Show Notes: coder.show/470

The post Make it so, Dev One! | Coder Radio 470 first appeared on Jupiter Broadcasting.

Show Notes: coder.show/462

The post Account Suspenders | Coder Radio 462 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/453

The post Raleigh Action Show | LINUX Unplugged 453 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/430

The post The Real Beefy Miracle | LINUX Unplugged 430 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/416

The post Server Meltdown | LINUX Unplugged 416 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/415

The post Something Sinister Below Deck | LINUX Unplugged 415 first appeared on Jupiter Broadcasting.

Show Notes: linuxactionnews.com/198

The post Linux Action News 198 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/399

The post No PRs Please | LINUX Unplugged 399 first appeared on Jupiter Broadcasting.

Show Notes: linuxactionnews.com/170

The post Linux Action News 170 first appeared on Jupiter Broadcasting.

Show Notes: linuxactionnews.com/165

The post Linux Action News 165 first appeared on Jupiter Broadcasting.

Show Notes: chooselinux.show/28

The post What We Love About Linux | Choose Linux 28 first appeared on Jupiter Broadcasting.

Show Notes: techsnap.systems/421

The post Firewall Fun | TechSNAP 421 first appeared on Jupiter Broadcasting.

Show Notes: techsnap.systems/410

The post Epyc Encryption | TechSNAP 410 first appeared on Jupiter Broadcasting.

Show Notes: techsnap.systems/405

The post Update Uncertainty | TechSNAP 405 first appeared on Jupiter Broadcasting.

MP3 Feed | HD Video Feed | iTunes Feed

Become a supporter on Patreon:

— Show Notes: —

— The Cliff Notes —

• How to automate your system administration tasks with Ansible | Opensource.com
• Netflix Throttle Megathread : verizon
• Why do enterprise environments typically choose to deploy Red Hat or CentOS instead of Ubuntu or Debian? [X-Post /r/sysadmin] : linux
• Google Glass 2.0 Is a Startling Second Act | WIRED
• Hostwinds Web Hosting Services

— Stay In Touch —

Find all the resources for this show on the Ask Noah Dashboard

Ask Noah Dashboard

Need more help than a radio show can offer? Altispeed provides commercial IT services and they’re excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show!

Altispeed Technologies

Contact Noah

asknoah [at] jupiterbroadcasting.com

— Twitter —

• Noah – Kernellinux
• Ask Noah Show
• Altispeed Technologies
• Jupiter Broadcasting

The post Switching London to Linux | Ask Noah 18 first appeared on Jupiter Broadcasting.

Coming up this time on the show, we’ll be speaking with Christos Zoulas, a NetBSD security officer. He’s got a new project called blacklistd, with some interesting possibilities for stopping bruteforce attacks. We’ve also got answers to your emails and all this week’s news, on BSD Now – the place to B.. SD.

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

New PAE support in OpenBSD

• OpenBSD has just added Physical Address Extention support to the i386 architecture, but it’s probably not what you’d think of when you hear the term
• In most operating systems, PAE’s main advantage is to partially circumvent the 4GB memory limit on 32 bit platforms – this version isn’t for that
• Instead, this change specifically allows the system to use the No-eXecute Bit of the processor for the userland, further hardening the in-place memory protections
• Other operating systems enable the CPU feature without doing anything to the page table entries, so they do get the available memory expansion, but don’t get the potential security benefit
• As we discussed in a previous episode, the AMD64 platform already saw some major W^X kernel and userland improvements – the i386 kernel reworking will begin shortly
• Not all CPUs support this feature, but, if yours supports NX, this will improve upon the previous version of W^X that was already there
• The AMD64 improvements will be in 5.7, due out in just a couple days as of when we’re recording this, but the i386 improvements will likely be in 5.8

Booting Windows in bhyve

• Work on FreeBSD’s bhyve continues, and a big addition is on the way
• Thus far, bhyve has only been able to boot operating systems with a serial console – no VGA, no graphics, no Windows
• This is finally changing, and a teasing screenshot of Windows Server was recently posted on Twitter
• Graphics emulation is still in the works; this image was taken by booting headless and using RDP
• A lot of the needed code is being committed to -CURRENT now, but the UEFI portion of it requires a bit more development (and the aim for that is around the time of BSDCan)
• Not a lot of details on the matter currently, but we’ll be sure to bring you more info as it comes out
• Are you more interested in bhyve or Xen on FreeBSD? Email us your thoughts

MidnightBSD 0.6 released

• MidnightBSD is a smaller project we’ve not covered a lot on the show before
• It’s an operating system that was forked from FreeBSD back in the 6.1 days, and their focus seems to be on ease-of-use
• They also have their own, smaller version of FreeBSD ports, called “mports”
• If you’re already using it, this new version is mainly a security and bugfix release
• It syncs up with the most recent FreeBSD security patches and gets a lot of their ports closer to the latest versions
• You can check their site for more information about the project
• We’re trying to get the lead developer to come on for an interview, but haven’t heard anything back yet

OpenBSD rewrites the file utility

• We’re all probably familiar with the traditional file command – it’s been around since the 1970s
• For anyone who doesn’t know, it’s used to determine what type of file something actually is
• This tool doesn’t see a lot of development these days, and it’s had its share of security issues as well
• Some of those security issues remain unfixed in various BSDs even today, despite being publicly known for a while
• It’s not uncommon for people to run file on random things they download from the internet, maybe even as root, and some of the previous bugs have allowed file to overwrite other files or execute code as the user running it
• When you think about it, file was technically designed to be used on untrusted files
• OpenBSD developer Nicholas Marriott, who also happens to be the author of tmux, decided it was time to do a complete rewrite – this time with modern coding practices and the usual OpenBSD scrutiny
• This new version will, by default, run as an unprivileged user with no shell, and in a systrace sandbox, strictly limiting what system calls can be made
• With these two things combined, it should drastically reduce the damage a malicious file could potentially do
• Ian Darwin, the original author of the utility, saw the commit and replied, in what may be a moment in BSD history to remember
• It’ll be interesting to see if the other BSDs, OS X, Linux or other UNIXes consider adopting this implementation in the future – someone’s already thrown together an unofficial portable version
• Coincidentally, the lead developer and current maintainer of file just happens to be our guest today…

Interview – Christos Zoulas – christos@netbsd.org

blacklistd and NetBSD advocacy

News Roundup

GSoC-accepted BSD projects

• The Google Summer of Code people have published a list of all the projects that got accepted this year, and both FreeBSD and OpenBSD are on that list
• FreeBSD’s list includes: NE2000 device model in userspace for bhyve, updating Ficl in the bootloader, type-aware kernel virtual memory access for utilities, JIT compilation for firewalls, test cluster automation, Linux packages for pkgng, an mtree parsing and manipulation library, porting bhyve to ARM-based platforms, CD-ROM emulation in CTL, libc security extensions, gptzfsboot support for dynamically discovering BEs during startup, CubieBoard support, a bhyve version of the netmap virtual passthrough for VMs, PXE support for FreeBSD guests in bhyve and finally.. memory compression and deduplication
• OpenBSD’s list includes: asynchronous USB transfer submission from userland, ARM SD/MMC & controller driver in libsa, improving USB userland tools and ioctl, automating module porting, implementing a KMS driver to the kernel and, wait for it… porting HAMMER FS to OpenBSD
• We’ll be sure to keep you up to date on developments from both projects
• Hopefully the other BSDs will make the cut too next year

FreeBSD on the Gumstix Duovero

• If you’re not familiar with the Gumstix Duovero, it’s an dual core ARM-based computer-on-module
• They actually look more like a stick of RAM than a mini-computer
• This article shows you how to build a FreeBSD -CURRENT image to run on them, using crochet-freebsd
• If anyone has any interesting devices like this that they use BSD on, write up something about it and send it to us

EU study recommends OpenBSD

• A recent study by the European Parliament was published, explaining that more funding should go into critical open source projects and tools
• This is especially important, in all countries, after the mass surveillance documents came out
• “[…] the use of open source computer operating systems and applications reduces the risk of privacy intrusion by mass surveillance. Open source software is not error free, or less prone to errors than proprietary software, the experts write. But proprietary software does not allow constant inspection and scrutiny by a large community of experts.”
• The report goes on to mention users becoming more and more security and privacy-aware, installing additional software to help protect themselves and their traffic from being spied on
• Alongside Qubes, a Linux distro focused on containment and isolation, OpenBSD got a special mention: “Proactive security and cryptography are two of the features highlighted in the product together with portability, standardisation and correctness. Its built-in cryptography and packet filter make OpenBSD suitable for use in the security industry, for example on firewalls, intrusion-detection systems and VPN gateways”
• Reddit, Undeadly and Hacker News also had some discussion, particularly about corporations giving back to the BSDs that they make use of in their infrastructure – something we’ve discussed with Voxer and M:Tier before

FreeBSD workflow with Git

• If you’re interested in contributing to FreeBSD, but aren’t a big fan of SVN, they have a Github mirror too
• This mailing list post talks about interacting between the official source repository and the Git mirror
• This makes it easy to get pull requests merged into the official tree, and encourages more developers to get involved

Feedback/Questions

• Sean writes in
• Bryan writes in
• Sean writes in
• Charles writes in

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv – don’t be shy, we’re here to help with any questions you have
• We’re always looking for interviews, so feel free to suggest someone you’d like for us to talk to (or volunteer yourself if you’re doing something cool)

The post On the List | BSD Now 87 first appeared on Jupiter Broadcasting.

We take a look at remote desktop on Linux. We go behind the scenes to see how Linux can be used to remotely support business at scale as well as providing help to family and friends and round up the best solutions.

Plus is SteamOS diverging too far from Debian? LibreOffice has big online plans, Gnome 3.16 is out, tons of Kodi follow up & more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | OGG Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

Chrome Remote Desktop

• Relies on Google, scary message when installing on Ubuntu.

VNC

• Great for testing but performance is terrible and requires router configuration. Only seems to work well if client and host are on the same machine (virtual host / guest)

TeamViewer

• Native on Linux and other platforms, has android app, free for personal use, but expensive for business.

Screen Connect

• Perfect for large support companies, doesn’t really require user to install software. Owner is in control of branding, fraction of the cost of Bomgar

Guacamole — HTML5 Clientless Remote Desktop

• Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC and RDP.

• We call it clientless because no plugins or client software are required.

• Thanks to HTML5, once Guacamole is installed on a server, all you need to access your desktops is a web browser.

Brought to you by: System76

— PICKS —

Runs Linux

My Work Runs Linux

Sent in by Zach H
A video of me walking through the computer room (I show a couple of
different things, but feel free to edit it a lot, I have a horrible cold
right now, and this didn’t help especially since the computer room is so
loud and that it was recorded on my phone.

Desktop App Pick

Remmina

Remmina is a remote desktop client written in GTK+, aiming to be useful for system administrators and travellers, who need to work with lots of remote computers in front of either large monitors or tiny netbooks. Remmina supports multiple network protocols in an integrated and consistent user interface. Currently RDP, VNC, NX, XDMCP and SSH are supported.

Weekly Spotlight

OpenELEC

Open Embedded Linux Entertainment Center (OpenELEC) is a
small Linux distribution built from scratch as a platform to turn your computer into a Kodi (previously XBMC) media center. OpenELEC is designed to make your system boot fast, and the install is so easy that anyone can turn a blank PC into a media machine in less than 15 minutes.

Linux Action Show at LFNW | Offical LAS 2015 Shirt

We are releasing another set of LAS shirts in preparation for LinuxFest Northwest which is at the end of April 2015! We hope to color Bellingham Technical College with LAS supporters donning their favorite Linux podcast!

Our Past Picks

These are the weekly picks provided by the Jupiter Broadcasting podcast, the Linux Action Show.

This site includes a separate picks lists for the “Runs Linux”, Desktop Apps, Spotlight Picks, Android Picks, and Distro Picks.

— NEWS —

Welcome LibreOffice Online

LibreOffice has been competing with the two giant companies Microsoft Office and Google docs. Here is another step from this open source community to make LibreOffice in reach of every platforms’ users. LibreOffice has announced the release of LibreOffice Online soon in near future. Open-Source fans are ready to welcome the efforts of The Document Foundation including IceWarp and Collabora Companies.

New SteamOS Beta

Valve has announced earlier today, March 25, the immediate availability for download and testing of a new Beta version for its awesome SteamOS Linux operating system for gamers. SteamOS Update 157 has been pushed to the Alchemist Beta channel a few hours ago and the ISO images are now available for download.

Gnome 3.16 Released

Version 3.16 of GNOME, the primary desktop environment for GNU/Linux operating systems has been released. Some major new features in this release include a overhauled notification system, an updated design of the calendar drop down and support for overlay scrollbars. Also, the grid view in Files has been improved with bigger thumbnail icons, making the appearance more attractive and the rows easier to read. A video is available which demonstrates the new version.

New Ubuntu Phone Flash Sale

Canonical confirmed a few minutes ago on their Twitter and Facebook accounts that a new flash sale of the BQ Aquaris E4.5 Ubuntu Edition smartphone will take place tomorrow morning, on March 26, starting 9 AM CET (Central European Time). BQ already started shipping the Ubuntu phones to users from the European Union, so it should arrive quickly this time.

— FEEDBACK —

• https://slexy.org/view/s2sNA0dw8b

• https://slexy.org/view/s2185wSKH7

• https://slexy.org/view/s20jxkmMzn

— CHRIS’ STASH —

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— NOAH’S STASH —

Noah’s Day Job

Altispeed Technologies

Contact Noah

noah [at] jupiterbroadcasting.com

Find us on Google+

• Chris
• Noah J. Chelliah
• Jupiter Broadcasting’s Page

Find us on Twitter

• Chris – ChrisLAS
• Noah – Kernellinux

Follow us on Facebook

• Jupiter Broadcasting on Facebook
• Noah – Kernellinux

Catch the show LIVE Sunday 10am Pacific / 1pm Eastern / 6pm UTC:

• https://jblive.tv
• Network Calendar

The post Remote Desktop Roundup | LAS 358 first appeared on Jupiter Broadcasting.

Target stores suffer a massive breach, we’ll round up everything you need to know. In light of recent events some of us have called for greater use of Encryption, but are we too late? Has the Internet already been broken? We’ll discuss.

Plus a batch of your questions, our answers, and much more!

Thanks to:

— Show Notes: —

Target PoS systems breached, more than 40 million credit and debit cards may have been compromised

• “Target confirmed the breach and in a statement said 40 million credit and debit cards were accessed starting the day before Thanksgiving and that hackers had access to the company’s systems until Dec. 15”
• “According to sources at two different top 10 credit card issuers, the breach extends to nearly all Target locations nationwide, and involves the theft of data stored on the magnetic stripe of cards used at the stores”
• Because the breach was of the PoS system, the attackers have the full ‘track data’ from the magnetic stripe and could encode that data on blank cards (or gift cards) and use them to make fraudulent purchases
• If the attackers also managed to capture PIN numbers of debit cards, they could also program new cards in order to make cash withdrawals at ATMs
• It is not yet clear how the attackers compromised the Point-of-Sales systems
• Official Statement
• Additional Coverage
• Additional Coverage

PHK: We made this mess…

• Prolific software developer Poul-Henning Kamp (Varnish, FreeBSD, md5crypt) talks about how more encryption is not the answer, how the people who created and use the Internet need to fight politics with politics
• “And that \”we\” is people like you and me, people who connected computers, people who wrote software, people who ran ISPs, and people who told everybody and their grandmother how great the Internet was. … without thinking it fully through.“ “In particular without fully thinking through what people who are not like us might use the Internet for.”
• “Any attempt from now on to claw back the privacy which have been illegally removed from our lives, will be met by similar fierce resistance.”
• “Resistance from the military industrial complex, for whom \”Cyberwar\” and \”Total Situational Awareness\” is the new cash-cow.”
• “A lot of the \”we\”, are currently arguing that adding more encryption will solve the problem, but they are deceiving nobody but themselves: More encryption only means that more encryption will be broken, backdoored, trojaned or otherwise circumvented .”
• “If you think you can solve political problems with technical means, you\’re going to fail: Politicians have armies and police forces, you do not.”
• Also talks about how Jordan Hubbard (founder of the FreeBSD project) accidentically invented spam and warned that it needed to be controlled, as well as other examples of events the presaged the technical problems of the modern Internet

Krebs: RDP and weak passwords still a huge problem

• “Businesses spend billions of dollars annually on software and hardware to block external cyberattacks, but a shocking number of these same organizations shoot themselves in the foot by poking gaping holes in their digital defenses and then advertising those vulnerabilities to attackers”
• Many servers have remote administration tools enabled, like SSH or in the case of Windows servers, RDP
• Just like the constant barrage of attacks against an SSH server, RDP is also subjected to constant brute force attack, however these servers are often less well defended
• Worse yet, there are still prolific numbers of servers with easily guessed username/password combinations remote1/Remote1 and sisadmin/sisadmin
• Krebs profiles a service advertised on cybercrime forums that sells credentials to these compromised servers
• “Prices range from $3 to $10 based on a variety of qualities, such as the number of CPUs, the operating system version and the PC’s upload and download speeds”
• Looking at the owners of the IP addresses, Krebs even wrote a little seasonal jingle

Feedback:

• Cleaning your server
• NAS Enclosure : techsnap
  • Ask iXsystems about a FreeNAS Mini starting at only $795
• Roll Over Social Buttons

Round Up:

• Research shows how MacBook Webcams can spy on their users without warning
• Dell SecureWorks analysis of Cryptolocker suggests the authors made at least $300,000 and possibly over $1 million in random
• Stolen Passwords as Art in Germany
• Inside Microsoft’s Digital Crimes Unit
• The NSA may never know the full extent of the Snowden leaks
• As you might expect, the UK Internet Filter has many false positives and an even greater number of misses
• IEC develops new standardized laptop power adapter
• IETF to work on making a new version of TLS that is easier to implement, harder to implement incorrectly, and easier to use for additional applications
• Video – LISA13: Managing access using SSH keys (by the Inventor of SSH)
• GitHub takes down satirical C+ equality language repo

The post Cleaning up our Mess | TechSNAP 141 first appeared on Jupiter Broadcasting.

Our straightforward approach to setting up Remote access to a Linux, Windows, or Mac. Control your desktop from your mobile device, or another computer.

PLUS: An overview of the Drives for Jupiter project, why Chris went with FreeNAS, the joys of NFS, an epic announcement….

AND SO MUCH MORE!

All this week on, The Linux Action Show!

Thanks to:

GoDaddy.com Use our code linux249 to score .COM for just $2.49! For new orders save 32% with our code go32off2
Ting.com Visit las.ting.com to save $25 off your device or service credits.

Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | Ogg Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Feed | Ogg Feed | iTunes Feeds | Torrent Feed

Support the Show: