Noah & Emma set out to switch as many users to Linux as possible. Our team documents their competition to switch the most people to Linux within two hours in the Pacific Northwest!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | OGG Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

Runs Linux:

• Rover controlling software from the ESA, Runs Linux – Starts at 5:09s

• The Time the UI is up on screen

ESA astronaut Tim Peake will take part in an experiment dubbed ‘SUPVIS-M’ (Supervisory Control of Mars Yard Rover) in which he will operate, from the International Space Station (ISS), a UK-built rover – Bridget – located in the Airbus Mars Yard in Stevenage, UK.

• Source: [Runs Linux] Rover controlling software – ESA – Starts at 5:09s : LinuxActionShow

Getting started with Linux:

1. Obtain the Ubuntu Install image from ubuntu.com

2. Write the Ubuntu installation image to a USB flash media device. On PC use Etcher or Rufus & on a mac, use Etcher. Be careful to make sure the flash drive is chosen in this step.

3. Once that is finished, eject the drive and insert the drive into your PC/Mac

4. When booting the PC/Mac press F2 (or your computer’s hotkey to access the boot menu), or if you’re running a newer version of Windows such as 8 or 10 boot into Windows, press start, go to advanced start options, choose UEFI Settings, Disable secureboot. Boot back into Windows repeat the steps to get back into UEFI and choose to boot off of the USB device.

5. Play around with the live demo system and if you enjoy it, follow the on screen instructions to install Ubuntu either as a secondary option to MacOS X or Windows, or as the only option, whichever you prefer.

The post Linux Switch Competition | LAS 415 first appeared on Jupiter Broadcasting.

Why a stolen healthcare record is harder to track than you might think, Security pros name their must have tools & blame as a service, the new Cybersecurity hot product.

Plus great questions, a huge Round Up & much, much more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

A day in the life of a stolen healthcare record

• “When your credit card gets stolen because a merchant you did business with got hacked, it’s often quite easy for investigators to figure out which company was victimized. The process of divining the provenance of stolen healthcare records, however, is far trickier because these records typically are processed or handled by a gauntlet of third party firms, most of which have no direct relationship with the patient or customer ultimately harmed by the breach.”
• “I was reminded of this last month, after receiving a tip from a source at a cyber intelligence firm based in California who asked to remain anonymous. My source had discovered a seller on the darknet marketplace AlphaBay who was posting stolen healthcare data into a subsection of the market called “Random DB ripoffs,”
• “Eventually, this same fraudster leaked a large text file titled, “Tenet Health Hilton Medical Center,” which contained the name, address, Social Security number and other sensitive information on dozens of physicians across the country.”
• “Contacted by KrebsOnSecurity, Tenet Health officials said the data was not stolen from its databases, but rather from a company called InCompass Healthcare. Turns out, InCompass disclosed a breach in August 2014, which reportedly occurred after a subcontractor of one of the company’s service providers failed to secure a computer server containing account information. The affected company was 24 ON Physicians, an affiliate of InCompass Healthcare.”
• “The breach affected approximately 10,000 patients treated at 29 facilities throughout the U.S. and approximately 40 employed physicians,” wrote Rebecca Kirkham, a spokeswoman for InCompass.
• So who was the subcontractor that leaked the data? According to PHIprivacy.net (and now confirmed by InCompass), the subcontractor responsible was PST Services, a McKesson subsidiary providing medical billing services, which left more than 10,000 patients’ information exposed via Google search for over four months.
• Think about that for a minute. The information must have just been laying around on their website for it to be able to be found by Google search
• “Still, not all breaches involving health information are difficult to backtrack to the source. In September 2014, I discovered a fraudster on the now-defunct Evolution Market dark web community who was selling life insurance records for less than $7 apiece. That breach was fairly easily tied back to Torchmark Corp., an insurance holding company based in Texas; the name of the company’s subsidiary was plastered all over stolen records listing applicants’ medical histories.”
• “Health records are huge targets for fraudsters because they typically contain all of the information thieves would need to conduct mischief in the victim’s name — from fraudulently opening new lines of credit to filing phony tax refund requests with the Internal Revenue Service. Last year, a great many physicians in multiple states came forward to say they’d been apparently targeted by tax refund fraudsters, but could not figure out the source of the leaked data. Chances are, the scammers stole it from hacked medical providers like PST Services and others.”
• As we have previously discussed, a stolen credit card may be worth a few dollars, even high end corporate cards rarely fetch more than $10 or $15 each. Health care records are worth upwards of $100 each.
• “Sensitive stolen data posted to cybercrime forums can rapidly spread to miscreants and ne’er-do-wells around the globe. In an experiment conducted earlier this month, security firm Bitglass synthesized 1,568 fake names, Social Security numbers, credit card numbers, addresses and phone numbers that were saved in an Excel spreadsheet. The spreadsheet was then transmitted through the company’s proxy, which automatically watermarked the file. The researchers set it up so that each time the file was opened, the persistent watermark (which Bitglass says survives copy, paste and other file manipulations), “called home” to record view information such as IP address, geographic location and device type.”
• “The company posted the spreadsheet of manufactured identities anonymously to cyber-crime marketplaces on the Dark Web. The result was that in less than two weeks, the file had traveled to 22 countries on five continents, was accessed more than 1,100 times. “Additionally, time, location, and IP address analysis uncovered a high rate of activity amongst two groups of similar viewers, indicating the possibility of two cyber crime syndicates, one operating within Nigeria and the other in Russia,” the report concluded.“

Security pros name their must have tools

• Network World asked some “security pros” from around the industry to name their must have tools
• Lawyers Without Borders uses Intralinks VIA to securely share files
• Yell.com (a yellow pages site) uses Distil Networks’ bot detection and mitigation service to prevent content theft and avoid excess load from web scraper bots
• SureScripts.com (online perscription service) uses Invincea FreeSpace Enterprise for endpoint security. “stops advanced end user attacks (spear phishing, drive-by downloads, etc.) via containment, and stops our machines from getting infected
• a biotechnology company uses EMC Syncplicity to secure and distribute content to mobile devices. “It is an amazing mobile app that offers a great user experience and also offers the security and control we need as a therapeutics company with lots of sensitive information”
• A private health insurance software application provider uses Forum Sentry API gateway to protect its API from malactors. “Forum Sentry enabled us to securely expose our APIs to our private health insurance funds, third parties and internal clients and has provided a policy-based platform that is easy to maintain and extend – all while reducing development time and resources”
• Firehouse Subs, a large restaurant chain uses Netsurion’s Managed PCI to manage their Payment Card Industry Data Security Standard compliance. “Netsurion simplifies PCI for myself, and our franchisees, allowing us to maintain focus on other portions of our business”
  • A software vendor that makes heavy uses of Software as a Service (SaaS) relies on Adallom for SaaS to monitor, provides visibility into, and protection of SaaS applications.
  • Iowa Vocational Rehabilitation Services, raved about the configurability and reliability of NCP’s enterprise VPN solution
• I am sorry, when I started writing this news item for TechSNAP, I thought the list was going to be useful
• These were not the kinds of tools I was expecting
• Instead it just shows a random reporter who knows nothing about Cyber Security, asking a bunch of random businesses who know nothing about Cyber Security and just buy magic software and services what they think
• If your approach to cyber security is: buy some magic software, then you’re in trouble
• Cyber Security is a mindset, and requires defense in depth. It is about doing as much as can be done, and more importantly, planning for when that turns out to not be enough.
• What you really need is a cyber security disaster kit, like the one you have in your house in the event of a nature disaster. All of the things you need to survive until the mess is cleaned up.
• What companies really need, is to do cyber security fire drills, and have better fire alarms
• Software can’t solve everything, but it can help automate the task of getting the attention of a human at the right time

Intel launches new line of E7 v3 Haswell-EX processors

• Intel has announced its new E7-8800 and E7-4800 line of processors, featuring:
• 20% more cores/threads
• 20% more Last-Level Cache
• Benchmarks show actual 15-20% gains over the E7-4890 v2
• Support for DDR3 or DDR4 memory (not at the same time). “Support for the two differing memory types comes by way of Intel’s C112 and C114 scalable memory buffers.”
• 1.5 TB of ram per socket, quad channel, 102 GB/s memory bandwidth
• This means a 4 socket motherboard can have 6TB of ram, and an 8 socket board can have 12TB of ram
• 32 PCI-E 3.0 lanes per socket
• The highest end versions also feature QPI links at 9.6 GT/s (the previous maximum was 8.0 GT/s)
• E7-4xxx models are designed for 4 socket motherboards, while the E7-8xxx models are for 8 socket motherboards
• Models include:
  • E7-4809 v3 – 8x 2.00 GHz + HT, 20MB LLC
  • E7-4820 v3 – 10x 1.90 GHz + HT, 25MB LLC
  • E7-4830 v3 – 12x 2.10 GHz (Turbo: 2.70 GHz) + HT, 30MB LLC
  • E7-4850 v3 – 14x 2.20 GHz (Turbo: 2.80 GHz) + HT, 35MB LLC
  • E7-8860 v3 – 16x 2.20 GHz (Turbo: 3.20 GHz) + HT, 40MB LLC
  • E7-8880 v3 – 18x 2.30 GHz (Turbo: 3.10 GHz) + HT, 45MB LLC
  • E7-8890 v3 – 18x 2.50 GHz (Turbo: 3.30 GHz) + HT, 45MB LLC
  • E7-8891 v3 – 10x 2.80 GHz (Turbo: 3.50 GHz) + HT, 45MB LLC
  • E7-8893 v3 – 4x 3.20 GHz (Turbo: 3.50 GHz) + HT, 45MB LLC
• “Want!”

Feedback:

• Looking for a better/different back-up solution.

• Question about NAS versus SAN

• A response to the docker criticism in Episode 212 “Dormant Docker Disasters”

• The concept of a Virtual/Logical DMZ?

Round Up:

• Actively exploited WordPress bug puts millions of sites at risk
• Learn about how Windows kernel exploits work with the “HackSys Extreme Vulnerable Driver”
• PillPack.com online pharmacy vulnerability could have allowed anyone to view your entire perscription history, with only your name a birthdate
• Network reconnaissance without actually probing the network, using DNS
• Hospira Lifecare PCA infusion pump has telnet enabled with no password, allows anyone to root it with a tcp connection
• Boeing 787 dreamliner generator control units contain software bug that causes them to fail after 248 days of uptime
• Microsoft bangs the cybersecurity drum with Advanced Threat Analytics
• How to make two C binaries with the same MD5 hash – Why you shouldn’t trust MD5
• Understanding Docker Security and Best Practices
• Netflix open sources FIDO – Fully Integrated Defense Operation
• Docker vs the container world: Techies rally around CoreOS-led spec
• Lab of a Pen Tester — Dumping Windows 8.1 passwords in plain text
• System Crash for Starbucks Leads to Free Coffee for Some
• L3 cache mapping on Sandy Bridge CPUs
• Google Can’t Ignore The Android Update Problem Any Longer
• Researcher finds another method of bypassing Google’s password alert feature
• Windows 10 to do away with Patch Tuesday
• “unnamed FreeBSD Developer: OMG!!! I found a place where an ex-employee went to the repo, checked out the distribution tarball of freeipmi… unpacked it… edited the Makefiles, re-tarred it up and checked it back in under same name…”

The post Blame as a Service | TechSNAP 213 first appeared on Jupiter Broadcasting.

You asked for it, so we delivered. With the gracious assistance of a STOked fan, we are now prepared to offer you an in-depth analysis of your favorite bar game and ours – DABO!

Before we get into all that mess though, we want to share with you some recent news and rumors – new ship models, new costumes, state of the game, engineering report and MORE!

[ad#shownotes]

Our STOked App:

Grab the STOked iPhone/iPod App and download STOked plus bonus content on the go!

This Week’s Show Notes:

NEWS:
RUMOR: Nebula faces indefinite delays
(CBS approval?)
Quoted during an interview on Subspace Radio

Thoughts on “Cold Case” — this week’s Featured Episode

• Liked the ‘chase’ aspect of the mission
• Neat that the Preservers stored their data in ruins/etc.
• Jeremy was hating on the puzzle.  Might’ve just been morning-crankyness.
• Chris thinks the puzzle issue isn’t the puzzle itself, but the interface used.  A separate interface (like the waveform dealie)

State of the Game

• Seeing an increase in Lifetime memberships
• More than half of their subscribers have played the new weekly content
• Re-evaluating their C-Store attitude.  More items available in-game + purchaseable.
• A lot of KDF-specific talk, but how much will be implemented in a timely manner?
• “We have a new ground combat mode in testing that allows you to switch to a target reticule and shoot your weapons where you are aiming instead of needing to click target.”

Engineering Report
“Our recent meetings with CBS also turned up some interesting discussions and several of the features we had hoped to deliver are being rescoped and evaluated due to some concerns. This primarily impacts the Enterprise J and the Kzinti.”

New KDF ship pictures!

New costume pictures!

Shout out to Red Shirt Army
The footage used to display the STO-Advanced hacks was put together by them.  Thanks!

Massively raises the question: “What mechanics from other MMOs should STO steal?”

Cryptic’s Champions Online on sale for $6.00!  (Until Sept 22)

Comes with 30 days of free play, so it’s a great deal if you’re curious!

MATH:

DABO!

There’s necessarily a bunch of number crunching, and there’s no way that you can ‘cheat’ the system.  But thanks entirely to a very dedicated fan of Dabo (@RachelGarrett!), I do have some details and mechanics I can share with you.

The first thing you should know, is how to read the board.  Each symbol on the wheels is a combination of a suit (color), shape, and a number.  There are 3 possible version of each of these 3 variables.  This means that there are a total of 27 different combinations (3x3x3), each of which are represented only once on the board.

The innermost ring on the wheel is a wildcard where color is concerned.

In addition to the 27 symbols, there are also a number of miscellaneous symbols that increase the payout of any line they land on.

• The so called Swirl is a joker, that can act as any color, shape or count
• Two or more Quarks give a high payout. (looks kinda like a golden scarab)
• DS9 icons work like Quarks, but have a lower multiplier
• A black hole will match with nothing

Of note:  There is only ONE Black Hole per line on the board.  That means that the worst possible spin, is to get all 3 of those lined up, and win nothing.  But, if you bet on 3 lines at a time, your odds of winning something actually increase, because you can never hit this combo on two lines at the same time.  Which is another way of saying, always bet on 3 lines!  Your odds of winning increase!

ODDS!

There are SO many different ways to win, and SO many different payouts, that it’s actually completely possible to calculate an average payout for playing.

The longer you play, the closer to get to a basic exchange rate where, for every 100EC you spend playing dabo, you’ll win (on average) 88 GPL.

Now, this also means that you can easily calculate the actual EC value of all of Woody’s goods by multiplying the cost by 114%.  This ALSO means that it’s relatively easy to calculate an estimate of how much EC it will cost to get the top dabo-related accolade, which is winning 1million GPL.  By multiplying that by 1.14, you can estimate that you’ll need about 1,140,000 EC in order to achieve all of the available accolades.

In summary, dabo is entirely chance and luck, and here are some links to the payouts and odds of hitting them:

Payouts and Walkthru:  https://stowiki.org/Dabo
Dabo-related Accolades:  https://stowiki.org/Accolade/Exploration_Accolade#Dabo
Odds and Calcuations:  https://forums.startrekonline.com/showthread.php?t=176160

COMMUNITY FEEDBACK:

You have a few more days to send in your submissions!  We’ll be sharing your answers on next week’s episode.  Send your feedback to:  stoked@jupiterbroadcasting.com

Last week’s question:
“What can Cryptic do to create incentive to joining/creating Fleets/communities?”

Download:

The post Dabo Math | STOked 52 first appeared on Jupiter Broadcasting.