Show Notes: error.show/80

The post Imaginary Turkey | User Error 80 first appeared on Jupiter Broadcasting.

HD Video Feed | MP3 Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

How not to avoid browser security warning

Verbal passwords

Obscurity is a Valid Security Layer

Feedback

• Kaspersky’s 7zip file

• Containers/Jails/Zones : Containers vs Zones vs Jails vs VMs, Container descriptions and security, Docker and the rise of popularity of containers, Papers We Love Zones and Jails

Round Up:

• https://www.crunchyroll.com/ Cloudflare configuration compromised

• New York Times via dark web

• USB Stick with Heathrow Security and Queen’ Data Found on London Street see also Met Police Special Escort Group

• Google to ditch public key pinning in Chrome

• Performing & Preventing SSL Stripping: A Plain-English Primer

• Researchers turn LG’s Hom-Bot vacuum cleaner into a real-time spying device

The post SSL Strippers | TechSNAP 344 first appeared on Jupiter Broadcasting.

Dell pulls a Superfish with easily cloneable root certificates, Amazon has some passwords leak & Jeff wants to show you his self landing rocket.

Plus the fun news for Sci Fi and Netflix fans & of course, our Kickstarter of the week!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Video Feed | Torrent Feed

Become a supporter on Patreon

Show Notes:

— Episode Links —

• Dell does a Superfish, ships PCs with easily cloneable root certificates | Ars Technica
• Response to Concerns Regarding eDellroot Certificate
• iamwpj comments on Dell ships laptops with rogue root CA, exactly like what happened with Lenovo and Superfish
• Amazon force-resets some account passwords, citing password leak | ZDNet
• Google Received More Than 65 Million URL Takedown Requests In The Past Month
• Blue Origin Rocket Landing Gets Jeff Bezos to Tweet for First Time | Re/code
• Netflix remake Lost in Space in development
• Pillow Talk: Feel the presence of your loved one by Little Riot — Kickstarter

The post Dell's Bad Latitude | TTT 224 first appeared on Jupiter Broadcasting.

Our best open source alternatives to LastPass. We run down the easy, the straight forward & the totally custom solutions to rolling your password managment. All our picks are totally open source, auditable & ready to use today.

Plus the first reviews of the Steam Machines hit the web, Red Hat’s big buy, GIMP in your browser & more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | OGG Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

Brought to you by: System76

LastPass Killers

• Yahoo Mail drops passwords and adds third-party email support for new apps

It’s Yahoo Mail‘s 18th birthday this month and to mark the occasion, Yahoo is pulling out all the stops with three major announcements: a brand new mobile app for Android and iOS, the support for multiple third-party email accounts and, perhaps most significantly, the introduction of a completely password-free sign-in experience called Yahoo Account Key.

LastPass Joins the LogMeIn Family

It’s a big day here at LastPass. We’re thrilled to announce that we’re joining LogMeIn. As one of the world’s leading SaaS companies, we can’t imagine a better team to align with our values and product-driven mission. With their experience in growing successful brands like join.me, we’re excited to join LogMeIn in delivering the next generation of identity and access management for individuals, teams and companies, with LastPass at the forefront.

KeePass

• KeepassC

KeePassC is a password manager fully compatible to KeePass v.1.x and KeePassX. That is, your
password database is fully encrypted with AES.

KeePassC is written in Python 3 and comes with a curses-interface. It is completely controlled
with the keyboard (vim-like keys are supported).

Some features are:

• AES encryption of the database with password and/or keyfile
• Included customizable password generator
• KeePassX and KeePass v.1.x compatible (KeePass v2.x planned)
• Database entries are sorted in alphabetically sorted groups
• Subgroups of groups
• Entries are identified by a title
• Search entries by this title and show matches in an own group
• Set expiration dates to remind you that a new password is needed
• Unicode support
• Copy username and password to clipboard
• Auto-locking workspace and self-deleting clipboard with adjustable delays
• Options to remember last database and last keyfile
• Open URLs directly in your standard browser
• Optional use of vim/ranger-like keys
• Simple command line interface
• Network functionality including multiuser support

• The last can be used to omit password entering, too

• kpcli – A command line interface for KeePass

A command line interface (interactive shell) to work with KeePass 1.x or 2.x database files. This program was inspired by my use of the CLI of the Ked Password Manager (“kedpm -c”) combined with my need to migrate to KeePass.

Pass

Password management should be simple and follow Unix philosophy. With pass, each password lives inside of a gpg encrypted file whose filename is the title of the website or resource that requires the password. These encrypted files may be organized into meaningful folder hierarchies, copied from computer to computer, and, in general, manipulated using standard command line file management utilities.

pass makes managing these individual password files extremely easy. All passwords live in ~/.password-store, and pass provides some nice commands for adding, editing, generating, and retrieving passwords. It is a very short and simple shell script. It’s capable of temporarily putting passwords on your clipboard and tracking password changes using git.

• Pass for Android on F-Droid

How Active is Pass Development?

• Migrating your data to Pass

To free password data from the clutches of other (bloated) password managers, various users have come up with different password store organizations that work best for them.

Using Git to Sync Pass

First install and then setup git

1 $ git config --global user.name  "John Doe"
2 $ git config --global user.email "johndoe@foobar.com"
3 $ pass git init

QtPass GUI for pass, the standard UNIX password manager

• Using pass or git and gpg2 directly
  • Cross platform: Linux, BSD, OS X and Windows
  • Reading pass password stores
  • Decrypting and displaying the password and related info
  • Editing and adding of passwords and information
  • Updating to and from a git repository
  • Per-folder user selection for multi recipient encryption
  • Configuration options for backends and executable/folder locations
  • Copying password to clipboard
  • Configurable shoulder surfing protection options
  • Experimental WebDAV support

Planned features

• Re-encryption after users-change (optional ofcourse).
• Plugins based on key, format is same as password file.
• Colour coding folders (possibly disabling folders you can’t decrypt).
• WebDAV (configuration) support.
• Optional table view of decrypted folder contents.
• Opening of (basic auth) urls in default browser? Possibly with helper plugin for filling out forms?

• Some other form of remote storage that allows for accountability / auditing (web API to retreive the .gpg files)?

• GPG – How to trust an imported key

Encryptr – Powered by Crypton

Encryptr is simple and easy to use. It stores your sensitive data like passwords, credit card data, PINs, or access codes, in the cloud. However, because it was built on the zero-knowledge Crypton framework, Encryptr ensures that only the user has the ability to access or read the confidential information. Not the app’s developers, cloud storage provider, or any third party.

Encryptr only ever encrypts or decrypts your data locally on your device. No plain text is ever sent to the server, not even your passphrase. This is what zero-knowledge means.*

You don’t even need to hand over any personal data to register. Not your name, and not your email address. The app only requires a username and a passphrase.

Encryptr is free, and completely open source. This includes Crypton.

Firefox Password Manager

If you use the same simple password for everything you will be more susceptible to identity theft. The Create secure passwords to keep your identity safe article shows you an easy method for creating secure passwords and using the Password Manager, as described above, will help you remember them all.

Even though the Password Manager stores your usernames and passwords on your hard drive in an encrypted format, someone with access to your computer can still see or use them. The Use a Master Password to protect stored logins and passwords article shows you how to prevent this and keep you protected in the event your computer is lost or stolen.

When paired with Firefox sync feature this effectively emulates LastPass without Yubikey support, and without the password generation feature.

— PICKS —

Runs Linux

Etch-a-sketch RUNS LINUX!

Over on YouTube user devnulling has uploaded a video showing his “Etch-A-SDR” project. This project involved creating an all-in-one SDR device out of an Odroid C1, Teensy 3.1 and an RTL-SDR dongle. The Odroid C1 is an embedded computer, similar to the Raspberry Pi 2 and the Teensy 3.1 is a microcontroller development board. The “Etch-A-SDR” is named as such because of its resemblance to an Etch-A-Sketch toy. It has two knobs that can be used for tuning and several side buttons for changing demodulation modes etc.

Upon boot the Etch-A-SDR opens GQRX and is ready for tuning within seconds of turning it on. In addition to using it as a portable SDR with GQRX the Etch-A-SDR can also be booted into normal Linux mode and into Etch-A-Sketch mode, where it operates as a normal Etch-A-Sketch toy.

The code can be downloaded from https://github.com/devnulling/etch-a-sdr.

Desktop App Pick

FreeMind Mind Mapping Tool

FreeMind is a premier free mind-mapping software written in Java. The recent development has hopefully turned it into high productivity tool. We are proud that the operation and navigation of FreeMind is faster than that of MindManager because of one-click “fold / unfold” and “follow link” operations.

• Keeping Track of Projects
• Project workplace
• Workplace for Internet Research
• Essay Writing and Brainstorming
• Small Database with structure
• Commented Internet Favorites or Bookmarks

Weekly Spotlight

Hangups

hangups is the first third-party instant messaging client for Google
Hangouts. It includes both a Python library and a reference client with a
text-based user interface.

Unlike its predecessor Google Talk, Hangouts uses a proprietary,
non-interoperable protocol. hangups is implemented by reverse-engineering
this protocol, which allows it to support features like group messaging that
aren’t available in clients that connect via XMPP.

hangups is still in an early stage of development. The reference client is
usable for basic chatting, but the API is undocumented and subject to change.
Bug reports and pull requests are welcome!

— NEWS —

GIMP Online – rollApp

Run GIMP and other X11 apps in your web browser.

Red Hat is buying Ansible for more than $100M

Buying Ansible — one of four major providers of at least partly open-source devops tools — makes sense, because it can add to Red Hat’s line of offerings. Plus, Ansible already integrates with Red Hat’s OpenShift, OpenStack, and Red Hat Enterprise Linux software.

• Red Hat buys Ansible to bolster its developer toolset – Fortune

As part of the deal, about50 Ansible employees will join Red Hat

• Red Hat Is Buying IT Automation Startup Ansible, Reportedly For Around $100M | TechCrunch

Red Hat today also provided a brief update to its earnings as part of the news. It says the acquisition is expected to have no material impact to Red Hat’s revenue for the third and fourth quarters of its fiscal year. Non-GAAP operating expenses for fiscal 2016 will be increased by $2 million, or ($0.01) per share, in Q3 and $4.0 million, or ($0.02) per share, in Q4 as a result of the transaction.

Proxmox VE 4.0 is OUT

This video highlights the new features in Proxmox VE 4.0:

• Debian Jessie 8.2 and 4.2 Linux kernel
• Linux Containers (LXC)
• IPv6 support
• Bash completion
• New Proxmox VE HA Manager

View all updates: https://pve.proxmox.com/wiki/Roadmap

The Alienware Steam Machine: finally, a gaming PC for the living room

I used to laugh when I saw Linux users scramble to build compatibility layers to play “real” PC games. I chuckled when Valve CEO Gabe Newell lambasted Windows 8 as a “catastrophe for everyone,” proffering Linux and SteamOS as a viable alternative. It seemed so far-fetched, so silly. Truth be told, I’m still laughing — but now it’s because I’m enjoying myself. The Alienware Steam Machine has some growing pains, but it’s fun. Lots of fun.

• Steam’s living room hardware blitz gets off to a muddy start | Ars Technica

It’s all very smooth, overall, but there were a few sticking points that seemed a little rough compared to other game consoles. While the system hasn’t frozen on us during a game yet, there have been a handful of times where the whole OS hung when we were closing or opening a title, requiring a system reboot that took 30 to 60 seconds. We ran into occasional problems with webpage scrolling, the on-screen keyboard, and Wi-Fi recognition as well, all of which disappeared with a reboot.

We also found a few SteamOS games that still include an intermediate “launcher” screen that asks players to confirm resolution and other settings. That’s only an annoyance because these screens can’t be navigated with the Steam Controller; you need to plug in a mouse and keyboard to get through to the actual game in these cases. While the SteamOS interface includes large warnings that these games require extra hardware, and Valve isn’t directly responsible for third-party developers’ unfriendly decisions, it still seems like an oversight to have such games be unplayable out of the box.

• ARCH steam controller not detected properly

Feedback:

• https://slexy.org/view/s2Y836bi9B
• https://slexy.org/view/s2sQ9ZkWTx
• https://slexy.org/view/s2VwIphEzi
• https://www.indiegogo.com/projects/open-foss-training#/

Rover Log Playlist

Watch the adventures, productions, road trips, trails, mistakes, and fun of the Jupiter Broadcasting mobile studio.

• Support Jupiter Broadcasting on Patreon

Chris’s Twitter account has changed, you’ll need to follow!

Chris Fisher (@ChrisLAS) | Twitter

— CHRIS’ STASH —

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— NOAH’S STASH —

Noah’s Day Job

Altispeed Technologies

Contact Noah

noah [at] jupiterbroadcasting.com

Find us on Google+

• Chris
• Noah J. Chelliah
• Jupiter Broadcasting’s Page

Find us on Twitter

• Chris – ChrisLAS
• Noah – Kernellinux

Follow us on Facebook

• Jupiter Broadcasting on Facebook
• Noah – Kernellinux

Catch the show LIVE Friday:

• https://jblive.tv
• Network Calendar

The post Passing On LastPass | LAS 387 first appeared on Jupiter Broadcasting.

LastPass gets bought, FireFox loves Flash long time, just not your plugins, good iPhone vs bad iPhone & why the rest of the world laughs at the state of the US’ mobile payments.

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Video Feed | Torrent Feed

Become a supporter on Patreon

Show Notes:

— Episode Links —

• LogMeIn acquires LastPass for $125m
• Obama administration opts not to force firms to decrypt data — for now – The Washington Post
• Mozilla Firefox will drop support for NPAPI plugins by the end of 2016, but will keep Flash around | VentureBeat | Dev | by Emil Protalinski
• Samsung and TSMC iPhone 6s Chips Show Smaller Real-World Battery Impacts Compared to Benchmarks – Mac Rumors
• Apple Claims TSMC vs Samsung A9 Chip Variants Result in Only 2-3% Difference in ‘Real World’ Battery Life – Mac Rumors
• The story in English | MobilePay

The post LogMeIn to LastPass | TTT 217 first appeared on Jupiter Broadcasting.

Amazon has a new TLS implementation & the details look great, we’ll share them with you. The technology that powers the NSA’s XKEYSCORE you could have deployed yourself.

Some fantastic questions, a big round up & much, much more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

Amazon releases s2n, a new TLS implementation

• s2n (signal2noise) is a brand new implementation of the TLS protocol in only ~6000 lines of code
• It has been fully audited, and will be re-audited once per year, paid for by Amazon
• It does not replace OpenSSL, as it only implements the TLS protocol (libssl) not the crypto primitives and algorithms (libcrypto). s2n can be built against any of the various libcrypto implementations, including: OpenSSL, LibreSSL, BoringSSL, and the Apple Common Crypto framework
• The API appears to be very easy to use, and prevent many common errors
• The client side of the library is not ready for use yet
• Features:
  • “s2n encrypts or erases plaintext data as quickly as possible. For example, decrypted data buffers are erased as they are read by the application.”
  • “s2n uses operating system features to protect data from being swapped to disk or appearing in core dumps.”
  • “s2n avoids implementing rarely used options and extensions, as well as features with a history of triggering protocol-level vulnerabilities. For example there is no support for session renegotiation or DTLS.”
  • “s2n is written in C, but makes light use of standard C library functions and wraps all memory handling, string handling, and serialization in systematic boundary-enforcing checks.”
  • “The security of TLS and its associated encryption algorithms depends upon secure random number generation. s2n provides every thread with two separate random number generators. One for “public” randomly generated data that may appear in the clear, and one for “private” data that should remain secret. This approach lessens the risk of potential predictability weaknesses in random number generation algorithms from leaking information across contexts. “
• One of the main features is that, instead of having to specify which set of crypto algorithms you want to prefer, in what order, as we have discussed doing before for OpenSSL (in apache/nginx, etc), to can either use ‘default’, which will change with the times, or a specific snapshot date, that corresponds to what was the best practise at that time
• Github Page
• Additional Coverage – ThreatPost
• It will be interesting to see how this compares with the new TLS API offered by LibreSSL, and which direction various applications choose to go.

How the NSA’s XKEYSCORE works

• “The NSA’s XKEYSCORE program, first revealed by The Guardian, sweeps up countless people’s Internet searches, emails, documents, usernames and passwords, and other private communications. XKEYSCORE is fed a constant flow of Internet traffic from fiber optic cables that make up the backbone of the world’s communication network, among other sources, for processing. As of 2008, the surveillance system boasted approximately 150 field sites in the United States, Mexico, Brazil, United Kingdom, Spain, Russia, Nigeria, Somalia, Pakistan, Japan, Australia, as well as many other countries, consisting of over 700 servers.”
• “XKEYSCORE allows for incredibly broad surveillance of people based on perceived patterns of suspicious behavior. It is possible, for instance, to query the system to show the activities of people based on their location, nationality and websites visited. For instance, one slide displays the search “germansinpakistn,” showing an analyst querying XKEYSCORE for all individuals in Pakistan visiting specific German language message boards.”
• “The sheer quantity of communications that XKEYSCORE processes, filters and queries is stunning. Around the world, when a person gets online to do anything — write an email, post to a social network, browse the web or play a video game — there’s a decent chance that the Internet traffic her device sends and receives is getting collected and processed by one of XKEYSCORE’s hundreds of servers scattered across the globe.”
• “In order to make sense of such a massive and steady flow of information, analysts working for the National Security Agency, as well as partner spy agencies, have written thousands of snippets of code to detect different types of traffic and extract useful information from each type, according to documents dating up to 2013. For example, the system automatically detects if a given piece of traffic is an email. If it is, the system tags if it’s from Yahoo or Gmail, if it contains an airline itinerary, if it’s encrypted with PGP, or if the sender’s language is set to Arabic, along with myriad other details.”
• You might expect some kind of highly specialized system to be required to do all of this, but that is not the case:
• “XKEYSCORE is a piece of Linux software that is typically deployed on Red Hat servers. It uses the Apache web server and stores collected data in MySQL databases. File systems in a cluster are handled by the NFS distributed file system and the autofs service, and scheduled tasks are handled by the cron scheduling service. Systems administrators who maintain XKEYSCORE servers use SSH to connect to them, and they use tools such as rsync and vim, as well as a comprehensive command-line tool, to manage the software.”
• The security of the system is also not as good as than you might imagine:
• “Analysts connect to XKEYSCORE over HTTPS using standard web browsers such as Firefox. Internet Explorer is not supported. Analysts can log into the system with either a user ID and password or by using public key authentication.”
• “When systems administrators log into XKEYSCORE servers to configure them, they appear to use a shared account, under the name “oper.” Adams notes, “That means that changes made by an administrator cannot be logged.” If one administrator does something malicious on an XKEYSCORE server using the “oper” user, it’s possible that the digital trail of what was done wouldn’t lead back to the administrator, since multiple operators use the account.”
• “There appears to be another way an ill-intentioned systems administrator may be able to cover their tracks. Analysts wishing to query XKEYSCORE sign in via a web browser, and their searches are logged. This creates an audit trail, on which the system relies to assure that users aren’t doing overly broad searches that would pull up U.S. citizens’ web traffic. Systems administrators, however, are able to run MySQL queries. The documents indicate that administrators have the ability to directly query the MySQL databases, where the collected data is stored, apparently bypassing the audit trail.”
• The system is not well designed, and could likely have been done better with existing open source tools, or commercial software designed to classify web traffic
• “When data is collected at an XKEYSCORE field site, it is processed locally and ultimately stored in MySQL databases at that site. XKEYSCORE supports a federated query system, which means that an analyst can conduct a single query from the central XKEYSCORE website, and it will communicate over the Internet to all of the field sites, running the query everywhere at once.”
• Your traffic is analyzed and will probably match a number of classifiers. The most specific classifier is added as a tag to your traffic. Eventually (3-5 days), your actual traffic is deleted to make room for newer traffic, but the metadata (those tags) are kept for 30-45 days
• “This is done by using dictionaries of rules called appIDs, fingerprints and microplugins that are written in a custom programming language called GENESIS. Each of these can be identified by a unique name that resembles a directory tree, such as “mail/webmail/gmail,” “chat/yahoo,” or “botnet/blackenergybot/command/flood.””
• “One document detailing XKEYSCORE appIDs and fingerprints lists several revealing examples. Windows Update requests appear to fall under the “update_service/windows” appID, and normal web requests fall under the “http/get” appID. XKEYSCORE can automatically detect Airblue travel itineraries with the “travel/airblue” fingerprint, and iPhone web browser traffic with the “browser/cellphone/iphone” fingerprint.”
• “To tie it all together, when an Arabic speaker logs into a Yahoo email address, XKEYSCORE will store “mail/yahoo/login” as the associated appID. This stream of traffic will match the “mail/arabic” fingerprint (denoting language settings), as well as the “mail/yahoo/ymbm” fingerprint (which detects Yahoo browser cookies).”
• “Sometimes the GENESIS programming language, which largely relies on Boolean logic, regular expressions and a set of simple functions, isn’t powerful enough to do the complex pattern-matching required to detect certain types of traffic. In these cases, as one slide puts it, “Power users can drop in to C++ to express themselves.” AppIDs or fingerprints that are written in C++ are called microplugins.”
• All of this information is based on the Snowden leaks, and is from any years ago
• “If XKEYSCORE development has continued at a similar pace over the last six years, it’s likely considerably more powerful today.”
• Part 2 of Article

[SoHo Routers full of fail]

Home Routers that still support RIPv1 used in DDoS reflection attacks

• RIPv1 is a routing protocol released in 1988 that was deprecated in 1996
• It uses UDP and so an attacker can send a message to a home router with RIP enabled from a spoofed IP address, and that router will send the response to the victim, flooding their internet connection
• ““Since a majority of these sources sent packets predominantly of the 504-byte size, it’s pretty clear as to why they were leveraged for attack purposes. As attackers discover more sourc­es, it is possible that this vector has the potential to create much larger attacks than what we’ve observed thus far,” the advisory cautions, pointing out that the unused devices could be put to work in larger and more distributed attacks.”
• “Researchers at Akamai’s Prolexic Security Engineering and Research Team (PLXsert) today put out an advisory about an attack spotted May 16 that peaked at 12.9 Gbps. Akamai said that of the 53,693 devices that responded to RIPv1 queries in a scan it conducted, only 500 unique sources were identified in the DDoS attack. None of them use authentication, making them easy pickings.”
• Akamai identified Netopia 2000 and 3000 series routers as the biggest culprits still running the vulnerable and ancient RIPv1 protocol on devices. Close to 19,000 Netopia routers responded in scans conducted by Akamai, which also noted that more than 5,000 ZET ZXv10 and TP-Link TD-8000 series routers collectively responded as well. Most of the Netopia routers, Akamai said, are issued by AT&T to customers in the U.S. BellSouth and MegaPath also distribute the routers, but to a much lesser extent.

Home Routers used to host Malware

• Home routers were found to be hosting the Dyre malware
• Symantec Research Paper of Dyre
• Affected routers include MikroTik and Ubiquiti’s AirOS, which are higher end routers geared towards “power user” and small businesses
• “We have seen literally hundreds of wireless access points, and routers connected in relation to this botnet, usually AirOS,” said Bryan Campbell, lead threat intelligence analyst at Fujitsu. “The consistency in which the botnet is communicating with compromised routers in relation to both distribution and communication leads us to believe known vulnerabilities are being exploited in the firmware which allows this to occur.”
• “Campbell said it’s not clear why so many routers appear to be implicated in the botnet. Perhaps the attackers are merely exploiting routers with default credentials (e.g., “ubnt” for both username and password on most Ubiquiti AirOS routers). Fujitsu also found a disturbing number of the systems in the botnet had the port for telnet connections wide open.”

Feedback:

• ZFS with 4K drives?

• ZFS Replication Between FreeNAS and Linux

• Splitting a pool

• DNS Transfer Email Downtime Followup

• FreeBSD Mastery: ZFS — Not just about ZFS

Round Up:

• Hacked OPM and Background Check Contractors Lacked Logs, DHS Says
• How Facebook stores 900 million new photos per day, using Blu-Ray disks Video
• Software developers are failing to implement crypto correctly, data reveals
• Windows 10 will share all of your WiFi passwords with your Outlook (and optionally Facebook) Contacts. Access points can opt out by adding ‘_optout’ to the SSID
• Cisco to buy security firm OpenDNS for $635 million
• Your F5 BIG-IP load balancer is not affected by the Redhat 4.x/5.x bug that might make it reboot during the leap second We are sorry your BIG-IP rebooted during the leap second
• DYN reports possible routing hiccup caused by leap second Turns out it was just someone accidently routing all traffic to Amazon AWS via their AS
• Someone is cutting fiber optic cables in California
• IKEA presents how they patched 3500 RHEL servers for the shellshock vulnerability in only 2.5 hours
• Scaling the Address Resolution Protocol for Large Data Centers (SARP)
• SSLv3 now officially deprecated
• Cisco UCDM (Unified Communications Domain Manager) has a default static password for a root account

The post Ripping me a new Protocol | TechSNAP 221 first appeared on Jupiter Broadcasting.

If we could rebuild the Internet from scratch, what would we change? It’s more than just a thought experiment. We’ll share the details about real world research being done today!

Plus we dig through the Sony hack, answer a ton of great question & a rocking roundup!

Thanks to:

• Get Paid to Write for DigitalOcean

Become a supporter on Patreon:

— Show Notes: —

Reinventing Computers And The Internet From Scratch, For The Sake Of Security

• DARPA funded research is looking at how we might design the Internet if we had to do it over again
• Many decisions that were made 30 and 40 years ago when UNIX and TCP/IP were designed, may be done differently today
• The overall project has a number of sub-projects:
  • CRASH – Clean-Slate Design of Resilient, Adaptive, Secure Hosts
  • MRC – Mission-Oriented Resilient Clouds
  • CTSRD – Clean Slate Trustworthy Secure Research and Development (Custard)
• BERI: Bluespec Extensible RISC Implementation: a open-source hardware-software research and teaching platform: a 64-bit RISC processor implemented in the high-level Bluespec hardware description language (HDL), along with compiler, operating system, and applications
• CHERI: capability hardware enhanced RISC instructions: hardware-accelerated in-process memory protection and sandboxing model based on a hybrid capability model
• TESLA: temporally enforced security logic assertions: compiler-generated runtime instrumentation continuously validating temporal security properties
• SOAAP: security-oriented analysis of application programs: automated program analysis and transformation techniques to help software authors utilize Capsicum and CHERI features
• The goal is to design newer secure hosts and networks, without having to maintain backwards compatibility with legacy systems, the biggest problem with changing anything on the Internet
• This is why there are still things like SSLv3 (instead of just TLS 1.2+), why we have not switched to IPv6, and why spam is still such a large problem
• I for one would definitely like to replaced SMTP, but no one has yet devised a plan for a system that the world could transition to without breaking legacy email while we wait for the rest of the world to upgrade
• “Corporations are elevating security experts to senior roles and increasing their budgets. At Facebook, the former mantra “move fast and break things” has been replaced. It is now “move slowly and fix things.””
• For performance reasons, when hardware and programming languages were designed 30 and 40 years ago, it was decided that security would be left up to the programmer
• The CHERI project aim to change this, by implementing ‘Capabilities’, a sandboxing and security mechanism into the hardware, allowing the hardware rather than the software to enforce protections, preventing unauthorized access or modification of various regions of memory by malicious or compromised applications.
• CHERI, and the software side of the project, Capsicum, are based on FreeBSD, but are also being ported to Linux, where Google plans to make extensive use of it in its Chrome and Chromium browsers.
• Additional Coverage

Sony Internal Network Hacked

• No, this is not Episode 3 of TechSNAP, Sony was hacked, again
• Hackers identifying the selves as Guardians of Peace (GOP) claim to have stolen as much as 100TB of data from Sony
• One questions how they managed to exfiltrate such a huge amount of data without being noticed. A full 1 GBPS internet connection would have to run at full capacity for 10 days to move that much data. It seems a lot of the data was likely compressible, but unreleased movies etc would not be
• At this point, only about 40GB of data has been leaked, mostly internal documents
• “The data dump includes employee criminal background checks, salary negotiations, and doctors’ letters explaining the medical rationale for leaves of absence. There are spreadsheets containing the salaries of 6,800 global employees, along with Social Security numbers for 3,500 U.S. staff. And there is extensive documentation of the company’s operations, ranging from the script for an unreleased pilot written by Breaking Bad creator Vince Gilligan to the results of sales meetings with local TV executives.”
• When will companies learn that a spread sheet is not a secure place to store sensitive information
• In a memo to Employees Sony Pictures Entertainment chiefs Michael Lynton and Amy Pascal said “While we are not yet sure of the full scope of information that the attackers have or might release, we unfortunately have to ask you to assume that information about you in the possession of the company might be in their possession,”
• Additional Coverage – CNET – 47,000 Social Security Numbers leaked, Celebrity Data included
• Additional Coverage – Sony Employees receive email threats: “your family will be in danger”
• Additional Coverage – BuzzFeed – Inside the Sony Data
• Additional Coverage – Gizmodo – Sony hack worse than thought
• Additional Coverage – Washington Post
• Additional Coverage – Edgadget
• Additional Coverage – The Verge
• George Clooney predicted the Sony Hack in December (in a now leaked email)
• Additional Coverage – BitDefender – Take Aways from the Sony Hack
• Additional Coverage – ArsTechnica – Attackers also stole certificates to sign malware

Feedback:

• Jupiter Dev Summit on Monday the 15th

• Remotely activate/disable firewall rules?

• AuthPF (works, especially remotely)

• FreeNAS/ZFS Filesystem Relationships

• Screenshot

• Naming software bugs like storms

• [ways to use as much bandwidth a possible? ](https://www.reddit.com/r/techsnap/comments/2oftzo/ways_to_use_as_much_bandwidth_a_p
  ossible/)

• Malware Authorship Language

• 31C3 – The 31st Chaos Communication Congress Who will be there?

Round Up:

• Sony hack: Studio Tries to Disrupt Downloads of its Stolen Files
• Brian Krebs interviewed on 60 Minutes
• Reset Linux Root Password
• Payment Processor “Charge Anywhere” transmitted some data in plain text, finds malware on their network stealing the data
• Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory
• Fabrice Bellard (FFMPEG, QEMU, etc) introduces BPG, a replacement for JPG based on HEVC, better image quality in smaller size. Javascript based decoder means all browsers can render the images already
• Ron Wyden (D-OR) Introduces bill to prevent FBI backdoors — “The Secure Data Act would ban agencies from making manufacturers alter their products to allow easier surveillance or search”
• Man arrested for trying to sell detailed plans for next US Air Craft Carrier to Egypt
• DMCA should be altered to allow tinkering with hardware
• Flaw in Mantis bug tracker allow attackers and spammers to bypass captchas
• Keurig 2.0 Genuine K-Cup Spoofing Vulnerability
• Why you should only trust open source for your sensitive emails

The post Signed by Sony | TechSNAP 192 first appeared on Jupiter Broadcasting.

We follow up on our review of openSUSE 13.2 & discuss how life on the rolling side has been going for some of our LUG members.

Plus the hardware box that promises to replace your password manager & we say goodbye to the Linux Outlaws.

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed | WebM Torrent Feed

Become a supporter on Patreon:

Show Notes:

Pre-Show:

• Unity 7 Won’t Go Away until Most Agree U8 is Better than U7

In a long list of life’s lessons learned, ‘be gentle pushing people onto your new code’ is high up. So we won’t require U8 for everyone even when it’s first class. It will be opt in till most people agree it’s better than U7

• Docker on Google Compute Now

FU:

• Save me from Unity!

• Linux hardware detection

• btrfs woes

openSUSE 13.2 Follow Up

• openSUSE 13.2 is Released

Dear contributors, friends and fans: openSUSE 13.2 is out! After one year on continuous improvement in the tools and procedures and many hours of developing, packaging, testing and fixing issues a new stable release is here providing the best that Free and Open Source has to offer with our special green touch: stable, innovative and fun!

• Facts about Tumbleweed and Factory merging

Installation

• openSUSE will always try to install alongside another distro or OS.
• Any btrfs partition assigned to root will automatically have subvolumes created.
• As stated, the disc prompt will go away if unselected in Software Repositories module of YaST.

Software

• gnome-software is good for software discovery and installation.
  • openSUSE didn’t have anything like this until now.
• Software Management is the YaST module for more advanced software management.
• Package Updater runs in the background and prompts via notification if there are updates.
• Software Repositories is the YaST module for configuring software repositories.
• YMP One-Click Installer extension for Chrome (https://chrome.google.com/webstore/detail/ymp-one-click-installer/chldcpnlaiffaelmcjkeodakmnkomldg?utm_source=chrome-ntp-icon)

Font Rendering

• Infinality is not dead, just updated.
• Add this repo (by infinality)

Tumbleweed/Factory

• Initial article
• Facts about Tumbleweed and Factory Merging
• Tumbleweed and Factory are now synonymous under the name Tumbleweed (as of November 4th)
• Factory continues to be the name of the development project.
• A how-to will be published soon, until then: https://lists.opensuse.org/opensuse-factory/2014-11/msg00073.html
• Factory is aliased to Tumbleweed for 6 months, after which Factory repos will no longer exist.
• Is truly rolling.
  • Tumbleweed was a stable base with rolling packages and kernel.
• Snapshot ISOs are available.

Goodbye to Linux Outlaws

• The Last Stand

After more than seven years of Linux Outlaws, my co-host Dan and myself have decided to end the show. This decision has been a while in the making and it is with a heavy heart that I am committing to finally announce it.

Mooltipass: Open Source Offline Password Keeper

Our team believes that great security can only be achieved through complete transparency. That’s why we have been publishing everything that goes into making the Mooltipass on our GitHub repository from the project’s start.

Just like Linux-based operating systems, open source allows our product to benefit from many engineers’ expertise. This results in better code quality, more trust from our final users and verified security implementation.

Runs Linux from the people:

• Send in a pic/video of your runs Linux.
• Please upload videos to YouTube and submit a link via email or the subreddit.

New Shows : Tech Talk Today (Mon – Thur)

• Tech Talk Today Today | Jupiter Broadcasting

Support Jupiter Broadcasting on Patreon

Post-Show

• tearing with ubuntu mate 14.10 with nvidia titan running 340 drivers.

The post OpenSUSE Followup | LINUX Unplugged 65 first appeared on Jupiter Broadcasting.

Gmail passwords may have been leaked, but there is some debate as to how bad the damage is. Google Voice gets rolled into Hangouts & we take a look at the results from “Internet Slowdown Day”.

Plus our thoughts on mobile payments, a great deal for Linux users & more!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

5 Million Gmail Usernames and Passwords Leaked

In what appears to be an unknown attack, hackers have dumped over 5,000,000 valid gmail username and passwords on the Internet early Wednesday morning.

Unknown hackers have leaked over five million valid credentials pertaining to Google Mail logins early this morning. The random dump of passwords first appeared on reddit’s netsec section linking to the another website hosting the leaked gmail accounts.

The .txt file of all leaked gmail usernames was found on BitCoin security (forum in Russian), where the leak is believed to be first offloaded. The file of leaked emails does not contain any passwords or other sensitive information, only full gmail email addresses.

As the leak was posted only hours ago, Reddit users are warning each other not to enter any email username or password combinations into any websites “to check if your password is secure.” It appears scams are already appearing or Reddit users are getting ready for the scams to come.

• Google Says No Compromise

“The security of our users’ information is a top priority for us,” a Google spokesperson told TNW. “We have no evidence that our systems have been compromised, but whenever we become aware that accounts may have been, we take steps to help those users secure their accounts.”

Next, since the posting, the forum administrators have purged the passwords from the text file in question, leaving only the logins. Furthermore, tvskit, the forum user who published the file, claimed that some 60 percent of the passwords were valid.

Google Voice Integration Is Currently Rolling Out In Hangouts

Google Voice is finally being integrated into Hangouts, because God knows Hangouts needed to be even more confusing. You can enable Voice SMS and voicemail via a popup in the conversation list, so check the app. If you still don’t see it, hang on. It’s still rolling out.

“Internet Slowdown Day” sends over 111,000* new comments on net neutrality to FCC

The effort appears to have made a difference: According to the FCC*, by 6 PM ET the agency saw 111,449 new public comments added to the already record-setting total, with some 41,173 filed into the 14-28 docket of the FCC’s website since and another 70,286 sent to the openinternet@fcc.gov inbox, setting a new high water mark of some 1,515,144 to date, with more yet to come. As reported by Mike Masnick, citing ThinkProgress, the Internet slowdown generated 1000 calls per minute to Congress. *Update: Fight for the Future claims that more than 500,000 comments have been submitted through Battleforthenet.com and that the FCC hasn’t caught up. According to the nonprofit, “this happened during our last big push too when their site crashed. We are storing comments and will deliver all.”

IDG shutters Macworld Magazine, much of the editorial staff let go | 9to5Mac

International Data Group (IDG) is shutting down Macworld Magazine, the long time Apple periodical according to tweets by staff and conversations I’ve had with personnel.

The Macworld.com website will remain open [although as a shell of its former self -ed] with a reduced staff according to Dan Miller (editor), who himself is leaving in a month.

Why pay with your phone? : techtalktoday

Floppy-Bacon Writes

Is payment the stores in the US really as bad as Apple’s presentation made it look? When I pay with my debit card (or credit card), I don’t hand it to the cashier. I insert it into a small device and enter my 4-digit PIN code; fast and secure. I do not need to identify my self, I do not any detail about my card and I do not have 15 cards in my wallet or however many cards she had in the video. I know that I hate technology, but do you really want to pay with your phone rather than just fix the payment system to how it works elsewhere? For the time being you still need to have your wallet with your for all the other stuff. (And taking my phone with me with just be extra cumbersome.)

Crossover Linux 50% off : linux_gaming

I received an e-mail this morning from CodeWeavers that CrossOver Linux + 12 months of support is 50% off for the next 48 hours.

Promotional Code: FLASHME

For more information: https://www.codeweavers.com/products/crossover-linux

The post The New Payphone | Tech Talk Today 57 first appeared on Jupiter Broadcasting.

We start with the leaked celebrity photos, cloud storage’s critical flaw, Anand Shimpi leaving AnandTech for Apple, China giving MS 20 days & much more!

Plus the big test of Microsoft’s commitment to user privacy.

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Naked celebrity hack: security experts focus on iCloud backup theory | The Guardian

Over the weekend, hundreds of nude photos of celebrities were leaked on 4chan before spreading to multiple Internet sites, with one of the involved hackers pointing towards iCloud as the source of the material.

One theory gaining ground is that many of the pictures had been accumulated by one hacker over a period of time – and were then “popped” by another hacker who somehow broke into a machine belonging to the first. Lending weight to that was that one of the earliest photos found in a cache released online dated to December 2011, while the most recent was from 14 August.

Some have also pointed to the presence of a Dropbox tutorial file in one hacked account as suggesting that the third-party cloud storage service was a source of some pictures.

• Mac Rumors: Apple Mac iOS Rumors and News You Care About

• Apple Says It Is “Actively Investigating” Celeb Photo Hack | Re/code

Apple said Monday it was “actively investigating” the violation of several of its iCloud accounts, in which revealing photos and videos of prominent Hollywood actresses were taken and posted all over the Web.

FBI investigating alleged iCloud celebrity hack as Reddit ‘suspect’ declares innocence

[The FBI is] aware of the allegations concerning computer intrusions and the unlawful release of material involving high profile individuals, and is addressing the matter. Any further comment would be inappropriate at this time.

Reddit sleuths, meantime, accused Southern Digital Media sysadmin Brian F Hamade of being the man who leaked the photos. This was based on the same drive names appearing on a screenshot posted by the leaker and ones on an old Reddit post by Hamade.

Hamade has this morning denied the claims in an interview with Buzzfeed, claiming that he did post the screenshot but that it was Photoshopped.

• 4ARww0T.jpg (490×490)

AnandTech Publisher Anand Shimpi Headed to Apple | Re/code

Anand Lal Shimpi, the editor and publisher of the well-regarded AnandTech site, is going to work at Apple.

An Apple rep confirmed that the company was hiring Shimpi, but wouldn’t provide any other details.

Last night, via a post on the site he founded in 1997, Shimpi said he was “officially retiring from the tech publishing world,” but didn’t say what he was doing next. “I won’t stay idle forever. There are a bunch of challenges out there :)”, he wrote.

AnandTech will continue publishing, and would be run by new editor in chief Ryan Smith.

China gives Microsoft 20 days to provide explanation in anti-trust probe | Reuters

A Chinese anti-trust regulator said on Monday it has given Microsoft Corp (MSFT.O) 20 days to reply to queries on the compatibility of its Windows operating system and Office software suite amid a probe into the world’s largest software company.

The State Administration for Industry and Commerce (SAIC) questioned Microsoft Vice President David Chen and gave the company a deadline to make an explanation, the agency said in a short statement on its website.

According to a state media report on Monday, Microsoft’s use of verification codes also spurred complaints from Chinese companies. Their use “may have violated China’s anti-monopoly law”, the official Xinhua news agency said on Monday.

Microsoft refuses to comply after judge revives overseas data search warrant | ZDNet

A US judge has lifted a stay on a ruling, forcing Microsoft to hand over data it stores overseas. But the software giant said it will not comply, pending an appeal.

The government says that the order is not appealable at this stage, and Preska agrees. The Friday order says that the contempt order would be subject to appellate review. This disagreement over the path to appeal is, says the order, “the subject of hot dispute.”

Support Aaron Seigo creating videos about free software

The post The Cloud Exposed | Tech Talk Today 51 first appeared on Jupiter Broadcasting.

The GTK camp is pushing hard for Client Side Decorations, but there are some major drawbacks on non-Gnome desktops. We discuss the pros and cons, and if this is going to lead to a new kind of desktop Linux fragmentation.

Plus our thoughts on the best password managers, your follow up, and more!

Thanks to:

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed | WebM Torrent Feed

Show Notes:

F.U.

• Ubuntu One.. Not Dead Yet!

• Switching to Linux

• RE: Heartbleed This is what I see

• LibreSSL

• DigitalOcean, perfect use case for a HUGE (16 core, 48G RAM) VM

• A small segment on LAS that introduces and discusses password managers?

• Straw Poll: Your Password Manager Choice?

Client Side Diva

• Open Letter: The issues with client-side-window-decorations

That’s why I decided to CC the Ayatana mailinglist and publish this letter as an open letter on my blog. CSD is a topic that is important for every user and nothing we should discuss in a small group.

Consistent window decorations: This in fact is my greatest doubt. The current situation is that all windows have the same window decoration. For CSD to work applications have to be changed to support them. This will render the changed applications using CSD while all other applications are decorated by the window manager. I think it is impossible to have the same behavior for both CSD and wm decos. I think there are lots of legacy applications which cannot be changed, for example Amarok 1.4 which is still used by many users even in GNOME. I doubt you will be able to change Qt 3 to use CSD. My bigger concern is that we will end up with applications shipping their own style and doing their own kind of decorations. So we end up with situations like one window has buttons on left, one on the right, one in order close, maximize, minimize, the other in close, minimize, maximize, etc.

Just look on the Microsoft Windows desktop to see what proprietary applications tend to do when they get the chance to influence the decorations.

The Wayland Reason, he disagrees with:

Get gtk+ working on Wayland: I don’t see how Wayland can be an argument for CSD. Could we consider Wayland as unimportant till it is looking like something is actually going on? I checked the commits in 2010 in the public git repository and well it looks like KWin has more commits per day. It’s nice that you think of the future, but please don’t use it for argumentation. So also not valid.

On the Gnome Wiki they state this about Wayland and Client Side Decorations:

• Initiatives/Wayland/GTK+ – GNOME Wiki!

Under Wayland, it is preferred that clients render their own window decorations. Since gnome-shell will need to keep support for decorating X clients, it would be good if GTK+ and gnome-shell could share the css theming.

The comment thread on this post introducing CSD in Gnome 3.10 is quite interesting

• CSDs came to stay in GNOME 3.10! | woGue

The post Client Side Drama | LINUX Unplugged 37 first appeared on Jupiter Broadcasting.

We\’ll be showing you how to do a fully-encrypted installation of FreeBSD and OpenBSD. We also have an interview with Damien Miller – one of the lead developers of OpenSSH – about some recent crypto changes in the project. If you\’re into data security, today\’s the show for you. The latest news and all your burning questions answered, right here on BSD Now – the place to B.. SD.

Thanks to:

• iXsystems: This is what 80 cores and 1TB of RAM looks like!

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

Secure communications with OpenBSD and OpenVPN

• Starting off today\’s theme of encryption…
• A new blog series about combining OpenBSD and OpenVPN to secure your internet traffic
• Part 1 covers installing OpenBSD with full disk encryption (which we\’ll be doing later on in the show)
• Part 2 covers the initial setup of OpenVPN certificates and keys
• Parts 3 and 4 are the OpenVPN server and client configuration
• Part 5 is some updates and closing remarks

FreeBSD Foundation Newsletter

• The December 2013 semi-annual newsletter was sent out from the foundation
• In the newsletter you will find the president\’s letter, articles on the current development projects they sponsor and reports from all the conferences and summits they sponsored
• The president\’s letter alone is worth the read, really amazing
• Really long, with lots of details and stories from the conferences and projects

Use of NetBSD with Marvell Kirkwood Processors

• Article that gives a brief history of NetBSD and how to use it on an IP-Plug computer
• The IP-Plug is a \”multi-functional mini-server was developed by Promwad engineers by the order of AK-Systems. It is designed for solving a wide range of tasks in IP networks and can perform the functions of a computer or a server. The IP-Plug is powered from a 220V network and has low power consumption, as well as a small size (which can be compared to the size of a mobile phone charger).\”
• Really cool little NetBSD ARM project with lots of graphs, pictures and details

Experimenting with zero-copy network IO

• Long blog post from Adrian Chad about zero-copy network IO on FreeBSD
• Discusses the different OS\’ implementations and options
• He\’s able to get 35 gbit/sec out of 70,000 active TCP sockets, but isn\’t stopping there
• Tons of details, check the full post

Interview – Damien Miller – djm@openbsd.org / @damienmiller

Cryptography in OpenBSD and OpenSSH

Full disk encryption in FreeBSD & OpenBSD

• Shows how to install both FreeBSD and OpenBSD with full disk encryption
• We\’ll be using geli and bioctl and doing it step by step

News Roundup

OpenZFS office hours

• Our buddy George Wilson sat down to take some ZFS questions from the community
• You can see more info about it here

License summaries in pkgng

• A discussion between Justin Sherill and some NYCBUG guys about license frameworks in pkgng
• Similar to pkgsrc\’s \”ACCEPTABLE_LICENSES\” setting, pkgng could let the user decide which software licenses he wants to allow
• Maybe we could get a \”pkg licenses\” command to display the license of all installed packages
• Ok bapt, do it

The post Cryptocrystalline | BSD Now 16 first appeared on Jupiter Broadcasting.

A researcher stumbles into the middle of a botnet war, and documents what he finds. Plus a Facebook mistake took down countless sites around the web.

Then it’s huge batch of your questions, our answers, and much much more!

Thanks to:

Use our code tech295 to get a .COM for $2.95.

Something else in mind? Use go28off2 to save 28% on your entire order!

Pick your code and save:
techsnap7: $7.49 .com
techsnap10: 10% off
techsnap11: $1.99 hosting for the first 3 months
techsnap20: 20% off 1, 2, 3 year hosting plans
techsnap40: $10 off $40
techsnap25: 25% off new Virtual DataCenter plans
techsnapx: 20% off .xxx domains

 

Support the Show:

   

Support the Show:

   

Support the Show:

   

Support the Show: