HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Security Breach at Oracle’s MICROS point of sales division

A Russian organized cybercrime group known for hacking into banks and retailers appears to have breached hundreds of computer systems at software giant Oracle Corp.
More alarmingly, the attackers have compromised a customer support portal for companies using Oracle’s MICROS point-of-sale credit card payment systems.
Asked this weekend for comment on rumors of a large data breach potentially affecting customers of its retail division, Oracle acknowledged that it had “detected and addressed malicious code in certain legacy MICROS systems.” It also said that it is asking all MICROS customers to reset their passwords for the MICROS online support portal.
Oracle’s MICROS division sells point-of-sale systems used at more than 330,000 cash registers worldwide. When Oracle bought MICROS in 2014, the company said MICROS’s systems were deployed at some 200,000+ food and beverage outlets, 100,000+ retail sites, and more than 30,000 hotels.
A source briefed on the investigation says the breach likely started with a single infected system inside of Oracle’s network that was then used to compromise additional systems. Among those was a customer “ticketing portal” that Oracle uses to help MICROS customers remotely troubleshoot problems with their point-of-sale systems.
Those sources further stated that the intruders placed malicious code on the MICROS support portal, and that the malware allowed the attackers to steal MICROS customer usernames and passwords when customers logged in the support Web site.
This breach could be little more than a nasty malware outbreak at Oracle. However, the Carbanak Gang’s apparent involvement makes it unlikely the attackers somehow failed to grasp the enormity of access and power that control over the MICROS support portal would grant them.
This [incident] could explain a lot about the source of some of these retail and merchant point-of-sale hacks that nobody has been able to definitively tie to any one point-of-sale services provider, I’d say there’s a big chance that the hackers in this case found a way to get remote access” to MICROS customers’ on-premises point-of-sale devices.

• It is not clear if the breach at Oracle may have resulted in the attackers being able to remotely control MICROS payment terminals.
• According to comments on the Krebs articles, the actual credit card processing is usually done on the pinpad unit, and just the results are processed by the cash register running MICROS

After investigative reporter Brian Krebs reported a compromise of Oracle’s MICROS unit earlier this week, it now appears the same allegedly Russian cybercrime gang has hit five others in the last month: Cin7, ECRS, Navy Zebra, PAR Technology and Uniwell. Together, they supply as many as, if not more than, 1 million point-of-sale systems globally.

TCP stack bug in Linux 3.6+ means many systems vulnerable

At the 25th Usenix Security Symposium on Wednesday, researchers with the University of California at Riverside and the US Army Research Laboratory will demonstrate a proof-of-concept exploit that allows them to inject content into an otherwise legitimate USA Today page that asks viewers to enter their e-mail and passwords.
Computer scientists have discovered a serious Internet vulnerability that allows attackers to terminate connections between virtually any two parties and, if the connections aren’t encrypted, inject malicious code or content into the parties’ communications.
The vulnerability resides in the design and implementation of RFC 5961, a relatively new Internet standard that’s intended to prevent certain classes of hacking attacks.

• However, in order to prevent a denial of service attack, there is a global rate limit to the number of responses this new code will send. The issue is, an attacker can now exploit this, by eliciting enough responses to research that limit, it means that the server will not send legitimate responses to the user. This then allows the attacker to send a response pretending to be the server, and shutdown the connection between the user and the server.

Attackers can go on to exploit the flaw to shut down the connection, inject malicious code or content into unencrypted data streams, and possibly degrade privacy guarantees provided by the Tor anonymity network.
The flawed code was introduced into the Linux operating system kernel starting with version 3.6 in 2012, has added a largely complete set of functions implementing the standard. Linux kernel maintainers released a fix with version 4.7 almost three weeks ago, but the patch has not yet been applied to most mainstream distributions. For the attack to work, only one of the two targeted parties has to be vulnerable, meaning many of the world’s top websites and other services running on Linux remain susceptible.

• What makes this attack especially bad is that the attacker does not need to be Man-in-the-Middle, it works as a so called “off-path” attack. The attacker just sits on the sidelines with their regular internet connection, and sends packets to one or both parties, and by guessing the port numbers used on each side (usually by brute force), can inject content into the flow of packets between the two parties.
• This is normally prevented by the TCP three-way handshake (which gets a positive acknowledgement from both sides, to prevent someone from being able to spoof their IP), and the sequence numbers prevent an attacker from easily injecting packets in the connection stream.

In this paper, we discover a much more powerful off-path attack that can quickly 1) test whether any two arbitrary hosts on the Internet are communicating using one or more TCP connections (and discover the port numbers associated with such connections); 2) perform TCP sequence number inference which allows the attacker to subsequently, forcibly terminate the connection or inject a malicious payload into the connection. We emphasize that the attack can be carried out by a purely off-path attacker without running malicious code on the communicating client or server. This can have serious implications on the security and privacy of the Internet at large.
The root cause of the vulnerability is the introduction of the challenge ACK responses and the global rate limit imposed on certain TCP control packets. The feature is outlined in RFC 5961, which is implemented faithfully in Linux kernel version 3.6 from late 2012. At a very high level, the vulnerability allows an attacker to create contention on a shared resource, i.e., the global rate limit counter on the target system by sending spoofed packets. The attacker can then subsequently observe the effect on the counter changes, measurable through probing packets.
Through extensive experimentation, we demonstrate that the attack is extremely effective and reliable. Given any two arbitrary hosts, it takes only 10 seconds to successfully infer whether they are communicating. If there is a connection, subsequently, it takes also only tens of seconds to infer the TCP sequence numbers used on the connection. To demonstrate the impact, we perform case studies on a wide range of applications.

• So the features introduced by the new RFC make it possible for the attacker to figure out the sequence number of the TCP connection to inject traffic into it

Besides injecting malicious JavaScript into a USA Today page, the researchers also show how the vulnerability can be exploited to break secure shell, or SSH, connections and tamper with communications traveling over Tor. In the latter case, attackers can terminate key links in the Tor chain—for instance, those connecting an end user to an entry node, an entry node to a middle relay, or a middle relay to the exit node. The Tor attack could be particularly effective if it knocked out properly functioning exit nodes because the technique would increase the chances that connections would instead use any malicious exit nodes that may exist.

• PDF: Research Paper: Off-Path TCP Exploits: Global Rate Limit Considered
  Dangerous
• Additional Coverage: ArsTechnica
• Additional Coverage: ISS Source

Microsoft bungles SecureBoot key handling, golden keys can unlock any system

Microsoft has accidentally leaked the keys to the kingdom, permitting attackers to unlock devices protected by Secure Boot — and it may not be possible to fully resolve the leak.
If you provision this magic policy, that is, if you install it into your firmware, the Windows boot manager will not verify that it is booting an official Microsoft-signed operating system. It will boot anything you give it provided it is cryptographically signed, even a self-signed binary – like a shim that loads a Linux kernel.

• This signed policy was never meant to leave the lab, but it seems it did

The Register understands that this debug-mode policy was accidentally shipped on retail devices, and discovered by curious minds including Slip and MY123. The policy was effectively inert and deactivated on these products but present nonetheless.
For internal debugging purposes, Microsoft created and signed a special Secure Boot policy that disables the operating system signature checks, presumably to allow programmers to boot and test fresh OS builds without having to sign each one.
This, in turn, allows someone with admin rights or an attacker with physical access to a machine not only to bypass Secure Boot and run any operating system they wish, such as Linux or Android, but also permits the installation and execution of bootkit and rootkits at the deepest level of the device
A backdoor, which MS put into secure boot because they decided to not let the user turn it off in certain devices, allows for secure boot to be disabled everywhere!
You can see the irony. Also the irony in that MS themselves provided us several nice “golden keys” (as the FBI would say for us to use for that purpose

• Between June and July, Microsoft awarded a bug bounty, and pushed a fix — MS16-094. However, this fix was deemed “inadequate,” although it had somewhat mitigated the problem, resulting in a second patch, MS16-100, being issued in August.
• This update blacklists a bunch of revoked keys and signatures so they can no longer be used, but Microsoft cannot revoke all old keys, because they are used on things like read-only installation disks

If you’re using a locked-down Secure Boot PC and you have admin rights on the box, and you want to boot something else, all the above is going to be of interest to you. If you’re an IT admin who is relying on Secure Boot to prevent the loading of unsigned binaries and drivers – such as rootkits and bootkits – then all the above is going to worry you.

• Additional Coverage: TheRegister
• The article at The Register provides links to a number of scripts and tools to be able to unlock the UEFI firmware on Windows RT tablets, and be able to install an alternative OS
• Researcher Blog (with demoscene music)
• The point raised by the researchers is especially poignant: Having “secure” secret backdoor keys will never work. They will always end up getting leaked, and there is no way to undo that damage when it happens.
• Secure Golden Key Boot: (MS16-094 / CVE-2016-3287, and MS16-100 / CVE-2016-3320)

Feedback:

• zpool on sd cards for a mobile storage?
• Using a Laptop as a FreeNAS server
• WiFi Backup storage…
• Next best thing after ZFS?

Round Up:

• Researchers crack open unusually advanced malware that hid for 5 years
• BTRFS raid56 considered dangerous btrfs developers recommend you switch to ZFS
• Linux malware? That’ll never happen. Ok, just this once then
• Ardunio based tool can unlock every Volkswagen sold since 1995 (~100 million cars)
• London’s Met Police has missed the Windows XP escape deadline
• The dark side of Certificate Transparency
• How I hacked imgur for fun and profit
• A look at the first generation of 3D X-Point NVMe devices
• Demystifying the “Secure Enclave Processor” in the iPhone
• Google will now allow customers to use their own encryption keys in Google Compute Engine
• Year long study by Google finds users 3x more likely to get ‘Unwanted Software’ than malware. Blame: Adobe Flash (Mcafee), Oracle Java (Yahoo toolbar, previously: ask toolbar), Ad Injectors, etc
• Sex toys with phone apps, often send all your data back to the manufacturer
• First ransomware for Smart Thermostats
• In December, Chrome 55 will make HTML5 the default experience, except for sites which only support Flash. For those, you’ll be prompted to enable Flash when you first visit the site.
• Microsoft disables RC4 algorithm in Internet Explorer 11 and Microsoft Edge — Can be cracked in only a matter of hours or days
• Government-Backed Study Finds Piracy Fight a Low Priority for Canadian Rights Holders
• Remote code execution, by opening a MS Word doc

The post Microsoft’s Golden Ticket | TechSNAP 280 first appeared on Jupiter Broadcasting.

This week we dive into what the community thinks about putting a server in their pocket, show you some smart tricks with Gimp & some Windows nightmares. Plus some router chat & more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed | WebM Torrent Feed

Become a supporter on Patreon:

Show Notes:

Pre-Show:

Smart Gimp Tricks

The Quickmask for adjusting selections: I’m a born-again Quickmask evangelist, because I went so long without realizing that it was there, and it makes selections so much easier.

Decomposing an image and using the components as a mask to select part of an image—that’s an easy way to select skies and get rid of a drab overcast sky, or to change or enhance the color of the sky.

Using the Dodge/Burn tool to make a background really white, for when you want an object to stand out and make the background go away. It can be a lot easier than selecting or erasing.

Feedback:

Noah Hit Something on the Head

“I wish Ubuntu would just use GNOME, and go back to trying to contribute useful bits.”

Now, I have a few extensions installed, but the way I use GNOME isn’t much different from how someone would use Unity; I keep the Dash up at all times, I have those pesky tray apps up in the corner, and so on. This is so close to how I used to work in Unity, OS X, etc., that I’m puzzled at why GNOME gets treated like the red-headed stepchild sometimes.

Now, I know that once in a while the GNOME dev team decides to go off the deep end (Let’s make the filemanager work like old-school Finder and do that by default! Hell, let’s override users’ pre-existing settings, that’s how good it is!) but overall GNOME just keeps getting better.

Windows Secureboot Causes a Mess

I just made a potentially costly mistake: we nuked and repaved my friend’s brand new Lenovo Yoga 500 with Linux… without booting into Windows to disable SecureBoot explicitly. He didn’t want to accept the EULA; and we successfully booted into USB key (Ubuntu MATE 15.10, Ubuntu w/Unity 15.04) so we thought we would just go ahead.

I thought Ubuntu would have been candidate, but apparently not. Is this the correct way? Which distros would work? We tried installing and booting into Ubuntu Unity 15.04 (which is supposed to have the appropriate signature) but after install and reboot, we get the above. Given that Windows has been obliterated at this point, what options do I have?

Unfortunately, he’s leaving in just over a week, so if the conclusion ends up being “install Windows to do this” I’ll take it….. but I’d rather not!

Ever Heard of FriendOS?

I heard yesterday about Friendos. It looks like this: https://youtu.be/Y5n0f5DSbSM?t=16m14s , so it’s like Amiga Workbench in the browser powered by a Linux backend. They releasing public beta as open source this week.It will be able to run both thml5 and native applications. Their website is a little enigmatic right now:

• FriendOS

Rover Log – Live Tracker

Live map of the adventures of Jupiter Broadcasting’s Rover Studio.

TING

• Ting – mobile that makes sense

A Server in Your Pocket

Ocean is a mobile server, a device that combines the portability of a mobile phone with the flexibility of a Linux web server.

Want a portable Linux-powered web server that will fit into your pocket? Look no further than Ocean.

Ocean has been designed from the ground up for portability, and features an integrated battery that allows you to run web and Bluetooth applications in places where direct power is limited.

The device is approximately the size of an iPhone 6, and can easily fit in your pocket.

This bundle costs $149 and ships in February. Higher capacity versions are slated to ship later in the year.

DigitalOcean

Numbers don’t lie—it’s time to build your own router

I’ve noticed a trend lately. Rather than replacing a router when it literally stops working, I’ve needed to act earlier—swapping in new gear because an old router could no longer keep up with increasing Internet speeds available in the area. (Note, I am duly thankful for this problem.) As the latest example, a whole bunch of Netgear ProSafe 318G routers failed me for the last time as small businesses have upgraded from 1.5-9mbps traditional T1 connections to 50mbps coax (cable).

A lot of you are probably muttering, “right, pfSense, sure.” Some of you might even be thinking about smoothwall or untangle NG. I played with most of the firewall distros out there, but I decided to go more basic, more old school: a plain, CLI-only install of Ubuntu Server and a few iptables rules.

Admittedly, this likely isn’t the most practical approach for every reader, but it made sense for me. I have quite a bit of experience finessing iptables and the Linux kernel itself for high throughput at Internet scale, and the fewer shiny features and graphics and clicky things that are put between me and the firewall table, the less fluff I have to get out of the way and the fewer new not-applicable-in-the-rest-of-my-work things I have to learn. Any rule I already know how to create in iptables to manage access to my servers, I also know how to apply to my firewall—if my firewall’s running the same distro as my servers are.

• Cumulus Networks

Cumulus Networks is a system software company founded with the principle of enabling high capacity networks that are easy to deploy and affordable. Led by networking experts and innovators from Cisco and VMware, we provide great networking for layer 2, layer 3 and overlay architectures supported by improved economics and a robust ecosystem — a modern alternative to proprietary vendor-locked stacks that constrain IT innovation.

Linux Academy

• Linux Academy | Linux and AWS Online Training

Gnome Core Apps

It would appear that the GNOME developers are currently in the process of revisiting the desktop environment’s moduleset and defining a clear set of core apps, which should form the default user experience in upcoming releases of the GNOME desktop (most probably starting with GNOME 3.20, which should be available in spring 2016).

At the moment of writing this article, the GNOME developers have only managed to announce that the Cheese webcam viewer app has been integrated as a core GNOME app as it is required by the GNOME Control Center, GNOME Initial Setup and GNOME Contacts components. They are also in talks with the developers of the Gedit text editor to make it a core app too.

Furthermore, the GNOME Color Manager component will also be pushed to the core apps moduleset, as the GNOME Control Center software requires it. However, the GNOME developers will also define a set of non-core apps, which they don’t recommend GNU/Linux OS vendors to include in their distributions when using the GNOME desktop environment by default.

Support Jupiter Broadcasting on Patreon

Post Show:

Phoenix OS

Google Android may have been developed as a smartphone operating system (and later ported to tablets, TVs, watches, and other platforms), but over the past few years we’ve seen a number of attempts to turn it into a desktop operating system.

One of the most successful has been Remix OS, which gives Android a taskbar, start menu, and an excellent window management system. The Remix OS team has also generated a lot of buzz over the past year, and this week the operating system gained a lot of new alpha testers thanks to a downloadable version of Remix OS that you can run on many recent desktop or notebook computers.

But Remix OS isn’t the only game in town. Phoenix OS is another Android-as-desktop operating system, and while it’s still pretty rough around the edges, there are a few features that could make it a better option for some testers.

• Phoenix OS is (another) Android-as-a-desktop

• Peppermint OS

The post Is that a server in your pocket? | LINUX Unplugged 128 first appeared on Jupiter Broadcasting.

Will Secure Boot hamper boutique Linux distributions and hurt desktop Linux innovation? Our panel debates. Also getting started with Linux the right way.

Plus a recap of the first ever Kansas Linux Fest, our errata, your feedback & more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed | WebM Torrent Feed

Become a supporter on Patreon:

Show Notes:

Pre-Show:

• KDE – KDE Ships Plasma 5.2.2, Bugfix Release for March

• Kansas Linux Fest 2015

Boy, did I have a great weekend. Kansas Linux Fest 2015 was an incredible success. We had well over the 130 attendees who signed up on Eventbrite show up throughout the weekend and every single one of them brought a ton of excitement and energy to the first annual Kansas Linux Fest conference.

• Ryan Sipes (@ryanleesipes) | Twitter

Catch Up:

• alt-OS lock out

• Windows 10 to make the Secure Boot alt-OS lock out a reality | Ars Technica

• Correcting The Record on SyncThing

DigitalOcean

• DigitalOcean: SSD Cloud Server, VPS Server, Simple Cloud Hosting

• How To Resize Your Droplets on DigitalOcean | DigitalOcean

• BTSync vs. Seafile

LinuxFest Northwest 2015

Bellingham, WA • April 25th & 26th

TING

• Ting – mobile that makes sense

The perfect Linux Rig for Kids?

• The all-new 14” Lemur is coming early April! Starting at $599

We designed the Lemur to balance performance and battery life at a value price point. It’s based on Intel’s 5th Generation Core architecture and features a 2.1GHz Core i3-5010 processor with a 14.1” 1366×768 display. It’s 0.89” tall and weighs 4 lbs with a 62.16Wh battery.

Battery life is up to 9 hours depending on load and screen brightness. When pushing it hard, we could kill the battery in 6 hours.

Linux Academy

• Linux Academy | Linux and AWS Online Training
• Landed Linux Admin Job

Would you guys like Chris and Noah to Interview the Fedora team again before their Fedora 22 release May 19th

Runs Linux from the people:

• Send in a pic/video of your runs Linux.
• Please upload videos to YouTube and submit a link via email or the subreddit.

New Shows : Tech Talk Today (Mon – Thur)

• Tech Talk Today Today | Jupiter Broadcasting

Support Jupiter Broadcasting on Patreon

The post Give the Kids Linux | LINUX Unplugged 85 first appeared on Jupiter Broadcasting.

We talk with George Neville-Neil about the brand new FreeBSD Journal and what it\’s all about. After that, we\’ve got a tutorial on how to track the -stable and -current branches of OpenBSD. Answers to all your BSD questions and the latest headlines, only on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

FreeBSD quarterly status report

• Gabor Pali sent out the October-December 2013 status report to get everyone up to date on what\’s going on
• The report contains 37 entries and is very very long… various reports from all the different teams under the FreeBSD umbrella, probably too many to even list in the show notes
• Lots of work going on in the ARM world, EC2/Xen and Google Compute Engine are also improving
• Secure boot support hopefully coming by mid-year
• There\’s quite a bit going on in the FreeBSD world, many projects happening at the same time
• Jordan (jkh), one of the co-founders of the FreeBSD project, is once again a FreeBSD committer

n2k14 OpenBSD Hackathon Report

• Recently, OpenBSD held one of their hackathons in New Zealand
• 15 developers gathered there to sit in a room and write code for a few days
• Philip Guenther brings back a nice report of the event
• If you\’ve been watching the -current CVS logs, you\’ve seen the flood of commits just from this event alone
• Fixes with threading, Linux compat, ACPI, and various other things – some will make it into 5.5 and others need more testing
• Another report from Theo details his work
• Updates to the random subsystem, some work-in-progress pf fixes, suspend/resume fixes and more signing stuff

Four new NetBSD releases

• NetBSD released versions 6.1.3, 6.0.4, 5.2.2 and 5.1.4
• These updates include lots of bug fixes and some security updates, not focused on new features
• You can upgrade depending on what branch you\’re currently on
• Confused about the different branches? See this graph.

The future of open source ZFS development

• On February 11, 2014, Matt Ahrens will be giving a presentation about ZFS
• The talk will be about the future of ZFS and the open source development since Oracle closed the code
• It\’s in San Jose, California – go if you can!

This episode was brought to you by

Interview – George Neville-Neil – gnn@freebsd.org / @gvnn3

The FreeBSD Journal

Tutorial

Tracking -STABLE and -CURRENT (OpenBSD)

News Roundup

pfSense news and 2.1.1 snapshots

• pfSense has some snapshots available for the upcoming 2.1.1 release
• They include FreeBSD security fixes as well as some other updates
• There are recordings posted of some of the previous hangouts
• Unfortunately they\’re only for subscribers, so you\’ll have to wait until next month when we have Chris on the show to talk about pfSense!

FreeBSD on Google Compute Engine

• Recently we mentioned some posts about getting OpenBSD to run on GCE, here\’s the FreeBSD version
• Nice big fat warning: \”The team has put together a best-effort posting that will get most, if not all, of you up and running. That being said, we need to remind you that FreeBSD is being supported on Google Compute Engine by the community. The instructions are being provided as-is and without warranty.\”
• Their instructions are a little too Linuxy (assuming wget, etc.) for our taste, someone should probably get it updated!
• Other than that it\’s a pretty good set of instructions on how to get up and running

Dragonfly ACPI update

• Sascha Wildner committed some new ACPI code
• There\’s also a \”heads up\” to update your BIOS if you experience problems
• Check the mailing list post for all the details

PCBSD weekly digest

• 10.0-RC4 users need to upgrade all their packages for 10.0-RC5
• Help test GNOME 3 so we can get it in the official ports tree
• By the way, PCBSD 10.0 is out!
• Special thanks to developers, testers, translators and docs team!
• Upcoming: Working on a 11-CURRENT PC-BSD and 10-STABLE

Feedback/Questions

• Tony writes in: https://slexy.org/view/s21ZlfOdTt
• Jeff writes in: https://slexy.org/view/s2BFZ68Na5
• Remy writes in: https://slexy.org/view/s20epArsQI
• Nils writes in: https://slexy.org/view/s213CoNvLt
• Solomon writes in: https://slexy.org/view/s21XWnThNS

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)
• A BSD Now t-shirt design is in the works, we\’ll update you on the progress (but we have to get permission to use the mascots and get a rough sketch first)
• NYCBSDCon will be on February 8th in NYC
• We\’ll announce the winner of our tutorial contest on next week\’s episode! Get your last minute tutorial submissions in for our contest

The post Journaled News-Updates | BSD Now 22 first appeared on Jupiter Broadcasting.

Much more than just a touch of Ubuntu, we take a deep dive into the Ubuntu Touch Preview and how they’ve pulled it off, the surprising components of Android that are being used, and why it means Ubuntu Touch will be on hundreds of popular devices soon.

Plus we’ve got an explanation of Linus’ recent blow up, the big news for Btrfs, some Steam secrets revealed…

AND SO MUCH MORE!

All this week on, The Linux Action Show!

Thanks to:

Use our code linux295 to get a .COM for $2.95.

28% off your ENTIRE order just use our code go28off3 until the end of the month!

Download:

HD Video | Mobile Video | Ogg Video | MP3 Audio | Ogg Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Feed | Ogg Feed | iTunes Feeds | Torrent Feed

Support the Show: