Show Notes: linuxactionnews.com/176

The post Linux Action News 176 first appeared on Jupiter Broadcasting.

Show Notes: techsnap.systems/413

The post The Coffee Shop Problem | TechSNAP 413 first appeared on Jupiter Broadcasting.

Show Notes: techsnap.systems/406

The post SACK Attack | TechSNAP 406 first appeared on Jupiter Broadcasting.

Show Notes: linuxunplugged.com/306

The post Flipping FreeNAS for Fedora | LINUX Unplugged 306 first appeared on Jupiter Broadcasting.

Show Notes: techsnap.systems/403

The post Keeping Systems Simple | TechSNAP 403 first appeared on Jupiter Broadcasting.

Show Notes: techsnap.systems/397

The post Quality Tools | TechSNAP 397 first appeared on Jupiter Broadcasting.

Show Notes: techsnap.systems/382

The post Domestic Disappointments | TechSNAP 382 first appeared on Jupiter Broadcasting.

HD Video Feed | MP3 Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

GUNPG encryption broken

• Fixed in Libgcrypt version 1.7.8

• The study – PDF

• obtain a very efficient full key recovery for RSA-1024

• For RSA-2048 the attack is efficient for 13% of keys (i.e. 1 in 8).

NASDAQ leaks test data

• Financial Times link- paywall

• A data glitch briefly made online games group Zynga more valuable than Goldman Sachs when prices of a host of Nasdaq-listed stocks including Amazon, Apple and Microsoft were reset to exactly $123.47.

• Prices on Nasdaq’s official website appeared unaltered but those shown on financial data services including Bloomberg, Thomson Reuters and Google Finance did display the price changes to $123.47.

• New York Stock Exchange data were unaffected. Typically, vendors discard the test prices when checks are done. While the reason this did not happen for Nasdaq on Monday is not known, there was speculation it was linked to changed timings on the eve of the US Independence Day holiday.

• “It was no error by Nasdaq,” the exchange operator said. “Some vendors took test data and put it out as live prices.”

• Nasdaq said the glitch did not affect any market trading, including after hours. However, traders in Hong Kong said they saw a handful of trades reported at those prices, although many deals were subsequently cancelled.

Taking Control of All .io Domains With a Targeted Registration

• Previous post same person – The Hidden Risks of Domain Extensions

• The .io domain has several top level DNS servers under .io (e.g. a1.io)

• Not so much an exploit as failure of TLD to protect its assets

• Hard part is finding the servers which can be registered and then registering them

• Dan notes that .org does not suffer as easily from this problem because all of the .org NS records are under a given domain: org.afilias-nst.info. (re dig NS org. @k.root-servers.net.)

In the what’s new category for Dan

• Two Samsung 850 EVO 500GB SSDs in ICY DOCK MB882SP-1S-3B converters so I can mount them in 3.5″ drive trays.

• ‘Divider Boxes’ from @LeeValleyTools, set of 5 for CAD$9.50.

• LTO-4 labels for my laser printer

• Inserted 2nd of 6 5TB drives to replace my 3TB drives.

• Uploaded two scripts for my Let’s Encrypt project to GitHub: collect-certs & check-for-new-certs

Feedback

• RISC is Good?

• ZFS checksum errors on DigitalOcean block storage volume

• Alternate e-mail hosting service

• Check Your Backups! You might learn pg_dump better

• Google, MX, email, $1?

• vim customization

Round Up:

• Let’s code a TCP/IP stack, 5: TCP Retransmission

• OpenBSD Will Get Unique Kernels on Each Reboot. Do You Hear That Linux, Windows? – as detailed in BSDNow Episode 199: Read the source, KARL

• Privileged Ports Cause Climate Change – “I’m going to hazard a guess that the same 16-24 core Xeon with ~256gb of RAM that probably hosts less than a hundred 768mb VMs could probably host thousands of user workloads if those workloads ran directly on the same kernel without the cost of a hypervisor or the bloat of containers.” – FreeBSD jails – each one runs on the same kernel

• Pokemon or Big Data

The post Unsecured IO | TechSNAP 327 first appeared on Jupiter Broadcasting.

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Security Breach at Oracle’s MICROS point of sales division

A Russian organized cybercrime group known for hacking into banks and retailers appears to have breached hundreds of computer systems at software giant Oracle Corp.
More alarmingly, the attackers have compromised a customer support portal for companies using Oracle’s MICROS point-of-sale credit card payment systems.
Asked this weekend for comment on rumors of a large data breach potentially affecting customers of its retail division, Oracle acknowledged that it had “detected and addressed malicious code in certain legacy MICROS systems.” It also said that it is asking all MICROS customers to reset their passwords for the MICROS online support portal.
Oracle’s MICROS division sells point-of-sale systems used at more than 330,000 cash registers worldwide. When Oracle bought MICROS in 2014, the company said MICROS’s systems were deployed at some 200,000+ food and beverage outlets, 100,000+ retail sites, and more than 30,000 hotels.
A source briefed on the investigation says the breach likely started with a single infected system inside of Oracle’s network that was then used to compromise additional systems. Among those was a customer “ticketing portal” that Oracle uses to help MICROS customers remotely troubleshoot problems with their point-of-sale systems.
Those sources further stated that the intruders placed malicious code on the MICROS support portal, and that the malware allowed the attackers to steal MICROS customer usernames and passwords when customers logged in the support Web site.
This breach could be little more than a nasty malware outbreak at Oracle. However, the Carbanak Gang’s apparent involvement makes it unlikely the attackers somehow failed to grasp the enormity of access and power that control over the MICROS support portal would grant them.
This [incident] could explain a lot about the source of some of these retail and merchant point-of-sale hacks that nobody has been able to definitively tie to any one point-of-sale services provider, I’d say there’s a big chance that the hackers in this case found a way to get remote access” to MICROS customers’ on-premises point-of-sale devices.

• It is not clear if the breach at Oracle may have resulted in the attackers being able to remotely control MICROS payment terminals.
• According to comments on the Krebs articles, the actual credit card processing is usually done on the pinpad unit, and just the results are processed by the cash register running MICROS

After investigative reporter Brian Krebs reported a compromise of Oracle’s MICROS unit earlier this week, it now appears the same allegedly Russian cybercrime gang has hit five others in the last month: Cin7, ECRS, Navy Zebra, PAR Technology and Uniwell. Together, they supply as many as, if not more than, 1 million point-of-sale systems globally.

TCP stack bug in Linux 3.6+ means many systems vulnerable

At the 25th Usenix Security Symposium on Wednesday, researchers with the University of California at Riverside and the US Army Research Laboratory will demonstrate a proof-of-concept exploit that allows them to inject content into an otherwise legitimate USA Today page that asks viewers to enter their e-mail and passwords.
Computer scientists have discovered a serious Internet vulnerability that allows attackers to terminate connections between virtually any two parties and, if the connections aren’t encrypted, inject malicious code or content into the parties’ communications.
The vulnerability resides in the design and implementation of RFC 5961, a relatively new Internet standard that’s intended to prevent certain classes of hacking attacks.

• However, in order to prevent a denial of service attack, there is a global rate limit to the number of responses this new code will send. The issue is, an attacker can now exploit this, by eliciting enough responses to research that limit, it means that the server will not send legitimate responses to the user. This then allows the attacker to send a response pretending to be the server, and shutdown the connection between the user and the server.

Attackers can go on to exploit the flaw to shut down the connection, inject malicious code or content into unencrypted data streams, and possibly degrade privacy guarantees provided by the Tor anonymity network.
The flawed code was introduced into the Linux operating system kernel starting with version 3.6 in 2012, has added a largely complete set of functions implementing the standard. Linux kernel maintainers released a fix with version 4.7 almost three weeks ago, but the patch has not yet been applied to most mainstream distributions. For the attack to work, only one of the two targeted parties has to be vulnerable, meaning many of the world’s top websites and other services running on Linux remain susceptible.

• What makes this attack especially bad is that the attacker does not need to be Man-in-the-Middle, it works as a so called “off-path” attack. The attacker just sits on the sidelines with their regular internet connection, and sends packets to one or both parties, and by guessing the port numbers used on each side (usually by brute force), can inject content into the flow of packets between the two parties.
• This is normally prevented by the TCP three-way handshake (which gets a positive acknowledgement from both sides, to prevent someone from being able to spoof their IP), and the sequence numbers prevent an attacker from easily injecting packets in the connection stream.

In this paper, we discover a much more powerful off-path attack that can quickly 1) test whether any two arbitrary hosts on the Internet are communicating using one or more TCP connections (and discover the port numbers associated with such connections); 2) perform TCP sequence number inference which allows the attacker to subsequently, forcibly terminate the connection or inject a malicious payload into the connection. We emphasize that the attack can be carried out by a purely off-path attacker without running malicious code on the communicating client or server. This can have serious implications on the security and privacy of the Internet at large.
The root cause of the vulnerability is the introduction of the challenge ACK responses and the global rate limit imposed on certain TCP control packets. The feature is outlined in RFC 5961, which is implemented faithfully in Linux kernel version 3.6 from late 2012. At a very high level, the vulnerability allows an attacker to create contention on a shared resource, i.e., the global rate limit counter on the target system by sending spoofed packets. The attacker can then subsequently observe the effect on the counter changes, measurable through probing packets.
Through extensive experimentation, we demonstrate that the attack is extremely effective and reliable. Given any two arbitrary hosts, it takes only 10 seconds to successfully infer whether they are communicating. If there is a connection, subsequently, it takes also only tens of seconds to infer the TCP sequence numbers used on the connection. To demonstrate the impact, we perform case studies on a wide range of applications.

• So the features introduced by the new RFC make it possible for the attacker to figure out the sequence number of the TCP connection to inject traffic into it

Besides injecting malicious JavaScript into a USA Today page, the researchers also show how the vulnerability can be exploited to break secure shell, or SSH, connections and tamper with communications traveling over Tor. In the latter case, attackers can terminate key links in the Tor chain—for instance, those connecting an end user to an entry node, an entry node to a middle relay, or a middle relay to the exit node. The Tor attack could be particularly effective if it knocked out properly functioning exit nodes because the technique would increase the chances that connections would instead use any malicious exit nodes that may exist.

• PDF: Research Paper: Off-Path TCP Exploits: Global Rate Limit Considered
  Dangerous
• Additional Coverage: ArsTechnica
• Additional Coverage: ISS Source

Microsoft bungles SecureBoot key handling, golden keys can unlock any system

Microsoft has accidentally leaked the keys to the kingdom, permitting attackers to unlock devices protected by Secure Boot — and it may not be possible to fully resolve the leak.
If you provision this magic policy, that is, if you install it into your firmware, the Windows boot manager will not verify that it is booting an official Microsoft-signed operating system. It will boot anything you give it provided it is cryptographically signed, even a self-signed binary – like a shim that loads a Linux kernel.

• This signed policy was never meant to leave the lab, but it seems it did

The Register understands that this debug-mode policy was accidentally shipped on retail devices, and discovered by curious minds including Slip and MY123. The policy was effectively inert and deactivated on these products but present nonetheless.
For internal debugging purposes, Microsoft created and signed a special Secure Boot policy that disables the operating system signature checks, presumably to allow programmers to boot and test fresh OS builds without having to sign each one.
This, in turn, allows someone with admin rights or an attacker with physical access to a machine not only to bypass Secure Boot and run any operating system they wish, such as Linux or Android, but also permits the installation and execution of bootkit and rootkits at the deepest level of the device
A backdoor, which MS put into secure boot because they decided to not let the user turn it off in certain devices, allows for secure boot to be disabled everywhere!
You can see the irony. Also the irony in that MS themselves provided us several nice “golden keys” (as the FBI would say for us to use for that purpose

• Between June and July, Microsoft awarded a bug bounty, and pushed a fix — MS16-094. However, this fix was deemed “inadequate,” although it had somewhat mitigated the problem, resulting in a second patch, MS16-100, being issued in August.
• This update blacklists a bunch of revoked keys and signatures so they can no longer be used, but Microsoft cannot revoke all old keys, because they are used on things like read-only installation disks

If you’re using a locked-down Secure Boot PC and you have admin rights on the box, and you want to boot something else, all the above is going to be of interest to you. If you’re an IT admin who is relying on Secure Boot to prevent the loading of unsigned binaries and drivers – such as rootkits and bootkits – then all the above is going to worry you.

• Additional Coverage: TheRegister
• The article at The Register provides links to a number of scripts and tools to be able to unlock the UEFI firmware on Windows RT tablets, and be able to install an alternative OS
• Researcher Blog (with demoscene music)
• The point raised by the researchers is especially poignant: Having “secure” secret backdoor keys will never work. They will always end up getting leaked, and there is no way to undo that damage when it happens.
• Secure Golden Key Boot: (MS16-094 / CVE-2016-3287, and MS16-100 / CVE-2016-3320)

Feedback:

• zpool on sd cards for a mobile storage?
• Using a Laptop as a FreeNAS server
• WiFi Backup storage…
• Next best thing after ZFS?

Round Up:

• Researchers crack open unusually advanced malware that hid for 5 years
• BTRFS raid56 considered dangerous btrfs developers recommend you switch to ZFS
• Linux malware? That’ll never happen. Ok, just this once then
• Ardunio based tool can unlock every Volkswagen sold since 1995 (~100 million cars)
• London’s Met Police has missed the Windows XP escape deadline
• The dark side of Certificate Transparency
• How I hacked imgur for fun and profit
• A look at the first generation of 3D X-Point NVMe devices
• Demystifying the “Secure Enclave Processor” in the iPhone
• Google will now allow customers to use their own encryption keys in Google Compute Engine
• Year long study by Google finds users 3x more likely to get ‘Unwanted Software’ than malware. Blame: Adobe Flash (Mcafee), Oracle Java (Yahoo toolbar, previously: ask toolbar), Ad Injectors, etc
• Sex toys with phone apps, often send all your data back to the manufacturer
• First ransomware for Smart Thermostats
• In December, Chrome 55 will make HTML5 the default experience, except for sites which only support Flash. For those, you’ll be prompted to enable Flash when you first visit the site.
• Microsoft disables RC4 algorithm in Internet Explorer 11 and Microsoft Edge — Can be cracked in only a matter of hours or days
• Government-Backed Study Finds Piracy Fight a Low Priority for Canadian Rights Holders
• Remote code execution, by opening a MS Word doc

The post Microsoft’s Golden Ticket | TechSNAP 280 first appeared on Jupiter Broadcasting.

The OpenZFS summit just wrapped up and Allan shares the exciting new features coming to the file system, researchers warn about flaws in NTP & of course we’ve got some critical patches.

Plus a great batch of questions, a rockin’ round up & much, much more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

OpenZFS Dev Summit

• Earlier this week the OpenZFS Developers Summit was held, as well as the 10th Anniversary party for the open sourcing of ZFS
• The first day consisted of networking and presentations
• Videos:
  • Opening Keynote and OpenZFS Success Stories
  • OpenZFS Internals
  • Masked ZFS Send, and ZFS Send Compression
  • Live Migration of NFS shares with Zmotion
  • The birth of ZFS, with Jeff Bonwick
  • Declustered RAID
  • Eager Zero, improving performance on AWS and VMWare
  • Compressed ARC
  • Discontiguous Caching with ABD
  • Dedup Ceiling, Persistent L2ARC, and ZFS native TRIM/UNMAP
  • Sandboxing ZFS on Linux
  • Metadata Allocation Classes, and Ztour
  • Writeback Caching
  • Story Time / Q and A with Matt and Jeff
• The second day was a hackathon at Github’s offices. People worked on a number of different projects, and Nexenta provided prizes to the projects voted to be the best prototypes
• Hackathon Presentations
• During the hackathon, I worked on a new feature of ZFS to make it easier to tell what command line features the current version of ZFS supports, so my replication script can determine if a new feature is supported or not

Researchers warn about flaws in NTP

• NTP is one of the oldest protocols still in use on the Internet. The Network Time Protocol is used to keep a computer’s clock in sync. It is very important for many applications, including cryptography (if your clock is wrong, certificates cannot be verified, expired certificates may be accepted, one-time-passwords may not be valid yet or already expired, etc)
• “The importance of NTP was highlighted in a 2012 incident in which two servers run by the U.S. Navy rolled back their clocks 12 years, deciding it was the year 2000. Computers that checked in with the Navy’s servers and adjusted their clocks accordingly had a variety of problems with their phones systems, routers and authentication systems”
• Researchers from Boston University announced yesterday that it’s possible for an attacker to cause an organization’s servers to stopping checking the time altogether
• “This research was first disclosed on August 20, 2015 and made public on October 21, 2015.”
• “NTP has a rate-limiting mechanism, nicknamed the “Kiss O’ Death” packet, that will stop a computer from repeatedly querying the time in case of a technical problem. When that packet is sent, systems may stop querying the time for days or years, according to a summary of the research”
• Post by researchers
• PDF: Full research paper
• The researchers outline 4 different attacks against NTP:
  • Attack 1 (Denial of Service by Spoofed Kiss-o’-Death)
  • Attack 2 (Denial of Service by Priming the Pump)
  • Attack 3 (Timeshifting by Reboot)
  • Attack 4 (Timeshifting by Fragmentation)
• It is recommended you upgrade your version of NTP to ntp-4.2.8p4
• “With the virtual currency bitcoin, an inaccurate clock could cause the bitcoin client software to reject what is a legitimate transaction”
• The paper goes on to describe the amount of error that needs to be induced to cause a problem:
  • TLS Certificate: years. Make a valid certificate invalid by setting the time past its expiration date, or make an expired certificate valid by turning the clock back
  • HSTS: a year. This is a header sent by websites that says “This site will always use a secure connection”, for sanity’s sakes, this header has an expiration date set some time in the future, usually a year. If you forward the clock past then, you can trick a browsers into accepting an insecure connection.
  • DNSSEC: months.
  • DNS Caches: days.
  • Routing (if security is even enabled): days
  • Bitcoin: hours
  • API Authenticate: minutes
  • Kerberos: minutes
• Alternatives:
  • Ntimed
  • OpenNTPd
    • Interesting feature: It can validate the ‘sanity’ of the time returned by the NTP server by comparing it against the time in an HTTPS header from a set of websites you select, like Google.com etc. It doesn’t set the time based on that (too inaccurate), but if the value from the time server is more than a few seconds off from that, ignore that time server as it might be malicious
  • tlsdate
  • NTPSec (a fork of regular NTP being improved)
• Additional Coverage: ArsTechnica

Adobe and Oracle release critical patches

• Adobe has issued a patch to fix a zero-day vulnerability in its Flash Player software
• All users should upgrade to Flash 19.0.0.226
• If you are worried, consider switching Flash to Click-to-Play mode
• Oracle has also released its quarterly patch update for Java, addressing at least 25 security vulnerabilities
• “According to Oracle, all but one of those flaws may be remotely exploitable without authentication”
• All users are strongly encouraged to upgrade to Java 8 Update 65
• Again, consider using click-to-play mode, to avoid allowing unexpected execution of Java
• “The latest versions of Java let users disable Java content in web browsers through the Java Control Panel.”
• “Alternatively, consider a dual-browser approach, unplugging Java from the browser you use for everyday surfing, and leaving it plugged in to a second browser that you only use for sites that require Java”

Feedback:

• Bandwidth vs the speed of light

• Unison and an encrypted remote-mounted filesystem

• ZFS pool configuration

• Chinese woman made platform shoes for penetration testing

Round up:

• Android 6.0 re-implements mandatory storage encryption for new devices
• A tale of software maintenance, or lack there of
• Apple’s claim of unbreakable iMessage encryption ‘basically lies’
• To follow up last weeks news that Zerodium/VUPEN will pay $1 – $3 million for an iOS 9 jailbreak, if they can keep it private, PANGU released their Jailbreak for 9.0 – 9.0.2 to the public
• Apple tells US Court that “accessing data stored on a locked iPhone would be “impossible” with devices using its latest operating system (iOS8 at the time)”
• Yahoo mail app for mobile is getting rid of passwords, and using push notifications for authentication
• Remote code exec hijack hole found in Huawei 4G USB modems
• Don’t be fooled by fake online reviews, part 2
• Teen Who Hacked CIA Director’s Email Tells How He Did It
• Cisco TALOS offers expert assistance to any hosting provider to finds they are hosting malicious content or actors
• Tim Berners-Lee warns Facebook against creating a walled garden, “don’t you dare make a phone that can only go to facebook.com.”
• Google switches to BoringSSL, but they don’t recommend that you do
• Battery Tests Find No iPhone 6s Chipgate Problems – Consumer Reports
• XVWA (Xtreme Vulnerable Web Application) is a PHP/MySQL application purposely built with one of each different type of classic vulnerability, to help security enthusiasts learn about application security

The post A Rip in NTP | TechSNAP 237 first appeared on Jupiter Broadcasting.

This week, we have Nigel Williams here to bring us all sorts of info about Multipath TCP, what it is, how it works and the ongoing effort to bring it into FreeBSD. All that and of course the latest BSD news coming your way, right now!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

This episode was brought to you by

Headlines

Backing out changes doesn’t always pinpoint the problem

• Peter Wemm brings us a fascinating look at debugging an issue which occurred on the FreeBSD build cluster recently.
• Bottom line? Backing out something isn’t necessarily the fix, rather it should be apart of the diagnostic process
• In this particular case, a change to some mmap() functionality ended up exposing a bug in the kernel’s page fault handler which existed since (wait for it…) 1997!
• As Peter mentions at the bottom of the Article, this bug had been showing up for years, but was sporadic and often written off as a networking hiccup.

BSD Router Project benchmarks new routing changes to FreeBSD

• A project branch of FreeBSD -CURRENT has been created with a number of optimizations to the routing code
• Alexander V. Chernikov (melifaro@)‘s routing branch
• The net result is an almost doubling of peak performance in packets per second
• Performance scales well with the number of NIC queues (2 queues is 88% faster than 1 queue, 3 is 270% faster). Unlike the previous code, when the number of queues hits 4, performance is down by only 10%, instead of being cut nearly in half
• Other Benchmark Results, and the tools to do your own tests

When is SSL not SSL?

• Our buddy Ted has a good write-up on a weird situation related to licensing of stunnel and LibreSSL
• The problem exists due to stunnel being released with a different license, that is technically incompatible with the GPL, as well as linking against non-OpenSSL versions.
• The author has also decided to create specific named exceptions when the *SSL lib is part of the base operating system, but does not personally consider LibreSSL as a valid linking target on its own
• Ted points out that the LibreSSL team considers LibreSSL == OpenSSL, so this may be a moot concern

Update on systembsd

• We’ve mentioned the GSoC project to create a SystemD shim in OpenBSD before. Now we have the slides from Ian Sutton talking about this project.
• As a refresher, this project is to take DBUS and create daemons emulating various systemd components, such as hostnamed, localed, timedated, and friends.
• Written from scratch in C, it was mainly created in the hopes of becoming a port, allowing Gnome and related tools to function on OpenBSD.
• This is a good read, especially for current or aspiring porters who want to bring over newer versions of applications which now depend upon SystemD.

Interview – Nigel Williams – njwilliams@swin.edu.au

• Multipath TCP

News Roundup

OpenBSD UEFI boot loader

• We’ve mentioned the ongoing work to bring UEFI booting to OpenBSD and it looks like this has now landed in the tree
• The “fdisk” utility has also been updated with a new -b flag, when used with ‘-i’ will create the special EFI system partition on amd64/i386.
• Some twitter benchmarks

FreeBSD Journal, July/August issue

• The latest issue of the FreeBSD Journal has arrived
• As always, the Journal opens with a letter from the FreeBSD Foundation
• Feature Articles:
• Groupon’s Deal on FreeBSD — How to drive adoption of FreeBSD at your organization, and lessons learned in retraining Linux sysadmins
• FreeBSD: The Isilon Experience — Mistakes not to make when basing a product on FreeBSD. TL;DR: track head
• Reflections on FreeBSD.org: Packages — A status update on where we are with binary packages, what issues have been overcome, and which still remain
• Inside the Foundation — An overview of some of the things you might not be aware that the FreeBSD Foundation is doing to support the project and attract the next generation of committers
• Includes a book review of “The Practise of System and Network Administration”
• As usual, various other reports are included: The Ports Report, SVN Update, A conference report, a report from the Essen hackathon, and the Event Calendar

Building ARMv6 packages on FreeBSD, the easy way

• Previously we have discussed how to build ARMv6 packages on FreeBSD
• We also interviewed Sean Bruno about his work in this area
• Thankfully, over time this process has been simplified, and no longer requires a lot of manual configuration, or fussing with the ‘image activator’
• Now, you can just build packages for your Raspberry Pi or similar device, just as simply as you would build for x86, it just takes longer to build.

New PC-BSD Release Schedule

• The PC-BSD Team has announce an updated release schedule for beyond 10.2
• This schedule follows more closely the FreeBSD schedules, with major releases only occurring when FreeBSD does the next point update, or major version bump.
• PC-BSD’s source tree has been split into master(current) and stable as well
• PRODUCTION / EDGE packages will be built from stable, with PRODUCTION updated monthly now. The -CURRENT monthly images will contain the master source builds.

Feedback/Questions

• Joris writes in
• Anonymous
• Darin

• A new BSDCon down in Brazil is being organized. To get in touch with the folks behind it, checkthem out on twitter @bsdcon_br
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

The post Multipath TCP | BSD Now 106 first appeared on Jupiter Broadcasting.

It’s already our two-year anniversary! This time on the show, we’ll be chatting with Scott Courtney, vice president of infrastructure engineering at Verisign, about this year’s vBSDCon. What’s it have to offer in that’s different in the BSD conference space? We’ll find out!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

OpenBSD hypervisor coming soon

• Our buddy Mike Larkin never rests, and he posted some very tight-lipped console output on Twitter recently
• From what little he revealed at the time, it appeared to be a new hypervisor (that is, X86 hardware virtualization) running on OpenBSD -current, tentatively titled “vmm”
• Later on, he provided a much longer explanation on the mailing list, detailing a bit about what the overall plan for the code is
• Originally started around the time of the Australia hackathon, the work has since picked up more steam, and has gotten a funding boost from the OpenBSD foundation
• One thing to note: this isn’t just a port of something like Xen or Bhyve; it’s all-new code, and Mike explains why he chose to go that route
• He also answered some basic questions about the requirements, when it’ll be available, what OSes it can run, what’s left to do, how to get involved and so on

Why FreeBSD should not adopt launchd

• Last week we mentioned a talk Jordan Hubbard gave about integrating various parts of Mac OS X into FreeBSD
• One of the changes, perhaps the most controversial item on the list, was the adoption of launchd to replace the init system (replacing init systems seems to cause backlash, we’ve learned)
• In this article, the author talks about why he thinks this is a bad idea
• He doesn’t oppose the integration into FreeBSD-derived projects, like FreeNAS and PC-BSD, only vanilla FreeBSD itself – this is also explained in more detail
• The post includes both high-level descriptions and low-level technical details, and provides an interesting outlook on the situation and possibilities
• Reddit had quite a bit to say about this one, some in agreement and some not

DragonFly graphics improvements

• The DragonFlyBSD guys are at it again, merging newer support and fixes into their i915 (Intel) graphics stack
• This latest update brings them in sync with Linux 3.17, and includes Haswell fixes, DisplayPort fixes, improvements for Broadwell and even Cherryview GPUs
• You should also see some power management improvements, longer battery life and various other bug fixes
• If you’re running DragonFly, especially on a laptop, you’ll want to get this stuff on your machine quick – big improvements all around

OpenBSD tames the userland

• Last week we mentioned OpenBSD’s tame framework getting support for file whitelists, and said that the userland integration was next – well, now here we are
• Theo posted a mega diff of nearly 100 smaller diffs, adding tame support to many areas of the userland tools
• It’s still a work-in-progress version; there’s still more to be added (including the file path whitelist stuff)
• Some classic utilities are even being reworked to make taming them easier – the “w” command, for example
• The diff provides some good insight on exactly how to restrict different types of utilities, as well as how easy it is to actually do so (and en masse)
• More discussion can be found on HN, as one might expect
• If you’re a software developer, and especially if your software is in ports already, consider adding some more fine-grained tame support in your next release

Interview – Scott Courtney – vbsdcon@verisign.com / @verisign

vBSDCon 2015

News Roundup

OPNsense, beyond the fork

• We first heard about OPNsense back in January, and they’ve since released nearly 40 versions, spanning over 5,000 commits
• This is their first big status update, covering some of the things that’ve happened since the project was born
• There’s been a lot of community growth and participation, mass bug fixing, new features added, experimental builds with ASLR and much more – the report touches on a little of everything

LibreSSL nukes SSLv3

• With their latest release, LibreSSL began to turn off SSLv3 support, starting with the “openssl” command
• At the time, SSLv3 wasn’t disabled entirely because of some things in the OpenBSD ports tree requiring it (apache being one odd example)
• They’ve now flipped the switch, and the process of complete removal has started
• From the Undeadly summary, “This is an important step for the security of the LibreSSL library and, by extension, the ports tree. It does, however, require lots of testing of the resulting packages, as some of the fallout may be at runtime (so not detected during the build). That is part of why this is committed at this point during the release cycle: it gives the community more time to test packages and report issues so that these can be fixed. When these fixes are then pushed upstream, the entire software ecosystem will benefit. In short: you know what to do!”
• With this change and a few more to follow shortly, LibreSSL won’t actually support SSL anymore – time to rename it “LibreTLS”

FreeBSD MPTCP updated

• For anyone unaware, Multipath TCP is “an ongoing effort of the Internet Engineering Task Force’s (IETF) Multipath TCP working group, that aims at allowing a Transmission Control Protocol (TCP) connection to use multiple paths to maximize resource usage and increase redundancy.”
• There’s been work out of an Australian university to add support for it to the FreeBSD kernel, and the patchset was recently updated
• Including in this latest version is an overview of the protocol, how to get it compiled in, current features and limitations and some info about the routing requirements
• Some big performance gains can be had with MPTCP, but only if both the client and server systems support it – getting it into the FreeBSD kernel would be a good start

UEFI and GPT in OpenBSD

• There hasn’t been much fanfare about it yet, but some initial UEFI and GPT-related commits have been creeping into OpenBSD recently
• Some support for UEFI booting has landed in the kernel, and more bits are being slowly enabled after review
• This comes along with a number of other commits related to GPT, much of which is being refactored and slowly reintroduced
• Currently, you have to do some disklabel wizardry to bypass the MBR limit and access more than 2TB of space on a single drive, but it should “just work” with GPT (once everything’s in)
• The UEFI bootloader support has been committed, so stay tuned for more updates as further progress is made

Feedback/Questions

• John writes in
• Mason writes in
• Earl writes in

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• BSD Now anniversary shirts are no longer available, and should be shipping out very soon (if they haven’t already) – big thanks to everyone who bought one (183 sold!)
• This week is the last episode written/organized by TJ

The post Virginia BSD Assembly | BSD Now 105 first appeared on Jupiter Broadcasting.

Allan’s away at BSDCam this week, but we’ve still got an exciting episode for you. We sat down with Bryan Cantrill, CTO of Joyent, to talk about a wide variety of topics: dtrace, ZFS, pkgsrc, containers & much more. This is easily our longest interview to date!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Interview – Bryan Cantrill – bryan@joyent.com / @bcantrill

BSD and Solaris history, illumos, dtrace, Joyent, pkgsrc, various topics

Feedback/Questions

• Randy writes in
• Jared writes in
• Steve writes in

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• BSD Now tshirts are now available to preorder, and will be shipping in September (you have until the end of August to place an order, then they’re gone)
• We’ll be back next week with a normal episode

The post Ubuntu Slaughters Kittens | BSD Now 103 first appeared on Jupiter Broadcasting.

We’ve finally reached a hundred episodes, and this week we’ll be talking to Sebastian Wiedenroth about pkgsrc. Though originally a NetBSD project, now it runs pretty much everywhere & he even runs a conference about it!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

Remote DoS in the TCP stack

• A pretty devious bug in the BSD network stack has been making its rounds for a while now, allowing remote attackers to exhaust the resources of a system with nothing more than TCP connections
• While in the LAST_ACK state, which is one of the final stages of a connection’s lifetime, the connection can get stuck and hang there indefinitely
• This problem has a slightly confusing history that involves different fixes at different points in time from different people
• Juniper originally discovered the bug and announced a fix for their proprietary networking gear on June 8th
• On June 29th, FreeBSD caught wind of it and fixed the bug in their -current branch, but did not issue a security notice or MFC the fix back to the -stable branches
• On July 13th, two weeks later, OpenBSD fixed the issue in their -current branch with a slightly different patch, citing the FreeBSD revision from which the problem was found
• Immediately afterwards, they merged it back to -stable and issued an errata notice for 5.7 and 5.6
• On July 21st, three weeks after their original fix, FreeBSD committed yet another slightly different fix and issued a security notice for the problem (which didn’t include the first fix)
• After the second fix from FreeBSD, OpenBSD gave them both another look and found their single fix to be sufficient, covering the timer issue in a more general way
• NetBSD confirmed they were vulnerable too, and applied another completely different fix to -current on July 24th, but haven’t released a security notice yet
• DragonFly is also investigating the issue now to see if they’re affected as well

c2k15 hackathon reports

• Reports from OpenBSD’s latest hackathon, held in Calgary this time, are starting to roll in (there were over 40 devs there, so we might see a lot more of these)
• The first one, from Ingo Schwarze, talks about some of the mandoc work he did at the event
• He writes, “Did you ever look at a huge page in man, wanted to jump to the definition of a specific term – say, in ksh, to the definition of the “command” built-in command – and had to step through dozens of false positives with the less ‘/’ and ‘n’ search keys before you finally found the actual definition?”
• With mandoc’s new internal jump targets, this is a problem of the past now
• Jasper also sent in a report, doing his usual work with Puppet (and specifically “Facter,” a tool used by Puppet to gather various bits of system information)
• Aside from that and various ports-related work, Jasper worked on adding tame support to some userland tools, fixing some Octeon stuff and introduced something that OpenBSD has oddly lacked until now: an “-i” flag for sed (hooray!)
• Antoine Jacoutot gave a report on what he did at the hackathon as well, including improvements to the rcctl tool (for configuring startup services)
• It now has an “ls” subcommand with status parsing, allowing you to list running services, stopped services or even ones that failed to start or are supposed to be running (he calls this “the poor man’s service monitoring tool”)
• He also reworked some of the rc.d system to allow smoother operation of multiple instances of the same daemon to run (using tor with different config files as an example)
• His list also included updating ports, updating ports documentation, updating the hotplug daemon and laying out some plans for automatic sysmerge for future upgrades
• Foundation director Ken Westerback was also there, getting some disk-related and laptop work done
• He cleaned up and committed the 4k sector softraid code that he’d been working on, as well as fixing some trackpad issues
• Stefan Sperling, OpenBSD’s token “wireless guy,” had a lot to say about the hackathon and what he did there (and even sent in his write-up before he got home)
• He taught tcpdump about some new things, including 802.11n metadata beacons (there’s a lot more specific detail about this one in the report)
• Bringing a bag full of USB wireless devices with him, he set out to get the unsupported ones working, as well as fix some driver bugs in the ones that already did work
• One quote from Stefan’s report that a lot of people seem to be talking about: “Partway through the hackathon tedu proposed an old diff of his to make our base ls utility display multi-byte characters. This led to a long discussion about how to expand UTF-8 support in base. The conclusion so far indicates that single-byte locales (such as ISO-8859-1 and KOI-8) will be removed from the base OS after the 5.8 release is cut. This simplifies things because the whole system only has to care about a single character encoding. We’ll then have a full release cycle to bring UTF-8 support to more base system utilities such as vi, ksh, and mg. To help with this plan, I started organizing a UTF-8-focused hackathon for some time later this year.”
• Jeremy Evans wrote in to talk about updating lots of ports, moving the ruby ports up to the latest version and also creating perl and ruby wrappers for the new tame subsystem
• While he’s mainly a ports guy, he got to commit fixes to ports, the base system and even the kernel during the hackathon
• Rafael Zalamena, who got commit access at the event, gives his very first report on his networking-related hackathon activities
• With Rafael’s diffs and help from a couple other developers, OpenBSD now has support for VPLS
• Jonathan Gray got a lot done in the area of graphics, working on OpenGL and Mesa, updating libdrm and even working with upstream projects to remove some GNU-specific code
• As he’s become somewhat known for, Jonathan was also busy running three things in the background: clang’s fuzzer, cppcheck and AFL (looking for any potential crashes to fix)
• Martin Pieuchot gave an write-up on his experience: “I always though that hackathons were the best place to write code, but what’s even more important is that they are the best (well actually only) moment where one can discuss and coordinate projects with other developers IRL. And that’s what I did.”
• He laid out some plans for the wireless stack, discussed future plans for PF, made some routing table improvements and did various other bits to the network stack
• Unfortunately, most of Martin’s secret plans seem to have been left intentionally vague, and will start to take form in the next release cycle
• We’re still eagerly awaiting a report from one of OpenBSD’s newest developers, Alexandr Nedvedicky (the Oracle guy who’s working on SMP PF and some other PF fixes)
• OpenBSD 5.8’s “beta” status was recently reverted, with the message “take that as a hint,” so that may mean more big changes are still to come…

FreeBSD quarterly status report

• FreeBSD has published their quarterly status report for the months of April to June, citing it to be the largest one so far
• It’s broken down into a number of sections: team reports, projects, kernel, architectures, userland programs, ports, documentation, Google Summer of Code and miscellaneous others
• Starting off with the cluster admin, some machines were moved to the datacenter at New York Internet, email services are now more resilient to failure, the svn mirrors (now just “svn.freebsd.org”) are now using GeoGNS with official SSL certs and general redundancy was increased
• In the release engineering space, ARM and ARM64 work continues to improve on the Cavium ThunderX, more focus is being put into cloud platforms and the 10.2-RELEASE cycle is reaching its final stages
• The core team has been working on phabricator, the fancy review system, and is considering to integrate oauth support soon
• Work also continues on bhyve, and more operating systems are slowly gaining support (including the much-rumored Windows Server 2012)
• The report also covers recent developments in the Linux emulation layer, and encourages people using 11-CURRENT to help test out the 64bit support
• Multipath TCP was also a hot topic, and there’s a brief summary of the current status on that patch (it will be available publicly soon)
• ZFSguru, a project we haven’t talked about a lot, also gets some attention in the report – version 0.3 is set to be completed in early August
• PCIe hotplug support is also mentioned, though it’s still in the development stages (basic hot-swap functions are working though)
• The official binary packages are now built more frequently than before with the help of additional hardware, so AMD64 and i386 users will have fresher ports without the need for compiling
• Various other small updates on specific areas of ports (KDE, XFCE, X11…) are also included in the report
• Documentation is a strong focus as always, a number of new documentation committers were added and some of the translations have been improved a lot
• Many other topics were covered, including foundation updates, conference plans, pkgsrc support in pkgng, ZFS support for UEFI boot and much more

The OpenSSH bug that wasn’t

• There’s been a lot of discussion about a supposed flaw in OpenSSH, allowing attackers to substantially amplify the number of password attempts they can try per session (without leaving any abnormal log traces, even)
• There’s no actual exploit to speak of; this bug would only help someone get more bruteforce tries in with a fewer number of connections
• FreeBSD in its default configuration, with PAM and ChallengeResponseAuthentication enabled, was the only one vulnerable to the problem – not upstream OpenSSH, nor any of the other BSDs, and not even the majority of Linux distros
• If you disable all forms of authentication except public keys, like you’re supposed to, then this is also not a big deal for FreeBSD systems
• Realistically speaking, it’s more of a PAM bug than anything else
• OpenSSH added an additional check for this type of setup that will be in 7.0, but simply changing your sshd_config is enough to mitigate the issue for now on FreeBSD (or you can run freebsd-update)

Interview – Sebastian Wiedenroth – wiedi@netbsd.org / @wied0r

pkgsrc and pkgsrcCon

News Roundup

Now served by OpenBSD

• We’ve mentioned that you can also install OpenBSD on DO droplets, and this blog post is about someone who actually did it
• The use case for the author was for a webserver, so he decided to try out the httpd in base
• Configuration is ridiculously simple, and the config file in his example provides an HTTPS-only webserver, with plaintext requests automatically redirecting
• TLS 1.2 by default, strong ciphers with LibreSSL and HSTS combined give you a pretty secure web server

FreeBSD laptop playbooks

• A new project has started up on Github for configuring FreeBSD on various laptops, unsurprisingly named “freebsd-laptops”
• It’s based on ansible, and uses the playbook format for automatic set up and configuration
• Right now, it’s only working on a single Lenovo laptop, but the plan is to add instructions for many more models
• Check the Github page for instructions on how to get started, and maybe get involved if you’re running FreeBSD on a laptop

NetBSD on the NVIDIA Jetson TK1

• If you’ve never heard of the Jetson TK1, we can go ahead and spoil the secret here: NetBSD runs on it
• As for the specs, it has a quad-core ARMv7 CPU at 2.3GHz, 2 gigs of RAM, gigabit ethernet, SATA, HDMI and mini-PCIE
• This blog post shows which parts of the board are working with NetBSD -current (which seems to be almost everything)
• You can even run X11 on it, pretty sweet

DragonFly power mangement options

• DragonFly developer Sepherosa, who we’ve had on the show, has been doing some ACPI work over there
• In this email, he presents some of DragonFly’s different power management options: ACPI P-states, C-states, mwait C-states and some Intel-specific bits as well
• He also did some testing with each of them and gave his findings about power saving
• If you’ve been thinking about running DragonFly on a laptop, this would be a good one to read

OpenBSD router under FreeBSD bhyve

• If one BSD just isn’t enough for you, and you’ve only got one machine, why not run two at once
• This article talks about taking a FreeBSD server running bhyve and making a virtualized OpenBSD router with it
• If you’ve been considering switching over your router at home or the office, doing it in a virtual machine is a good way to test the waters before committing to real hardware
• The author also includes a little bit of history on how he got into both operating systems
• There are lots of mixed opinions about virtualizing core network components, so we’ll leave it up to you to do your research
• Of course, the next logical step is to put that bhyve host under Xen on NetBSD…

Feedback/Questions

• Kevin writes in
• Logan writes in
• Peter writes in
• Randy writes in

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• We’re always looking for interviews – get in touch if you’re doing anything cool with BSD that you’d like to talk about (or want to suggest someone else)

The post Straight from the Src | BSD Now 100 first appeared on Jupiter Broadcasting.

Another major flaw in consumer routers needs patched ASAP, the tech of sending messages via tone comes to Chrome & Popcorn Hour lands in your web browser, but there’s a major catch.

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Video Feed | Torrent Feed

Become a supporter on Patreon

Show Notes:

Critical vulnerability in NetUSB driver exposes millions of routers to hacking | PCWorld

Millions of routers and other embedded devices are affected by a serious vulnerability that could allow hackers to compromise them.

The vulnerability is located in a service called NetUSB, which lets devices connected over USB to a computer be shared with other machines on a local network or the Internet via IP (Internet Protocol). The shared devices can be printers, webcams, thumb drives, external hard disks and more.

NetUSB is implemented in Linux-based embedded systems, such as routers, as a kernel driver. The driver is developed by Taiwan-based KCodes Technology. Once enabled, it opens a server that listens on TCP port 20005 for connecting clients.

Security researchers from a company called Sec Consult found that if a connecting computer has a name longer than 64 characters, a stack buffer overflow is triggered in the NetUSB service. If exploited, this kind of vulnerability can result in remote code execution or denial of service.

Since the NetUSB service code runs in kernel mode, attackers who exploit the flaw could gain the ability to execute malicious code on the affected devices with the highest possible privilege, the Sec Consult researchers said in a blog post Tuesday.

Many vendors integrate NetUSB into their products, but have different names for it. For example, Netgear calls the feature ReadySHARE, while others simply call it print sharing or USB share port.

Google Is Close to Unveiling New Web Photo Service – Bloomberg Business

The new photo tool, which will let users post images to Facebook Inc. and Twitter Inc., will probably be unveiled at Google’s annual software developers conference in San Francisco later this month, said the people, who asked not to be identified because the matter is private.

Google Tone is a Chrome extension for sharing URLs with nearby computers using sound | VentureBeat | Dev | by Paul Sawers

To try the feature, all computers must first have the Google Tone Chrome extension installed and be within reasonable earshot of each other. Then, when you’re on a webpage you’d like to share, hit the little Google Tone tab in your browser and you’ll hear a little succession of beeps — not too dissimilar to an old ZX Spectrum computer loading a game. Nearby machines receive a notification with the sender’s Google profile and picture embedded within the message, and the user can choose to open the URL on their own PC.

• Chirp.io

You Can Now Use ‘Netflix for Torrents’ Popcorn Time in Your Browser

The new website, at PopcornInYourBroswer.net, provides much the same service as Popcorn Time always has. Just now it’s in your browser.

• Time4Popcorn (popcorn-time.se) now includes Adware. Do not install it and help spread the word.

The post Browser Pirates | Tech Talk Today 173 first appeared on Jupiter Broadcasting.

We’ll tell you about a major German hack that lasted 12 years, and struck over 300 business. Plus researchers discover a nasty Android bug that impacts over 70% of users.

Then it’s a great big batch of your networking questions, our answers & much much more!

Thanks to:

Become a supporter on Patreon:

— Show Notes: —

Operation Harkonnen, a 12 year long intrusion to over 300 businesses

• “From 2002 a German cybercrime network performed numerous targeted penetrations to over 300 organizations, including tier one commercial companies, government institutions, research laboratories and critical infrastructure facilities in the German speaking countries. The attackers planted Trojans in specific workstations in the organizations, gained access to sensitive confidential documents and information and silently exfiltrating them to the organizations who ordered the attack”
• “Once embedded in the system the files started to send data from the target computer to an external domain. The analysis revealed the domain was registered by a UK company, with the exact address and contact details of 833 other companies, most of which are already dissolved”
• “The British relatively tolerant requirements to purchasing SSL security certificates were exploited by the network to create pseudo legitimate Internet service names and to use them to camouflage their fraudulent activity”
• Specifically, it is quite easy to establish a new company in England
• It is estimated that the attackers spent as much as $150,000 establishing fake companies, and arming them with domains and SSL certificates in order to make their spear-phishing campaign appear more legitimate
• “The discovery happened at a leading, 30 year old, 300 employees’ German organization that holds extremely sensitive information with a strategic value to many adverse organizations and countries. The organizational network contains 5 domains with complex architecture of multiple network segments and sites, connected through VPN.“
• Additional Coverage: TheHackerNews

Researcher finds same-origin-policy bypass for Android browser, allows attacker to read your browser tabs

• Android versions before 4.4 (75% of all current Android phones) are vulnerable
• CVE-2014-6041, and was disclosed on September 1, 2014 by Rafay Baloch on his blog.
• By malforming a javascript: URL handler with a prepended null byte, an attacker can avoid the Android Open Source Platform (AOSP) Browser’s Same-Origin Policy (SOP) browser security control.
• What this means is, any arbitrary website (say, one controlled by a spammer or a spy) can peek into the contents of any other web page.
• The attacker could scrape your e-mail data and see what your browser sees.
• Or snag a copy of your session cookie and hijack your session completely, and read and write webmail on your behalf.
• As part of its attempts to gain more control over Android, Google has discontinued the AOSP Browser.
• Android Browser used to be the default browser on Google, but this changed in Android 4.2, when Google switched to Chrome.
• The core parts of Android Browser were still used to power embedded Web view controls within applications, this changed in Android 4.4, when it switched to a Chromium-based browser engine.
• Users of Android 4.0 and up can avoid much of the exposure by switching to Chrome, Firefox, or Opera, none of which should use the broken code.
• Update: Google has offered the following statement:

We have reviewed this report and Android users running Chrome as their browser, or those who are on Android 4.4+ are not affected. For earlier versions of Android, we have already released patches (1, 2) to AOSP.

• Additional Coverage: ThreatPost
• Additional Coverage: Rapid7, includes metasploit module

Feedback:

• Where do you Apply Network Qos?

• Where are packets going?

• Double Trouble NAT

• Unsafe internet of things (IoT) devices

Round Up:

• Yet Another Reason Containers Don’t Contain: Kernel Keyrings
• Micron announces new 16nm SSD chips, only $0.45/GB, dynamically programmable as SLC or MLC
• What Exactly Is the Facebook Messenger App for iOS Tracking?
• Citadel banking trojan repurposed in attack against middle eastern oil companies
• Apple’s “warrant canary” disappears, suggesting new Patriot Act demands
• Details emerge about Home Depot hack, malware attempted to look like McAfee PoS protection system, looks like different attackers than Target
• The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) disclosed four different remotely exploitable vulnerabilities in IntegraXor, a popular SCADA server
  

The post Bait and Phish | TechSNAP 181 first appeared on Jupiter Broadcasting.

We look back at how the Internet was born, from its humble beginnings and clunky interfaces to the first podcaster and creator of Internet Radio.

Plus who created the first packet switching network, developed TCP/IP and why.

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

ARPANET – Advanced Research Projects Agency Network

The Advanced Research Projects Agency Network (ARPANET) was one of the world’s first operational packet switching networks, the first network to implement TCP/IP, and the progenitor of what was to become the global Internet. The network was initially funded by the Advanced Research Projects Agency (ARPA, later DARPA) within the U.S. Department of Defense for use by its projects at universities and research laboratories in the US. The packet switching of the ARPANET, together with TCP/IP, would form the backbone of how the Internet works. The packet switching was based on concepts and designs by American engineer Paul Baran, Welsh scientist Donald Davies[1][2] and Lawrence Roberts of the Lincoln Laboratory.[3] The TCP/IP communication protocols were developed for ARPANET by computer scientists Robert Kahn and Vinton Cerf, and also incorporated some designs from Louis Pouzin.

Happy birthday, Mosaic: 21 years of the graphical web browsert

Mosaic was the first truly popular web browser.

That’s not to say that Mosaic was easy to use. It wasn’t. In the early to mid 1990s, simply getting on the internet was still something of a black art. Windows, for example, didn’t natively support the internet’s fundamental protocol, TCP/IP, until Windows 95 appeared. If you wanted TCP/IP on Windows before that, you needed to use the arcane but absolutely vital Trumpet Winsocket program, and find an internet service provider (ISP).

NeXT Computers’ Role In the Creation of the Web Browser

A NeXT Computer and its object oriented development tools and libraries were used by Tim Berners-Lee and Robert Cailliau at CERN to develop the world’s first web server software, CERN HTTPd, and also used to write the first web browser, WorldWideWeb.

Gopher protocol

The Gopher protocol /ˈɡoʊfər/ is a TCP/IP application layer protocol designed for distributing, searching, and retrieving documents over the Internet. The Gopher protocol was strongly oriented towards a menu-document design and presented an alternative to the World Wide Web in its early stages, but ultimately HTTP became the dominant protocol. The Gopher ecosystem is often regarded as the effective predecessor of the World Wide Web.

How Did Internet Radio Start?

Carl Malamud founded the first Internet-only radio station, The Internet Multicasting Service (IMS), in 1993. IMS broadcasted from offices at the National Press Club Building in Washington, D.C. A non-profit organization, IMS depended largely on charitable contributions for its budget.

IMS started broadcasting in 1994, offering several hours of weekly programs including a “Geek of the Week” interview feature, an audio feed from Monitor Radio and CBC News, speeches from the floor of Congress and performances from the Kennedy Center. IMS later expanded to include an online presence for groups ranging from the National Press Club to the Red Sage Restaurant and City Lights Books.

Like many other Internet offerings, IMS pushed the limits of public access to government information by offering patent documents and filings with the Securities and Exchange Commission online and at no charge. By 1995, IMS expanded its offerings and broadcast 24 hours a day, 7 days a week.

Unfortunately, in 1996, IMS shut down. Visitors to the IMS web page will see broadcast concluded because “we finished our work and disbanded on April 1, 1996.” Malamud said the organization had run out of money and he wanted to get back to working on the net. “Now there are craftsmen out there who know their tools much better than I do,” Malamud said in an interview with John Schwartz. But IMS made its mark on the Internet. By the time it disbanded, Internet radio stations were numerous and many more would arrive.

The post The Internet’s Humble Beginnings | Tech Talk Today 31 first appeared on Jupiter Broadcasting.

Find out how an entire cities infrastructure depended on a single building, and what happened when it exploded.

Plus the technical details on Android’s security upgrade, the Apple Appstore payment bypass, and some great audience questions.

All that and a lot more, on today’s TechSNAP!

Thanks to:

Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

Pick your code and save:
techsnap7: $7.49 .com
techsnap10: 10% off
techsnap11: $1.99 hosting for the first 3 months
techsnap20: 20% off 1, 2, 3 year hosting plans
techsnap40: $10 off $40
techsnap25: 25% off new Virtual DataCenter plans
techsnapx: 20% off .xxx domains

 

Limited time offers:
$3.99 .US domain!
Code:  399us4

Support the Show:

   

Show Notes: