Show Notes: linuxunplugged.com/452

The post Synapse Collapse | LINUX Unplugged 452 first appeared on Jupiter Broadcasting.

We go hands on with Linux Mint 18, then discuss the latest batch of desktop killers & Wimpy’s new rig. Plus what makes Mattermost really great, a new new universal package format, the confusing things Red Hat says & we get to know WireGuard!

• Get Paid to Write for DigitalOcean

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed | WebM Torrent Feed

Become a supporter on Patreon:

Show Notes:

Follow Up / Catch Up

Mattermost does open source the right way.

Mattermost is doing it the right way: designing and building a beautiful user experience, and backing it up with the awesomeness of open source. Now you can make your users happy, and benefit from the four freedoms… that’s the way to do it.

• Sean Fennell / mmsetup · GitLab

This script will take a clean Ubuntu 14.04 server on Digital Ocean and set it up to be used as a Mattermost server. It also takes care of securing the server.

Help lower prices with #ubunut76 tweets! 2 days to get them in! You can get up to $350 off https://t.co/jnDUHaBFse pic.twitter.com/R3CL767ZsX

— System76 (@system76) June 28, 2016

A New Ubuntu Phone Is In Development

Midori is the name of a nimble WebKit-based web browser — but might it also be the codename for a new Ubuntu Phone?

Reader Richard S — and big thanks to you Richard! — pointed us to bug #1551811. This bug mentions the device codename ‘Midori’ with regards to a ‘trust prompt’ issue that causes a reboot on the MX4 and the mystery new handset.

A quick Google shows that the codename ‘Midori’ is in keeping with the codenames of previous Ubuntu devices, as it is, is once again, based on a character from the Dragon Ball franchise

TING

• Ting – mobile that makes sense

Next-Generation Secure Network Tunnel Announced For The Linux Kernel

It’s much simpler than anything before it, with peers exchanging short Curve25519 public keys just like in SSH. Secure network interfaces can be added and removed using the usual ‘ip-link’ and ‘ip-address’ tools. From there, everything is easily taken care of by the kernel, and secure tunnels are made quite simple. Not only that, but the performance is in fact better than IPsec, which is quite the accomplishment.”

• WireGuard: fast, modern, secure VPN tunnel

• A new VPN protocol and implementation for Linux.

Disclosure, I’ve reviewed various versions of the kernel code, over the past few months, and it seems sane, but note I am not a kernel networking developer :)

What is subuser?

Docker provides an isolated and consistent environment for your programs to run in. Subuser gives your desktop programs access to the resources they need in order to function normally.

Microsoft Announces Open .NET Core 1.0 at Red Hat Summit

Microsoft announced the moves at, of all places, Red Hat Summit. Why would that happen? One of the motivations in open sourcing .NET and other platform tools is to build bridges between .NET infrastructure tools and Linux

Microsoft: Nearly One In Three Azure Virtual Machines Now Are Running Linux

Russinovich said, Microsoft has gone from one in four of its Azure virtual machines running Linux to nearly one in three. The other two-thirds of Azure customers are running Windows Server in their virtual machines.

DigitalOcean

• DigitalOcean: SSD Cloud Server, VPS Server, Simple Cloud Hosting

Linux Mint 18 Cinnamon and MATE Editions Are Now Available for Download

Thanks to one of our regular readers who constantly monitored the development progress of the Linux Mint 18 operating systems, we’ve been informed that the final ISO images are now available for download for both Cinnamon and MATE editions.

New features in Linux Mint 18 Cinnamon

Linux Mint 18 is a long term support release which will be supported until 2021. It comes with updated software and brings refinements and many new features to make your desktop experience more comfortable to use.

• ISO Downloads

Linux Academy

• Linux Academy | Linux and AWS Online Training

Is The Linux Desktop Dead?

All hail our new overlords the mobile, the portable, and slim. With high-end devices like the NUC redefining what it means to be a desktop computer, and mobiles massive market share, and now the latest crop of “desktop killer” laptops make us question how many of us will be running Linux on a “traditional desktop” in 10 years?

• Entroware will soon be announcing a new laptop and I had the privilege of na…

Entroware will soon be announcing a new laptop and I had the privilege of naming her! The Entroware Athena will soon be available for purchase, pre-installed with either Ubuntu 16.04 LTS or Ubuntu MATE 16.04 LTS.

Athena

Athena is available now, with either 15“ or 17″ screen, two Intel i7 CPU options, nvidia 970M or 980M GPU, upto 64GB RAM, 2x M.2, 2x SATA and comes pre-installed with either Ubuntu or Ubuntu MATE

Oryx Pro – System76

• System76 on Twitter: “Help lower prices with #ubunut76 tweets!

Support Jupiter Broadcasting on Patreon

The post Universal Divide | LINUX Unplugged 151 first appeared on Jupiter Broadcasting.

Coming up this week, we’ve got something a little bit different for you. We’ll be talking with Andrew Tanenbaum, the creator of MINIX. They’ve recently imported parts of NetBSD into their OS, and we’ll find out how and why that came about. As always, all the latest news and answers to your emails, on BSD Now – the place to B.. SD.

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

The missing EuroBSDCon videos

• Some of the missing videos from EuroBSDCon 2014 we mentioned before have mysteriously appeared
• Jordan Hubbard, FreeBSD, looking forward to another 10 years
• Lourival Viera Neto, NFS scripting with Lua
• Kris Moore, Snapshots, replication and boot environments
• Andy Tanenbaum, A reimplementation of NetBSD based on a microkernel
• Kirk McKusick, An introduction to FreeBSD’s implementation of ZFS
• Emannuel Dreyfus, FUSE and beyond, bridging filesystems
• John-Mark Gurney, Optimizing GELI performance
• Unfortunately, there are still about six talks missing… and no ETA

FreeBSD on a MacBook Pro (or two)

• We’ve got a couple posts about running FreeBSD on a MacBook Pro this week
• In the first one, the author talks a bit about trying to run Linux on his laptop for quite a while, going back and forth between it and something that Just Works
• Eventually he came full circle, and the focus on using only GUI tools got in the way, instead of making things easier
• He works on a lot of FreeBSD-related software, so switching to it for a desktop seems to be the obvious next step
• He’s still not quite to that point yet, but documents his experiments with BSD as a desktop
• The second article also documents an ex-Linux user switching over to BSD for their desktop
• It also covers power management, bluetooth and trackpad setup
• On the topic of Gentoo, “Underneath the beautiful and easy-to-use Portage system lies the same glibc, the same turmoil over a switch to a less-than-ideal init system, and the same kernel-level bugs that bring my productivity down”
• Check out both articles if you’ve been considering running FreeBSD on a MacBook

Remote logging over TLS

• In most of the BSDs, syslogd has been able to remotely send logs to another server for a long time
• That feature can be very useful, especially for forensics purposes – it’s much harder for an attacker to hide their activities if the logs aren’t on the same server
• The problem is, of course, that it’s sent in cleartext, unless you tunnel it over SSH or use some kind of third party wrapper
• With a few recent commits, OpenBSD’s syslogd now supports sending logs over TLS natively, including X509 certificate verification
• By default, syslogd runs as an unprivileged user in a chroot on OpenBSD, so there were some initial concerns about certificate verification – how does that user access the CA chain outside of the chroot?
• That problem was also conquered, by loading the CA chain directly from memory, so the entire process can be run in the chroot without issue
• Some of the privsep verifcation code even made its way into LibreSSL right afterwards
• If you haven’t set up remote logging before, now might be an interesting time to try it out

FreeBSD, not a Linux distro

• George Neville-Neil gave a presentation recently, titled “FreeBSD: not a Linux distro”
• It’s meant to be an introduction to new users that might’ve heard about FreeBSD, but aren’t familiar with any BSD history
• He goes through some of that history, and talks about what FreeBSD is and why you might want to use it over other options
• There’s even an interesting “thirty years in three minutes” segment
• It’s not just a history lesson though, he talks about some of the current features and even some new things coming in the next version(s)
• We also learn about filesystems, jails, capsicum, clang, dtrace and the various big companies using FreeBSD in their products
• This might be a good video to show your friends or potential employer if you’re looking to introduce FreeBSD to them

Long-term support considered harmful

• There was recently a pretty horrible bug in GNU’s libc (BSDs aren’t affected, don’t worry)
• Aside from the severity of the actual problem, the fix was delayed for quite a long time, leaving people vulnerable
• Ted Unangst writes a post about how this idea of long-term support could actually be harmful in the long run, and compares it to how OpenBSD does things
• OpenBSD releases a new version every six months, and only the two most recent releases get support and security fixes
• He describes this as both a good thing and a bad thing: all the bugs in the ecosystem get flushed out within a year, but it forces people to stay (relatively) up-to-date
• “Upgrades only get harder and more painful (and more fragile) the longer one goes between them. More changes, more damage. Frequent upgrades amortize the cost and ensure that regressions are caught early.”
• There was also some discussion about the article on Hacker News

Interview – Andrew Tanenbaum – info@minix3.org / @minix3

MINIX’s integration of NetBSD

News Roundup

Using AFL on OpenBSD

• We’ve talked about American Fuzzy Lop a bit on a previous episode, and how some OpenBSD devs are using it to catch and fix new bugs
• Undeadly has a cool guide on how you can get started with fuzzing
• It’s a little on the advanced side, but if you’re interested in programming or diagnosing crashes, it’ll be a really interesting article to read
• Lots of recent CVEs in other open source projects are attributed to fuzzing – it’s a great way to stress test your software

Lumina 0.8.1 released

• A new version of Lumina, the BSD-licensed desktop environment from PCBSD, has been released
• This update includes some new plugins, lots of bugfixes and even “quality-of-life improvements”
• There’s a new audio player desktop plugin, a button to easily minimize all windows at once and some cool new customization options
• You can get it in PCBSD’s edge repo or install it through regular ports (on FreeBSD, OpenBSD or DragonFly!)
• If you haven’t seen our episode about Lumina, where we interview the developer and show you a tour of its features, gotta go watch it

My first OpenBSD port

• The author of the “Code Rot & Why I Chose OpenBSD” article has a new post up, this time about ports
• He recently made his first port and got it into the tree, so he talks about the whole process from start to finish
• After learning some of the basics and becoming comfortable running -current, he noticed there wasn’t a port for the “Otter” web browser
• At that point he did what you’re supposed to do in that situation, and started working on it himself
• OpenBSD has a great porter’s handbook that he referenced throughout the process
• Long story short, his browser of choice is in the official ports collection and now he’s the maintainer (and gets to deal with any bug reports, of course)
• If some software you use isn’t available for whatever BSD you’re using, you could be the one to make it happen

How to slide with DragonFly

• DragonFly BSD has a new HAMMER FS utility called “Slider”
• It’s used to easily browse through file history and undelete files – imagine something like a commandline version of Apple’s Time Machine
• They have a pretty comprehensive guide on how to use it on their wiki page
• If you’re using HAMMER FS, this is a really handy tool to have, check it out

OpenSMTPD with Dovecot and Salt

• We recently had a feedback question about which mail servers you can use on BSD – Postfix, Exim and OpenSMTPD being the big three
• This blog post details how to set up OpenSMTPD, including Dovecot for IMAP and Salt for quick and easy deployment
• Intrigued by it becoming the default MTA in OpenBSD, the author decided to give it a try after being a long-time Postfix fan
• “Small, fast, stable, and very easy to customize, no more ugly m4 macros to deal with”
• Check it out if you’ve been thinking about configuring your first mail server on any of the BSDs

Feedback/Questions

• Christopher writes in
  • Mergemaster with EZJail
• Mark writes in
• Kevin writes in
• Stefano writes in
• Matthew writes in

Mailing List Gold

• Not that interested actually
• This guy again
• Yep, this is the place

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• Also send us your ideas for the new discussion segment – we might start that either next week or the week after, depending on how much feedback we get about it (which has been almost none so far)
• We’d love to get more emails from the listeners in general
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)

The post That Sly MINIX | BSD Now 74 first appeared on Jupiter Broadcasting.

With Bedrock Linux you are longer restricted to any single Linux distro’s userland. Mix CentOS, Arch, Debian, Ubuntu and more all on the same installation! You can have your cake and eat it too! Want X11 from Debian and Chromium from Arch? No problem! We’ll show you how Bedrock Linux makes it all possible.

Plus: A new round of SSL vulnerabilities strike Linux, the FSF helps you encrypt your emails and a quick steam roundup…

AND SO MUCH MORE!

All this week on, The Linux Action Show!

Thanks to:

Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | Ogg Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Feed | Ogg Feed | iTunes Feeds | Torrent Feed

— Show Notes: —

Bedrock Linux:

Brought to you by: System76

Bedrock Linux

• Bedrock Linux 1.0alpha4 Flopsie

Bedrock Linux is a Linux distribution created with the aim of making most of the (often seemingly mutually-exclusive) benefits of various other Linux distributions available simultaneously and transparently.

If one would like a rock-solid stable base (for example, from Debian or a RHEL clone) yet still have easy access to cutting-edge packages (from, say, Arch Linux), automate compiling packages with Gentoo\’s portage, and ensure that software aimed only for the ever popular Ubuntu will run smoothly – all at the same time, in the same distribution – Bedrock Linux will provide a means to achieve this.

Bedrock Linux: Introduction

brc (\”BedRock Chroot\”)

_brc__provides the ability to run commands in clients, properly chrooting to
avoid conflicts. Once Bedrock Linux is properly set up, it will allow the user
to transparently run commands other__wise not available in a given client. For
example, if _firefox__is installed in a Arch client but not in a Debian client,
and a program from the Debian client tries to execute __firefox_, the Arch
_firefox__will be executed as though it were installed locally in Debian.

If __firefox__is installed in multiple clients (such as Arch and Fedora), and
the user would like to specify which is to run (rather than allowing Bedrock
Linux to chose the default), one can explicitly call __brc_, like so: _brc
fedora firefox_._

If no command is given, brc will attempt to use the user\’s current $SHELL.
If the value of $SHELL is not available in the client it will fail.

Bedrock Linux presentation at Ohio Linuxfest 2012 – YouTube

The audio from the Bedrock Linux presentation at the Ohio Linuxfest 2012 was recorded; however, the video was not. For convenience this is played over the slides here. Sadly, no demos are visible here.

— Picks —

Runs Linux

OPI – Reclaim Your Digital Life

OPI is your private cloud with no third party eyes on your information. Still OPI will also allow you to share information with others, on your conditions.

• Private file and mail server gizmo runs Ubuntu

Desktop App Pick

Otter Browser

Otter Browser, project aiming to recreate classic Opera (12.x) UI using Qt5.

Weekly Spotlight

Tech Talk Today

HowTo Linux

Minimum Workspaces – GNOME Shell Extensions

— NEWS —

A New Round Of OpenSSL Vulnerabilities Discovered

• Heartbleed 2: OpenSSL Shows More Security Flaws

The latest flaw is less of a risk than Heartbleed, because it would require hackers to locate themselves between computers communicating, such as over a public Wi-Fi network.

• Heartbleed Redux: Another Gaping Wound in Web Encryption Uncovered | Threat Level | WIRED

The new attack does have other limitations: It can only be used when both ends of a connection are running OpenSSL. Most browsers use other SSL implementations and so aren’t affected, says Ivan Ristic, director of engineering at the security firm Qualys, though he adds that Android web clients likely do use the vulnerable code. Among servers, only those using more recent versions of SSL are affected–about 24 percent of the 150,000 servers that Qualys has scanned. He also warns that many VPNs may use OpenSSL and thus be vulnerable. “VPNs are a very juicy target,” Ristic says. “People who really care about security use them, and there’s likely to be sensitive data there.”

GnuTLS Flaw Leaves Many Linux Users Open To Attacks

A new flaw has been discovered in the GnuTLS cryptographic library that ships with several popular Linux distributions and hundreds of software implementations. According to the bug report, \”A malicious server could use this flaw to send an excessively long session id value and trigger a buffer overflow in a connecting TLS/SSL client using GnuTLS, causing it to crash or, possibly, execute arbitrary code.\” A patch is currently available, but it will take time for all of the software maintainers to implement it.
A lengthy technical analysis is available. \”There don\’t appear to be any obvious signs that an attack is under way, making it possible to exploit the vulnerability in surreptitious \”drive-by\” attacks. There are no reports that the vulnerability is actively being exploited in the wild.\”

Reset the Net with our email self-defense guide

Google Online Security Blog: Making end-to-end encryption easier to use

Today, we’re adding to that list the alpha version of a new tool. It’s called End-to-End and it’s a Chrome extension intended for users who need additional security

• end-to-end – End-To-End – Google Project Hosting

ChromeBrew: 3rd party package manager for Chrome OS.

Chromebooks with Chrome OS run a linux kernel – the only missing piece to use them as full-featured linux distro was gcc and make with their dependencies. Well, the piece isn\’t missing anymore. Say hello to chromebrew!

Steam Hits The Big 500 For Linux Games

• Steam Reached 500 Linux Games

That is one heck of a milestone isn\’t it? 500 Linux compatible games are now on Steam which is a pretty great number to point anyone at. No longer will people keep stating \”but Linux has no games\”

— Feedback —

• Texas Linux Fest 2014 JB Check-In

• South East Linux Fest 2014 JB Check-in

• June 13-14th
• q5sys will be giving away two RPi.
• Check in on the LAS sub thread, and say hi to q5sys at SELF.
• One on Friday, and one on Saturday.

• Also catch his talk 5:15-6:15: Puppy Linux Deconstructed: About all the technical wizardry behind puppy which makes it work like it does.

• Tech Talk Today launched!

• Support Tech Talk Today and JB on Patreon

• The Jolla – Imgur

— Chris\’ Stash —

• jupiterbroadcasting on Instagram

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— What’s Matt Doin? —

• Check out LINUX Unplugged
  +Are Ubuntu Derivatives a Bad Idea?
  +BattleBlock Theater – Part 3 | Geek And The Gamer

— Find us on Google+ —

• Chris
• Matt Hartley
• Jupiter Broadcasting’s Page

— Find us on Twitter —

• Chris – ChrisLAS
• Matt – matthartley

— Follow the network on Facebook: —

• Jupiter Broadcasting on Facebook

— Catch the show LIVE Sunday 10am Pacific / 1pm Eastern / 6pm UTC: —

• https://jblive.tv
• Network Calendar

The post Introducing Bedrock Linux | LAS 316 first appeared on Jupiter Broadcasting.