zol – Jupiter Broadcasting

Five people have been charged as part of an identity theft ring in which bank tellers used personal information about customers to withdraw a total of $850,000 from numerous accounts over the course of several years.
The tellers used customer information to create fake driver’s licenses and checks to gain access to accounts
“The victims were customers at several of banks in the region, including JPMorgan Chase and Bank of America locations in the Bronx, White Plains and Yonkers”
“The banks reimbursed the customers whose accounts were affected”
The five defendants were each charged with grand larceny, identity theft and scheme to defraud. Four of the five have already been arrested, while the fifth is from Florida and is currently being sought by the New York State Attorney’s office
The three women involved in the scheme worked as tellers at a TD Bank in Apollo Beach, Fla., a Bank of America in White Plains, a JPMorgan Chase in White Plains, and a Wachovia (now Wells Fargo), in Newburgh, N.Y.”
How do you maintain security when it is the people who are supposed to enforce that security that are stealing the information?

Hacked Brazillian news site targets router dns settings

In an attack we practically predicted on a previous TechSNAP…
The website of Politica Estadao (one of the biggest newspapers in Brazil) was compromised
The pages had a series of iframes injected, which basically carried out a simple brute-force attack against the admin credentials of common routers
“Five domains and nine DNS servers were found in this attack hosting bank phishing sites“
“The payload was trying the user admin, root, gvt and a few other usernames, all using the router default passwords,”
“Hackers are well aware of the shortcomings of home and small business routers, most of which are woefully shy of appropriate patching levels, and are likely protected only by a default or weak password“
“At the DEF CON conference last month, the SOHOpelessly Broken contest enumerated the security issues around SOHO routers. Fifteen zero-day vulnerabilities were disclosed and demonstrated during the contest, leading to seven full router compromises and another attack that could have led to corruption of the internal network.“
Watch your browser disclose your local network configuration
Additional Coverage: Sucuri
Additional Coverage: SecureList
Previous Coverage: TechSNAP 86
Previous Coverage: TechSNAP 106

Feedback:

Round Up:

The post Pixel Imperfect Security | TechSNAP 180 first appeared on Jupiter Broadcasting.

Edgy BSD Users | BSD Now 31

chris — Thu, 03 Apr 2014 21:02:03 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

This week we\’ll be talking to Richard Stallman about the upcoming GPLv4 and how it will protect our software from being stolen. After that, we\’ll show you how to recover from those pesky ZFS on Linux corruption issues, as well as some tips on how to explain to your boss that all the production boxes were compromised. Your questions and all the latest GNUs, on Linux Now – the place to Lin.. ux.

Thanks to:

Direct Download:

RSS Feeds:

– Show Notes: –

Headlines

Preorders for cool BSD stuff

The 2nd edition of The Design and Implementation of the FreeBSD Operating System is up for preorder
We talked to GNN briefly about it, but he and Kirk have apparently finally finished the book
\”For many years, The Design and Implementation of the FreeBSD Operating System has been recognized as the most complete, up-to-date, and authoritative technical guide to FreeBSD\’s internal structure. Now, this definitive guide has been extensively updated to reflect all major FreeBSD improvements between Versions 5 and Versions 11\”
OpenBSD 5.5 preorders are also up, so you can buy a CD set now
You can help support the project, and even get the -release of the OS before it\’s available publicly
5.5 is a huge release with lots of big changes, so now is the right time to purchase one of these – tell Austin we sent you!

pkgsrcCon 2014 CFP

This year\’s pkgsrcCon is in London, on June 21st and 22nd
There\’s a Call For Papers out now, so you can submit your talks
Anything related to pkgsrc is fine, it\’s pretty informal
Does anyone in the audience know if the talks will be recorded? This con is relatively unknown

BSDMag issue for March 2014

The monthly BSD magazine releases its newest issue
Topics this time include: deploying NetBSD using AWS EC2, creating a multi-purpose file server with NetBSD, DragonflyBSD as a backup server, more GIMP lessons, network analysis with wireshark and a general security article
The Linux article trend seems to continue… hmm

Non-ECC RAM in FreeNAS

We\’ve gotten a few questions about ECC RAM with ZFS
Here we\’ve got a surprising blog post about why someone did not go with ECC RAM for his NAS build
The article mentions the benefits of ECC and admits it is a better choice in nearly all instances, but unfortunately it\’s not very widespread in consumer hardware motherboards and it\’s more expensive
Regular RAM also has \”special\” issues with ZFS and pool corruption
Long post, so check out the whole thing if you\’ve been considering your memory options and weighing the benefits
While we\’re on the topic of FreeNAS…

This episode was brought to you by

Interview – Pierre Pronchery – khorben@edgebsd.org / @khorben

EdgeBSD (slides)

Tutorial

Building an OpenBSD desktop

News Roundup

Getting to know your portmgr-lurkers

This week we get to hear from Frederic Culot, colut@
Originally an OpenBSD user from France, Frederic joined as a ports committer in 2010 and recently joined the portmgr lurkers team
\”FreeBSD is also one of my sources of inspiration when it comes to how
organizations behave and innovate, and I find it very interesting to compare FreeBSD with
the for-profit companies I work for\”
We get to find out a little bit about him, why he loves FreeBSD and what he does for the project

NetBSD on the Playstation 2

Who doesn\’t want to run NetBSD on their old PS2?
The PS2 port of NetBSD was sadly removed in 2009, but it has been revived
It\’s using a slightly unusual MIPS CPU that didn\’t have much GCC support
Hopefully a bootable kernel will be available soon

The FreeBSD Challenge update

Our friend from the Linux Foundation continues his FreeBSD switching journey
This time he starts off by discovering virtual machines suck at keeping accurate time, and some ports weren\’t working because of his clock being way off
After polling the IRC for help, he finally learns the difference between ntpdate and ntpd and both of their use cases
Maybe he should\’ve just read our NTP tutorial!

PCBSD weekly digest

The mount tray icon got lots of updates and fixes
The faulty distribution server has finally been tracked down and… destroyed
New language localization project is in progress
Many many updates to ports and PBIs, new -STABLE builds

Feedback/Questions

All the tutorials are posted in their entirety at bsdnow.tv
Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
If you\’ve got something cool to talk about and want to come on for an interview, shoot us an email
Also if you have any tutorial requests, we\’d be glad to show whatever the viewers want to see
Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post Edgy BSD Users | BSD Now 31 first appeared on Jupiter Broadcasting.

Time Signatures | BSD Now 23

chris — Thu, 06 Feb 2014 22:08:15 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

We\’ll be talking with Ted Unangst of the OpenBSD team about their new signing infrastructure. After that, we\’ve got a tutorial on how to run your own NTP server. News, your feedback and even… the winner of our tutorial contest! It\’s a big show, so stay tuned to BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

RSS Feeds:

– Show Notes: –

Headlines

FreeBSD foundation\’s 2013 fundraising results

The FreeBSD foundation finally counted all the money they made in 2013
$768,562 from 1659 donors
Nice little blog post from the team with a giant beastie picture
\”We have already started our 2014 fundraising efforts. As of the end of January we are just under $40,000. Our goal is to raise $1,000,000. We are currently finalizing our 2014 budget. We plan to publish both our 2013 financial report and our 2014 budget soon.\”
A special thanks to all the BSD Now listeners that contributed, the foundation was really glad that we sent some people their way (and they mentioned us on Facebook)

OpenSSH 6.5 released

We mentioned the CFT last week, and it\’s finally here!
New key exchange using elliptic-curve Diffie Hellman in Daniel Bernstein\’s Curve25519 (now the default when both clients support it)
Ed25519 public keys are now available for host keys and user keys, considered more secure than DSA and ECDSA
Funny side effect: if you ONLY enable ed25519 host keys, all the compromised Linux boxes can\’t even attempt to login
New bcrypt private key type, 500,000,000 times harder to brute force
Chacha20-poly1305 transport cipher that builds an encrypted and authenticated stream in one
Portable version already in FreeBSD -CURRENT, and ports
Lots more bugfixes and features, see the full release note or our interview with Damien
Work has already started on 6.6, which can be used without OpenSSL!

Crazed Ferrets in a Berkeley Shower

In 2000, MWL wrote an essay for linux.com about why he uses the BSD license: \”It’s actually stood up fairly well to the test of time, but it’s fourteen years old now.\”
This is basically an updated version about why he uses the BSD license, in response to recent idiocy from Richard Stallman
Very nice post that gives some history about Berkeley, the basics of the BSD-style licenses and their contrast to the GNU GPL
Check out the full post if you\’re one of those people that gets into license arguments
The takeaway is \”BSD is about making the world a better place. For everyone.\”

OpenBSD on BeagleBone Black

Beaglebone Blacks are cheap little ARM devices similar to a Raspberry Pi
A blog post about installing OpenBSD on a BBB from.. our guest for today!
He describes it as \”everything I wish I knew before installing the newly renamed armv7 port on a BeagleBone Black\”
It goes through the whole process, details different storage options and some workarounds
Could be a really fun weekend project if you\’re interested in small or embedded devices

This episode was brought to you by

Interview – Ted Unangst – tedu@openbsd.org / @tedunangst

OpenBSD\’s signify infrastructure

Tutorial

Running an NTP server

News Roundup

Getting started with FreeBSD

A new video and blog series about starting out with FreeBSD
The author has been a fan since the 90s and has installed it on every server he\’s worked with
He mentioned some of the advantages of BSD over Linux and how to approach explaining them to new users
The first video is the installation, then he goes on to packages and other topics – 4 videos so far

More OpenBSD hackathon reports

As a followup to last week, this time Kenneth Westerback writes about his NZ hackathon experience
He arrived with two goals: disklabel fixes for drives with 4k sectors and some dhclient work
This summary goes into detail about all the stuff he got done there

X11 in a jail

We\’ve gotten at least one feedback email about running X in a jail Well.. with this commit, looks like now you can!
A new tunable option will let jails access /dev/kmem and similar device nodes
Along with a change to DRM, this allows full X11 in a jail
Be sure to check out our jail tutorial and jailed VNC tutorial for ideas
Ongoing Discussion

PCBSD weekly digest

10.0 \”Joule Edition\” finally released!
AMD graphics are now officially supported
GNOME3, MATE and Cinnamon desktops are available
PCBSD also got a mention in eweek

Feedback/Questions

Justin writes in: https://slexy.org/view/s21VnbKZsH
Daniel writes in: https://slexy.org/view/s2nD7RF6bo
Martin writes in: https://slexy.org/view/s2jwRrj7UV
Alex writes in: https://slexy.org/view/s201koMD2c
+ unofficial FreeBSD RPI Images
James writes in: https://slexy.org/view/s2AntZmtRU
John writes in: https://slexy.org/view/s20bGjMsIQ

All the tutorials are posted in their entirety at bsdnow.tv
The ssh tutorial has been updated with some new 6.5 stuff
Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)
Reminder: if you\’re on FreeBSD 8.3 for some reason, upgrade soon – it\’s reaching EOL
Reminder: if you\’re using pkgng, be sure to update to 1.2.6 for a security issue
The winner of the tutorial contest is… Dusko! We didn\’t get as many submissions as we wanted, but his Nagios monitoring tutorial was extremely well-done. It\’ll be featured in a future episode. Congrats! Send us a picture when it arrives.
Allan got his pillow in the mail as well, it\’s super awesome

The post Time Signatures | BSD Now 23 first appeared on Jupiter Broadcasting.

Zettabytes for Days | BSD Now 14

chris — Fri, 06 Dec 2013 12:17:54 +0000

This week is the long-awaited episode you\’ve been asking for! We\’ll be giving you a crash course on becoming a ZFS wizard, as well as having a chat with George Wilson about the OpenZFS project\’s recent developments. We have answers to your feedback emails and there are some great news items to get caught up on too, so stay tuned to BSD Now – the place to B.. SD.

Direct Download:

RSS Feeds:

– Show Notes: –

Headlines

pkgng 1.2 released

bapt and bdrewery from the portmgr team released pkgng 1.2 final
New features include an improved build system, plugin improvements, new bootstrapping command, SRV mirror improvements, a new \”pkg config\” command, repo improvements, vuXML is now default, new fingerprint features and much more
Really simple to upgrade, check our pkgng tutorial if you want some easy instructions
It\’s also made its way into Dragonfly
See the show notes for the full list of new features and fixes

ChaCha20 and Poly1305 in OpenSSH

Damien Miller recently committed support for a new authenticated encryption cipher for OpenSSH, chacha20-poly1305
Long blog post explaining what these are and why we need them
This cipher combines two primitives: the ChaCha20 cipher and the Poly1305 MAC
RC4 is broken, we needed an authenticated encryption mode to complement AES-GCM that doesn\’t show the packet length in cleartext
Great explanation of the differences between EtM, MtE and EaM and their advantages
\”Both AES-GCM and the EtM MAC modes have a small downside though: because we no longer desire to decrypt the packet as we go, the packet length must be transmitted in plaintext. This unfortunately makes some forms of traffic analysis easier as the attacker can just read the packet lengths directly.\”

Is it time to dump Linux and move to BSD

ITworld did an article about switching from Linux to BSD
The author\’s interest was sparked from a review he was reading that said \”I feel the BSD communities, especially the FreeBSD-based projects, are where the interesting developments are happening these days. Over in FreeBSD land we have efficient PBI bundles, a mature advanced file system in the form of ZFS, new friendly and powerful system installers, a new package manager (pkgng), a powerful jail manager and there will soon be new virtualization technology coming with the release of FreeBSD 10.0\”
The whole article can be summed up with \”yes\” – ok, next story!

OpenZFS devsummit videos

Kicking off the ZFS episode, we\’ve got…
The OpenZFS developer summit discussion and presentation videos are up
People from various operating systems (FreeBSD, Mac OS X, illumos, etc.) were there to discuss ZFS on their platforms and the challenges they faced
Question and answer session from representatives of every OS – had a couple FreeBSD guys there including one from the foundation
Presentations both about ZFS itself and some hardware-based solutions for implementing ZFS in production
TONS of video, about 6 hours\’ worth
This leads us into our interview, which is…

Interview – George Wilson – Soft Eng at Delphix – wilzun@gmail.com / @zfsdude

KM: Can you tell us a little about yourself how you first got involved with ZFS?
AJ: Which features have you worked on in the past?
KM: Which platform do you personally use ZFS on, and for what tasks?
AJ: So what exactly is the OpenZFS project about?
KM: What do you hope the future of OpenZFS will bring?
AJ: When are we going to see native encryption?
KM: Are there some new features you\’re currently hacking on?
AJ: Is there anything specific you\’d like to see added to ZFS in the future?
KM: How did the developer summit and hackathon go?
AJ: Where can people go to get involved with development, and what\’s currently needed?
KM: Anything else you\’d like to mention?

Tutorial

A crash course on ZFS

Everything you need to know to get acquainted with the world\’s most powerful filesystem on the world\’s most powerful OS
Includes both beginner and advanced topics

News Roundup

ruBSD 2013 information

The ruBSD 2013 conference will take place on Saturday December 14, 2013 at 10:30 AM in Moscow, Russia
Speakers include three OpenBSD developers, Theo de Raadt, Henning Brauer and Mike Belopuhov
Their talks are titled \”The bane of backwards compatibility,\” \”OpenBSD\’s pf: Design, Implementation and Future\” and \”OpenBSD: Where crypto is going?\”
No word on if there will be video recordings, but we\’ll let you know if that changes

DragonFly roadmap, post 3.6

John Marino posted a possible roadmap for DragonFly, now that they\’re past the 3.6 release
He wants some third party vendor software updated from very old versions (WPA supplicant, bmake, binutils)
Plans to replace GCC44 with Clang, but GCC47 will probably be the primary compiler still
Bring in fixes and new stuff from FreeBSD 10

BSDCan 2014 CFP

BSDCan 2014 will be held on May 16-17 in Ottawa, Canada
They\’re now accepting proposals for talks
If you are doing something interesting with a BSD operating system, please submit a proposal
We\’ll be getting lots of interviews there

casperd added to -CURRENT

\”It (and its services) will be responsible forgiving access to functionality that is not available in capability modes and box. The functionality can be precisely restricted.\”
Lists some sysctls that can be controlled

ZFS corruption bug fixed in -CURRENT

Just a quick follow-up from last week, the ZFS corruption bug in FreeBSD -CURRENT was very quickly fixed, before that episode was even uploaded

Feedback/Questions

Chris writes in: https://slexy.org/view/s2JDWKjs7l
SW writes in: https://slexy.org/view/s20BLqxTWD
Jason writes in: https://slexy.org/view/s2939tUOf5
Clint writes in: https://slexy.org/view/s21qKY6qIb
Chris writes in: https://slexy.org/view/s20LWlmhoK

The written versions of the Tor, jails and OpenBSD router tutorials have gotten a few small improvements and fixes
The poudriere and pkgng tutorials have been updated for the new 1.2 repository syntax
All the tutorials are posted in their entirety at bsdnow.tv, including today\’s HUGE ZFS one
Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
If you have stories about how you or your company uses BSD, interesting things you\’ve done, crazy network stories or cool projects, send them to us!
Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)
Kris\’ Skype video was coming straight from PCBSD this week!

The post Zettabytes for Days | BSD Now 14 first appeared on Jupiter Broadcasting.