Our best open source alternatives to LastPass. We run down the easy, the straight forward & the totally custom solutions to rolling your password managment. All our picks are totally open source, auditable & ready to use today.

Plus the first reviews of the Steam Machines hit the web, Red Hat’s big buy, GIMP in your browser & more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | OGG Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

Brought to you by: System76

LastPass Killers

• Yahoo Mail drops passwords and adds third-party email support for new apps

It’s Yahoo Mail‘s 18th birthday this month and to mark the occasion, Yahoo is pulling out all the stops with three major announcements: a brand new mobile app for Android and iOS, the support for multiple third-party email accounts and, perhaps most significantly, the introduction of a completely password-free sign-in experience called Yahoo Account Key.

LastPass Joins the LogMeIn Family

It’s a big day here at LastPass. We’re thrilled to announce that we’re joining LogMeIn. As one of the world’s leading SaaS companies, we can’t imagine a better team to align with our values and product-driven mission. With their experience in growing successful brands like join.me, we’re excited to join LogMeIn in delivering the next generation of identity and access management for individuals, teams and companies, with LastPass at the forefront.

KeePass

• KeepassC

KeePassC is a password manager fully compatible to KeePass v.1.x and KeePassX. That is, your
password database is fully encrypted with AES.

KeePassC is written in Python 3 and comes with a curses-interface. It is completely controlled
with the keyboard (vim-like keys are supported).

Some features are:

• AES encryption of the database with password and/or keyfile
• Included customizable password generator
• KeePassX and KeePass v.1.x compatible (KeePass v2.x planned)
• Database entries are sorted in alphabetically sorted groups
• Subgroups of groups
• Entries are identified by a title
• Search entries by this title and show matches in an own group
• Set expiration dates to remind you that a new password is needed
• Unicode support
• Copy username and password to clipboard
• Auto-locking workspace and self-deleting clipboard with adjustable delays
• Options to remember last database and last keyfile
• Open URLs directly in your standard browser
• Optional use of vim/ranger-like keys
• Simple command line interface
• Network functionality including multiuser support

• The last can be used to omit password entering, too

• kpcli – A command line interface for KeePass

A command line interface (interactive shell) to work with KeePass 1.x or 2.x database files. This program was inspired by my use of the CLI of the Ked Password Manager (“kedpm -c”) combined with my need to migrate to KeePass.

Pass

Password management should be simple and follow Unix philosophy. With pass, each password lives inside of a gpg encrypted file whose filename is the title of the website or resource that requires the password. These encrypted files may be organized into meaningful folder hierarchies, copied from computer to computer, and, in general, manipulated using standard command line file management utilities.

pass makes managing these individual password files extremely easy. All passwords live in ~/.password-store, and pass provides some nice commands for adding, editing, generating, and retrieving passwords. It is a very short and simple shell script. It’s capable of temporarily putting passwords on your clipboard and tracking password changes using git.

• Pass for Android on F-Droid

How Active is Pass Development?

• Migrating your data to Pass

To free password data from the clutches of other (bloated) password managers, various users have come up with different password store organizations that work best for them.

Using Git to Sync Pass

First install and then setup git

1 $ git config --global user.name  "John Doe"
2 $ git config --global user.email "johndoe@foobar.com"
3 $ pass git init

QtPass GUI for pass, the standard UNIX password manager

• Using pass or git and gpg2 directly
  • Cross platform: Linux, BSD, OS X and Windows
  • Reading pass password stores
  • Decrypting and displaying the password and related info
  • Editing and adding of passwords and information
  • Updating to and from a git repository
  • Per-folder user selection for multi recipient encryption
  • Configuration options for backends and executable/folder locations
  • Copying password to clipboard
  • Configurable shoulder surfing protection options
  • Experimental WebDAV support

Planned features

• Re-encryption after users-change (optional ofcourse).
• Plugins based on key, format is same as password file.
• Colour coding folders (possibly disabling folders you can’t decrypt).
• WebDAV (configuration) support.
• Optional table view of decrypted folder contents.
• Opening of (basic auth) urls in default browser? Possibly with helper plugin for filling out forms?

• Some other form of remote storage that allows for accountability / auditing (web API to retreive the .gpg files)?

• GPG – How to trust an imported key

Encryptr – Powered by Crypton

Encryptr is simple and easy to use. It stores your sensitive data like passwords, credit card data, PINs, or access codes, in the cloud. However, because it was built on the zero-knowledge Crypton framework, Encryptr ensures that only the user has the ability to access or read the confidential information. Not the app’s developers, cloud storage provider, or any third party.

Encryptr only ever encrypts or decrypts your data locally on your device. No plain text is ever sent to the server, not even your passphrase. This is what zero-knowledge means.*

You don’t even need to hand over any personal data to register. Not your name, and not your email address. The app only requires a username and a passphrase.

Encryptr is free, and completely open source. This includes Crypton.

Firefox Password Manager

If you use the same simple password for everything you will be more susceptible to identity theft. The Create secure passwords to keep your identity safe article shows you an easy method for creating secure passwords and using the Password Manager, as described above, will help you remember them all.

Even though the Password Manager stores your usernames and passwords on your hard drive in an encrypted format, someone with access to your computer can still see or use them. The Use a Master Password to protect stored logins and passwords article shows you how to prevent this and keep you protected in the event your computer is lost or stolen.

When paired with Firefox sync feature this effectively emulates LastPass without Yubikey support, and without the password generation feature.

— PICKS —

Runs Linux

Etch-a-sketch RUNS LINUX!

Over on YouTube user devnulling has uploaded a video showing his “Etch-A-SDR” project. This project involved creating an all-in-one SDR device out of an Odroid C1, Teensy 3.1 and an RTL-SDR dongle. The Odroid C1 is an embedded computer, similar to the Raspberry Pi 2 and the Teensy 3.1 is a microcontroller development board. The “Etch-A-SDR” is named as such because of its resemblance to an Etch-A-Sketch toy. It has two knobs that can be used for tuning and several side buttons for changing demodulation modes etc.

Upon boot the Etch-A-SDR opens GQRX and is ready for tuning within seconds of turning it on. In addition to using it as a portable SDR with GQRX the Etch-A-SDR can also be booted into normal Linux mode and into Etch-A-Sketch mode, where it operates as a normal Etch-A-Sketch toy.

The code can be downloaded from https://github.com/devnulling/etch-a-sdr.

Desktop App Pick

FreeMind Mind Mapping Tool

FreeMind is a premier free mind-mapping software written in Java. The recent development has hopefully turned it into high productivity tool. We are proud that the operation and navigation of FreeMind is faster than that of MindManager because of one-click “fold / unfold” and “follow link” operations.

• Keeping Track of Projects
• Project workplace
• Workplace for Internet Research
• Essay Writing and Brainstorming
• Small Database with structure
• Commented Internet Favorites or Bookmarks

Weekly Spotlight

Hangups

hangups is the first third-party instant messaging client for Google
Hangouts. It includes both a Python library and a reference client with a
text-based user interface.

Unlike its predecessor Google Talk, Hangouts uses a proprietary,
non-interoperable protocol. hangups is implemented by reverse-engineering
this protocol, which allows it to support features like group messaging that
aren’t available in clients that connect via XMPP.

hangups is still in an early stage of development. The reference client is
usable for basic chatting, but the API is undocumented and subject to change.
Bug reports and pull requests are welcome!

— NEWS —

GIMP Online – rollApp

Run GIMP and other X11 apps in your web browser.

Red Hat is buying Ansible for more than $100M

Buying Ansible — one of four major providers of at least partly open-source devops tools — makes sense, because it can add to Red Hat’s line of offerings. Plus, Ansible already integrates with Red Hat’s OpenShift, OpenStack, and Red Hat Enterprise Linux software.

• Red Hat buys Ansible to bolster its developer toolset – Fortune

As part of the deal, about50 Ansible employees will join Red Hat

• Red Hat Is Buying IT Automation Startup Ansible, Reportedly For Around $100M | TechCrunch

Red Hat today also provided a brief update to its earnings as part of the news. It says the acquisition is expected to have no material impact to Red Hat’s revenue for the third and fourth quarters of its fiscal year. Non-GAAP operating expenses for fiscal 2016 will be increased by $2 million, or ($0.01) per share, in Q3 and $4.0 million, or ($0.02) per share, in Q4 as a result of the transaction.

Proxmox VE 4.0 is OUT

This video highlights the new features in Proxmox VE 4.0:

• Debian Jessie 8.2 and 4.2 Linux kernel
• Linux Containers (LXC)
• IPv6 support
• Bash completion
• New Proxmox VE HA Manager

View all updates: https://pve.proxmox.com/wiki/Roadmap

The Alienware Steam Machine: finally, a gaming PC for the living room

I used to laugh when I saw Linux users scramble to build compatibility layers to play “real” PC games. I chuckled when Valve CEO Gabe Newell lambasted Windows 8 as a “catastrophe for everyone,” proffering Linux and SteamOS as a viable alternative. It seemed so far-fetched, so silly. Truth be told, I’m still laughing — but now it’s because I’m enjoying myself. The Alienware Steam Machine has some growing pains, but it’s fun. Lots of fun.

• Steam’s living room hardware blitz gets off to a muddy start | Ars Technica

It’s all very smooth, overall, but there were a few sticking points that seemed a little rough compared to other game consoles. While the system hasn’t frozen on us during a game yet, there have been a handful of times where the whole OS hung when we were closing or opening a title, requiring a system reboot that took 30 to 60 seconds. We ran into occasional problems with webpage scrolling, the on-screen keyboard, and Wi-Fi recognition as well, all of which disappeared with a reboot.

We also found a few SteamOS games that still include an intermediate “launcher” screen that asks players to confirm resolution and other settings. That’s only an annoyance because these screens can’t be navigated with the Steam Controller; you need to plug in a mouse and keyboard to get through to the actual game in these cases. While the SteamOS interface includes large warnings that these games require extra hardware, and Valve isn’t directly responsible for third-party developers’ unfriendly decisions, it still seems like an oversight to have such games be unplayable out of the box.

• ARCH steam controller not detected properly

Feedback:

• https://slexy.org/view/s2Y836bi9B
• https://slexy.org/view/s2sQ9ZkWTx
• https://slexy.org/view/s2VwIphEzi
• https://www.indiegogo.com/projects/open-foss-training#/

Rover Log Playlist

Watch the adventures, productions, road trips, trails, mistakes, and fun of the Jupiter Broadcasting mobile studio.

• Support Jupiter Broadcasting on Patreon

Chris’s Twitter account has changed, you’ll need to follow!

Chris Fisher (@ChrisLAS) | Twitter

— CHRIS’ STASH —

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— NOAH’S STASH —

Noah’s Day Job

Altispeed Technologies

Contact Noah

noah [at] jupiterbroadcasting.com

Find us on Google+

• Chris
• Noah J. Chelliah
• Jupiter Broadcasting’s Page

Find us on Twitter

• Chris – ChrisLAS
• Noah – Kernellinux

Follow us on Facebook

• Jupiter Broadcasting on Facebook
• Noah – Kernellinux

Catch the show LIVE Friday:

• https://jblive.tv
• Network Calendar

The post Passing On LastPass | LAS 387 first appeared on Jupiter Broadcasting.

Google has big changes planned for Chrome users, Tumblr’s big year & making solar panels more efficient with Blu-Ray discs.

Plus a bonus Kickstarter of the week & much more!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Google Chrome will block all NPAPI plugins by default in January, drop support completely in September | VentureBeat | News Briefs | by Emil Protalinski

Google today provided an update on its plan to remove Netscape Plugin Application Programming Interface (NPAPI) from Chrome, which the company says will improve the browser’s security, speed, and stability, as well as reduce complexity in the code base. In short, the latest timeline is as follows: Block all plugins by default in January 2015, disable support in April 2015, and remove support completely in September 2015.

For context, Google first announced in September 2013 that it was planning to drop NPAPI. At the time, Google said anonymous Chrome usage data showed just six NPAPI plugins were used by more than 5 percent of users, and the company was hoping to remove support from Chrome “before the end of 2014, but the exact timing will depend on usage and user feedback.”

While NPAPI usage has continued declining since then, the drop has not been as quick as Google hoped. The latest usage data (for October 2014) shows the following launch percentages:

• Silverlight (11 percent of Chrome users, down from 15 percent)
• Google Talk (7 percent of Chrome users, down from 8.7 percent)
• Java (3.7 percent of Chrome users, down from 8.9 percent)
• Facebook Video (3 percent of Chrome users, down from 6 percent)
• Unity (1.9 percent of Chrome users, down from 9.1 percent)
• Google Earth (0.1 percent of Chrome users, down from 9.1 percent)

The above six are part of a small number of popular plugins currently whitelisted and allowed by default in Chrome (Silverlight is primarily used by Netflix users, but the company is slowly shifting to HTML5). In January 2015, Google plans to remove the whitelist, blocking all plugins by default.

Users will still be able to allow NPAPI plugins for specific sites by clicking on the “Plug-in blocked” message in the URL bar and choosing “Always allow plug-ins on [website].” Here is how that looks:

In April 2015, this will no longer be an option as NPAPI support will be disabled by default in Chrome and Google will unpublish extensions requiring NPAPI plugins from the Chrome Web Store.

Tumblr Overtakes Instagram As Fastest-Growing Social Platform, Snapchat Is The Fastest-Growing App | TechCrunch

With 1.35 billion active monthly users, Facebook continues to be the world’s largest social network by some margin, but when it comes to picking up new users, it appears to have reached a saturation point. Research out today from the Global Web Index notes that Tumblr’s active user base in the last six months grew by 120%, while Facebook’s grew by only 2%.

And in overall member growth, Pinterest took the lead with 57% growth while Facebook’s member base grew by 6%.

Instagram, LinkedIn, Twitter, YouTube and even Google+ all grew faster than Facebook.

A More Efficient Solar Panel Can Be Made With Old Blu-Ray Discs

A group of researchers at Northwestern managed to make more efficient solar panels based off of the patterns on Blu-ray disc. They began by cutting off the edges a Blu-ray copy of the 1992 Jackie Chan flick _Police Story 3 _and opening up the disc. (It’s actually not a bad movie, especially for those of you into Hong Kong capers.) The researchers were after the quasi-random nanostructure that encode the data on the disc. _IEEE Spectrum _explains why the way data is stored on Blu-ray makes it relevant to solar panels, especially compared to other DVDs.

The researchers then used the open face of the Blu-ray disc to make a mold that was stamped over solar panels, giving the panels the same nanostructure pattern as the original disc. The Blu-ray-patterned solar panels ended up being 12 percent more efficient than smooth ones.

Black Friday / Cyber Monday Subreddit

The largest subreddit dedicated to Black Friday!

HashKey: a dedicated 1-key keyboard for the hashtag by Ben Gomori — Kickstarter

We’re finally giving the hashtag its own key. The HashKey is the world’s first one-key USB keyboard – dedicated solely to the hashtag.

The post Jackie Chan that Solar Panel | Tech Talk Today 98 first appeared on Jupiter Broadcasting.

Why Hyping Cyber Threats is Counterproductive & not knowing is never good enough. Plus the malware that targets Hotel visitors, FreeNAS themed questions, our answers & much, much more!

Thanks to:

• Get Paid to Write for DigitalOcean

Become a supporter on Patreon:

— Show Notes: —

“Do Diligence”? Why, not knowing is safer…

• “As I travel around speaking, performing network assessments, and discussing security with various corporate leaders, I often hear a fairly consistent and disturbing mantra.”
• “If you find vulnerabilities and risks in our environment, then we will have to fix it.”
• The problem seems to be, especially in larger more bureaucratic organizations, that if you know about a problem and do not fix it, you are at fault; but if you didn’t know there was a problem, you are blameless
• At some point, in order for security to actually be advanced, people need to take responsibility.
• The CTO/CIO/CSO didn’t know that that “might be a problem” and that it “needed to be investigated”, or that the 3rd party vendor access to our “secure” network was a gaping back door, then the person who hired that C*O should be fired, for hiring an incompetent person
• I am not saying that a breach is the fault of the security officer, but if there is no plan in place about what to do in the event of a breach (because it is a question of WHEN it will happen, not IF), then that is the fault of the security officer
• “The old adage comes to mind, “ignorance of the law is no excuse” and this holds true in information security as well.”
• “A common perspective is that cyber security is primarily the responsibility of the IT department. If a data breach incident occurred, the senior IT executive was the only one to take the fall, and usually only if there was incompetence involved vs. simply bad luck.”
• There is always going to be some adversary out there that is smarter than you, so you have to plan in advance. Defense in depth, early detection and isolation, mitigation and remediation, disaster recovery planning, disclosure and compliance procedures, and just generally having procedures to follow in times of crisis are just some of the things that can be done to handle these situations more gracefully

Schneier: Why Hyping Cyber Threats is Counterproductive

• Schneier highlights a pair of essays on the topic, and his blog has a number of interesting comments as well
• The first article details reasons why ‘Cyber-Angst’ rather than real critical thinking and problem solving, are likely to cause more problems
• OMG Cyber! Thirteen Reasons Why Hype Makes For Bad Policy
• In 2014, the market for information-security spending topped $70 billion
• “Several parties think that overstating ‘cyber’ is in their own best interest. Security firms like a clearly stated threat in order to sell their security products. Contractors capitalise on fear to get funding from the executive branch. The Pentagon finds a bit of hype useful to keep the money coming in. The armed services each eye a larger slice of the budget pie. The White House love some good cyber-angst to nudge law-makers into action. Fear of Chinese cyber-attack makes it easier for members of Congress to relate to voters. Reporting cyber-war means that journalists sell more copy. Academics get quotations and attention from the buzz. Hype up cyber, and everybody wins”
• Hype Creates Confusion
• Hype Limits Results
• Hype Betrays Purpose
• Hype Erodes Talent
• Hype Creates Friction
• Hype Breeds Cynicism
• Hype Degrades Quality
• Hype Weakens Products
• Hype Clouds Analysis
• Hype Kills Nuance
• Hype Escalates Conflict
• Hype Feeds Hypocrisy
• Hype Undermines Trust
• A few other great headlines and quotes in the article:
• Most journalists writing about leaked documents do not understand their limitations
• Hype damages the public’s trust and confidence in the Internet
• “in the bureaucratic setup of a large intelligence agency, presentation skills can become more valuable than coding skills. It gets worse once it dawns on ‘PowerPoint warriors’ that technical jargon works like magic on superiors who may not fully grasp the details”
• The second article Schneier links to makes similar points
• Enough! Stop hyping every new security threat
• “Here’s how it works these days: A security firm finds out about a vulnerability, then sends its PR folks into overdrive to promote it as the biggest of all time”
• It started with ‘code names’ for operations, like: Night Dragon, Project Aurora, and Operation Shady Rat, then it got into “proactive marketing of individual exploits with supercool names — Shellshock, Heartbleed, Sandworm — some of which even have logos”
• “Is this the new norm? You find a vulnerability, then get your PR team and graphic designers involved to gin up the most hype that can possibly be created?”
• “I understand why these firms are doing this. They want to get maximum exposure to sell their products and services, like ambulance-chasing lawyers. But McAfee and Symantec made billions after Code Red, Slammer, and Blaster without creating and pushing logos”
• The tone of the article is somewhat dampened by the inline advertisement for other Infoworld articles: “Watch out for 11 signs you’ve been hacked — and learn how to fight back, in InfoWorld’s PDF special report. | Discover how to secure your systems with InfoWorld’s Security newsletter.”
• And I couldn’t help but pull this quote: “Can you imagine how a real “big one” will be marketed in the future? Cue the operatic music and overlay graphics. Will it be like the Weather Channel’s “Storm of the Century” full-time news cycle with cyber security pros blown around in heavy winds, showing crying website widows holding wet cat GIFs among digital portal ruins?”

DarkHotel APT – Infecting Corporate travellers since 2007

• Kaspersky Labs details a newly disclosed Advanced Persistent Threat that targets executives that stay in high end hotels
• “This APT precisely drives its campaigns by spear-phishing targets with highly advanced Flash zero-day exploits that effectively evade the latest Windows and Adobe defenses, and yet they also imprecisely spread among large numbers of vague targets with peer-to-peer spreading tactics.”
• The APT takes over the WiFi networks of hotels, using a Man-In-the-Middle style attack tricks guests using the wifi into installing a “software update” or other such thing “required to access the internet”
• “… they delegitimize Certificate Authorities to further their attacks. They abuse weakly implemented digital certificates to sign their malcode. The actor abused the trust of at least ten CAs in this manner. Currently they are stealing and re-using other legitimate certificates to sign their mostly static backdoor and infostealer toolset.”
• The updates look legitimate because they are digitally signed, so even corporate security software that blocks unsigned applications is ineffective
• Once the malware is installed, it can start stealing sensitive documents, and keep doing so even after the guest leaves the hotel
• “The more interesting travelling targets include top executives from the US and Asia doing business and investment in the APAC region.” including victims in a number of industries:
• Very large electronics manufacturing
• Investment capital and private equity
• Pharmaceuticals
• Cosmetics and chemicals manufacturing offshoring and sales
• Automotive manufacturer offshoring services
• Automotive assembly, distribution, sales, and services
• Defense industrial base
• Law enforcement and military services
• Non-governmental organizations
• “When Kaspersky Lab researchers visited Darkhotel incident destinations with honeypot machines they did not attract Darkhotel attacks, which suggests the APT acts selectively. Further work demonstrated just how careful these attackers were to hide their activity – as soon as a target was effectively infected, they deleted their tools from the hotel network staging point, maintaining a hidden status”

Feedback:

• New FreeNAS plugins available

• Building a server for FreeNAS and could use some help!

Round Up:

• Unscheduled Windows update kills critical security bug under active attack
• Post Mortem on Azure Storage outage
• Linux Kernel 3.2 has bad performance, it should be avoided, 2.6 best or 3.13 or later the best of the 3.x
• Cricket, one of the US telcos blocking STARTSSL named and shamed
• US spies on mobile phones from the sky, report says
• Computer scientists claim to have developed software that not only detects and eradicates never-before-seen viruses and other malware, but also automatically repairs damage caused by them
• US Cert issues advisory about iOS Masque flaw

The post Security Hype Machine | TechSNAP 189 first appeared on Jupiter Broadcasting.

The majority of systemd hate appears to be coming from just two sources. At least that’s what we suspect & call them out.

Plus a review of OpenMediaVault and how it compares to FreeNAS, a quick look at Tox & what the heck is Fedora’s DNF?

Thanks to:

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed | WebM Torrent Feed

Become a supporter on Patreon:

Show Notes:

Pre-Show:

• Humble Indie Bundle 12 (pay what you want and help charity)
  • IDW is beaming up comics in the Star Trek Bundle | Humble Mumble

FU:

• Herp Derp Chrome extension

• RE: My First Linux Server

• Proud poppa

• uTox

OpenMediaVault – The open network attached storage solution

• My Open Media Vault experience

• OpenMediaVault on Debian | Flexion.Org

• OpenMediaVault • View topic – [Howto] Setup ZFS on OMV Step by Step for ZFS Fans.

• Latest updates… – omv-extras.org

systemd – the topic that just keeps driving the clicks

• kremlinware unlimited – systembsd.git/summary

• You have your Windows in my Linux | Data Center — InfoWorld

Ultimately, the schism over systemd could lead to a separation of desktop and server distros, or Linux server admins moving to FreeBSD

• Systemd rampages through the Linux community like Godzilla through Tokyo | ITworld

Systemd has turned into the Godzilla of Linux controversies. Everywhere you look it’s stomping through blogs, rampaging through online discussion threads, and causing white-hot flames that resemble Godzilla’s own breath of death. TechNewsWorld has a roundup of the systemd hostilities in case you missed any of it and want to savor some of the drama.

• It’s time to split Linux in two | Data Center — InfoWorld

Maybe it’s time Linux is split in two. I suggested this possibility last week when discussing systemd (or that FreeBSD could see higher server adoption), but it’s more than systemd coming into play here. It’s from the bootloader all the way up. The more we see Linux distributions trying to offer chimera-like operating systems that can be a server or a desktop at a whim, the more we tend to see the dilution of both. You can run stock Debian Jessie on your laptop or on a 64-way server. Does it not make sense to concentrate all efforts on one or the other?

DNF – The Next Generation Package Management Utility for RPM Based Distributions

Runs Linux from the people:

• Send in a pic/video of your runs Linux.
• Please upload videos to YouTube and submit a link via email or the subreddit.

New Shows : Tech Talk Today (Mon – Thur)

• Tech Talk Today Today | Jupiter Broadcasting

Support Jupiter Broadcasting on Patreon

The post systemd Haters Busted | LINUX Unplugged 57 first appeared on Jupiter Broadcasting.

On this week\’s episode, we\’ll be giving you an introductory guide on OpenBSD\’s ports and package system.

There\’s also a pretty fly interview with Karl Lehenbauer, about how they use FreeBSD at FlightAware.

Lots of interesting news and answers to all your emails, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

BSDCan 2014 talks and reports, part 2

• More presentations and trip reports are still being uploaded
• Ingo Schwarze, New Trends in mandoc
• Vsevolod Stakhov, The Architecture of the New Solver in pkg
  
• Julio Merino, The FreeBSD Test Suite
• Zbigniew Bodek, Transparent Superpages for FreeBSD on ARM
• There\’s also a trip report from Michael Dexter and another (very long and detailed) trip report from our friend Warren Block that even gives us some linkage, thanks!

Beyond security, getting to know OpenBSD\’s real purpose

• Michael W Lucas (who, we learn through this video, has been using BSD since 1986) gave a \”webcast\” last week, and the audio and slides are finally up
• It clocks in at just over 30 minutes, managing to touch on a lot of OpenBSD topics
• Some of those topics include: what is OpenBSD and why you should care, the philosophy of the project, how it serves as a \”pressure cooker for ideas,\” briefly touches on GPL vs BSDL, their \”do it right or don\’t do it at all\” attitude, their stance on NDAs and blobs, recent LibreSSL development, some of the security functions that OpenBSD enabled before anyone else (and the ripple effect that had) and, of course, their disturbing preference for comic sans
• Here\’s a direct link to the slides
• Great presentation if you\’d like to learn a bit about OpenBSD, but also contains a bit of information that long-time users might not know too

FreeBSD vs Linux, a comprehensive comparison

• Another blog post covering something people seem to be obsessed with – FreeBSD vs Linux
• This one was worth mentioning because it\’s very thorough in regards to how things are done behind the scenes, not just the usual technical differences
• It highlights the concept of a \”core team\” and their role vs \”contributors\” and \”committers\” (similar to a presentation Kirk McKusick did not long ago)
• While a lot of things will be the same on both platforms, you might still be asking \”which one is right for me?\” – this article weighs in with some points for both sides and different use cases
• Pretty well-written and unbiased article that also mentions areas where Linux might be better, so don\’t hate us for linking it

Expand FreeNAS with plugins

• One of the things people love the most about FreeNAS (other than ZFS) is their cool plugin framework
• With these plugins, you can greatly expand the feature set of your NAS via third party programs
• This page talks about a few of the more popular ones and how they can be used to improve your NAS or media box experience
• Some examples include setting up an OwnCloud server, Bacula for backups, Maraschino for managing a home theater PC, Plex Media Server for an easy to use video experience and a few more
• It then goes into more detail about each of them, how to actually install plugins and then how to set them up

Interview – Karl Lehenbauer – karl@flightaware.com / @flightaware

FreeBSD at FlightAware, BSD history, various topics

Tutorial

Ports and packages in OpenBSD

News Roundup

Code review culture meets FreeBSD

• In most of the BSDs, changes need to be reviewed by more than one person before being committed to the tree
• This article describes Phabricator, an open source code review system that we briefly mentioned last week
• Instructions for using it are on the wiki
• While not approved by the core team yet for anything official, it\’s in a testing phase and developers are encouraged to try it out and get their patches reviewed
• Just look at that fancy interface!!

Michael Lucas\’ next tech books

• Sneaky MWL somehow finds his way into both our headlines and the news roundup
• He gives us an update on the next BSD books that he\’s planning to release
• The plan is to release three (or so) books based on different aspects of FreeBSD\’s storage system(s) – GEOM, UFS, ZFS, etc.
• This has the advantage of only requiring you to buy the one(s) you\’re specifically interested in
• \”When will they be released? When I\’m done writing them. How much will they cost? Dunno.\”
• It\’s not Absolute FreeBSD 3rd edition…

CARP failover and high availability on FreeBSD

• If you\’re running a cluster or a group of servers, you should have some sort of failover in place
• But the question comes up, \”how do you load balance the load balancers!?\”
• This video goes through the process of giving more than one machine the same IP, how to set up CARP, securing it and demonstrates a node dying
• Also mentions DNS-based load balancing as another option

PCBSD weekly digest

• This time in PCBSD land, we\’re getting ready for the 10.0.2 release (ISOs here)
• AppCafe got a good number of fixes, and now shows 10 random highlighted applications
• EasyPBI added a \”bulk\” mode to create PBIs of an entire FreeBSD port category
• Lumina, the new desktop environment, is still being worked on and got some bug fixes too

Feedback/Questions

• Paul writes in
• Matt writes in
• Kjell writes in
• Paul writes in
• Tom writes in

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• If you want to come on for an interview or have a tutorial you\’d like to see, let us know
• Just a reminder, if you\’re using vnd (vnconfig) on OpenBSD for encryption, it\’s being retired for 5.7 – start planning to migrate your data to softraid
• There were also some security advisories for FreeBSD recently, make sure you\’re all patched up
• Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post AirPorts & Packages | BSD Now 40 first appeared on Jupiter Broadcasting.

This week, Allan\’s at a conference so we\’ve got a short episode for you. We sat down with John Hixson to discuss FreeNAS development and all their future plans. The show will be back next week with a normal episode.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Interview – John Hixson – john@ixsystems.com / @bsdwhore

FreeNAS development

• All the tutorials are posted in their entirety at bsdnow.tv

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

• If you\’ve got something cool to talk about and want to come on for an interview, shoot us an email

• Also if you have any tutorial requests, we\’d be glad to show whatever the viewers want to see

• Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post It's Gonna Get NASty | BSD Now 34 first appeared on Jupiter Broadcasting.

New research reveals your browser cache contains a lot more than you might expect, and we’ve got the details on some security issues WordPress doesn’t have a fix for…

Plus: We’ll answer your questions, chat about rolling your own email server, and much much more!

On this week’s TechSNAP

Thanks to:

GoDaddy.com Use our code tech249 to score .COM for $2.49! 35% off your ENTIRE first order just use our code 35off3 until the end of the month!
Ang Reports on her Android challange Catch episode 144 find out how things stand after her week on Android

Support the Show: