Coming up this week on the show, we’ve got an interview with Patrick Wildt, one of the developers of Bitrig. We’ll find out all the details of their OpenBSD fork, what makes it different and what their plans are going forward. We’ve also got all the week’s news and answers to your emails, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

Bitrig 1.0 released

• If you haven’t heard of it, Bitrig is a fork of OpenBSD that started a couple years ago
• According to their FAQ, some of their goals include: only supporting modern hardware and a limited set of CPU architectures, replacing nearly all GNU tools in base with BSD versions and having better virtualization support
• They’ve finally announced their first official release, 1.0
• This release introduces support for Clang 3.4, replacing the old GCC, along with libc++ replacing the GNU version
• It also includes filesystem journaling, support for GPT and – most importantly – a hacker- style console with green text on black background
• One of the developers answered some questions about it on Hacker News too

Is it time to try BSD?

• Here we get a little peek into the Linux world – more and more people are considering switching
• On a more mainstream tech news site, they have an article about people switching away from Linux and to BSD
• People are starting to get even more suspicious of systemd, and lots of drama in the Linux world is leading a whole new group of potential users over to the BSD side
• This article explores some pros and cons of switching, and features opinions of various users

Poudriere 3.1 released

• One of the first things we ever covered on the show was poudriere, a tool with a funny name that’s used to build binary packages from FreeBSD ports
• It’s come a long way since then, and bdrewery and bapt have just announced a new major version
• This new release features a redesigned web interface to check on the status of your packages
• There are lots of new bulk building options to preserve packages even if some fail to compile – this makes maintaining a production repo much easier
• It also introduces a useful new “pkgclean” subcommand to clean out your repository of packages that aren’t needed anymore, and poudriere keeps it cleaner by default as well now
• Check the full release notes for all the additions and bug fixes

Firewalling with OpenBSD’s pf and pfsync

• A talk by David Gwynne from an Australian conference was uploaded, with the subject matter being pf and pfsync
• He uses pf to manage 60 internal networks with a single firewall
• The talk gives some background on how pf originally came to be and some OpenBSD 101 for the uninitiated
• It also touches on different rulesets, use cases, configuration syntax, placing limits on connections, ospf, authpf, segregating VLANs, synproxy handling and a lot more
• The second half of the presentation focuses on pfsync and carp for failover and redundancy
• With two BSD boxes running pfsync, you can actually patch your kernel and still stay connected to IRC

Interview – Patrick Wildt – patrick@bitrig.org / @bitrig

The initial release of Bitrig

News Roundup

Infrastructural enhancements at NYI

• The FreeBSD foundation put up a new blog post detailing some hardware improvements they’ve recently done
• Their eastern US colocation is hosted at New York Internet, and is used for FTP mirrors, pkgng mirrors, and also as a place for developers to test things
• There’ve been fourteen machines purchased since July, and now FreeBSD boasts a total of sixty-eight physical boxes there
• This blog post goes into detail about how those servers are used and details some of the network topology

The long tail of MD5

• Our friend Ted Unangst is on a quest to replace all instances of MD5 in OpenBSD’s tree with something more modern
• In this blog post, he goes through some of the different areas where MD5 still lives, and discovers how easy (or impossible) it would be to replace
• Through some recent commits, OpenBSD now uses SHA512 in some places that you might not expect
• Some other places require a bit more care…

DragonFly cheat sheet

• If you’ve been thinking of trying out DragonFlyBSD lately, this might make the transition a bit easier
• A user-created “cheat sheet” on the website lists some common answers to beginner questions
• The page features a walkthrough of the installer, some shell tips and workarounds for various issues
• At the end, it also has some things that new users can get involved with to help out

Experiences with an OpenBSD laptop

• A lot of people seem to be interested in trying out some form of BSD on their laptop, and this article details just that
• The author got interested in OpenBSD mostly because of the security focus and the fact that it’s not Linux
• In this blog post, he goes through the steps of researching, installing, configuring, upgrading and finally actually using it on his Thinkpad
• He even gives us a mention as a good place to learn more about BSD, thanks!

PC-BSD Updates

• A call for testing of a new update system has gone out
• Conversion to Qt5 for utils has taken place

Feedback/Questions

• Chris writes in
• AJ writes in
• Dan writes in
• Jeff writes in

Mailing List Gold

• Over 440% faster
• The PF conundrum
• Violating bad standards
• apt-get rid of systemd

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv – no question is too big or too small, so don’t be afraid to get in touch with us
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)
• Last reminder: just like we ask during the interviews, we want to hear how all the viewers and listeners first got into BSD. Email us your story, either written or a video version, and we’ll read and play some of them for the Christmas episode. You’ve got until next Wednesday to send them in. Do it now!

The post Must Be Rigged | BSD Now 67 first appeared on Jupiter Broadcasting.

This time on the show, we’ve got an interview with Kristaps Džonsons, the creator of mandoc. He tells us how the project got started and what its current status is across the various BSDs. We also have a mini-tutorial on using PF to throttle bandwidth. This week’s news, answers to your emails and even some cheesy mailing list gold, coming up on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

Updates to FreeBSD’s random(4)

• FreeBSD’s random device, which presents itself as “/dev/random” to users, has gotten a fairly major overhaul in -CURRENT
• The CSPRNG (cryptographically secure pseudo-random number generator) algorithm, Yarrow, now has a new alternative called Fortuna
• Yarrow is still the default for now, but Fortuna can be used with a kernel option (and will likely be the new default in 11.0-RELEASE)
• Pluggable modules can now be written to add more sources of entropy
• These changes are expected to make it in 11.0-RELEASE, but there hasn’t been any mention of MFCing them to 10 or 9

OpenBSD Tor relays and network diversity

• We’ve talked about getting more BSD-based Tor nodes a few times in previous episodes
• The “tor-relays” mailing list has had some recent discussion about increasing diversity in the Tor network, specifically by adding more OpenBSD nodes
• With the security features and attention to detail, it makes for an excellent dedicated Tor box
• More and more adversaries are attacking Tor nodes, so having something that can withstand that will help the greater network at large
• A few users are even saying they’ll convert their Linux nodes to OpenBSD to help out
• Check the archive for the full conversation, and maybe run a node yourself on any of the BSDs
• The Tor wiki page on OpenBSD is pretty out of date (nine years old!?) and uses the old pf syntax, maybe one of our listeners can modernize it

SSP now default for FreeBSD ports

• SSP, or Stack Smashing Protection, is an additional layer of protection against buffer overflows that the compiler can give to the binaries it produces
• It’s now enabled by default in FreeBSD’s ports tree, and the pkgng packages will have it as well – but only for amd64 (all supported releases) and i386 (10.0-RELEASE or newer)
• This will only apply to regular ports and binary packages, not the quarterly branch that only receives security updates
• If you were using the temporary “new Xorg” or SSP package repositories instead of the default ones, you need to switch back over
• NetBSD made this the default on i386 and amd64 two years ago and OpenBSD made this the default on all architectures twelve years ago
• Next time you rebuild your ports, things should be automatically hardened without any extra steps or configuration needed

Building an OpenBSD firewall and router

• While we’ve discussed the software and configuration of an OpenBSD router, this Reddit thread focuses more on the hardware side
• The OP lists some of his potential choices, but was originally looking for something a bit cheaper than a Soekris
• Most agree that, if it’s for a business especially, it’s worth the extra money to go with something that’s well known in the BSD community
• They also list a few other popular alternatives: ALIX or the APU series from PC Engines, some Supermicro boards, etc.
• Through the comments, we also find out that QuakeCon runs OpenBSD on their network
• Hopefully most of our listeners are running some kind of BSD as their gateway – try it out if you haven’t already

Interview – Kristaps Džonsons – kristaps@openbsd.org

Mandoc, historical man pages, various topics

Tutorial

Throttling bandwidth with PF

News Roundup

NetBSD at Kansai Open Forum 2014

• Japanese NetBSD users invade yet another conference, demonstrating that they can and will install NetBSD on everything
• From a Raspberry Pi to SHARP Netwalkers to various luna68k devices, they had it all
• As always, you can find lots of pictures in the trip report

Getting to know your portmgr lurkers

• The lovable “getting to know your portmgr” series makes its triumphant return
• This time around, they interview Alex, one of the portmgr lurkers that joined just this month
• “How would you describe yourself?” “Too lazy.”
• Another post includes a short interview with Emanuel, another new lurker
• We discussed the portmgr lurkers initiative with Steve Wills a while back

NetBSD’s ARM port gets SMP

• The ARM port of NetBSD now has SMP support, allowing more than one CPU to be used
• This blog post on the website has a list of supported boards: Banana Pi, Cubieboard 2, Cubietruck, Merrii Hummingbird A31, CUBOX-I and NITROGEN6X
• NetBSD’s release team is working on getting these changes into the 7 branch before 7.0 is released
• There are also a few nice pictures in the article

A high performance mid-range NAS

• This blog post is about FreeNAS and optimizing iSCSI performance
• It talks about using mid-range hardware with FreeNAS and different tunables you can change to affect performance
• There are some nice graphs and lots of detail if you’re interested in tweaking some of your own settings
• They conclude “there is no optimal configuration; rather, FreeNAS can be configured to suit a particular workload”

Feedback/Questions

• Heto writes in
• Brad writes in
• Tyler writes in
• Tim writes in
• Brad writes in

Mailing List Gold

• Suspicious contributions
• La puissance du fromage
• Nothing unusual here

• All the tutorials are posted in their entirety at bsdnow.tv
• The OpenBSD router tutorial now has a new section on bandwidth throttling
• We’ll also have links on the site to a MeetBSD recap post, definitely worth reading, as well as a review of the new Book of PF
• Speaking of that, Peter Hansteen’s Book of PF auction raised a total of $3,050 for the OpenBSD foundation
• As usual, send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv – we do the show for you guys, so let us know if there’s something specific you’d like to see covered (especially new tutorial ideas)
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)

The post A Man's man(1) | BSD Now 63 first appeared on Jupiter Broadcasting.

We break down what has Linus so upset, and the Internet in an NSA induced fever. Plus GOG makes a public statement about Linux that has us scratching our heads, and your feedback.

Then if we had a format, we’d be breaking it with our review of Star Trek: Deep Space Nine’s first episode, Emissary.

Thanks to:

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed | WebM Torrent Feed

— Show Notes: —

Chat:

• Straw Poll

• Linus Torvalds Responds To Petition To Remove RdRand From /dev/random : LinuxActionShow

• N.S.A. Foils Much Internet Encryption

• No Linux support for GOG\’s \’foreseeable future\’

Mailsack:

• Is this a good service to use with BitTorrent Sync rather than spider oak? : LinuxActionShow

• What\’s Chris gonna wear on Monkey Suit day?

Deep Space Nine Challenge:

• Straw Poll

• Emissary (episode) – Memory Alpha, the Star Trek Wiki

• Star Trek Star Trek: Deep Space Nine – The Emissary (Pilot), Part 1

• Watch Star Trek: Deep Space Nine Online | Netflix

[asa]B000V5Y1SQ[/asa]

The post Wrath of Linus | LINUX Unplugged 5 first appeared on Jupiter Broadcasting.

An organized effort is underway at multiple levels of the US government to investigate, understand, regulate and potentially domesticate Bitcoin. We dig through the details and ponder the future.

Plus the ASIC challenge, the Electrum server outage, and a PSA for Android users.

Downloads:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | Video Feed | Torrent Feed | iTunes Audio | Ogg Feed

— Support the Show —

• Donate to the network with your worthless fiat or your fancy bitcoins!

• Tip address:

  1HE36CMdeYCF9N7rmpfa5BwKMGb1PfkNyD

— Feedback —

Voice Links:

• A look inside KnCMiner, bitcoin mining\’s dark horse

• ORSoC and KNCminer are partnering up to develop Bitcoin mining products. » ORSoC –

In our partnership ORSoC will be responsible for product development, including design, production and testing.

Lets Play w/Coins! Send in your favorite online gaming sites that take Crypto currency.

Help spread the word on iTunes with a Rating and Review:

• iTunes – Plan B by Jupiter Broadcasting

Call or txt the Show:

1 (352) 587-5262

(352) 58-PLANB

— Discussion —

Every Important Person In Bitcoin Just Got Subpoenaed By New York\’s Financial Regulator

• New York State to investigate \’Wild West\’ Bitcoin industry • The Register

An official told the Associated Press that 22 subpoenas have been issued in all, seeking information on such topics as what measures Bitcoin companies may have taken to prevent money laundering, and what kind of consumer protections might be available for Bitcoin investors.

\”If virtual currencies remain a virtual Wild West for narcotraffickers and other criminals, that would not only threaten our country\’s national security, but also the very existence of the virtual currency industry as a legitimate business enterprise,\” Benjamin Lawsky, who heads the New York Department of Financial Services, said in a memo accompanying the subpoenas on Monday.

• Every Important Person In Bitcoin Just Got Subpoenaed By New York\’s Financial Regulator – Forbes

The New York State Department of Financial Services is stepping into the sheriff\’s boots.

\”We believe that — for a number of reasons — putting in place appropriate regulatory safeguards for virtual currencies will be beneficial to the long-term strength of the virtual currency industry,\” said NYSDFS superintendent Benjamin Lawsky in a statement.

List of companies subpoenaed by the New York State Department of Financial Services

• BitInstant
• BitPay
• Coinabul
• Coinbase Inc.
• CoinLab
• Coinsetter
• Dwolla
• eCoin Cashier
• Payward, Inc.
• TrustCash Holdings Inc.
• ZipZap
• Butterfly Labs
• Andreesen Horowitz
• Bitcoin Opportunity Fund
• Boost VC Bitcoin Fund
• Founders Fund
• Google Ventures
• Lightspeed Venture Partners
• Tribeca Venture Partners
• Tropos Funds
• Union Square Ventures
• Winklevoss Capital Management

Congress appropriations bill directs FBI to launch a federal investigation of Bitcoin as potential means for criminal, terrorist or other illegal activities

• Congress starts looking into Bitcoin

A Senate committee is pressing federal regulators and law enforcement officials to explain how they plan to oversee Bitcoin and other virtual currencies as the issue gains increasing attention from government officials concerned about the role these new markets will play in the future.

The Senate Homeland Security and Government Affairs Committee on Monday sent letters to several agencies requesting that they disclose their virtual currency policies, how they developed them, how agencies are coordinating and finally what they plan to do going forward.

• From the bill (page 45):

Money laundering.–The Committee understands that Bitcoins and other forms of peer-to-peer digital currency are a potential means for criminal, terrorist or other illegal organizations and individuals to illegally launder and transfer money. News reports indicate that Bitcoins may have been used to help finance the flight and activity of fugitives. The Committee directs the FBI, in consultation with the Department and other Federal partners, to provide a briefing no later 120 days after the enactment of this Act on the nature and scale of the risk posed by such ersatz currency, both in financing illegal enterprises and in undermining financial institutions. The briefing should describe the FBI efforts in the context of a coordinated Federal response to this challenge, and identify staffing and other resources devoted to this effort.

• CRPT-113hrpt171.pdf

• Crypto-currency for NSA leaker: Snowden fund accepts Bitcoin — RT News

The Journalistic Source Protection Defence Fund (JSPD) was set up on August 9 with the goal to provide legal as well as campaign aid to journalistic sources. Snowden, who is behind the biggest intelligence leak in the history of the US National Security Agency (NSA), has been selected the first such source.

Android Security Flaw Puts Bitcoin Wallets at Risk

• 55 BTC Stolen Through Security Vulnerability in Android Bitcoin Wallets

SecureRandom is a Java class that generates cryptographically strong random numbers. In order to remain secure the random numbers used to generate private keys must be nondeterministic, meaning that the output of the generator cannot be predicted. Mike Hearn stated in an email to bitcoin developers regarding the Secure Random class on android, \”Android phones/tablets are weak and some signatures have been observed to have colliding R values, allowing the private key to be solved and money to be stolen.\” Bitcoin uses a random number in transaction signatures and if the same random number is reused the private key of the wallet can be determined.

Before the announcement was made, users on the bitcointalk.org forums had noticed over 55 BTC were stolen a few hours after the client improperly signed a transaction using the compromised random number generator. Users observed SecureRandom re-using the same random numbers for multiple transactions, thus compromising the private keys.

• 55 BTC Stolen Through Security Vulnerability in Android Bitcoin Wallets

There are two types of mobile wallets, those where the private keys are generated locally on the phone, and those where private keys are held by a private company. Android wallet apps where keys are generated on the device include: Bitcoin Wallet, BitcoinSpinner, Mycellium Wallet, and Blockchain.info. Blockchain.info has already repaired the vulnerability, Bitcoin Wallet has an update in beta testing, and fixes for BitcoinSpinner and Mycellium are currently in development.

• 55 BTC Stolen Through Security Vulnerability in Android Bitcoin Wallets – The Genesis Block

The announcement on bitcoin.org identified a three step process to secure existing addresses on all other apps:

1. Generate a new address on a secure random number generator.
2. Transfer all existing bitcoins to the new address. Do not send any bitcoins from this address using an Android device until the updates are implemented
3. Notify any users of your old address of the change, so that the compromised address does not receive any more bitcoins.

• Electrum Server Issues

Bitcoin Pick

• Just got 10 Block Erupters and ROI doesn\’t look good

• Mining Dashboard – The Genesis Block

• Bitcoin Difficulty.COM
• Bitcoin Difficulty Profitability Decline Calculator

— Watch Live —

Tuesday 2pm PDT / 5pm EDT / 9pm GMT

• JbLive.tv

— Plan B Subreddit —

• Plan B Show

— Contact us —

• Chris on G+
• Drew on G+

— Music —

• Thanks to Ronald Jenkees and his fantastic track 7 Times

— Support the Show —

• Donate to the network with your worthless fiat or your fancy bitcoins!

• Tip address:

  1HE36CMdeYCF9N7rmpfa5BwKMGb1PfkNyD

The post US vs Bitcoin Revolution | Plan B 19 first appeared on Jupiter Broadcasting.

We’ve got the details on a critical flaw in the chip and pin credit card system. The future of secure hashing, doing proper backups with rsync, and how squirrels and sharks take down the Internet.

Plus a big batch of your questions, and our answers.

All that and more, on this week’s TechSNAP

Thanks to:

Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

BONOUS ROUND PROMO:

Get your .COMs just $5.99 per year up to 3 domains! Additional .COMs just $7.99 per year!
CODE: 599tech

Expires 10/31/12

SPECIAL OFFER! Save 20% off your order!
Code: go20off5

Pick your code and save:
techsnap7: $7.49 .com
techsnap10: 10% off
techsnap11: $1.99 hosting for the first 3 months
techsnap20: 20% off 1, 2, 3 year hosting plans
techsnap40: $10 off $40
techsnap25: 25% off new Virtual DataCenter plans
techsnapx: 20% off .xxx domains

 

Support the Show: