selling Bing imaging to Uber, moving display ads to AOL | Ars Technica
• Samsung Electronics plans more Tizen smartphones this year: source | Reuters
• PayPal Just Killed Its Terrible Robocalling Policy
• In Wake Of Hack, OPM Shutters System For Federal Background Checks – ABC News

The post Openly Acquired | TTT 190 first appeared on Jupiter Broadcasting.

This time on the show we\’ll be talking with Jon Anderson about Capsicum and Casper to securely sandbox processes. After that, our tutorial will show you how to encrypt all your DNS lookups, either on a single system or for your whole network. News, emails and all the usual fun, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

BSDCan 2014 talks and reports

• The majority of the BSDCan talks are finally uploaded, so prepare to be flooded with links
• Karl Lehenbauer\’s keynote (he\’s on next week\’s episode)
• Mariusz Zaborski and Pawel Jakub Dawidek,
  Capsicum and Casper (relevant to today\’s interview)
• Luigi Rizzo,
  In-kernel OpenvSwitch on FreeBSD
• Dwayne Hart, Migrating from Linux to FreeBSD for Backend Data Storage
• Warner Losh, NAND Flash and FreeBSD
• Simon Gerraty, FreeBSD bmake and Meta Mode
• Bob Beck, LibreSSL – The First 30 Days
• Henning Brauer, OpenBGPD Turns 10 Years Old
• Arun Thomas, BSD ARM Kernel Internals
• Peter Hessler, Using BGP for Realtime Spam Lists
• Pedro Giffuni, Features and Status of FreeBSD\’s Ext2 Implementation
  
• Matt Ahrens, OpenZFS Upcoming Features and Performance Enhancements
• Daichi Goto, Shellscripts and Commands
• Benno Rice, Keeping Current
• Sean Bruno, MIPS Router Hacking
• John-Mark Gurney, Optimizing GELI Performance
• Patrick Kelsey, Userspace Networking with libuinet
• Massimiliano Stucchi, IPv6 Transitioning Mechanisms
• Roger Pau Monné, Taking the Red Pill
• Shawn Webb, Introducing ASLR in FreeBSD
• There\’s also a trip report from Peter Hessler and one from Julio Merino
• The latter report also talks about how, unfortunately, NetBSD basically had no presence in the event at all (and how that\’s a recurring trend)

Defend your network and privacy with a VPN and OpenBSD

• After all the recent news about spying, backdoored routers, deep packet inspection and everything else, you might want to start taking steps at getting some privacy back
• This article describes how to set up a secure network gateway and VPN using OpenBSD and related crypto utilities
• There are bits for DHCP, DNS, OpenVPN, DNSCrypt and a watchdog script to make sure your tunnel is always being used
• You can transparently tunnel all your outbound traffic over the VPN with this configuration, nothing is needed on any of the client systems – this could also be used with Tor (but it would be very slow)
• It also includes a few general privacy tips, recommended browser extensions, etc
• The intro to the article is especially great, so give the whole thing a read
• He mentions our OpenBSD router guide and other tutorials being a big help for this setup, so hello if you\’re watching!

You should try FreeBSD

• In this blog post, the author talks a bit about how some Linux people aren\’t familiar with the BSDs and how we can take steps to change that
• He goes into some FreeBSD history specifically, then talks about some of the apparent (and not-so-apparent) differences between the two
• Possibly the most useful part is how to address the question \”my server already works, why bother switching?\”
• \”Stackoverflow’s answers assume I have apt-get installed\” ← lol
• It includes mention of the great documentation, stability, ports, improved security and much more
• A takeaway quote for would-be Linux switchers: \”I like to compare FreeBSD to a really tidy room where you can find everything with your eyes closed. Once you know where the closets are, it is easy to just grab what you need, even if you have never touched it before\”

OpenBSD and the little Mauritian contributor

• This is a story about a guy from Mauritius named Logan, one of OpenBSD\’s newest developers
• Back in 2010, he started sending in patched for OpenBSD\’s \”mg\” editor, among other small things, and eventually added file transfer resume support for SFTP
• The article talks about his journey from just a guy who submits a patch here and there to joining the developer ranks and even getting his picture taken with Theo at a recent hackathon
• It really shows how easy it is to get involved with the different BSDs and contribute back to the software ecosystem
• Congrats to Logan, and hopefully this will inspire more people to start helping out and contributing code back

Interview – Jon Anderson – jonathan@freebsd.org

Capsicum and Casperd

Tutorial

Encrypting DNS lookups

News Roundup

FreeBSD Journal, May 2014 issue

• The newest issue of the FreeBSD Journal is out, following the bi-monthly release cycle
• This time the topics include: a letter from the foundation, a ports report, some 9.3-RELEASE plans, an events calendar, an overview of ipfw, exploring network activity with dtrace, an article about kqueue, data distribution with dnssec and finally an article about TCP scaling
• Pick up your (digital) copy at Amazon, Google Play or on iTunes and have a read

LibreSSL porting update

• Since the last LibreSSL post we covered, a couple unofficial \”portable\” versions have died off
• Unfortunately, people still think they can just port LibreSSL to other BSDs and Linux all willy-nilly – stop doing that!
• This post reiterates that LibreSSL currently relies on a lot of OpenBSD-specific security functions that are not present in other systems, and also gives a very eye-opening example
• Please wait for an official portable version instead of wasting time with these dime-a-dozen github clones that do more harm than good

BSDMag May 2014 issue is out

• The usual monthly release from BSDMag, covering a variety of subjects
• This time around the topics include: managing large development projects using RCS, working with HAMMER FS and PFSes, running MeteorJS on FreeBSD 11, another bhyve article, more GIMP tutorials and a few other things
• It\’s a free PDF, go grab it

BSDTalk episode 241

• A new episode of BSDTalk is out, this time with Bob Beck
• He talks about the OpenBSD foundation\’s recent activities, his own work in the project, some stories about the hardware in Theo\’s basement and a lot more
• The interview itself isn\’t about LibreSSL at all, but they do touch on it a bit too
• Really interesting stuff, covers a lot of different topics in a short amount of time

Feedback/Questions

• We got a number of replies about last week\’s VPN question, so thanks to everyone who sent in an email about it – the vpnc package seems to be what we were looking for
• Tim writes in
• AJ writes in
• Peter writes in
• Thomas writes in
• Martin writes in

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• We\’re looking for new tutorial ideas, so if there\’s something specific you\’d like to learn about, let us know
• FreeBSD core team elections are in progress – nominations ended today. There are 21 candidates, and voting is open for the next month. We\’ll let you know how it goes in a future episode.
• Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post The Friendly Sandbox | BSD Now 39 first appeared on Jupiter Broadcasting.

We\’ve got some special treats for you this week on the show. It\’s the long-awaited \”installfest\” segment, where we go through the installer of each of the different BSDs. Of course we also have your feedback and the latest news as well… and… we even have our very first viewer contest! There\’s a lot to get to today on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

FreeBSD\’s new testing infrastructure

• A new test suite was added to FreeBSD, with 3 powerful machines available
• Both -CURRENT and stable/10 have got the test suite build infrastructure in place
• Designed to help developers test and improve major scalability across huge amounts of CPUs and RAM
• More details available here
• Could the iXsystems monster server be involved…?

OpenBSD gets signify

• At long last, OpenBSD gets support for signed releases!
• For \”the world\’s most secure OS\” it was very easy to MITM kernel patches, updates, installer isos, everything
• A commit to the -current tree reveals a new \”signify\” tool is currently being kicked around
• More details in a blog post from the guy who committed it
• Quote: \”yeah, briefly, the plan is to sign sets and packages. that\’s still work in progress.\”

Faces of FreeBSD

• This time they interview Isabell Long, a 19 year old female that\’s involved with FreeBSD
• She\’s a volunteer staff member on the freenode IRC network
• In 2011, she participated in the Google Code-In contest and became involved with documentation
• \”The new committer mentoring process proved very useful and that, plus the accepting community of FreeBSD, are reasons why I stay involved.\”

pkgsrc-2013Q4 branched

• The quarterly pkgsrc branch from NetBSD is out
• 13472 total packages for NetBSD-current/amd64 + 13049 binary packages built with clang!
• Lots of numbers and stats in the announcement
• pkgsrc works on quite a few different OSes, not just NetBSD
• See our interview with Amitai Schlair for a bit about pkgsrc

OpenBSD on Google\’s Compute Engine

• Google Compute Engine is a \”cloud computing\” platform similar to EC2
• Unfortunately, they only offer poor choices for the OS (Debian and CentOS)
• Recently it\’s been announced that there is a custom OS option
• It\’s using a WIP virtio-scsi driver, lots of things still need more work
• Lots of technical and networking details about the struggles to get OpenBSD working on it

This episode was brought to you by

The Installfest

We\’ll be showing you the installer of each of the main BSDs. As of the date this episode airs, we\’re using:
+ FreeBSD 10.0
+ OpenBSD 5.4
+ NetBSD 6.1.2
+ DragonflyBSD 3.6
+ PCBSD 10.0

News Roundup

Building an OpenBSD wireless access point

• A neat write up we found around the internet about making an OpenBSD wifi router
• Goes through the process of PXE booting, installing base, using a serial console, setting up networking and wireless
• Even includes a puffy sticker on the Soekris box at the end, how cute

FreeBSD 4.X jails on 10.0

• Blog entry from our buddy Michael Lucas
• For whatever reason (an \”in-house application\”), he needed to run a FreeBSD 4 jail in FreeBSD 10
• Talks about the options he had: porting software, virtualizing, dealing with slow old hardware
• He goes through the whole process of making an ancient jail
• It\’s \”an acceptable trade-off, if it means I don’t have to touch actual PHP code.\”

Unscrewed: a story about OpenBSD

• Pretty long blog post about how a network admin used OpenBSD to save the day
• To set the tone, \”It was 5am, and the network was down\”
• Great war story about replacing expensive routers and networking equipment with cheaper hardware and BSD
• Mentions a lot of the built in tools and how OpenBSD is great for routers and high security applications

PCBSD weekly digest

• 10.0-RC3 is out and ready to be tested
• New detection of ATI Hybrid Graphics, they\’re working on nVidia next
• Fixed an issue with detecting disk drives that take a LONG time to probe
• Re-classifying Linux jails as unsupported / experimental (and all 4 people that use them wept)

Feedback/Questions

• Daniel writes in: https://slexy.org/view/s2uns1hMml
• Erik writes in: https://slexy.org/view/s2MeJNCCiu
• SW writes in: https://slexy.org/view/s21fBXkP2K
• Bostjan writes in: https://slexy.org/view/s20N9bfkum
• Samuel writes in: https://slexy.org/view/s20FU9wUO5

Contest

• We\’re going to be having our first viewer contest!
• We\’ll be giving away a handmade FreeBSD pillow – yes you heard right
• All you need to do is write a tutorial for the show
• Submit your BSD tutorial write-ups to feedback@bsdnow.tv
• If you want to email us your idea first, I can tell you if I already have a tutorial for that topic prewritten for the show in the backlog
• Check bsdnow.tv/contest for all the rules, details, instructions and a picture of the pillow.

• All the tutorials are posted in their entirety at bsdnow.tv
• The OpenBSD router tutorial has gotten some improvements. It now includes an option to encrypt all your DNS lookups, as well as some cool utilities you can use for bandwidth monitoring, performance improvements and other fun router stuff
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)
• BSD Now got some unintended publicity at the 30th Chaos Communication Congress (1:28:16 – 1:31:00 in the video)

The post The Installfest | BSD 19 first appeared on Jupiter Broadcasting.

We review the XFCE desktop and compare its lean features with the bloated competition!

PLUS: The dirty tricks Microsoft and Apple are playing, and a new kickstarter game project committed to Linux!

And our tips for parents to protect their Linux using kids when online.

All this week on, The Linux Action Show!

Thanks to:

GoDaddy.com

Limited time offer:

New customers 25% off your entire order, code: 25MAY8
Expires: May 31, 2012

50% off Pro and Basic Reseller plans
Expires: May 24
Linux Action Show Code: 50res3

Want to save money on your entire order? Use our code LINUX and save 10%!

Be sure to help keep Danica on the front page, VOTE DANICA

Direct Download:

HD Video | Mobile Video | Ogg Video | MP3 Audio | Ogg Audio | YouTube | Torrent File

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Feed | Ogg Feed | iTunes Feeds | Torrent Feed

Support the Show:

Purchase anything at Amazon.com Purchase anything at Think Geek using this link Purchase anything at Newegg using this link Contribute directly on our donation page or check out our advertising options and reach millions of amazing people! Grab our Chrome Extension and auto-tag your shopping session for us!

Show Notes:

Runs Linux:

• Tux Racer Arcade Cabinet, Runs Linux

Android Pick:

• Linux Installer for Android
• Android Picks so far thanks to Madjo in the IRC Chat room!

Universal Pick:

• Bryan Lunduke’s Awesome Blocks of Awesome
• Picks so far. Thanks to Madjo!

Random Distro Of The Day

• DouDouLinux

Linux Action Show Subreddit

• Linux Action Show Subreddit

News:

• Microsoft wins ban on Motorola Android devices from the ITC
• How Google Developers Use Ubuntu
• Mandriva Linux will return to the community
• Wasteland 2 will Use Unity 3D Engine, Linux Support Coming
• Two guys from Andromeda kickstarter – for Linux from the start
• How Google Developers Use Ubuntu

XFCE:

• Xfce 4.10 tour
• Xubuntu 12.04 review
• Time for Chris to Sex up His XFCE Desktop. Suggestions?
• Linus Torvalds Ditches GNOME 3 For Xfce
• Xfce – openSUSE
• Xfce – FedoraProject
• Xfce – ArchWiki

What’s Bryan Doin?

• BLABA Game Creator
• The Complete History Of The Linux Action Show (abridged)
• The “Build Something Fun And Win Some Pi” Contest

Chris’ Stash:

• OMG IT’s HERE! Unfilter Episode 1: Cannabis Prohibition

Find us on Google+

• Chris
• Bryan
• Jupiter Broadcasting’s Page

Find us on Twitter:

• Chris – ChrisLAS
• Bryan – BryanLunduke

Matt’s How-to:

Having established why Gnome Nanny fails (not updated and incompatible), I have found over the years the only reliable method for offering parental controls on Ubuntu is to use either parental controls through a router or on a specific PC via OpenDNS.

Note: if you want this only block content on a single PC, only use OpenDNS on that computer.

1. Browse opendns.com and create an account. Then login, this will bring you to your dashboard.
2. Since we’re only adding the single computer in this example, look the right of the page and add Add a network. Click that button.
3. This will fill in your ISP assigned IP address for you. Click on Add this network.
4. A new popup will appear asking you to assign a “friendly” name to this network. Do so, then make sure you’ve checked off “yes, it is dynamic” (as most people have dynamic IP addresses).
5. Ignoring the option to install anything, close this window by clicking Done.
6. Now click on the IP address in the main screen area, this brings you to the parental control area.
7. Select the level of content filtering you wish to use on this computer. Click apply. (I recommend checking the customize option for each section before choosing)
8. Now you need to install a client that will keep your dynamic IP address, in tune with OpenDNS. From a terminal:

sudo apt-get install ddclient

1. Once the configuration window appears, use your keyboard to select Other, then tab to Ok.
2. The next step from this same terminal dialog is to type, then tab to Ok:

updates.opendns.com

1. In the next window, select dyndns2, tab to Ok.
2. And in the next dialog, type in the username for your OpenDNS account; ie, your email used.
3. Still with me? Good. Now you need to enter the network interface used. If it’s a wired network, it might be eth0 or if it’s wifi, perhaps wlan0 or wlan1. Open a separate terminal and do a ifconfig if you’re unsure.
4. Remember that “Friendly” network name we created previously in the OpenDNS dashboard? Enter it when prompted for your dyndns qualified domain name(s). Then tab to Ok.
5. With this finished, you will want to revisit the terminal again and type:

sudo gedit /etc/ddclient.conf

1. With this conf file open, we’re going to make sure the settings took correctly. Check for the following: username, password, ssl set to yes, etc. Save, then close.
   17) The next step is to make sure OpenDNS is to be used exclusively for DNS on this machine.

sudo gedit /etc/dhcp/dhclient.conf

1. Ignore all of the text listed, scroll down the to the bottom and paste in the following:

supersede domain-name-servers 208.67.222.222,208.67.220.220;

1. Save the file and close the editor.
2. Rather than merely restarting networking to let the settings take effect, be extra safe and just reboot. And you should be good to go. The ddclient and OpenDNS will now do the content filtering you need, to keep your kids safe. You’re all set!

Follow the network on Facebook:

• Jupiter Broadcasting on Facebook

Jupiter Broadcasting Forum:

• Jupiter Colony

Catch the show LIVE Sunday 10am Pacific / 5pm UTC:

• https://jblive.tv
• Network Calendar

The post XFCE’s Revenge | LAS | s21e10 first appeared on Jupiter Broadcasting.

]]> https://original.jupiterbroadcasting.net/11691/smarter-google-dns-techsnap-21/ Thu, 01 Sep 2011 22:42:23 +0000 https://original.jupiterbroadcasting.net/?p=11691 Google and openDNS join forces to improve the speed of your downloads, find out what they are doing and how it works!

The post Smarter Google DNS | TechSNAP 21 first appeared on Jupiter Broadcasting.

]]>

Google and openDNS join forces to improve the speed of your downloads, find out what they are doing and how it works!

Plus gmail suffered another man in the middle attack, and Kernel.org gets some egg on their face!

All that and more, on this week’s episode of TechSNAP!

Direct Download Links:

HD Video | Large Video | Mobile Video | WebM Video | MP3 Audio | OGG Audio | YouTube

Subscribe via RSS and iTunes:
Subscribe... --RSS-- TechSNAP HD TechSNAP Large TechSNAP Mobile TechSNAP MP3 TechSNAP OGG --iTunes-- TechSNAP iTunes HD TechSNAP iTunes Mobile TechSNAP iTunes Large TechSNAP iTunes MP3

[ad#shownotes]

Show Notes:

Another SSL Certificate Authority Compromised, MitM Attack on Gmail

• Sometime before July 10th, the Dutch Certificate Authority DigiNotar was compromised and the attackers we able to issue a number (apparently as many as 200) of fraudulent certificates, including a wildcard certificate for *.google.com. The attack was only detected by DigiNotar on July 19th. DigiNotar revoked the certificates, and an external security audit determined that all invalid certificates had been revoked. However, it seemed that probably the most important certificate, *.google.com was in fact not revoked. This raises serious questions and seems to point to a coverup by DigiNotar. Detailed Article Additional Article
• Newer versions of Chrome were not effected, because Google specifically listed a small subset of CAs who would ever be allowed to issue a certificate for gmail. This also prevents self-signed certificates, which some users fall for regardless of the giant scary browser warning. Chrome Security Notes for June
• Mozilla and the other browsers have taken more direct action disabled than they did with the Comodo compromise. All major browsers have entirely removed the the DigiNotar root certificate from their trust list. With the Comodo compromise, the effected certificates were blacklisted, but the rest of the Comodo CA was left untouched. One wonders if this was done as strong signal to all CAs that that must take security more seriously, or if DigiNotar was in fact cooperating with the Iranian government in its efforts to launch MitM attacks on its citizens. Mozilla Security Blog
• Part of the issue is that some of the certificates issued were for the browser manufacturers them selves, such as Mozilla.org. With a fake certificate from Mozilla, it is possible that the MitM attack could block updates to your browser, or worse, feed you a spyware laden version of the browser.
• Press Release from Parent Company VASCO
• Pastebin of the fraudulent Certificate

• Allan’s blog post about the previous CA compromise, and more detail than can fit even in an episode of TechSNAP
  *

  GoogleDNS and OpenDNS launch ‘A Faster Internet’

• The site promoted a DNS protocol extension called edns-client-subnet that would have the recursive DNS server pass along the IP Subnet (not the full IP, for privacy) of the requesting client, to allow the authoritative DNS server to make a better Geo Targetting Decision.
• A number of large content distributors and CDNs rely on GeoIP technology at DNS time to direct users to the nearest (and as such, usually fastest) server. However this approach is often defeated when a large portion of users are using GoogleDNS and OpenDNS and all of those requests come from a specific IP range. As this technology takes hold, it should make it possible for the Authoritative DNS servers to target the user rather than the Recursive DNS Server, resulting in more accurate results.
• Internet Engineering Task Force Draft Specification
• This change has already started effecting users, many users of services such as iTunes had complained of much slower download speeds when using Google or Open DNS. This was a result of being sent to a far-away node, and that node getting a disproportionate amount of the total load. Now that this DNS extension has started to come online and is backed by a number of major CDNs, it should alleviate the problem.

• ScaleEngine is in the process of implementing this, and already has some test edns enabled authoritative name servers online.
  *

  Kernel.org Compromised

• Attackers were able to compromise a number of Kernel.org machines
• Attackers appear to have compromised a single user account, and then through unknown means, gained root access.
• Attackers replaced the running OpenSSH server with a trojaned version, likely leaking the credentials of users who authenticated against it.
• Kernel.org is working with the 448 people who have accounts there, to replace their passwords and SSH keys.
• The attack was only discovered due to an extraneous error message about /dev/mem
• Additional Article

---

Feedback:

Q: (DreamsVoid) I have a server setup, and I am wondering what it would take to setup a backup server, that would automatically take over if the first server were to go down. What are some of the ways I could accomplish this?

A: This is a rather lengthy answer, so I will actually break it apart, and have given one possible answer each week, for the last few weeks. This weeks solution is Anycast. This is by far the most complicated and resource intensive solution, but it is also the most scalable. Standard connections on the Internet are Unicast, meaning they go from a single point to another single point (typically, from a client to a specific server). The are also Broadcast (send to all nodes in the broadcast domain, such as your local LAN), and Multicast (send to a group of subscribed peers, used extensively by routers to distribute routing table updates, but does not work on the Internet). Anycast is different than a Unicast, instead of sending the packet to a specific host, the packet is sent to the nearest host (in network terms, hops, not necessarily geographic terms). The way Anycast works is your BGP enabled routers broadcast a route to your subnet to the Internet from each of the different locations, and the other routers on the Internet update their routing tables with the route to the location that is the fewest hops away. In this way, your traffic is diverted to the nearest location. If one of your locations goes down, when the other routers do not get an update from the downed router, they automatically change their route to the next nearest location. If you want only fail over, and not to distribute traffic geographically, you can have your routers prefix their routes with their own AS number a sufficient number of times to make the backup location always more hops than the main location, so it is only used if the main is down. There are some caveats with this solution, the first being that TCP packets were never meant to randomly redirect to another location, if a route change happens in the middle of an active session, that session will not exist at the second location, and the connection will be dropped. This makes Anycast unsuitable for long-lived connections, as routes on the Internet change constantly, routing around faults and congestion. Connections also cannot be made outbound from an Anycast IP, as the route back may end up going to a different server, and so a response will never be received, so servers would require a regular Unicast address, plus the Anycast address. A common solution to overcome the limitations of Anycast, is to do DNS (which is primarily UDP) via Anycast, and have each location serve a different version of the authoritative zone, which the local IP address of the web server, this way the users are routed to the nearest DNS server, which then returns the regular IP of the web server at the same location (this solution suffers from the same problems mentioned above in the Google DNS story). Another limitation is that due to the size of the address space on the Internet, most provides will not accept a route for a subnet smaller than a /24, meaning than an entire 256 ip address subnet must be dedicated to Anycast, and your servers will each require a regular address in a normal subnet. Broadcasting routes to the Internet also requires your own Autonomous System number, which are only granted to largish providers, or an ISP willing to announce your subnet on their AS number, but this requires a Letter of Authorization from the owner of the IP block.
*

ROUND-UP:

• Chinese Government removes Cyber warfare videos and denies everything
• New XBox 360 hack allows unsigned code execution
• Anonymous takes credit for Denial of Service attack on Wikileaks
• Anonymous tested its attack tool against pastebin.com first
• New windows worm spreading via weak RDP Credentials
• Cyber crime gang steals $13 million in a day
  Thanks to: stmiller
• Pakistan official bans all encryption and forces ISPs to block encrypted VPN traffic
• Wikileak cables reveal U.S. Government lobbied on behalf of Oracle.
  Thanks to: silvernode and for the eye catching title!

Bitcoin-Blaster:

• Difficulty dropped down to 1777774.482!
• The relationship between bitcoin price and difficulty
• Has Bruce Wagner pulled off the biggest financial scam on the bitcoin community?
• Bitcoin Watch: $59,420,956 USD

The post Smarter Google DNS | TechSNAP 21 first appeared on Jupiter Broadcasting.

]]>