Show Notes: linuxunplugged.com/373

The post Your New Tools | LINUX Unplugged 373 first appeared on Jupiter Broadcasting.

Show Notes: linuxactionnews.com/155

The post Linux Action News 155 first appeared on Jupiter Broadcasting.

Show Notes: podcast.asknoahshow.com/65

The post Can This Be Virtualized? | Ask Noah 65 first appeared on Jupiter Broadcasting.

HD Video Feed | MP3 Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Mandiant researcher doxed by hackers

• HACKERS LEAK DATA FROM MANDIANT SECURITY RESEARCHER IN OPERATION #LEAKTHEANALYST

• The leaked data included more screenshots than documents. Images showed that the hackers might have gained access to the researcher’s Microsoft (Hotmail, OneDrive) and LinkedIn accounts. Earlier in the day, when Bleeping Computer was alerted of the leak, the researcher’s LinkedIn account had been defaced.

• No clear proof that anything more than a personal computer / personal accounts were breeched.

• Other news “sources” used headlines such as Hackers kick off #leaktheanalyst campaign by dumping data of $1bn security firm
  .

70,000 Memcached Servers Can Be Hacked Using Eight-Month-Old Flaws

• Original Talos blog post

• Background: January 2017, a series of Mongodb incidents wherein multiple competing groups were attacking the same servers which leads to the conclusion that there is no hope of actually recovering data, if there ever was in the first place.

• This prompted Talos to investigate memcached

Dan talks about upgrading ZFS arrays

• raidz arrays cannot be expanded. You have n devices; it stays N devices

• you can replace devices

• you can replace devices with bigger devices

• once they area all replaced, BANG, you have more space

• what options exist for replacing devices?

• Pull a drive, insert a new one, issue the zfs replace command.

• Insert a new drive, if you have space, issue the zfs replace command.

• But then Dan had a great idea the other night….

Feedback

• Hypervisor and ZFS setup for home

• PXE boot for imaging servers

• Cheap Managed Switch – Original question from Episode 318

Round Up:

• From the Netflix Technology Blog ChAP: Chaos Automation Platform

• Hacking Voting Machines at DEF CON 25

• real people’ don’t need end-to-end encryption

• FreeNAS 11.0 is Now Here

The post Netflix Lab Rats | TechSNAP 330 first appeared on Jupiter Broadcasting.

Venom is claimed to be the new Heartbleed threatening datacenters around the world but is it legit?

The new 4k Blu-Ray spec is revealed & the YotaPhone 2 with an E-ink display back is coming to a country near you!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Video Feed | Torrent Feed

Become a supporter on Patreon

Show Notes:

‘Venom’ Security Vulnerability Threatens Most Datacenters

A new vulnerability found in open source virtualization software QEMU, which is run on hardware in datacenters around the world (CVE-2015-3456). “The cause is a widely-ignored, legacy virtual floppy disk controller that, if sent specially crafted code, can crash the entire hypervisor. That can allow a hacker to break out of their own virtual machine to access other machines — including those owned by other people or companies.” The vulnerable code is used in Xen, KVM, and VirtualBox, while VMware, Hyper-V, and Bochs are unaffected. “Dan Kaminsky, a veteran security expert and researcher, said in an email that the bug went unnoticed for more than a decade because almost nobody looked at the legacy disk drive system, which happens to be in almost every virtualization software.” The vulnerability has been dubbed “Venom,” for “Virtualized Environment Neglected Operations Manipulation.”

• VENOM Vulnerability

Ultra HD Blu-ray specification now complete, logo unveiled – CNET

The Blu-ray Disc Association (BDA) has announced the Ultra HD Blu-ray (4K) specification is now complete and has also revealed the next-gen format’s official logo.

The BDA says the format incorporates a 3,840×2,160-pixel resolution, expanded color range support, high dynamic range (HDR) and high frame rate content (read 60fps). As well as the promise of up-to-date video, UHD Blu-ray will also support “next-generation immersive, object-based sound formats.”

YotaPhone 2 adds white color option to AMOLED + E-ink display hardware, Lollipop update rolling out

YotaPhone 2 sports a completely functional 4.7-inch E-ink display with always-on capabilities on its back.

As for the planned North American debut of the unique YotaPhone 2, the company says its Indiegogo campaign to help bring it to the US will kick off on May 19th with early bird pricing for the first backers ahead of its summer release.

ASUS confirms next-gen Android Wear ZenWatch coming early Q3, improved 4-day battery life

ASUS reportedly confirmed that the device will feature improved battery life, up from 2 days on the first-gen ZenWatch to 4 days on the upcoming version. That still falls short of the company’s goal to offer 7-days battery life, according to the report.

The company added that it expects to sell less than a million units of its smartwatch this year.

The post Venomous Snakeoil | Tech Talk Today 170 first appeared on Jupiter Broadcasting.

Researches find an 18 year old bug in Windows thats rather nasty, we’ve got the details. A new perspective on the bug bounty arms race & the security impact of Wifi on a plane.

Plus great feedback, a bursting round up & much much more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

Cylance finds “SPEAR” a new spin on an 18 year old Windows vulnerability

• In 1997 Aaron Spangler discovered a flaw in Windows
• By causing a user to navigate to a file://1.2.3.4/ url in Internet Explorer, the user’s windows credentials would be sent to the remote server, to attempt to login to it
• “Redirect to SMB is a way for attackers to steal valuable user credentials by hijacking communications with legitimate web servers via man-in-the-middle attacks, then sending them to malicious SMB (server message block) servers that force them to spit out the victim’s username, domain and hashed password”
• “It’s a serious issue because stolen credentials can be used to break into private accounts, steal data, take control of PCs and establish a beachhead for moving deeper into a targeted network.”
• “Software from at least 31 companies including Adobe, Apple, Box, Microsoft, Oracle and Symantec can be exploited using this vulnerability”
• “Redirect to SMB is most likely to be used in targeted attacks by advanced actors because attackers must have control over some component of a victim’s network traffic.”
• “Less sophisticated attackers could launch Redirect to SMB attacks on shared WiFi access points at locations such as coffee shops from any computer, including mobile devices. We successfully tested this attack on a home network using a Nexus 7 loaded with all required tools.”
• “While the user credentials sent over SMB are commonly encrypted, the encryption method used was devised in 1998 and is weak by today’s standards. A stronger hashing algorithm being used on these credentials would decrease the impact of this issue, but not as much as disabling automatic authentication with untrusted SMB servers. With roughly $3,000 worth of GPUs, an attacker could crack any 8-character password consisting of letters (upper and lower case) as well as numbers in less than half a day.”
• “Microsoft has yet to release a patch to fix the Redirect to SMB vulnerability. The simplest workaround is to block outbound traffic from TCP 139 and TCP 445 — either at the endpoint firewall or at the network gateway’s firewall (assuming you are on a trusted network). The former will block all SMB communication, which may disable other features that depend on SMB. If the block is done at the network gateway’s firewall, SMB features will still work inside the network, but prevent authentication attempts with destinations outside the network. See the white paper for other mitigation steps.”
• “Microsoft did not resolve the issue reported by Aaron Spangler in 1997. We hope that our research will compel Microsoft to reconsider the vulnerabilities and disable authentication with untrusted SMB servers. That would block the attacks identified by Spangler as well as the new Redirect to SMB attack.”
• Cylance Whitepaper (PDF)

Given enough money, all bugs are shallow

• Eric Raymond, in The Cathedral and the Bazaar, famously wrote: “Given enough eyeballs, all bugs are shallow.”
• “The idea is that open source software, by virtue of allowing anyone and everyone to view the source code, is inherently less buggy than closed source software. He dubbed this “Linus’s Law”.”
• “However, the Heartbleed SSL vulnerability was a turning point for Linus’s Law, a catastrophic exploit based on a severe bug in open source software. How catastrophic? It affected about 18% of all the HTTPS websites in the world, and allowed attackers to view all traffic to these websites, unencrypted… for two years.”
• “OpenSSL, the library with this bug, is one of the most critical bits of Internet infrastructure the world has – relied on by major companies to encrypt the private information of their customers as it travels across the Internet. OpenSSL was used on millions of servers and devices to protect the kind of important stuff you want encrypted, and hidden away from prying eyes, like passwords, bank accounts, and credit card information.”
• “This should be some of the most well-reviewed code in the world. What happened to our eyeballs, man?”
• “In reality, it’s generally very, very difficult to fix real bugs in anything but the most trivial Open Source software. I know that I have rarely done it, and I am an experienced developer. Most of the time, what really happens is that you tell the actual programmer about the problem and wait and see if he/she fixes it”
• “Even if a brave hacker communities to read the code, they’re not terribly likely to spot one of the hard-to-spot problems. Why? Few open source hackers are security experts”
• “There’s a big difference between usage eyeballs and development eyeballs.”
• “Most eyeballs are looking at the outside of the code, not the inside. And while you can discover bugs, even important security bugs, through usage, the hairiest security bugs require inside knowledge of how the code works.”
• Peer reviewing code is a lot harder than writing code.
• “The amount of code being churned out today – even if you assume only a small fraction of it is “important” enough to require serious review – far outstrips the number of eyeballs available to look at the code”
• “There are not enough qualified eyeballs to look at the code. Sure, the overall number of programmers is slowly growing, but what percent of those programmers are skilled enough, and have the right security background, to be able to audit someone else’s code effectively? A tiny fraction”
• “But what’s the long term answer to the general problem of not enough eyeballs on open source code? It’s something that will sound very familiar to you, though I suspect Eric Raymond won’t be too happy about it.”
• “Money. Lots and lots of money.”
• “Increasingly, companies are turning to commercial bug bounty programs. Either ones they create themselves, or run through third party services like Bugcrowd, Synack, HackerOne, and Crowdcurity. This means you pay per bug, with a larger payout the bigger and badder the bug is.”
• However, adding more money to the equation might actually make things worse
• “There’s now a price associated with exploits, and the deeper the exploit and the lesser known it is, the more incentive there is to not tell anyone about it until you can collect a major payout. So you might wait up to a year to report anything, and meanwhile this security bug is out there in the wild – who knows who else might have discovered it by then?”
• “If your focus is the payout, who is paying more? The good guys, or the bad guys? Should you hold out longer for a bigger payday, or build the exploit up into something even larger? I hope for our sake the good guys have the deeper pockets, otherwise we are all screwed.”
• I like that Google addressed a few of these concerns by making Pwnium, their Chrome specific variant of Pwn2Own, a) no longer a yearly event but all day, every day and b) increasing the prize money to “infinite”. I don’t know if that’s enough, but it’s certainly going in the right direction.
• “Money turns security into a “me” goal instead of an “us” goal“
• “Am I now obligated, on top of providing a completely free open source project to the world, to pay people for contributing information about security bugs that make this open source project better? Believe me, I was very appreciative of the security bug reporting, and I sent them whatever I could, stickers, t-shirts, effusive thank you emails, callouts in the code and checkins. But open source isn’t supposed to be about the money… is it?”
• “Easy money attracts all skill levels — The submitter doesn’t understand what is and isn’t an exploit, but knows there is value in anything resembling an exploit, so submits everything they can find.”
• “But I have some advice for bug bounty programs, too”:
• “You should have someone vetting these bug reports, and making sure they are credible, have clear reproduction steps, and are repeatable, before we ever see them.”
• “You should build additional incentives in your community for some kind of collaborative work towards bigger, better exploits. These researchers need to be working together in public, not in secret against each other”.
• “You should have a reputation system that builds up so that only the better, proven contributors are making it through and submitting reports”.
• “Encourage larger orgs to fund bug bounties for common open source projects, not just their own closed source apps and websites. At Stack Exchange, we donated to open source projects we used every year. Donating a bug bounty could be a big bump in eyeballs on that code.”

FAA Needs a More Comprehensive Approach to Address Cybersecurity As Agency Transitions to NextGen

• The Federal Aviation Administration (FAA) faces cybersecurity challenges in at least three areas:
• (1) protecting air-traffic control (ATC) information systems,
• (2) protecting aircraft avionics used to operate and guide aircraft
• (3) clarifying cybersecurity roles and responsibilities among multiple FAA offices
• “FAA has taken steps to protect its ATC systems from cyber-based threats; however, significant security-control weaknesses remain that threaten the agency’s ability to ensure the safe and uninterrupted operation of the national airspace systems”
• “Modern aircraft are increasingly connected to the Internet. This interconnectedness can potentially provide unauthorized remote access to aircraft avionics systems. As part of the aircraft certification process, FAA’s Office of Safety (AVS) currently certifies new interconnected systems through rules for specific aircraft and has started reviewing rules for certifying the cybersecurity of all new aircraft systems.”
• “FAA officials and experts we interviewed said that modern aircraft are also increasingly connected to the Internet, which also uses IP-networking technology and can potentially provide an attacker with remote access to aircraft information systems. According to cybersecurity experts we interviewed, Internet connectivity in the cabin should be considered a direct link between the aircraft and the outside world, which includes potential malicious actors. FAA officials and cybersecurity and aviation experts we spoke to said that increasingly passengers in the cabin can access the Internet via onboard wireless broadband systems.”
• “Four cybersecurity experts with whom we spoke discussed firewall vulnerabilities, and all four said that because firewalls are software components, they could be hacked like any other software and circumvented. The experts said that if the cabin systems connect to the cockpit avionics systems (e.g., share the same physical wiring harness or router) and use the same networking platform, in this case IP, a user could subvert the firewall and access the cockpit avionics system from the cabin. The presence of personal smartphones and tablets in the cockpit increases the risk of a system’s being compromised by trusted insiders, both malicious and non-malicious, if these devices have the capability to transmit information to aircraft avionics systems”
• One would hope that the cockpit avionics are separated from the onboard entertainment and wifi systems by more than just a firewall. Even if they are not, a properly configured firewall is very difficult to compromise.
• Additional Coverage – BatBlue
• It seems that the authors of this report were not experts on the subject, and when interviewing experts on the topic, they asked questions like “is there any way to get around a firewall”

Feedback:

• Why does Allan hate CloudFlare?

• Hardware for pfSense

• Best Virtualizer for a few Linux VMs?

• No www or Yes www

Round Up:

• Remote Code Execution Via HTTP Request In IIS On Windows
• Snowden explains why you should use passphrases instead of passwords
• Florida middle schooler arrested, charged with hacking cybercrimes .
• After patch, details emerge about a number of Apple flaws (OS X and iOS) including Darwin Nuke, nVidia driver vulnerabilities, and a kqueue bug
• IBM claims new areal density record with 220TB tape tech
• LA Schools seeking refund after iPad rollout fails miserably
• Hacked French network exposed its own passwords during TV interview
• OEM designs have big impact on Intel Core M performance
• briankrebs on Twitter: “RT @RichardKarash: @SwiftOnSecurity @briankrebs There’s no hope for retail security! At a retail checkout yesterday: https://t.co/mUr9tcw8nD”
• Design vs User Experience

The post SMBTrapped in Microsoft | TechSNAP 210 first appeared on Jupiter Broadcasting.

On this week’s mini-episode, we’ll be talking with Baptiste Daroussin about packaging the FreeBSD base system with pkgng. Is this the best way going forward, or are we getting dangerously close to being Linux-like? We’ll find out, and also get to a couple of your emails while we’re at it, on BSD Now – the place to B.. SD.

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

Xen dom0 in FreeBSD 11-CURRENT

• FreeBSD has just gotten dom0 support for the Xen hypervisor, something NetBSD has had for a while now
• The ports tree will now have a Xen kernel and toolstack, meaning that they can be updated much more rapidly than if they were part of base
• It’s currently limited to Intel boxes with EPT and a working IOMMU, running a recent version of the -CURRENT branch, but we’ll likely see it when 11.0 comes out
• How will this affect interest in Bhyve?

A tale of two educational moments

• Here we have a blog post from an OpenBSD developer about some experiences he had helping people get involved with the project
• It’s split into two stories: one that could’ve gone better, and one that went really well
• For the first one, he found that someone was trying to modify a package from their ports tree to have fewer dependencies
• Experience really showed its worth, and he was able to write a quick patch to do exactly what the other person had been working on for a few hours – but wasn’t so encouraging about getting it committed
• In the second story, he discussed updating a different port with a user of a forum, and ended up improving the new user’s workflow considerably with just a few tips
• The lesson to take away from this is that we can all help out to encourage and assist new users – everyone was a newbie once

What’s coming in NetBSD 7

• We first mentioned NetBSD 7.0 on the show in July of 2014, but it still hasn’t been released and there hasn’t been much public info about it
• This blog post outlines some of the bigger features that we can expect to see when it actually does come out
• Their total platform count is now over 70, so you’d be hard-pressed to find something that it doesn’t run on
• There have been a lot of improvements in the graphics area, particularly with DRM/KMS, including Intel Haswell and Nouveau (for nVidia cards)
• Many ARM boards now have full SMP support
• Clang has also finally made its way into the base system, something we’re glad to see, and it should be able to build the base OS on i386, AMD64 and ARM – other architectures are still a WIP
• In the crypto department: their PNRG has switched from the broken RC4 to the more modern ChaCha20, OpenSSL has been updated in base and LibreSSL is in pkgsrc
• NetBSD’s in-house firewall, npf, has gotten major improvements since its initial debut in NetBSD 6.0
• Looking to the future, NetBSD hopes to integrate a stable ZFS implementation later on

OpenZFS office hours

• We mentioned a couple weeks back that the OpenZFS office hours series was starting back up
• They’ve just uploaded the recording of their most recent freeform discussion, with Justin Gibbs being the main presenter
• In it, they cover how Justin got into ZFS, running in virtualized environments, getting patches into the different projects, getting more people involved, reviewing code, spinning disks vs SSDs, defragging, speeding up resilvering, zfsd and much more

Interview – Baptiste Daroussin – bapt@freebsd.org

Packaging the FreeBSD base system with pkgng

Discussion

Packaging the FreeBSD base system with pkgng (follow-up)

Feedback/Questions

• Jeff writes in
• Anonymous writes in
• Alex writes in
• Joris writes in

Mailing List Gold

• ok feedback@

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• Writing articles or blog posts (or making videos) about what you do with BSD is great for advocacy and promotion, so do it and send them all to us
• We’ll be back next week with a regular full episode

The post pkg remove freebsd-update | BSD Now 84 first appeared on Jupiter Broadcasting.

This time on the show, we’ll be talking with Justin Cormack about NetBSD rump kernels. We’ll learn how to run them on other operating systems, what’s planned for the future and a lot more. As always, answers to viewer-submitted questions and all the news for the week, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

EuroBSDCon 2014 talks and tutorials

• The 2014 EuroBSDCon videos have been online for over a month, but unannounced – keep in mind these links may be temporary (but we’ll mention their new location in a future show and fix the show notes if that’s the case)
• Arun Thomas, BSD ARM Kernel Internals
• Ted Unangst, Developing Software in a Hostile Environment
• Martin Pieuchot, Taming OpenBSD Network Stack Dragons
• Henning Brauer, OpenBGPD turns 10 years
• Claudio Jeker, vscsi and iscsid iSCSI initiator the OpenBSD way
• Paul Irofti, Making OpenBSD Useful on the Octeon Network Gear
• Baptiste Daroussin, Cross Building the FreeBSD ports tree
• Boris Astardzhiev, Smartcom’s control plane software, a customized version of FreeBSD
• Michał Dubiel, OpenStack and OpenContrail for FreeBSD platform
• Martin Husemann & Joerg Sonnenberger, Tool-chaining the Hydra, the ongoing quest for modern toolchains in NetBSD
• Taylor R Campbell, The entropic principle: /dev/u?random and NetBSD
• Dag-Erling Smørgrav, Securing sensitive & restricted data
• Peter Hansteen, Building The Network You Need With PF
• Stefan Sperling, Subversion for FreeBSD developers
• Peter Hansteen, Transition to OpenBSD 5.6
• Ingo Schwarze, Let’s make manuals more useful
• Francois Tigeot, Improving DragonFly’s performance with PostgreSQL
• Justin Cormack, Running Applications on the NetBSD Rump Kernel
• Pierre Pronchery, EdgeBSD, a year later
• Peter Hessler, Using routing domains or tables in a production network
• Sean Bruno, QEMU user mode on FreeBSD
• Kristaps Dzonsons, Bugs Ex Ante
• Yann Sionneau, Porting NetBSD to the LatticeMico32 open source CPU
• Alexander Nasonov, JIT Code Generator for NetBSD
• Masao Uebayashi, Porting Valgrind to NetBSD and OpenBSD
• Marc Espie, parallel make, working with legacy code
• Francois Tigeot, Porting the drm-kms graphic drivers to DragonFly
• The following talks (from the Vitosha track room) are all currently missing:
• Jordan Hubbard, FreeBSD, Looking forward to another 10 years (but we have another recording)
• Theo de Raadt, Randomness, how arc4random has grown since 1998 (but we have another recording)
• Kris Moore, Snapshots, Replication, and Boot-Environments
• Kirk McKusick, An Introduction to the Implementation of ZFS
• John-Mark Gurney, Optimizing GELI Performance
• Emmanuel Dreyfus, FUSE and beyond, bridging filesystems
• Lourival Vieira Neto, NPF scripting with Lua
• Andy Tanenbaum, A Reimplementation of NetBSD Based on a Microkernel
• Stefano Garzarella, Software segmentation offloading for FreeBSD
• Ted Unangst, LibreSSL
• Ed Maste, The LLDB Debugger in FreeBSD
• Philip Guenther, Secure lazy binding
• Shawn Webb, Introducing ASLR In FreeBSD

OpenBSD adopts SipHash

• Even more DJB crypto somehow finds its way into OpenBSD’s base system
• This time it’s SipHash, a family of pseudorandom functions that’s resistant to hash bucket flooding attacks while still providing good performance
• After an initial import and some clever early usage, a few developers agreed that it would be better to use it in a lot more places
• It will now be used in the filesystem, and the plan is to utilize it to protect all kernel hash functions
• Some other places that Bernstein’s work can be found in OpenBSD include the ChaCha20-Poly1305 authenticated stream cipher and Curve25519 KEX used in SSH, ChaCha20 used in the RNG, and Ed25519 keys used in signify and SSH

FreeBSD 10.1-RELEASE

• FreeBSD’s release engineering team likes to troll us by uploading new versions just a few hours after we finish recording an episode
• The first maintenance update for the 10.x branch is out, improving upon a lot of things found in 10.0-RELEASE
• The vt driver was merged from -CURRENT and can now be enabled with a loader.conf switch (and can even be used on a PlayStation 3)
• Bhyve has gotten quite a lot of fixes and improvements from its initial debut in 10.0, including boot support for ZFS
• Lots of new ARM hardware is supported now, including SMP support for most of them
• A new kernel selection menu was added to the loader, so you can switch between newer and older kernels at boot time
• 10.1 is the first to support UEFI booting on amd64, which also has serial console support now
• Lots of third party software (OpenSSH, OpenSSL, Unbound..) and drivers have gotten updates to newer versions
• It’s a worthy update from 10.0, or a good time to try the 10.x branch if you were avoiding the first .0 release, so grab an ISO or upgrade today
• Check the detailed release notes for more information on all the changes
• Also take a look at some of the known problems to see if you’ll be affected by any of them
• PC-BSD was also updated accordingly with some of their own unique features and changes

arc4random – Randomization for All Occasions

• Theo de Raadt gave an updated version of his EuroBSDCon presentation at Hackfest 2014 in Quebec
• The presentation is mainly about OpenBSD’s arc4random function, and outlines the overall poor state of randomization in the 90s and how it has evolved in OpenBSD over time
• It begins with some interesting history on OpenBSD and how it became a security-focused OS – in 1996, their syslogd got broken into and “suddenly we became interested in security”
• The talk also touches on how low-level changes can shake up the software ecosystem and third party packages that everyone uses
• There’s some funny history on the name of the function (being called arc4random despite not using RC4 anymore) and an overall status update on various platforms’ usage of it
• Very detailed and informative presentation, and the slides can be found here
• A great quote from the beginning: “We consider ourselves a community of (probably rather strange) people who work on software specifically for the purpose of trying to make it better. We take a “whole-system’s” approach: trying to change everything in the ecosystem that’s under our control, trying to see if we can make it better. We gain a lot of strength by being able to throw backwards compatibility out the window. So that means that we’re able to do research and the minute that we decide that something isn’t right, we’ll design an alternative for it and push it in. And if it ends up breaking everybody’s machines from the previous stage to the next stage, that’s fine because we’ll end up in a happier place.”

Interview – Justin Cormack – justin@netbsd.org / @justincormack

NetBSD on Xen, rump kernels, various topics

News Roundup

The FreeBSD foundation’s biggest donation

• The FreeBSD foundation has a new blog post about the largest donation they’ve ever gotten
• From the CEO of WhatsApp comes a whopping one million dollars in a single donation
• It also has some comments from the donor about why they use BSD and why it’s important to give back
• Because the FreeBSD Foundation is a 501(c)(3) it must show that it has support of the general public, not just a small number of large donors. That is why individual donations are so important
• Donate even just $5, just to increase the number of names on the donors list
• Don’t know what to get your favourite FreeBSD developer for Christmas? Donations can be dedicated to others
• Spread the money around, donate to the foundation of each BSD you use when you can – every little bit helps: OpenBSD, NetBSD and DragonFly
• You use OpenSSH don’t you? gzip (bsd licensed gzip is from NetBSD)?, newfs_msdos (making FAT(32) file systems for USB devices etc, also from NetBSD)

OpenZFS Dev Summit 2014 videos

• Videos from the recent OpenZFS developer summit are being uploaded, with speakers from different represented platforms and companies
• Matt Ahrens, opening keynote
• Raphael Carvalho, Platform Overview: ZFS on OSv
• Brian Behlendorf, Platform Overview: ZFS on Linux
• Prakash Surya, Platform Overview: illumos
• Xin Li, Platform Overview: FreeBSD
• All platforms, Group Q&A Session
• Dave Pacheco, Manta
• Saso Kiselkov, Compression
• George Wilson, Performance
  Tim Feldman, Host-Aware SMR
• Pavel Zakharov, Fast File Cloning
• The audio is pretty poor on all of them unfortunately

BSDTalk 248

• Our friend Will Backman is still busy getting BSD interviews as well
• This time he sits down with Matthew Dillon, the lead developer of DragonFly BSD
• We’ve never had Dillon on the show, so you’ll definitely want to give this one a listen
• They mainly discuss all the big changes coming in DragonFly’s upcoming 4.0 release

MeetBSD 2014 videos

• The presentations from this year’s MeetBSD conference are starting to appear online as well
• Kirk McKusick, A Narrative History of BSD
• Jordan Hubbard, FreeBSD: The Next 10 Years
• Brendan Gregg, Performance Analysis
• The slides can be found here

Feedback/Questions

• Dominik writes in
• Steven writes in
  • Chromebook porting
  • Dragonfly patch
• Florian writes in
• Richard writes in
• Kevin writes in

Mailing List Gold

• Contributing without code
• Compression isn’t a CRIME
• Securing web browsers

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• If you’ve worked on any cool BSD-related projects, write about it and send it in; we’d love to feature more community content
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)

The post Rump Kernels Revisited | BSD Now 64 first appeared on Jupiter Broadcasting.

Recent major flaws found in in critical open source software have sent the Internet into a panic. From Shellshock to Xen we’ll discuss how these vulnerabilities can be chained together to own a box.

Plus how secure are VLANs, a big batch of your questions, our answers, and much much more!

Thanks to:

Become a supporter on Patreon:

— Show Notes: —

Bash plus Xen bug send the entire internet scrambling

• A critical flaw was discovered in the bash shell, used as the default system shell in most versions of linux, as well as OS X.
• The flaw was with the parsing of environment variables. If a new variable was set to contain a function, if that function was followed by a semi-colon (normally a separator that can be used to chain multiple commands together), the code after the semicolon would be be executed when the shell started
• Many people are not aware, that CGI scripts pass the original request data, as well as all HTTP headers to the scripts via environment variables
• After those using bash CGI scripts ran around with chickens with their heads cut off, others came to realize that even if the CGI scripts are actually perl or something else, if they happen to fork a shell with the system() call, or similar, to do something, that shell will inherit those environment variables, and be vulnerable
• As more people spent brain cycles thinking of creative ways to exploit this bug, it was realized that even qmail was vulnerable in some cases, if a user has a .qmail file or similar to forward their email via a pipe, that command is executed via the system shell, with environment variables containing the email headers, including from, to, subject etc
• While FreeBSD does not ship with bash by default, it is a common dependency of most of the desktop environments, including gnome and KDE. PCBSD also makes bash available to users, to make life easier to linux switchers. FreeNAS uses bash for its interactive web shell for the same reason. While not vulnerable in most cases, all have been updated to ensure that some new creative way to exploit the bug does not crop up
• Apparently the DHCP client in Mac OS X also uses bash, and a malicious DHCP server could exploit the flaw
• The flaw also affects a number of VMWare products
• OpenVPN and many other software packages have also been found to be vulnerable
• The version of bash on your system can be tested easily with this one-liner:
  env x='() { :;}; echo vulnerable’ bash -c “echo this is a test”
• Which will print “this is a test”, and if bash has not yet been patched, will first print ‘vulnerable’
• ArsTechnica: Bug in bash shell creates big security hole on anything with linux in it
• Concern over bash bug grows as it is actively exploited in the wild
• First bash patch doesn’t solve problem, second patch rushed out to resolve issue
• Now that people are looking, even more bugs in bash found and fixed
• Shellshock fixes result in another round of patches as attacks get more clever
• Apple releases patch for shellshock bug
• There were also a critical update to NSS (the Mozilla cryptographic library, which was not properly validating SSL certificates)
• The other big patch this week was for Xen
• It was announced by a number of public cloud providers, including Amazon and Rackspace, that some virtual server host machines would need to be rebooted to install security fixes, resulting in downtime for 10% of Amazon instances
• It is not clear why this could not be resolved by live migrations
• All versions of Xen since 4.1 until this patch are vulnerable. The flaw is only exploitable when running fully virtualized guests (HVM mode, uses the processor virtualization features), and can not be exploited by virtual machines running in the older paravirtualization mode. Xen on ARM is not affected
• Xen Security Advisory
• Amazon Blog Post #1
• Amazon Blog Post #2
• Rackspace Blog Post
• Additional Coverage: eweek

Cox Communications takes the privacy of its customers seriously, kind of

• A female employee of Cox Communications (a large US ISP) was socially engineered into giving up her username and password
• These credentials were then used to access the private data of Cox Customers
• The attacker apparently only stole data about 52 customers, one of which was Brian Krebs
• This makes it sound like a targeted attack, or at least an attacker by someone who is (or is not) a fan of Brian Krebs
• It appears that the Cox internal customer database can be accessed directly from the internet, with only a username and password
• Cox says they use two factor authentication “in some cases”, and plan to expand the use of 2FA in the wake of this breach
• Cox being able to quickly determine exactly how many customers’ data was compromised suggests they atleast have some form of auditing in place, to leave a trail describing what data was accessed
• Brian points out: “This sad state of affairs is likely the same across multiple companies that claim to be protecting your personal and financial data. In my opinion, any company — particularly one in the ISP business — that isn’t using more than a username and a password to protect their customers’ personal information should be publicly shamed.” “Unfortunately, most companies will not proactively take steps to safeguard this information until they are forced to do so — usually in response to a data breach. Barring any pressure from Congress to find proactive ways to avoid breaches like this one, companies will continue to guarantee the security and privacy of their customers’ records, one breach at a time.”

Other researches recreate the BadUSB exploit and release the code on Github

• The “BadUSB” research was originally done by Karsten Nohl and Jakob Lell, at SR Labs in Germany.
• Presented at BlackHat, it described being able to reprogram the firmware of USB devices to perform other functions, such as a USB memory stick that presented itself to the computer as a keyboard, and typed out commands once plugged in, allowing it to compromise the computer and exfiltrate data
• Brandon Wilson and Adam Caudill were doing their own work in this space, and when they heard about the talk at BlackHat, decided to accelerate their own work
• They have now posted their code on Github
• “The problem is that Nohl and Lell—and Caudill and Wilson—have not exploited vulnerabilities in USB. They’re just taking advantage of weaknesses in the manner in which USBs are supposed to behave“
• “At Derby Con, they were able to demonstrate their attack with the device pretending to be a keyboard that typed out a predetermined script once it was plugged into the host computer. They also showed another demo where they had a hidden partition on a flash drive that was not detected by the host PC“
• “It’s undetectable while it’s happening,” Wilson said. “The PC has no way of determining the difference. The way a PC determines the type of device all happens through the USB and code on the other device. Our ability to control that code means you cannot trust anything a USB device tells you.”
• The way around this issue would be for device manufacturers to implement code signing
• The existing firmware would only allow the firmware to be updated if the new firmware was signed by the manufacturer, preventing a malicious users from overwriting the good firmware with ‘bad’ firmware
• However, users could obviously create their own devices specifically for the purpose of the evil firmware, but it would prevent the case where an attack modifies your device to work against you
• At the same time, many users might argue against losing control over their device, and no longer being able to update the firmware if they wish
• The real solution may be for Operating Systems and users to evolve to no longer trust random USB devices, and instead allow the user to decide if they trust the device, possibly something similar to mobile apps, where the OS tells the user what functionality the device is trying to present
• You might choose to not trust that USB memstick that is also attempting to present a network adapter, in order to override your DHCP settings and make your system use a set of rogue DNS servers

Feedback:

• GroffTheBSDGoat

• [Suggestion] Is it possible to enable https on www.jupiterbroadcasting.com?

• I need a cli encryption tool

• Security of a VLAN?

• Weird emails delivered to wildcard mailbox

• Bash Shellshock vs SSH

• Is open source better?

Round Up:

• Chinese iOS Trojan Targets Jailbroken iPhones Used by Hong Kong Protesters
• The science of network troubleshooting
• GitHub.com blacklisted in Russia as of today
• TheSecuritySetup.com profiles H. D. Moore’s setup
• An FBI informant led hacks against 30 countries—now we know which ones
• How hackers accidentally sold a homemade pre-release XBox One to the FBI
• LibreSSL: More Than 30 Days Later
• Cross site scripting vulnerability at eBay has existed since atleast February, redirected users to password harvesting sites and other malicious links which clicking on auction listings
• OpenVPN vulnerable to Shellshock Bash vulnerability
• Large advertising network Zedo found serving malware infected advertisements, including via Google’s DoubleClick advertising service, affected large sites including Last.fm
• The Open Technology Fund (backed by Google, Dropbox and others) is attempting to team User Interface Designers with Security Experts to design new security and cryptography tools that are easy to use
• Why parts of the internet stopped working – A small company accidently started announcing the entire internet routing table it received from one of its upstreams via its second upstream provider, causing large swaths of the internet to be routed via their connection
• Second same-origin policy bypass flaw in Android Browser

The post Xen Gets bashed | TechSNAP 182 first appeared on Jupiter Broadcasting.

A major Xen flaw forces the “cloud” to reboot, we share the details. ComputerCop malware pitched as saving the children turns out to be major spyware.

Plus a big Adobe Linux support rant, the Mac botnet that reads reddit & more!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Rackspace Joined Amazon in Patching, Rebooting Cloud Servers

About a quarter of Rackspace’s 200,000-plus customers were impacted when the cloud provider had to patch a flaw in the Xen hypervisor.
Rackspace, like cloud competitor Amazon Web Services, was forced to reboot some of its servers after patching them to fix a security flaw in some versions of the XenServer hypervisor.

The cloud provider had to patch an untold number of servers in its global data centers over the weekend and then reboot them, which caused disruption to about a quarter of Rackspace’s more than 200,000 customers, according to President and CEO Taylor Rhodes. The issue was further complicated by a tight deadline—the vulnerability was first discovered early last week, and a patch wasn’t worked out with Xen engineers until late Sept. 26.

AWS started sending out letters to its customers Sept. 24 informing them that there was an issue, but assured them that the problem was not related to the Bash bug that arose last week as a threat to systems running Unix and Linux. Officials instead let them know that the problem was with the Xen hypervisor, and that a patch was being worked on.

• Security bug in Xen may have exposed Amazon, other cloud services [Updated] | Ars Technica

The bug, introduced in versions of Xen after version 4.1, is in HVM code that emulates Intel’s x2APIC interrupt controller. While the emulator restricts the ability of a virtual machine to write to memory reserved specifically for its own emulated controller, a program running within a virtual machine could use the x2APIC interface to read information stored outside of that space. If someone were to provision an inadvertently buggy or intentionally malicious virtual machine on a server using HVM, Beulich found that VM could use the interface to look at the physical memory on the physical machine hosting the VM reserved for other virtual machines or for the virtualization server software itself. In other words, an “evil” virtual machine could essentially read over the shoulder of other virtual machines running on the same server, bypassing security.

• XSA-108 – Xen Security Advisories

EFF: Security software distributed by cops is actually spyware in disguise

Various schools, libraries and ordinary American families might have been using a “security” software called ComputerCOP for years. After all, they probably got their copy from cops, attorney’s offices or other branches of law enforcement, which tout it as a way to protect children online.

One of the main feature of ComputerCop is a keylogger called KeyAlert. Keyloggers record all keystrokes made on a computer keyboard, including credit card information and username and password combinations. KeyAlert’s logs are stored unencrypted on Windows computers, and on Macs they can be decrypted with the software’s default password. The software can also be configured so that trigger words email an alert to the computer’s owner.

KeyAlert must be installed separately from the rest of the ComputerCop software, but not all versions of ComputerCop have been distributed with it. There’s no way to configure KeyAlert for a particular user, so it’s possible to use it against anybody using the computer — not just kids.

“When that happens, the software transmits the key logs, unencrypted, to a third-party server, which then sends the email,” the EFF report said.

According to the foundation, law enforcement agencies typically buy between 1,000 and 5,000 copies of ComputerCOP for a few dollars per piece — and yes, they use taxpayer dollars for the purchase. Within the past two years for instance, several Attorney’s Offices, including San Diego’s, bought 5,000 pieces for 25 grand.

• ComputerCOP: The Dubious ‘Internet Safety Software’ That Hundreds of Police Agencies Have Distributed to Families | Electronic Frontier Foundation

Adobe Pulls Linux PDF Reader Downloads From Website – OMG! Ubuntu!

As flagged by a Reddit user who visited the Adobe site to grab the app, Linux builds are no longer listed alongside other ‘supported’ operating systems.

Adobe is no stranger to giving penguins the brush off. The company stopped releasing official builds of Flash for Linux in 2012 (leaving it to Google to tend to), and excluded Tux-loving users from its cross-platform application runtime “Air” the year before.

All is not lost. While the links are no longer offered through the website the Debian installer remains accessible from the Adobe FTP server.

China pre-orders 2 million iPhone 6 handsets in just 6 hours

The iPhone 6 and 6 Plus were delayed in China as the result of trouble for Apple securing the necessary regulatory approvals from the country’s Ministry of Industry and Information Technology. In its absence, rival company Samsung rushed to release their new flagship handset in the country.

Despite China’s absence, however, Apple’s eagerly-anticpated handsets sold 10 million+ units in their opening weekend alone.

According to new reports coming out of China, both retailers and carriers have taken in a massive 2 million reservations just six hours after putting the iPhone 6 and 6 Plus on earlier-than-expected pre-order.

New Mac botnet malware uses Reddit to find out what servers to connect to

Mac users should beware of some new malware spreading, that tries to connect infected machines with a botnet for future exploitation. As detected by Dr Web, the malicious worm (dubbed Mac.BackDoor.iWorm) first checks whether any interfering applications are installed on the Mac.

If it is clear, it calls out to Reddit posts to find the IP addresses of possible servers to callback too. Although these posts have been deleted, it’s not hard for the people behind the exploit to repost them at a later time. Once connected to the botnet, the infected Mac can be literally instructed to perform almost any task the hackers want, such as redirect browsing traffic to potentially steal account credentials for instance.

Dr.Web estimates over 15,000 distinct IP addresses have been connected to the botnet already. Although 15,000 IPs does not directly translate into 15,000 separate infected users, it is indicative of a rather large base for a Mac worm.

The post ComputerCop Malware | Tech Talk Today 69 first appeared on Jupiter Broadcasting.

Pre-crime is here, with technology that lets you predicting a hack before it happens. We’ll tell you how. Google’s project zero goes to war, we get real about virtualization.

And then its a great batch of your questions, our answers & much more!

Thanks to:

Become a supporter on Patreon:

— Show Notes: —

Predicting which sites will get hacked, before it happens

• Researchers from Carnegie Mellon University have developed a tool that can help predict if a website is likely to become compromised or malicious in the future
• Using the Archive.org “Wayback Machine” they looked at websites before they were hacked, and tried to identify trends and other information that may be predictors
• “The classifier correctly predicted 66 percent of future hacks in a one-year period with a false positive rate of 17 percent”
• “The classifier is focused on Web server malware or, put more simply, the hacking and hijacking of a website that is then used to attack all its visitors”
• The tool looks at the server software, outdated versions of Apache and PHP can be good indicators of future vulnerabilities
• It also looks at how the website is laid out, how often it is updated, what applications it runs (outdated wordpress is a good hacking target)
• It also compares the sites to sites that have been compromised. If a site is very like another, and that other was compromised, there is an increased probability that the first site will also be compromised
• The classifier looks at many other factors as well: “For instance, if a certain website suddenly sees a change in popularity, it could mean that it became used as part of a [malicious] redirection campaign,”
• The most common marker for a hackable website: The presence of the ‘generator’ meta tag with a value of ‘Wordpress 3.2.1’ or ‘Wordpress 3.3.1’
• Research PDF from USENIX
• There are tools like those from Norse, that analyze network traffic and attempt to detect new 0-day exploits before they are known

Google’s Project Zero exploits the unexploitable bug

• Well over a month ago Google’s Project Zero reported a bug in glibc, however there was much skepticism about the exploitability of the bug, so it was not fixed
• However, this week the Google researchers were able to create a working exploit for the bug, including an ASLR bypass for 32bit OSs
• The blog post details the process the Project Zero team went through to develop the exploit and gain root privileges
• The blog post also details an interesting (accidental) mitigation found in Ubuntu, they caused the researchers to target Fedora to more easily develop the exploit
• The blog also discusses a workaround for other issues they ran into. Once they had exploited the set-uid binary, they found that running: system(“/bin/bash”) started the shell with their original privileges, rather than as root. Instead, they called chroot() on a directory they had setup to contain their own /bin/sh that calls setuid(0) and then executes a real shell as the system root user.
• The path they used to get a root shell relies on a memory leak in the setuid binary pkexec, which they recommend be fixed as well as the original glibc bug
• “The ability to lower ASLR strength by running setuid binaries with carefully chosen ulimits is unwanted behavior. Ideally, setuid programs would not be subject to attacker-chosen ulimit values”
• “The exploit would have been complicated significantly if the malloc main linked listed hardening was also applied to the secondary linked list for large chunks”
• The glibc bug has since been fixed

Secret Service warns over 1000 businesses hit by Backoff Point-of-Sales terminal malware

• The Secret Service and DHS have released an advisory warning businesses about the POS (Point-of-Sales terminal) malware that has been going around for a while
• Advisory
• “The Department of Homeland Security (DHS) encourages organizations, regardless of size, to proactively check for possible Point of Sale (PoS) malware infections. One particular family of malware, which was detected in October 2013 and was not recognized by antivirus software solutions until August 2014, has likely infected many victims who are unaware that they have been compromised”
• “Seven PoS system providers/vendors have confirmed that they have had multiple clients affected“
• “Backoff has experts concerned because it’s effective in swiping customer credit card data from businesses using a variety of exfiltration tools, including memory, or RAM scraping, techniques, keyloggers and injections into running processes”
• “A report from US-CERT said attackers use Backoff to steal payment card information once they’ve breached a remote desktop or administration application, especially ones that are using weak or default credentials”
• “Backoff is then installed on a point-of-sale device and injects code into the explorer.exe process that scrapes memory from running processes in order to steal credit card numbers before they’re encrypted on the device and sent to a payment processor. “
• “Keylogging functionality is also present in most recent variants of ‘Backoff’. Additionally, the malware has a C2 component that is responsible for uploading discovered data, updating the malware, downloading/executing further malware, and uninstalling the malware,”
• US-CERT Advisory
• Krebs reports that Dairy Queen may also be a victim of this attack
• “Dairy Queen says it has no indication of a card breach at any of its thousands of locations, but the company also acknowledges that nearly all stores are franchises and that there is no established company process or requirement that franchisees communicate security issues or card breaches to Dairy Queen headquarters”

Feedback:

• HVAC remote access protection fear.

• Deconstruct malware?

• Virtualisation

• Metric for success of an attack campaign

Round Up:

• Chromecast software vulnerability paves way for another root exploit
• Netflix releases two of their internal threat monitoring tools, used to detect origanization of attacks against their networks
• FBI, Secret Service investigate reports of cyber attacks on U.S. banks
• Seagate ships worlds first 8TB hard drive, with “Enhanced Rotational Vibration (RV) tolerance for reliable performance in multi-drive environments”, allowing more drives to stuffed in a single chassis
• Feds warn first responders of dangerous hacking tool: Google Search
• UK Ministry of Justice fined 180,000 GBP for not encrypting data. Data was being backed up to an external hard drive that was then lost, potentially exposing data on almost 3000 prisoners. The external drive supported some type of ‘encryption’, but it was not enabled
• 300 oil companies hacked in Norway
• Google, Facebook, and others did not read the Apple Documentation. In iOS, clicking a tel:// link in Safari prompts the user to confirm they want to place the call. However in native apps, it is left up to the app to check for permission, to allow apps to initiate calls at the users request, without the user having to confirm it a 2nd time. Apple’s docs state that the app should confirm that the user wants to place the call, but they do not. Using javascript or server-side redirects, a malicious attacker can have your phone place calls without your permission when you click a link in a Facebook, Gmail or G+ message on iOS.
• CouchSurfing email system compromised, many users sent AirBnB prank message
• Browsers will be removing 1024 bit CA certificates from the trust chain in the latest NSS, which will ship in FireFox 32, due for release September 2nd. Even though these certificates have not expired, they will no longer be trusted because of their low security
• Comcast training material leaked, shows how employees are directed to upsell customers during support calls
• Krebs: new razor think ATM insert skimmer goes inside the card slot, nearly impossible to spot. Most skimmers now use hidden cameras to capture your PIN number, rather than a pinpad overlay. Krebs recommends covering the keypad with your free hand while entering your pin number

The post Project Zero Goes To War | TechSNAP 177 first appeared on Jupiter Broadcasting.

Qubes OS, you could call it Linux for the truly paranoid. This system offers a unique isolated approach to keep you and your data safe, we dive in to show you how this system works!

Plus: The big Red Hat news, Docker goes 1.0, a Linux port done right…

And so much more!

All this week on, The Linux Action Show!

Thanks to:

Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | Ogg Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Feed | Ogg Feed | iTunes Feeds | Torrent Feed

— Show Notes: —

Qubes OS:

Brought to you by: System76

• Qubes Release 1 was released in September 2012. Qubes Release 2 is almost complete, with rc1 having been released in April 201

• On February 16, 2014, Qubes was selected as a finalist of Access Innovation Prize 2014 for Endpoint Security Solution.

Built on top of Xen:

Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.

• Qubes implements a Security by Isolation approach.

• Qubes utilizes virtualization technology in order to isolate various programs from each other and even to sandbox many system-level components, such as networking and storage subsystems, so that the compromise of any of these programs or components does not affect the integrity of the rest of the system.

• Qubes lets the user define many security domains, which are implemented as lightweight Virtual Machines (VMs), or “AppVMs.”

For example, the user can have “personal,” “work,” “shopping,” “bank,” and “random” AppVMs and can use the applications within those VMs just as if they were executing on the local machine. At the same time, however, these applications are well isolated from each other.

• Qubes also supports secure copy-and-paste and file sharing between the AppVMs, of course.

Key Architectural features¶

• The network mechanism is the most exposed to security attacks. This is why it is isolated in a separate, unprivileged virtual machine, called the Network Domain.

• Disk space is saved thanks to the fact that various virtual machines (VM) share the same root file system in a read-only mode.

• Separate disk storage is only used for userʼs directory and per-VM settings. This allows to centralize software installation and updates. Of course, some software can be installed only on a specific VM.

• Some documents or application can be run in disposable VMs through an action available in the file manager. The mechanism follows the idea of sandboxes: after viewing the document or application, then the whole Disposable VM will be destroyed.

• Based on a secure bare-metal hypervisor (Xen)
• USB stacks and drivers sand-boxed in an unprivileged VM (currently experimental feature)
• No networking code in the privileged domain (dom0)
• All user applications run in “AppVMs,” lightweight VMs based on Linux
• Centralized updates of all AppVMs based on the same template
• Qubes GUI virtualization presents applications as if they were running locally
• Qubes GUI provides isolation between apps sharing the same desktop
• Secure system boot based (optional)

Not just for Linux, Qubes can run Windows app seamless too:

• WindowsAppVms – Qubes

— Picks —

Runs Linux

Mini-drones jump, flip, fly, climb, and and run Linux

Desktop App Pick

SnapRAID

SnapRAID is an application able to make a partial backup of your disk array. If some of the disks of your array fail, even if they are completely broken, you will be able to recover their content. It’s only a partial backup, because it doesn’t allow to recover from a failure of the whole array, but only if the number of failed disks are under a predefined limit.

Weekly Spotlight

magpie —

Basically, magpie is just a web tool for managing text files in a git repo. In it, you can create notebooks (which are just folders); create, edit, and delete notes (which are just files). That’s pretty much it. However, when you make any of these changes, they are automatically committed to git.

Thanks to haliphax for submitting this link

— NEWS —

A big step forward in business Linux: Red Hat Enterprise Linux 7 arrives

As for the features, RHEL 7 boasts many stability and performance upgrades. Red Hat claims that, depending upon the load, RHEL 7 is 11 to 25 percent faster than the previous iteration of the software, RHEL 6.

• Red Hat Unveils Red Hat Enterprise Linux 7

• You know you’re a nerd when the most interesting news of the week is about a filesystem…

It’s Here: Docker 1.0

On March 20, 2013, we released the first version of Docker. After 15 months, 8,741 commits from more than 460 contributors, 2.75 million downloads, over 14,000 “Dockerized” apps, and feedback from 10s of 1000s of users about their experience with Docker, from a single container on a laptop to 1000s in production in the cloud … we’re excited to announce that it’s here: Docker 1.0.

HP bets it all on The Machine, a new computer architecture based on memristors and silicon photonics

In the words of HP Labs, The Machine will be a complete replacement for current computer system architectures. There will be a new operating system, a new type of memory (memristors), and super-fast buses/peripheral interconnects (photonics). Speaking to Bloomberg, HP says it will commercialize The Machine within a few years, “or fall on its face trying.”

• Day 2 Keynote – HP Discover Las Vegas 2014 – tStarts at 15:50

Some of our favorite bullshit headlines:

• HP Stabs Microsoft in the Back: Dumps Windows, Prepares Linux-Based Operating System – Softpedia News for Mobile

• HP’s The Machine kicks Microsoft to the curb in favor of Linux – TechRepublic

• HP Announces Plans To Destroy Windows – Business Insider

On top of that, HP is working on a brand new operating system for The Machine based on Linux. And another one based on Android, Fink continued:

“We are, as part of The Machine, announcing our intent to build a new operating system all open source from the ground up, optimized for non-volatile memory systems.

…

We also have a team that’s starting from a Linux environment and stripping out all the bits we don’t need. So that way you maintain … compatibility for apps.

What if we build a version of Android? … We have a team that’s doing that, too.”

Aspyr Media Comments On Linux, More AAA Games In Future

Aspyr Media have quite clearly proven themselves at porting to Linux with a port that works this well, but the bigger news is that they may have more to come.

— Chris’ Stash —

• jupiterbroadcasting on Instagram

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— What’s Matt Doin? —

• Check out LINUX Unplugged
• 14 Apps To Boost Ubuntu
• Fez – Part 3 | Geek And The Gamer

— Find us on Google+ —

• Chris
• Matt Hartley
• Jupiter Broadcasting’s Page

— Find us on Twitter —

• Chris – ChrisLAS
• Matt – matthartley

— Follow the network on Facebook: —

• Jupiter Broadcasting on Facebook

— Catch the show LIVE Sunday 10am Pacific / 1pm Eastern / 6pm UTC: —

• https://jblive.tv
• Network Calendar

The post Qubes OS: Security By Isolation | LAS 317 first appeared on Jupiter Broadcasting.

Adobe’s latest flaw has being exploited by an advanced persistent threat, we’ve got the details, Heartbleed follow ups, and getting started with Virtualization.

Plus our thoughts on the fate of net neutrality, your questions, our answers, and much much more!

On this week’s episode of TechSNAP!

Thanks to:

— Show Notes: —

Adobe releases patch for critical Flash flaw affecting all OSs

• A new exploit has been discovered that works against all versions of Adobe Flash Player
• This is a zero-day exploit, meaning that even a fully patched computer can be exploited
• Adobe has since released the fix, and users are encouraged to apply the patch as soon as possible
• The attack used two different exploits, one general exploit against Flash and the other exploiting a flaw in Internet Explorer
• One of the malware files was detected by Kaspersky using a heuristic signature, but the other was new
• The exploits slightly alter the attack methodology if Windows 8 or newer is detected, to work around mitigations provided by the OS
• The first bit of malware (movie.swf) was generic, downloading more malware from a URL and running it
• The second bit of malware (include.swf) was very specific, targeting “Cisco MeetingPlace Express Add-In version 5”
• “This add-in is used by web-conference participants to view documents and images from presenter\’s screen. It should be noted that the exploit will not work if the required versions of Adobe Flash Player ActiveX and Cisco MPE are not present on the system”
• This suggests that the malware was written with a very specific target in mind, rather than designed to target the general Internet
• The malware was hosted on an official Syrian government website, although it appears that the site may have been compromised to store the files there
• Kaspersky was not able to examine the payload of the second exploit because the files had already been taken down from the website, and there is evidence to suggest there was a 3rd payload (stream.swf)
• “We are sure that all these tricks were used in order to carry out malicious activity against a very specific group of users without attracting the attention of security solutions. We believe that the Cisco add-in mentioned above may be used to download/implement the payload as well as to spy directly on the infected computer.”
• “It\’s likely that the attack was carefully planned and that professionals of a pretty high caliber were behind it. The use of professionally written 0-day exploits that were used to infect a single resource testifies to this.”
• CVE-2015-0515
• Adobe Security Bulletin
• Additional Coverage – ARS Technica
• Additional Coverage – Krebs on Security
• Since IE uses a separate version of Flash from other browsers (Firefox, Chrome, Opera, etc), Windows users will need to apply the patch twice, one to their browser and once to IE, which is used as a component in many other applications including Skype and Steam

Exploit used in the wild against all versions of Internet Explorer 6 through 11

• As part of the same attack from the previous story, an exploit for all versions of Internet Explorer was found
• The exploit was used as part of a watering hole attack
• CVE-2014-1776
• This was to be the first of many 0day exploits that will not be fixed on Windows XP, however Microsoft issued a statement and released the update for Windows XP , inspite of the fact that it is no longer supported

[Heartbleed Followups]

• The heartbleed bug was used to attack and compromise a number of blackhat and underground forums – Many sites were compromised, upgraded OpenSSL but did not revoke SSL certificates or reset passwords
• US-CERT issues advisory warning business and users to update their Apple AirPort devices that are vulnerable to Heartbleed
• CERT has issued an advisory about the NetSSL library failing to properly validate wildcard certificates
• Whitehouse comments, says they did not know about Heartbleed before hand
• Even heartbleed can’t convince people to change their passwords and stop reusing passwords
• Android 4.1.1 has not received OpenSSL patches yet

Feedback:

• Kids WiFi

• Looking for virtualization advice

• XP in a VM

• What advice do you have to help tech geeks find their dream job?

• Suggestion for Brett for backup

• Mondo Rescue – Disaster recovery solution

Round-Up:

• Sony\’s 185TB data tape puts your hard drive to shame
• CERT issues advisory about Toshiba Point-of-Sales systems using weak hashing algorithm for passwords
• SanDisk Announces 4TB SSDs, 8TB & 16TB SSDs to Follow
• Phishers hack email accounts and divert home loan funds
• AOL Finally Admits They Were Hacked
• MIT students raise half million dollars to give every undergraduate student $100 in bitcoins next semester in an effort to build the first true cryptocurrency economy
• FCC chairman \’won\’t hesitate\’ to regulate broadband like a utility if proposed rules fail
• What the internet might look like without Net Neutrality
• Netflix researching “large-scale peer-to-peer technology” for streaming
• This trend shows with Net Neutrality is important — Sonic.net comments on net neutrality
• CISPA 3.0 introduced to the senate
• AT&T’s possible acquisition of DirecTV increases net neutrality concerns

The post Not Neutrality | TechSNAP 161 first appeared on Jupiter Broadcasting.

A back backdoor found in many common routers gets covered up instead of patched, and all it takes is a knock on the door to exploit it. We’ll share the details.

Plus cross VM attacks just got much easier, a great batch of your questions – our answers, and much much more!

On this week’s episode of TechSNAP!

Thanks to:

— Show Notes: —

Intentional backdoor in home routers, when reported vendor just attempts to hide it better

• Back around Christmas researchers found a backdoor in 24 different models of routers from Cisco, Linksys, Netgear and Diamond. The backdoor gave an attacker who knew about the flaw a full root shell on the router, and allowed them to dump the entire config, and make changes to the configuration
• This could allow an attacker to get inside your network by forwarding ports etc, but also conduct a Man-in-the-Middle attack by changing the DNS resolvers on your router to be malicious ones that would direct your traffic to the wrong location
• Shortly there after, Netgear released updated firmware from the vendor (sercomm)
• When the researchers dissected the firmware, they found that the backdoor was still there, but was only listening on a UNIX domain socket, inaccessible from the network
• However, they found that in specific circumstances, the backdoor will be reenabled
• If the router receives a specially crafted ethernet frame, it will reenable the backdoor via TCP
• They also found additional capabilities, including the ability to change query the router for its MAC access, change the LAN IP address, or cause different LED lights on the modem
• Since this requires a specially crafted ethernet frame, it can only be sent from 1 hop away
• This means that the backdoor can only be enabled from the local LAN or WLAN, or by the ISP
• A number of the features of this ‘backdoor’ would appear to be useful to an ISP, querying data from the routers and reprogramming them etc
• However the negative security aspects outweigh all of the gain
• Researcher PDF

Fine grain Cross-VM Attacks on Xen and VMware

• Researchers from Worcester Polytechnic Institute have published new research showing the cloud services may be vulnerable
• “we show that AES in a number popular cryptographic libraries including OpenSSL, PolarSSL and Libgcrypt are vulnerable to Bernstein’s correlation attack when run in Xen and VMware (bare metal version) VMs, the most popular VMs used by cloud service providers (CSP) such as Amazon and Rackspace. We also show that the vulnerability persists even if the VMs are placed on different cores in the same machine. The results of this study shows that there is a great security risk to AES and (data encrypted under AES) on popular cloud services.”
• Use a separate machine for each client, although this basically breaks the entire purpose of ‘the cloud’
• Using AES-NI mitigates the attack entirely, however many clouds still use older machines that do not support AES-NI
• Newer versions of the various libraries seem to mitigate the attack against the last round of crypto, but are still susceptible during the first round
• The researchers suggest using AES256 instead of AES128 because 256 uses 14 rounds to 128’s 10

Feedback:

• RE: Brett bare metal backup

• Question for System Network Administration Experts

• Forking OpenSSL is bad

• Tricky home printing scenario

• Follow Up: Arch ZFS readonly issue // Slexy 2.0

Round Up:

• Chrome Extension Stealing Bitcoins
• Mozilla offers $10,000 bounty for bugs to incentivize auditing of the new certificate verification library before it ships with a future version of Firefox
• Tech Titans Launch \’Core Infrastructure Initiative\’ to Secure Key Open Source Components
• Cisco proposed RFC 3924 – Architecture for Lawful Intercept in IP Networks
  
• Google Offered to Help Samsung in its Patent Battles with Apple
• The design flaw that almost wiped out an NYC skyscaper – a lesson in responsible engineering
• F.C.C., in a Shift, Backs Fast Lanes for Web Traffic
• Vulnerability in Netsupport Manager could allow attackers to steal data
• Verizon’s Data Breach Investigations Report reveals that the most common cause of data breaches is weak credentials
• DDoS attacks increasingly being used to cover up or distract from theft and fraud

The post Intentional Backdoor | TechSNAP 159 first appeared on Jupiter Broadcasting.

We\’ve got some great news for OpenBSD, as well as the scoop on FreeBSD 10.0-RELEASE – yes it\’s finally here! We\’re gonna talk to Colin Percival about running FreeBSD 10 on EC2 and lots of other interesting stuff. After that, we\’ll be showing you how to do some bandwidth monitoring and network performance testing in a combo tutorial. We\’ve got a round of your questions and the latest news, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

FreeBSD 10.0-RELEASE is out

• The long awaited, giant release of FreeBSD is now official and ready to be downloaded
• One of the biggest releases in FreeBSD history, with tons of new updates
• Some features include: LDNS/Unbound replacing BIND, Clang by default (no GCC anymore), native Raspberry Pi support and other ARM improvements, bhyve, hyper-v support, AMD KMS, VirtIO, Xen PVHVM in GENERIC, lots of driver updates, ZFS on root in the installer, SMP patches to pf that drastically improve performance, Netmap support, pkgng by default, wireless stack improvements, a new iSCSI stack, FUSE in the base system… the list goes on and on
• Start up your freebsd-update or do a source-based upgrade right now!

OpenSSH 6.5 CFT

• Our buddy Damien Miller announced a Call For Testing for OpenSSH 6.5
• Huge, huge release, focused on new features rather than bugfixes (but it includes those too)
• New ciphers, new key formats, new config options, see the mailing list for all the details
• Should be in OpenBSD 5.5 in May, look forward to it – but also help test on other platforms!
• We\’ll talk about it more when it\’s released

DIY NAS story, FreeNAS 9.2.1-BETA

• Another new blog post about FreeNAS!
• \”I did briefly consider suggesting nas4free for the EconoNAS blog, since it’s essentially a fork off the FreeNAS tree but may run better on slower hardware, but ultimately I couldn’t recommend anything other than FreeNAS\”
• Really long article with lots of nice details about his setup, why you might want a NAS, etc.
• Speaking of FreeNAS, they released 9.2.1-BETA with lots of bugfixes

OpenBSD needed funding for electricity.. and they got it

• Briefly mentioned at the end of last week\’s show, but has blown up over the internet since
• OpenBSD in the headlines of major tech news sites: slashdot, zdnet, the register, hacker news, reddit, twitter.. thousands of comments
• They needed about $20,000 to cover electric costs for the server rack in Theo\’s basement
• Lots of positive reaction from the community helping out so far, and it appears they have reached their goal and got $100,000 in donations
• From Bob Beck, \”we have in one week gone from being in a dire situation to having a commitment of approximately $100,000 in donations to the foundation\”
• This is a shining example of the BSD community coming together, and even the Linux people realizing how critical BSD is to the world at large

This episode was brought to you by

Interview – Colin Percival – cperciva@freebsd.org / @twitter

FreeBSD on Amazon EC2, backups with Tarsnap, 10.0-RELEASE, various topics

Tutorial

Bandwidth monitoring and testing

News Roundup

pfSense talk at Tokyo FreeBSD Benkyoukai

• Isaac Levy will be presenting \”pfSense Practical Experiences: from home routers, to High-Availability Datacenter Deployments\”
• He\’s also going to be looking for help to translate the pfSense documentation into Japanese
• The event is on February 17, 2014 if you\’re in the Tokyo area

m0n0wall 1.8.1 released

• For those who don\’t know, m0n0wall is an older BSD-based firewall OS that\’s mostly focused on embedded applications
• pfSense was forked from it in 2004, and has a lot more active development now
• They switched to FreeBSD 8.4 for this new version
• Full list of updates in the changelog
• This version requires at least 128MB RAM and a disk/CF size of 32MB or more, oh no!

Ansible and PF, plus NTP

• Another blog post from our buddy Michael Lucas
• There\’ve been some NTP amplification attacks recently in the news
• The post describes how he configured ntpd on a lot of servers without a lot of work
• He leverages pf and ansible for the configuration
• OpenNTPD is, not surprisingly, unaffected – use it

ruBSD videos online

• Just a quick followup from a few weeks ago
• Theo and Henning\’s talks from ruBSD are now available for download
• There\’s also a nice interview with Theo

PCBSD weekly digest

• 10.0-RC4 images are available
• Wine PBI is now available for 10
• 9.2 systems will now be able to upgrade to version 10 and keep their PBI library

Feedback/Questions

• Sha\’ul writes in: https://slexy.org/view/s2WQXwMASZ
• Kjell-Aleksander writes in: https://slexy.org/view/s2H0FURAtZ
• Mike writes in: https://slexy.org/view/s21eKKPgqh
• Charlie writes in (and gets a reply): https://slexy.org/view/s21UMLnV0G
• Kevin writes in: https://slexy.org/view/s2SuazcfoR

Contest

• We\’ll be giving away a handmade FreeBSD pillow – yes you heard right
• All you need to do is write a tutorial for the show
• Submit your BSD tutorial write-ups to feedback@bsdnow.tv
• Check bsdnow.tv/contest for all the rules, details, instructions and a picture of the pillow.

• All the tutorials are posted in their entirety at bsdnow.tv
• The poudriere tutorial got a couple fixes and modernizations
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• Stop commenting on the Jupiterbroadcasting pages and Youtube! We don\’t read those!
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)

The post Tendresse for Ten | BSD Now 21 first appeared on Jupiter Broadcasting.

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

OpenBSD automatic installation

• A CFT (call for testing) was posted for OpenBSD’s new automatic installer process
• Using this new system, you can spin up fully-configured OpenBSD installs very quickly
• Allows you to PXE boot the system and load the answer file via HTTP by each machines MAC address, with fallback to a default config file
• It will answer all the questions for you and can put files into place and start services
• Great for large deployments, help test it and report your findings

FreeNAS install guide and blog posts

• A multipart series on YouTube about installing FreeNAS
• In part 1, the guy (who is possibly Dracula, with his very Transylvanian accent..) builds his new file server and shows off the hardware
• In part 2, he shows how to install and configure FreeNAS, uses IPMI, sets up his pools
• He pronounces gigabytes as jiggabytes and it’s hilarious
• We’ve also got an unrelated blog post about a very satisfied FreeNAS user who details his setup
• As well as another blog post from our old pal Devin Teske about his recent foray into the FreeNAS development world

FreeBSD 10.0-RC5 is out

• Another, unexpected RC is out for 10.0
• Includes an ABI change, you must recompile/reinstall all ports/packages if you are upgrading from a previous 10.0-RC
• Minor fixes included, please help test and report any bugs
• You can update via freebsd-update or from source
• Hopefully this will be the last one before 10.0-RELEASE, which has tons of new features we’ll talk about
• It’s been tagged -RELEASE in SVN already too!

OpenBSD 5.5-beta is out

• Theo updated the branch status to 5.5-beta
• A list of changes is available
• Help test and report any bugs you find
• Lots of rapid development with signify (which we mentioned last week), the beta includes some “test keys”
• Does that mean it’ll be part of the final release? We’ll find out in May.. or when we interview Ted (soon)

This episode was brought to you by

iX doesn’t just make big servers for work, they also make little servers for home. The FreeNAS Mini is a compact little rig that will take up to 4 drives and makes a great home storage server.

Interview – Neel Natu & Peter Grehan – neel@freebsd.org & grehan@freebsd.org

BHyVe – the BSD hypervisor
+ Could you tell us a bit about yourselves and how you first got into BSD?
+ What’s your current roles in the FreeBSD project, and how did you get there?
+ What exactly is bhyve and how did the project get started?
+ What is the current status of bhyve? What guest OSes are supported?
+ What bugs remain when running different guest OSs?
+ How is support for AMD hardware virtualization progressing?
+ Is there any work on supporting older hardware that does not have EPT?
+ What will it take to be able to boot FreeBSD root-on-zfs inside bhyve?
+ Any progress on a ‘vfs hack’ to mount/passthru a file system (zfs dataset?) from the host to the guest, a la Jails?
+ How is the performance? How does the network performance compare to alternatives? How much benchmarking has been done?
+ What features have been added recently? (nmdm etc)
+ When is VGA support planned?
+ When might we see Windows (server) as a guest? What else would be required to make that happen?
+ What features are you planning for the future? How far do you plan to take bhyve (snapshots, live migration etc)

Tutorial

Virtualization with bhyve

News Roundup

Hostname canonicalisation in OpenSSH

• Blog post from our friend Damien Miller
• This new feature allows clients to canonicalize unqualified domain names
• SSH will know if you typed “ssh bsdnow” you meant “ssh bsdnow.tv” with new config options
• This will help clean up some ssh configs, especially if you have many hosts
• Should make it into OpenSSH 6.5, which is “due really soon”

Dragonfly on a Chromebook

• Some work has been done by Matthew Dillon to get DragonflyBSD working on a Google Chromebook
• These couple of posts detail some of the things he’s got working so far
• Changes were needed to the boot process, trackpad and wifi drivers needed updating…
• Also includes a guide written by Dillon on how to get yours working

Spider in a box

• “Spiderinabox” is a new OpenBSD-based project
• Using a combination of OpenBSD, Firefox, XQuartz and VirtualBox, it creates a secure browsing experience for OS X
• Firefox runs encapsulated in OpenBSD and doesn’t have access to OS X in any way
• The developer is looking for testers on other operating systems!

PCBSD weekly digest

• PCBSD 10 has entered into the code freeze phase
• They’re focusing on fixing bugs now, rather than adding new features
• The update system got a lot of improvements
• PBI load times reduced by up to 40%! what!!!

Feedback/Questions

• Scott writes in: https://slexy.org/view/s25zbSPtcm
• Chris writes in: https://slexy.org/view/s2EarxbZz1
• SW writes in: https://slexy.org/view/s2MWKxtWxF
• Ole writes in: https://slexy.org/view/s20kzex2qm
• Gertjan writes in: https://slexy.org/view/s2858Ph4o0

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)
• Reminder: OpenBSD still really needs funding for electricity – if you know a company that can help, please contact Theo or the foundation
• Reminder: NYCBSDCon February 8th – The BSDs in Production
• Reminder: Our tutorial contest is going until the end of this month, check bsdnow.tv/contest for info and rules, win a cool BSD pillow!

The post Bhyve Mind | BSD Now 20 first appeared on Jupiter Broadcasting.

On this week\’s show, you\’ll be getting the full jail treatment. We\’ll show you how to create and deploy BSD jails, as well as chatting with Poul-Henning Kamp – the guy who actually invented them! There\’s lots of interesting news items to cover as well.

So stay tuned to BSD Now – the place to B.. SD.

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

FreeBSD turns it up to 11

• The -CURRENT branch is now known as 11
• 10 has been branched to -STABLE
• 10-BETA1 ISOs are available now
• Will be the next -RELEASE, probably next year

Stopping the SSH bruteforce with OpenBSD and pf

• The Hail Mary Cloud is an SSH bruteforce botnet that takes a different approach
• While most botnets pound port 22 rapidly, THMB does it very slowly and passively
• This makes prevention based on rate limiting more involved and complex
• Nice long blog post about some potential solutions and what we\’ve learned

ZFS and GELI in bsdinstall coming soon

• The man with the beard strikes again, new patch allows for ZFS-on-root installs
• Supports GELI for disk encryption
• Might be the push we need to make Michael W Lucas update his FreeBSD book

AsiaBSDCon 2014 announced

• Will be held in Tokyo, 13-16 March, 2014
• The conference is for anyone developing, deploying and using systems based on FreeBSD, NetBSD, OpenBSD, DragonFlyBSD, Darwin and Mac OS X
• Call for papers can be found here

Interview – Poul-Henning Kamp – phk@freebsd.org / @bsdphk

FreeBSD beginnings, md5crypt, jails, varnish and his… telescope project?

Tutorial

Everything you need to know about Jails

• Last week we showed you how to run VNC in a jail, but people asked \”how do I make a jail in the first place?\”
• This time around, we\’ll show you how to do exactly that
• Jails are a dream come true for both security experts and clean freaks, keeping everything isolated
• We\’ll be using the ezjail utility and making a basic jail setup

News Roundup

New pf queue system

• Henning Brauer committed the new kernel-side bandwidth shaping subsystem
• Uses the HFSC algorithm behind the scenes
• ALTQ to be retired \”in a release or two\” – everyone should migrate soon

Dragonfly imports FreeBSD KMS driver

• Hot on the trails of OpenBSD and later FreeBSD, Dragonfly gets AMD KMS
• Ported over from the FreeBSD port

Weekly PCBSD feature digest

• Weekly status update every Friday
• Will be a \”highlight of what important features have been added, what major bugs have been fixed, and what is presently going on in general with the project.\”

Get paid to hack OpenSSH

• Google has announced they will pay up to $3113.70 for security patches to OpenSSH
• Patches can fix security or improve security
• If you come up with something, send it to the OpenSSH guys

Feedback/Questions

• Darren writes in: https://slexy.org/view/s24RmwvEvE
• Kjell-Aleksander writes in: https://slexy.org/view/s2wFcFk9Yz
• Ryan writes in: https://slexy.org/view/s23e920gNG
• Alexander writes in: https://slexy.org/view/s2usxPqO9k

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, etc to feedback@bsdnow.tv
• We don’t check YouTube comments, JB comments, Reddit, etc. If you want us to see it, send it via email (the preferred way) or Twitter (also acceptable)
• Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post Go Directly to Jail(8) | BSD Now 7 first appeared on Jupiter Broadcasting.

After returning from a successful EuroBSDCon in Malta, we\’re back to get you caught up on all the latest news! We\’ve got stories, interviews and a special treat for OpenBSD fans later in the show. All that and more on this week\’s BSD Now, the place to B.. SD.

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

FreeBSD 9.2 released

• FreeBSD 9.2-RELEASE is finally out
• Highlights include ZFS TRIM and LZ4 support, virtio drivers, dtrace and OpenSSH updates as well as lots of driver improvements
• Will be supported until 2014-09-30
• Get out there and freebsd-update or buildworld!

Four new NetBSD releases

• NetBSD 5.2 and 5.1 branches get security and bugfix updates
• The 6.1 and 6.0 branches were updated soon after, also with security updates and bug fixes
• Check the show notes for the full changelog

BIND being replaced by unbound in FreeBSD

• Most FreeBSD users are familiar with BIND from the security notifications
• It has has many vulnerabilities over the years, and we’ll finally be rid of it
• Being replaced with unbound and ldns, everyone rejoices
• As of September 24th, BIND is no longer built by default
• As of September 30th, BIND was completely removed
• Includes an easy to use script for local DNS
• OpenBSD also has unbound in base, but it\’s not built by default yet

DragonflyBSD future plans

• An announcement was posted that details some possible plans for Dragonfly
• dports (their version of FreeBSD ports) will be switching to GCC 4.7
• i915 support is probably going to be in version 3.6
• Work is being done on HAMMER 2, but it won\’t make it to 3.6
• 3.6 is also likely going to ditch pkgsrc as the default in favor of dports, due to a hugely positive reaction from the community

FreeBSD ports get Stack Protector support

• Some portsnap users noticed a massive sweep of every port being updated
• Shortly after, stack protector support was announced by Bryan Drewery
• Only works on i386 and AMD64 on FreeBSD 10 and AMD64 on 9
• Hopefully will become the default, but needs to go through some testing and exp-runs

EuroBSDCon 2013 wrap-up chat

• BSD Now is back from EuroBSDCon with lots of stories
• We picked up an OpenBSD 5.4 CD set at EuroBSDCon, before the official release
• We\’ll give a little showcase of what\’s inside, they put a lot of effort into it
• Comes with the OS, source code, stickers, music, cool other stuff
• Consider supporting the OpenBSD project

Interview

Kirk McKusick

Tutorial

Faster recompiles with ccache and RAM disks

• Rebuilding ports can be sped up with ccache
• RAM disk eliminates disk I/O bottlenecks
• poudriere uses both of these to speed up binary package builds

News Roundup

List of vBSDCon speakers posted

• Registration will be open until October 23rd
• Presentations covering FreeBSD, OpenBSD, FreeNAS and others

Xen PVHVM added to GENERIC

• It\’s now possible to run FreeBSD 10 under Xen with the GENERIC kernel
• freebsd-update will work now
• With FreeBSD 10 ALPHA 4 just being released, should be interesting
• We should call the new kernel \”XENERIC\”

Dragonfly AMD KMS port

• A Dragonfly user has started porting the new FreeBSD AMD KMS driver
• Still a work in progress, asking for help from the community

NetBSD gets an nVidia driver

• NetBSD gets a preliminary nVidia driver
• So far only supports the GeForce 2MX, so not a lot of use just yet
• No acceleration yet, but it\’s a start

FreeBSD cracks the top 10 on DistroWatch

• Over the last year FreeBSD has steadily moved up the rankings from #18 to #10
• Increasing from an average of 570 to 779 hits per day
• Surpassed CentOS, Puppy Linux and Slackware

Feedback/Questions

• Charlie writes in with a lot of questions: https://slexy.org/view/s21jRKf7lp
• Kjell-Aleksander writes in: https://slexy.org/view/s2M0OKmxMK
• Stefen writes in: https://slexy.org/view/s2YlVuhhUa
• Sichendra writes in: https://slexy.org/view/s2P7KtE5x2

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, etc to feedback@bsdnow.tv
• We don’t check YouTube comments, JB comments, Reddit, etc. If you want us to see it, send it via email (the preferred way) or Twitter (also acceptable)
• Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post Stacks of Cache | BSD Now 5 first appeared on Jupiter Broadcasting.

MySQL had a bad week, we’ll run down the list of the recently disclosed vulnerabilities, the SSH server that allows an attacker full root access, and a GPU password cracking monster.

Plus a big batch of your questions, and so much more!

Thanks to:

Use our code tech295 to get a .COM for $2.95.

Something else in mind? use go20off5 to save 20% on your entire order!

$4.99 SSL certificates, just use our code 499ssl2. Expires 12-31-12!

Pick your code and save:
techsnap7: $7.49 .com
techsnap10: 10% off
techsnap11: $1.99 hosting for the first 3 months
techsnap20: 20% off 1, 2, 3 year hosting plans
techsnap40: $10 off $40
techsnap25: 25% off new Virtual DataCenter plans
techsnapx: 20% off .xxx domains

 

Support the Show:

   

Support the Show: