Podcasts about Capsicum

When Portuguese traders arrived on India's western shores in the early 1500s, they brought more than religion, colonial ambition, and a lust for spice - they also carried with them a tiny, crimson fruit that would set Asia ablaze. In part two of their deep dive into the scorching history of chili peppers, John and Patrick trace the pepper's path across India, China, and Korea, where it would come to define cuisines, ignite revolutions, and even ward off evil spirits.From its humble beginnings in Goan gardens to the fiery markets of Guntur, from Sichuan's numbing heat to the fermented jars of kimchi on Seoul's rooftops, this episode follows the trail of Capsicum as it infiltrates empires and reshapes entire culinary traditions. Along the way, we'll meet Buddhist monks, Portuguese conquerors, imperial skeptics, Communist revolutionaries, and, of course, Wilbur Scoville—the mild-mannered American pharmacist who gave us a way to measure the madness.Join John and Patrick for the sizzling second act of this global saga—a tale of heat, history, and the humble pepper that conquered the world.----------In Sponsorship with Cornell University: Dyson Cornell SC Johnson College of Business-----------Join the History of Fresh Produce Club for ad-free listening, bonus episodes, book discounts and access to an exclusive chatroom community.Support us!Share this episode with your friendsGive a 5-star ratingWrite a review -----------Subscribe to our biweekly newsletter here for extra stories related to recent episodes, book recommendations, a sneak peek of upcoming episodes and more.-----------Instagram, TikTok, Threads:@historyoffreshproduceEmail: historyoffreshproduce@gmail.com

YFTer's, it's March but Wells can't stop thinking about summer. Can you blame him? WE WANT THE HEAT. The butts sticking to car seats, steering wheels hotter than Mercury, sweaty sweat kinda heat. But alas, it's March. Anyway, this week Wells takes issue with some seriously wild things flooding his social media - sassafras for eternal youth anyone? (no thanks), a South Carolina inmate chooses a literal firing squad as his final way to depart (WTF?), and TikTok tells us that a mother and daughter claim to have the same baby daddy (and are ok with that??). Meanwhile, in Traitors land, Danielle won, Gabby played everyone, and the reunion was kinda pointless. Wells is officially retiring from reality competition shows. Your girl Brand-eye is still obsessed with The Pitt pleading with Wells to finally watch it, while they both have a take on Running Point the new show with Kate Hudson. And lastly, listener voicemails were on point this week. Your hosts listen to call-ins about everything from Amish accents, Nashville live show memories, more new show reccos and some serious truth about Wells early Traitors exit. Damn we love you, YFTer's. Finally, Brandi reveals some HUGE news - she'll be playing The Sphere in LaLaLa Las Vegas with Kenny ‘Summer Heat' Chesney in May - get your tickets for the literal hottest show in town!!  Favorite Things Mentioned: The Pitt (!!!) White Lotus Season 3 Severance Season 2 Paradise Season 1  1923 Season 2 Running Point Daredevil When The Sun Goes Down by Kenny Chesney Thanks to our awesome sponsors for supporting this episode!  Mood: Get 20% off your first order at Mood.com/YFT with promo code YFT. Hungryroot: For a limited time get 40% off your first box PLUS get a free item in every box for life. Go to Hungryroot.com/yft and use code yft. Happy Mammoth: For a limited time get 15% off on your entire first order at happymammoth.com and use the code YFT. Article: Visit Article.com/yft for $50 off your first purchase of $100 or more Nutrafol: For a limited time, Nutrafol is offering YFT'ers $10 off your first month's subscription and free shipping when you go to Nutrafol.com and enter the promo code YFT10. Don't forget to rate, review, and follow Your Favorite Podcast! Plus, keep up with us between episodes on our Instagram pages, @yftpodcast @wellsadams and @brandicyrus and be sure to leave us a voicemail with your fave things at 858-630-1856!  This podcast is brought to you by Podcast Nation

Paprika und Chili werden Ende Januar, Anfang Februar vorgezogen. Was es beim Anbau zu beachten gibt und welche Sorten gut gedeihen, hat sich Kleingärtnerin Nadine Witt von Kerstin Scharf-Goldammer erklären lassen.

Security Audit of the Capsicum and bhyve Subsystems, ZFS on Linux and block IO limits show some limits of being out of the kernel, NetBSD on a ROCK64 Board, Domain Naming, BSDCan 2025 CFP, The Internet Gopher from Minnesota, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines Roundup Storage and Network Diagnostics (https://klarasystems.com/articles/winter_2024_roundup_storage_and_network_diagnostics/?utm_source=BSD%20Now&utm_medium=Podcast) Security Audit of the Capsicum and bhyve Subsystems (https://freebsdfoundation.org/wp-content/uploads/2024/11/2024_Code_Audit_Capsicum_Bhyve_FreeBSD_Foundation.pdf) News Roundup ZFS on Linux and block IO limits show some limits of being out of the kernel (https://utcc.utoronto.ca/~cks/space/blog/linux/ZFSOnLinuxVersusBlockIOLimits) NetBSD on a ROCK64 Board (https://simonevellei.com/blog/posts/netbsd-on-a-rock64-board/) Domain Naming (https://ambient.institute/domain-naming/) BSDCan 2025 CFP (https://www.bsdcan.org/2025/papers.html) The Internet Gopher from Minnesota (https://www.abortretry.fail/p/the-internet-gopher-from-minnesota) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Brendan - MinIO (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/594/feedback/Brendan%20-%20minio.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

In de buurt van Breda verbouwden drie broers van Syrische komaf  komkommers, paprika's en andere groenten in kassen met een oppervlakte van 56 hectare groot. Capsicum noemden ze het tuinbouwbedrijf, naar het geslacht waar paprika's en pepers onderdeel van zijn.  Net als veel tuinders kregen de broers in 2021 te maken met een oplopende gasprijs. De oudste broer zag een kans en ging speculeren met gas- en stroomcontracten die hij al had ingekocht voordat Rusland Oekraïne binnenviel. Dat liet de makelaar van die contracten, energiebedrijf Powerhouse, aanvankelijk gewoon gebeuren.  Na de inval van Rusland in Oekraïne steeg de gasprijs, terwijl Capsicum juist had gespeculeerd op een daling. De verliezen van het bedrijf stapelden zich vervolgens hoog op.   De bestuurders en adviseurs van Capsicum gaan vervolgens creatief aan de slag met alle bezittingen van het bedrijf. De broers tuigen een constructie op waarmee ze hun bedrijf én hun schulden zo verhangen dat het bij een toekomstig faillissement moeilijk wordt voor een curator om zeggenschap te krijgen over de boedel.   Powerhouse vertrouwt het niet en vraagt net op tijd het faillissement aan van Capsicum. Op 29 november 2022 wordt het faillissement uitgesproken en gaat curator Mathieu Souren van Hoens & Souren Advocaten aan de slag, maar dat is niet makkelijk. De kassen worden namelijk gepacht door weer een andere partij, een stroman van de boers. Aan Souren de taak om de het bedrijf te doorgronden, de macht over de boedel te veroveren en ondertussen ook nog miljoenen komkommers en paprika's te verkopen.     Onder curatoren  Niet elk ondernemersavontuur eindigt met een notering in de Quote 500, niet elk bedrijf overleeft een flinke crisis, niet elke onderneming weet het financiële spel goed te spelen. En als alles misgaat, als de chaos regeert en schuldeisers aan de poort rammelen, dan breekt het tijdperk van de curator aan.   In deze serie praten financieel journalisten Elisa Hermanides en Thomas van Zijl over onvergetelijke faillissementen met curatoren, de puinruimers van het bedrijfsleven. Abonneer je om elke twee weken op vrijdag een nieuwe aflevering te krijgen. Of luister vrijdag om 13.00 naar BNR.    Redactie: Jochem Visser / Vormgeving: Gijs Friesen en Connor Clerx / Audiobewerking: Wesley Schouwenaars / Artwork: FDMG | Milja Oortwijn / Eindredactie: Elisa Hermanides / Met dank aan: Wendy Beenakker en Sharine de Rooij   See omnystudio.com/listener for privacy information.

In de buurt van Breda verbouwden drie broers van Syrische komaf komkommers, paprika's en andere groenten in kassen met een oppervlakte van 56 hectare groot. Capsicum noemden ze het tuinbouwbedrijf, naar het geslacht waar paprika's en pepers onderdeel van zijn.

A virus which affects capsicum and tomato production has re-emerged, prompting calls for farmers to ramp up biosecurity efforts. Tomato Brown Rugose Fruit Virus can reduce crop yields by up to 70-percent -- it can only be controlled by destroying infected plants. Rural reporter Sophie Clarke caught up with CropLife Australia chief executive Matthew Cossey to discuss the issue.See omnystudio.com/listener for privacy information.

Exotic plant virus Tomato Brown Rugose detected on a third property north of Adelaide, dairy giant Saputo to shut its iconic King Island Dairy in the middle of next year, and China launches a probe into Canadian canola imports.

An exotic plant virus that affects tomatoes, capsicums and chillies detected for the first time in Australia, north of Adelaide, the rural property market cools off after some bumper years for sales and values, and an extra nervous pollination season for SA beekepeers keen to keep the varroa mite out of our state.

Roelf Schreuder is the production director at New Zealand Gourmet and he joins Emile Donovan to explain.

Today's Sponsor: Robinhoodhttp://thisistheconversationproject.com/robinhood      Today's Rundown:Ben Affleck & Jennifer Lopez's Alleged Divorce Papers Suggest They Have No Plans for a Messy Splithttps://www.yahoo.com/entertainment/ben-affleck-jennifer-lopezs-alleged-174628129.html      UK leader Starmer condemns attack on asylum-seeker hotel as far-right violence spreadshttps://apnews.com/article/uk-protests-far-right-children-stabbed-police-2de808d796f81f719950acb4ea6f0af5   Wesley Snipes Nabs Guinness World Records with Blade Reappearancehttps://gizmodo.com/wesley-snipes-blade-deadpool-3-world-record-2000482467   Simone Biles not ruling out 2028 Olympic Games in Los Angeleshttps://www.nbcnews.com/news/sports/simone-biles-not-ruling-2028-olympic-games-los-angeles-never-say-never-rcna165010  More US schools are taking breaks for meditation as teachers say it helps students' mental healthhttps://apnews.com/article/back-to-school-mental-health-mindfulness-5f73bbd3324ad4e9e9723b5c49fa1616 Walgreens and CVS tinker with new looks as their usual way of doing business faces challengeshttps://apnews.com/article/cvs-walgreens-mini-drugstores-clinics-a62ee2422fb8178975b514e5b618ebe1 Pumpkin Spice is already on the menu — in Augusthttps://nypost.com/2024/08/02/lifestyle/pumpkin-spice-is-already-on-the-menu-in-august/‘SNL' star Punkie Johnson says she's leaving show after 4 seasons during NYC comedy gighttps://nypost.com/2024/08/02/entertainment/snl-castmember-punkie-johnson-says-shes-leaving-during-comedy-show-ahead-of-50th-season/ Haliey Welch Files For Several Head-Scratching Trademarks After “Hawk Tuah” Famehttps://www.totalprosports.com/general/haliey-welch-files-for-several-head-scratching-trademarks-after-hawk-tuah-fame/  RFK Jr. admits putting dead bear cub and old bicycle in New York City's Central Park nearly 10 years agohttps://www.cbsnews.com/news/rfk-jr-admits-dead-bear-cub-old-bicycle-central-park-10-years-ago/   Website: http://thisistheconversationproject.com  Facebook: http://facebook.com/thisistheconversationproject  Twitter: http://twitter.com/th_conversation  TikTok: http://tiktok.com/@theconversationproject  YouTube: http://thisistheconversationproject.com/youtube  Podcast: http://thisistheconversationproject.com/podcasts  ONE DAY OLDER ON AUGUST 5:Maureen McCormick (68)James Gunn (58)Jesse Williams (43)   WHAT HAPPENED TODAY:2009: A study revealed that the French spend more time at the table and in bed than other nations.2013: The Washington Post was purchased by Amazon.com CEO Jeff Bezos.2023: A brawl erupted at the riverfront dock in Montgomery, Alabama, after a dispute over a dockside parking spot between the co-captain of the Harriott II riverboat and the occupants of a private boat. The altercation, which had racial undertones and involved multiple people, gained significant media attention and led to several arrests and charges.  WORD OF THE DAY: requisite [ rek-wuh-zit ]https://www.dictionary.com/browse/requisite    required or necessary for a particular purpose, position, etc    The requisite qualifications for this job include both a degree in marketing and experience in digital advertising.   DAILY AFFIRMATION: Every Day, I Grow Stronger And More Resilient.Positive Mindset Reinforcement: This affirmation encourages a positive outlook, reinforcing the belief that challenges contribute to personal strength and resilience, making you more optimistic and proactive in facing life's challenges.https://www.amazon.com/100-Daily-Affirmations-Positivity-Confidence/dp/B0D2D6SS2D/ref=sr_1_1?crid=3EETIICRH9WKL&dib=eyJ2IjoiMSJ9.fTzmfgWDkLbB298QSG1XHw.XNema1TWDSl7tirdaNi6vv-LBlJA9T-P0y-UeCE2MN8&dib_tag=se&keywords=100+affirmation+payne&qid=1722807450&sprefix=110+affirmation+payne%2Caps%2C1345&sr=8-1   PLUS, TODAY WE CELBRATE: Green Peppers Dayhttps://www.checkiday.com/b082e70286aac96d90424d2ca09cc291/green-peppers-day#google_vignetteGreen peppers, known as green bell peppers or green sweet peppers, have their day today. There are other colors of bell peppers, like red, yellow, and orange, but just the green are celebrated today. Although considered vegetables in the culinary world, they actually are fruit. They are part of the Grossum cultivar group of the Capsicum annuum species, which are part of the Solanaceae family, or nightshades. Native to the tropics of the Americas, they were introduced to Europe and Asia by Spanish and Portoguese explorers in the late fifteenth century. They spread from there and are now grown around the world.  

Alas, no tastings today (you just can't get the staff). Never mind, the usual selection of tasty dishes from Gail - Char Grilled Capsicum and Gnocchi Soup, Spiced Pineapple Cake, Sweet Orange Pork and finally a simple but effective use of pastry. And the music? No prizes for guessing the subject is pineapple, and the track is ........The Pineapple Rock by the James Clarke Five, a good boppy number which will have you skipping around the kitchen.Presented by Gail Hall with co-hosts Peter or Catherine, Gail presents a wide range of recipes from the decadently delicious through to gorgeously healthy eating. She LOVES, and is a little obsessed with, collecting recipes.

We hear how to reduce heat stress in cattle.  We have a new give-a-way beef contest, updates on the markets, weigh up cow and bull prices and lots more all wrapped into this all new episode of the Ranch It Up Radio Show. Be sure to subscribe on your favorite podcasting app or on the Ranch It Up Radio Show YouTube Channel. EPISODE 193 DETAILS HOW TO BEAT HEAT STRESS IN CATTLE.  Farmatan Heat Stress Blend With Rumetrics® by Imogene Ingredients Heat has a significant effect on increasing blood glucose levels during stressful periods in livestock.  Production of the stress hormone, Cortisol, during chronic stress suppresses the immune system. The long duration of heat stress (Temperatures above 75° F} and the continuous release of gluco-corticoids may result in increased inflammation, slowing of the immune system, poor growth and lowering of fertility in bovine. Farmatan® with Rumetrics™ Both Farmatan and Rumetrics have a long track record of influencing rumen microbial activity, impacting enzyme regulation involved in carbohydrate, glucose, lipid metabolism, protein synthesis, cellular electrolyte transport, and thyroxine production resulting in whole body electrolyte balance.  Benefits of Farmatan® Improves integrity of mucosa and tight junctions of the intestine, reducing “leaky gut” and pathogen entry, provides optimum use and absorption of nutrients and maintenance of a strong immune system.  What is Rumetrics™ Rumetrics™ is a proprietary formulation of selected ingredients of Chromium, Capsicum, Betaine, Chelated Minerals and Critical Vitamins that together can aid in mitigating the negative physiological response to cortisol. Benefits of Farmatan Heat Stress Blend With Rumetrics® Benefits of This Combined Blend  The unique structures and mechanisms of hydrolysable tannins provide beneficial effects such as: antimicrobial, antioxidant, radical scavenging, anti-diarrhea and anti­ inflammation in animals.  Chromium enables and improves cellular insulin sensitivity resulting in efficient utilization of glucose to maintain cell metabolism. Chromium also reduces the release of the stress hormone cortisol thereby maintaining optimal immune balance.  Capsicum has a spectrum of activity; stimulates water intake, regulates feeding patterns, maintains GI blood flow to minimize stress related "leaky gut", reduces cellular oxidative stress and stimulates white blood cells for immune stability.  Betaine serves as a methyl donor in enzymatic reactions and assists in cellular electrolyte transport.  Select vitamins, trace minerals and Chelated minerals aid in maintaining and supporting health and performance.  Feeding Directions: Farmatan Heat Stress Blend With Rumetrics® Feed at the rate of 7 gram per head per day for maintenance and 11 gram per head per day over 75° F. More Information and to Purchase here: https://www.imogeneingredients.com/contact Regulatory Status  All ingredients are generally regarded as safe (GRAS) status as multipurpose food and feed substances under Title 21 CFR 184.1400. Farmatan® and Rumetrics® are also generally permitted in foods and feeds as 1c322i. RanchChannel.Com Now Has The Futures Markets Futures Markets RanchChannel.com now has futures markets at your fingertips!  Feeder Cattle, Live Cattle, Corn, Wheat, Soybeans, Soybean Oil, Milk Class IV, and Ethanol.  Information is provided by DTN and market information may be delayed by as much as 10 minutes.  Click Here for more information! The Ranch It Up Radio Show Beef Trivia Contest What Was The First State To Have Cattle In The U.S. The first correct answer will get a Ranch It Up T-Shirt!  The correct answer is Florida! UPCOMING SALES & EVENTS ISA Beefmasters: October 5, 2024, San Angelo, Texas World Famous Miles City Bucking Horse Sale: May 15 - 18, 2025 BULL SALE REPORT & RESULTS Churchill Cattle Company Van Newkirk Herefords Gardiner Angus Ranch Cow Camp Ranch Jungels Shorthorn Farms Ellingson Angus Edgar Brothers Angus Schaff Angus Valley Prairie Hills Gelbvieh Clear Springs Cattle Company CK Cattle Mrnak Hereford Ranch Frey Angus Ranch Hoffmann Angus Farms Topp Herefords River Creek Farms Upstream Ranch Gustin's Diamond D Gelbvieh Schiefelbein Farms Wasem Red Angus Raven Angus Krebs Ranch Yon Family Farms Chestnut Angus Eichacker Simmentals & JK Angus Windy Creek Cattle Company Pedersen Broken Heart Ranch Mar Mac Farms Warner Beef Genetics Arda Farms & Freeway Angus Leland Red Angus & Koester Red Angus Fast - Dohrmann - Strommen RBM Livestock Weber Land & Cattle Sundsbak Farms Hidden Angus Wheatland Cattle Company Miller Angus Farms L 83 Ranch U2 Ranch Vollmer Angus Ranch A & B Cattle Carter Angus Farms Roller Ranch Montgomery Ranch Jorgensen Farms DLCC Ranch Four Hill Farm North Country Angus Alliance Spruce Hill Ranch Wilson Angus   FEATURING Taylor Garcia, PhD Westway Feed Products https://westwayfeed.com/ @westwayfeed Mark VanZee Livestock Market, Equine Market, Auction Time https://www.auctiontime.com/ https://www.livestockmarket.com/ https://www.equinemarket.com/ @LivestockMkt @EquineMkt @AuctionTime Kirk Donsbach: Stone X Financial https://www.stonex.com/   @StoneXGroupInc   Questions & Concerns From The Field? Call or Text your questions, or comments to 707-RANCH20 or 707-726-2420 Or email RanchItUpShow@gmail.com FOLLOW Facebook/Instagram: @RanchItUpShow SUBSCRIBE to the Ranch It Up YouTube Channel: @ranchitup Website: RanchItUpShow.com https://ranchitupshow.com/ The Ranch It Up Podcast available on ALL podcasting apps. Rural America is center-stage on this outfit. AND how is that? Tigger & BEC Live This Western American Lifestyle. Tigger & BEC represent the Working Ranch world and cattle industry by providing the cowboys, cowgirls, beef cattle producers & successful farmers the knowledge and education needed to bring high-quality beef & meat to your table for dinner. Learn more about Jeff 'Tigger' Erhardt & Rebecca Wanner aka BEC here: TiggerandBEC.com https://tiggerandbec.com/

Sabrina and Christian share their love for the not-so humble spud.21:00 Why are my mandarin leaves are half yellow half green?37:00 SPECIAL GUEST Larry Hegarty from Blue Moon Potatoes43:17 Why are my eggplants and capsicums flowering but not fruiting 49:37 What do to with a grass tree covered in white scaleListen to the program live on Saturdays at 9:00AM on ABC Radio Perth and ask your questions by calling in on 1300 222 720 or text 0437 922 720Subscribe to the podcast through the ABC Listen App, Apple Podcasts or wherever you like to listen.

What is the secret to delicious hot sauce? Hot peppers or chilies? How many species of Capsicum are cultivated for their spicy fruits? What qualities are worth seeking when purchasing a grow light? These questions answered and so much more as the ChilliChump shares the spicy details about all things Capsicum!Opening tune: Solanaceae by Carmen Porter (https://carmenporter.com)Shaun (ChilliChump) connections:main page: https://chillichump.com/seed shop: https://chillichumpseeds.com/awesome software: https://seedsio.com/videos: https://www.youtube.com/chillichump

The temperature rises in this edition of Dig It as Peter Brown and Chris Day chat with passionate chilli grower Jason Breed. Jason, a seed specialist from Moles Seeds, gives a full rundown of the growing of these popular fiery fruits, a look at what makes chillies so hot, plus some insightful advice on getting the best from your plants and using them in the kitchen. Chilli peppers are varieties of the berry-fruit of plants from the genus Capsicum, which are members of the nightshade family Solanaceae, cultivated for their pungency. Chilli peppers are widely used in many cuisines as a spice to add ‘heat' to dishes. There are many health benefits associated with chillies too. The Scoville Scale is a measurement of pungency (spiciness or ‘heat'). Jason famously created a Chocolate Chip Chilli Cookie featuring Habanero chillies at the Garden Centre. Products mentioned: Products derived from chillies including sprays for bears, elephants (using barriers of chilli plants) and as an effective squirrel deterrent. Use Vermiculite at seed sowing time. Use a decent seed and cutting peat-free compost such as Levington's. LED plant lights to help growth. Hydroponic systems lend themselves to chilli production. Use Organic contact sprays for caterpillars, greenflies, flea beetles, sawflies and whitefly control. Fertilisers including Chilli Focus Premium Liquid Concentrated Fertiliser. Chilli varieties mentioned: ‘Apache', ‘Quick Fire' (30k on the Scoville scale), F1 hybrid, is the fastest maturing chilli available from seed with the prolific fiery red fruits produced in as little as 50 days from sowing. ‘Red Air' (Bird's eye type, Scoville Scale 70-80k), ‘Red Flame' (Cayenne type, 30-50k), ‘Rocky', a Jalapeno hybrid, 8k and ‘Santana' (hybrid Anaheim, 2.5-3.5k).Open pollinated types include Scotch Bonnet, Habanero and Tabasco, where seeds can be successfully saved from these plants. Guinness World Records declares Pepper X as world's new hottest chili pepper. A garden axe would be Jason's essential castaway item. The latest Guinness World Chilli eating record. Useful linksChillies available from the Garden Centre including Padron Chilli Pepper and De Cayenne, South Devon Chilli Farm and Chilli Ranch. Jason also mentioned a Bedfordshire commercial chilli grower. Our thanks to Chiltern Music Therapy for supplying the music. Hosted on Acast. See acast.com/privacy for more information.

The RSB Show 3-1-24 - FDA Forever Chemicals, Michael Boldin, Tenth Amendment Center, Capsicum Annuum

Cayenne pepper, derived from the Capsicum annuum plant, is a fiery herb renowned for its intense heat and vibrant flavor. It contains a compound called capsaicin which is not only responsible for its spicy punch, but also numerous health benefits. Beyond its culinary uses, cayenne is highly regarded for its medicinal properties in gut health, pain relief, and even cardiometabolic disease. In today's episode, we turn up the heat as we delve into the fiery world of cayenne. From its origins to its culinary and medicinal uses, we'll uncover the secrets and surprising health benefits of this spicy superstar. Today on The Lab Report: 3:20 Why are we talking about cayenne? 4:40 Ethnobotany of cayenne 8:30 Capsaicin, the heat, and substance P 9:50 Cayenne and metabolic syndrome 11:40 GI tract effects – how counterintuitive! 15:30 Cardiovascular disease and cayenne 16:40 Headaches and pain, topical cayenne – intranasal cayenne? WHAT! 18:55 Wilbur Scoville rabbit hole re: Scoville Units 22:50 What's in a Name?????   Additional Resources: Genova Connect  **PROMO CODE TheLabReport20 for 20% off your next purchase**   Subscribe, Rate, & Review The Lab Report Thanks for tuning in to this week's episode of The Lab Report, presented by Genova Diagnostics, with your hosts Michael Chapman and Patti Devers. If you enjoyed this episode, please hit the subscribe button and give us a rating or leave a review. Don't forget to visit our website, like us on Facebook, follow us on Twitter, Instagram, and LinkedIn. Email Patti and Michael with your most interesting and pressing questions on functional medicine: podcast@gdx.net. And, be sure to share your favorite Lab Report episodes with your friends and colleagues on social media to help others learn more about Genova and all things related to functional medicine and specialty lab testing. To find a qualified healthcare provider to connect you with Genova testing, or to access select products directly yourself, visit Genova Connect. Disclaimer: The content and information shared in The Lab Report is for educational purposes only and should not be taken as medical advice. The views and opinions expressed in The Lab Report represent the opinions and views of Michael Chapman and Patti Devers and their guests.See omnystudio.com/listener for privacy information.

Beneficios de la Pimienta Cayena para la Salud Introducción: La pimienta cayena, también conocida como guindilla, es una especia picante derivada de los frutos secos de las especies de Capsicum. A lo largo de la historia, ha sido apreciada no solo por su sabor audaz, sino también por sus numerosos beneficios para la salud. En este informe, exploraremos los orígenes, la historia, las variedades, las formas de uso y consumo, los estudios científicos relevantes, recomendaciones, posibles contraindicaciones y una lista detallada de propiedades y beneficios para la salud asociados con la pimienta cayena. Orígenes y Historia: Originaria de América del Sur, la pimienta cayena ha sido utilizada en la cocina y con fines medicinales durante siglos. Civilizaciones como los aztecas y los mayas la incorporaban en sus dietas, y su uso se expandió a otras partes del mundo gracias a las rutas comerciales. Variedades y Características: Existen diversas variedades de pimienta cayena, diferenciadas por su nivel de picante y color. Las variedades pueden variar desde el rojo intenso hasta el amarillo brillante, y su picor está determinado por la cantidad de capsaicina que contienen. Formas de Uso y Consumo: La pimienta cayena se utiliza comúnmente como condimento en alimentos, agregando un toque picante y aromático. También se encuentra en forma de polvo, extracto líquido o incluso en cápsulas para su consumo. Además de la cocina, es frecuentemente utilizada en remedios caseros y productos de belleza. Estudios Científicos: Numerosos estudios científicos respaldan los beneficios para la salud de la pimienta cayena. La capsaicina, el compuesto responsable de su picor, ha mostrado propiedades antiinflamatorias, antioxidantes y analgésicas en investigaciones. Estudios también sugieren que puede tener efectos positivos en la pérdida de peso, la salud cardiovascular y la gestión del dolor. Recomendaciones y Posibles Contraindicaciones: Aunque la pimienta cayena puede ser beneficiosa, es esencial consumirla con moderación. Aquellos con sensibilidad gastrointestinal pueden experimentar malestar, y su consumo excesivo podría provocar irritación. Se recomienda consultar a un profesional de la salud, especialmente para aquellos con condiciones médicas preexistentes. Advertencia Acerca de la Información: Este informe proporciona información general y no debe considerarse como asesoramiento médico específico. Las personas deben tener en cuenta sus propias condiciones de salud y consultar con profesionales de la salud antes de realizar cambios significativos en su dieta o estilo de vida. Lista Detallada de Propiedades y Beneficios para la Salud de la Pimienta Cayena: 1. Propiedades Antiinflamatorias: La capsaicina puede ayudar a reducir la inflamación en el cuerpo. 2. Efectos Antioxidantes: Contribuye a combatir el estrés oxidativo y protege las células del daño. 3. Analgésico Natural: Se ha demostrado que alivia el dolor mediante la desensibilización de los receptores de dolor. 4. Estimula la Circulación Sanguínea: Puede mejorar la circulación y promover la salud cardiovascular. 5. Ayuda en la Pérdida de Peso: Estudios sugieren que la capsaicina puede aumentar el metabolismo y reducir el apetito. 6. Propiedades Antibacterianas: Contribuye a combatir ciertos tipos de bacterias. 7. Mejora la Digestión: Favorece la producción de enzimas digestivas y puede aliviar problemas digestivos menores. 8. Regula el Nivel de Azúcar en Sangre: Algunas investigaciones indican que puede tener efectos beneficiosos en la diabetes. 9. Apoya la Salud Respiratoria: La pimienta cayena puede ayudar a aliviar la congestión nasal y los síntomas del resfriado. 10. Propiedades Anticancerígenas: Algunos estudios sugieren que la capsaicina puede tener efectos inhibidores en el crecimiento de células cancerosas. En conclusión, la pimienta cayena no solo agrega sabor a nuestras comidas, sino que también ofrece una serie de beneficios para CONTINÚA EN MI BLOG LINK EN LA BIOGRAFÍA --- Send in a voice message: https://podcasters.spotify.com/pod/show/ingridpeguero/message Support this podcast: https://podcasters.spotify.com/pod/show/ingridpeguero/support

Guest: Anzell Human | Cape Town Campus Head for the Capsicum Culinary Studio See omnystudio.com/listener for privacy information.

Let's revisit the most downloaded episode of this podcast the past three season: growing peppers! Peppers are one of those plants that I get asked about all the time; it's also one of those vegetables that is a mainstay in many people's kitchens, and they can be expensive at the grocery store, so knowing how to grow your own is high up on the gardening wish list for a lot of people. So, today we talk all about peppers, both sweet and hot, how to get them to germinate, their feeding requirements, planting, spacing, harvesting and all the usual basics. By the end of this episode, I hope you can fill in the gaps of what's been going on with your peppers to get you some success or give you the confidence to give them a try if you're new to the capsicum scene. Let's dig in! References and Resources: Capsicum annuum - Wikipedia Pharmacological importance of an ethnobotanical plant: Capsicum annuum L - PubMed (nih.gov) Bell Peppers 101: Nutrition Facts and Health Benefits (healthline.com) Chili Peppers 101: Nutrition Facts and Health Effects (healthline.com) 6 Ways to Use Epsom Salt in the Garden | Epsom Salt Council Capsicum annuum (Grossum Group) (Bell Pepper, Green Pepper, Red Pepper, Sweet Pepper) | North Carolina Extension Gardener Plant Toolbox (ncsu.edu) Midwest Vegetable Production Guide for Commercial Growers. Reader's Digest Illustrated Guide to Gardening, 1978 Damrosch, Barbara; The Garden Primer. Workman Publishing, New York. 1988 Just Grow Something Gardening Friends Facebook Group Check out how you can become a patron on Patreon Follow me on Instagram JustGrowSomethingPodcast.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/justgrowsomething/message

Vegalogue is a podcast from Australian vegetable peak industry body AUSVEG. Each month we'll be taking a look at issues affecting the Australian vegetable, potato and onion sectors, unpacking levy-funded research and meeting some of the incredible people who make up the vegetable industry.This month, we discuss:European certification schemes for horticulture and what they could mean for Australian vegetable growersA levy-funded project investigating the causes and treatment of internal fruit rot of capsicumMoving from sugar cane to groundbreaking vegetable grower with Syngenta Grower of the Year winner Pirrone BrothersGuests:Lucy Gregg, AUSVEG's National Public Affairs ManagerDr Jenny Ekman, Research Scientist, Applied Horticultural ResearchRoss Pirrone, Business Manager, Pirrone BrothersThanks for listening to Vegalogue! You can find out more about AUSVEG and the Australian vegetable industry at ausveg.com.au. Subscribe to our newsletter, or follow us on Facebook, LinkedIn, Instagram, Tik Tok, or Twitter/X.

pe-pe-ró-neSIGNIFICATO Pianta della famiglia delle solanacee, in particolare la ‘Capsicum annuum', e gli ortaggi dolci o piccanti che dà come fruttoETIMOLOGIA dal latino piper ‘pepe'.Voce di Giorgio MorettiMontaggio di Stefano RiggiSigla a cura di Emanuele PaveseTesti di unaparolaalgiorno.itSitoInstagramUna produzione BonfireSito Instagram

See omnystudio.com/listener for privacy information.

Murrumbidgee Police District Inspector Glenn Smith joined Matt in the Triple M studio to share some of the week's interesting adventures from the boys and girls in blue. This week, a man was found intoxicated while driving with a four-month-old baby in the vehicle, a driver loses control and collides with a brand-new police truck, and a mass brawl in a Griffith fast food car park.See omnystudio.com/listener for privacy information.

Dr Irene explains the variety of options available when dealing with pain management which falls beyond the standard prescribed morphine-based or anti-inflammatory drugs. With chronic pain being one of the most common ailments suffered by patients throughout the UK, Dr Irene describes how you can try a number of alternatives to help mitigate your ongoing symptoms. KEY TAKEAWAYS Ginger is anti-bloating but is more importantly anti-inflammatory.   Turmeric (also known as Curcumin) also functions by blocking the cascade response that causes inflammation.  Feverfew is also a good regular treatment but must be considered carefully alongside other drug treatments being utilised.  Omega-3 helps reverse the inflammatory response effectively and has very few side effects compared with more commonly prescribed painkillers. Capsicum can be applied topically via a cream and reduces pain and is effective for osteoarthritis treatment.  5 Tryptophan is used by the body to convert to serotonin and is thus effective for the treatment of depression.   Proteolytic Enzymes help reduce scarring tissue which can become a problem during the body's repair process. Catclaw is primarily used to treat arthritis but is used only short term.  All supplements should be taken for a diagnosed source of pain and checked for side effects and drug interaction, so visit your Doctor before trying any of these.   BEST MOMENTS‘As you know there are a lot of complementary or alternative supplements, botanicals out there that you could take, but I'll just cover some of the major ones about which some people might be asking.'‘For those people who have too much inflammation, like the auto-immune conditions where the body is attacking itself, turmeric is important because it blocks NF Kappa B activation and that creates all these cytokines that are the messengers that cause more cascade of inflammation.'‘There are also drugs that I've been prescribing for many years for osteoarthritis. Capsicum or the active ingredient is capsaicin.' VALUABLE RESOURCESJoin Patreon : http://www.patreon.com/drirenechingInstagram: irene.ching.777Tiktok: @ireneching777Youtube channel: Dr Irene ChingTwitter: @ireneching7777Clubhouse: @ireneching1 https://www.facebook.com/irene.ching.735LinkedIn : https://www.linkedin.com/in/irene-ching-742623219 ABOUT THE HOSTDr Irene Ching is a medical practitioner who specialises in Family Medicine, Wealth and Life Coach, Property/ Business Investor, Speaker, and Podcaster : Be Happy, Healthy and Wealthy. Dr Ching speaks on health, wellness and wealth in talks, workshops and events. She has her own coaching programme on money mindset - Quantum Wealth Creation Accelerator (online course with weekly coaching). She approaches health and well-being in a holistic way and encourages people to look at all the areas of their lives. In her coaching sessions, she works with emotional freedom techniques, energy works, NLP, Intuition/ Superconscious mind, Inner child healing, Timeline therapy, Self love works, behavioural change, goal settings and money attraction healing. Her motto: Reset Your Mind, Reset Your life.The podcast Be Happy Healthy and Wealthy is aimed at people who want to be high achievers who perform at their peak performance in all aspects of life. It is about how we could be happy regardless of our circumstances, and to understand the secrets to real health and wealth; especially how to live a prosperous long life. She has been interviewing successful entrepreneurs, keynote speakers, influencers and millionaires on this important subject. So stay tuned to get the deep dive on how to be happy, healthy and wealthy- the million dollar questions!

Tinkercast Presents: Plants & The Planet Week! Mindy is throwing herself her own genealogical daytime TV show, starring Guy Raz... as a pepper?! Discover the what, when, why, how, and WOW of the long, long line of lineage of the Capsicum pepper! Want more wow? Check out Wow in the World activities at https://bit.ly/3V5YCgwSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Una vez más Daina Rodríguez, Carolina Molla y Gabriela Giudice me convocan al maravilloso foro "Efecto Mariposa" para hablar, en esta oportunidad, de la historia de la pimienta, que es mucho más que la de su uso en la cocina. La historia de las especias es fascinante y llena de curiosidades. En primer lugar, el término "especia" proviene del latín "specĭes" y originalmente se utilizaba para referirse a mercancías, especialmente aquellas que venían de lejos y eran imperecederas, como raíces, semillas o bayas, como la pimienta. A lo largo del tiempo, el término se asoció cada vez más con condimentos y su uso en la cocina. Sin embargo, las especias no solo se utilizaban para dar sabor a los alimentos, sino que también tenían aplicaciones en medicina y cosmética. Algunas especias poseen propiedades tóxicas en cantidades relativamente bajas, lo que desaconseja su uso indiscriminado. Aunque su valor nutricional es insignificante debido a su uso en cantidades pequeñas, su importancia radica en su capacidad para mejorar las propiedades sensoriales de los alimentos e incluso influir en el apetito. Ahora bien, hablemos de la pimienta, una de las especias más conocidas. El término "pimienta" proviene del latín "pigmentum" y se mantuvo debido a que los romanos difundieron y exageraron su uso. En aquel entonces, se creía que la pimienta era un poderoso afrodisíaco, lo cual se asociaba con los problemas de intoxicación crónica con plomo que sufrían los romanos debido al uso generalizado de utensilios y cañerías de plomo, lo que les causaba dolores gastrointestinales e impotencia. Debido a su fama afrodisíaca, la pimienta era utilizada en la cultura romana, incluso en postres y pócimas medicinales. El precio de la pimienta alcanzó proporciones astronómicas y su valor se mantuvo elevado durante la Edad Media en Europa. En España, llegó a ser aceptada como forma de pago de impuestos, rentas y dotes matrimoniales. Su valor era tan alto que en el puerto de Londres, uno de los principales centros de llegada de especias de oriente, los estibadores tenían prohibido llevar bolsillos o pliegues donde pudieran esconder granos de pimienta, ya que su valor superaba el del oro. A medida que la era moderna se aproximaba, el aumento de los fletes marítimos desde las Indias llevó a un exceso de importación de pimienta, lo que provocó un colapso en su precio. Fue entonces cuando Occidente descubrió que la pimienta crece en los árboles, lo que desencadenó una disminución en su valor. La pimienta proviene del fruto de la especie Piper nigrum, y los diferentes tipos de pimienta se deben a variaciones en el punto de maduración. La pimienta verde proviene de frutos inmaduros, la pimienta negra de frutos semimaduros y la pimienta blanca, más suave, de frutos maduros sin el epitelio exterior. Es importante destacar que la pimienta roja o de cayena no es una pimienta en sentido estricto, sino el fruto molido o entero de una variedad de ají (Capsicum annum), lo cual llevó a la confusión y a que en España se llame "pimientos" a los morrones y "pimentón" al polvo resultante de su molienda. Desde el punto de vista químico, el compuesto responsable de la pungencia de la pimienta es la piperina, mientras que otros compuestos como el limoneno o el pineno aportan su aroma cítrico o a madera. Por otro lado, la cayena contiene capsaicina, que es más de 300 veces más potente que la piperina y carece de su complejidad aromática. La capsaicina se utiliza en atomizadores paralizantes, aunque erróneamente se les llama "gas de pimienta". Las especias van más allá de su uso culinario y tienen aplicaciones en la farmacología y la perfumería. Especies como Piper longum o Piper cubeba se utilizan en especialidades farmacéuticas étnicas, y los extractos de frutos de pimienta verde se emplean en perfumería para conferir notas especiadas a las fragancias. EFECTO MARIPOSA RADIO CULTURA 1290 AM 16-052023

Messy and Ya Boy get SPICY as Messy covers the many benefits of Capsicum annuum--Cayenne Pepper. While Ya Boy sticks to the Magnolia family and discusses enamor of the ancient Tulip Tree, Liriodendron tulipifera! www.Trees-N-Weeds.com Support us on Patreon --- Support this podcast: https://podcasters.spotify.com/pod/show/jared-helms/support

SHOW START // 1:03:01 Hello, my friends! We're back! How are you all? What a unique episode we have in store for you today -- as I'm joined by the one-and-only Corey Blair from Break The Chains Media. I recently sent Corey four jars of my homemade, hand-crafted salsa -- and he sent me a great bundle of his own hot sauces (Realmwalker Hot Sauce) which are fantastic! So we decided we should test each others' creations while doing a podcast together. Gardening. Homesteading. Capsicum. Self-sufficiency. Entrepreneurship. Politics. Freedom. 2023. Please note this is the fourth podcast recorded and published by Jo Bradley & Corey Blair -- so if you have missed the first three, I suggest you check them out for sure! BreakTheChains.MEDIA SouledOut.TV Get access to exclusive / members-only content for only $3.69/mo ($36.99/yr) When you directly support SOMTV / Souled Out Media -- you are contributing to the Pro-Freedom Movement, supporting Free Speech and Open Discussion, supporting Health Freedom, supporting the Truth Movement, and strongly fighting back against Big Tech Censorship! Make A Donation Join The Patreon Get Merch

The Linux kernel has some exciting updates this week, including a significant Asahi milestone and some good news for Android. Then we take openSUSE's new web-based installer for a spin.

The Linux kernel has some exciting updates this week, including a significant Asahi milestone and some good news for Android. Then we take openSUSE's new web-based installer for a spin.

It will be the first class action to examine the police use of capsicum spray in a protest environment. See omnystudio.com/listener for privacy information.

lmms, TB303 emulator, a capsicum, I think some paper flapping around, and an array of the usual nonsense tid bits 2022 Creative Commons CC Attribution Noncommercial (BY-NC)

Fertile friends, I want you to take a moment to think about your meal plan for the day.  I'm not sure if this is you, but most people start their day with a smoothie or yogurt and fruit, have a salad or sandwich for lunch, and dinner is usually dinner is warmest meal of the day but sometimes not. Could excessive amount of raw and cold foods be damaging your fertility? I this episode, I talk about: the science behind why eating raw might not be the best for us the reason why cooking vegetables is better for fertility according to Chinese medicine the best cooking methods for vegetables Connect with me on instagram, Facebook, and TikTok @dradriennewei. References: Colino, S. (2016, December 7). How much do doctors know about nutrition? U.S. New and World Report.  https://health.usnews.com/wellness/food/articles/2016-12-07/how-much-do-doctors-learn-about-nutrition Crowley, J., Ball, L., & Hiddink, G. J. (2019). Nutrition in medical education: a systematic review. The Lancet. Planetary Health, 3(9), e379–e389. https://doi.org/10.1016/S2542-5196(19)30171-8 Fielding, J. M., Rowley, K. G., Cooper, P., & O' Dea, K. (2005). Increases in plasma lycopene concentration after consumption of tomatoes cooked with olive oil. Asia Pacific Journal of Clinical Nutrition, 14(2), 131–136. Ghavami, A., Coward, W. A., & Bluck, L. J. (2012). The effect of food preparation on the bioavailability of carotenoids from carrots using intrinsic labelling. The British journal of nutrition, 107(9), 1350–1366. https://doi.org/10.1017/S000711451100451X Hoffman, C. J., & Zabik, M. E. (1985). Effects of microwave cooking/reheating on nutrients and food systems: a review of recent studies. Journal of the American Dietetic Association, 85(8), 922–926. Hwang, I. G., Shin, Y. J., Lee, S., Lee, J., & Yoo, S. M. (2012). Effects of different cooking methods on the antioxidant properties of red pepper (Capsicum annuum L.). Preventive Nutrition and Food Science, 17(4), 286–292. https://doi.org/10.3746/pnf.2012.17.4.286 Miglio, C., Chiavaro, E., Visconti, A., Fogliano, V., & Pellegrini, N. (2008). Effects of different cooking methods on nutritional and physicochemical characteristics of selected vegetables. Journal of agricultural and food chemistry, 56(1), 139–147. https://doi.org/10.1021/jf072304b Veda, S., Kamath, A., Platel, K., Begum, K., & Srinivasan, K. (2006). Determination of bioaccessibility of beta-carotene in vegetables by in vitro methods. Molecular Nutrition & Food Research, 50(11), 1047–1052. https://doi.org/10.1002/mnfr.200600076 Yuan, G. F., Sun, B., Yuan, J., & Wang, Q. M. (2009). Effects of different cooking methods on health-promoting compounds of broccoli. Journal of Zhejiang University. Science. B, 10(8), 580–588. https://doi.org/10.1631/jzus.B0920051 Zeng, C. (2013), "Effects of different cooking methods on the vitamin C content of selected vegetables", Nutrition & Food Science, 43(5), pp. 438-443. https://doi.org/10.1108/NFS-11-2012-0123

Building Your Own FreeBSD-based NAS, Writing a device driver for Unix V6, EC2: What Colin Percival's been up to, Beckhoff releases TwinCAT/BSD Hypervisor, Writing a NetBSD kernel module, and more. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines Building Your Own FreeBSD-based NAS (https://klarasystems.com/articles/building-your-own-freebsd-based-nas-with-zfs/) Writing a device driver for Unix V6 (https://mveg.es/posts/writing-a-device-driver-for-unix-v6/) News Roundup FreeBSD/EC2: What I've been up to (https://www.daemonology.net/blog/2022-03-29-FreeBSD-EC2-report.html) Beckhoff has released its TwinCAT/BSD Hypervisor (https://www.automationworld.com/control/article/22144694/beckhoff-hypervisor-enables-virtual-machines-for-control-applications) Writing a NetBSD kernel module (https://saurvs.github.io/post/writing-netbsd-kern-mod/) Benedicts Git Finds Projects Run anything (like full blown GTK apps) under Capsicum (https://github.com/unrelentingtech/capsicumizer) Twitter client for UEFI (https://github.com/arata-nvm/mitnal) n³ The unorthodox terminal file manager (https://github.com/jarun/nnn) OpenVi: Portable OpenBSD vi for UNIX systems (https://github.com/johnsonjh/OpenVi) Gists and Articles Step-by-step instructions on installing the latest NVIDIA drivers on FreeBSD 13.0 and above (https://gist.github.com/Mostly-BSD/4d3cacc0ee2f045ed8505005fd664c6e) FreeBSD SSH Hardening (https://gist.github.com/koobs/e01cf8869484a095605404cd0051eb11) GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems (https://gtfobins.github.io) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Ben - Backing Up (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/453/feedback/Ben%20-%20Backing%20Up.md) Ethan - Thanks (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/453/feedback/Ethan%20-%20Thanks.md) Maxi - question about note taking (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/453/feedback/Maxi%20%20-%20question%20about%20note%20taking.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) ***

One of the crops I really thought would be easy to grow that turned out not to be for me was peppers, specifically bell peppers. Turns out not only do peppers really prefer a lot of heat, they also prefer more water than I typically use in my gardens and in my fields. And peppers are one of those plants that I get asked about all the time in messages and at the farm stand. Because once you get the hang of it, you can grow boatloads and we bring lots of beautiful peppers to market and it gets people talking. It's also one of those vegetables that is a mainstay in many people's kitchens and they can be expensive at the grocery store, so knowing how to grow your own is high up on the gardening wish list for a lot of people. So, today we'll talk all about peppers, both sweet and hot, how to get them to germinate, their feeding requirements, planting, spacing, harvesting and all the usual basics. By the end of this episode, I hope you can fill in the gaps of what's been going on with your peppers to get you some success or give you the confidence to give them a try if you're new to the capsicum scene. So, let's dig in to growing peppers. Just Grow Something Gardening Friends Facebook Group Check out how you can become a patron on Patreon Follow me on Instagram JustGrowSomethingPodcast.com This podcast is a proud member of the Positively Farming Media Podcast Network Resources: Capsicum annuum - Wikipedia Pharmacological importance of an ethnobotanical plant: Capsicum annuum L - PubMed (nih.gov) Capsicum annuum (Grossum Group) (Bell Pepper, Green Pepper, Red Pepper, Sweet Pepper) | North Carolina Extension Gardener Plant Toolbox (ncsu.edu) Bell Peppers 101: Nutrition Facts and Health Benefits (healthline.com) Chili Peppers 101: Nutrition Facts and Health Effects (healthline.com) 6 Ways to Use Epsom Salt in the Garden | Epsom Salt Council Capsicum annuum (Grossum Group) (Bell Pepper, Green Pepper, Red Pepper, Sweet Pepper) | North Carolina Extension Gardener Plant Toolbox (ncsu.edu) Midwest Vegetable Production Guide for Commercial Growers. Reader's Digest Illustrated Guide to Gardening, 1978 Damrosch, Barbara; The Garden Primer. Workman Publishing, New York. 1988 --- Send in a voice message: https://anchor.fm/justgrowsomething/message

Tonight, show hosts, Keith Otworth and Rhonda Triggs bring to you, part one of Rhonda's Prepper Apothecary: Herbal Medicinal and Remedies show. On this episode, we'll be discussing home and herbal remedies to help fight off common ailments and get us through an Off-Grid SHTF event. Headlining the show tonight, is Q&A with listeners Zach and Clay. Let's get to it. Herbal remedies, spices, essential oils, minerals, vegetation, even carbon and veterinary supplies... Here are some options you can look into to find what might be right  for your own health situation.Full show notes for Herbal Survival & Other Alternative Treatments will be posted in a blog for your reference. Here is the recipe for Diarrhea Tea as promised, um, Tea FOR Diarrhea... 2 teaspoons Oregon grape root 1 teaspoon dried leaves of bilberry OR scented geranium OR red raspberry1-2 cloves garlic1/2 teaspoon chamomile2 cups waterSimmer Oregon grape root for 10 minutes. Remove from heat and add remaining herbs. Steep for 15 minutes. Drink warm; avoid cold liquids during bouts of diarrhea.Alternative treatments when it's the only alternativePart 1: first aidHerbal remedies, spices, essential oils, minerals, vegetation, even carbon and veterinary suppliesTips and Ideas to research for various first aid treatments in the event modern medicine is not an option.Disclaimer do your own, dosages, interactions, reactions, side effects NOW adverse reactions Headache (non-migraine)  Pressure points  Cold pack  Hydration  Chew basil leaves Hot tea options: mint, chamomile, catnip, fennel Lavender, rosemary Infused water for inhalation  Willow bark  Toothache Cinnamon and Honey Activated CharcoalApple cider vinegarAnise Oil Black pepper: Cayenne. Coconut oil pullingClovesRaw Potato slice Earache Colloidal Silver Back painRosemaryFeverfew CurcumaTurmeric Topical pain relief like muscle aches Capsicum annuum Colloidal SilverDimethyl sulfoxide (DMSO)  Digestive Issues Activated Charcoal  Pure vanilla extract Soy sauce Diarrhea Pectin Apple cider vinegar Diarrhea TeaConstipation  Senna  Anti-viral, anti-bacterial and anti-fungal Cassia cinnamon / Ceylon cinnamonApple cider vinegarAntivirals  CloveCinnamonGingerBlack pepperTurmeric Veterinary Antibiotics i. Fish Flex (Cephalexin)* ii. Fish Flox (Ciprofloxacin).* iii. FishMox Fort (Amoxicillin)* iv. Fish Pen (Penicillin)* Treatment for Syphilis. v. Fish Zole Metronidazole)* vi. Fish Cin (clindamycin)* vii. Fish Sulfe Forte (Sulfa)* Alternatives to antibiotics GingerPeppermintNeemGoldenseal Colloidal Silver  Cold / Flu Oscillococcinum ElderflowerYarrow flower Peppermint tea for fever  Anti-fungal Colloidal Silver Oregano Oil Tea Tree oil (external use only)  Burns, cuts, scrapes, boils / Anti-bacterial Aloe vera Colloidal SilverHard Liquor like vodka, rum, gin, whiskey, tequila, and others Honey  Insect BitesSupport the show

Para contratarme lo tienes aquí: https://cursosdejardineria.com/#consulta Mi boletín aquí: https://claudiodoratto.com/boletin El canal de Telegram: https://t.me/jardineros Hoy me levanté con el titular de un episodio de historieta de superhéroe dando vueltas en mi cabeza. Y antes de entrar en el relato aclaro qué significa cada cosa: • Capsicum: Es la parte del nombre científico (género) que les corresponde a las plantas de ají picante o chile. • Allium: Como en el caso anterior nos referimos a una planta, ahora es el ajo. • Áfidus: son los pulgones o áfidos que se alimentan de la savia de las plantas. • Rosalis: es el lugar donde viven los pulgones, que para la historia es un rosal. Vamos al jardín de palabras. (cuento) Esther es la responsable de un jardín con más de 200 rosales. Muchas plantas de un solo tipo. Cuando ello ocurre, casi nos encontramos con una situación de monocultivo. La biodiversidad es reducida y los insectos que consideramos “plaga” vienen al jardín y su población crece de forma exponencial. Por ello, me llamó. Porque los rosales se estaban cubriendo con pulgones. Los “Áfidus de Rosalis”. En esta ocasión no hubo que encender la lámpara que llama a SuperPlant (como la que tienen en ciudad Gótica para llamar a Batman). Bastó con la intervención de dos de sus aliados. Capsicum y Allium. Ellos vienen a ayudarnos cuando las cosas se nos escapan de las manos como arena entre los dedos. Podemos con ellos elaborar varios preparados que son de utilidad en el jardín y la huerta. Pero hay algo para tener en cuenta con los preparados caseros que es que la frecuencia de aplicación al inicio será de dos a tres veces por semana cuando hacemos tratamiento “curativo” y luego cada 15 días para “preventivo”. Pero solamente en los períodos críticos cuando vemos que la población de los insectos aumenta más. ¿Quieres que te cuente una buena receta? Coloca en una cabeza de ajo (solo los dientes) y unos 50 gr de chiles picantes en una licuadora con medio litro de alcohol medicinal. Licua y completa con medio litro más de alcohol. Coloca el litro de preparado en un recipiente de vidrio tapado en lugar fresco y oscuro por una semana. Luego, lo filtras y puedes guardarlo en la heladera (refrigerador) por 6 meses. Para utilizarlo, aplica en las últimas horas de la tarde a razón de 5 ml por cada litro de agua. Claudio. El Jardinerista PD: Se puede emplear para pulgones y mosca blanca. Rocía a las plantas mojando bien las hojas y evita las flores en aquellas que son visitadas por las abejas. PD1: Como el ajo tiene azufre, es también un agente fungicida, haciendo que los hongos como el oidio no encuentren un buen lugar para prosperar. PD2: Aquí me puedes contratar para que te asesore cómo llevar tu jardín de forma amigable con el medio ambiente.

Para contratarme lo tienes aquí: https://cursosdejardineria.com/#consulta Mi boletín aquí: https://claudiodoratto.com/boletin El canal de Telegram: https://t.me/jardineros No importa si es leche de cabra, vaca u oveja. Ese fuego se apaga con leche. Tal vez te suenen nombres como “Carolina reaper” y “Dragon's breath”, o tal vez no. Comienzo para aclarar que no se tratan de perfumes. Ni para la dama, ni para el caballero. Son ajíes y de los más picantes. Que los conozca de nombre porque me los presentaron alguna vez, no significa que los haya comido. Pero no pierdo la esperanza. Sí he comido varios más como los jalapeños, el jalapeño marrón, unos chiles italianos, otros de Tailandia, unos peruanos de color morado, el piquín, el beso de satanás y más. Los tengo en la huerta, algunos directo en el suelo, otros en macetas grandes y también en tachos de pintura de los de 20 litros. Tengo esa debilidad que me tendría que hacer analizar con el “doctor de la cabeza” porque cuando veo una planta o pienso mucho en esos frutos que encierran fuego en su interior. Yo comienzo a salivar. El asunto es que me gustan y disfruto mientras torturo a mis papilas gustativas. Otra razón para ir a ese doctor del coco, no lo digo yo, me lo dicen parientes y amigos que me dicen “te tenés que hacer ver, no puede ser que te guste y comas las cosas tan picantes”. Yo les respondo que en otra vida tal vez fui mexicano. No quiero imaginar lo que me dirían si se enteran de que me inventé una receta de licor de ají. 🌶 🌶 🌶 Volviendo a los muchachos Capsicum, descubrí que tienen un club de fans muy grande. Así que me quedo por ahora tranquilo. ¿Y a qué viene todo este preámbulo? Hace un par de años, voy a uno de los viveros que más frecuento a comprar unas plantas para un cliente cuando giro mi cabeza a la derecha y ahí estaba. Una maravillosa y colorida planta con ajíes de colores. ¡Quiero una! Le dije a Rodrigo. Me contestó, pero son picantes, me dijeron que se llama “ají picante de 7 colores”. Llego a mi casa, corto y lavo un par de ellos para ver qué tan picantes eran. Fraude total. Un pimiento morrón me hubiera desilusionado menos. En fin, cosas que pasan. El año pasado, un cliente compró unas semillas de los ají que te nombré al principio y otro conocido como “el mostro” que es un híbrido entre los dos. Hice mi almácigo en tres bandejas plásticas con tapa para tener una especie de invernadero en miniatura. Venían bien, ya tenían sus primeras hojas y casi dos centímetros de altura. Estaba ilusionado. Pero un día, nuestro famoso “viento zonda” me tomó por sorpresa fuera de casa. Cuando llegué estaba todo desparramado. Tenía las bandejas sobre una barrica de roble que uso como mesa para trabajar con las plantas más pequeñas. Muy expuestas a las ráfagas. Luego hice otros almácigos y los puse a reparo. Pero ya no tenía de esas semillas, así que mi colección aumentó en número, pero no en variedad. Si te preguntas por cómo logro hacer que las semillas germinen con cierta facilidad. Las hidrato con té de manzanilla por una o dos horas, luego las llevo al almácigo. La manzanilla evitará que durante la germinación sean atacadas por hongos y promueve aparentemente el desarrollo de las raíces. Incluso puedes regar las almacigueras con un té diluido de manzanilla tres veces a la semana hasta que las plantitas estén más fuertes. Claudio. El jardinerista. PD: No me olvidé del fuego que se apaga con leche. Me refería al picante del ají. Si tu boca arde como si tuvieras una brasa al rojo vivo, un buen vaso de leche apaga el incendio. La grasa de la leche disuelve capsaicina y es neutralizada por la caseína que posee. PD1: si tienes semillas de ajíes extraños y picantes. O no tan picantes. Acepto el regalo. (contacto@claudiodoratto.com)

Dietary choices may reduce the risk from one of Australia's biggest killers

ส้มตำ อาหารพื้นบ้านที่อยู่คู่กับคนไทยมานานแสนนาน รู้หรือไม่ว่าจริงๆ แล้วส้มตำมีคุณค่าทางอาหารที่ดีต่อสุขภาพเรามากมาย แต่ในขณะเดียวกัน การทานส้มตำนั้น ก็อาจมีโทษต่อร่างกาย เนื่องจากเป็นอาหารที่มีโซเดียมสูง ส้มตำแต่ละจานให้พลังงานเท่าไหร่ แล้วเราจะสามารถทานส้มตำเพื่อให้ดีต่อสุขภาพได้อย่างไร หรือสามารถปรับสูตรของส้มตำให้เป็นอาหารเฮลท์ตี้ได้อย่างไร มาติดตามได้ในรายการ Dr.Amp Podcast เรื่องเล่าสุขภาพดี กับ หมอแอมป์ ตอน "ส้มตำ คุณประโยชน์เมนูยอดฮิต" โดย นพ. ตนุพล วิรุฬหการุญ รักษาการประธานคณะผู้บริหาร บีดีเอ็มเอส เวลเนส คลินิก และนายกสมาคมแพทย์ฟื้นฟูสุขภาพและส่งเสริมการศึกษาโรคอ้วน กรุงเทพ (BARSO)

We try out Pop!_OS 21.04 and share our thoughts on the COSMIC desktop and our reaction to Audacity's new troubling privacy policy. Plus the good, the bad, and the impressive in the new Linux 5.13 release.

This week we discuss Demi Moore and her bizarre transformation at the Fendi Fashion Show, the GameStop stock market fiasco, a couple of comfort food recipes that will remind you of your childhood, a Guinness world record that will blow your mind as well as your ass, a side affect of COVID that could change your life forever, and I finish with classic joke about a guy who walks into a bar.

Following Gallagher's deal to buy out 100% ownership of Capsicum Re - the reinsurance broker it founded as a joint venture with former Benfield boss Graeme Chilton and colleagues back in 2013 - The Voice of Insurance caught up with Capsicum Re CEO Rupert Swallow and Simon Matson, the CEO of Gallagher's UK Broking & Underwriting division. What were Gallagher's plans now that it had finally broken successfully into reinsurance after decades of trying? What would Capsicum do with major human and financial resources at its disposal? Would it stay specialist or have a go at the big three brokers? What would happen to the Capsicum name? With new owner Gallagher such an accomplished serial acquirer, was more dealmaking a likelihood? How would the executives keep the Capsicum founding entrepreneurs motivated after the deal? Tune in for the answers. This was a relaxed and friendly discussion. As you'd imagine there's plenty of talk about what the plans are for Gallagher's new reinsurance intermediary but there are a lot of other market insights blended in...  

GSoC 2018 Projects announced, tutorial FreeBSD jails with iocage, new Code of Conduct for FreeBSD, libhijack, and fancy monitoring for OpenSMTPD This episode was brought to you by Headlines Google Summer of Code 2018 (https://summerofcode.withgoogle.com/organizations/?sp-page=5) FreeBSD (https://www.freebsd.org/projects/summerofcode.html) FreeBSD Google Summer oF Code Ideas (https://wiki.freebsd.org/SummerOfCodeIdeas) You can join #freebsd-soc on the efnet IRC network to chat with FreeBSD developers interested in mentoring student proposals and projects, past FreeBSD/GSoC students, and other students applying to FreeBSD/GSoC this year. NetBSD (https://mail-index.netbsd.org/netbsd-advocacy/2018/02/12/msg000765.html) You can get a stipend (paid for by Google) and spend a few months getting to know and improving the insides of NetBSD or pkgsrc. ``` The schedule is: 12-27 March Applying 23 April Find out if you were accepted 14 May - 22 August Do the project! We have some suggestions for suitable projects: - ARM EFI bootloader - Using libFuzzer on base tools - Refactoring ALTQ (QoS implementation) and integrating with NPF - Testsuite for libcurses - Improve pkgin Other suggestions and details are at: https://wiki.netbsd.org/projects/gsoc/ ``` These projects are suggestions; you can come up with your own. Suggestions for other suitable projects are welcome. Feel free to contact, or chat around on IRC: irc.freenode.org #netbsd #netbsd-code #pkgsrc Haiku (https://summerofcode.withgoogle.com/organizations/4821756754264064/) Students: How to Apply for a Haiku Idea (https://www.haiku-os.org/community/gsoc/2018/students) Project Ideas (https://www.haiku-os.org/community/gsoc/2018/ideas) > If you have questions you can contact the devs on IRC: irc.freenode.org #haiku FreeBSD Jails with iocage (http://norrist.devio.us/iocage_freebsd.html) Introduction FreeBSD jails allow users to run multiple, isolated instances of FreeBSD on a single server. Iocage simplifies the management of FreeBSD Jails. Following this tutorial, the jails will be configured to bind to an IP address on the jail host's internal network, and the host OS will pass traffic from the external network to the jail. The jails will be managed with Iocage. Iocage uses ZFS properties to store configuration data for each jail, so a ZFS file system is required. Network setup These steps will: Set up the internal network. Enable the pf packet filter Configure pf pass internet traffic to and from the jail. PF is full featured firewall, and can do more than just pass traffic to an internal network. Refer to the PF documentation for additional configuration options. Run the following to configure the internal network and enable pf. sysrc cloned_interfaces+="lo1" sysrc ifconfig_lo1="inet 192.0.2.1/24" sysrc pf_enable="YES" Put the following in /etc/pf.conf ``` Variables ext_if should be set to the hosts external NIC extif = "vtnet0" jailif = "lo1" jailnet = $jailif:network NAT allows the jails to access the external network nat on $extif from $jailnet to any -> ($ext_if) Redirect traffic on port 80 to the web server jail Add similar rules for additional jails rdr pass on $ext_if inet proto tcp to port 80 -> 192.0.2.10 ``` Reboot to activate the network changes ZFS The best way to use ZFS on a VPS is to attach block storage as a new disk. If block storage is not available, you can optionally use a file as the ZFS device. Enable and start ZFS. sysrc zfs_enable="YES" service zfs start ZFS using Block storage List the available disks. If you are using a VPS, the block store will probably be the second disk. geom disk list Create a ZFS pool named jailstore. zpool create jailstore /dev/vtbd1 ZFS using a file Create the ZFS file. dd if=/dev/zero of=/zfsfile bs=1M count=4096 Create a ZFS pool named jailstore. zpool create jailstore /zfsfile Install iocage the easy way pkg install py36-iocage Skip to "Using iocage" Install iocage the hard way Swap file Smaller servers may not have enough RAM to build iocage. If needed, create a swap file and reboot. dd if=/dev/zero of=/swapfile bs=1M count=1024 echo 'swapfile="/swapfile"' >> /etc/rc.conf reboot Install some build dependencies pkg install subversion python36 git-lite libgit2 py36-pip Building iocage requires the FreeBSD source. svn checkout https://svn.freebsd.org/base/releng/11.1 /usr/src Get the latest FreeBSD ports tree. ``` portsnap fetch portsnap extract ``` + build iocage. cd /usr/ports/sysutils/iocage/ make install Using iocage ``` iocage activate jailstore iocage fetch iocage create -n www ip4_addr="lo1|192.0.2.10/24" -r 11.1-RELEASE iocage start www iocage console www ``` Once you have a shell inside the jail, install and start Apache. pkg install apache24 sysrc apache24_enable="yes" service apache24 start Port 80 on the jail will now be accessible on the hosts IP address. Multiple jails. Additional jails can be installed using the example above. Install the new jail with the iocage create command , but use a different IP address Expose the new jail to the network by adding additional rules to pf.conf. iXsystems SNIA Persistent Memory Summit 2018 Report (https://www.ixsystems.com/blog/snia-report-2018/) New FreeBSD Code of Conduct (https://www.freebsd.org/internal/code-of-conduct.html) The FreeBSD Project is inclusive. We want the FreeBSD Project to be a venue where people of all backgrounds can work together to make the best operating system, built by a strong community. These values extend beyond just development to all aspects of the Project. All those given recognition as members of the Project in whatever form are seen as ambassadors of the Project. Diversity is a huge strength and is critical to the long term success of the Project. To that end we have a few ground rules that we ask people to adhere to. This code applies equally to everyone representing the FreeBSD Project in any way, from new members, to committers, to the core team itself. These rules are intended to ensure a safe, harassment-free environment for all and to ensure that everyone feels welcome both working within, and interacting with, the Project. This document is not an exhaustive list of things that you should not do. Rather, consider it a guide to make it easier to enrich all of us and the technical communities in which we participate. This code of conduct applies to all spaces used by the FreeBSD Project, including our mailing lists, IRC channels, and social media, both online and off. Anyone who is found to violate this code of conduct may be sanctioned or expelled from FreeBSD Project controlled spaces at the discretion of the FreeBSD Code of Conduct Committee. Some FreeBSD Project spaces may have additional rules in place, which will be made clearly available to participants. Participants are responsible for knowing and abiding by these rules. Harassment includes but is not limited to: + Comments that reinforce systemic oppression related to gender, gender identity and expression, sexual orientation, disability, mental illness, neurodiversity, physical appearance, body size, age, race, or religion. + Unwelcome comments regarding a person's lifestyle choices and practices, including those related to food, health, parenting, drugs, and employment. + Deliberate misgendering. + Deliberate use of "dead" or rejected names. + Gratuitous or off-topic sexual images or behaviour in spaces where they're not appropriate. + Physical contact and simulated physical contact (e.g., textual descriptions like "hug" or "backrub") without consent or after a request to stop. + Threats of violence. + Incitement of violence towards any individual, including encouraging a person to commit suicide or to engage in self-harm. + Deliberate intimidation. + Stalking or following. + Harassing photography or recording, including logging online activity for harassment purposes. + Sustained disruption of discussion. + Unwelcome sexual attention. + Pattern of inappropriate social contact, such as requesting/assuming inappropriate levels of intimacy with others. + Continued one-on-one communication after requests to cease. + Deliberate "outing" of any private aspect of a person's identity without their consent except as necessary to protect vulnerable people from intentional abuse. + Publication of non-harassing private communication without consent. + Publication of non-harassing private communication with consent but in a way that intentionally misrepresents the communication (e.g., removes context that changes the meaning). + Knowingly making harmful false claims about a person. Interview - Benno Rice - benno@freebsd.org (mailto:benno@freebsd.org) / @jeamland (https://twitter.com/jeamland) News Roundup libhijack in PoC||GTFO 0x17! (https://www.soldierx.com/news/libhijack-PoCGTFO-0x17) Hijacking Your Free Beasties In the land of red devils known as Beasties exists a system devoid of meaningful exploit mitigations. As we explore this vast land of opportunity, we will meet our ELFish friends, [p]tracing their very moves in order to hijack them. Since unprivileged process debugging is enabled by default on FreeBSD, we can abuse PTrace to create anonymous memory mappings, inject code into them, and overwrite PLT/GOT entries. We will revive a tool called libhijack to make our nefarious activities of hijacking ELFs via PTrace relatively easy. Nothing presented here is technically new. However, this type of work has not been documented in this much detail, tying it all into one cohesive work. In Phrack 56, Silvio Cesare taught us ELF research enthusiasts how to hook the PLT/GOT. The Phrack 59 article on Runtime Process Infection briefly introduces the concept of injecting shared objects by injecting shellcode via PTrace that calls dlopen(). No other piece of research, however, has discovered the joys of forcing the application to create anonymous memory mappings in which to inject Code. This is only part one of a series of planned articles that will follow libhijack's development. The end goal is to be able to anonymously inject shared objects. The libhijack project is maintained by the SoldierX community. Previous Research All prior work injects code into the stack, the heap, or existing executable code. All three methods create issues on today's systems. On amd64 and arm64, the two architectures libhijack cares about, the stack is non-executable by default. jemalloc, the heap implementation on FreeBSD, creates non-executable mappings. Obviously overwriting existing executable code destroys a part of the executable image. The Role of ELF > FreeBSD provides a nifty API for inspecting the entire virtual memory space of an application. The results returned from the API tells us the protection flags (readable, writable, executable) of each mapping. If FreeBSD provides such a rich API, why would we need to parse the ELF headers? PLT/GOT hijacking requires parsing ELF headers. One would not be able to find the PLT/GOT without iterating through the Process Headers to find the Dynamic Headers, eventually ending up with the DT_PLTGOT entry. With FreeBSD's libprocstat API, we don't have a need for parsing ELF headers until we get to the PLT/GOT stage, but doing so early makes it easier for the attacker using libhijack The Future of libhijack Writing devious code in assembly is cumbersome. Assembly doesn't scale well to multiple architectures. Instead, we would like to write our devious code in C, compiling to a shared object that gets injected anonymously. This requires writing a remote RTLD within libhijack and is in progress. Writing a remote RTLD will take a while as doing so is not an easy task. Additionally, creation of a general-purpose helper library that gets injected would be helpful. It could aid in PLT/GOT redirection attacks, possibly storing the addresses of functions we've previously hijacked. This work is dependent on the remote RTLD. libhijack currently lacks documentation. Once the ABI and API stabilize, formal documentation will be written. Conclusion Using libhijack, we can easily create anonymous memory mappings, inject into them arbitrary code, and hijack the PLT/GOT on FreeBSD. On HardenedBSD, a hardened derivative of FreeBSD, libhijack is fully mitigated through PaX NOEXEC. We've demonstrated that wrapper-style Capsicum is ineffective on FreeBSD. Through the use of libhijack, we emulate a control flow hijack in which the application is forced to call sandbox_open and fdlopen on the resulting file descriptor. Further work to support anonymous injection of full shared objects, along with their dependencies, will be supported in the future. Imagine injecting libpcap into Apache to sniff traffic whenever "GET /pcap" is sent. In order to prevent abuse of PTrace, FreeBSD should set the security.bsd.unprivilegedprocdebug to 0 by default. In order to prevent process manipulation, FreeBSD should implement PaX NOEXEC. libhijack can be found at https://github.com/SoldierX/libhijack Introduction to POSIX shell (https://sircmpwn.github.io/2018/02/05/Introduction-to-POSIX-shell.html) What the heck is the POSIX shell anyway? Well, the POSIX (the Portable Operating System Interface) shell is the standard Unix shell - standard meaning it was formally defined and shipped in a published standard. This makes shell scripts written for it portable, something no other shell can lay claim to. The POSIX shell is basically a formalized version of the venerable Bourne shell, and on your system it lives at /bin/sh, unless you're one of the unlucky masses for whom this is a symlink to bash. Why use POSIX shell? The “Bourne Again shell”, aka bash, is not standardized. Its grammar, features, and behavior aren't formally written up anywhere, and only one implementation of bash exists. Without a standard, bash is defined by its implementation. POSIX shell, on the other hand, has many competing implementations on many different operating systems - all of which are compatible with each other because they conform to the standard. Any shell that utilizes features specific to Bash are not portable, which means you cannot take them with you to any other system. Many Linux-based systems do not use Bash or GNU coreutils. Outside of Linux, pretty much everyone but Hurd does not ship GNU tools, including bash1. On any of these systems, scripts using “bashisms” will not work. This is bad if your users wish to utilize your software anywhere other than GNU/Linux. If your build tooling utilizes bashisms, your software will not build on anything but GNU/Linux. If you ship runtime scripts that use bashisms, your software will not run on anything but GNU/Linux. The case for sticking to POSIX shell in shipping software is compelling, but I argue that you should stick to POSIX shell for your personal scripts, too. You might not care now, but when you feel like flirting with other Unicies you'll thank me when all of your scripts work. One place where POSIX shell does not shine is for interactive use - a place where I think bash sucks, too. Any shell you want to use for your day-to-day command line work is okay in my book. I use fish. Use whatever you like interactively, but stick to POSIX sh for your scripts. How do I use POSIX shell? At the top of your scripts, put #!/bin/sh. You don't have to worry about using env here like you might have been trained to do with bash: /bin/sh is the standardized location for the POSIX shell, and any standards-conforming system will either put it there or make your script work anyway. The next step is to avoid bashisms. There are many, but here are a few that might trip you up: [[ condition ]] does not work; use [ condition ] Arrays do not work; use IFS Local variables do not work; use a subshell The easiest way to learn about POSIX shell is to read the standard - it's not too dry and shorter than you think. Using standard coreutils The last step to writing portable scripts is to use portable tools. Your system may have GNU coreutils installed, which provides tools like grep and cut. Unfortunately, GNU has extended these tools with its own non-portable flags and tools. It's important that you avoid these. One dead giveaway of a non-portable flag is long flags, e.g. grep --file=FILE as opposed to grep -f. The POSIX standard only defines the getopt function - not the proprietary GNU getopt_long function that's used to interpret long options. As a result, no long flags are standardized. You might worry that this will make your scripts difficult to understand, but I think that on the whole it will not. Shell scripts are already pretty alien and require some knowledge to understand. Is knowledge of what the magic word grep means much different from knowledge of what grep -E means? I also like that short flags allow you to make more concise command lines. Which is better: ps --all --format=user --without-tty, or ps -aux? If you are inclined to think the former, do you also prefer function(a, b, c) { return a + b + c; } over (a, b, c) => a + b + c? Conciseness matters, and POSIX shell supports comments if necessary! Some tips for using short flags: They can be collapsed: cmd -a -b -c is equivalent to cmd -abc If they take additional arguments, either a space or no separation is acceptable: cmd -f"hello world" or cmd -f "hello world" A good reference for learning about standardized commands is, once again, the standard. From this page, search for the command you want, or navigate through “Shell & Utilities” -> “Utilities” for a list. If you have man-pages installed, you will also find POSIX man pages installed on your system with the p postfix, such as man 1p grep. Note: at the time of writing, the POSIX man pages do not use dashes if your locale is UTF-8, which makes searching for flags with / difficult. Use env LC_ALL=POSIX man 1p grep if you need to search for flags, and I'll speak to the maintainer of man-pages about this. FreeBSD Broadcom Wi-Fi Improvements (http://landonf.org/code/freebsd/Broadcom_WiFi_Improvements.20180122.html) Introduction Since 2015, I've been working on improving FreeBSD support for Broadcom Wi-Fi devices and SoCs, including authoring the bhnd(4) driver family, which provides a unified bus and driver programming interface for these devices. First committed in early 2016, bhnd(4) allowed us to quickly bring up FreeBSD/MIPS on Broadcom SoCs, but it has taken much longer to implement the full set of features required to support modern Broadcom SoftMAC Wi-Fi hardware. Thanks to the generosity of the FreeBSD Foundation, I've recently finished implementing the necessary improvements to the bhnd(4) driver family. With these changes in place, I was finally able to port the existing bwn(4) Broadcom SoftMAC Wi-Fi driver to the bhnd(4) bus, and implement initial support for the BCM43224 and BCM43225 chipsets, with additional hardware support to be forthcoming. Now that my efforts on FreeBSD/Broadcom Wi-Fi support have progressed far enough to be generally useful, I wanted to take some time to provide a brief overview of Broadcom's Wi-Fi hardware, and explain how my work provides a foundation for further FreeBSD Broadcom Wi-Fi/SoC improvements. A Brief Background on Broadcom Wi-Fi Hardware Broadcom's Wi-Fi devices are members of the Broadcom Home Networking Division (BHND) device family; other BHND devices include MIPS/ARM SoCs (including Wi-Fi SoCs commonly found in consumer access points), as well as a large variety of related networking hardware. BHND devices utilize a common set of Broadcom IP cores (or "functional blocks") connected via one of two on-chip bus architectures: Hardware designed prior to 2009 used Broadcom's “SSB” backplane architecture, based on Sonics Silicon's interconnect IP. Subsequent hardware adopted Broadcom's “BCMA” backplane, based on ARM's AMBA IP. The IP cores used in earlier SSB-based devices were adapted for compatibility with the new backplane. When BHND hardware is used in a PCI Wi-Fi card, or a SDIO Wi-Fi module, the device's dual-mode peripheral controller is configured to operate as an endpoint device on the host's peripheral bus, bridging access to the SoC hardware: Host access to SoC address space is provided via a set of register windows (e.g., a set of configurable windows into SoC address space mapped via PCI BARs) DMA is supported by the bridge core's sparse mapping of host address space into the backplane address space. These address regions may be used as a target for the on-chip DMA engines. Any backplane interrupt vectors routed to the bridge core may be mapped by the bridge to host interrupts (e.g., PCI INTx/MSI/MSI-X). The host is generally expected to provide drivers for the IP cores found on the SoC backplane; since these cores are found in both BHND SoCs and BHND Wi-Fi devices, it is advantageous to share driver and platform code between the two targets. Modernizing FreeBSD's Broadcom SoftMAC Wi-Fi Support FreeBSD support for Broadcom SoftMAC Wi-Fi adapters is provided by two partially overlapping PCI/CardBus drivers: Legacy Wi-Fi adapters are supported by bwi(4). This driver remains in-tree to support devices incompatible with v4 or later firmware (e.g. BCM4301, BCM4302, BCM4306 rev 1-2), all of which were released prior to December 2002. Modern Wi-Fi adapters are supported by bwn(4), with access to on-chip cores mediated by bhnd(4). Prior to my work porting bwn(4) to bhnd(4), access to on-chip cores was mediated by sibabwn, a PCI/WiFi-specific derivative of the legacy siba(4) SSB bus driver. There were two major limitations to sibabwn that have long blocked adding support for newer SoftMAC Wi-Fi chipsets: the newer BCMA interconnect found in post-2009 hardware was not supported by siba(4), and siba_bwn assumed a PCI/PCIe bridge, preventing its use on FreeBSD/MIPS Broadcom SoCs with interconnect-attached D11 cores. The new bhnd(4) driver family, written as a replacement for siba(4) and siba_bwn, provides: A unified bus driver interface for both SSB and BCMA on-chip interconnects A generic BHND bridge driver framework for host-connected BHND devices (e.g. Wi-Fi adapters, etc) A PCI/PCIe bridge core driver, for PCI-attached BHND devices. An abstract BHND NVRAM API, with support for the varied NVRAM formats found in BHND Wi-Fi adapters and SoCs. Drivers for common BHND platform peripherals (UARTs, SPROM/flash, PMUs, etc) By porting bwn(4) to bhnd(4), we are now able to support existing BCMA devices with MAC/PHY/Radio combinations readily supported by bwn(4), as was the case with the BCM43224 and BCM43225 chipsets. This also opens the door to porting additional PHY support from Broadcom's ISC-licensed Linux drivers, and will allow us to bring up bwn(4) on Broadcom WiSoCs supported by FreeBSD/MIPS. Monitor OpenSMTPD using Logstash and Grafana (https://www.tumfatig.net/20180129/monitor-opensmtpd-using-logstash-grafana/) Logs are usefull. Graphs are sexy. Here's a way to get a view on what happens to your OpenSMTPD traffic, using Web v2.0 tools ; namely Logstash & Grafana. For those who would not be aware of those tools, logstash is some kind of log-parser that can eat syslog formatted logs and write them into elasticsearch ; in “document” format. Grafana is a Web frontend that can dig into various databases and render graphics from requests. I won't go into the whole “how to install” process here. Installation is quite straight forward and online documentation is quite clear. What you need OpenSMTPD deals with emails and logs its activity via Syslog. Syslog is configured to send the logs to Logstash. Logstash has a set of rules configured to transform the text-oriented information into searchable document-oriented data. The transformed data is stored into Elasticsearch. Elasticsearch provides Web API to search and find stuff. Grafana connects to ELS to get data and draw the graphs. Beastie Bits CharmBUG Presentation - Writing FreeBSD Malware (https://www.meetup.com/CharmBUG/events/247995596/) March London *BSD meeting 13/03/18 (http://mailman.uk.freebsd.org/pipermail/ukfreebsd/2018-February/014180.html) FreBSD Ports Workshop (https://wiki.freebsd.org/MateuszPiotrowski/Ports/Workshop) The history of NetBSD/atari and support for ATARI compatible Milan / OSC2018Osaka (https://speakerdeck.com/tsutsui/osc2018osaka) SSH Mastery, 2nd Edition (https://www.tiltedwindmillpress.com/?product=ssh-mastery-2nd-edition) *** Feedback/Questions Stephen - Viewer Interview Question (http://dpaste.com/06WTRB9#wrap) pb - trust expanding your 280TB pool (http://dpaste.com/0TZV6CM#wrap) Tim - ZFS questions for the ZFS Man (http://dpaste.com/0759X1E#wrap) Daniel - ZFS full backup question (http://dpaste.com/1SJXSBQ#wrap) ***

We cover an interview about Unix Architecture Evolution, another vBSDcon trip report, how to teach an old Unix about backspace, new NUMA support coming to FreeBSD, and stack pointer checking in OpenBSD. This episode was brought to you by Headlines Unix Architecture Evolution from the 1970 PDP-7 to the 2017 FreeBSD (https://fosdem.org/2018/interviews/diomidis-spinellis/) Q: Could you briefly introduce yourself? I'm a professor of software engineering, a programmer at heart, and a technology author. Currently I'm also the editor in chief of the IEEE Software magazine. I recently published the book Effective Debugging, where I detail 66 ways to debug software and systems. Q: What will your talk be about, exactly? I will describe how the architecture of the Unix operating system evolved over the past half century, starting from an unnamed system written in PDP-7 assembly language and ending with a modern FreeBSD system. My talk is based, first, on a GitHub repository where I tried to record the system's history from 1970 until today and, second, on the evolution of documented facilities (user commands, system calls, library functions) across revisions. I will thus present the early system's defining architectural features (layering, system calls, devices as files, an interpreter, and process management) and the important ones that followed in subsequent releases: the tree directory structure, user contributed code, I/O redirection, the shell as a user program, groups, pipes, scripting, and little languages. Q: Why this topic? Unix stands out as a major engineering breakthrough due to its exemplary design, its numerous technical contributions, its impact, its development model, and its widespread use. Furthermore, the design of the Unix programming environment has been characterized as one offering unusual simplicity, power, and elegance. Consequently, there are many lessons that we can learn by studying the evolution of the Unix architecture, which we can apply to the design of new systems. I often see modern systems that suffer from a bloat of architectural features and a lack of clear form on which functionality can be built. I believe that many of the modern Unix architecture defining features are excellent examples of what we should strive toward as system architects. Q: What do you hope to accomplish by giving this talk? What do you expect? I'd like FOSDEM attendees to leave the talk with their mind full with architectural features of timeless quality. I want them to realize that architectural elegance isn't derived by piling design patterns and does not need to be expensive in terms of resources. Rather, beautiful architecture can be achieved on an extremely modest scale. Furthermore, I want attendees to appreciate the importance of adopting flexible conventions rather than rigid enforcement mechanisms. Finally, I want to demonstrate through examples that the open source culture was part of Unix from its earliest days. Q: What are the most significant milestones in the development of Unix? The architectural development of Unix follows a path of continuous evolution, albeit at a slowing pace, so I don't see here the most important milestones. I would however define as significant milestones two key changes in the way Unix was developed. The first occurred in the late 1970s when significant activity shifted from a closely-knit team of researchers at the AT&T Bell Labs to the Computer Science Research Group in the University of California at Berkeley. This opened the system to academic contributions and growth through competitive research funding. The second took place in the late 1980s and the 1990s when Berkeley open-sourced the the code it had developed (by that time a large percentage of the system) and enthusiasts built on it to create complete open source operating system distributions: 386BSD, and then FreeBSD, NetBSD, OpenBSD, and others. Q: In which areas has the development of Unix stalled? The data I will show demonstrate that there were in the past some long periods where the number of C library functions and system calls remained mostly stable. Nowadays there is significant growth in the number of all documented facilities with the exception of file formats. I'm looking forward to a discussion regarding the meaning of these growth patterns in the Q&A session after the talk. Q: What are the core features that still link the 1970 PDP-7 system to the latest FreeBSD 11.1 release, almost half a century apart? Over the past half-century the Unix system has grown by four orders of magnitude from a few thousand lines of code to many millions. Nevertheless, looking at a 1970s architecture diagram and a current one reveals that the initial architectural blocks are still with us today. Furthermore, most system calls, user programs, and C library functions of that era have survived until today with essentially similar functionality. I've even found in modern FreeBSD some lines of code that have survived unchanged for 40 years. Q: Can we still add innovative changes to operating systems like FreeBSD without breaking the ‘Unix philosophy'? Will there be a moment where FreeBSD isn't recognizable anymore as a descendant of the 1970 PDP-7 system? There's a saying that “form liberates”. So having available a time-tested form for developing operating system functionality allows you to innovate in areas that matter rather than reinventing the wheel. Such concepts include having commands act as a filter, providing manual pages with a consistent structure, supplying build information in the form of a Makefile, installing files in a well-defined directory hierarchy, implementing filesystems with an standardized object-oriented interface, and packaging reusable functions as a library. Within this framework there's ample space for both incremental additions (think of jq, the JSON query command) and radical innovations (consider the Solaris-derived ZFS and dtrace functionality). For this reason I think that BSD and Linux systems will always be recognizable as direct or intellectual descendants of the 1970s Research Unix editions. Q: Have you enjoyed previous FOSDEM editions? Immensely! As an academic I need to attend many scientific conferences and meetings in order to present research results and interact with colleagues. This means too much time spent traveling and away from home, and a limited number of conferences I'm in the end able to attend. Nevertheless, attending FOSDEM is an easy decision due to the world-changing nature of its theme, the breadth of the topics presented, the participants' enthusiasm and energy, as well as the exemplary, very efficient conference organization. Another vBSDCon trip report we just found (https://www.weaponizedawesome.com/blog/?cat=53) We just got tipped about another trip report from vBSDCon, this time from one of the first time speakers: W. Dean Freeman Recently I had the honor of co-presenting on the internals of FreeBSD's Kernel RNG with John-Mark Gurney at the 3rd biennial vBSDCon, hosted in Reston, VA hosted by Verisign. I've been in and out of the FreeBSD community for about 20 years. As I've mentioned on here before, my first Unix encounter was FreeBSD 2.2.8 when I was in the 7th or 8th grade. However, for all that time I've never managed to get out to any of the cons. I've been to one or two BUG meetings and I've met some folks from IRC before, but nothing like this. A BSD conference is a very different experience than anything else out there. You have to try it, it is the only way to truly understand it. I'd also not had to do a stand-up presentation really since college before this. So, my first BSD con and my first time presenting rolled into one made for an interesting experience. See, he didn't say terrifying. It went very well. You should totally submit a talk for the next conference, even if it is your first. That said, it was amazing and invigorating experience. I got to meet a few big names in the FreeBSD community, discuss projects, ideas for FreeBSD, etc. I did seem to spend an unusual amount of time talking about FIPS and Common Criteria with folks, but to me that's a good sign and indicative that there is interest in working to close gaps between FreeBSD and the current requirements so that we can start getting FreeBSD and more BSD-based products into the government and start whittling away the domination of Linux (especially since Oracle has cut Solaris, SPARC and the ZFS storage appliance business units). There is nothing that can match the high bandwidth interchange of ideas in person. The internet has made all kinds of communication possible, and we use it all the time, but every once in a while, getting together in person is hugely valuable. Dean then went on to list some of the talks he found most valuable, including DTrace, Capsicum, bhyve, *BSD security tools, and Paul Vixie's talk about gets() I think the talk that really had the biggest impact on me, however, was Kyle Kneisl's talk on BSD community dynamics. One of the key points he asked was whether the things that drew us to the BSD community in the first place would be able to happen today. Obviously, I'm not a 12 or 13 year old kid anymore, but it really got me thinking. That, combined with getting face time with people I'd previously only known as screen names has recently drawn me back into participating in IRC and rejoining mailing lists (wdf on freenode. be on the lookout!) Then Dean covered some thoughts on his own talk: JMG and my talk seems to have been well received, with people paying lots of attention. I don't know what a typical number of questions is for one of these things, but on day one there weren't that many questions. We got about 5 during our question time and spent most of the rest of the day fielding questions from interested attendees. Getting a “great talk!” from GNN after coming down from the stage was probably one of the major highlights for me. I remember my first solo talk, and GNN asking the right question in the middle to get me to explain a part of it I had missed. It was very helpful. I think key to the interest in our presentation was that JMG did a good job framing a very complicated topic's importance in terms everyone could understand. It also helped that we got to drop some serious truth bombs. Final Thoughts: I met a lot of folks in person for the first time, and met some people I'd never known online before. It was a great community and I'm glad I got a chance to expand my network. Verisign were excellent hosts and they took good care of both speakers (covering airfare, rooms, etc.) and also conference attendees at large. The dinners that they hosted were quite good as well. I'm definitely interested in attending vBSDCon again and now that I've had a taste of meeting IRL with the community on scale of more than a handful, I have every intention of finally making it to BSDCan next year (I'd said it in 2017, but then moved to Texas for a new job and it wasn't going to be practical). This year for sure, though! Teaching an Almost 40-year Old UNIX about Backspace (https://virtuallyfun.com/2018/01/17/teaching_an_almost_40-year_old_unix_about_backspace/) Introduction I have been messing with the UNIX® operating system, Seventh Edition (commonly known as UNIX V7 or just V7) for a while now. V7 dates from 1979, so it's about 40 years old at this point. The last post was on V7/x86, but since I've run into various issues with it, I moved on to a proper installation of V7 on SIMH. The Internet has some really good resources on installing V7 in SIMH. Thus, I set out on my own journey on installing and using V7 a while ago, but that was remarkably uneventful. One convenience that I have been dearly missing since the switch from V7/x86 is a functioning backspace key. There seem to be multiple different definitions of backspace: BS, as in ASCII character 8 (010, 0x08, also represented as ^H), and DEL, as in ASCII character 127 (0177, 0x7F, also represented as ^?). V7 does not accept either for input by default. Instead, # is used as the erase character and @ is used as the kill character. These defaults have been there since UNIX V1. In fact, they have been “there” since Multics, where they got chosen seemingly arbitrarily. The erase character erases the character before it. The kill character kills (deletes) the whole line. For example, “ba##gooo#d” would be interpreted as “good” and “bad line@good line” would be interpreted as “good line”. There is some debate on whether BS or DEL is the correct character for terminals to send when the user presses the backspace key. However, most programs have settled on DEL today. tmux forces DEL, even if the terminal emulator sends BS, so simply changing my terminal to send BS was not an option. The change from the defaults outlined here to today's modern-day defaults occurred between 4.1BSD and 4.2BSD. enf on Hacker News has written a nice overview of the various conventions Getting the Diff For future generations as well as myself when I inevitably majorly break this installation of V7, I wanted to make a diff. However, my V7 is installed in SIMH. I am not a very intelligent man, I didn't keep backup copies of the files I'd changed. Getting data out of this emulated machine is an exercise in frustration. In the end, I printed everything on screen using cat(1) and copied that out. Then I performed a manual diff against the original source code tree because tabs got converted to spaces in the process. Then I applied the changes to clean copies that did have the tabs. And finally, I actually invoked diff(1). Closing Thoughts Figuring all this out took me a few days. Penetrating how the system is put together was surprisingly fairly hard at first, but then the difficulty curve eased up. It was an interesting exercise in some kind of “reverse engineering” and I definitely learned something about tty handling. I was, however, not pleased with using ed(1), even if I do know the basics. vi(1) is a blessing that I did not appreciate enough until recently. Had I also been unable to access recursive grep(1) on my host and scroll through the code, I would've probably given up. Writing UNIX under those kinds of editing conditions is an amazing feat. I have nothing but the greatest respect for software developers of those days. News Roundup New NUMA support coming to FreeBSD CURRENT (https://lists.freebsd.org/pipermail/freebsd-current/2018-January/068145.html) Hello folks, I am working on merging improved NUMA support with policy implemented by cpuset(2) over the next week. This work has been supported by Dell/EMC's Isilon product division and Netflix. You can see some discussion of these changes here: https://reviews.freebsd.org/D13403 https://reviews.freebsd.org/D13289 https://reviews.freebsd.org/D13545 The work has been done in user/jeff/numa if you want to look at svn history or experiment with the branch. It has been tested by Peter Holm on i386 and amd64 and it has been verified to work on arm at various points. We are working towards compatibility with libnuma and linux mbind. These commits will bring in improved support for NUMA in the kernel. There are new domain specific allocation functions available to kernel for UMA, malloc, kmem, and vmpage*. busdmamem consumers will automatically be placed in the correct domain, bringing automatic improvements to some device performance. cpuset will be able to constrains processes, groups of processes, jails, etc. to subsets of the system memory domains, just as it can with sets of cpus. It can set default policy for any of the above. Threads can use cpusets to set policy that specifies a subset of their visible domains. Available policies are first-touch (local in linux terms), round-robin (similar to linux interleave), and preferred. For now, the default is round-robin. You can achieve a fixed domain policy by using round-robin with a bitmask of a single domain. As the scheduler and VM become more sophisticated we may switch the default to first-touch as linux does. Currently these features are enabled with VMNUMAALLOC and MAXMEMDOM. It will eventually be NUMA/MAXMEMDOM to match SMP/MAXCPU. The current NUMA syscalls and VMNUMAALLOC code was 'experimental' and will be deprecated. numactl will continue to be supported although cpuset should be preferred going forward as it supports the full feature set of the new API. Thank you for your patience as I deal with the inevitable fallout of such sweeping changes. If you do have bugs, please file them in bugzilla, or reach out to me directly. I don't always have time to catch up on all of my mailing list mail and regretfully things slip through the cracks when they are not addressed directly to me. Thanks, Jeff Stack pointer checking – OpenBSD (https://marc.info/?l=openbsd-tech&m=151572838911297&w=2) Stefan (stefan@) and I have been working for a few months on this diff, with help from a few others. At every trap and system call, it checks if the stack-pointer is on a page that is marked MAPSTACK. execve() is changed to create such mappings for the process stack. Also, libpthread is taught the new MAPSTACK flag to use with mmap(). There is no corresponding system call which can set MAP_FLAG on an existing page, you can only set the flag by mapping new memory into place. That is a piece of the security model. The purpose of this change is to twart stack pivots, which apparently have gained some popularity in JIT ROP attacks. It makes it difficult to place the ROP stack in regular data memory, and then perform a system call from it. Workarounds are cumbersome, increasing the need for far more gadgetry. But also the trap case -- if any memory experiences a demand page fault, the same check will occur and potentially also kill the process. We have experimented a little with performing this check during device interrupts, but there are some locking concerns and performance may then become a concern. It'll be best to gain experience from handle of syncronous trap cases first. chrome and other applications I use run fine! I'm asking for some feedback to discover what ports this breaks, we'd like to know. Those would be ports which try to (unconventionally) create their stacks in malloc()'d memory or inside another Data structure. Most of them are probably easily fixed ... Qt 5.9 on FreeBSD (https://euroquis.nl/bobulate/?p=1768) Tobias and Raphael have spent the past month or so hammering on the Qt 5.9 branch, which has (finally!) landed in the official FreeBSD ports tree. This brings FreeBSD back up-to-date with current Qt releases and, more importantly, up-to-date with the Qt release KDE software is increasingly expecting. With Qt 5.9, the Elisa music player works, for instance (where it has run-time errors with Qt 5.7, even if it compiles). The KDE-FreeBSD CI system has had Qt 5.9 for some time already, but that was hand-compiled and jimmied into the system, rather than being a “proper” ports build. The new Qt version uses a new build system, which is one of the things that really slowed us down from a packaging perspective. Some modules have been reshuffled in the process. Some applications depending on Qt internal-private headers have been fixed along the way. The Telegram desktop client continues to be a pain in the butt that way. Following on from Qt 5.9 there has been some work in getting ready for Clang 6 support; in general the KDE and Qt stack is clean and modern C++, so it's more infrastructural tweaks than fixing code. Outside of our silo, I still see lots of wonky C++ code being fixed and plenty of confusion between pointers and integers and strings and chars and .. ugh. Speaking of ugh, I'm still planning to clean up Qt4 on ARM aarch64 for FreeBSD; this boils down to stealing suitable qatomic implementations from Arch Linux. For regular users of Qt applications on FreeBSD, there should be few to no changes required outside the regular upgrade cycle. For KDE Plasma users, note that development of the ports has changed branches; as we get closer to actually landing modern KDE bits, things have been renamed and reshuffled and mulled over so often that the old plasma5 branch wasn't really right anymore. The kde5-import branch is where it's at nowadays, and the instructions are the same: the x11/kde5 metaport will give you all the KDE Frameworks 5, KDE Plasma Desktop and modern KDE Applications you need. Adding IPv6 to an Nginx website on FreeBSD / FreshPorts (https://dan.langille.org/2018/01/13/adding-ipv6-to-an-nginx-website-on-freebsd-freshports/) FreshPorts recently moved to an IPv6-capable server but until today, that capability has not been utilized. There were a number of things I had to configure, but this will not necessarily be an exhaustive list for you to follow. Some steps might be missing, and it might not apply to your situation. All of this took about 3 hours. We are using: FreeBSD 11.1 Bind 9.9.11 nginx 1.12.2 Fallout I expect some monitoring fallout from this change. I suspect some of my monitoring assumes IP4 and now that IPv6 is available, I need to monitor both IP addresses. ZFS on TrueOS: Why We Love OpenZFS (https://www.trueos.org/blog/zfs-trueos-love-openzfs/) TrueOS was the first desktop operating system to fully implement the OpenZFS (Zettabyte File System or ZFS for short) enterprise file system in a stable production environment. To fully understand why we love ZFS, we will look back to the early days of TrueOS (formerly PC-BSD). The development team had been using the UFS file system in TrueOS because of its solid track record with FreeBSD-based computer systems and its ability to check file consistency with the built-in check utility fsck. However, as computing demands increased, problems began to surface. Slow fsck file verification on large file systems, slow replication speeds, and inconsistency in data integrity while using UFS logging / journaling began to hinder users. It quickly became apparent that TrueOS users would need a file system that scales with evolving enterprise storage needs, offers the best data protection, and works just as well on a hobbyist system or desktop computer. Kris Moore, the founder of the TrueOS project, first heard about OpenZFS in 2007 from chatter on the FreeBSD mailing lists. In 2008, the TrueOS development team was thrilled to learn that the FreeBSD Project had ported ZFS. At the time, ZFS was still unproven as a graphical desktop solution, but Kris saw a perfect opportunity to offer ZFS as a cutting-edge file system option in the TrueOS installer, allowing the TrueOS project to act as an indicator of how OpenZFS would fair in real-world production use. The team was blown away by the reception and quality of OpenZFS on FreeBSD-based systems. By its nature, ZFS is a copy-on-write (CoW) file system that won't move a block of data until it both writes the data and verifies its integrity. This is very different from most other file systems in use today. ZFS is able to assure that data stays consistent between writes by automatically comparing write checksums, which mitigates bit rot. ZFS also comes with native RaidZ functionality that allows for enterprise data management and redundancy without the need for expensive traditional RAID cards. ZFS snapshots allow for system configuration backups in a split-second. You read that right. TrueOS can backup or restore snapshots in less than a second using the ZFS file system. Given these advantages, the TrueOS team decided to use ZFS as its exclusive file system starting in 2013, and we haven't looked back since. ZFS offers TrueOS users the stable workstation experience they want, while simultaneously scaling to meet the increasing demands of the enterprise storage market. TrueOS users are frequently commenting on how easy it is to use ZFS snapshots with our built-in snapshot utility. This allows users the freedom to experiment with their system knowing they can restore it in seconds if anything goes wrong. If you haven't had a chance to try ZFS with TrueOS, browse to our download page and make sure to grab a copy of TrueOS. You'll be blown away by the ease of use, data protection functionality, and incredible flexibility of RaidZ. Beastie Bits Source Code Podcast Interview with Michael W Lucas (https://blather.michaelwlucas.com/archives/3099) Operating System of the Year 2017: NetBSD Third place (https://w3techs.com/blog/entry/web_technologies_of_the_year_2017) OPNsense 18.1-RC1 released (https://opnsense.org/opnsense-18-1-rc1-released/) Personal OpenBSD Wiki Notes (https://balu-wiki.readthedocs.io/en/latest/security/openbsd.html) BSD section can use some contribution (https://guide.freecodecamp.org/bsd-os/) The Third Research Edition Unix Programmer's Manual (now available in PDF) (https://github.com/dspinellis/unix-v3man) Feedback/Questions Alex - my first freebsd bug (http://dpaste.com/3DSV7BC#wrap) John - Suggested Speakers (http://dpaste.com/2QFR4MT#wrap) Todd - Two questions (http://dpaste.com/2FQ450Q#wrap) Matthew - CentOS to FreeBSD (http://dpaste.com/3KA29E0#wrap) Brian - Brian - openbsd 6.2 and enlightenment .17 (http://dpaste.com/24DYF1J#wrap) ***

We read the FreeBSD Q3 status report, explore good and bad syscalls, list GOG Games for OpenBSD, and show you what devmatch can do. This episode was brought to you by Headlines FreeBSD Q3 Status Report 2017 (https://lists.freebsd.org/pipermail/freebsd-announce/2017-December/001818.html) FreeBSD Team Reports FreeBSD Release Engineering Team Ports Collection The FreeBSD Core Team The FreeBSD Foundation Projects FreeBSD CI Kernel Intel 10G iflib Driver Update Intel iWARP Support pNFS Server Plan B Architectures AMD Zen (family 17h) support Userland Programs Updates to GDB Ports FreeBSDDesktop OpenJFX 8 Puppet Documentation Absolute FreeBSD, 3rd Edition Manual Pages Third-Party Projects The nosh Project ####FreeBSD Foundation Q4 Update (https://www.freebsdfoundation.org/wp-content/uploads/2017/12/FreeBSD-Foundation-Q4-Update.pdf) *** ###11 syscalls that rock the world (https://www.cloudatomiclab.com/prosyscall/) 0. read > You cannot go wrong with a read. You can barely EFAULT it! On Linux amd64 it is syscall zero. If all its arguments are zero it returns zero. Cool! 1. pipe > The society for the preservation of historic calling conventions is very fond of pipe, as in many operating systems and architectures it preserves the fun feature of returning both of the file descriptors as return values. At least Linux MIPS does, and NetBSD does even on x86 and amd64. Multiple return values are making a comeback in languages like Lua and Go, but C has always had a bit of a funny thing about them, but they have long been supported in many calling conventions, so let us use them in syscalls! Well, one syscall. 2. kqueue > When the world went all C10K on our ass, and scaleable polling was a thing, Linux went epoll, the BSDs went kqueue and Solaris went /dev/poll. The nicest interface was kqueue, while epoll is some mix of edge and level triggered semantics and design errors so bugs are still being found. 3. unshare > Sounds like a selfish syscall, but this generous syscall call is the basis of Linux namespaces, allowing a process to isolate its resources. Containers are built from unshares. 4. setns > If you liked unshare, its younger but cooler friend takes file descriptors for namespaces. Pass it down a unix socket to another process, or stash it for later, and do that namespace switching. All the best system calls take file descriptors. 5. execveat > Despite its somewhat confusing name (FreeBSD has the saner fexecve, but other BSDs do not have support last time I checked), this syscall finally lets you execute a program just given a file descriptor for the file. I say finally, as Linux only implemented this in 3.19, which means it is hard to rely on it (yeah, stop using those stupid old kernels folks). Before that Glibc had a terrible userspace implementation that is basically useless. Perfect for creating sandboxes, as you can sandbox a program into a filesystem with nothing at all in, or with a totally controlled tree, by opening the file to execute before chroot or changing the namespace. 6. pdfork > Too cool for Linux, you have to head out to FreeBSD for this one. Like fork, but you get a file descriptor for the process not a pid. Then you can throw it in the kqueue or send it to another process. Once you have tried process descriptors you will never go back. 7. signalfd > You might detect a theme here, but if you have ever written traditional 1980s style signal handlers you know how much they suck. How about turning your signals into messages that you can read on, you guessed it, file descriptors. Like, usable. 8. wstat > This one is from Plan 9. It does the opposite of stat and writes the same structure. Simples. Avoids having chmod, chown, rename, utime and so on, by the simple expedient of making the syscall symmetric. Why not? 9. clonefile > The only cool syscall on OSX, and only supported on the new APFS filesystem. Copies whole files or directories on a single syscall using copy on write for all the data. Look on my works, copyfilerange and despair. 10. pledge > The little sandbox that worked. OpenBSD only here, they managed to make a simple sandbox that was practical for real programs, like the base OpenBSD system. Capsicum form FreeBSD (and promised for Linux for years but no sign) is a lovely design, and gave us pdfork, but its still kind of difficult and intrusive to implement. Linux has, well, seccomp, LSMs, and still nothing that usable for the average program. ###Eleven syscalls that suck (https://www.cloudatomiclab.com/antisyscall/) 0. ioctl > It can‘t decide if it‘s arguments are integers, strings, or some struct that is lost in the midst of time. Make up your mind! Plan 9 was invented to get rid of this. 1. fcntl > Just like ioctl but for some different miscellaneous operations, because one miscelleny is not enough. 2. tuxcall > Linux put a web server in the kernel! To win a benchmark contest with Microsoft! It had it‘s own syscall! My enum tux_reactions are YUK! Don‘t worry though, it was a distro patch (thanks Red Hat!) and never made it upstream, so only the man page and reserved number survive to taunt you and remind you that the path of the righteous is beset by premature optmization! 3. iosetup > The Linux asynchronous IO syscalls are almost entirely useless! Almost nothing works! You have to use ODIRECT for a start. And then they still barely work! They have one use, benchmarking SSDs, to show what speed you could get if only there was a usable API. Want async IO in kernel? Use Windows! 4. stat, and its friends and relatives > Yes this one is useful, but can you find the data structure it uses? We have oldstat, oldfstat, ustat, oldlstat, statfs, fstatfs, stat, lstat, fstat, stat64, lstat64, fstat64, statfs64, fstatfs64, fstatat64 for stating files and links and filesystems in Linux. A new bunch will be along soon for Y2038. Simplify your life, use a BSD, where they cleaned up the mess as they did the cooking! Linux on 32 bit platforms is just sucky in comparison, and will get worse. And don't even look at MIPS, where the padding is wrong. 5. Linux on MIPS > Not a syscall, a whole implemntation of the Linux ABI. Unlike the lovely clean BSDs, Linux is different on each architecture, system calls randomly take arguments in different orders, and constants have different values, and there are special syscalls. But MIPS takes the biscuit, the whole packet of biscuits. It was made to be binary compatible with old SGI machines that don't even exist, and has more syscall ABIs than I have had hot dinners. Clean it up! Make a new sane MIPS ABI and deprecate the old ones, nothing like adding another variant. So annoying I think I threw out all my MIPS machines, each different. 6. inotify, fanotify and friends > Linux has no fewer than three file system change notification protocols. The first, dnotify hopped on ioctl‘s sidekick fcntl, while the two later ones, inotify and fanotify added a bunch more syscalls. You can use any of them, and they still will not provide the notification API you want for most applications. Most people use the second one, inotify and curse it. Did you know kqueue can do this on the BSDs? 7. personality > Oozing in personality, but we just don't get along. Basically obsolete, as the kernel can decide what kind of system emulation to do from binaries directly, it stays around with some use cases in persuading ./configure it is running on a 32 bit system. But it can turn off ASLR, and let the CVEs right into your system. We need less persoanlity! 8. gettimeofday > Still has an obsolete timezone value from an old times when people thought timezones should go all the way to the kernel. Now we know that your computer should not know. Set its clock to UTC. Do the timezones in the UI based on where the user is, not the computer. You should use clock_gettime now. Don't even talk to me about locales. This syscall is fast though, don't use it for benchmarking, its in the VDSO. 9. splice and tee > These, back in 2005 were a quite nice idea, although Linux said then “it is incomplete, the interfaces are ugly, and it will oops the system if anything goes wrong”. It won't oops your system now, but usage has not taken off. The nice idea from Linus was that a pipe is just a ring buffer in the kernel, that can have a more general API and use cases for performant code, but a decade on it hasn't really worked out. It was also supposed to be a more general sendfile, which in many ways was the successor of that Tux web server, but I think sendfile is still more widely used. 10. userfaultfd > Yes, I like file descriptors. Yes CRIU is kind of cool. But userspace handling page faults? Is nothing sacred? I get that you can do this badly with a SIGSEGV handler, but talk about lipstick on a pig. *** ###OpenBSD 6.0 on an iMac G3 from 1999 (http://www.increasinglyadequate.com/macppc.html) > A while ago I spent $50 for an iMac G3 (aka the iMac,1). This iconic model restored Apple's fortunes in the late '90s. Since the iMac G3 can still boot Mac OSes 8 and 9, I mostly use the machine to indulge a nostalgia for childhood schooldays spent poking at the operating system and playing Escape Velocity. But before I got around to that, I decided to try out the software that the previous owner had left on the machine. The antiquated OSX 10.2 install and 12 year old versions of Safari and Internet Explorer were too slow and old to use for anything. Updating to newer software was almost impossible; a later OSX is required to run the little PowerPC-compatible software still languishing in forgotten corners of the Internet. This got me thinking: could this machine be used, really used, nowadays? Lacking a newer OSX disc, I decided to try the most recent OpenBSD release. (And, since then, to re-try with each new OpenBSD release.) Below are the results of this experiment (plus a working xorg.conf file) and a few background notes. Background > This iMac is a Revision D iMac G3 in grape. It's part of the iMac,1 family of computers. This family includes all tray-loading iMac G3s. (Later iMac G3s had a slot-loading CD drive and different components.) Save for a slightly faster processor, a dedicated graphics card, and cosmetic tweaks to the case, my iMac is identical to the prior year's line-launching Bondi Blue iMac. My machine has had its memory upgraded from 32 MB to 320 MB. Thank Goodness. > The Revision D iMac G3 shipped with Mac OS 8.5. It can run up to Mac OS 9.2.2 or OSX 10.3.9. Other operating systems that tout support for the iMac,1 include NetBSD, OpenBSD, and a shrinking number of Linux distributions. > OpenBSD is simple (by design) and well-maintained. In contrast, NetBSD seems rather more complex and featureful, and I have heard grumbling that despite its reputation for portability, NetBSD really only works well on amd64. I'd test that assertion if OpenBSD's macppc installation instructions didn't seem much simpler than NetBSD's. Linux is even more complicated, although most distros are put together in a way that you can mostly ignore that complexity (until you can't). In the end I went with OpenBSD because I am familiar with it and because I like it. Installing OpenBSD on the iMac,1 > Installing OpenBSD on this iMac was simple. It's the same procedure as installing OpenBSD on an amd64 rig. You put in the installation disc; you tell the machine to boot from it; and then you answer a few prompts, most of which simply ask you to press enter. In this case, OpenBSD recognizes all machine's hardware just fine, including sound and networking, though I had a little trouble with video. > The OpenBSD documentation says video should just work and that an xorg.conf file isn't necessary. As such, it no longer ships with an xorg.conf file. Though that's never posed a problem on my other OpenBSD machines, it does here. Video doesn't work out of the box on my iMac,1. startx just blanks the screen. Fortunately, because the BSDs use a centralized development model where each operating system is stored in one repository, OpenBSD's website provides a web interface to the source code going back to the early days. I was able to find the last version of the sample xorg.conf that used to ship on macppc. With a little tweaking, I transformed that file into this one (https://www.increasinglyadequate.com/files/xorg.conf), with which video works just fine. Just drop it into your iMac's /etc/X11 directory. You'll also need to remember to set the machdep.allowaperture sysctl to 2 (e.g., as root run sysctl machdep.allowaperture=2), although the installer will do that automatically if you answer yes to the question about whether you plan to run X. > All that being said, video performance is pretty poor. I am either doing something wrong, or OpenBSD doesn't have accelerated video for this iMac, or this machine is just really old! I will discuss performance below. Running OpenBSD on the iMac,1 > The machine performs okay under OpenBSD. You can expect to ably run minimalistic software under minimalistic window managers. I tried dillo, mrxvt, and cmus under cwm and fvwm. Performance here was just fine. I also tried Firefox 26, 33, and 34 under fvwm and cwm. Firefox ran, but "modern," Javascript-heavy sites were an exercise in frustration; the 2015 version of CNN.com basically froze Firefox for 30 seconds or more. A lighter browser like dillo is doable. > You'll notice that I used the past-tense to talk about Firefox. Firefox currently doesn't build on PowerPC on OpenBSD. Neither does Chromium. Neither do a fair number of applications. But whatever -- there's still a lot of lighter applications available, and it's these you'll use day-to-day on a decades-old machine. > Lightweight window managers work okay, as you'd expect. You can even run heavier desktop environments, such as xfce, though you'll give up a lot of performance. > I ran the Ubench benchmark on this iMac and two more modern machines also running OpenBSD. The benchmark seems like an old one; I don't know how (if at all) it accounts for hardware changes in the past 13 years. That is, I don't know if the difference in score accurately measures the difference in real-world performance. Here are the results anyway: Conclusion > Except for when I check to see if OpenBSD still works, I run Mac OS9 on this rig. I have faster and better machines for running OpenBSD. If I didn't -- if this rig were, improbably, all I had left, and I was waiting on the rush delivery of something modern -- then I would use OpenBSD on my iMac,1. I'd have to stick to lightweight applications, but at least they'd be up-to-date and running on a simple, stable, OS. *** ##News Roundup ###34th Chaos Communication Congress Schedule (https://events.ccc.de/congress/2017/Fahrplan/index.html) Many talks are streamed live (http://streaming.media.ccc.de/34c3), a good mixture of english and german talks May contain DTraces of FreeBSD (https://events.ccc.de/congress/2017/Fahrplan/events/9196.html) Are all BSDs created equally? (https://events.ccc.de/congress/2017/Fahrplan/events/8968.html) library operating systems (https://events.ccc.de/congress/2017/Fahrplan/events/8949.html) Hardening Open Source Development (https://events.ccc.de/congress/2017/Fahrplan/events/9249.html) *** ###OpenBSD 6.2 + CDE (https://jamesdeagle.blogspot.co.uk/2017/12/openbsd-62-cde.html) > If you've noticed a disruption in the time-space continuum recently, it is likely because I have finally been able to compile and install the Common Desktop Environment (CDE) in a current and actively-developed operating system (OpenBSD 6.2 in this case). > This comes after so many attempts (across multiple platforms) that ended up with the build process prematurely stopping itself in its own tracks for a variety of infinitesimal reasons that were beyond my comprehension as a non-programmer, or when there was success it was not without some broken parts. As for the latter, I've been able to build CDE on OpenIndiana Hipster, but with an end product where I'm unable to change the color scheme in dtstyle (because "useColorObj" is set to "False"), with a default color scheme that is low-res and unpleasant. As for changing "useColorObj" to "True", I tried every recommended trick I could find online, but nothing worked. > My recent attempts at installing CDE on OpenBSD (version 6.1) saw the process stop due to a number of errors that are pure gibberish to these naive eyes. While disappointing, it was par for the course within my miserable experience with trying to build this particular desktop environment. As I wrote in this space in November 2015, in the course of explaining part of my imperitive for installing Solaris 10: > And so I have come to think of building the recently open-sourced CDE as being akin to a coffee mug I saw many years ago. One side of the mug read "Turn the mug to see how to keep an idiot busy." On the other side, it read "Turn the mug to see how to keep an idiot busy." I'm through feeling like an idiot, which is partially why I'm on this one-week journey with Solaris 10. > While I thoroughly enjoyed running Solaris 10 on my ThinkPad T61p, and felt a devilish thrill at using it out in the open at my local MacBook- and iPhone-infested Starbucks and causing general befuddlement and consternation among the occasional prying yoga mom, I never felt like I could do much with it beyond explore the SunOS 5.10 command line and watch YouTube videos. While still supported by its current corporate owner (whose name I don't even want to type), it is no longer actively developed and is thus little more than a retro toy. I hated the idea of installing anything else over it, but productivity beckoned and it was time to tearfully and reluctantly drag myself off the dance floor. > In any case, just last week I noticed that the Sourceforge page for the OpenBSD build had some 6.2-specific notes by way of a series of four patches, and so I decided 'what the heck, let's give this puppy another whirl'. After an initial abortive attempt at a build, I surmised that I hadn't applied the four patches correctly. A day or two later, I took a deep breath and tried again, this time resolving to not proceed with the time make World build command until I could see some sign of a successful patch process. (This time around, I downloaded the patches and moved them into the directory containing the CDE makefiles, and issued each patch command as patch Once I had the thing up and running, and with a mind bursting with fruit flavor, I started messing about. The first order of business was to create a custom color scheme modelled after the default color scheme in UnixWare. (Despite any baggage that system carries from its previous ownership under SCO, I adored the aesthetics of UnixWare 7.1.4 two years ago when I installed the free one month trial version on my ThinkPad. For reasons that escape me now, I named my newly-created color scheme in honor of UnixWare 7.1.3.) > Like a proud papa, I immediately tweeted the above screenshot and risked irritating a Linux kid or two in the process, given SCO's anti-climatic anti-Linux patent trolling from way back when. (I'm not out to irritate penguinistas, I just sure like this color scheme.) Final Thoughts > It may look a little clunky at first, and may be a little bling-challenged, but the more I use CDE and adapt to it, the more it feels like an extension of my brain. Perhaps this is because it has a lot zip and behaves in a consistent and coherent manner. (I don't want to go too much further down that road here, as OSnews's Thom Holwerda already gave a good rundown about ten years ago.) > Now that I have succesfully paired my absolute favorite operating system with a desktop environment that has exerted an intense gravitational hold on me for many, many years, I don't anticipate distrohopping any time soon. And as I attain a more advanced knowledge of CDE, I'll be chronicling any new discoveries here for the sake of anyone following me from behind as I feel my way around this darkened room. *** ###devmatch(8) added to FreeBSD HEAD (https://www.mail-archive.com/svn-src-all@freebsd.org/msg154719.html) ``` Log: Match unattached devices on the system to potential kernel modules. devmatch(8) matchs up devices in the system device tree with drivers that may match them. For each unattached device in the system, it tries to find matching PNP info in the linker hints and prints modules to load to claim the devices. In --unbound mode, devmatch can look for drivers that have attached to devices in the device tree and have plug and play information, but for which no PNP info exists. This helps find drivers that haven't been converted yet that are in use on this system. In addition, the ability to dump out linker.hints is provided. Future commits will add hooks to devd.conf and rc.d to fully automate using this information. Added: head/usr.sbin/devmatch/ head/usr.sbin/devmatch/Makefile (contents, props changed) head/usr.sbin/devmatch/devmatch.8 (contents, props changed) head/usr.sbin/devmatch/devmatch.c (contents, props changed) Modified: head/usr.sbin/Makefile Modified: head/usr.sbin/Makefile ``` + Oh, you naughty committers: :-) https://www.mail-archive.com/svn-src-all@freebsd.org/msg154720.html Beastie Bits New FreeBSD Journal issue: Monitoring and Metrics (https://www.freebsdfoundation.org/journal/) OpenBSD Engine Mix available on GOG.com (https://www.gog.com/mix/openbsd_engine_available) OpenBSD Foundation reached their 2017 fundraising goal (http://www.openbsdfoundation.org/campaign2017.html) TrueOS 17.12 Review – An Easy BSD (https://www.youtube.com/watch?v=nKr1GCsV-gA) LibreSSL 2.6.4 Released (https://bsdsec.net/articles/libressl-2-6-4-released-fixed) *** ##Feedback/Questions Mike - BSD 217 & Winning over Linux Users (http://dpaste.com/3AB7J4P#wrap) JLR - Boot Environments Broken? (http://dpaste.com/2K0ZDH9#wrap) Kevr - ZFS question and suggestion (http://dpaste.com/04MXA5P#wrap) Ivan - FreeBSD read cache - ZFS (http://dpaste.com/1P9ETGQ#wrap) ***

Allan reports on his trip to BSD Taiwan, new versions of Lumina and GhostBSD are here, a bunch of OpenBSD p2k17 hackathon reports. This episode was brought to you by Headlines Allan's Trip Report from BSD Taiwan (https://bsdtw.org/) BSD TW and Taiwan in general was a fun and interesting experience I arrived Thursday night and took the high speed train to Taipei main station, and then got on the Red line subway to the venue. The dorm rooms were on par with BSDCan, except the mattress was better. I spent Friday with a number of other FreeBSD developers doing touristy things. We went to Taipei 101, the world's tallest building from 2004 - 2010. It also features the world's fastest elevator (2004 - 2016), traveling at 60.6 km/h and transporting passengers from the 5th to 89th floor in 37 seconds. We also got to see the “tuned mass damper”, a 660 tonne steel pendulum suspended between the 92nd and 87th floors. This device resists the swaying of the building caused by high winds. There are interesting videos on display beside the damper, of its reaction during recent typhoons and earthquakes. The Taipei 101 building sits just 200 meters from a major fault line. Then we had excellent dumplings for lunch After walking around the city for a few more hours, we retired to a pub to escape the heat of the sunny Friday afternoon. Then came the best part of each day in Taipei, dinner! We continued our efforts to cause a nation wide shortage of dumplings Special thanks to Scott Tsai (https://twitter.com/scottttw) who took detailed notes for each of the presentations Saturday marked the start of the conference: Arun Thomas provided background and then a rundown of what is happening with the RISC-V architecture. Notes (https://docs.google.com/document/d/1yrnhNTHaMDr4DG-iviXN0O9NES9Lmlc7sWVQhnios6g/edit#heading=h.kcm1n3yzl35q) George Neville-Neil talked about using DTrace in distributed systems as an in-depth auditing system (who did what to whom and when). Notes (https://docs.google.com/document/d/1qut6tMVF8NesrGHd6bydLDN-aKBdXMgHx8Vp3_iGKjQ/edit#heading=h.qdghsgk1bgtl) Baptiste Daroussin presented Poudrière image, an extension of everyone's favourite package building system, to build custom images of FreeBSD. There was discussion of making this generate ZFS based images as well, making it mesh very well with my talk the next day. Notes (https://docs.google.com/document/d/1LceXj8IWJeTRHp9KzOYy8tpM00Fzt7fSN0Gw83B9COE/edit#heading=h.incfzi6bnzxr) Brooks Davis presented his work on an API design for a replacement for mmap. It started with a history of address space management in the BSD family of operating systems going all the way back to the beginning. This overview of the feature and how it evolved filled in many gaps for me, and showed why the newer work would be beneficial. The motivation for the work includes further extensions to support the CHERI hardware platform. Notes (https://docs.google.com/document/d/1LceXj8IWJeTRHp9KzOYy8tpM00Fzt7fSN0Gw83B9COE/edit#heading=h.incfzi6bnzxr) Johannes M Dieterich gave an interesting presentation about using FreeBSD and GPU acceleration for high performance computing. One of the slides showed that amd64 has taken almost the entire market for the top 500 super computers, and that linux dominates the list, with only a few remaining non-linux systems. Sadly, at the supercomputing conference the next week, it was announced that linux has achieved 100% saturation of the top 500 super computers list. Johannes detailed the available tools, what ports are missing, what changes should be made to the base system (mostly OpenMP), and generally what FreeBSD needs to do to become a player in the supercomputer OS market. Johannes' perspective is interesting, as he is a computational chemist, not a computer scientist. Those interested in improving the numerical libraries and GPU acceleration frameworks on FreeBSD should join the ports team. Notes (https://docs.google.com/document/d/1uaJiqtPk8WetST6_GnQwIV49bj790qx7ToY2BHC9zO4/edit#heading=h.nvsz1n6w3gyq) The final talk of the day was Peter Grehan, who spoke about how graphics support in bhyve came to be. He provided a history of how the feature evolved, and where it stands today. Notes (https://docs.google.com/document/d/1LqJQJUwdUwWZ0n5KwCH1vNI8jiWGJlI1j0It3mERN80/edit#heading=h.sgeixwgz7bjs) Afterwards, we traveled as a group to a large restaurant for dinner. There was even Mongolian Vodka, provided by Ganbold Tsagaankhuu of the FreeBSD project. Sunday: The first talk of the day Sunday was mine. I presented “ZFS: Advanced Integration”, mostly talking about how boot environments work, and the new libbe and be(1) tools that my GSoC student Kyle Kneitinger created to manage them. I talked about how they can be used for laptop and developer systems, but also how boot environments can be used to replace nanobsd for appliances (as already done in FreeNAS and pfSense). I also presented about zfsbootcfg (zfs nextboot), and some future extensions to it to make it even more useful in appliance type workloads. I also provided a rundown of new developments out of the ZFS developer summit, two weeks previous. Notes (https://docs.google.com/document/d/1Blh3Dulf0O91A0mwv34UnIgxRZaS_0FU2lZ41KRQoOU/edit#heading=h.gypim387e8hy) Theo de Raadt presented “Mitigations and other real Security Features”, and made his case for changing to a ‘fail closed' mode of interoperability. Computer's cannot actually self heal, so lets stop pretending that they can. Notes (https://docs.google.com/document/d/1fFHzlxJjbHPsV9t_Uh3PXZnXmkapAK5RkJsfaHki7kc/edit#heading=h.192e4lmbl70c) Ruslan Bukin talked about doing the port of FreeBSD for RISC-V and writing the Device Drivers. Ruslan walked through the process step by step, leading members of the audience to suggest he turn it into a developer's handbook article, explaining how to do the initial bringup on new hardware. Ruslan also showed off a FreeBSD/MIPS board he designed himself and had manufactured in China. Notes (https://docs.google.com/document/d/1kRhRr3O3lQ-0dS0kYF0oh_S0_zFufEwrdFjG1QLyk8Y/edit#heading=h.293mameym7w1) Mariusz Zaborski presented Case studies on sandboxing the base system with Capsicum. He discussed the challenges encountered as existing programs are modified to sandbox them, and recent advancements in the debugging tools available during that process. Mariusz also discussed the Casper service at length, including the features that are planned for 2018 and onwards. Notes (https://docs.google.com/document/d/1_0BpAE1jGr94taUlgLfSWlJOYU5II9o7Y3ol0ym1eZQ/edit#heading=h.xm9mh7dh6bay) The final presentation of the day was Mark Johnston on Memory Management Improvements in FreeBSD 12.0. This talk provided a very nice overview of the memory management system in FreeBSD, and then detailed some of the recent improvements. Notes (https://docs.google.com/document/d/1gFQXxsHM66GQGMO4-yoeFRTcmOP4NK_ujVFHIQJi82U/edit#heading=h.uirc9jyyti7w) The conference wrapped up with the Work-in-Progress session, including updates on: multi-device-at-once GELI attach, MP-safe networking on NetBSD, pkgsrc, NetBSD in general, BSD on Microsoft Azure, Mothra (send-pr for bugzilla), BSDMizer a machine learning compiler optimizer, Hyperledger Sawtooth (blockchain), and finally VIMAGE and pf testing on FreeBSD. Notes (https://docs.google.com/document/d/1miHZEPrqrpCTh8JONmUKWDPYUmTuG2lbsVrWDtekvLc/edit#heading=h.orhedpjis5po) Group Photo (https://pbs.twimg.com/media/DOh1txnVoAAFKAa.jpg:large) BSDTW was a great conference. They are still considering if it should be an annual thing, trade off every 2nd year with AsiaBSDCon, or something else. In order to continue, BSD Taiwan requires more organizers and volunteers. They have regular meetups in Taipei if you are interested in getting involved. *** Lumina 1.4.0 released (https://lumina-desktop.org/version-1-4-0-released/) The Lumina Theme Engine (and associated configuration utility) The Lumina theme engine is a new component of the “core” desktop, and provides enhanced theming capabilities for the desktop as well as all Qt5 applications. While it started out life as a fork of the “qt5ct” utility, it quickly grew all sorts of new features and functionality such as system-defined color profiles, modular theme components, and built-in editors/creators for all components. The backend of this engine is a standardized theme plugin for the Qt5 toolkit, so that all Qt5 applications will now present a unified appearance (if the application does not enforce a specific appearance/theme of it's own). Users of the Lumina desktop will automatically have this plugin enabled: no special action is required. Please note that the older desktop theme system for Lumina has been rendered obsolete by the new engine, but a settings-conversion path has already been implemented which should transition your current settings to the new engine the first time you login to Lumina 1.4.0. Custom themes for the older system may not be converted though, but it is trivial to copy/paste any custom stylesheets from the old system into the editor for the new theme engine to register/re-apply them as desired. Lumina-Themes Repository I also want to give a shout-out to the trueos/lumina-themes github repository contributors. All of the wallpapers in the 1.4.0 screenshots I posted come from that package, and they are working on making more wallpapers, color palettes, and desktop styles for use with the Lumina Theme Engine. If your operating system does not currently provide a package for lumina-themes, I highly recommend that you make one as soon as possible! The Lumina PDF Viewer (lumina-pdf) This is a new, stand-alone desktop utility for viewing/printing/presenting PDF documents. It uses the poppler-qt5 library in the backend for rendering the document, but uses multi-threading in many ways (such as to speed up the loading of pages) to give the user a nice, streamlined utility for viewing PDF documents. There is also built-in presentation functionality which allows users to easily cast the document to a separate screen without mucking about in system menus or configuration utilities. Lumina PDF Viewer (1.4.0) Important Packaging Changes One significant change of note for people who are packaging Lumina for their particular operating system is that the minimum supported versions of Qt for Lumina have been changed with this release: lumina-core: Qt 5.4+ lumina-mediaplayer: Qt 5.7+ Everything else: Qt 5.2+ Of course, using the latest version of the Qt5 libraries is always recommended. When packaging for Linux distributions, the theme engine also requires the availability of some of the “-dev” packages for Qt itself when compiling the theme plugin. For additional information (specifically regarding Ubuntu builds), please take a look at a recent ticket on the Lumina repository. + The new lumina-pdf utility requires the availability of the “poppler-qt5” library. The includes for this library on Ubuntu 17.10 were found to be installed outside of the normal include directories, so a special rule for it was added to our OS-Detect file in the Lumina source tree. If your particular operating system also places the the poppler include files in a non-standard place, please patch that file or send us the information and we can add more special rules for your particular OS. Other Changes of Note (in no particular order) lumina-config: Add a new page for changing audio theme (login, logout, low battery) Add option to replace fluxbox with some other WM (with appropriate warnings) Have the “themes” page redirect to launching the Lumina theme engine configuration utility. start-lumina-desktop: Auto-detect the active X11 displays and create a new display for the Lumina session (prevent conflict with prior graphical sessions). Add a process-failure counter & restart mechanism. This is particularly useful for restarting Fluxbox from time to time (such as after any monitor addition/removal) lumina-xconfig: Restart fluxbox after making any monitor changes with xrandr. This ensures a more reliable session. Implement a new 2D monitor layout mechanism. This allows for the placement of monitors anywhere in the X/Y plane, with simplification buttons for auto-tiling the monitors in each dimension based on their current location. Add the ability to save/load monitor profiles. Distinguish between the “default” monitor arrangement and the “current” monitor arrangement. Allow the user to set the current arrangement as the new default. lumina-desktop: Completely revamp the icon loading mechanisms so it should auto-update when the theme changes. Speed up the initialization of the desktop quite a bit. Prevent loading/probing files in the “/net/” path for existence (assume they exist in the interest of providing shortcuts). On FreeBSD, these are special paths that actually pause the calling process in order to mount/load a network share before resuming the process, and can cause significant “hangs” in the desktop process. Add the ability to take a directory as a target for the wallpaper. This will open/probe the directory for any existing image files that it can use as a wallpaper and randomly select one. Remove the popup dialog prompting about system updates, and replace it with new “Restart (with updates)” buttons on the appropriate menus/windows instead. If no wallpapers selection is provided, try to use the “lumina-nature” wallpaper directory as the default, otherwise fall back on the original default wallpaper if the “lumina-themes” package is not installed. lumina-open: Make the *.desktop parsing a bit more flexible regarding quoted strings where there should not be any. If selecting which application to use, only overwrite the user-default app if the option is explicitly selected. lumina-fileinfo: Significant cleanup of this utility. Now it can be reliably used for creating/registering XDG application shortcuts. Add a whole host of new ZFS integrations: If a ZFS dataset is being examined, show all the ZFS properties for that dataset. If the file being examined exists within ZFS snapshots, show all the snapshots of the file lumina-fm: Significant use of additional multi-threading. Makes the loading of directories much faster (particularly ones with image files which need thumbnails) Add detection/warning when running as root user. Also add an option to launch a new instance of lumina-fm as the root user. [FreeBSD/TrueOS] Fix up the detection of the “External Devices” list to also list available devices for the autofs system. Fix up some drag and drop functionality. Expose the creation, extraction, and insertion of files into archives (requires lumina-archiver at runtime) Expand the “Open With” option into a menu of application suggestions in addition to the “Other” option which runs “lumina-open” to find an application. Provide an option to set the desktop wallpaper to the selected image file(s). (If the running desktop session is Lumina). lumina-mediaplayer: Enable the ability to playback local video files. (NOTE: If Qt5 is set to use the gstreamer multimedia backend, make sure you have the “GL” plugin installed for smooth video playback). lumina-archiver: Add CLI flags for auto-archive and auto-extract. This allows for programmatic/scriptable interactions with archives. That is not mentioning all of the little bugfixes, performance tweaks, and more that are also included in this release. *** The strongest KASLR, ever? (https://blog.netbsd.org/tnf/entry/the_strongest_kaslr_ever) Re: amd64: kernel aslr support (https://mail-index.netbsd.org/tech-kern/2017/11/14/msg022594.html) So, I did it. Now the kernel sections are split in sub-blocks, and are all randomized independently. See my drawing [1]. What it means in practice, is that Kernel ASLR is much more difficult to defeat: a cache attack will at most allow you to know that a given range is mapped as executable for example, but you don't know which sub-block of .text it is; a kernel pointer leak will at most allow you to reconstruct the layout of one sub-block, but you don't know the layout and address of the remaining blocks, and there can be many. The size and number of these blocks is controlled by the split-by-file parameter in Makefile.amd64. Right now it is set to 2MB, which produces a kernel with ~23 allocatable (ie useful at runtime) sections, which is a third of the total number supported (BTSPACENSEGS = 64). I will probably reduce this parameter a bit in the future, to 1.5MB, or even 1MB. All of that leaves us with about the most advanced KASLR implementation available out there. There are ways to improve it even more, but you'll have to wait a few weeks for that. If you want to try it out you need to make sure you have the latest versions of GENERICKASLR / prekern / bootloader. The instructions are still here, and haven't changed. Initial design As I said in the previous episode, I added in October a Kernel ASLR implementation in NetBSD for 64bit x86 CPUs. This implementation would randomize the location of the kernel in virtual memory as one block: a random VA would be chosen, and the kernel ELF sections would be mapped contiguously starting from there. This design had several drawbacks: one leak, or one successful cache attack, could be enough to reconstruct the layout of the entire kernel and defeat KASLR. NetBSD's new KASLR design significantly improves this situation. New design In the new design, each kernel ELF section is randomized independently. That is to say, the base addresses of .text, .rodata, .data and .bss are not correlated. KASLR is already at this stage more difficult to defeat, since you would need a leak or cache attack on each of the kernel sections in order to reconstruct the in-memory kernel layout. Then, starting from there, several techniques are used to strengthen the implementation even more. Sub-blocks The kernel ELF sections are themselves split in sub-blocks of approximately 1MB. The kernel therefore goes from having: { .text .rodata .data .bss } to having { .text .text.0 .text.1 ... .text.i .rodata .rodata.0 ... .rodata.j ... .data ...etc } As of today, this produces a kernel with ~33 sections, each of which is mapped at a random address and in a random order. This implies that there can be dozens of .text segments. Therefore, even if you are able to conduct a cache attack and determine that a given range of memory is mapped as executable, you don't know which sub-block of .text it is. If you manage to obtain a kernel pointer via a leak, you can at most guess the address of the section it finds itself in, but you don't know the layout of the remaining 32 sections. In other words, defeating this KASLR implementation is much more complicated than in the initial design. Higher entropy Each section is put in a 2MB-sized physical memory chunk. Given that the sections are 1MB in size, this leaves half of the 2MB chunk unused. Once in control, the prekern shifts the section within the chunk using a random offset, aligned to the ELF alignment constraint. This offset has a maximum value of 1MB, so that once shifted the section still resides in its initial 2MB chunk: The prekern then maps these 2MB physical chunks at random virtual addresses; but addresses aligned to 2MB. For example, the two sections in Fig. A will be mapped at two distinct VAs: There is a reason the sections are shifted in memory: it offers higher entropy. If we consider a .text.i section with a 64byte ELF alignment constraint, and give a look at the number of possibilities for the location of the section in memory: The prekern shifts the 1MB section in its 2MB chunk, with an offset aligned to 64 bytes. So there are (2MB-1MB)/(64B)=214 possibilities for the offset. Then, the prekern uses a 2MB-sized 2MB-aligned range of VA, chosen in a 2GB window. So there are (2GB-2MB)/(2MB)=210-1 possibilities for the VA. Therefore, there are 214x(210-1)˜224 possible locations for the section. As a comparison with other systems: OS # of possibilities Linux 2^6 MacOS 2^8 Windows 2^13 NetBSD 2^24 Of course, we are talking about one .text.i section here; the sections that will be mapped afterwards will have fewer location possibilities because some slots will be already occupied. However, this does not alter the fact that the resulting entropy is still higher than that of the other implementations. Note also that several sections have an alignment constraint smaller than 64 bytes, and that in such cases the entropy is even higher. Large pages There is also a reason we chose to use 2MB-aligned 2MB-sized ranges of VAs: when the kernel is in control and initializes itself, it can now use large pages to map the physical 2MB chunks. This greatly improves memory access performance at the CPU level. Countermeasures against TLB cache attacks With the memory shift explained above, randomness is therefore enforced at both the physical and virtual levels: the address of the first page of a section does not equal the address of the section itself anymore. It has, as a side effect, an interesting property: it can mostly mitigate TLB cache attacks. Such attacks operate at the virtual-page level; they will allow you to know that a given large page is mapped as executable, but you don't know where exactly within that page the section actually begins. Strong? This KASLR implementation, which splits the kernel in dozens of sub-blocks, randomizes them independently, while at the same time allowing for higher entropy in a way that offers large page support and some countermeasures against TLB cache attacks, appears to be the most advanced KASLR implementation available publicly as of today. Feel free to prove me wrong, I would be happy to know! WIP Even if it is in a functional state, this implementation is still a work in progress, and some of the issues mentioned in the previous blog post haven't been addressed yet. But feel free to test it and report any issue you encounter. Instructions on how to use this implementation can still be found in the previous blog post, and haven't changed since. See you in the next episode! News Roundup GhostBSD 11.1 Finally Ready and Available! (http://www.ghostbsd.org/11.1_release_announcement) Screenshots (https://imgur.com/a/Mu8xk) After a year of development, testing, debugging and working on our software package repository, we are pleased to announce the release of GhostBSD 11.1 is now available on 64-bit(amd64) architecture with MATE and XFCE Desktop on direct and torrent download. With 11.1 we drop 32-bit i386 supports, and we currently maintain our software packages repository for more stability. What's new on GhostBSD 11.1 GhostBSD software repository Support VMware Workstation Guest Features New UFS full disk mirroring option on the installer New UFS full disk MBR and GPT option on the installer New UFS full disk swap size option on the installer Whisker Menu as default Application menu on XFCE All software developed by GhostBSD is now getting updated ZFS configuration for disk What has been fixed on 11.1? Fix XFCE sound plugin Installer ZFS configuration file setting Installer ZFS setup appears to be incomplete The installer was not listing ZFS disk correctly. The installer The partition list was not deleted when pressing back XFCE and MATE shutdown/suspend/hibernate randomly missing Clicking 'GhostBSD Bugs' item in the Main menu -> 'System Tools' brings up 'Server not found' page XFCE installation - incorrect keyboard layout Locale setting not filling correctly Update Station tray icon The image checksum's, hybrid ISO(DVD, USB) images are available at GhostBSD (http://www.ghostbsd.org/download). *** p2k17 Hackathon Reports p2k17 Hackathon Report: Matthias Kilian on xpdf, haskell, and more (https://undeadly.org/cgi?action=article;sid=20171107034258) p2k17 Hackathon Report: Herzliche grusse vom Berlin (espie@ on mandoc, misc packages progress) (https://undeadly.org/cgi?action=article;sid=20171107185122) p2k17 Hackathon Report: Paul Irofti (pirofti@) on hotplugd(8), math ports, xhci(4) and other kernel advancements (https://undeadly.org/cgi?action=article;sid=20171107225258) p2k17 Hackathon report: Jeremy Evans on ruby progress, postgresql and webdriver work (https://undeadly.org/cgi?action=article;sid=20171108072117) p2k17 Hackathon report: Christian Weisgerber on random devices, build failures and gettext (https://undeadly.org/cgi?action=article;sid=20171109171447) p2k17 Hackathon report: Sebastian Reitenbach on Puppet progress (https://undeadly.org/cgi?action=article;sid=20171110124645) p2k17 Hackathon Report: Anthony J. Bentley on firmware, games and securing pkg_add runs (https://undeadly.org/cgi?action=article;sid=20171110124656) p2k17 Hackathon Report: Landry Breuil on Mozilla things and much more (https://undeadly.org/cgi?action=article;sid=20171113091807) p2k17 Hackathon report: Florian Obser on network stack progress, kernel relinking and more (https://undeadly.org/cgi?action=article;sid=20171113235334) p2k17 Hackathon report: Antoine Jacoutot on ports+packages progress (https://undeadly.org/cgi?action=article;sid=20171120075903) *** TrueOS Talks Tech and Open Source at Pellissippi State (https://www.trueos.org/blog/trueos-talks-tech-open-source-pellissippi-state/) Ken Moore of the TrueOS project presented a talk to the AITP group at Pellissippi State today entitled “It's A Unix(-like) system? An Introduction to TrueOS and Open source”. Joshua Smith of the TrueOS project was also in attendance. We were happy to see a good attendance of about 40 individuals that came to hear more about TrueOS and how we continue to innovate along with the FreeBSD project. Many good questions were raised about development, snapshots, cryptocurrency, and cyber-security. We've included a copy of the slides if you'd like to have a look at the talk on open source. We'd like to offer a sincere thanks to everyone who attended and offer an extended invitation for you to join us at our KnoxBUG group on October 30th @ the iXsystems offices! We hope to see you soon! Open Source Talk – Slideshare PDF (https://web.trueos.org/wp-content/uploads/2017/10/Open-Source-Talk.pdf) KnoxBug - Lumina Rising : Challenging Desktop Orthodoxy (http://knoxbug.org/content/octobers-talk-available-youtube) Ken gave his talk about the new Lumina 2.0 Window Manager that he gave at Ohio LinuxFest 2017 KnoxBUG October 2017 (https://youtu.be/w3ZrqxLTnIU) (OLF 2017) Lumina Rising: Challenging Desktop Orthodoxy (https://www.slideshare.net/beanpole135/olf-2017-lumina-rising-challenging-desktop-orthodoxy) *** Official OpenBSD 6.2 CD set - the only one to be made! (https://undeadly.org/cgi?action=article;sid=20171118190325) Our dear friend Bob Beck (beck@) writes: So, again this release the tradition of making Theo do art has continued! Up for sale by auction to the highest bidder on Ebay is the only OpenBSD 6.2 CD set to be produced. The case and CD's feature the 6.2 artwork, custom drawn and signed by Theo. All proceeds to support OpenBSD Go have a look at the auction As with previous OpenBSD auctions, if you are not the successful bidder, we would like to encourage you to donate the equivalent of you highest bid to the project. The Auction (https://www.ebay.ca/itm/Official-OpenBSD-6-2-CD-Set/253265944606) *** Beastie Bits HAMMER2 userspace on Linux (http://lists.dragonflybsd.org/pipermail/users/2017-October/313646.html) OpenBSD Porting Workshop (now changed to January 3, 2018) (http://www.nycbug.org/index.cgi?action=view&id=10655) Matt Ahrens on when Native Encryption for ZFS will land (https://twitter.com/mahrens1/status/921204908094775296) The first successful build of OpenBSD base system (http://nanxiao.me/en/the-first-successful-build-of-openbsd-base-system/) KnoxBug November Meeting (https://www.meetup.com/KnoxBUG-BSD-Linux-and-FOSS-Users-Unite/events/245291204/) Absolute FreeBSD, 3rd Edition, pre-orders available (https://www.michaelwlucas.com/os/af3e) Feedback/Questions Jon - Jails and Networking (http://dpaste.com/2BEW0HB#wrap) Nathan - bhyve Provisioning (http://dpaste.com/1GHSYJS#wrap) Lian - OpenSSL jumping the Shark (http://dpaste.com/18P8D8C#wrap) Kim - Suggestions (http://dpaste.com/1VE0K9E#wrap) ***

John and Rebecca get spicy about peppers (capsicum). We talk about capsicum's (we're not calling it pepper) kinda lame history, the reason it has so many names (chili, pepper, capsicum, pimiento etc.), how it spread throughout the world and then launch into facts and folklore about our favorite spice specialists. This week's band is the appropriately names Scotch Bonnets with the song "Cheyenne ". Pleases rate and review us on iTunes. Thanks for listening you crazy kooks.